last executing test programs:

1m51.694650672s ago: executing program 1 (id=578):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000001340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1m51.522621215s ago: executing program 1 (id=580):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000002c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x599, &(0x7f0000001280)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0xffff)

1m51.128309773s ago: executing program 1 (id=583):
unshare(0x400)
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000340), 0x101000, 0x0)
ioctl$SNDCTL_DSP_GETTRIGGER(r0, 0x80045010, &(0x7f0000000380))

1m50.991827046s ago: executing program 1 (id=584):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x8000, &(0x7f0000000340)={[{@discard}, {@allow_utime={'allow_utime', 0x3d, 0x5}}, {@time_offset={'time_offset', 0x3d, 0x9}}, {@utf8}, {@dmask={'dmask', 0x3d, 0x4002}}, {@namecase}, {@dmask={'dmask', 0x3d, 0xff}}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@allow_utime={'allow_utime', 0x3d, 0x2}}, {@time_offset={'time_offset', 0x3d, 0x9}}]}, 0x5, 0x1548, &(0x7f0000001900)="$eJzs3AuYTdX7OPD3XWvtMSSdJrkMa613c5LLMkmSS5JckiRJktwSkib5SkJiyC1pSEJyGZLLEJLLxKRxv98vCU2SJklCckvW/1H8fftVv++lvl/P85v38zz7sd6z9rv22vOeM2fvdZz5psvQmo1rVWtIRPCn4C//JAFALAAMBIBrACAAgHJx5eIu9OeUmPTnDsL+Wg+lXukZsCuJ65+9cf2zN65/9sb1z964/tkb1z974/pnb1x/xrKzzdMLXstb9t14/T874/f//0OySo/9Ym3p67sCxPyzKVz/7I3r/39W8M/sxPXP3rj+2VXslZ4A+yvN/vfS+PWfHeT4wx6uf/bG9WcsO/t5HTgnXPF16Cu1QSR7fwZypZ9/jDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayh9P+MgUAl9pXel6MMcYYY4wxxhj76/gcV3oGjDHGGGOMMcYY+89DECBBQQAxkANiISfkAgEAV0MeuAYicC3EwXWQF66HfJAfCkBBiIdCUBg0GLBAEEIRKApRuAGKwY1QHEpASSgFDkpDAtwEZeBmKAu3QDm4FcrDbVABKkIlqAy3QxW4A6rCnVAN7oLqUANqQi24G2rDPVAH7oW6cB/Ug/uhPjwADeBBaAgPQSN4GBrDI9AEHoWm0AyaQwto+W/lvwA94EXoCb0gCXpDH3gJ+kI/6A8DYCC8DIPgFRgMr0IyDIGh8BoMg9dhOLwBI2AkjII3YTS8BWNgLIyD8ZACE2AivA2T4B2YDFNgKkyDVJgOM+BdmAmzYDa8B3PgfZgL82A+LIA0+AAWwiJIhw9hMXwEGbAElsIyWA4rYCWsgtWwBtbCuh/7wgbYCJtgM2yBrbANtsMO2Akfwy74BHbDntfnAUAmfPZH+bD+d/NPXcqHvfApZEJXBAQUKFChwhiMwViMxVyYC3NjbsyDeTCCEYzDOMyLeTEf5sMCWADjMR4LY2E0aJCQsAgWwShGsRgWw+JYHEtiSXToMAETsAzejGWxLJbDclgey2MFrIgVsTJWxipYBatiVayG1bA6VseaWBPvxruxN9bBOlgX62I9rHdpeQobYkNshI2wMTbGJtgEm2JTbI7NsSW2xFbYCltja2yLbbEdtsP22B4TMRE7YAfsiB2xE3bCztgZu2AX7IrdsFvWCzkAX8QXsRdWF72xD/bBvpicoz8OwAH4Mg7CV/AVfBWTcQgOxdfwNXwdh+NJHIEjcRSOwiriLRyDY5HEeEzBFJyIE3ESTsLJOAWn4DRMxek4A2fgTJyFs/A9nIPv4/s4D+fhAkzDNFyIizAd03ExnsIMXIJLcRkuxxW4HFfhalyFa3EdrsUNuAE34SbcgltwG27DHbgDP0YFgJ/gHtyDyZiJmbgP9+F+3I8H8ABmYRYexIN4CA/hYTyMR/AIHsVjeByP4Qk8gSfxFJ7G03gWz+I5fC7+q0Yfl1iTDOICJZSIETEiVsSKXCKXyC1yizwij4iIiIgTcSKvyCvyiXyigCgg4kW8KCwKCyOMIBHGAICIiqgoJoqJ4qK4KClKCiecSBAJoowoI8qKsqKcuFWUF7eJCqKiaOMqi8qiimjrqoo7RTVRTVQXNURNUUvUErVFbVFH1BF1RV1RT9QT9cUDooHojf3xIXGhMo3FEGwihmJT0UzIi7/BWonh2Fq0EW3FE2IkjsD2opVLFE+LDmIMdhR/E2PxWdFZjMcu4nnRVXQT3cULoodo7XqKXmIy9hZ9xDTsK/qJ/mKAmIk1xHs4J2dN8apIFkPEUPGaWICvi+HiDTFCjBSjxJtitHhLjBFjxTgxXqSICWKieFtMEu+IyWKKmCqmiVQxXcwQ74qZYpaYLd4Tc8T7Yq6YJ+aLBSJNfCAWikUiXXwoFouPRIZYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdoqPxS7xidgt9oi94lORKT4T+8TnYr/4QhwQX4os8ZU4KL4Wh8Q34rD4VhwR34mj4pg4Lr4XJ8QP4qQ4JU6LM+Ks+FGcEz+J88ILkCiFlFLJQMbIHDJW5pS55FUytwwu/nSvlXHyOplXXi/zyfyygCwo42UhWVhqaaSVJENZRBaVUXmDLCZvlMVlCVlSlpJOlpYJ8iZZRt4sy8pbZDl5qywvb5MVZEVZSVaWt8sq8g4JkV+OUV3WkDVlLXm3TIJ7ZB15r6wr75P15P2yvnxANpAPyobyIdlIPiwby0dkE/mobCqbyeayhWwpH5Ot5OOytWwj28onZDv5pGwvn5KJ8mnZQfqLT5FnZWf5nOwin5ddZTfZXf4kz0sve8peEnqD7CNfkn1lP9lfDpAD5ctykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZTpFT5TSZKqfL/hdHmi3lP8x/+3fyB/989E1ys9wit8ptcrvcIXfKj+UuuUvulrvlXrlXZspMuU/uk/vlfnlAHpBZMkselAflIXlIHpaH5RF5RB6Vx+QZ+b08IX+QJ+UpeUqekWflWXnu4s8AFCqhpFIqUDEqh4pVOVUudZXKra5WedQ1KqKuVXHqOpVXXa/yqfyqgCqo4lUhVVhpZZRVpEJVRBVVUXUDXnzCqJKqlHKqtEpQN/0r+aqYulEVVyV+lX9pfkl/ML+WqqVqpVqp1qq1aqvaqnaqnWqv2qtElag6qA6qo+qoOqlOqrPqrLqoLqqr6qq6q+6qh+qheqqeKkklqT7qJdVX9VP91QA1UL2sBqlBarAarJJVshqqhqphapgaroarEWqEGqVGqdFqtBqjxqhxapxKUSlqopqoJqlJarKarKaqqSpVpaoZaoaaqWaq2Wq2mqPmqLlqrpqv5qs0laYWqoUqXaWrxWqxylBL1BK1TC1TK9QKtUqtUmvUGrVOrVMb1AaVoTarzWqr2qq2q+1qp9qpdqldarfarfaqvSpTZap9ap/ar/arA+qAylJZ6qA6qA6pQ+qwOqyOqCPqqDqqjqvj6oQ6oU6qk+q0Oq3OqrPqnDqnzqvzFy77AhGIQAUqiAligtggNsgV5ApyB7mDPEGeIBJEgrggLsgbXB/kC/IHBYKCQXxQKCgc6MAENhAXix4NbgiKBTcGxYMSQcmgVOCC0kFCzMXO4JagXHBrUD64LagQVAwqBZWD24MqwR1B1eDOoFpwV1A9qBHUDGoFdwe1g3uCOsG9Qd3gvqBecH9QP3ggaBA8GDQMHgoaBQ8HjYNHgibBo0HToFnQPGgRtAxuDsr+ZeN7fzL/466n7qWTdG/dR7+k++p+ur8eoAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erKeoqfqaTpVT9cz9Lt6pp6lZ+v39Bz9vp6r5+n5eoFO0x/ohXqRTtcf6sX6I52hl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q536J36Y71Lf6J36z16r/5UZ+rP9D79ud6vv9AH9Jc6S3+lD+qv9SH9jT6sv9VH9Hf6qD6mj+vv9Qn9gz6pT+nT+ow+q3/U5/RP+rz2Fy7uL7y9G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emr8lr8pl8poApYOJNvClsCpsLyJApYoqYqImaYqaYKW6Km5KmpHHGmQSTYMqYMqasKWvKmXKmvClvKpgKppKpZG43t5s7zB3mTnOnucvcZWqYGqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkGpvGpolpYpqapqa5aW5ampamlWllWpvWpq1pa9qZdqa9aW8STaLpYDqYjqaj6WQ6mc6ms+liupiupqvpbrqbHqaH6Wl6miSTZPqYPqav6Wv6m/5moBloBplBZrAZbJJNshlqhpphZpgZboabEWakGXXhQtW8ZcaYsWacGW9STIqZaCaaSWaSmWwmm6lmqkk1qWaGmWFmmplmtplt5pg5Zq6Za+ab+SbNpJmFZqFJN+lmsVlsMkyGWWqWmuVmuVlpVprVZrVZa9aa9bDebDQbzWaz2Ww1W812s93sNDvNLrPL7Da7zV6z12SaTLPP7DP7zX5zwBwwWSbLHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81Zk//i+6U3sTanzWWvsrnt1TaPvcb+z7iALWjjbSFb2Gqbz+b/VWystcVtCVvSlrLOlrYJ9qbfxBVsRVvJVra32yr2Dlv1N3Fte4+tY++1de19tpa9+1dxPXu/rW8fsQ0QAWwz28i2sI3tI7aJfdQ2tc1sc9vCtrNP2vb2KZton7Yd7DO/iRfaRXa1XWPX2nV2t91jT9sz9pD9xp61P9qetpcdaF+2g+wrdrB91SbbIb+JR9k37Wj7lh1jx9pxdvxv4ql2mk210+0M+66daWf9Jk6zH9g5Nt3OtfPsfLvg5/jCnNLth3ax/chm2ACW2mV2uV1hV9pV/3+uy+wGu9FusrvsJ3ar3Wa32x1256ULYbvH7rWf2kz7mT1ov7b77Rf2gD1ss+xXP8cXzu+w/dYesd/Zo/aYPW6/tyfsD+pS9oVz/97+ZM9bb4GQgCQpCiiGclAs5aRcdBXlpqspD11DEbqW4ug6ykvXUz7KTwWoIMVTISpMmgxZIgqpCBWlKN1Al6ZXkkqRo9KUQDdRGbqZytItVI5upfJ0G1WgilSJKtPtVIXuoKp0J1Wju6g61aCaVIvuptp0D9Whe6ku3Uf16H6qTw9QA3qQGtJD1Igepsb0CDWhR6kpNaPm1IJa0mPUih6n1tSG2tIT1I6epPb0FCXS09SBnqGO9DfqRM9SZ3qOutDz1JW6UXd6gXrQi9STelES9aY+9BL1pX7UnwbQQHqZBtErNJhepWQaQkPpNRpGr9NweoNG0EgaRW/SaHqLxtBYGkfjKYUm0ER6mybROzSZptBUmkapNJ1m0Ls0k2bRbHqP5tD7NJfm0XxaQGn0AS2kRZROH9Ji+ogyaAktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtBO+ph20Se0m/bQXvqUMukz2kef0376gg7Ql5RFX9FB+poO0Td0mL71veg7OkrH6Dh9TyfoBzpJp+g0naGz9COdo5/oPHmCEEMRylCFQRgT5ghjw5xhrvCqMHd4dZgnvCaMhNeGceF1Yd7w+jBfmD8sEBYM48NCYeFQhya0IYVhWCQsGkbDG8Ji4Y1h8bBEWDIsFbqwdJgQ3hSWCW8Oy4a3hOXCW8Py4W1hhbBi+Mh9lcPbwyrhHWHV8M6wWnhXWD2sEdYMa4V3h7XDe8I64b1h3fC+sGx4f1g/fCBsED4YNgwfChuFD4eNw0fCJuGjYdOwWdg8bBG2DB8LW4WPh63DNmHb8ImwXfhk2D58KkwMnw47hM/83H//oj/uTwp7h33Cl8KXQu/vlfOjC6Jp0Q+iC6OLounRD6OLox9FM6JLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Le18oBDp1w0ikXuBiXw8W6nC6Xu8rldle7PO4aF3HXujh3ncvrrnf5XH5XwBV08a6QK+y0M846cqEr4oq6qLvBFXM3uuKuhCvpSjnnSrsE18K1dC1dK/e4a+3auLbuCfeEe9I96Z5yT7mnXQf3jOvo/uY6uWddZ/ece84977q6bq67e8H1cBPy/PKaTHJ9XB/X1/V1/V1/N9ANdIPcIDfYDXbJLtkNdUPdMDfMDXfD3Qg3wo1yo9xoN9qNcWPcODfOpbgUN9FNdJPcJDfZTXZT3VSX6lLdDDfDzXQzXZVZvxxlrpvr5rv5Ls2luYXuwjVjulvsFrsMl+GWuqVuuVvuVrqVbrVb7da6tW69W+82uo1us9vstrqtbrvb7na6nW6X2+V2+2t+GdRlun1un9vv9rsD7kuX5b5yB93X7pD7xh1237oj7jt31B1zx9337oT7wZ10p9xpd8addT+6c+4nd955lxKZEJkYeTsyKfJOZHJkSmRqZFokNTI9MiPybmRmZFZkduS9yJzI+5G5kXmR+ZEFkbTIB5GFkUWR9MiHkcWRjyIZkSWRpZFlkeWRFRHvC20NfRFf1Ef9Db6Yv9EX9yV8SV/KO1/aJ/ibfBl/sy/rb/Hl/K2+vL/NV/AVfSX/qG/qm/nmvoVv6R/zrfzjvrVv49v6J3w7/6Rv75/yif5p38E/4zv6v/lO/lnf2T/nu/jnfVffzXf3L/ge/kXf0/fySb637+Nf8n19P9/fD/AD/ct+kH/FD/av+mQ/xA/1r/lh/nU/3L/hR/iRflTMm370pVtkGO9T/AQ/0b/tJ/l3/GQ/xU/103yqn+5n+Hf9TD/Lz/bv+Tn+fT/Xz/Pz/QKf5j/wC/0in+4/9Iv9Rz7DL7m0qOxX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+m1+u9/hd/qP/S7/id/t9/i9/lOf6T/z+/znfr//wh/wX/os/5U/6L/2h/w3/rD/1h/x3/mj/pg/7r/3J/wP/qQ/5U/7M/6s/9Gf8z/58/ydNcYYY4yxf8qEy03x655flvN7/06O+Lud+wDA1dsKZv19/4UryvX5fmn3E/HtIgDwdK8uD13aqldPSkq6uG+GhKDoPIBLnwRd8POy8cV4CbSFJyER2kCZ351/P9HtLP2D8aO3AuT6u5xYuBxfHv9zAEz6nfEfe2LUwvLh6bj/Zfx5AMWLXs7JCZfjJdD25/WVNlD2D+afv9U/mH/OL1IAWv9dTm64HF+efwI8Ds9A4q/2ZIwxxhhjjDHGftFPVOp06f7z0v/4/L3783h1OScHXI7/0f05Y4wxxhhjjDHGrrxnu3V/6rFL39x7LDGxTaefH/lnGlX/lZ3/9UYT+E+NzI3fbXgPcOkRBQB/ckCACw353zyLLf+VYyVffLX8z67lZ3wA3Ytd/NLjX3fQ2D9fi3+ncaV+IzHGGGOMMcb+Uy5f9P/6cXWlJsQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVD/40/J3alz5ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi70v5fAAAA//8XnvpB")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x167)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='proc\x00', 0x1010081, 0x0)

1m50.871303478s ago: executing program 1 (id=585):
unshare(0x2c020400)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, 0x0, &(0x7f00000000c0))

1m50.418049827s ago: executing program 1 (id=589):
mkdir(&(0x7f0000000040)='./file0\x00', 0x2)
ptrace$cont(0x18, 0x0, 0x10000000000005, 0x6)
syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000202505a1a44000010203010902640002010000000904000001020d0000052406000105200000000d240f010012000000000000000624ab"], 0x0)

1m49.960221106s ago: executing program 32 (id=589):
mkdir(&(0x7f0000000040)='./file0\x00', 0x2)
ptrace$cont(0x18, 0x0, 0x10000000000005, 0x6)
syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000202505a1a44000010203010902640002010000000904000001020d0000052406000105200000000d240f010012000000000000000624ab"], 0x0)

4.762764308s ago: executing program 3 (id=1683):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000160a0500000000000000000002000000300003802c00038004000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a300000000009000100"], 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="b40000001800090000000000000000001c140000fe000001000000000500"], 0xb4}}, 0x24040810)

4.583606981s ago: executing program 3 (id=1686):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3000010, &(0x7f0000000000), 0x3e, 0x51b, &(0x7f0000001200)="$eJzs3c9vI1cdAPDvTOLd7G6KU0CoVKJUtGi3grU3DW0jhKBc4FQJKPclJE4UxY6j2CmbqKKp+A8QEkicOHFB4g9AQj3wB6BKleCCOCBAIARbOCABHTTjsZp17CTQrJ3Gn4/04vfm1/e9sfw8M36ZCWBqPRkRL0bETEQ8ExHVcnpaprt54bC33Nv3X13NUxJZ9vJfk0jKaf1t5eXZiLjRWyXmIuJrX474ZnI8bmf/YGul2WzsluV6t7VT7+wf3N5srWw0NhrbS0uLzy+/sPzc8p2s9J7audDP/PhLn//5p7/1u7t/vvXtvFqf+0hUYqAd56nX9EqxL/ryfbT7MIJNwEzZnsqkKwIAwJnkx/gfjIhPFMf/1ZgpjuYGzEyiZgAAAMB5yb4wH/9OIjIAAADg0kojYj6StFaOBZiPNL1SXhv4cFxPm+1O91Pr7b3ttXxexEJU0vXNZuNOOVZ4ISpJXl4sx9j2y88OlJci4tGI+F71WlGurbabaxO+9gEAAADT4sbA+f8/qmmRP92Q/xMAAAAALq6FkQUAAADgsnDKDwAAAJff4Pm/+/0DAADApfKVl17KU9Z//vXaK/t7W+1Xbq81Olu11t5qbbW9u1PbaLc3inv2tU7bXrPd3vlMbO/dq3cbnW69s39wt9Xe2+7e3XzgEdgAAADAGD368Td+nUTE4WevFSnK+wACPOAPk64AcJ4M9YPp5S7eML0qk64AMHHJKfMN3gEAgPe/mx89/vt///n/rg3A5WasDwBMH7//w/SqGAEIU2u2vAbwgV7x6qjlRv7+/8uzRsqyiDerR6e4vggAAOM1X6QkrZXnAfORprVaxCMR6UJUkvXNZuNOeX7wq2rlal5eLNZMTh0zDAAAAAAAAAAAAAAAAAAAAAAAAAD0ZFkSGQAAAHCpRaR/Soq7+UfcrD49P3h94Eryz2r8sSz88OXv31vpdncX8+l/K57ldSUiuj8opz878vFhAAAAwHlLDkfO6p2nl6+LY60VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFPg7fuvrvbTOOP+5YsRsTAs/mzMFa9zUYmI639PYvbIeklEzJxD/MPXI+KxYfGTeCfLXouyFsPiX3vI8ReKXTM8fhoRN84hPkyzN/L+58Vhn780nixeh3/+Zsv0Xo3u/9Iy8mNFPzes/3nk2NZaQ2M8/tZP671c5Xj81yMenx3e//T732RE/KeObe1fWZYdj/+Nrx8cjGp/9qOIm0O/f5IHYtW7rZ16Z//g9mZrZaOx0dheWlp8fvmF5eeW79TXN5uN8u/QGN/92M/eGRU/b//1IfF/+5te/3tS+58etdEB/3nr3v0P9bLH3oA8/q2nhn7/zsWI+Gn53ffJMp/Pv9nPH/byRz3xkzefOKn9ayP2/2nv/60ztv+Zr37n92dcFAAYg87+wdZKs9nYPSEzd4Zl3o+ZX8xdiGr8j5nstd47d1Hq8/9m8qPVd6f0W3UBKnYkk40l1tXieP6sa10ZU9sn2i0BAAAPwbsH/ZOuCQAAAAAAAAAAAAAAAAAAAEyvcdxKbTDm4WSaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwov8GAAD//3QT3Gw=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.numa_stat\x00', 0x275a, 0x0)
lseek(r0, 0x1, 0x4)

3.880715375s ago: executing program 3 (id=1694):
syz_io_uring_setup(0x4174, &(0x7f0000000780)={0x0, 0x4f5e, 0x8000, 0x3, 0x171}, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000540), 0x10000000000002be, 0x0, 0x0)

3.517137562s ago: executing program 3 (id=1699):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="680000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800c0001"], 0x68}}, 0x0)
r0 = socket(0x400000000010, 0x3, 0x0)
write(r0, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02802000030004000500e1000c0400070080000300", 0x33a)

