last executing test programs:

6m58.209032561s ago: executing program 2 (id=376):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x9, @none}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4)

6m57.517856099s ago: executing program 2 (id=381):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x283a2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000200)=0x12)
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x800c5012, &(0x7f0000000040))

6m56.599326881s ago: executing program 2 (id=385):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x22802, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xe)
ioctl$TIOCSSOFTCAR(r0, 0x541a, 0x0)

6m55.955766535s ago: executing program 2 (id=390):
syz_mount_image$exfat(&(0x7f0000000b80), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000080)={[{@utf8}, {@discard}, {@namecase}, {}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@keep_last_dots}, {@sys_tz}, {@dmask={'dmask', 0x3d, 0x5}}]}, 0x1, 0x1534, &(0x7f0000002d00)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm8SyyRJLklySZIkSXJLSJrkSEJiyC1pSJJch+QyhOQyMWnc7/dLQpI0SRKSW7L+H8Vfnep3zvmdfjmfM8/383k/1jNrP2s/+33ey94b83WnwdUb1qhSn4jg34I//5EMALEA0B8ArgKAAADKxJeJPz+fU2Lyv7cT9ud6MO1yV8AuJ+5/9sb9z964/9kb9z974/5nb9z/7I37n71x/xnLzjZOLXA1P7Lvg+////er+4cz/P3/XySr5OjPV5e8tjNAzD+bwv3P3rj//7WCf2Yj7n/2xv3PrmIvdwHsPwC//7ODHH84w/3P3rj/jGVnl/v+8+V+QCR7PweX+/XHGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYyx7OOUvUQBwcXy562KMMcYYY4wxxtifx+e43BUwxhhjjDHGGGPs/x6CAAkKAoiBHBALOSEOBABcCbnhKojA1RAP10AeuBbyQj7IDwUgAQpCIdBgwAJBCIWhCEThOigK10MxuAGKQwlwUBIS4UYoBTdBabgZysAtUBZuhXJQHipARbgNKsHtUBnugCpwJ1SFalAdasBdUBPuhlpwD9SGe6EO3Ad14X6oBw9AfXgQGsBD0BAehkbwCDSGJtAUmkHz/1X+89ANXoDu0AOSoSf0ghehN/SBvtAP+sNLMABehoHwCqTAIBgMr8IQeA2GwuswDN6A4fAmjICRMApGwxgYC6kwDsbDWzAB3oaJMAkmwxRIg6kwDd6B6TADZsK7MAveg9kwB+bCPEiH92E+LIAM+AAWwoeQCYtgMSyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22w0ewAz6GnbALdsMnsAc+/RfzT/5dfmcEBBQoUKHCGIzBWIzFOIzDXJgLc2NujGAE4zEe82AezIt5MT/mxwRMwEJYCA0aJCQsjIUxilEsikWxGBbD4lgcHTpMxEQshTdhaSyNZbAMlsWyWA7LY3msiBWxElbCylgZq2AVrIpVsTpWx7vwLuyJtbAW1sbaWAfrXLw9hfWxPjbABtgQG2IjbISNsTE2xabYHJtjC2yBLbEltsbW2AbbYFtsi0mYhO2wHbbH9tgBO2BH7IidsBN2xi7YJev5HIAv4AvYA6uKntgLe2FvTMnRF/thP3wJB+DL+DK+gik4CAfjq/gqvoZD8QQOwzdwOA7HSmIkjsLRSGIspmIqjsfxOAEn4ESchJNwCqbhVJyG03A6zsAZ+C7OwvfwPZyDc3AepmM6zscFmIEZuBBPYiYuwsW4BJfiMlyKK3AlrsDVuAZX4zpchxtwA27CTbgFt+A23AYfoQLAj3EX7sIU3IN7cC/uxX24D/fjfszCLDyAB/AgHsRDeAgP42E8gkfxGB7F43gcT+BJPIWn8AyewbP4bMKXDT66YVUKiPOUUCJGxIhYESviRJzIJXKJ3CK3iIiIiBfxIo/II/KKvCK/yC8SRIIoJAoJI4wgEcYAgIiKqCgqiopiopgoLooLJ5xIFImilCglSovSooy4RZQVt4pyorxo5SqKiqKSaO0qiztEFVFFVBXVRHVRQ9QQNUVNUUvUErVFbVFH1BF1xf2inuiJffFBcb4zDcUgbCQGY2PRRMgLn2AtxFBsKVqJ1uJx8QYOw7aihUsST4l2YhS2F38To/EZ0VGMxU7iOdFZdBFdxfOim2jpuoseYiL2FL3EFOwt+oi+op+YjtXEuzgrZ3XxikgRg8Rg8aqYh6+JoeJ1MeynI31TjBAjxSgxWowRY0WqGCfGi7fEBPG2mCgmicliikgTU8U08Y6YLmaImeJdMUu8J2aLOWKumCfSxftivlggMsQHYqH4UGSKRWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrv4SOwQH4udYpfYLT4Re8SnYq/4TOwTn4v94guRJb4UB8RX4qD4WhwS34jD4ltxRBwVx8R34rj4XpwQJ8UpcVqcET+Is+JHcU54ARKlkFIqGcgYmUPGypwyTl4hc8ngwrN7tYyX18g88lqZV+aT+WUBmSALykJSSyOtJBnKwrKIjMrrZFF5vSwmb5DFZQnpZEmZKG+UpeRNsrS8WZaRt8iy8lZZTpaXFWRFeZusJG+XEPl5H1VlNVld1pB3yWS4W9aS98ja8l5ZR94n68r7ZT35gKwvH5QN5EOyoXxYNpKPyMayiWwqm8nm8lHZQj4mW8pWsrV8XLaRT8i28kmZJJ+S7aS/8BJ5RnaUz8pO8jnZWXaRXeWP8pz0srvsIaEnyF7yRdlb9pF9ZT/ZX74kB8iX5UD5ikyRg+Rg+aocIl+TQ+Xrcph8Qw6Xb8oRcqQcJUfLMXKsTJXj5Hj5lpwg35YT5SQ5WU6RaXKq7HthpZlS/sP8t34nf+BPe98gN8pNcrPcIrfKbXK7/EjukDvkTrlT7pa75R65R+6Ve+U+uU/ul/tllsySB+QBeVAelIfkIXlYHpZH5FF5Wn4nj8vv5Ql5Up6Up+UZeUaevfAcgEIllFRKBSpG5VCxKqeKU1eoXOpKlVtdpSLqahWvrlF51LUqr8qn8qsCKkEVVIWUVkZZRSpUhVURFVXX4YUXjCquSiinSqpEdeO/kq+KqutVMXXDr/Iv1pf8B/U1V81VC9VCtVQtVWvVWrVRbVRb1VYlqSTVTrVT7VV71UF1UB1VR9VJdVKdVWfVVXVV3VQ31V11V8kqWfVSL6reqo/qq/qp/uolNUANUAPVQJWiUtRgNVgNUUPUUDVUDVPD1HA1XI1QI9QoNUqNUWNUqkpV49V4NUFNUBPVRDVZTVZpKk1NU9PUdDVdzVQz1Sw1S81Ws9VcNVelq3Q1X81XGSpDLVQLVaZapBapJWqJWqaWqRVqhVqlVqk1ao1ap9apTLVRbVSb1Wa1VW1V29V2tUPtUDvVTrVb7VZ71B61V+1V+9Q+tV/tV1kqSx1QB9RBdVAdUofUYXVYHVFH1DF1TB1Xx9UJdUKdUqfUGXVGnVVn1Tl17vxpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4Nogb5AvyB8UCBKCgkGhQAcmsIG40PRocF1QNLg+KBbcEBQPSgQuKBkkBjcGpYKbgtLBzUGZ4JagbHBrUC4oH1QIKga3BZWC24PKwR1BleDOoGpQLage1AjuCmoGdwe1gnuC2sG9QZ3gvqBucH9QL3ggqB88GDQIHgoaBg8HjYJHgsZBk6Bp0Cxo/qeu7/2JfI+57rqHTtY9dS/9ou6t++i+up/ur1/SA/TLeqB+RafoQXqwflUP0a/pofp1PUy/oYfrN/UIPVKP0qP1GD1Wp+pxerx+S0/Qb+uJepKerKfoND1VT9Pv6Ol6hp6p39Wz9Ht6tp6j5+p5Ol2/r+frBTpDf6AX6g91pl6kF+sleqleppfrFXqlXqVX6zV6rV6n1+sNeqPepDfrLXqr3qa364/0Dv2x3ql36d36E71Hf6r36s/0Pv253q+/0Fn6S31Af6UP6q/1If2NPqy/1Uf0UX1Mf6eP6+/1CX1Sn9Kn9Rn9gz6rf9TntD9/cn/+690oo0yMiTGxJtbEmTiTy+QyuU1uEzERE2/iTR6Tx+Q1eU1+k98kmARTyBQy55EhU9gUNlETNUVNUVPMFDPFTXHjjDOJJtGUMqVMaVPalDFlTFlT1pQz5UwFU8HcZm4zt5vbzR3mDnOnudNUM9VMDVPD1DQ1TS1Ty9Q2tU0dU8fUNXVNPVPP1Df1TQPTwDQ0DU0j08g0No1NU9PUNDfNTQvTwrQ0LU1r09q0MW1MW9PWJJkk0860M+1Ne9PBdDAdTUfTyXQynU1n09V0Nd1MN9PddDfJJtn0Mr1Mb9Pb9DV9TX/T3wwwA8xAM9CkmBQz2Aw2Q8wQM9QMNcPMG2b4+RNVM9KMMqPNGDPWpJpUM96MNxPMBDPRTDSTzWSTZtLMNDPNTDfTzUwz08wys8xsM9vMNXNNukk38818k2EyzEKz0GSaTLPYLDZLzVKz3Cw3K81Ks9qsNmthrVlv1puNZqPZbDabrWar2W62mx1mh9lpdprdZrfZY/aYvWav2Wf2mf1mv8kyWeaAOWAOmoPmkDlkDpvD5og5Yo6ZY+a4OW5OmBPmlDllzph8F74vvYm1OW2cvcLmslfa3PYq+/dxflvAJtiCtpDVNq/N96vYWGuL2RtscVvCOlvSJtobfxOXs+VtBVvR3mYr2dtt5d/ENe3dtpa9x9a299oa9q5fxXXsfbaufdjWQwSwTWwD28w2tA/bRvYR29g2sU1tM9vGPmHb2idtkn3KtrNP/yaebxfYlXaVXW3X2J12lz1lT9uD9mt7xv5gu9setr99yQ6wL9uB9hWbYgf9Jh5u37Qj7Eg7yo62Y+zY38ST7RSbZqfaafYdO93O+E2cbt+3s2yGnW3n2Ll23k/x+Zoy7Ad2of3QZtoAFtsldqldZpfbFf+/1iV2nV1vN9gd9mO72W6xW+02u/3iibDdZXfbT+we+6k9YL+y++zndr89ZLPslz/F54/vkP3GHrbf2iP2qD1mv7PH7ffqp9yRvQHsD/Y7+6M9Z70FQgKSpCigGMpBsZST4ugKykVXUm66iiJ0NcXTNZSHrqW8lI/yUwFKoIJUiDQZskQUUmEqQlG6ji6WV5xKkKOSlEg3Uim6iUrTzVSGbqGydCuVo/JUgSrSbVSJbqfKdAdVoTupKlWj6lSD7qKadDfVonuoNt1Ldeg+qkv3Uz16gOrTg9SAHqKG9DA1okeoMTWhptSMmtOj1IIeo5bUilrT49SGnqC29CQl0VPUjp6m9vQ36kDPUEd6ljrRc9SZulBXep660QvUnXpQMvWkXvQi9aY+1Jf6UX96iQbQyzSQXqEUGkSD6VUaQq/RUHqdhtEbNJzepBE0kkbRaBpDYymVxtF4eosm0Ns0kSbRZJpCaTSVptE7NJ1m0Ex6l2bRezSb5tBcmkfp9D7NpwWUQR/QQvqQMmkRLaYltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lbbRdvqIdtDHtJN20W76hPbQp7SXPqN99Dntpy8oi76kA/QVHaSv6RB943vQt3SEjtIx+o6O0/d0gk7SKTpNZ+gHOks/0jnyBCGGIpShCoMwJswRxoY5w7jwijBXeGWYO7wqjIRXh/HhNWGe8Nowb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGw+vCouH1YbEQw+JhidCFJcPE8MawVHhTWDq8OSwT3hKWDW8Ny4Xlw4fvrRjeFlYKbw8rh3eEVcI7w6phtbB6WCO8K6wZ3h3WCu8Ja4f3hqXD+8K64f1hvfCBsH74YNggfChsGD4cNgofCRuHTcKmYbOwefho2CJ8LGwZtgpbh4+HbcInwrbhk2FS+FTYLnz6p/n7FvzxfHLYM+wVvhi+GHp/j5wbnRdNj74fnR9dEM2IfhBdGP0wmhldFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10f3RD1vkYOcOiEk065wMW4HC7W5XRx7gqXy13pcrurXMRd7eLdNS6Pu9bldflcflfAJbiCrpDTzjjryIWusCviou46V9Rd74q5G1xxV8I5V9IlumauuWvuWrjHXEvXyrV2j7vH3RPuCfeke9I95dq5p1179zfXwT3jOrpn3bPuOdfZdXFd3fOumxuX++f3ZLLr5Xq53q636+v6uv6uvxvgBriBbqBLcSlusBvshrghbqgb6oa5YW64G+5GuBFulBvlxrgxLtWluvFuvJvgJriJbqKb7Ca7NJfmprlpbrqb7irN+Hkvs91sN9fNdeku3c13588ZM9xCt9Bluky32C12S91St9wtdyvdSrfarXZr3Vq33q13G91Gt9ltdlvdVrfdbXc73A6301/186Juj9vr9rp9bp/b775wWe5Ld8B95Q66r90h94077L51R9xRd8x95467790Jd9KdcqfdGfeDO+t+dOecd6mRcZHxkbciEyJvRyZGJkUmR6ZE0iJTI9Mi70SmR2ZEZkbejcyKvBeZHZkTmRuZF0mPvB+ZH1kQyYh8EFkY+TCSGVkUWRxZElkaWRbxvuDm0Bf2RXzUX+eL+ut9MX+DL+5LeOdL+kR/oy/lb/Kl/c2+jL/Fl/W3+nK+vK/gH/GNfRPf1Dfzzf2jvoV/zLf0rXxr/7hv45/wbf2TPsk/5dv5p317/zffwT/jO/pnfSf/nO/su/iu/nnfzb/gu/sePtn39L38i7637+P7+n6+v3/JD/Av+4H+FZ/iB/nB/lU/xL/mh/rX/TD/hh8e86YfcfESGcb6VD/Oj/dv+Qn+bT/RT/KT/RSf5qf6af4dP93P8DP9u36Wf8/P9nP8XD/Pp/v3/Xy/wGf4D/xC/6HP9Isu3lT2y/0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9R36H/9jv9Lv8bv+J3+M/9Xv9Z36f/9zv91/4LP+lP+C/8gf91/6Q/8Yf9t/6I/6oP+a/88f99/6EP+lP+dP+jP/Bn/U/+nP8f9YYY4wxxv4p4y4Nxa9nfr6d3/N3csQvNu4FAFduKZD1y/nzZ5Rr8/487iMS2kQA4KkenR68+KhaNTk5+cK2mRKCInMALv5N0HkxcCleBK3hCUiCVlDqd+vvI7qcoX+wfvQWgLhf5MTCpfjS+p8BYPLvrP/o48Pnlw1Pxf8P688BKFbkUk5OuBQvgtY/3V9pBaX/oP58LX5Zf+xv18/5eSpAy1/k5IJL8aX6E+ExeBqSfrUlY4wxxhhjjDH2sz6iQoeL158X/8Xn712fJ6hLOTngUvyPrs8ZY4wxxhhjjDF2+T3TpeuTjyYlterwrw8q/6+y/ulBI/i/WvkvGdzxn1HGvzDwHuDiTxQA/JsLApwfyL/yKDb9JftKufDW+fuppad9AP8ZrfwzBpf5g4kxxhhjjDH2p7t00v/rn6vLVRBjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZYN/RW/TuyX++tx+Q6VMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu2z+XwAAAP//dMcCKA==")
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='devpts\x00', 0x0, 0x0)
mount$binder(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0xe2ca6, 0x0)

6m54.853098793s ago: executing program 2 (id=395):
r0 = syz_io_uring_setup(0x48ba, &(0x7f0000000000)={0x0, 0xfffffffc, 0x1000, 0x0, 0x333}, &(0x7f0000000080), &(0x7f0000ff4000))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c832, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r0, 0x1e, &(0x7f00000000c0)={r0}, 0x1)

6m53.193442811s ago: executing program 2 (id=403):
unshare(0x24060400)
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f00000004c0)=0x120, 0x4)

6m51.460862206s ago: executing program 32 (id=403):
unshare(0x24060400)
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f00000004c0)=0x120, 0x4)

2m0.94144693s ago: executing program 3 (id=1754):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@bridge_dellink={0x34, 0x13, 0x5, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x850}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x4, 0x0, 0x1, {0xc, 0x8, 0x0, 0x1, [{0x8, 0x2, 0x0, 0x0, 0x10000}]}}]}]}, 0x34}}, 0x0)

2m0.188907733s ago: executing program 3 (id=1758):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x1c, r0, 0x1, 0xfffffffe, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)

1m59.550318826s ago: executing program 3 (id=1762):
syz_mount_image$erofs(&(0x7f0000001240), &(0x7f0000000200)='./file0\x00', 0x2800080, &(0x7f0000001280)=ANY=[], 0xff, 0x20d, &(0x7f0000001000)="$eJzsmb9rFEEUx78zu/cjQQQbCxsLD4xo9nb3VIKQIoK9EDXa5TBriG5yYW/VS8Ai2NhYWgi2/gMWFqks7OxstdCAYGE67Q5GZnZ2d9i7PTzxziLvA3n5zts3M29n2e/BHQiCOLIcfP315fnVhRsXABxDAzWd/27lNdyo//zy4fkXi9devfn0+v3W8Sf7xfVqY+4vt3m3ZCHGjBoLIYR5vaEis2UXDZ27CY5zWq8YM1bBcUvnAzDc0fq+oTszWoSBc7cTrt3bCANXBk8GX4aWub8N4HCPYQ1AXffHjOvdnd0H7TAMoq6ViiRTEek+UV7zd2LU+an+ljgW9Vj2J5/X7WdP9+TY0XnXOD8PHJ7WLTAsa72AGhzHyY/EuP9Tdr6+NfT+JyWsYqZXqFk9KJt+Yn6Sjf0jUZnCGU5AMKSZ+qjilUf/v9WiYMWMfKGzzMnD/Q+Ds7796RY/t5MXY9iJTeuVKQhlXAAGLn2czTOpcY+zclXPGVqT+5N077OGP9mwM/9oxpvbze7O7vzGZns9WA+2fL912b3oupf8pjKiJA74Xj/zv7ryp1lj/UqJV1ZZFb12HEdeD4gjLxv7STQcd/lt54eaw5X/ccydSdaQD1HddskHHdN/XP1nfYE5q6QdgiAIgiAIgiAIgiAIgiCIMTkNpr4F1T9UiQKAuPJYCOFfV9W/AwAA//+VV18P")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x80000, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020660b, &(0x7f0000000000)={0x10, 0x5, 0x0, 0x1000})

1m58.575996259s ago: executing program 3 (id=1766):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x901095, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x202)

1m57.735020273s ago: executing program 3 (id=1770):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000200)='source', &(0x7f00000002c0)='\\/\xe9\x838\x9d<\f\x91\a\xd4$\xae$\x91&6n @\xf4M\xba\xf2<\xd6A\xdb\xd7\xbeY@g\xcc\xca\n@\x06\xa3\xfe%\x02\x96\xb7b\xa7\x15R.\xa3`fd\xdc\x8b\x18rBl{\x82\xda\xbeA\x17\n\f\xcd=\'\x11\x1bZ\x8e\xa1\xc3j$v\xefw\x96/\xff\xa2\xfc\xe3\xb8\xc7\x0f\xaaQ\x98F*T\xd5\xcd4g+\xbd\xd1\xe0R\x9d\x18\x19a:\xa2\xdf\xbe\x8b\x89\x81', 0x0)