3.264283727s ago: executing program 3 (id=1703):
syz_mount_image$xfs(&(0x7f0000000800), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000200)={[{@gquota}, {@filestreams}]}, 0x1, 0xb921, &(0x7f0000000880)="$eJzs3QtsXXUdwPHTru1WUFhEoxEJZYMNhFHaznU8lLaMjTIoyASq4zWgjMlghk2FQaRoDCghU4mvECMvEQPxgTM+wDA1MJDARhAGooKJDDDhbRhqoOb0ntu1d12z/rf/v45+Psl67jm3v9Pb++3/XErWrnvugo4sq8lKerNK1y8/5tnGG9p/8M1p9x62+Jqq10tH2yYVdzcU232K7ZSs/2Rt+e3q0qGa76z+RXW+Uz34vLvU11ftlmXvLXbbim1raXNZU/n9+ioUhyeX768eeBhVXy39GVCfv/nynCnnDj5P/o5Zlh2yxSc6TnW3z5tbPCfZoG4TirurNt/Xv60p/Tnyj1l25Npsq18fYyp/nJNPX/WFJ8b6gewMutvndVb0bys6VxXrsaFyDY5HlV/n55zRtKx4CqsGX492Nt3tc4/LRljH//zLN3r7StfN2izL6rIsm5hl2aSx7sGO0d7R0pFf88v7Rfby+p883NfFHf+96mdZlr27eJ04tPxaAOxc2jtajhpm/deNtP7vPHb9jdY/7Pw62zta8rVesf4njbT+p9119MLim+7W0tTbY/tJAAAAAADDWn7pygsWLV3ac7EbbrjhxsCNsb4yAbFtXvRj/UiA1FL858RYf44AAAAw3nV2tb84oWrIoQmDd/Z6qKd/O3NT9/kr75pzfHlb3D1/mFMO+Tn/vr6+vtWnLT272J1Y8fOykyqH8/MvuXfRJcVuQ+XPH9T2H63NzjpvydKeQ/IPNbU2uyTfacrPO602+1q+05zvTK/Nbst3Wvp36rM1+c7B5yxbem5+YP/AZ+ydpbOrN5swpFg25KthcP8l9/b+qrwd4ZTls/X/Uom8/xtNN99ZcV/ZVvoPnH+f/8PfL/COMrr+V19d3o5wyi3W//rFs5qGu2/r/QfOP0X/uIa5/g9pVHndr7j+NwxzyoH5X5/69Wfz/jN+uu6a4lDNtlz/B51/amX//pMPXP/zU+1bvv7nry37bdeTMQ51dl354kjrf+T+NR8s3q160OzA2Vr6bv103v/ua9seKw7VjrL/viOt/6qGLa4njFJn1419Fet/FP2z6cOccqDJu+Z0rs77v/rWw48Mum80/fer7N+44sLPNC6/dOWMJRcuWtyzuOeiluZZrc2tTbNnz2rsvySU3m7fkzKObN/6z3apmKnKsv0G5mdffvSGvP+fbzrlluLQpFH2nzbi+j9r6GNlkCnVWV1ddsmiFSsubiq9Le82l96W3m2Y/qN4/Z9a/iaqvthWZdkHBuYPuOL1g/L+d2x47ebiUN0o+08fqX/d5o9LoO1c/+dWzAzp/+DDPTfl/Zcf+KELikOjff3ff8T132v9b6/Oror/4bOD5f1PeuPwjYHjB/j+L64U/es3tq4KHP+w/nGl6L/mhZbbAscP1D+uFP3vua/x9MDxg/SPK0X/zz1w4MrA8Rn6x5Wi/4wnp+8ROH6w/nGl6P+Px6fODBxv1D+uFP1PfOaCqwLHD9E/rhT9v/vyshsCx5v0jytF/9/3nfNA4Hiz/nGl6L/rK4tfChxv0T+uFP1XPH3ZnoHjM/WPK0X/366/4ojA8Y/oH1eK/hvXLD85cHyW/nGl6N+47vMXB4636h9Xiv4vPP/D3wSOz9Y/rhT9G567+XuB44fqH1eK/pdt+sm/AscP0z+uFP3vfPP2RwPHD9c/rhT9H9rwy2mB40foH1eK/jVP/Dz072l+VP+4UvQ/8/57zg8c/5j+caXo/621d50QOH7k1vvX7KiHOK6l6N/3zAnPBI63Wf9xpeg/6+X5of8+bLv+caXof2HfvB8HjnfoH1eK/re8ctRXAseP0j+uFP2fevrMywPH5+gfV4r+71m/cGHg+NH6x5Wif+eaU5sDx+fqH1eK/r3rFrwvcHye/nGl6D/3+S/9NXD8GP3jStF/1XNX/SdwvFP/uFL0/9Oma64LHD9W/7hS9N/rzVWrA8fn6x9Xiv5nb7iuPXD8OP3jCu7/2d226d3y/rc/8e3zQj5ElmXH6x9XivX/yv3X7x443qV/XCn6H7r2+6G/bP0E/eNK0f/aVzdcHzh+ov5xpeg/5+1H7w4c/7j+caXov/dLTz8WOH6S/nGl6P/43596LXB8gf5xpej/o4fXTgwc/4T+caXof9bv/jDcvxOyLU7WP64U/Q9/ZF1n4Pgp+seVov9rf3vwosDxU/WPK0X/mf/e89bA8W7940rR/6039r4ycPyT+seVov+tG/d4PnD8U/rHlaL/shfevy5wfKH+caXoP/m+XQ8LHD9N/7hS9H/ygd33Chw/Xf+4UvT/4pMTVgSOn6F/XCn6z3984oLA8TP1BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+xAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYe9O4C6dC/6Pn1kZIaSSorFTdmVJxchaWmwhsmQd2UL2QossJZIiLXbSplAhS0WKyJpKpZQWJUlS2f6vMXOL8R3P6N/zjOb7fr9ec5/tmuN3fp/zu+7jvu5zBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmB5tsuYGqw0GIyddOvhJt5+459p3LHXSuNOPW/iKV+xw5LB7J1676oyTbh77yGQGj97ZqhNuGz5xk5HHn3f68AkXhj/+fmcaM2bYrINhc+ZRHbDF/zDs2YbOTLzTsYPBYNgRE/88ZsyEL6vcfvvN/8N9Vdtk3FprTpi8iX8e6zZi0s2Trn/s/MiJf1becjBYefPBFJ8f0976d95637Qew3+DTcattc5k/QeTOj/affL13Wry5/kFN+y88jQN9x+yybg1153Qekrr+MyNVz39kUf36yNPGgxGnjwYjDxlMBh56rTuwX/GuNWWW23CPn/o8sTqBw+9IEj792HzbbDpTIPBYNTE7xMjTxv6XgD8dxm32nKvCet/9NDtaf2vcvusc1v/8N9vnXGrLTd43Ov8idcePPT/93H93zFivWOm3YgBAACAp+vhuy68ZNKxvuGDwbyDyY73PmrSzwWGnXPZdddNs4E+M4TjZE/+nYn/MhM6z3j22MFg142m9VCYBoZN6wEwTenfTf9u+nfTv5v+3fTvpn83/bvp303/bvp307+b/sWmcPx/tqHTccdu+OpJmy60wpwbnzf5359w3Yz/56OeZqbX4/+D8cMmtpzQfPxgMHjDuPU3XHQwGJy38ZwrzD947LYVJ9y28hwjJn1AwKKPfl1oCnc89vGnMz12H+c8ev/rPHLyiGGTDeJxXr/6RfvvuMn9L5v8dJEpP47HPl/ivHVWn3novSzDJ9toSs/VofsfeiyTd5409kUnjH2pvXbZfak999t/ifG7bL3Ddjtst+tyyy6/wrIrLLPiissvtf34nbdbeuLXKczZxFlZYGrmbPTkc3bXuMfP2eSPbUpzNvap5+zRe7zjmI0vGJqzkU9zzhZ46jkbO35orGNHDbZ6dGom/CcXHDXYd8KFZWZ43L5lrgnbvnKO4YPB0f96oBPOzfDYc3DYweP/A59bMul0vkmn88fPLTl/Sp9bMhj63JKhD0xYaeLJXhcPbTf5+6wnXT3Vn1uyz2oPzj940vuy/lf8W9//n9RrxWGPTdTQh4ZM2mZir399zsTQtK36uM+ZWCF9lsx/0pPGO3b4Y8/rNN5J74sbNtn8P9X74gY7bH/gQpOirjDxbz38b0fJ+451H/06pfU8drLTp9p3jPjX2X9du90180y+73jdlIf4hHUxNEczTLbRlPYd+259xfjH75umsO9Yd/ykNxr/a98x4T+7wNC+Y8LYFx41OHrChWUnXFhk1OCsCReWe/TCmMFlEy4suc1uO2877NHvV096Hiw67Am/8Biet2tO9rydis/HWeWqwWCVK9PjmvJ0Zul5O/opxpvfzz14yvdzX7r1fOcOBoNZJj2ulYbG/u9I4x351OMNnz8xeKrPnxicfN3ep/6Hx/vYOnv0uTZpN73oFP7OE9bZbE9aZ4eMeNzKmNrXNduG7Seen+uxeztlu2uvHpqjUZPd7//0PXrosaT+Q6/5Hm/YwYNhTzU3U3od9oS5mfWp52ZqX78sOukFxpinmJvF7z1osaG5Gf0052aRKczN418PP97owWDME+dm5GCNCa9oJs3NwlMzNzP/Z543M4XtJ55f6LGrblnjwBWH5ibMRfz+P3T/Cz/NuRm21WPPmwUfvW3+4YPRowf7br3XXnssM/Hr0MVlJ3596jW44NTM5Yz/mbmce9JeZ/iTJ+exq3Y645Hl/t01uODTncuxg+FD/889fvLF8p/j5z/d9O+mfzf9u+nfTf9u+nfTv9gUjv+PHfq54OHDTttg0g9jRl1+/+x7TevxTmPT9fH/SX2fcPx/r9nvv3z44LHbnvL47MRtnpHHZ1eYeHLAMkPbTX58cNLVU3189r4jr9x08H9zfPbfMrRWp+Lnhvb/3fTvpn83/bvp303/bk+3/yr/S+Ng2rD+u+nfTf9u+nfTv5v+3fQvNoXj/0sP/R7A9Xs+eNqkA6Gj9txw5Qem9Xinsen6+P+kvk84/v/AyhvuOXzw2G1Pefx/4jYdx/9Xvu2EQwfP4OP/Q2vV8X/+B/p307+b/t3076Z/N/276d9N/276d9O/m/7d9O+mf7EpHP9fdej3AEbtusACQ78PcOPdh42Y1uOdxqbX4//+/f9e9v/d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/YpOO/w8m+2cP3+R5EYXj///dptB/Pf2jlv7r6x+19N9A/6il/4b6Ry39N9I/aun/Zv2jlv4b6x+19N9E/6il/6b6Ry3936J/1NJ/M/2jlv6b6x+19H+r/lFL/y30j1r6b6l/1NJ/K/2jlv5b6x+19H+b/lFL/230j1r6b6t/1NJ/O/2jlv7b6x+19N9B/6il/476Ry39x+sftfTfSf+opf/b9Y9a+u+sf9TSfxf9o5b+u+oftfTfTf+opf/u+kct/d+hf9TSfw/9o5b+e+oftfTfS/+opf879Y9a+u+tf9TSfx/9o5b+++oftfTfT/+opf/++kct/Q/QP2rpf6D+UUv/d+kftfR/t/5RS/+D9I9a+h+sf9TS/xD9o5b+79E/aun/Xv2jlv7v0z9q6f9+/aOW/ofqH7X0/4D+UUv/w/SPWvofrn/U0v8I/aOW/kfqH7X0/6D+UUv/D+kftfQ/Sv+opf+H9Y9a+h9d1n/0VG7X0v+Ysv5Tq6X/R/SPWvofq3/U0v+j+kct/Y/TP2rp/zH9o5b+H9c/aul/vP5RS/8T9I9a+n9C/6il/4n6Ry39P6l/1NL/U/pHLf0/rX/U0v8z+kct/U/SP2rpf7L+UUv/U/SPWvqfqn/U0v80/aOW/qfrH7X0P0P/qKX/mfpHLf3P0j9q6f9Z/aOW/mfrH7X0/5z+UUv/z+sftfT/gv5RS/8v6h+19P+S/lFL/3P0j1r6f1n/qKX/V/SPWvqfq3/U0v88/aOW/ufrH7X0/6r+UUv/r+kftfT/uv5RS/8L9I9a+l+of9TS/yL9o5b+39A/aul/sf5RS/9L9I9a+l+qf9TS/zL9o5b+39Q/aun/Lf2jlv7f1j9q6X+5/lFL/yv0j1r6f0f/qKX/lfpHLf2/q3/U0v97+kct/a/SP2rpf7X+UUv/7+sftfS/Rv+opf+1+kct/X+gf9TS/zr9o5b+1+sftfS/Qf+opf+N+kct/W/SP2rpf7P+UUv/H+oftfS/Rf+opf+P9I9a+v9Y/6il/0/0j1r636p/1NL/p/pHLf1/pn/U0v/n+kct/W/TP2rp/wv9o5b+v9Q/aul/u/5RS/9f6R+19P+1/lFL/zv0j1r6/0b/qKX/b/WPWvr/Tv+opf/v9Y9a+t+pf9TS/w/6Ry39/6h/1NL/Lv2jlv5/0j9q6X+3/lFL/z/rH7X0v0f/qKX/X/SPWvrfq3/U0v+v+kct/e/TP2rp/zf9o5b+9+sftfT/u/5RS/9/6B+19P+n/lFJ/zED/aOS/oMH9Y9a+j+kf9TS/2H9o5b+j+gflfQfNtA/auk/TP+opf9w/aOW/iP0j1r6j9Q/auk/Sv+opf9o/aOW/jPoH7X0n1H/qKX/GP2jlv4z6R+19H+W/lFL/5n1j1r6z6J/1NJ/Vv2jlv7P1j9q6T+b/lFL/9n1j1r6z6F/1NL/OfpHLf3n1D9q6f9c/aOW/s/TP2rp/3z9o5b+c+kftfR/gf5RS/+59Y9a+r9Q/6il/4v0j1r6z6N/1NJ/Xv2jlv4v1j9q6T9W/6il/3z6Ry3959c/aum/gP5RS/8F9Y9a+i+kf9TSf2H9o5b+i+gftfRfVP+opf9i+kct/V+if9TS/6X6Ry39F9c/aum/hP5RS/8l2/s/8MhEk13d0n+p9v5T0NJ/af2jlv7L6B+19F9W/6il/3L6Ry39X6Z/1NL/5fpHLf2X1z9q6b+C/lFL/xX1j1r6r6R/1NL/FfpHLf1X1j9q6f9K/aOW/q/SP2rp/2r9o5b+q+gftfRfVf+opf84/aOW/qvpH7X0f43+UUv/1fWPWvqvoX/U0n9N/aOW/mvpH7X0X1v/qKX/OvpHLf1fq3/U0v91+kct/dfVP2rp/3r9o5b+b9A/aun/Rv2jlv5v0j9q6b+e/lFL//X1j1r6b6B/1NJ/Q/2jlv4b6R+19H+z/lFL/431j1r6b6J/1NJ/U/2jlv5v0T9q6b+Z/lFL/831j1r6v1X/qKX/FvpHLf231D9q6b+V/lFL/631j1r6v03/qKX/NvpHLf231T9q6b+d/lFL/+31j1r676B/1NJ/R/2jlv7j9Y9a+u+kf9TS/+36Ry39d9Y/aum/i/5RS/9d9Y9a+u+mf9TSf/cp9x/zfzKuZ6iW/u+w/qOW/nvoH7X031P/qKX/XvpHLf3fqX/U0n9v/aOW/vvoH7X031f/qKX/fvpHLf331z9q6X+A/lFL/wP1j1r6v0v/qKX/u/WPWvofpH/U0v/gtv5T+VsNLf0Paes/lVr6v0f/qKX/e/WPWvq/T/+opf/79Y9a+h+qf9TS/wP6Ry39D9M/aul/uP5RS/8j9I9a+h+pf9TS/4P6Ry39P6R/1NL/KP2jlv4f1j9q6X+0/lFL/2P0j1r6f0T/qKX/sfpHLf0/qn/U0v84/aOW/h/TP2rp/3H9o5b+x+sftfQ/Qf+opf8n9I9a+p+of9TS/5P6Ry39P6V/1NL/0/pHLf0/o3/U0v8k/aOW/ifrH7X0P0X/qKX/qfpHLf1P0z9q6X+6/lFL/zP0j1r6n6l/1NL/LP2jlv6f1T9q6X+2/lFL/8/pH7X0/7z+UUv/L+gftfT/ov5RS/8v6R+19D9H/6il/5f1j1r6f0X/qKX/ufpHLf3P0z9q6X++/lFL/6/qH7X0/5r+UUv/r+sftfS/QP+opf+F+kct/S/SP2rp/w39o5b+F+sftfS/RP+opf+l+kct/S/TP2rp/039o5b+39I/aun/bf2jlv6X6x+19L9C/6il/3f0j1r6X6l/1NL/u/pHLf2/p3/U0v8q/aOW/lfrH7X0/77+UUv/a/SPWvpfq3/U0v8H+kct/a/TP2rpf73+UUv/G/SPWvrfqH/U0v8m/aOW/jfrH7X0/6H+UUv/W/SPWvr/aDAYjJ5WY3oGa+n/Y+s/aun/E/2jlv636h+19P+p/lFL/5/pH7X0/7n+UUv/2/SPWvr/Qv+opf8v9Y9a+t+uf9TS/1f6Ry39f61/1NL/Dv2jlv6/0T9q6f9b/aOW/r/TP2rp/3v9o5b+d+oftfT/g/5RS/8/6h+19L9L/6il/5/0j1r6361/1NL/z/pHLf3v0T9q6f8X/aOW/vfqH7X0/6v+UUv/+/SPWvr/Tf+opf/9+kct/f+uf9TS/x/6Ry39/6l/1NL/Af2jlv4P6h+19H9I/6il/8P6Ry39H9E/Kun/6Fn9n6yl/zD9o5b+w/WPWvqP0D9q6T9S/6il/yj9o5b+o/WPWvrPoH/U0n9G/aOW/mP0j1r6z6R/1NL/WfpHLf1n1j9q6T+L/lFL/1n1j1r6P1v/qKX/bPpHLf1n1z9q6T+H/lFL/+foH7X0n1P/qKX/c/WPWvo/T/+opf/z9Y9a+s+lf9TS/wX6Ry3959Y/aun/Qv2jlv4v0j9q6T+P/lFL/3n1j1r6v1j/qKX/WP2jlv7z6R+19J9f/6il/wL6Ry39F9Q/aum/kP5RS/+F9Y9a+i+if9TSf1H9o5b+i+kftfR/if5RS/+X6h+19F9c/6il/xL6Ry39l9Q/aum/lP5RS/+l9Y9a+i+jf9TSf1n9o5b+y+kftfR/mf5RS/+X6x+19F9e/6il/wr6Ry39V9Q/aum/kv5RS/9X6B+19F9Z/6il/yv1j1r6v0r/qKX/q/WPWvqvon/U0n/VKfSfY6n/q4E9M7X0H2f9Ry39V9M/aun/Gv2jlv6r6x+19F9D/6il/5r6Ry3919I/aum/tv5RS/919I9a+r9W/6il/+v0j1r6r6t/1NL/9fpHLf3foH/U0v+N+kct/d+kf9TSfz39o5b+6+sftfTfQP+opf+G+kct/TfSP2rp/2b9o5b+G+sftfTfRP+opf+m+kct/d+if9TSfzP9o5b+m+sftfR/q/5RS/8t9I9a+m+pf9TSfyv9o5b+W+sftfR/m/5RS/9t9I9a+m+rf9TSfzv9o5b+2+sftfTfQf+opf+O+kct/cfrH7X030n/qKX/2/WPWvrvrH/U0n8X/aOW/rvqH7X0303/qKX/7vpHLf3foX/U0n8P/aOW/nvqH7X030v/qKX/O/WPWvrvrX/U0n8f/aOW/vvqH7X030//qKX//vpHLf0P0D9q6X+g/lFL/3fpH7X0f7f+UUv/g/SPWvofrH/U0v8Q/aOW/u/RP2rp/179o5b+79M/aun/fv2jlv6H6h+19P+A/lFL/8P0j1r6H65/1NL/CP2jlv5H6h+19P+g/lFL/w/pH7X0P0r/qKX/h/WPWvofrX/U0v8Y/aOW/h/RP2rpf6z+UUv/j+oftfQ/Tv+opf/H9I9a+n+8rP/BU7ldS//jy/pPrZb+J+gftfT/hP5RS/8T9Y9a+n9S/6il/6f0j1r6f1r/qKX/Z/SPWvqfpH/U0v9k/aOW/qfoH7X0P1X/qKX/afpHLf1P1z9q6X+G/lFL/zP1j1r6n6V/1NL/s/pHLf3P1j9q6f85/aOW/p/XP2rp/wX9o5b+X9Q/aun/Jf2jlv7n6B+19P+y/lFL/6/oH7X0P1f/qKX/efpHLf3P1z9q6f9V/aOW/l/TP2rp/3X9o5b+F+gftfS/UP+opf9F+kct/b+hf9TS/2L9o5b+l+gftfS/VP+opf9l+j/BvJNOW/p/U/+opf+39I9a+n9b/6il/+X6Ry39r9A/aun/Hf2jlv5X6h+19P+u/lFL/+/pH7X0v0r/qKX/1fpHLf2/r3/U0v8a/aOW/tfqH7X0/4H+UUv/6/SPWvpfr3/U0v8G/aOW/jfqH7X0v0n/qKX/zfpHLf1/qH/U0v8W/aOW/j/SP2rp/2P9o5b+P9E/aul/q/5RS/+f6h+19P+Z/lFL/5/rH7X0v03/qKX/L/SPWvr/Uv+opf/t+kct/X+lf9TS/9f6Ry3979A/aun/G/2jlv6/1T9q6f87/aOW/r/XP2rpf6f+UUv/P+gftfT/o/5RS/+79I9a+v9J/6il/936Ry39/6x/1NL/Hv2jlv5/0T9q6X+v/lFL/7/qH7X0v0//qKX/3/SPWvrfr3/U0v/v+kct/f+hf9TS/5/6Ry39H9A/aun/oP5RS/+H9I9a+j+sf9TS/xH9o5L+Iwb6Ry39h+kftfQfrn/U0n+E/lFL/5H6Ry39R+kftfQfrX/U0n8G/aOW/jPqH7X0H6N/1NJ/Jv2jlv7P0j9q6T+z/lFL/1n0j1r6z6p/1NL/2fpHLf1n0z9q6T+7/lFL/zn0j1r6P0f/qKX/nPpHLf2fq3/U0v95+kct/Z+vf9TSfy79o5b+L9A/auk/t/5RS/8X6h+19H+R/lFL/3n0j1r6z6t/1NL/xfpHLf3H6h+19J9P/6il//z6Ry39F9A/aum/oP5RS/+F9I9a+i+sf9TSfxH9o5b+i+oftfRfTP+opf9L9I9a+r9U/6il/+L6Ry39l9A/aum/pP5RS/+l9I9a+i+tf9TSfxn9o5b+y+oftfRfTv+opf/L9I9a+r9c/6il//L6Ry39V9A/aum/Ym//GZ7qxpb+K/X2f0ot/V+hf9TSf2X9o5b+r9Q/aun/Kv2jlv6v1j9q6b+K/lFL/1X1j1r6j9M/aum/mv5RS//X6B+19F9d/6il/xr6Ry3919Q/aum/lv5RS/+19Y9a+q+jf9TS/7X6Ry39X6d/1NJ/Xf2jlv6v1z9q6f8G/aOW/m/UP2rp/yb9o5b+6+kftfRfX/+opf8G+kct/TfUP2rpv5H+UUv/N+sftfTfWP+opf8m+kcT+884mN77b6p/1LL+36J/1NJ/M/2jlv6b6x+19H+r/lFL/y30j1r6b6l/1NJ/K/2j6bH/yElnH99/a/2j6bF/Wv9v0z9q6b+N/lFL/231j1r6b6d/1NJ/e/2jlv476B+19N9R/6il/3j9o5b+O+kftfR/u/5RS/+d9Y9a+u+if9TSf1f9o5b+u+kftfTfXf+opf879I9a+u+hf9TSf0/9o5b+e+kftfR/p/5RS/+99Y9a+u+jf9TSf1/9o5b+++kftfTfX/+opf8B+kct/Q/UP2rp/y79o5b+79Y/aul/kP5RS/+D9Y9a+h+if9TS/z36Ry3936t/1NL/ffpHLf3fr3/U0v9Q/Yc88sjjLrT0/4D+UUv/w/SPWvofrn/U0v8I/aOW/kfqH7X0/6D+UUv/D+kftfQ/Sv+opf+H9Y9a+h+tf9TS/xj9o5b+H9E/aul/rP5RS/+P6h+19D9O/6il/8f0j1r6f1z/qKX/8fpHLf1P0D9q6f8J/aOW/ifqH7X0/6T+UUv/T+kftfT/tP5RS//P6B+19D9J/6il/8n6Ry39T9E/aul/qv5RS//T9I9a+p+uf9TS/wz9o5b+Z+oftfQ/S/+opf9n9Y9a+p+tf9TS/3P6Ry39P69/1NL/C/pHLf2/qH/U0v9L+kct/c/RP2rp/2X9o5b+X9E/aul/rv5RS//z9I9a+p+vf9TS/6v6Ry39v6Z/1NL/6/pHLf0v0D9q6X+h/lFL/4v0j6bn/qv+69oR39A/mp77P379X6x/1NL/Ev2jlv6X6h+19L9M/6il/zf1j1r6f0v/qKX/t/WPWvpfrn/U0v8K/aOW/t/RP2rpf6X+UUv/7+oftfT/nv5RS/+r9I9a+l+tf9TS//v6Ry39r9E/aul/rf5RS/8f6B+19L9O/6il//X6Ry39b9A/aul/o/5RS/+b9I9a+t+sf9TS/4f6Ry39b9E/aun/I/2jlv4/1j9q6f8T/aOW/rfqH7X0/6n+UUv/n+kftfT/uf5RS//b9I9a+v9C/6il/y/1j1r6365/1NL/V/pHLf1/rX/U0v8O/aOW/r/RP2rp/1v9o5b+v9M/aun/e/2jlv536h+19P+D/lFL/z/qH7X0v0v/qKX/n/SPWvrfrX/U0v/P+kct/e/RP2rp/xf9o5b+9+oftfT/q/5RS//79I9a+v9N/6il//36Ry39/65/1NL/H/pHLf3/qX/U0v8B/aOW/g/qH7X0f0j/qKX/w/pHLf0f0T8q6T9yoH/U0n+Y/lFL/+H/Y/8R/7vjeoZq6T/C+o9a+o/UP2rpP0r/qKX/aP2jlv4z6B+19J9R/6il/xj9o5b+M+kftfR/lv5RS/+Z9Y9a+s+if9TSf1b9o5b+z9Y/auk/m/5RS//Z9Y9a+s+hf9TS/zn6Ry3959Q/aun/XP2jlv7P0z9q6f98/aOW/nPpH7X0f4H+UUv/ufWPWvq/UP+opf+L9I9a+s+jf9TSf179o5b+L9Y/auk/Vv+opf98+kct/efXP2rpv4D+UUv/BfWPWvovpH/U0n9h/aOW/ovoH7X0X1T/qKX/YvpHLf1fon/U0v+l+kct/RfXP2rpv4T+UUv/JfWPWvovpX/U0n9p/aOW/svoH7X0X1b/qKX/cvpH03H/MY+7duTL9I+m4/5PWP8v1z9q6b+8/lFL/xX0j1r6r6h/1NJ/Jf2jlv6vqOk/49PauqX/yjX9n56W/q/UP2rp/yr9o5b+r9Y/aum/iv5RS/9V9Y9a+o/TP2rpv5r+UUv/1+gftfRfXf+opf8a+kct/dfUP2rpv5b+UUv/tfWPWvqvo3/U0v+1+kct/V+nf9TSf139o5b+r9c/aun/Bv2jlv5v1D9q6f8m/aOW/uvpH7X0X1//qKX/BvpHLf031D9q6b+R/lFL/zfrH7X031j/qKX/JvpHLf031T9q6f8W/aOW/pvpH7X031z/qKX/W/WPWvpvoX/U0n9L/aOW/lvpH7X031r/qKX/2/SPWvpvo3/U0n9b/aOW/tvpH7X0317/qKX/DvpHLf131D9q6T9e/6il/076Ry39365/1NJ/Z/2jlv676B+19N9V/6il/276Ry39d9c/aun/Dv2jlv576B+19N9T/6il/176Ry3936l/1NJ/b/2jlv776B+19N9X/6il/376Ry3999c/aul/gP5RS/8D9Y9a+r9L/6il/7v1j1r6H6R/1NL/YP2jlv6H6B+19H+P/lFL//fqH7X0f5/+UUv/9+sftfQ/VP+opf8H9I9a+h+mf9TS/3D9o5b+R+gftfQ/Uv+opf8H9Y9a+n9I/6il/1H6Ry39P6x/1NL/aP2jlv7H6B+19P+I/lFL/2P1j1r6f1T/qKX/cfpHLf0/pn/U0v/j+kct/Y/XP2rpf4L+UUv/T+gftfQ/Uf+opf8n9Y9a+n9K/6il/6f1j1r6f0b/qKX/SfpHLf1P1j9q6X+K/lFL/1P1j1r6n6Z/1NL/dP2jlv5n6B+19D9T/6il/1n6Ry39P6t/ND33n/Ff1448W/9oeu7/+PX/Of2jlv6f1z9q6f8F/aOW/l/UP2rp/yX9o5b+5+gftfT/sv5RS/+v6B+19D9X/6il/3n6Ry39z9c/aun/Vf2jlv5f0z9q6f91/aOW/hfoH7X0v1D/qKX/RfpHLf2/oX/U0v9i/aOW/pfoH7X0v1T/qKX/ZfpHLf2/qX/U0v9b+kct/b+tf9TS/3L9o5b+V+gftfT/jv5RS/8r9Y9a+n9X/6il//f0j1r6X6V/1NL/av2jlv7f1z9q6X+N/lFL/2v1j1r6/0D/qKX/dfpHLf2v1z9q6X+D/lFL/xvr+t/8yNRs1dL/prr+U6el/836Ry39f6h/1NL/Fv2jlv4/0j9q6f9j/aOW/j/RP2rpf6v+UUv/n+oftfT/mf5RS/+f6x+19L9N/6il/y/0j1r6/1L/qKX/7fpHLf1/pX/U0v/X+kct/e/QP2rp/xv9o5b+v9U/aun/O/2jlv6/1z9q6X+n/lFL/z/oH7X0/6P+UUv/u/SPWvr/Sf+opf/d+kct/f+sf9TS/x79o5b+f9E/aul/r/5RS/+/6h+19L9P/6il/9/0j1r6369/1NL/7/pHLf3/oX/U0v+f+kct/R/QP2rp/6D+UUv/h/SPptf+Yybr/7D+0fTafzBZ/0f0j0r6jxroH7X0H6Z/1NJ/uP5RS/8R+kct/UfqH7X0H6V/1NJ/tP5RS/8Z9I9a+s+of9TSf4z+UUv/mfSPWvo/S/+opf/M+keP9d9s2GAwHfefRf+oZf3Pqn/U0v/Z+kct/WfTP2rpP7v+UUv/OfSPWvo/R/+opf+c+kct/Z+rf9TS/3n6Ry39n69/1NJ/Lv2jlv4v0D9q6T+3/lFL/xfqH7X0f5H+UUv/efSPWvrPq3/U0v/F+kct/cfqH7X0n0//qKX//PpHLf0X0D9q6b+g/lFL/4X0j1r6L6x/1NJ/Ef2jlv6L6h+19F9M/6il/0v0j1r6v1T/qKX/4vpHLf2X0D9q6b+k/lFL/6X0j1r6L61/1NJ/Gf2jlv7L6h+19F9O/6il/8v0j1r6v1z/qKX/8vpHLf1X0D9q6b+i/lFL/5X0j1r6v0L/qKX/yvpHLf1fqX/U0v9V+kct/V+tf9TSfxX9o5b+q+oftfQfp3/U0n81/aOW/q/RP2rpv7r+UUv/NfSPWvqvqX/U0n8t/aOW/mvrH7X0X0f/qKX/a/WPWvq/Tv+opf+6+kct/V+vf9TS/w36Ry3936h/1NL/TfpHLf3X6+4/85RumND/psFgML33X7+7/xS1rP8N9I9a+m+of9TSfyP9o5b+b9Y/aum/sf5RS/9N9I9a+m+qf9TS/y36Ry39N9M/aum/uf5RS/+36h+19N9C/6il/5b6Ry39t9I/aum/tf5RS/+36R+19N9G/6il/7b6Ry39t9M/aum/vf5RS/8d9I9a+u+of9TSf7z+UUv/nfSPWvq/Xf+opf/O+kct/XfRP2rpv6v+UUv/3fSPWvrvrn/U0v8d+kct/ffQP2rpv6f+UUv/vfSPWvq/U/+opf/e+kct/ffRP2rpv6/+UUv//fSPWvrvr3/U0v8A/aOW/gfqH7X0f5f+UUv/d+sftfQ/SP+opf/B+kct/Q/RP2rp/x79o5b+79U/aun/Pv2jlv7v1z9q6X+o/lFL/w/oH7X0P0z/qKX/4fpHLf2P0D9q6X+k/lFL/w/qH7X0/5D+UUv/o/SPWvp/WP+opf/R+kct/Y/RP2rp/xH9o5b+x+oftfT/qP5RS//j9I9a+n9M/6il/8f1j1r6H69/1NL/BP2jlv6f0D9q6X+i/lFL/0/qH7X0/5T+UUv/T+sftfT/jP5RS/+T9I9a+p+sf9TS/xT9o5b+p+oftfQ/Tf+opf/p+kct/c/QP2rpf6b+UUv/s/SPWvp/Vv+opf/Z+kct/T9X1X/tw6d2y5b+n6/qP/Va+n9B/6il/xf1j1r6f0n/qKX/OfpHLf2/rH/U0v8r+kct/c/VP2rpf57+UUv/8/WPWvp/Vf+opf/X9I9a+n9d/6il/wX6Ry39L9Q/aul/kf5RS/9v6B+19L9Y/6il/yX6Ry39L9U/aul/mf5RS/9v6h+19P+W/lFL/2/rH7X0v1z/qKX/FfpHLf2/o3/U0v9K/aOW/t/VP2rp/z39o5b+V+kftfS/Wv+opf/39Y9a+l+jf9TS/1r9o5b+P9A/aul/nf5RS//r9Y9a+t+gf9TS/0b9o5b+N+kftfS/Wf+opf8P9Y9a+t+if9TS/0f6Ry39f6x/1NL/J/pHLf1v1T9q6f9T/aOW/j/TP2rp/3P9o5b+t+kftfT/hf5RS/9f6h+19L9d/6il/6/0j1r6/1r/qKX/HfpHLf1/o3/U0v+3+kct/X+nf9TS//f6Ry3979Q/aun/B/2jlv5/1D9q6X+X/lFL/z/pH7X0v1v/qKX/n/WPWvrf09d/xNRs1NL/L339p0pL/3v1j1r6/1X/qKX/ffpHLf3/pn/U0v9+/aOW/n/XP2rp/w/9o5b+/9Q/aun/gP5RS/8H9Y9a+j+kf9TS/2H9o5b+j+gflfQfPdA/auk/TP+opf9w/aOW/iP0j1r6j9Q/auk/Sv+opf9o/aOW/jPoH7X0n1H/qKX/GP2jlv4z6R+19H+W/lFL/5n1j1r6z6J/1NJ/Vv2jlv7P1j9q6T+b/lFL/9n1j1r6z6F/1NL/OfpHLf3n1D9q6f9c/aOW/s/TP2rp/3z9o5b+c+kftfR/gf5RS/+59Y9a+r9Q/6il/4v0j1r6z6N/1NJ/Xv2jlv4v1j9q6T9W/6il/3z6Ry3959c/aum/gP5RS/8F9Y9a+i+kf9TSf2H9o5b+i+gftfRfVP+opf9i+kct/V+if9TS/6X6Ry39F9c/aum/hP5RS/8l9Y9a+i+lf9TSf2n9o5b+y+gftfRfVv+opf9y+kct/V+mf9TS/+X6Ry39l9c/aum/gv5RS/8V9Y9a+q+kf9TS/xX6Ry39V9Y/aun/Sv2jlv6v0j9q6f9q/aOW/qvoH7X0X1X/qKX/OP2jlv6r6R+19H+N/lFL/9X1j1r6r6F/1NJ/Tf2jlv5r6R+19F9b/6il/zr6Ry39X6t/1NL/dfpHLf3X1T9q6f96/aOW/m/QP2rp/0b9o5b+b9I/aum/nv5RS//19Y9a+m+gf9TSf0P9o5b+G+kftfR/s/5RS/+N9Y9a+m+if9TSf1P9o5b+b9E/aum/mf5RS//N9Y9a+r9V/6il/xb6Ry39t9Q/aum/lf5RS/+t9Y9a+r9N/6il/zb6Ry39t9U/aum/nf5RS//t9Y9a+u+gf9TSf0f9o5b+4/WPWvrvpH/U0v/t+kct/XfWP2rpv4v+UUv/XfWPWvrvpn/U0n93/aOW/u/QP2rpv4f+UUv/PfWPWvrvpX/U0v+d+kct/ffWP2rpv4/+UUv/ffWPWvrvp3/U0n9//aOW/gfoH7X0P1D/qKX/u/SPWvq/W/+opf9B+kct/Q/WP2rpf4j+UUv/9+gftfR/r/5RS//36R+19H+//lFL/0P1j1r6f0D/qKX/YfpHLf0P1z9q6X+E/lFL/yP1j1r6f1D/qKX/h/SPWvofpX/U0v/D+kct/Y/WP2rpf4z+UUv/j+gftfQ/Vv+opf9H9Y9a+h+nf9TS/2P6Ry39P65/1NL/eP2jlv4n6B+19P+E/lFL/xP1j1r6f1L/qKX/p/SPWvp/Wv+opf9n9I9a+p+kf9TS/2T9o5b+p+gftfQ/Vf+opf9p+kct/U/XP2rpf4b+UUv/M/WPWvqfpX/U0v+z+kct/c/WP2rp/zn9o5b+n9c/aun/Bf2jlv5f1D9q6f8l/aOW/ufoH7X0/7L+UUv/r+gftfQ/V/+opf95+kct/c/XP2rp/1X9o5b+X9M/aun/df2jlv4X6B+19L9Q/6il/0X6Ry39v6F/1NL/Yv2jlv6X6B+19L9U/6il/2X6Ry39v6l/1NL/W/pHLf2/rX/U0v9y/aOW/lfoH7X0/47+UUv/K/WPWvp/V/+opf/39I9a+l+lf9TS/2r9o5b+39c/aul/jf5RS/9r9Y9a+v9A/6il/3X6Ry39r9c/aul/g/5RS/8b9Y9a+t+kf9TS/2b9o5b+P9Q/aul/i/5RS/8f6R+19P+x/lFL/5/oH7X0v1X/qKX/T/WPWvr/TP+opf/P9Y9a+t+mf9TS/xf6Ry39f6l/1NL/dv2jlv6/0j8q6H/UhP6/1j8q6D/B6Dv0j1r6/0b/qKX/b/WPWvr/Tv+opf/v9Y9a+t+pf9TS/w/6Ry39/6h/1NL/Lv2jlv5/0j9q6X+3/lFL/z/rH7X0v0f/qKX/X/SPWvrfq3/U0v+v+kct/e/TP2rp/zf9o5b+9+sftfT/u/5RS/9/6B+19P+n/lFL/wf0j1r6P6h/1NL/If2jlv4P6x+19H9E/6ik/wwD/aOW/sP0j1r6D9c/auk/Qv+opf9I/aOW/qP0j1r6j9Y/auk/g/5RS/8Z9Y9a+o/RP2rpP5P+UUv/Z+kftfSfWf+opf8s+kct/WfVP2rp/2z9o5b+s+kftfSfXf+opf8c+kct/Z+jf9TSf079o5b+z9U/aun/PP2jlv7P1z9q6T+X/lFL/xfoH7X0n1v/qKX/C/WPWvq/SP+opf88+kct/efVP2rp/2L9o5b+Y/WPWvrPp3/U0n9+/aOW/gvoH7X0X1D/qKX/QvpHLf0X1j9q6b+I/lFL/0X1j1r6L6Z/1NL/JfpHLf1fqn/U0n9x/aOW/kvoH7X0X1L/qKX/UvpHLf2X1j9q6b+M/lFL/2X1j1r6L6d/1NL/ZfpHLf1frn/U0n95/aOW/itMRf97Zv3fHNgzU0v/Fa3/qKX/SvpHLf1foX/U0n9l/aOW/q/UP2rp/yr9o5b+r9Y/aum/iv5RS/9V9Y9a+o/TP2rpv5r+UUv/1+gftfRfXf+opf8a+kct/dfUP2rpv5b+UUv/tfWPWvqvo3/U0v+1+kct/V+nf9TSf139o5b+r9c/aun/Bv2jlv5v1D9q6f8m/aOW/uvpH7X0X1//qKX/BvpHLf031D9q6b+R/lFL/zfrH7X031j/qKX/JvpHLf031T9q6f8W/aOW/pvpH7X031z/qKX/W/WPWvpvoX/U0n9L/aOW/lvpH7X031r/qKX/2/SPWvpvo3/U0n9b/aOW/tvpH7X0317/qKX/DvpHLf131D9q6T9e/6il/076Ry39365/1NJ/Z/2jlv676B+19N9V/6il/276Ry39d9c/aun/Dv2jlv576B+19N9T/6il/176Ry3936l/1NJ/b/2jlv776B+19N9X/6il/376Ry3999c/aul/gP5RS/8D9Y9a+r9L/6il/7sn9R8xrcb1DNXS/yDrP2rpf7D+UUv/Q/SPSvoP3qN/VNJ/hvfqH7X0f5/+UUv/9+sftfQ/VP+opf8H9I9a+h+mf9TS/3D9o5b+R+gftfQ/Uv+opf8H9Y9a+n9I/6il/1H6Ry39P6x/1NL/aP2jlv7H6B+19P+I/lFL/2P1j1r6f1T/qKX/cfpHLf0/pn/U0v/j+kct/Y/XP2rpf4L+UUv/T+gftfQ/Uf+opf8n9Y9a+n9K/6il/6f1j1r6f0b/qKX/SfpHLf1P1j9q6X+K/lFL/1P1j1r6n6Z/1NL/dP2jlv5n6B+19D9T/6il/1n6Ry39P6t/1NL/bP2jlv6f0z9q6f95/aOW/l/QP2rp/0X9o5b+X9I/aul/jv5RS/8v6x+19P+K/lFL/3P1j1r6n6d/1NL/fP2jlv5fLeq/4NPYtqX/14r6Px0t/b+uf9TS/wL9o5b+F+oftfS/SP+opf839I9a+l+sf9TS/xL9o5b+l+oftfS/TP+opf839Y9a+n9L/6il/7f1j1r6X65/1NL/Cv2jlv7f0T9q6X+l/lFL/+/qH7X0/57+UUv/q/SPWvpfrX/U0v/7+kct/a/RP2rpf63+UUv/H+gftfS/Tv+opf/1+kct/W/QP2rpf6P+UUv/m/SPWvrfrH/U0v+H+kct/W/RP2rp/yP9o5b+P9Y/aun/E/2jlv636h+19P+p/lFL/5/pH7X0/7n+UUv/2/SPWvr/Qv+opf8v9Y9a+t+uf9TS/1f6Ry39f61/1NL/Dv2jlv6/0T9q6f9b/aOW/r/TP2rp/3v9o5b+d+oftfT/g/5RS/8/6h+19L9L/6il/5/0j1r6361/1NL/z/pHLf3v0T9q6f8X/aOW/vfqH7X0/6v+UUv/+/SPWvr/Tf+opf/9+kct/f+uf9TS/x/6Ry39/6l/1NL/Af2jlv4P6h+19H9I/6il/8P6Ry39H9E/Kuk/40D/qKX/MP2jlv7D9Y9a+o/QP2rpP1L/qKX/KP2jlv6j9Y9a+s+gf9TSf0b9o5b+Y/SPWvrPpH/U0v9Z+kct/WfWP2rpP4v+UUv/WfWPWvo/W/+opf9s+kct/WfXP2rpP4f+UUv/5+gftfSfU/+opf9z9Y9a+j9P/6il//P1j1r6z6V/1NL/BfpHLf3n1j9q6f9C/aOW/i/SP2rpP4/+UUv/efWPWvq/WP+opf9Y/aOW/vPpH7X0n1//qKX/AvpHLf0X1D9q6b+Q/lFL/4X1j1r6L6J/1NJ/Uf2jlv6L6R+19H+J/lFL/5fqH7X0X1z/qKX/EvpHLf2X1D9q6b+U/lFL/6X1j1r6L6N/1NJ/Wf2jlv7L6R+19H9Z7P9f/2j/v7X0f7n1H7X0X17/qKX/CvpHLf1X1D9q6b+S/lFL/1foH7X0X1n/qKX/K/WPWvq/Sv+opf+r9Y9a+q+if9TSf1X9o5b+4/SPWvqvpn/U0v81+kct/VfXP2rpv4b+UUv/NfWPWvqvpX/U0n9t/aOW/uvoH7X0f63+UUv/1+kftfRfV/+opf/r9Y9a+r9B/6il/xv1j1r6v0n/qKX/evpHLf3X1z9q6b+B/lFL/w31j1r6b6R/1NL/zfpHLf031j9q6b+J/lFL/031j1r6v0X/qKX/ZvpHLf031z9q6f9W/aOW/lvoH7X031L/qKX/VvpHLf231j9q6f82/aOW/tvoH7X031b/qKX/dvpHLf231z9q6b+D/lFL/x31j1r6j9c/aum/k/5RS/+36x+19N9Z/6il/y76Ry39d9U/aum/m/5RS//d9Y9a+r9D/6il/x76Ry3999Q/aum/l/5RS/936h+19N9b/6il/z76Ry3999U/aum/n/5RS//99Y9a+h+gf9TS/0D9o5b+79I/aun/bv2jlv4H6R+19D9Y/6il/yH6Ry3936N/1NL/vfpHLf3fp3/U0v/9+kct/Q/VP2rp/wH9o5b+h+kftfQ/XP+opf8R+kct/Y/UP2rp/0H9o5b+H9I/aul/lP5RS/8P6x+19D9a/6il/zH6Ry39P6J/1NL/WP2jlv4f1T9q6X+c/lFL/4/pH7X0/7j+UUv/4/WPWvqfoH/U0v8T+kct/U/UP2rp/0n9o5b+n9I/aun/af2jlv6f0T9q6X+S/lFL/5P1j1r6n6J/1NL/VP2jlv6n6R+19D9d/6il/xn6Ry39z9Q/aul/lv5RS//P6h+19D9b/6il/+f0j1r6f17/qKX/F/SPWvp/Uf+opf+X9I9a+p+jf9TS/8v6Ry39v6J/1NL/XP2jlv7n6R+19D9f/6il/1f1j1r6f03/qKX/1/WPWvpfoH/U0v9C/aOW/hfpH7X0/4b+UUv/i/WPWvpfon/U0v9S/aOW/pfpH7X0/6b+UUv/b+kftfT/tv5RS//L9Y9a+l+hf9TS/zv6Ry39r9Q/aun/Xf2jlv7f0z9q6X+V/lFL/6v1j1r6f1//qKX/NfpHLf2v1T9q6f8D/aOW/tfpH7X0v17/qKX/DfoPBqOefFVL/xv1j1r636R/1NL/Zv2jlv4/1D9q6X+L/lFL/x/pH7X0/7H+UUv/n+gftfS/Vf+opf9P9Y9a+v9M/6il/8/1j1r636Z/1NL/F/pHLf1/qX/U0v92/aOW/r/SP2rp/2v9o5b+d+gftfT/jf5RS//f6h+19P+d/lFL/9/rH7X0v1P/qKX/H/SPWvr/Uf+opf9d+kct/f+kf9TS/279o5b+f9Y/aul/j/5RS/+/6B+19L9X/6il/1/1j1r636d/1NL/b/pHLf3v1z9q6f93/aOW/v/QP2rp/0/9o5b+D+gftfR/UP+opf9D+kct/R/WP2rp/4j+UUn/MQP9o5b+w/SPWvoP1z9q6T9C/6il/0j9o5b+o/SPWvqP1j9q6T+D/lFL/xn1j1r6j9E/auk/k/5RS/9n6R+19J9Z/6il/yz6Ry39Z9U/aun/bP2jlv6z6R+19J9d/6il/xz6Ry39n6N/1NJ/Tv2jlv7P1T9q6f88/aOW/s/XP2rpP5f+UUv/F+gftfSfW/+opf8L9Y9a+r9I/6il/zz6Ry3959U/aun/Yv2jlv5j9Y9a+s+nf9TSf379o5b+C+gftfRfUP+opf9C+kct/RfWP2rpv4j+UUv/RfWPWvovpn/U0v8l+kct/V+qf9TSf3H9o5b+S+gftfRfUv+opf9S+kfTXX8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04IAEAAAAQ9P91OwIFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgpAAD//+udAOI=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x441, 0x0)
fallocate(r0, 0x0, 0x700, 0x1000005)

1.304795275s ago: executing program 3 (id=1718):
r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$apparmor_exec(r0, &(0x7f0000000540)=ANY=[@ANYBLOB='stack :'], 0xe4)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)

1.260563906s ago: executing program 0 (id=1720):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB='-0'], 0x9)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='9p\x00', 0x0, &(0x7f0000000080)='trans=tcp,')

1.191263787s ago: executing program 2 (id=1721):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$vcsn(&(0x7f0000000dc0), 0x1, 0x280000)
bpf$ITER_CREATE(0x21, &(0x7f0000000e00)={r0}, 0x8)

1.169855918s ago: executing program 0 (id=1722):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x5, 0x8, 0x2, 0x4}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000080000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x50)

1.113483369s ago: executing program 2 (id=1723):
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000040)='./file3\x00', 0x0, &(0x7f0000000440), 0x1, 0x559d, &(0x7f0000005600)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file3\x00', 0x40, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000b00)={0x1, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})

1.095149599s ago: executing program 0 (id=1724):
r0 = syz_open_dev$video(&(0x7f0000000040), 0x7f, 0x0)
readv(r0, &(0x7f0000000540)=[{&(0x7f0000000300)=""/145, 0x91}], 0x1)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x3, 0x40000043, 0x32314241, 0x8, 0x0, 0xfffffff3, 0xc, 0xfeedcafe, 0x2, 0x1, 0x2, 0x1}})

917.211723ms ago: executing program 0 (id=1726):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x20, 0x0, 0x7, 0x201, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x440c2)

821.864315ms ago: executing program 0 (id=1728):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002300)=ANY=[@ANYBLOB="b702000000001700bfa300000000000007030000f0ffffff720af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000100006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee2922bd165a5a68488e010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7f22b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab6692422a47e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d74bf0a305790c9d644735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f535447cc0facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf00000048d2570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f09f4db033e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e7f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec50f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858eb756c815e7695d00000000000000000000000000000000000000000000000000007ccf0ce549d97510f7f8765408bb702f0000006d4754d98b7064cf31a681421994e1f307f0ab4ff2e33d3c88fea5d218a276b77adfee7c8fb145783ee1f8cf632c2604eab3a62a28611da1cae5ce60003111ce5c96a1d6e45ee144ffa3dcca32a33f8f0ce2995b7b7aa0bce228cbf37412e1bdebae06edb51a134301b4627d4927287daf9dcae6720334862f3a18094f1edd9e3503379815dcfbbc8141f6e1bbb0901ae91357677fd9d2bb00d4f17fb441c2dfa2b424bf46ae299d68ac27792cdac2f09e99f4ab5546ba1e5ad6a329f24e73a9c38eec34bd4dcc1609f6150e2de72f6599a2310c3841f4bb7f39cabc82c9fdfff5587ed4fa84090635fa3445c4cc54478b2f98320944ac7cb1c4e414556f7b0b763a00a84327cec7e11b3470f0384b27bbfdd8b2472497e7fe8c5df7e0a00641872472efa21c9ad3979e642dcc85c17ca8e084aa9689b83426e2fdaa01f500000000000000000000f9fd84fa991466ff749afe900d02281b2bb60d458340c4f68ec34835760ceca945bf181a000000c000000000b4a76515564ae189de7c1765f0ff68a0388ca8dd2aa831d0e01f0d7ce74401a58cef60e63e97a50c18de54121ce66380224ab7b9c0d4710f2347bad2c9b3e41cc738c1092728687f33e5cdb077223dc82c2137b4e3ba6791a2cd764e654f904c9505b7c5e3b2897072e747534952dcda50cde3e4deb6ebf85a04c3e415112b01eed6515c845a8a20519cd21787d560e9d8283fa8ff0c17b63ba06577c26678ff45420a1f85df47dbfc44e534f71aae5693fb5df61c5096219091ce0cd8e1e2e79bf9d37779e52007c66a00e6ded1499ed3892ed1544d1577906b52e16c734d4aec07dd15faa768c97298be87dd34ce704ffe3da8b46708cf972de4f31c0705ac933db80bdcfcb35c0d4620d4ec270ff7c9ce1b78994dd2b28b9d1c5c469d4c1a61781dce2f1b54d6138bd3f7df9e9ca613bec407c1b8d1bd0c7cb9d76eebf2f17c"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000380)="b9ff05000000008c9c18ed0f6fd2", 0x0, 0xfe6, 0x60000000, 0x0, 0xfffffffffffffd5f, 0x0, 0x0, 0x2, 0x0, 0x8d6a}, 0x18)

684.336507ms ago: executing program 4 (id=1730):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000001c0)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000001000010025bd7000fedbdf2500000000", @ANYRES32=r1, @ANYBLOB="10080400030000001c002b8008000100", @ANYRES32, @ANYBLOB="080002"], 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x4000000)

656.483598ms ago: executing program 0 (id=1731):
syz_usb_connect(0x3, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x27, 0x4c, 0x3, 0x40, 0x5ab, 0x60, 0x1106, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0xd, 0x0, 0x0, [{{0x9, 0x4, 0xa8, 0x0, 0x0, 0xf4, 0x7, 0x50}}]}}]}}, 0x0)
syz_usb_connect(0x0, 0x312, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xb6, 0x1e, 0xfa, 0x10, 0x1e2d, 0x51, 0x66ef, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x300, 0x1, 0x49, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x4d, 0x1, 0x6, 0x96, 0x7e, 0x75, 0x2, [], [{{0x9, 0x5, 0x3, 0x20, 0x3ff, 0x9, 0x1, 0x10, [@generic={0x8e, 0x2, "4d8dc49d56cf9b5d33c3001486ba76e66bf733ca37d5d6c700ec0fcbf122471f60a7157dd22c1a3fa650d51453cd280d4a6ae40fb2fd53fb0998ccfe0284f728163f7e12b7f5fe5e5d1fe462dd3c8e6b2b65a464900eb73631f34d854d6f3180ca3daed1a091bdfb1ad4d2ea45692fb3d4b26360dfdf5b24da9829db7935def781e6045e8d41927406537705"}]}}, {{0x9, 0x5, 0x87, 0x1728477f0b43abf2, 0x3ff, 0x8, 0x2, 0x8}}, {{0x9, 0x5, 0x1, 0x4, 0x200, 0x8, 0xf, 0xb, [@generic={0xca, 0x10, "2f7e3e1d189b8fdd571884ddf8e55ee181755abc74460b1f934102e690c3a349f78ce30a10aab6d0402ed6ec9b78f33400f07b70d5033bbc487a06fcfd3cff851b31a475c3aeb520a8dc32b3d81d7dcda4573ea925f99752ecdb493feaba9c7fe750dcbdf7fcc8bde68922acd3b783e96f3c02aa0688746f4ad1535aa20da6b1f7b2efc07704f387c5b24835d0a2ad2511c937f21edbb116149f548d70db6761c4fc446eb50457216e98676dc0941ab11c44ce572a99ba8cfc3aa27f0391ae2af25848a7b71a7b72"}, @generic={0xdf, 0x3, "51cd712d2bd53fcb43168f3b7966cc3faa5e1b338d3e00c069b3e854d73f300534b88c9a0acae8e5b8d4ef7e39c75eec97c76611a8c0f765de3b5d3c227fe607bf61364ed1f5ffca56a134047438522a697cc10d41d53b25e376f526eab8eb936bd1e76f794bf8bf0931916bf19179307cfbdbf9f611647002d4f01d20774be8bfad7e12ad780a30099ac484e2301bc5ce16e228d1a287739b5cc94446517d988fada09c64c79ee60a744ebf02a352e01c323d1630c1ff5bdb42041e9278e46db1e4c1bbb2994c12e86dc7c608fdbceccc629f4c46eb04be607f846340"}]}}, {{0x9, 0x5, 0x4, 0x10, 0x400, 0x8, 0x40, 0x1, [@generic={0x7a, 0x21, "5be6a5cdf4264bfb3db026388c652efc02269f5b729404f3a0f57aef1b58c2f11a4388f6adc31df8414fb746e218d2a40b8730927ddf20e41f09caf95f967de1fa596f48a1ee4be3e100b0d22964d32512d35f38aab57d7e7d0e447fbeddfeffe38992a5349cc4957b23c57a34a6ab8e50eb4cbc8bf1e1ea"}, @uac_iso={0x7, 0x25, 0x1, 0x3, 0x4, 0x65e}]}}, {{0x9, 0x5, 0x1, 0x1, 0xbf2473ac8176ce1, 0x59, 0x94, 0x8}}, {{0x9, 0x5, 0x8, 0x10, 0x200, 0x7, 0x2c, 0xa}}]}}]}}]}}, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)

540.29956ms ago: executing program 4 (id=1732):
iopl(0x3)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x220000, 0xc, 0x0, 0x2, 0xfffffffe})
setgroups(0x0, 0x0)

457.069472ms ago: executing program 4 (id=1733):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@ipv6_newrule={0x38, 0x20, 0x1, 0x70bd29, 0x0, {0xa, 0x0, 0x20, 0x64, 0x0, 0x0, 0x0, 0x7}, [@FIB_RULE_POLICY=@FRA_IP_PROTO={0x5, 0x16, 0x4f}, @FRA_SRC={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}]}, 0x38}, 0x1, 0x0, 0x0, 0x24040804}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00!'], 0x5c}}, 0x0)

369.843813ms ago: executing program 4 (id=1734):
r0 = semget(0x1, 0x4, 0x39c)
semop(r0, &(0x7f0000000080)=[{0x1, 0x8001, 0x1000}, {0x1, 0x5b7a, 0x800}], 0x2)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000140)=[0x6, 0x7fff])

307.008744ms ago: executing program 2 (id=1735):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
timer_create(0x0, 0x0, &(0x7f0000000300)=<r0=>0x0)
timer_gettime(r0, &(0x7f00000002c0))

267.201875ms ago: executing program 2 (id=1736):
unshare(0x26020480)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, 0x0, 0x0)

248.884246ms ago: executing program 4 (id=1737):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_CT_DIRECTION={0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)

137.434868ms ago: executing program 2 (id=1738):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x80800)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, r1, &(0x7f0000000140)=0x5, 0x2, 0x0)

137.224928ms ago: executing program 4 (id=1739):
openat$random(0xffffffffffffff9c, &(0x7f0000004480), 0x40, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0x541b, 0x0)

0s ago: executing program 2 (id=1740):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902640002010000000904010001020d00e7052406000105240000000d240f0100000000000000000006241a00000008241c00000008000905810300020000000904010000020d000009040101"], 0x0)
syz_usb_control_io$printer(r0, &(0x7f0000000000)={0x14, 0x0, &(0x7f0000000140)={0x0, 0x3, 0x4, @string={0x4, 0x3, '>M'}}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

iled
[  112.216910][ T6872] FAT-fs (loop3): Directory bread(block 70) failed
[  112.223501][ T6872] FAT-fs (loop3): Directory bread(block 71) failed
[  112.253712][ T6872] FAT-fs (loop3): Directory bread(block 72) failed
[  112.271248][  T785] usb 4-1: USB disconnect, device number 5
[  112.273989][ T6872] FAT-fs (loop3): Directory bread(block 73) failed
[  112.314602][ T6879] loop2: detected capacity change from 0 to 512
[  112.415488][ T6879] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.440: casefold flag without casefold feature
[  112.445205][ T6883] loop1: detected capacity change from 0 to 1024
[  112.457548][ T6879] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.440: couldn't read orphan inode 15 (err -117)
[  112.476370][ T6879] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.522566][ T6883] hfsplus: bad catalog entry type
[  112.596161][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.643311][ T6886] loop0: detected capacity change from 0 to 256
[  112.961249][ T6895] loop3: detected capacity change from 0 to 47
[  113.077929][ T6899] loop1: detected capacity change from 0 to 512
[  113.186389][ T6899] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.243107][ T6899] ext4 filesystem being mounted at /123/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  113.535824][ T6916] usb usb8: usbfs: process 6916 (syz.0.455) did not claim interface 3 before use
[  113.550617][ T6914] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  113.569306][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.587498][ T6914] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  113.588926][ T6919] loop3: detected capacity change from 0 to 2048
[  113.598475][ T6914] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  113.623253][ T6914] comedi comedi3: 8255: I/O port conflict (0x5c95239c,4)
[  113.664366][ T6914] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  113.672468][ T6919] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  113.701410][ T6914] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  113.723874][ T6922] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  113.744086][ T6914] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  113.787484][ T6914] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  113.794090][ T6914] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  113.834617][ T6914] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  113.853876][ T6914] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  113.873332][ T6914] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  113.900159][ T6914] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  113.923710][ T6914] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffe,4)
[  113.948587][ T6914] comedi comedi3: 8255: I/O port conflict (0xa,4)
[  113.957370][ T6914] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffff5,4)
[  113.965177][ T6914] comedi comedi3: 8255: I/O port conflict (0xffffffffffffcadb,4)
[  113.994799][ T6914] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  114.046313][ T6934] loop3: detected capacity change from 0 to 1024
[  114.268556][ T6934] hfsplus: bad catalog entry type
[  114.341902][   T12] hfsplus: b-tree write err: -5, ino 4
[  114.510034][ T6952] netlink: 16 bytes leftover after parsing attributes in process `syz.3.464'.
[  114.564767][ T6955] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  114.651461][ T6958] loop2: detected capacity change from 0 to 256
[  114.695909][ T6958] exfat: Deprecated parameter 'utf8'
[  114.706038][ T6958] exfat: Deprecated parameter 'utf8'
[  114.745440][ T6958] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d)
[  115.167083][ T5875] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  115.245056][ T6981] netlink: 'syz.3.474': attribute type 3 has an invalid length.
[  115.397963][ T5875] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  115.426779][ T5875] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  115.466661][ T5875] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  115.518453][ T5875] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  115.550742][ T5875] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.566802][ T5875] usb 2-1: Product: syz
[  115.571022][ T5875] usb 2-1: Manufacturer: syz
[  115.585842][ T6993] tipc: Started in network mode
[  115.595789][ T6993] tipc: Node identity 00000000000000000000ffffac141422, cluster identity 4711
[  115.596909][ T5875] usb 2-1: SerialNumber: syz
[  115.626968][ T6993] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  115.629273][ T6966] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  115.669903][ T5875] usb 2-1: bad CDC descriptors
[  115.988909][    T9] usb 2-1: USB disconnect, device number 3
[  116.014093][ T7008] loop0: detected capacity change from 0 to 1024
[  116.131557][   T48] hfsplus: b-tree write err: -5, ino 4
[  116.347888][ T7018] loop0: detected capacity change from 0 to 128
[  116.371667][ T7018] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  116.399007][ T7018] hpfs: filesystem error: improperly stopped
[  116.407948][ T7018] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  116.417741][ T7018] hpfs: You really don't want any checks? You are crazy...
[  116.439729][ T7018] hpfs: hpfs_map_sector(): read error
[  116.445163][ T7018] hpfs: code page support is disabled
[  116.471012][ T7018] hpfs: hpfs_map_4sectors(): unaligned read
[  116.493110][ T7018] hpfs: hpfs_map_4sectors(): unaligned read
[  116.510320][ T7018] hpfs: filesystem error: unable to find root dir
[  117.007454][ T7037] loop0: detected capacity change from 0 to 1764
[  117.012837][ T7039] loop2: detected capacity change from 0 to 1024
[  117.033277][ T7041] sp0: Synchronizing with TNC
[  117.244744][   T48] hfsplus: b-tree write err: -5, ino 4
[  117.810835][ T7069] loop1: detected capacity change from 0 to 128
[  117.917031][ T7069] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  117.953115][ T7069] ext4 filesystem being mounted at /135/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  118.038853][ T7077] loop2: detected capacity change from 0 to 1024
[  118.064459][ T5782] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  118.331507][ T7083] netlink: 4 bytes leftover after parsing attributes in process `syz.1.517'.
[  118.515130][ T7089] loop2: detected capacity change from 0 to 256
[  118.602822][ T7089] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  118.994766][ T7101] sp0: Synchronizing with TNC
[  119.232143][ T7111] loop1: detected capacity change from 0 to 128
[  119.257851][ T5788] kernel write not supported for file /vcs (pid: 5788 comm: kworker/0:3)
[  119.258926][ T7111] EXT4-fs: Ignoring removed nobh option
[  119.335527][ T7111] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  119.374084][ T7111] ext4 filesystem being mounted at /141/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  119.483611][ T7099] loop2: detected capacity change from 0 to 32768
[  119.587087][ T7099] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  119.607961][ T7124] loop0: detected capacity change from 0 to 512
[  119.653196][ T3513] (kworker/u4:7,3513,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2
[  119.701162][ T5782] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  119.721392][ T7124] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  119.794438][ T7124] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  119.818403][ T7127] (syz.2.527,7127,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2
[  119.861773][ T7124] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  119.868230][ T7127] (syz.2.527,7127,1):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2
[  119.884805][ T7124] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  119.912238][ T7124] System zones: 0-2, 18-18, 34-35
[  119.931218][ T7124] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.023392][ T7127] (syz.2.527,7127,0):__ocfs2_prepare_orphan_dir:2171 ERROR: status = -2
[  120.066264][ T7127] (syz.2.527,7127,0):ocfs2_prepare_orphan_dir:2213 ERROR: status = -2
[  120.091661][ T7127] (syz.2.527,7127,0):ocfs2_prepare_orphan_dir:2229 ERROR: status = -2
[  120.112156][ T7127] (syz.2.527,7127,0):ocfs2_unlink:965 ERROR: status = -2
[  120.158662][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.255425][ T5785] ocfs2: Unmounting device (7,2) on (node local)
[  120.504642][ T7129] loop3: detected capacity change from 0 to 32768
[  120.751413][  T111] ERROR: (device loop3): diUpdatePMap: the inode is not allocated in the working map
[  120.751413][  T111] 
[  120.787043][  T111] ERROR: (device loop3): remounting filesystem as read-only
[  121.011719][ T7149] netlink: 'syz.0.551': attribute type 1 has an invalid length.
[  121.019799][ T7149] netlink: 244 bytes leftover after parsing attributes in process `syz.0.551'.
[  121.245581][ T7155] loop1: detected capacity change from 0 to 2048
[  121.276522][ T7155] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.501910][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.675748][ T7166] tipc: MTU too low for tipc bearer
[  121.929089][ T7157] loop0: detected capacity change from 0 to 32768
[  121.949116][ T7173] loop3: detected capacity change from 0 to 64
[  121.961793][ T7157] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.554 (7157)
[  122.053295][ T7157] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  122.081706][    T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  122.099873][ T7157] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  122.134131][ T7157] BTRFS info (device loop0): enabling disk space caching
[  122.177162][ T7157] BTRFS info (device loop0): enabling auto defrag
[  122.195816][ T7157] BTRFS info (device loop0): doing ref verification
[  122.223017][ T7157] BTRFS info (device loop0): use no compression
[  122.239977][ T7157] BTRFS info (device loop0): force clearing of disk cache
[  122.256751][ T7157] BTRFS info (device loop0): disabling disk space caching
[  122.278924][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.301224][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.335803][    T9] usb 2-1: New USB device found, idVendor=060b, idProduct=0001, bcdDevice= 0.00
[  122.350223][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.408942][    T9] usb 2-1: config 0 descriptor??
[  122.516953][ T7157] BTRFS info (device loop0): enabling ssd optimizations
[  122.545280][ T7157] BTRFS info (device loop0): auto enabling async discard
[  122.583468][ T7157] BTRFS info (device loop0): rebuilding free space tree
[  122.730785][ T7157] BTRFS info (device loop0): disabling free space tree
[  122.739810][ T7157] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  122.752113][ T7157] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  122.867504][    T9] hid (null): report_id 393985501 is invalid
[  122.908020][    T9] macally 0003:060B:0001.0006: report_id 393985501 is invalid
[  122.926540][    T9] macally 0003:060B:0001.0006: item 0 4 1 8 parsing failed
[  122.936085][    T9] macally: probe of 0003:060B:0001.0006 failed with error -22
[  123.020467][ T5783] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  123.107600][    T9] usb 2-1: USB disconnect, device number 4
[  123.237146][    T8] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  123.276930][  T785] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  123.422918][ T7220] loop0: detected capacity change from 0 to 256
[  123.437169][    T8] usb 4-1: Using ep0 maxpacket: 8
[  123.442712][ T7220] exfat: Deprecated parameter 'namecase'
[  123.454291][    T8] usb 4-1: config 2 has an invalid interface number: 31 but max is 0
[  123.461676][ T7220] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  123.466647][    T8] usb 4-1: config 2 has no interface number 0
[  123.487331][  T785] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.494917][    T8] usb 4-1: config 2 interface 31 has no altsetting 0
[  123.497610][  T785] usb 3-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[  123.506558][    T8] usb 4-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[  123.535987][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.551606][    T8] usb 4-1: Product: syz
[  123.557156][  T785] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.557990][    T8] usb 4-1: Manufacturer: syz
[  123.576707][    T8] usb 4-1: SerialNumber: syz
[  123.595627][  T785] usb 3-1: config 0 descriptor??
[  124.033713][ T7231] loop1: detected capacity change from 0 to 1024
[  124.062691][  T785] nintendo 0003:057E:200E.0007: unbalanced delimiter at end of report description
[  124.084468][  T785] nintendo 0003:057E:200E.0007: HID parse failed
[  124.105762][ T7231] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  124.124303][  T785] nintendo 0003:057E:200E.0007: probe - fail = -22
[  124.132347][  T785] nintendo: probe of 0003:057E:200E.0007 failed with error -22
[  124.145225][ T7231] ext4 filesystem being mounted at /149/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.247393][ T7231] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: comm syz.1.580: lblock 0 mapped to illegal pblock 0 (length 6)
[  124.267514][    T8] ch9200: probe of 4-1:2.31 failed with error -22
[  124.306405][    T8] usb 4-1: USB disconnect, device number 6
[  124.309834][   T28] usb 3-1: USB disconnect, device number 5
[  124.383164][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  124.525673][ T7245] loop1: detected capacity change from 0 to 256
[  124.538549][ T7245] exfat: Deprecated parameter 'utf8'
[  124.545846][ T7245] exfat: Deprecated parameter 'namecase'
[  124.559417][ T7245] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  124.942057][ T7249] loop3: detected capacity change from 0 to 1024
[  125.084866][ T3513] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.253969][ T7255] loop2: detected capacity change from 0 to 4096
[  125.287811][ T7256] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  125.289584][ T3513] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.341139][ T7255] NILFS error (device loop2): nilfs_find_entry: dir 2 size 34359742464 exceeds block count 1
[  125.375275][ T7255] Remounting filesystem read-only
[  125.437862][ T3513] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.620117][ T3513] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.758031][ T7264] loop2: detected capacity change from 0 to 1764
[  125.821253][ T7264] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  126.172596][ T7271] netlink: 12 bytes leftover after parsing attributes in process `syz.3.598'.
[  126.368451][ T5795] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  126.379417][ T5795] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  126.389498][ T5795] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  126.422119][ T5795] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  126.440138][ T5795] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  126.452159][ T5795] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  127.200725][ T7277] loop3: detected capacity change from 0 to 40427
[  127.222331][ T7277] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  127.231498][ T7277] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  127.246297][ T7277] F2FS-fs (loop3): invalid crc value
[  127.283367][ T7277] F2FS-fs (loop3): Found nat_bits in checkpoint
[  127.448369][ T7277] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  127.475307][ T7277] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  127.690670][ T7275] chnl_net:caif_netlink_parms(): no params data found
[  128.062252][ T3513] hsr_slave_0: left promiscuous mode
[  128.093610][ T3513] hsr_slave_1: left promiscuous mode
[  128.127184][ T3513] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  128.143288][ T7329] loop3: detected capacity change from 0 to 128
[  128.155450][ T3513] batman_adv: batadv0: Removing interface: batadv_slave_0
[  128.172541][ T3513] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  128.190630][ T3513] batman_adv: batadv0: Removing interface: batadv_slave_1
[  128.226733][ T3513] bridge_slave_1: left allmulticast mode
[  128.252031][ T3513] bridge_slave_1: left promiscuous mode
[  128.285846][ T3513] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.352388][ T3513] bridge_slave_0: left allmulticast mode
[  128.366822][ T3513] bridge_slave_0: left promiscuous mode
[  128.372652][ T3513] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.439051][ T3513] veth1_macvtap: left promiscuous mode
[  128.445319][ T3513] veth0_macvtap: left promiscuous mode
[  128.453725][ T3513] veth1_vlan: left promiscuous mode
[  128.459557][ T3513] veth0_vlan: left promiscuous mode
[  128.559709][ T5798] Bluetooth: hci1: command tx timeout
[  129.242653][ T3513] team0 (unregistering): Port device team_slave_1 removed
[  129.298456][ T3513] team0 (unregistering): Port device team_slave_0 removed
[  129.348620][ T3513] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  129.401274][ T3513] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  129.926420][ T3513] bond0 (unregistering): Released all slaves
[  130.239749][ T7275] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.248741][ T7275] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.256011][ T7275] bridge_slave_0: entered allmulticast mode
[  130.298581][ T7275] bridge_slave_0: entered promiscuous mode
[  130.341509][ T7275] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.366775][ T7275] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.374052][ T7275] bridge_slave_1: entered allmulticast mode
[  130.412755][ T7275] bridge_slave_1: entered promiscuous mode
[  130.561161][ T7275] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  130.608344][ T7275] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  130.643203][ T5798] Bluetooth: hci1: command tx timeout
[  130.825872][ T7275] team0: Port device team_slave_0 added
[  130.865865][ T7275] team0: Port device team_slave_1 added
[  131.018907][ T7275] batman_adv: batadv0: Adding interface: batadv_slave_0
[  131.054769][ T7275] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  131.080734][    C1] vkms_vblank_simulate: vblank timer overrun
[  131.136050][ T7275] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  131.187685][ T7275] batman_adv: batadv0: Adding interface: batadv_slave_1
[  131.212218][ T7275] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  131.269610][ T7275] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  131.397803][ T7359] loop2: detected capacity change from 0 to 32768
[  131.415510][ T7359] XFS: ikeep mount option is deprecated.
[  131.473375][ T7359] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  131.486787][ T7357] loop3: detected capacity change from 0 to 32768
[  131.513475][ T7275] hsr_slave_0: entered promiscuous mode
[  131.525611][ T7275] hsr_slave_1: entered promiscuous mode
[  131.546433][ T7357] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  131.558295][ T7275] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  131.619679][ T7275] Cannot create hsr debugfs directory
[  131.649168][ T7357] XFS (loop3): Ending clean mount
[  131.736779][ T7359] XFS (loop2): Ending clean mount
[  131.769434][ T7359] XFS (loop2): Quotacheck needed: Please wait.
[  131.893760][ T7359] XFS (loop2): Quotacheck: Done.
[  132.002257][ T7367] loop0: detected capacity change from 0 to 32768
[  132.030383][ T5784] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  132.093584][ T7359] XFS (loop2): syz.2.621 should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported
[  132.294579][ T7367] JBD2: Ignoring recovery information on journal
[  132.350306][ T7275] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  132.350307][ T5785] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  132.385507][ T7367] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  132.443579][ T7275] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  132.514236][ T7275] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  132.550122][ T7275] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  132.730105][ T5798] Bluetooth: hci1: command tx timeout
[  132.742099][ T5783] ocfs2: Unmounting device (7,0) on (node local)
[  132.972735][ T7275] 8021q: adding VLAN 0 to HW filter on device bond0
[  132.995178][ T7411] loop3: detected capacity change from 0 to 1024
[  133.047257][ T7275] 8021q: adding VLAN 0 to HW filter on device team0
[  133.067289][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  133.073997][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  133.093774][ T3513] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.100995][ T3513] bridge0: port 1(bridge_slave_0) entered forwarding state
[  133.110870][ T7408] loop2: detected capacity change from 0 to 4096
[  133.182792][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.190037][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  133.291301][ T7408] ntfs: volume version 3.1.
[  133.314184][ T7416] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  133.353663][ T7408] ntfs: (device loop2): ntfs_is_extended_system_file(): Unindexed file name. You should run chkdsk.
[  133.386124][ T7408] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing.
[  133.427017][ T7408] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x18 as bad.  Run chkdsk.
[  133.446206][ T7408] ntfs: (device loop2): load_and_init_quota(): Failed to load $Quota.
[  133.468739][ T7408] ntfs: (device loop2): load_system_files(): Failed to load $Quota.  Mounting read-only.  Run chkdsk.
[  133.915270][ T7433] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.629'.
[  133.947126][ T7433] openvswitch: netlink: Tunnel attr 13157 out of range max 16
[  134.015750][ T7275] 8021q: adding VLAN 0 to HW filter on device batadv0
[  134.700922][ T7459] loop2: detected capacity change from 0 to 128
[  134.745587][ T7459] VFS: Found a Xenix FS (block size = 1024) on device loop2
[  134.807989][ T5798] Bluetooth: hci1: command tx timeout
[  134.900270][ T7275] veth0_vlan: entered promiscuous mode
[  134.944635][ T7435] loop0: detected capacity change from 0 to 32768
[  134.960544][ T7275] veth1_vlan: entered promiscuous mode
[  135.050546][ T7435] ialloc: diAlloc returned -5!
[  135.073753][ T7275] veth0_macvtap: entered promiscuous mode
[  135.115685][ T7275] veth1_macvtap: entered promiscuous mode
[  135.179758][ T7275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.220965][ T7275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.246803][ T7275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.266675][ T7275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.286715][ T7275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.307916][ T7275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.328484][ T7275] batman_adv: batadv0: Interface activated: batadv_slave_0
[  135.355908][ T7275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.396664][ T7275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.423001][ T7275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.446349][ T7275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.466737][ T7275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.478161][ T5785] sysv_free_block: flc_count > flc_size
[  135.478334][ T7275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.485474][ T5785] sysv_free_block: flc_count > flc_size
[  135.517286][ T7275] batman_adv: batadv0: Interface activated: batadv_slave_1
[  135.542397][  T110] ERROR: (device loop0): diUpdatePMap: the iag is outside the map
[  135.542397][  T110] 
[  135.570748][ T7275] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  135.573303][ T5785] sysv_free_block: flc_count > flc_size
[  135.587832][  T110] ERROR: (device loop0): remounting filesystem as read-only
[  135.595343][ T5785] sysv_free_block: flc_count > flc_size
[  135.605162][ T7275] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  135.614813][ T7275] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  135.620849][ T5785] sysv_free_block: flc_count > flc_size
[  135.623850][ T7275] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  135.665134][ T5785] sysv_free_block: flc_count > flc_size
[  135.673951][ T5785] sysv_free_block: flc_count > flc_size
[  135.683193][ T5785] sysv_free_block: flc_count > flc_size
[  135.715242][ T5785] sysv_free_block: flc_count > flc_size
[  135.732788][ T5785] sysv_free_block: flc_count > flc_size
[  135.744056][ T7473] loop3: detected capacity change from 0 to 4096
[  135.757126][ T5785] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  135.769274][ T7473] NILFS (loop3): invalid segment: Checksum error in segment payload
[  135.782711][ T7473] NILFS (loop3): trying rollback from an earlier position
[  135.798773][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  135.828337][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  135.893564][ T7473] NILFS (loop3): recovery complete
[  135.924577][ T7476] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  135.947006][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  135.983685][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.501012][   T28] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  136.700018][   T28] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  136.730398][   T28] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  136.754473][   T28] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  136.783806][   T28] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.802814][   T28] usb 3-1: config 0 descriptor??
[  137.058053][ T7480] netlink: 'syz.2.641': attribute type 1 has an invalid length.
[  137.075013][ T7480] netlink: 220 bytes leftover after parsing attributes in process `syz.2.641'.
[  137.095684][ T7510] loop3: detected capacity change from 0 to 8192
[  137.103455][   T28] usb 3-1: USB disconnect, device number 6
[  137.126009][ T7510] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  137.140139][ T7510] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  137.150789][ T7510] REISERFS (device loop3): using ordered data mode
[  137.162400][ T7510] reiserfs: using flush barriers
[  137.172531][ T7510] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  137.189791][ T7510] REISERFS (device loop3): checking transaction log (loop3)
[  137.201931][ T7510] REISERFS (device loop3): Using r5 hash to sort names
[  137.210286][ T7510] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  137.502536][ T7507] loop4: detected capacity change from 0 to 32768
[  137.637290][ T7507] JBD2: Ignoring recovery information on journal
[  137.801886][ T7507] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  138.052450][ T7275] ocfs2: Unmounting device (7,4) on (node local)
[  138.245091][ T7536] loop3: detected capacity change from 0 to 4096
[  138.342784][ T7536] ntfs: volume version 3.1.
[  138.390606][ T7536] ntfs: (device loop3): ntfs_is_extended_system_file(): Unindexed file name. You should run chkdsk.
[  138.416856][ T7536] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing.
[  138.446216][ T7536] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x18 as bad.  Run chkdsk.
[  138.493060][ T7536] ntfs: (device loop3): load_and_init_quota(): Failed to load $Quota.
[  138.522607][ T7536] ntfs: (device loop3): load_system_files(): Failed to load $Quota.  Mounting read-only.  Run chkdsk.
[  138.777192][ T7531] loop2: detected capacity change from 0 to 32768
[  138.855952][ T7531] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  138.865028][    T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  138.948038][ T7550] loop3: detected capacity change from 0 to 4096
[  139.066821][    T8] usb 5-1: Using ep0 maxpacket: 8
[  139.066913][ T7531] XFS (loop2): Ending clean mount
[  139.085586][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.112432][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.126946][    T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  139.142007][    T8] usb 5-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.00
[  139.153641][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.166075][    T8] usb 5-1: config 0 descriptor??
[  139.196291][ T7550] ntfs3: loop3: failed to convert "0080" to cp862
[  139.209467][ T7550] ntfs3: loop3: failed to convert name for inode 1e.
[  139.373503][ T5785] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  139.707188][    T8] nzxt-kraken2 0003:1E71:170E.0008: hidraw0: USB HID v0.04 Device [HID 1e71:170e] on usb-dummy_hcd.4-1/input0
[  139.866792][    T8] usb 5-1: USB disconnect, device number 2
[  139.904639][ T7567] loop3: detected capacity change from 0 to 4096
[  140.027431][ T7570] fido_id[7570]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  140.078648][ T7567] ntfs3: loop3: Failed to initialize $Extend/$ObjId.
[  140.269872][ T7567] ntfs3: loop3: ino=5, "/" attr_set_size
[  140.844429][ T7586] netlink: 16 bytes leftover after parsing attributes in process `syz.4.663'.
[  141.084571][ T7594] loop4: detected capacity change from 0 to 1024
[  141.137040][ T7594] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.236056][    T8] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  141.290785][ T7574] loop0: detected capacity change from 0 to 32768
[  141.298318][ T7574] XFS: noikeep mount option is deprecated.
[  141.320309][ T7574] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  141.398467][ T7574] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  141.446790][    T8] usb 4-1: Using ep0 maxpacket: 32
[  141.453849][    T8] usb 4-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.462966][ T7574] XFS (loop0): Starting recovery (logdev: internal)
[  141.466912][    T8] usb 4-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 10
[  141.483870][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  141.491385][    T8] usb 4-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[  141.500907][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.520331][    T8] usb 4-1: config 0 descriptor??
[  141.559651][ T7574] XFS (loop0): Ending recovery (logdev: internal)
[  141.638277][ T5874] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  141.737467][ T5783] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  141.885471][ T5874] usb 3-1: config 0 has an invalid interface number: 3 but max is 0
[  141.893716][ T5874] usb 3-1: config 0 has no interface number 0
[  141.920201][ T5874] usb 3-1: New USB device found, idVendor=1660, idProduct=1921, bcdDevice=1f.84
[  141.950476][ T5874] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.979516][    T8] betop 0003:20BC:5500.0009: unbalanced collection at end of report description
[  142.002927][ T5874] usb 3-1: Product: syz
[  142.003374][ T7275] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.010387][    T8] betop 0003:20BC:5500.0009: parse failed
[  142.024966][ T5874] usb 3-1: Manufacturer: syz
[  142.036802][ T5874] usb 3-1: SerialNumber: syz
[  142.043009][    T8] betop: probe of 0003:20BC:5500.0009 failed with error -22
[  142.055485][ T5874] usb 3-1: config 0 descriptor??
[  142.137615][ T7618] overlayfs: lower data-only dirs require metacopy support.
[  142.206998][    T8] usb 4-1: USB disconnect, device number 7
[  142.303981][ T5874] dvb-usb: found a 'Medion CTX1921 DVB-T USB' in cold state, will try to load a firmware
[  142.352243][ T5874] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  142.360519][ T5874] dib0700: firmware download failed at 7 with -22
[  142.375802][ T5874] usb 3-1: USB disconnect, device number 7
[  142.652872][ T7626] loop4: detected capacity change from 0 to 2048
[  142.667430][ T7626] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  142.682069][ T7626] NILFS (loop4): mounting unchecked fs
[  142.695310][ T6035] udevd[6035]: incorrect nilfs2 checksum on /dev/loop4
[  142.712338][ T7626] NILFS (loop4): recovery complete
[  142.720060][ T7627] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  143.015608][ T7637] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  143.163704][ T7635] loop2: detected capacity change from 0 to 4096
[  143.196811][ T7635] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  143.279347][ T7635] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  143.495953][ T7649] loop4: detected capacity change from 0 to 8192
[  143.519069][ T7649] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  143.552199][ T7649] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal
[  143.566105][ T7649] REISERFS (device loop4): using ordered data mode
[  143.574411][ T7649] reiserfs: using flush barriers
[  143.674101][ T7649] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  143.755597][ T7649] REISERFS (device loop4): checking transaction log (loop4)
[  143.783292][ T7649] REISERFS (device loop4): Using r5 hash to sort names
[  143.800629][ T7649] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  144.188691][ T7658] loop2: detected capacity change from 0 to 32768
[  144.236824][    T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  144.427651][    T9] usb 4-1: Using ep0 maxpacket: 8
[  144.435294][    T9] usb 4-1: config index 0 descriptor too short (expected 30, got 18)
[  144.448146][    T9] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  144.466718][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.474852][    T9] usb 4-1: Product: syz
[  144.484976][    T9] usb 4-1: Manufacturer: syz
[  144.489724][    T9] usb 4-1: SerialNumber: syz
[  144.509948][    T9] usb 4-1: config 0 descriptor??
[  144.518133][    T9] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  144.536497][    T9] usb 4-1: setting power ON
[  144.558058][    T9] dvb-usb: bulk message failed: -22 (2/0)
[  144.578818][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  144.607388][    T9] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  144.616353][    T9] usb 4-1: media controller created
[  144.688122][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  144.738298][ T7662] dvb-usb: bulk message failed: -22 (3/0)
[  144.769459][    T9] usb 4-1: selecting invalid altsetting 6
[  144.785584][    T9] usb 4-1: digital interface selection failed (-22)
[  144.802606][    T9] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  144.822731][    T9] usb 4-1: setting power OFF
[  144.836759][    T9] dvb-usb: bulk message failed: -22 (2/0)
[  144.848737][    T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  144.868507][    T9] (NULL device *): no alternate interface
[  144.915594][    T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  144.952043][    T9] usb 4-1: USB disconnect, device number 8
[  144.995573][ T7668] loop4: detected capacity change from 0 to 32768
[  145.128014][ T7672] loop2: detected capacity change from 0 to 32768
[  145.153203][ T7672] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  145.213288][ T7672] XFS (loop2): Ending clean mount
[  145.224180][ T7672] XFS (loop2): Quotacheck needed: Please wait.
[  145.339286][ T7672] XFS (loop2): Quotacheck: Done.
[  145.484392][   T27] audit: type=1800 audit(1757613621.157:53): pid=7672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.693" name="file1" dev="loop2" ino=9286 res=0 errno=0
[  145.695857][ T5785] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  145.989262][ T7702] autofs4:pid:7702:autofs_fill_super: called with bogus options
[  146.068179][ T7705] netlink: 8 bytes leftover after parsing attributes in process `syz.3.705'.
[  146.093110][ T7705] IPVS: Error joining to the multicast group
[  146.431533][ T7719] netlink: zone id is out of range
[  146.727686][ T7731] loop0: detected capacity change from 0 to 1024
[  146.823759][ T7733] loop4: detected capacity change from 0 to 128
[  146.856925][   T11] hfsplus: b-tree write err: -5, ino 4
[  147.355927][ T7729] loop3: detected capacity change from 0 to 32768
[  147.460117][ T7729] JFS: block map error in dbBackSplit
[  147.474774][ T7729] ERROR: (device loop3): dbDiscardAG: -EIO
[  147.474774][ T7729] 
[  147.488537][ T7729] ERROR: (device loop3): remounting filesystem as read-only
[  147.500685][ T7729] syz.3.717: attempt to access beyond end of device
[  147.500685][ T7729] loop3: rw=2051, sector=2629632, nr_sectors = 8192 limit=32768
[  147.522184][ T7729] JFS: sb_issue_discard(ffff88802dbdc000, 328704, 1024, GFP_NOFS, 0) = -5 => failed!
[  147.533867][ T7729] blkno = 50400, nblocks = 400
[  147.539919][ T7729] ERROR: (device loop3): dbFree: block to be freed is outside the map
[  147.539919][ T7729] 
[  147.884384][ T7755] loop0: detected capacity change from 0 to 8192
[  147.915145][ T7755] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  147.974959][ T7755] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  148.023056][ T7755] REISERFS (device loop0): using ordered data mode
[  148.044287][ T7763] loop3: detected capacity change from 0 to 8192
[  148.062431][ T7755] reiserfs: using flush barriers
[  148.069730][ T7766] loop2: detected capacity change from 0 to 128
[  148.078816][ T7755] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  148.098908][ T7766] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  148.125422][ T7755] REISERFS (device loop0): checking transaction log (loop0)
[  148.138086][ T7766] hpfs: filesystem error: improperly stopped
[  148.144821][ T7766] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  148.155359][ T7755] REISERFS (device loop0): Using r5 hash to sort names
[  148.174974][ T7766] hpfs: You really don't want any checks? You are crazy...
[  148.188614][ T5875] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  148.200063][ T7755] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  148.215284][ T7766] hpfs: hpfs_map_sector(): read error
[  148.247133][ T7766] hpfs: code page support is disabled
[  148.253778][ T7766] hpfs: hpfs_map_4sectors(): unaligned read
[  148.283668][ T7766] hpfs: hpfs_map_4sectors(): unaligned read
[  148.307536][ T7766] hpfs: filesystem error: unable to find root dir
[  148.343898][ T7769] loop3: detected capacity change from 0 to 1024
[  148.409042][ T5875] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  148.431297][ T7769] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.442620][ T7766] hpfs: bad mount options.
[  148.453615][ T7769] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.465479][ T5875] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  148.532129][ T5875] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  148.584279][ T5875] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.644432][ T7760] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  148.711819][ T5875] usb 5-1: Quirk or no altest; falling back to MIDI 1.0
[  148.807451][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.185892][  T785] usb 5-1: USB disconnect, device number 3
[  149.643202][ T7783] loop3: detected capacity change from 0 to 40427
[  149.665606][ T7783] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff
[  149.687161][ T7783] F2FS-fs (loop3): Image doesn't support compression
[  149.693952][ T7783] F2FS-fs (loop3): Image doesn't support compression
[  149.730687][ T7777] loop2: detected capacity change from 0 to 65536
[  149.733549][ T7783] F2FS-fs (loop3): invalid crc value
[  149.763193][ T7783] F2FS-fs (loop3): Found nat_bits in checkpoint
[  149.782587][ T7777] XFS (loop2): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  149.954406][ T7783] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  149.985720][ T7777] XFS (loop2): Ending clean mount
[  150.108001][ T5785] XFS (loop2): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  150.206554][ T5784] F2FS-fs (loop3): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x516/0x19c0
[  150.239681][ T5784] F2FS-fs (loop3): invalid blkaddr: 1535, type: 10, run fsck to fix.
[  150.336676][ T5874] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  150.541740][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.575851][ T5874] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  150.615850][ T5874] usb 5-1: New USB device found, idVendor=1ea7, idProduct=0907, bcdDevice= 0.00
[  150.650133][ T5874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.679171][ T5874] usb 5-1: config 0 descriptor??
[  150.919199][ T7813] loop3: detected capacity change from 0 to 512
[  150.949397][ T7813] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  151.021691][ T7813] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  151.054909][ T7813] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.121154][ T5874] semitek 0003:1EA7:0907.000A: hidraw0: USB HID v0.00 Device [HID 1ea7:0907] on usb-dummy_hcd.4-1/input0
[  151.172259][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  151.254579][ T7801] loop2: detected capacity change from 0 to 40427
[  151.264691][ T7801] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x7ffff
[  151.278424][ T7801] F2FS-fs (loop2): Image doesn't support compression
[  151.285677][ T7801] F2FS-fs (loop2): Image doesn't support compression
[  151.302713][ T7801] F2FS-fs (loop2): invalid crc value
[  151.356791][ T7801] F2FS-fs (loop2): Found nat_bits in checkpoint
[  151.396481][    T8] usb 5-1: USB disconnect, device number 4
[  151.551352][ T7801] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  151.674268][   T27] audit: type=1800 audit(1757613627.337:54): pid=7801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.739" name="file1" dev="loop2" ino=10 res=0 errno=0
[  151.739794][ T5785] syz-executor: attempt to access beyond end of device
[  151.739794][ T5785] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  151.740458][ T7830] loop3: detected capacity change from 0 to 4096
[  151.785250][ T7830] ntfs: (device loop3): ntfs_mapping_pairs_decompress(): Missing length entry in mapping pairs array.
[  151.798423][ T7830] ntfs: (device loop3): ntfs_mapping_pairs_decompress(): Invalid length in mapping pairs array.
[  151.810112][ T5785] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  151.811418][ T7830] ntfs: (device loop3): ntfs_read_locked_inode(): Mapping pairs decompression failed.
[  151.829816][ T7830] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  151.871389][ T7830] ntfs: (device loop3): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  151.942572][ T7830] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  152.010094][ T7830] ntfs: volume version 3.1.
[  152.025424][ T7830] ntfs: (device loop3): ntfs_read_block(): Failed to read from inode 0x2, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  152.080995][ T7830] ntfs: (device loop3): ntfs_read_block(): Failed to read from inode 0x2, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5).
[  152.126865][ T7830] ntfs: (device loop3): ntfs_check_logfile(): Error mapping $LogFile page (index 0).
[  152.501888][ T7849] gretap0: entered promiscuous mode
[  152.521292][ T7849] vlan2: entered promiscuous mode
[  152.645345][ T7856] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  152.679218][ T7856] comedi comedi3: 8255: I/O port conflict (0x8000006,4)
[  152.686259][ T7856] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  152.753987][ T7856] comedi comedi3: 8255: I/O port conflict (0x8,4)
[  152.780072][ T7856] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  152.799515][ T7856] comedi comedi3: 8255: I/O port conflict (0x7fffffff,4)
[  152.836745][ T7856] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  152.855310][ T7856] comedi comedi3: 8255: I/O port conflict (0x3000000,4)
[  152.893561][ T7863] loop4: detected capacity change from 0 to 128
[  152.948368][ T7863] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  152.980747][ T7863] ext4 filesystem being mounted at /36/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  153.096724][ T7275] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  153.309168][ T7852] loop3: detected capacity change from 0 to 32768
[  153.322833][ T7879] loop2: detected capacity change from 0 to 64
[  153.357984][ T7879] hfs: unable to locate alternate MDB
[  153.378492][ T7879] hfs: continuing without an alternate MDB
[  153.974215][ T7899] loop4: detected capacity change from 0 to 1024
[  154.259959][ T7908] veth0_to_bond: entered allmulticast mode
[  154.311116][ T7912] netlink: 'syz.2.764': attribute type 10 has an invalid length.
[  154.496149][ T7922] loop4: detected capacity change from 0 to 16
[  154.534239][ T7922] erofs: (device loop4): mounted with root inode @ nid 36.
[  155.451594][ T7931] loop4: detected capacity change from 0 to 32768
[  155.485212][ T7955] netlink: 24 bytes leftover after parsing attributes in process `syz.0.776'.
[  155.529213][ T7955] IPVS: Error connecting to the multicast addr
[  155.556378][ T7931] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  155.696771][ T7931] (syz.4.770,7931,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=0, inode=65, rec_len=16, name_len=1
[  155.902259][ T7275] ocfs2: Unmounting device (7,4) on (node local)
[  156.069409][ T7972] loop4: detected capacity change from 0 to 8
[  156.085505][ T7972] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  156.250988][ T7943] loop2: detected capacity change from 0 to 40427
[  156.362022][ T7943] F2FS-fs (loop2): invalid crc value
[  156.374579][ T7980] loop0: detected capacity change from 0 to 256
[  156.428299][ T7980] exfat: Deprecated parameter 'namecase'
[  156.436444][ T7943] F2FS-fs (loop2): Found nat_bits in checkpoint
[  156.473690][ T7980] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  156.632702][ T7943] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  157.137142][ T8001] comedi comedi0: Minor -2147450880 is invalid!
[  157.496505][ T7978] loop3: detected capacity change from 0 to 32768
[  157.550534][ T7978] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  157.796788][ T7978] XFS (loop3): Ending clean mount
[  157.845720][ T7978] XFS (loop3): Quotacheck needed: Please wait.
[  158.005697][ T7978] XFS (loop3): Quotacheck: Done.
[  158.275309][ T5784] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  159.158663][ T8057] loop0: detected capacity change from 0 to 32768
[  159.190680][ T8057] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.806 (8057)
[  159.275553][ T8057] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  159.290431][ T8080] sp0: Synchronizing with TNC
[  159.309424][ T8057] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  159.341110][ T8057] BTRFS info (device loop0): force clearing of disk cache
[  159.372376][ T8057] BTRFS info (device loop0): metadata ratio 0
[  159.388409][ T8057] BTRFS info (device loop0): enabling ssd optimizations
[  159.411673][ T8057] BTRFS info (device loop0): using spread ssd allocation scheme
[  159.430305][ T8057] BTRFS info (device loop0): using free space tree
[  159.582121][ T8057] BTRFS info (device loop0): auto enabling async discard
[  159.622782][ T8057] BTRFS info (device loop0): rebuilding free space tree
[  159.763213][ T8057] BTRFS warning (device loop0): qgroup rescan init failed, qgroup is not enabled
[  159.849350][ T8057] syz.0.806 (8057) used greatest stack depth: 20752 bytes left
[  159.879605][ T5783] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  160.028617][ T8075] loop3: detected capacity change from 0 to 40427
[  160.084706][ T8075] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  160.122859][ T6035] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop0 scanned by udevd (6035)
[  160.126808][ T8075] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  160.195889][ T8075] F2FS-fs (loop3): invalid crc value
[  160.218433][ T8075] F2FS-fs (loop3): Found nat_bits in checkpoint
[  160.419271][ T8075] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  160.436965][ T8075] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  160.811407][ T8132] loop0: detected capacity change from 0 to 164
[  160.966004][ T8115] loop4: detected capacity change from 0 to 32768
[  161.038208][ T8115] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  161.138386][ T8142] loop0: detected capacity change from 0 to 16
[  161.339277][ T8115] XFS (loop4): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  161.375666][ T8144] netlink: 24 bytes leftover after parsing attributes in process `syz.2.823'.
[  161.461517][ T8115] XFS (loop4): Starting recovery (logdev: internal)
[  161.465836][ T8146] loop0: detected capacity change from 0 to 1024
[  161.545358][ T8146] hfsplus: bad catalog entry type
[  161.557013][ T8115] XFS (loop4): Ending recovery (logdev: internal)
[  161.578299][ T8115] XFS (loop4): Quotacheck needed: Please wait.
[  161.653695][ T8115] XFS (loop4): Quotacheck: Done.
[  161.679250][ T3513] hfsplus: b-tree write err: -5, ino 4
[  161.891013][ T7275] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  161.912526][ T8154] loop2: detected capacity change from 0 to 512
[  162.017033][ T8154] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.827: invalid indirect mapped block 10 (level 1)
[  162.061533][ T8162] loop3: detected capacity change from 0 to 512
[  162.106712][ T8154] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.827: invalid indirect mapped block 8 (level 1)
[  162.143651][ T8162] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.201076][ T8154] EXT4-fs (loop2): 1 truncate cleaned up
[  162.221671][ T8154] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.381911][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.398674][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.453817][ T8167] netlink: 'syz.0.834': attribute type 1 has an invalid length.
[  162.492557][ T8167] netlink: 4 bytes leftover after parsing attributes in process `syz.0.834'.
[  162.853042][   T27] kauditd_printk_skb: 9 callbacks suppressed
[  162.853056][   T27] audit: type=1326 audit(1757613638.527:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8180 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effca78eba9 code=0x7ffc0000
[  162.896549][   T27] audit: type=1326 audit(1757613638.527:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8180 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effca78eba9 code=0x7ffc0000
[  162.974824][   T27] audit: type=1326 audit(1757613638.527:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8180 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7effca78eba9 code=0x7ffc0000
[  163.001560][   T27] audit: type=1326 audit(1757613638.527:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8180 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effca78eba9 code=0x7ffc0000
[  163.039565][   T27] audit: type=1326 audit(1757613638.527:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8180 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effca78eba9 code=0x7ffc0000
[  163.473874][ T8209] loop0: detected capacity change from 0 to 64
[  164.111600][ T8233] loop0: detected capacity change from 0 to 2048
[  164.140498][ T8233] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  164.219959][ T8237] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  164.234879][ T5799] udevd[5799]: incorrect nilfs2 checksum on /dev/loop0
[  164.359248][ T8241] __vm_enough_memory: pid: 8241, comm: syz.2.865, not enough memory for the allocation
[  164.509261][ T8243] loop3: detected capacity change from 0 to 4096
[  164.536807][ T8243] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  164.554714][ T8247] capability: warning: `syz.2.868' uses deprecated v2 capabilities in a way that may be insecure
[  164.554847][ T8245] loop0: detected capacity change from 0 to 2048
[  164.577688][ T8243] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  164.619032][ T8245] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  164.633718][ T8243] ntfs: (device loop3): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  164.705272][ T8243] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  164.738094][ T8243] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  164.778117][ T8243] ntfs: volume version 3.1.
[  165.112229][ T8261] loop4: detected capacity change from 0 to 64
[  165.130990][ T8261] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing
[  165.189725][ T8258] loop0: detected capacity change from 0 to 1024
[  165.298448][ T8258] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.336514][ T8258] ext4 filesystem being mounted at /197/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.440112][ T8258] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  165.467301][ T8258] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 60 with max blocks 1 with error 28
[  165.509599][ T8258] EXT4-fs (loop0): This should not happen!! Data will be lost
[  165.509599][ T8258] 
[  165.546709][ T8258] EXT4-fs (loop0): Total free blocks count 0
[  165.561193][ T8272] loop3: detected capacity change from 0 to 2048
[  165.567768][ T8258] EXT4-fs (loop0): Free/Dirty block details
[  165.587051][ T8258] EXT4-fs (loop0): free_blocks=4293918720
[  165.592999][ T8258] EXT4-fs (loop0): dirty_blocks=16
[  165.606870][ T8258] EXT4-fs (loop0): Block reservation details
[  165.633533][ T8258] EXT4-fs (loop0): i_reserved_data_blocks=1
[  165.646554][ T8272] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.758149][ T8272] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.791824][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.804138][ T8263] loop2: detected capacity change from 0 to 32768
[  165.859000][ T8263] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  165.925445][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.033793][ T8263] XFS (loop2): Ending clean mount
[  166.154538][ T8287] netlink: 12 bytes leftover after parsing attributes in process `syz.3.882'.
[  166.357474][ T8270] loop4: detected capacity change from 0 to 40427
[  166.380308][ T8294] loop0: detected capacity change from 0 to 256
[  166.381031][ T5785] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  166.389571][ T8270] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x7
[  166.436627][ T8294] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  166.473628][ T8270] F2FS-fs (loop4): invalid crc value
[  166.523115][ T8270] F2FS-fs (loop4): Found nat_bits in checkpoint
[  166.741981][ T8270] F2FS-fs (loop4): Start checkpoint disabled!
[  166.760997][ T8270] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  166.816907][ T8270] F2FS-fs (loop4): Skipping Checkpoint. Checkpoints currently disabled.
[  167.266801][ T5819] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  167.461807][ T8305] loop2: detected capacity change from 0 to 32768
[  167.474014][ T5819] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  167.490460][ T5819] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.502994][ T5819] usb 4-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00
[  167.550744][ T5819] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.559730][ T8305] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  167.617524][ T5819] usb 4-1: config 0 descriptor??
[  167.637923][ T8309] loop0: detected capacity change from 0 to 32768
[  167.646179][ T8309] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.892 (8309)
[  167.702605][ T8309] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  167.734845][ T8324] loop4: detected capacity change from 0 to 512
[  167.755659][ T8309] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  167.764975][ T8309] BTRFS info (device loop0): using free space tree
[  167.768313][ T8305] XFS (loop2): Ending clean mount
[  167.823394][ T8324] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.852130][ T8324] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.992870][ T8309] BTRFS info (device loop0): enabling ssd optimizations
[  168.021329][ T8309] BTRFS info (device loop0): auto enabling async discard
[  168.051382][ T7275] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.063705][ T5785] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  168.109599][ T5819] zydacron 0003:13EC:0006.000B: unknown main item tag 0x6
[  168.167418][ T5819] zydacron 0003:13EC:0006.000B: hidraw0: USB HID v0.00 Device [HID 13ec:0006] on usb-dummy_hcd.3-1/input0
[  168.232138][   T27] kauditd_printk_skb: 11 callbacks suppressed
[  168.232155][   T27] audit: type=1800 audit(1757613643.897:61): pid=8309 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.892" name="file1" dev="loop0" ino=260 res=0 errno=0
[  168.407203][ T5819] usb 4-1: USB disconnect, device number 9
[  168.521058][ T8347] fido_id[8347]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  168.728623][ T5783] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  168.802955][ T8353] netlink: 16 bytes leftover after parsing attributes in process `syz.2.894'.
[  168.942715][ T8355] loop4: detected capacity change from 0 to 4096
[  168.984330][ T8355] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512).
[  169.024586][ T8359] netlink: 'syz.0.898': attribute type 27 has an invalid length.
[  169.217606][ T8363] gretap0: entered promiscuous mode
[  169.251129][ T8363] vlan2: entered promiscuous mode
[  169.386074][ T8367] loop3: detected capacity change from 0 to 16
[  169.437558][ T8367] erofs: (device loop3): mounted with root inode @ nid 36.
[  169.485636][ T8367] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 0 @ lcn 0 of nid 36
[  169.541353][ T8367] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 0 @ lcn 0 of nid 36
[  169.554954][ T8367] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  169.571318][ T8367] erofs: (device loop3): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  169.577321][ T8369] loop4: detected capacity change from 0 to 512
[  169.618709][ T8369] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  169.711236][ T8369] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.736868][ T8369] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  169.781122][ T8376] openvswitch: netlink: Actions may not be safe on all matching packets
[  169.843711][ T8380] loop3: detected capacity change from 0 to 256
[  169.937380][ T7275] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.962117][ T8380] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  170.371607][ T8394] loop3: detected capacity change from 0 to 4096
[  170.395551][ T8394] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing.
[  170.404836][ T8394] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  170.442902][ T8394] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  170.461661][ T8394] ntfs: volume version 3.1.
[  170.616298][ T5784] ntfs: (device loop3): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  170.762697][ T8405] loop0: detected capacity change from 0 to 512
[  170.777604][ T8405] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  170.805274][ T8405] EXT4-fs error (device loop0): ext4_orphan_get:1425: comm syz.0.921: bad orphan inode 67108875
[  170.834022][ T8405] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.034435][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.244039][ T8422] genirq: Flags mismatch irq 7. 00000000 (ttyS3) vs. 00000000 (das16m1)
[  171.817294][    T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  171.886820][ T8432] loop0: detected capacity change from 0 to 32768
[  171.939356][ T8432] JBD2: Ignoring recovery information on journal
[  172.008968][ T8432] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  172.019112][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11
[  172.037505][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  172.048356][    T9] usb 5-1: New USB device found, idVendor=0c70, idProduct=f011, bcdDevice= 0.00
[  172.057620][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.075705][    T9] usb 5-1: config 0 descriptor??
[  172.127396][ T8448] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  172.169652][ T8432] OCFS2: ERROR (device loop0): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #17056 has bad parent pointer (312, expected 74)
[  172.194997][ T8432] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  172.208981][ T8432] OCFS2: File system is now read-only.
[  172.214530][ T8432] (syz.0.934,8432,0):ocfs2_search_one_group:1684 ERROR: status = -30
[  172.223156][ T8432] (syz.0.934,8432,0):ocfs2_claim_suballoc_bits:1920 ERROR: status = -30
[  172.231777][ T8432] (syz.0.934,8432,0):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30
[  172.240780][ T8432] (syz.0.934,8432,0):ocfs2_claim_new_inode:2216 ERROR: status = -30
[  172.250954][ T8432] (syz.0.934,8432,0):ocfs2_claim_new_inode:2231 ERROR: status = -30
[  172.261942][ T8432] (syz.0.934,8432,0):ocfs2_mknod_locked:639 ERROR: status = -30
[  172.286727][ T8432] (syz.0.934,8432,0):ocfs2_mknod:385 ERROR: status = -30
[  172.306110][ T8432] (syz.0.934,8432,0):ocfs2_mknod:502 ERROR: status = -30
[  172.314938][ T8432] (syz.0.934,8432,0):ocfs2_create:676 ERROR: status = -30
[  172.395347][ T5783] ocfs2: Unmounting device (7,0) on (node local)
[  172.519595][    T9] aquacomputer_d5next 0003:0C70:F011.000C: hidraw0: USB HID v0.00 Device [HID 0c70:f011] on usb-dummy_hcd.4-1/input0
[  172.721913][    T8] usb 5-1: USB disconnect, device number 5
[  173.442392][ T8484] loop4: detected capacity change from 0 to 512
[  173.450895][ T8484] EXT4-fs (loop4): Test dummy encryption mode enabled
[  173.472230][ T8484] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  173.549433][ T8484] EXT4-fs (loop4): 1 truncate cleaned up
[  173.556340][ T8484] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.648592][ T8484] EXT4-fs warning (device loop4): __ext4fs_dirhash:270: inode #2: comm syz.4.957: Siphash requires key
[  173.826169][ T7275] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.046320][ T8477] loop0: detected capacity change from 0 to 32768
[  174.228148][ T8503] loop2: detected capacity change from 0 to 4096
[  174.393530][ T8503] ntfs3: loop2: ino=5, "/" directory corrupted
[  174.406789][ T8503] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  174.431179][ T8503] ntfs3: loop2: ino=5, "/" directory corrupted
[  174.458847][ T8482] loop3: detected capacity change from 0 to 32768
[  174.482206][ T8482] XFS: noikeep mount option is deprecated.
[  174.539623][ T8482] XFS: ikeep mount option is deprecated.
[  174.636131][ T8482] XFS (loop3): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  174.671305][ T8516] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491
[  174.766123][ T8482] XFS (loop3): Ending clean mount
[  174.796279][ T8482] XFS (loop3): Quotacheck needed: Please wait.
[  174.926185][ T8482] XFS (loop3): Quotacheck: Done.
[  175.273001][ T5784] XFS (loop3): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  175.696333][ T8544] bridge0: entered promiscuous mode
[  175.725711][ T8544] macsec1: entered promiscuous mode
[  175.941252][ T8548] loop2: detected capacity change from 0 to 4096
[  175.969702][ T8548] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  176.383856][ T8548] overlayfs: upper fs does not support tmpfile.
[  176.408782][ T8543] loop4: detected capacity change from 0 to 32768
[  176.436446][ T8548] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  176.517023][ T8543] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  176.532258][ T8564] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  176.624984][ T8573] loop0: detected capacity change from 0 to 256
[  176.637130][ T8543] XFS (loop4): Ending clean mount
[  176.714884][ T8573] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[  176.739130][ T8543] syz.4.981 (8543) used greatest stack depth: 20712 bytes left
[  176.905762][ T7275] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  177.237023][    T8] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  177.429967][    T8] usb 4-1: config 0 has too many interfaces: 129, using maximum allowed: 32
[  177.443095][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 129
[  177.469206][    T8] usb 4-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e
[  177.482059][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.506775][    T8] usb 4-1: Product: syz
[  177.512089][    T8] usb 4-1: Manufacturer: syz
[  177.526639][    T8] usb 4-1: SerialNumber: syz
[  177.543452][    T8] usb 4-1: config 0 descriptor??
[  177.776960][    T8] mos7840 4-1:0.0: required endpoints missing
[  178.001829][    T8] usb 4-1: USB disconnect, device number 10
[  179.178036][ T8623] loop0: detected capacity change from 0 to 40427
[  179.194150][ T8623] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x7ffff
[  179.206691][ T5819] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  179.223495][ T8623] F2FS-fs (loop0): Image doesn't support compression
[  179.240735][ T8623] F2FS-fs (loop0): Image doesn't support compression
[  179.263751][ T8623] F2FS-fs (loop0): invalid crc value
[  179.288463][ T8623] F2FS-fs (loop0): Found nat_bits in checkpoint
[  179.352424][ T8623] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  179.397366][ T5819] usb 5-1: Using ep0 maxpacket: 32
[  179.406329][ T5819] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  179.420532][ T5819] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  179.452452][ T5819] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  179.503697][ T5819] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  179.549342][ T5819] usb 5-1: config 0 interface 0 has no altsetting 0
[  179.569391][ T5819] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  179.583316][ T5819] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  179.593408][ T5783] F2FS-fs (loop0): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x516/0x19c0
[  179.612810][ T5783] F2FS-fs (loop0): invalid blkaddr: 1535, type: 10, run fsck to fix.
[  179.624333][ T5819] usb 5-1: Product: syz
[  179.629383][ T5819] usb 5-1: Manufacturer: syz
[  179.634343][ T5819] usb 5-1: SerialNumber: syz
[  179.650229][ T5819] usb 5-1: config 0 descriptor??
[  179.673988][ T5819] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  179.706511][ T5819] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  179.900112][ T5819] usb 5-1: USB disconnect, device number 6
[  179.911013][ T5819] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  179.953909][ T8643] loop3: detected capacity change from 0 to 256
[  179.994833][ T8643] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x0a42a509, utbl_chksum : 0xe619d30d)
[  180.037013][ T8643] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  181.394459][ T8674] loop3: detected capacity change from 0 to 32768
[  181.755636][ T8678] loop3: detected capacity change from 0 to 4096
[  181.773669][ T8678] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  182.615893][ T8707] loop3: detected capacity change from 0 to 16
[  182.642047][ T8707] erofs: (device loop3): mounted with root inode @ nid 36.
[  183.405759][ T8740] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1067'.
[  183.453685][ T8743] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1069'.
[  183.551651][ T8744] loop0: detected capacity change from 0 to 4096
[  183.583794][ T8744] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  183.682800][ T8750] loop3: detected capacity change from 0 to 512
[  183.715978][ T8752] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1073'.
[  183.730450][ T8750] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  183.842169][ T8750] EXT4-fs (loop3): 1 truncate cleaned up
[  183.896237][ T8750] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.083376][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.288828][ T8757] loop4: detected capacity change from 0 to 32768
[  184.321049][ T8757] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.1074 (8757)
[  184.383038][ T8757] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  184.386033][ T8771] loop0: detected capacity change from 0 to 128
[  184.403613][ T8757] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  184.422992][ T8757] BTRFS info (device loop4): setting nodatasum
[  184.454570][ T8757] BTRFS info (device loop4): enabling auto defrag
[  184.485536][ T8757] BTRFS info (device loop4): disabling tree log
[  184.499536][ T8771] overlay: Unknown parameter 'uni_xlate'
[  184.507596][ T8757] BTRFS info (device loop4): using free space tree
[  184.527515][   T27] audit: type=1326 audit(1757613660.207:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  184.549738][    C0] vkms_vblank_simulate: vblank timer overrun
[  184.626776][   T27] audit: type=1326 audit(1757613660.207:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  184.688940][   T27] audit: type=1326 audit(1757613660.247:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  184.733569][   T27] audit: type=1326 audit(1757613660.247:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd45b78ebe3 code=0x7ffc0000
[  184.755877][   T27] audit: type=1326 audit(1757613660.247:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  184.776884][ T8757] BTRFS info (device loop4): enabling ssd optimizations
[  184.779605][   T27] audit: type=1326 audit(1757613660.247:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  184.814462][ T8757] BTRFS info (device loop4): auto enabling async discard
[  184.821556][   T27] audit: type=1326 audit(1757613660.247:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  184.821603][   T27] audit: type=1326 audit(1757613660.257:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  184.821637][   T27] audit: type=1326 audit(1757613660.257:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  184.821670][   T27] audit: type=1326 audit(1757613660.257:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.3.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  184.866243][    C0] vkms_vblank_simulate: vblank timer overrun
[  184.890795][ T8795] loop0: detected capacity change from 0 to 4096
[  184.945710][ T8795] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  185.122701][ T8795] syz.0.1085 (8795) used greatest stack depth: 20528 bytes left
[  185.246908][ T7275] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  185.635152][ T8811] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1092'.
[  185.953888][ T8815] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1094'.
[  185.982135][ T8815] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1094'.
[  186.087018][ T8807] loop4: detected capacity change from 0 to 32768
[  186.100560][ T8807] (syz.4.1087,8807,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  186.106463][ T8819] loop0: detected capacity change from 0 to 1024
[  186.130295][ T8807] (syz.4.1087,8807,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  186.133474][ T8819] EXT4-fs: Ignoring removed orlov option
[  186.195743][ T8819] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.200864][ T8807] JBD2: Ignoring recovery information on journal
[  186.321030][ T8819] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.353767][ T8807] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  186.721019][ T8807] syz.4.1087 (8807) used greatest stack depth: 18992 bytes left
[  186.757296][ T8833] loop0: detected capacity change from 0 to 256
[  186.765342][ T8833] exfat: Deprecated parameter 'namecase'
[  186.771447][ T8833] exfat: Deprecated parameter 'namecase'
[  186.779396][ T8833] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  186.795900][ T7275] ocfs2: Unmounting device (7,4) on (node local)
[  186.811124][ T8833] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  187.050420][ T8828] loop3: detected capacity change from 0 to 32768
[  187.147903][ T8828] read_mapping_page failed!
[  187.221180][  T110] read_mapping_page failed!
[  187.487884][ T8843] loop3: detected capacity change from 0 to 4096
[  187.608319][    T8] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  187.796406][ T8852] loop0: detected capacity change from 0 to 2048
[  187.813609][    T8] usb 5-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.846103][    T8] usb 5-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  187.862154][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  187.875070][    T8] usb 5-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00
[  187.885031][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.909387][ T8852] Alternate GPT is invalid, using primary GPT.
[  187.924169][    T8] usb 5-1: config 0 descriptor??
[  187.933325][ T8852]  loop0: p1 p2 p3
[  188.136931][ T5788] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  188.356767][ T5788] usb 4-1: Using ep0 maxpacket: 32
[  188.373065][ T5788] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.393986][ T5788] usb 4-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00
[  188.410765][    T8] uclogic 0003:5543:0005.000D: item 0 2 0 8 parsing failed
[  188.436356][ T5788] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.446026][    T8] uclogic 0003:5543:0005.000D: parse failed
[  188.458214][    T8] uclogic: probe of 0003:5543:0005.000D failed with error -22
[  188.471398][ T5788] usb 4-1: config 0 descriptor??
[  188.678212][    T8] usb 5-1: USB disconnect, device number 7
[  188.898259][ T5788] mcp2200 0003:04D8:00DF.000E: USB HID v0.00 Device [HID 04d8:00df] on usb-dummy_hcd.3-1/input0
[  189.140732][ T5819] usb 4-1: USB disconnect, device number 11
[  189.148418][ T8875] loop0: detected capacity change from 0 to 40427
[  189.188814][ T8875] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x7ffff
[  189.209428][ T8875] F2FS-fs (loop0): Image doesn't support compression
[  189.216254][ T8875] F2FS-fs (loop0): Image doesn't support compression
[  189.270224][ T8875] F2FS-fs (loop0): invalid crc value
[  189.313140][ T8875] F2FS-fs (loop0): Found nat_bits in checkpoint
[  189.376252][ T8892] loop4: detected capacity change from 0 to 1024
[  189.457433][ T8892] hfsplus: bad catalog entry type
[  189.467693][ T8875] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  189.540186][ T1050] hfsplus: b-tree write err: -5, ino 4
[  189.648926][ T5783] syz-executor: attempt to access beyond end of device
[  189.648926][ T5783] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  189.667981][ T5783] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  190.545423][   T27] kauditd_printk_skb: 1 callbacks suppressed
[  190.545438][   T27] audit: type=1326 audit(1757613666.217:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8928 comm="syz.0.1147" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2de4d8eba9 code=0x0
[  190.583530][ T8931] bridge_slave_0: default FDB implementation only supports local addresses
[  191.003290][ T8948] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1156'.
[  191.591061][ T8950] loop3: detected capacity change from 0 to 32768
[  191.623747][ T8968] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  191.656994][ T8968] CIFS mount error: No usable UNC path provided in device string!
[  191.656994][ T8968] 
[  191.668705][ T8968] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  191.696701][ T8950] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  191.841273][ T5784] (syz-executor,5784,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 76
[  191.906533][ T5784] ocfs2: Unmounting device (7,3) on (node local)
[  192.416102][ T8998] loop4: detected capacity change from 0 to 256
[  192.420332][ T9000] netlink: 'syz.2.1179': attribute type 3 has an invalid length.
[  192.435538][ T8998] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  192.463074][ T8998] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  192.514119][ T8998] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  192.907918][ T9005] netlink: 277 bytes leftover after parsing attributes in process `syz.4.1182'.
[  193.129182][ T9010] loop4: detected capacity change from 0 to 64
[  193.815332][ T9033] loop0: detected capacity change from 0 to 1024
[  193.879536][ T9033] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.945035][ T9033] CIFS: iocharset name too long
[  194.003402][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.157009][ T9042] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  194.163690][ T9042] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  194.178465][ T9042] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  194.185381][ T9042] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  194.469997][ T9054] loop3: detected capacity change from 0 to 4096
[  194.492796][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  194.524533][ T9054] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.799205][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.199566][ T9076] loop0: detected capacity change from 0 to 8192
[  195.237316][ T9076] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  195.265026][ T9076] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  195.316782][ T9076] REISERFS (device loop0): using ordered data mode
[  195.341826][ T9076] reiserfs: using flush barriers
[  195.383033][ T9076] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  195.432659][ T9076] REISERFS (device loop0): checking transaction log (loop0)
[  195.457850][ T9076] REISERFS (device loop0): Using r5 hash to sort names
[  195.529342][ T9089] loop4: detected capacity change from 0 to 4096
[  195.584307][ T9093] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1219'.
[  195.926032][ T9102] loop3: detected capacity change from 0 to 65
[  195.972068][ T9102] BFS-fs: bfs_fill_super(): NOTE: filesystem loop3 was created with 512 inodes, the real maximum is 511, mounting anyway
[  196.151302][ T9106] loop0: detected capacity change from 0 to 1024
[  196.233725][ T9106] hfsplus: bad catalog entry type
[  196.295123][   T58] hfsplus: b-tree write err: -5, ino 4
[  196.560863][ T5790] Bluetooth: hci2: command 0x0406 tx timeout
[  196.567026][ T5793] Bluetooth: hci0: command 0x0406 tx timeout
[  196.573178][ T5793] Bluetooth: hci3: command 0x0406 tx timeout
[  196.782958][ T9126] loop0: detected capacity change from 0 to 512
[  196.795856][ T9126] EXT4-fs (loop0): #blocks per group too big: 466944
[  196.977066][ T9133] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  196.977448][ T9132] IPVS: stopping backup sync thread 9133 ...
[  197.194253][ T9120] loop3: detected capacity change from 0 to 32768
[  197.274966][ T9120] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  197.480048][ T9120] XFS (loop3): Ending clean mount
[  197.683168][ T5784] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  198.310032][ T9176] loop3: detected capacity change from 0 to 64
[  199.044701][ T9207] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1271'.
[  199.096716][ T5819] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  199.296915][ T5819] usb 4-1: Using ep0 maxpacket: 16
[  199.304222][ T5819] usb 4-1: unable to get BOS descriptor or descriptor too short
[  199.324774][ T5819] usb 4-1: config 9 has an invalid interface number: 48 but max is 0
[  199.336730][ T5819] usb 4-1: config 9 has no interface number 0
[  199.342874][ T5819] usb 4-1: config 9 interface 48 has no altsetting 0
[  199.354829][ T5819] usb 4-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=f3.7b
[  199.366719][ T5819] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.374753][ T5819] usb 4-1: Product: syz
[  199.390575][ T5819] usb 4-1: Manufacturer: syz
[  199.395243][ T5819] usb 4-1: SerialNumber: syz
[  199.648268][ T5819] gspca_main: vc032x-2.14.0 probing 0ac8:c301
[  199.939118][ T9225] loop4: detected capacity change from 0 to 4096
[  199.963641][ T9225] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512).
[  200.053028][ T5819] gspca_vc032x: reg_w err -71
[  200.066286][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.082001][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.096739][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.102141][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.116602][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.121982][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.146637][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.148028][ T9225] overlayfs: upper fs does not support tmpfile.
[  200.160830][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.166212][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.187191][ T9225] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  200.206735][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.212082][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.237078][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.242427][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.252279][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.280843][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.286201][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.321276][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.330507][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.335859][ T5819] gspca_vc032x: I2c Bus Busy Wait 00
[  200.376672][ T5819] gspca_vc032x: Unknown sensor...
[  200.381855][ T5819] vc032x: probe of 4-1:9.48 failed with error -22
[  200.409709][ T5819] usb 4-1: USB disconnect, device number 12
[  202.159473][ T9279] loop3: detected capacity change from 0 to 32768
[  202.184956][ T9279] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  202.264438][ T9279] XFS (loop3): Ending clean mount
[  202.279400][ T9279] XFS (loop3): Quotacheck needed: Please wait.
[  202.364972][ T9279] XFS (loop3): Quotacheck: Done.
[  202.391663][ T9303] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1314'.
[  202.394162][   T28] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  202.528082][ T5784] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  202.651108][   T28] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  202.662303][   T28] usb 5-1: New USB device found, idVendor=0079, idProduct=1846, bcdDevice= 0.00
[  202.677783][   T28] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.696781][   T28] usb 5-1: config 0 descriptor??
[  202.853789][ T9309] loop0: detected capacity change from 0 to 32768
[  202.867141][ T9309] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.1318 (9309)
[  202.904070][ T9309] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  202.916446][ T9309] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  202.930256][ T9309] BTRFS info (device loop0): using free space tree
[  202.981320][ T9309] BTRFS info (device loop0): enabling ssd optimizations
[  202.988696][ T9309] BTRFS info (device loop0): auto enabling async discard
[  203.120626][   T28] hid_mf 0003:0079:1846.000F: item fetching failed at offset 5/7
[  203.129365][   T28] hid_mf 0003:0079:1846.000F: HID parse failed.
[  203.135698][   T28] hid_mf: probe of 0003:0079:1846.000F failed with error -22
[  203.153799][ T5783] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  203.284775][ T6035] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 10 /dev/loop0 scanned by udevd (6035)
[  203.338622][ T5819] usb 5-1: USB disconnect, device number 8
[  203.749344][ T9336] loop0: detected capacity change from 0 to 1024
[  203.902590][   T12] hfsplus: b-tree write err: -5, ino 4
[  204.484475][ T9360] loop4: detected capacity change from 0 to 1024
[  204.502236][ T9362] mmap: syz.3.1334 (9362) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  204.552451][ T9360] hfsplus: request for non-existent node 134217728 in B*Tree
[  204.586852][ T9360] hfsplus: request for non-existent node 134217728 in B*Tree
[  204.674914][ T9366] netlink: 'syz.3.1336': attribute type 1 has an invalid length.
[  205.062578][ T9384] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1345'.
[  206.041929][ T9389] loop4: detected capacity change from 0 to 40427
[  206.065279][ T9389] F2FS-fs (loop4): Mismatch start address, segment0(0) cp_blkaddr(512)
[  206.079995][ T9389] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  206.096117][ T9425] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1363'.
[  206.125779][ T9389] F2FS-fs (loop4): invalid crc value
[  206.137147][ T9425] tipc: Invalid UDP bearer configuration
[  206.137202][ T9425] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  206.160271][ T9389] F2FS-fs (loop4): Found nat_bits in checkpoint
[  206.303618][ T9389] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  206.322073][ T9389] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  206.944164][ T9451] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1374'.
[  207.353384][ T9466] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1381'.
[  207.609607][ T9472] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1384'.
[  208.366343][ T9501] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1398'.
[  208.402225][ T9501] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1398'.
[  208.450805][ T9503] loop3: detected capacity change from 0 to 2048
[  208.510097][ T9503] Alternate GPT is invalid, using primary GPT.
[  208.516385][ T9503]  loop3: p1 p2 p3
[  208.861587][ T5799] udevd[5799]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  208.863894][ T6035] udevd[6035]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  208.882196][ T8052] udevd[8052]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  209.026721][ T5875] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  209.216798][ T5875] usb 4-1: Using ep0 maxpacket: 16
[  209.226791][ T5875] usb 4-1: too many endpoints for config 0 interface 0 altsetting 109: 65, using maximum allowed: 30
[  209.252459][ T5875] usb 4-1: config 0 interface 0 altsetting 109 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.285051][ T5875] usb 4-1: config 0 interface 0 altsetting 109 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[  209.299545][ T5875] usb 4-1: config 0 interface 0 has no altsetting 0
[  209.306268][ T5875] usb 4-1: New USB device found, idVendor=172f, idProduct=0500, bcdDevice= 0.00
[  209.316782][ T5875] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.328157][ T5875] usb 4-1: config 0 descriptor??
[  209.716152][ T9539] loop4: detected capacity change from 0 to 256
[  209.726039][ T9539] exfat: Deprecated parameter 'namecase'
[  209.731886][ T9539] exfat: Deprecated parameter 'namecase'
[  209.741323][ T9539] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  209.755062][ T9539] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  209.761403][ T5875] waltop 0003:172F:0500.0010: unknown main item tag 0x0
[  209.796258][ T5875] waltop 0003:172F:0500.0010: unknown main item tag 0x0
[  209.803785][ T5875] waltop 0003:172F:0500.0010: unknown main item tag 0x0
[  209.811798][ T5875] waltop 0003:172F:0500.0010: unknown main item tag 0x0
[  209.819002][ T5875] waltop 0003:172F:0500.0010: unknown main item tag 0x0
[  209.832056][ T5875] waltop 0003:172F:0500.0010: hidraw0: USB HID v0.05 Device [HID 172f:0500] on usb-dummy_hcd.3-1/input0
[  210.028246][ T5875] usb 4-1: USB disconnect, device number 13
[  210.340860][   T27] audit: type=1326 audit(1757613686.017:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9555 comm="syz.4.1425" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7effca78eba9 code=0x0
[  211.516393][ T9573] loop4: detected capacity change from 0 to 64
[  211.555461][ T9573] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing
[  211.566246][  T785] IPVS: starting estimator thread 0...
[  211.666822][ T9576] IPVS: using max 22 ests per chain, 52800 per kthread
[  211.757685][ T5875] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  211.957166][ T5875] usb 4-1: config 0 has an invalid interface number: 168 but max is 0
[  211.973220][ T5875] usb 4-1: config 0 has no interface number 0
[  211.986445][ T5875] usb 4-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06
[  212.018418][ T5875] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.040858][ T5875] usb 4-1: config 0 descriptor??
[  212.191284][ T9599] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1444'.
[  212.274033][ T9571] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  212.304940][ T9571] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  212.338021][ T5798] Bluetooth: hci3: Malformed LE Event: 0x0d
[  212.346742][ T5875] usb 4-1: string descriptor 0 read error: -71
[  212.371881][ T5875] usb-storage 4-1:0.168: USB Mass Storage device detected
[  212.408459][ T5875] usb-storage 4-1:0.168: Quirks match for vid 05ab pid 0060: 2
[  212.480698][ T5875] usb 4-1: USB disconnect, device number 14
[  212.487480][ T9611] vivid-003: disconnect
[  212.494351][ T9610] vivid-003: reconnect
[  212.610404][ T9615] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  212.610404][ T9615]    program syz.4.1451 not setting count and/or reply_len properly
[  212.763875][ T9619] loop4: detected capacity change from 0 to 1024
[  212.797474][ T9619] EXT4-fs: Ignoring removed nomblk_io_submit option
[  212.872503][ T9619] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.103637][ T7275] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.117870][ T9635] option changes via remount are deprecated (pid=9634 comm=syz.3.1459)
[  213.358812][ T9646] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1464'.
[  213.804425][ T9663] netlink: 'syz.2.1471': attribute type 32 has an invalid length.
[  213.829994][ T9663] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1471'.
[  213.842751][ T9663] (unnamed net_device) (uninitialized): option coupled_control: mode dependency failed, not supported in mode balance-rr(0)
[  213.867928][ T9663] Zero length message leads to an empty skb
[  214.053421][ T9648] loop4: detected capacity change from 0 to 32768
[  214.076900][ T9648] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1465 (9648)
[  214.124555][ T9648] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  214.149883][ T9648] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  214.167920][ T9648] BTRFS info (device loop4): setting nodatasum
[  214.176397][ T9648] BTRFS info (device loop4): doing ref verification
[  214.184395][ T9648] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  214.196782][ T9648] BTRFS info (device loop4): trying to use backup root at mount time
[  214.204929][ T9648] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  214.217593][ T9648] BTRFS info (device loop4): trying to use backup root at mount time
[  214.264079][ T9648] BTRFS info (device loop4): using free space tree
[  214.285036][ T9648] workqueue: max_active 40574 requested for btrfs-worker is out of range, clamping between 1 and 512
[  214.303471][ T9648] workqueue: max_active 40574 requested for btrfs-delalloc is out of range, clamping between 1 and 512
[  214.342832][ T9648] workqueue: max_active 40574 requested for btrfs-endio is out of range, clamping between 1 and 512
[  214.358802][ T9648] workqueue: max_active 40574 requested for btrfs-endio-meta is out of range, clamping between 1 and 512
[  214.436020][ T9648] workqueue: max_active 40574 requested for btrfs-rmw is out of range, clamping between 1 and 512
[  214.577263][ T9648] workqueue: max_active 40574 requested for btrfs-endio-write is out of range, clamping between 1 and 512
[  214.617010][ T9648] workqueue: max_active 40574 requested for btrfs-compressed-write is out of range, clamping between 1 and 512
[  214.729495][ T9648] BTRFS info (device loop4): enabling ssd optimizations
[  214.758253][ T9648] BTRFS info (device loop4): auto enabling async discard
[  214.882252][ T9710] loop3: detected capacity change from 0 to 64
[  215.096965][ T9648] BTRFS info (device loop4): balance: start -susage=1,drange=3500..255,limit=21474836481,limit=1..5
[  215.129282][ T9648] BTRFS info (device loop4): left=0, need=98304, flags=2
[  215.142425][ T9648] BTRFS info (device loop4): space_info SYSTEM has 0 free, is not full
[  215.151558][ T9648] BTRFS info (device loop4): space_info total=4194304, used=4096, pinned=0, reserved=0, may_use=0, readonly=4190208 zone_unusable=0
[  215.165259][ T9648] BTRFS info (device loop4): global_block_rsv: size 1441792 reserved 1441792
[  215.174858][ T9648] BTRFS info (device loop4): trans_block_rsv: size 0 reserved 0
[  215.182606][ T9648] BTRFS info (device loop4): chunk_block_rsv: size 0 reserved 0
[  215.190345][ T9648] BTRFS info (device loop4): delayed_block_rsv: size 0 reserved 0
[  215.198967][ T9648] BTRFS info (device loop4): delayed_refs_rsv: size 0 reserved 0
[  215.320702][ T9648] BTRFS info (device loop4): relocating block group 1048576 flags system
[  215.353694][ T9648] BTRFS info (device loop4): balance: canceled
[  215.524728][ T7275] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  215.780868][ T9728] loop3: detected capacity change from 0 to 128
[  215.831523][ T9728] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  215.882882][ T9728] hpfs: filesystem error: improperly stopped
[  215.884126][ T9730] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  215.915643][ T9730] macsec1: entered promiscuous mode
[  215.916039][ T9728] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  215.997757][ T9728] hpfs: You really don't want any checks? You are crazy...
[  216.005414][ T9728] hpfs: hpfs_map_sector(): read error
[  216.026648][ T9728] hpfs: code page support is disabled
[  216.036294][ T9728] hpfs: hpfs_map_4sectors(): unaligned read
[  216.043993][ T9728] hpfs: hpfs_map_4sectors(): unaligned read
[  216.053092][ T9728] hpfs: filesystem error: unable to find root dir
[  217.260973][   T27] audit: type=1326 audit(1757613692.937:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.2.1527" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f58abf8eba9 code=0x0
[  217.283857][ T9776] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491
[  217.373932][ T9758] loop0: detected capacity change from 0 to 32768
[  217.411349][ T9758] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  217.482063][ T9792] pimreg: entered allmulticast mode
[  217.520247][ T9758] XFS (loop0): Ending clean mount
[  217.660086][ T5783] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  217.945333][ T9800] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1525'.
[  218.755430][ T9834] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1543'.
[  218.838390][ T9837] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  218.911079][ T9839] loop4: detected capacity change from 0 to 512
[  218.961632][ T9839] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  219.039922][ T9839] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  219.062634][ T9839] ext4 filesystem being mounted at /256/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  219.132274][ T9839] Quota error (device loop4): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-6
[  219.145033][ T9839] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  219.155268][ T9839] EXT4-fs error (device loop4): ext4_acquire_dquot:6940: comm syz.4.1546: Failed to acquire dquot type 0
[  219.183154][ T9849] loop0: detected capacity change from 0 to 4096
[  219.220795][ T9849] ntfs3: loop0: It is recommened to use chkdsk.
[  219.248102][ T7275] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  219.258202][ T9849] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00
[  219.280151][ T9849] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00
[  219.293018][ T9849] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00
[  219.314354][ T9849] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00
[  219.349352][ T9849] ntfs3: loop0: try to read out of volume at offset 0x3fffffc1c00
[  219.377777][ T9849] ntfs3: loop0: try to read out of volume at offset 0x3fffffc2c00
[  219.385698][ T9849] ntfs3: loop0: try to read out of volume at offset 0x3fffffc4c00
[  219.442133][ T9849] ntfs3: loop0: try to read out of volume at offset 0x3fffffc8c00
[  219.459062][ T9849] ntfs3: loop0: try to read out of volume at offset 0x3fffffd0c00
[  219.761785][ T9862] loop4: detected capacity change from 0 to 256
[  219.830965][ T9842] loop3: detected capacity change from 0 to 32768
[  219.872674][   T27] audit: type=1800 audit(1757613695.547:76): pid=9842 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1547" name="file1" dev="loop3" ino=4 res=0 errno=0
[  220.693296][ T9887] program syz.0.1568 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  220.913512][ T9873] loop4: detected capacity change from 0 to 32768
[  220.963262][ T9873] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  221.179586][ T9908] delete_channel: no stack
[  221.229274][ T9873] XFS (loop4): Ending clean mount
[  221.241707][ T9873] XFS (loop4): Quotacheck needed: Please wait.
[  221.302926][ T9873] XFS (loop4): Quotacheck: Done.
[  221.381249][ T9892] loop0: detected capacity change from 0 to 32768
[  221.427681][ T9892] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  221.444101][ T9892] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  221.482106][ T7275] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  221.486911][ T9892] BTRFS info (device loop0): using free space tree
[  221.703805][ T9892] BTRFS info (device loop0): enabling ssd optimizations
[  221.756806][ T9892] BTRFS info (device loop0): auto enabling async discard
[  221.956815][ T9892] fs-verity (loop0, inode 261): Unknown hash algorithm number: 0
[  222.083125][ T5783] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  222.157689][ T9938] loop4: detected capacity change from 0 to 4096
[  222.213689][ T9938] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.577247][ T7275] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.808705][ T9953] loop4: detected capacity change from 0 to 16
[  222.823404][ T9954] loop0: detected capacity change from 0 to 1024
[  222.848206][ T9953] erofs: (device loop4): mounted with root inode @ nid 36.
[  222.908257][ T9953] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  222.927994][ T9954] hfsplus: invalid extended attribute record
[  222.946717][ T9953] erofs: (device loop4): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  223.028180][   T12] hfsplus: b-tree write err: -5, ino 4
[  223.122789][ T1050] wlan1: Trigger new scan to find an IBSS to join
[  223.179736][ T9944] loop3: detected capacity change from 0 to 40427
[  223.284076][ T9944] F2FS-fs (loop3): Found nat_bits in checkpoint
[  223.415188][ T9944] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  223.497929][ T9944] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  223.556237][ T9944] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  223.578566][ T9975] tmpfs: Too few inodes for current use
[  224.168475][ T9987] loop4: detected capacity change from 0 to 2048
[  224.207035][ T9987] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  224.237981][ T9991] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  224.262990][ T9990] loop0: detected capacity change from 0 to 512
[  224.265150][ T9987] UDF-fs: error (device loop4): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376)
[  224.310893][ T9990] EXT4-fs (loop0): corrupt root inode, run e2fsck
[  224.319524][ T9990] EXT4-fs (loop0): mount failed
[  224.556122][ T9995] loop4: detected capacity change from 0 to 1024
[  224.730668][T10000] loop3: detected capacity change from 0 to 512
[  224.793035][T10000] EXT4-fs (loop3): orphan cleanup on readonly fs
[  224.813096][T10000] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  224.823325][T10000] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  224.879621][T10000] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.1607: attempt to clear invalid blocks 2 len 1
[  224.892923][T10002] loop0: detected capacity change from 0 to 4096
[  224.933920][T10000] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1607: invalid indirect mapped block 1819239214 (level 0)
[  224.999987][T10002] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.017520][T10000] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1607: invalid indirect mapped block 1819239214 (level 1)
[  225.091804][T10000] EXT4-fs (loop3): 1 truncate cleaned up
[  225.102530][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.118170][T10000] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  225.292235][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.398468][T10015] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  225.519373][ T5798] Bluetooth: hci1: command tx timeout
[  225.604131][T10022] loop4: detected capacity change from 0 to 1024
[  225.654106][   T12] hfsplus: b-tree write err: -5, ino 4
[  226.089312][T10034] netlink: 'syz.0.1623': attribute type 1 has an invalid length.
[  226.107967][T10034] netlink: 228 bytes leftover after parsing attributes in process `syz.0.1623'.
[  226.173626][T10036] loop4: detected capacity change from 0 to 2048
[  226.287901][T10036] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  227.571898][T10083] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1647'.
[  227.675263][T10065] loop4: detected capacity change from 0 to 32768
[  227.688566][T10065] XFS: ikeep mount option is deprecated.
[  227.736762][T10065] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  227.754119][T10093] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1650'.
[  227.798127][T10065] XFS (loop4): Ending clean mount
[  227.809108][T10065] XFS (loop4): Quotacheck needed: Please wait.
[  227.895286][T10065] XFS (loop4): Quotacheck: Done.
[  228.053018][ T7275] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  228.073452][   T27] audit: type=1326 audit(1757613703.747:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10101 comm="syz.3.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  228.082301][ T4468] wlan1: Trigger new scan to find an IBSS to join
[  228.147307][   T27] audit: type=1326 audit(1757613703.747:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10101 comm="syz.3.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  228.192474][   T27] audit: type=1326 audit(1757613703.797:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10101 comm="syz.3.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  228.221496][   T27] audit: type=1326 audit(1757613703.797:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10101 comm="syz.3.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  228.252110][   T27] audit: type=1326 audit(1757613703.797:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10101 comm="syz.3.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  228.280010][   T27] audit: type=1326 audit(1757613703.797:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10101 comm="syz.3.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  228.343106][   T27] audit: type=1326 audit(1757613703.797:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10101 comm="syz.3.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45b78eba9 code=0x7ffc0000
[  228.422911][T10114] loop3: detected capacity change from 0 to 64
[  228.687550][T10120] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1662'.
[  228.756125][T10122] loop3: detected capacity change from 0 to 4096
[  228.827058][T10123] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  229.099546][ T1050] wlan1: Creating new IBSS network, BSSID 32:44:0a:41:3a:30
[  229.307829][ T5875] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  229.475734][T10112] loop0: detected capacity change from 0 to 65536
[  229.489275][T10112] XFS: ikeep mount option is deprecated.
[  229.523330][T10112] XFS (loop0): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  229.536673][ T5875] usb 4-1: Using ep0 maxpacket: 16
[  229.550148][ T5875] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  229.567171][ T5875] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  229.581443][ T5875] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  229.596625][ T5875] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.606896][ T5875] usb 4-1: Product: syz
[  229.611102][ T5875] usb 4-1: Manufacturer: syz
[  229.647173][ T5875] usb 4-1: SerialNumber: syz
[  229.681043][T10112] XFS (loop0): Ending clean mount
[  229.702360][T10112] XFS (loop0): Quotacheck needed: Please wait.
[  229.821983][T10112] XFS (loop0): Quotacheck: Done.
[  229.895915][ T5875] usb 4-1: Audio class v2/v3 interfaces need an interface association
[  230.025006][ T5875] snd-usb-audio: probe of 4-1:1.0 failed with error -22
[  230.052924][ T5875] usb 4-1: USB disconnect, device number 15
[  230.055601][ T5783] XFS (loop0): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  230.116438][ T6035] udevd[6035]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  230.794410][T10179] netlink: 'syz.3.1683': attribute type 1 has an invalid length.
[  230.835603][T10179] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1683'.
[  231.013548][T10184] loop3: detected capacity change from 0 to 512
[  231.073773][T10188] syz.4.1688[10188] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  231.073908][T10188] syz.4.1688[10188] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  231.206348][T10184] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #16: comm syz.3.1686: corrupted inode contents
[  231.257476][T10184] EXT4-fs error (device loop3): ext4_dirty_inode:6106: inode #16: comm syz.3.1686: mark_inode_dirty error
[  231.294978][T10184] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #16: comm syz.3.1686: corrupted inode contents
[  231.365807][T10184] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.1686: mark_inode_dirty error
[  231.379544][T10184] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #16: comm syz.3.1686: corrupted inode contents
[  231.425956][T10184] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  231.426338][T10184] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #16: comm syz.3.1686: corrupted inode contents
[  231.431917][T10184] EXT4-fs error (device loop3): ext4_truncate:4288: inode #16: comm syz.3.1686: mark_inode_dirty error
[  231.438340][T10184] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  231.449041][T10184] EXT4-fs (loop3): 1 truncate cleaned up
[  231.450312][T10184] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.450426][T10184] ext4 filesystem being mounted at /432/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.474007][   T12] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  231.474198][   T12] EXT4-fs error (device loop3): ext4_release_dquot:6976: comm kworker/u4:1: Failed to release dquot type 1
[  231.612884][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.053212][T10216] netlink: 'syz.3.1699': attribute type 3 has an invalid length.
[  232.077112][T10216] netlink: 666 bytes leftover after parsing attributes in process `syz.3.1699'.
[  232.178713][T10220] loop4: detected capacity change from 0 to 256
[  232.338769][T10201] loop0: detected capacity change from 0 to 40427
[  232.364770][T10226] 9pnet_fd: p9_fd_create_unix (10226): problem connecting socket: ./file0: -111
[  232.381359][T10201] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  232.422823][T10201] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  232.492207][T10201] F2FS-fs (loop0): invalid crc value
[  232.571039][T10201] F2FS-fs (loop0): Found nat_bits in checkpoint
[  232.675930][T10201] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  232.693369][T10201] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  232.817568][    T8] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  232.846891][ T5783] syz-executor: attempt to access beyond end of device
[  232.846891][ T5783] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  232.865452][T10239] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1708'.
[  232.866754][ T5783] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  233.045313][    T8] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  233.066396][    T8] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  233.078488][    T8] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  233.106831][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  233.116836][    T8] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  233.125806][    T8] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  233.154710][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  233.168008][    T8] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  233.186629][    T8] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  233.217125][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  233.227774][    T8] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  233.246275][    T8] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  233.265099][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  233.297123][    T8] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  233.306173][    T8] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  233.337250][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  233.350088][    T8] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  233.360758][    T8] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  233.387534][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  233.395677][    T8] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  233.410909][    T8] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  233.442052][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  233.468090][    T8] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  233.492586][    T8] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  233.512550][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  233.533869][    T8] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  233.546801][    T8] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  233.564717][    T8] usb 5-1: Product: syz
[  233.576649][    T8] usb 5-1: Manufacturer: syz
[  233.581302][    T8] usb 5-1: SerialNumber: syz
[  233.588273][T10224] loop3: detected capacity change from 0 to 65536
[  233.602839][    T8] usb 5-1: config 0 descriptor??
[  233.633135][    T8] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  233.645921][T10224] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  233.675223][T10255] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1714'.
[  233.779265][T10224] XFS (loop3): Ending clean mount
[  233.797602][T10260] loop0: detected capacity change from 0 to 4096
[  233.830104][T10224] XFS (loop3): Quotacheck needed: Please wait.
[  233.900548][    T8] usb 5-1: USB disconnect, device number 9
[  233.915944][    T8] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  233.954902][T10224] XFS (loop3): Quotacheck: Done.
[  234.028550][T10260] ntfs3: loop0: ino=21, "file1" fiemap is not supported for compressed file (cp -r)
[  234.185289][ T5784] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  234.247752][T10268] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1719'.
[  234.877507][T10292] netlink: 'syz.4.1730': attribute type 2 has an invalid length.
[  234.886724][T10292] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1730'.
[  235.071507][T10298] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1733'.
[  235.437739][    C0] ==================================================================
[  235.445858][    C0] BUG: KASAN: slab-use-after-free in __xfrm_state_lookup+0x6b2/0x8d0
[  235.453958][    C0] Read of size 2 at addr ffff88805d5cc522 by task ksoftirqd/0/16
[  235.461693][    C0] 
[  235.464039][    C0] CPU: 0 PID: 16 Comm: ksoftirqd/0 Not tainted syzkaller #0
[  235.471346][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  235.481446][    C0] Call Trace:
[  235.484747][    C0]  <TASK>
[  235.487701][    C0]  dump_stack_lvl+0x16c/0x230
[  235.492416][    C0]  ? __lock_acquire+0x7c80/0x7c80
[  235.497469][    C0]  ? show_regs_print_info+0x20/0x20
[  235.502696][    C0]  ? load_image+0x3b0/0x3b0
[  235.507226][    C0]  ? __virt_addr_valid+0x469/0x540
[  235.512367][    C0]  print_report+0xac/0x220
[  235.516808][    C0]  ? __xfrm_state_lookup+0x6b2/0x8d0
[  235.522127][    C0]  kasan_report+0x117/0x150
[  235.526655][    C0]  ? __xfrm_state_lookup+0x6b2/0x8d0
[  235.531972][    C0]  __xfrm_state_lookup+0x6b2/0x8d0
[  235.537117][    C0]  ? slab_post_alloc_hook+0x8a/0x4d0
[  235.542445][    C0]  ? xfrm_state_lookup+0x1a0/0x1a0
[  235.547592][    C0]  xfrm_state_lookup+0xef/0x1a0
[  235.552469][    C0]  ? xfrm_state_lookup+0x36/0x1a0
[  235.557526][    C0]  xfrm_input+0x3d62/0x6a20
[  235.562066][    C0]  ? xfrm_policy_check+0x34f/0x870
[  235.567224][    C0]  tunnel64_rcv+0xd7/0x2c0
[  235.571675][    C0]  ip_protocol_deliver_rcu+0x20e/0x3f0
[  235.577168][    C0]  ? ip_local_deliver_finish+0x1cb/0x510
[  235.582842][    C0]  ip_local_deliver_finish+0x2ca/0x510
[  235.588340][    C0]  NF_HOOK+0x303/0x390
[  235.592454][    C0]  ? NF_HOOK+0x390/0x390
[  235.596727][    C0]  ? NF_HOOK+0x9b/0x390
[  235.600906][    C0]  ? ip_local_deliver+0x1b0/0x1b0
[  235.605957][    C0]  ? ip_rcv_finish_core+0xd8f/0x1bc0
[  235.611277][    C0]  ? NF_HOOK+0x390/0x390
[  235.615557][    C0]  ? ip_local_deliver+0x122/0x1b0
[  235.620619][    C0]  NF_HOOK+0x303/0x390
[  235.624725][    C0]  ? ip_rcv_core+0xdb0/0xdb0
[  235.629340][    C0]  ? NF_HOOK+0x9b/0x390
[  235.633518][    C0]  ? ip_local_deliver+0x1b0/0x1b0
[  235.638575][    C0]  ? ip_rcv_core+0xdb0/0xdb0
[  235.643189][    C0]  ? ip_local_deliver_finish+0x510/0x510
[  235.648857][    C0]  ? ip_local_deliver_finish+0x510/0x510
[  235.654512][    C0]  __netif_receive_skb+0xcc/0x290
[  235.659564][    C0]  ? process_backlog+0x2be/0x6e0
[  235.664535][    C0]  process_backlog+0x380/0x6e0
[  235.669338][    C0]  ? trigger_rx_softirq+0x60/0x60
[  235.674394][    C0]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  235.680402][    C0]  ? lock_chain_count+0x20/0x20
[  235.685279][    C0]  __napi_poll+0xc0/0x460
[  235.689641][    C0]  ? net_rx_action+0x374/0xbf0
[  235.694432][    C0]  net_rx_action+0x5ea/0xbf0
[  235.699057][    C0]  ? net_tx_action+0x950/0x950
[  235.703960][    C0]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  235.709981][    C0]  ? lock_chain_count+0x20/0x20
[  235.714855][    C0]  ? __schedule+0x14da/0x44d0
[  235.719564][    C0]  handle_softirqs+0x280/0x820
[  235.724351][    C0]  ? run_ksoftirqd+0x9c/0xf0
[  235.728978][    C0]  ? do_softirq+0x180/0x180
[  235.733512][    C0]  run_ksoftirqd+0x9c/0xf0
[  235.737951][    C0]  ? ksoftirqd_should_run+0x20/0x20
[  235.743172][    C0]  ? takeover_tasklets+0x810/0x810
[  235.748306][    C0]  ? takeover_tasklets+0x810/0x810
[  235.753457][    C0]  ? ksoftirqd_should_run+0x20/0x20
[  235.758686][    C0]  smpboot_thread_fn+0x635/0xa00
[  235.763931][    C0]  ? smpboot_thread_fn+0x50/0xa00
[  235.769001][    C0]  kthread+0x2fa/0x390
[  235.773096][    C0]  ? smpboot_unregister_percpu_thread+0x2a0/0x2a0
[  235.779541][    C0]  ? kthread_blkcg+0xd0/0xd0
[  235.784153][    C0]  ret_from_fork+0x48/0x80
[  235.788599][    C0]  ? kthread_blkcg+0xd0/0xd0
[  235.793207][    C0]  ret_from_fork_asm+0x11/0x20
[  235.798006][    C0]  </TASK>
[  235.801041][    C0] 
[  235.803383][    C0] Allocated by task 10083:
[  235.807813][    C0]  kasan_set_track+0x4e/0x70
[  235.812426][    C0]  __kasan_slab_alloc+0x6c/0x80
[  235.817306][    C0]  slab_post_alloc_hook+0x6e/0x4d0
[  235.822446][    C0]  kmem_cache_alloc+0x11e/0x2e0
[  235.827409][    C0]  xfrm_state_alloc+0x22/0x2a0
[  235.832896][    C0]  xfrm_add_acquire+0x105/0xaf0
[  235.837773][    C0]  xfrm_user_rcv_msg+0x596/0x870
[  235.842815][    C0]  netlink_rcv_skb+0x216/0x480
[  235.847602][    C0]  xfrm_netlink_rcv+0x79/0x90
[  235.852386][    C0]  netlink_unicast+0x751/0x8d0
[  235.857180][    C0]  netlink_sendmsg+0x8c1/0xbe0
[  235.861971][    C0]  ____sys_sendmsg+0x5bf/0x950
[  235.866855][    C0]  ___sys_sendmsg+0x220/0x290
[  235.871583][    C0]  __se_sys_sendmsg+0x1a5/0x270
[  235.876480][    C0]  do_syscall_64+0x55/0xb0
[  235.880940][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  235.887051][    C0] 
[  235.889430][    C0] Freed by task 10083:
[  235.893507][    C0]  kasan_set_track+0x4e/0x70
[  235.898143][    C0]  kasan_save_free_info+0x2e/0x50
[  235.903202][    C0]  ____kasan_slab_free+0x126/0x1e0
[  235.908351][    C0]  slab_free_freelist_hook+0x130/0x1b0
[  235.913843][    C0]  kmem_cache_free+0xf8/0x280
[  235.918562][    C0]  xfrm_add_acquire+0x1d3/0xaf0
[  235.923461][    C0]  xfrm_user_rcv_msg+0x596/0x870
[  235.928428][    C0]  netlink_rcv_skb+0x216/0x480
[  235.933228][    C0]  xfrm_netlink_rcv+0x79/0x90
[  235.937936][    C0]  netlink_unicast+0x751/0x8d0
[  235.942770][    C0]  netlink_sendmsg+0x8c1/0xbe0
[  235.947568][    C0]  ____sys_sendmsg+0x5bf/0x950
[  235.952368][    C0]  ___sys_sendmsg+0x220/0x290
[  235.957094][    C0]  __se_sys_sendmsg+0x1a5/0x270
[  235.961982][    C0]  do_syscall_64+0x55/0xb0
[  235.966426][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  235.972354][    C0] 
[  235.974688][    C0] The buggy address belongs to the object at ffff88805d5cc400
[  235.974688][    C0]  which belongs to the cache xfrm_state of size 848
[  235.988679][    C0] The buggy address is located 290 bytes inside of
[  235.988679][    C0]  freed 848-byte region [ffff88805d5cc400, ffff88805d5cc750)
[  236.002506][    C0] 
[  236.004842][    C0] The buggy address belongs to the physical page:
[  236.011326][    C0] page:ffffea0001757300 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5d5cc
[  236.021488][    C0] head:ffffea0001757300 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  236.030439][    C0] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  236.038452][    C0] page_type: 0xffffffff()
[  236.042802][    C0] raw: 00fff00000000840 ffff888145e50500 dead000000000122 0000000000000000
[  236.051412][    C0] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  236.060014][    C0] page dumped because: kasan: bad access detected
[  236.066449][    C0] page_owner tracks the page as allocated
[  236.072176][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 7004, tgid 7003 (syz.2.482), ts 115848187873, free_ts 115380591538
[  236.092871][    C0]  post_alloc_hook+0x1cd/0x210
[  236.097669][    C0]  get_page_from_freelist+0x195c/0x19f0
[  236.103258][    C0]  __alloc_pages+0x1e3/0x460
[  236.107880][    C0]  alloc_slab_page+0x5d/0x170
[  236.112590][    C0]  new_slab+0x87/0x2e0
[  236.116688][    C0]  ___slab_alloc+0xc6d/0x1300
[  236.121391][    C0]  kmem_cache_alloc+0x1b7/0x2e0
[  236.126271][    C0]  xfrm_state_alloc+0x22/0x2a0
[  236.131070][    C0]  xfrm_add_sa+0xfe5/0x30a0
[  236.135596][    C0]  xfrm_user_rcv_msg+0x596/0x870
[  236.140557][    C0]  netlink_rcv_skb+0x216/0x480
[  236.145352][    C0]  xfrm_netlink_rcv+0x79/0x90
[  236.150065][    C0]  netlink_unicast+0x751/0x8d0
[  236.154852][    C0]  netlink_sendmsg+0x8c1/0xbe0
[  236.159733][    C0]  ____sys_sendmsg+0x5bf/0x950
[  236.164527][    C0]  ___sys_sendmsg+0x220/0x290
[  236.169243][    C0] page last free stack trace:
[  236.173930][    C0]  free_unref_page_prepare+0x7ce/0x8e0
[  236.179426][    C0]  free_unref_page+0x32/0x2e0
[  236.184132][    C0]  free_large_kmalloc+0x101/0x1a0
[  236.189196][    C0]  bpf_check+0x62c6/0xe970
[  236.193640][    C0]  bpf_prog_load+0x11cb/0x16d0
[  236.198430][    C0]  __sys_bpf+0x55a/0x800
[  236.202697][    C0]  __x64_sys_bpf+0x7c/0x90
[  236.207139][    C0]  do_syscall_64+0x55/0xb0
[  236.211581][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  236.217508][    C0] 
[  236.219856][    C0] Memory state around the buggy address:
[  236.225501][    C0]  ffff88805d5cc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  236.233671][    C0]  ffff88805d5cc480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  236.241761][    C0] >ffff88805d5cc500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  236.249847][    C0]                                ^
[  236.254977][    C0]  ffff88805d5cc580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  236.263061][    C0]  ffff88805d5cc600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  236.271141][    C0] ==================================================================
[  236.279259][    C0] vkms_vblank_simulate: vblank timer overrun
[  236.285379][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  236.292593][    C0] CPU: 0 PID: 16 Comm: ksoftirqd/0 Not tainted syzkaller #0
[  236.299902][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  236.309977][    C0] Call Trace:
[  236.313276][    C0]  <TASK>
[  236.316218][    C0]  dump_stack_lvl+0x16c/0x230
[  236.320936][    C0]  ? show_regs_print_info+0x20/0x20
[  236.326164][    C0]  ? load_image+0x3b0/0x3b0
[  236.330709][    C0]  panic+0x2c0/0x710
[  236.334646][    C0]  ? bpf_jit_dump+0xd0/0xd0
[  236.339180][    C0]  ? _raw_spin_unlock_irqrestore+0xa9/0x110
[  236.345101][    C0]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  236.351022][    C0]  ? _raw_spin_unlock+0x40/0x40
[  236.355937][    C0]  ? print_memory_metadata+0x314/0x400
[  236.361420][    C0]  ? __xfrm_state_lookup+0x6b2/0x8d0
[  236.366730][    C0]  check_panic_on_warn+0x84/0xa0
[  236.371807][    C0]  ? __xfrm_state_lookup+0x6b2/0x8d0
[  236.377123][    C0]  end_report+0x6f/0x140
[  236.381397][    C0]  kasan_report+0x128/0x150
[  236.385928][    C0]  ? __xfrm_state_lookup+0x6b2/0x8d0
[  236.391246][    C0]  __xfrm_state_lookup+0x6b2/0x8d0
[  236.396388][    C0]  ? slab_post_alloc_hook+0x8a/0x4d0
[  236.401714][    C0]  ? xfrm_state_lookup+0x1a0/0x1a0
[  236.406863][    C0]  xfrm_state_lookup+0xef/0x1a0
[  236.411746][    C0]  ? xfrm_state_lookup+0x36/0x1a0
[  236.416812][    C0]  xfrm_input+0x3d62/0x6a20
[  236.421354][    C0]  ? xfrm_policy_check+0x34f/0x870
[  236.426502][    C0]  tunnel64_rcv+0xd7/0x2c0
[  236.430952][    C0]  ip_protocol_deliver_rcu+0x20e/0x3f0
[  236.436444][    C0]  ? ip_local_deliver_finish+0x1cb/0x510
[  236.442106][    C0]  ip_local_deliver_finish+0x2ca/0x510
[  236.447600][    C0]  NF_HOOK+0x303/0x390
[  236.451701][    C0]  ? NF_HOOK+0x390/0x390
[  236.455976][    C0]  ? NF_HOOK+0x9b/0x390
[  236.460163][    C0]  ? ip_local_deliver+0x1b0/0x1b0
[  236.465222][    C0]  ? ip_rcv_finish_core+0xd8f/0x1bc0
[  236.470543][    C0]  ? NF_HOOK+0x390/0x390
[  236.474813][    C0]  ? ip_local_deliver+0x122/0x1b0
[  236.479867][    C0]  NF_HOOK+0x303/0x390
[  236.483971][    C0]  ? ip_rcv_core+0xdb0/0xdb0
[  236.488589][    C0]  ? NF_HOOK+0x9b/0x390
[  236.492779][    C0]  ? ip_local_deliver+0x1b0/0x1b0
[  236.497829][    C0]  ? ip_rcv_core+0xdb0/0xdb0
[  236.502452][    C0]  ? ip_local_deliver_finish+0x510/0x510
[  236.508120][    C0]  ? ip_local_deliver_finish+0x510/0x510
[  236.513785][    C0]  __netif_receive_skb+0xcc/0x290
[  236.518843][    C0]  ? process_backlog+0x2be/0x6e0
[  236.523829][    C0]  process_backlog+0x380/0x6e0
[  236.528634][    C0]  ? trigger_rx_softirq+0x60/0x60
[  236.533691][    C0]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  236.539707][    C0]  ? lock_chain_count+0x20/0x20
[  236.544595][    C0]  __napi_poll+0xc0/0x460
[  236.548997][    C0]  ? net_rx_action+0x374/0xbf0
[  236.553797][    C0]  net_rx_action+0x5ea/0xbf0
[  236.558428][    C0]  ? net_tx_action+0x950/0x950
[  236.563224][    C0]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  236.569247][    C0]  ? lock_chain_count+0x20/0x20
[  236.574130][    C0]  ? __schedule+0x14da/0x44d0
[  236.578844][    C0]  handle_softirqs+0x280/0x820
[  236.583645][    C0]  ? run_ksoftirqd+0x9c/0xf0
[  236.588262][    C0]  ? do_softirq+0x180/0x180
[  236.592798][    C0]  run_ksoftirqd+0x9c/0xf0
[  236.597240][    C0]  ? ksoftirqd_should_run+0x20/0x20
[  236.602471][    C0]  ? takeover_tasklets+0x810/0x810
[  236.607609][    C0]  ? takeover_tasklets+0x810/0x810
[  236.612749][    C0]  ? ksoftirqd_should_run+0x20/0x20
[  236.617975][    C0]  smpboot_thread_fn+0x635/0xa00
[  236.622993][    C0]  ? smpboot_thread_fn+0x50/0xa00
[  236.628057][    C0]  kthread+0x2fa/0x390
[  236.632144][    C0]  ? smpboot_unregister_percpu_thread+0x2a0/0x2a0
[  236.638591][    C0]  ? kthread_blkcg+0xd0/0xd0
[  236.643209][    C0]  ret_from_fork+0x48/0x80
[  236.647649][    C0]  ? kthread_blkcg+0xd0/0xd0
[  236.652255][    C0]  ret_from_fork_asm+0x11/0x20
[  236.657059][    C0]  </TASK>
[  236.660373][    C0] Kernel Offset: disabled
[  236.664755][    C0] Rebooting in 86400 seconds..