1m56.872876249s ago: executing program 3 (id=1774):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f0000000240)='./file1\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x81, 0x14fc, &(0x7f0000001480)="$eJzs3AuUjlXbOPB97b1vxjTpaZLDsK993TxpsE2S5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDR5pUmSkJCw/0vv+356v97v6/3W2/+z1jfXb629Zl9zP9f1XPdcs+a572eteb7rOapei/q1mxGR+LfAX7+kCCFihBDDhBDXCSECIUSl+Erxl48XUJDy7z0J+3M9nH61O2BXE88/b+P55208/7yN55+38fzzNp5/3sbzz9t4/ozlZdvnFLueV95d/P5/Xsav//+H5Jaf/NXG8jf2+h+k8PzzNp5/3sbzz9t4/nkbzz9v4/n/31frvznG88/beP6M5WVX+/1nXld3Xe3fP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjecM5f4UWQvx9f7X7YowxxhhjjDHG2J/H57/aHTDGGGOMMcYYY+z/PxBSKKFFIPKJ/CJGFBCx4hoRJ64VBcV1IiKuF/HiBlFI3CgKiyKiqCgmEkRxUUIYgcIKEqEoKUqJqLhJlBY3i0RRRpQV5YQT5UWSuEVUELeKiuI2UUncLiqLO0QVUVVUE9XFnaKGuEvUFLVEbXG3qCPqinqivrhHNBD3iobiPtFI3C8aiwdEE/GgaCoeEs3Ew6K5eES0EI+KluIx0Uq0Fm1EW9Hut/l98/+L+S+JvuJl0U/0FyligBgoXhGDxGAxRAwVw8SrYrh4TYwQr4tUMVKMEm+I0eJNMUa8JcaKcWK8eFtMEBPFJDFZTBFTRZp4R0wT74rp4j0xQ8wUs8RskS7miLnifTFPzBcLxAdiofhQLBKLxRKxVGSIj0SmWCayxMdiufhEZIsVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLT8UOsVPsErvFHrFX7BOfif3ic3FAfCFyxJf/w/yz/ym/FwgQIEGCBg35IB/EQAzEQizEQRwUhIIQgQjEQzwUgkJQGApDUSgKCZAAJaAEICAQEJSEkhCFKJSG0pAIiVAWyoIDB0mQBBXgVqgIFaESVILKUBmqQFWoCtWhOtSAGlATakJtqA11oA7Ug3pwD9wD90JDaAiNoBE0hsbQBJpAU2gKzaAZNIfm0AJaQEtoCa2gFbSBNtAO2kF7aA8doAN0gk7QGTpDF+gCyZAMXaErdINu0B26Qw/oAT2hJ/SC3tAbXoKX4GV4GfpDHTkABsJAGASDYAgMhaHwKgyH1+A1eB1SYSSMgjfgDXgTxsAZGAvjYDyMhxpyIkyCyUByKqRBGkyDaTAdpsMMmAkzYTakwxyYC3NhHsyH+fABLIQP4UNYDIthKWRABmTCMsiCLFgOZyEbVsBKWAWrYQ2shnWwHtbBRtgEG2ELbIFtsA0+hU9hJ+yE3bAb9sJe+Aw+g8/hc0iFHMiBg3AQDsEhOAyHIRdy4QgcgaNwFI7BMTgOx+EEnIRTcBJOw2k4A2fhHJyD83AeLsALCd8031tmQ6qQl2mpZT6ZT8bIGBkrY2WcjJMFZUEZkREZL+NlIVlIFpaFZVFZVCbIBFlClpAoUZIMZUlZUkZlVJaWpWWiTJRlZVnppJNJMklWkBVkRVlRVpK3y8ryDllFVpUdXXVZXdaQnVxNWUvWlrVlHVlX1pP1ZX3ZQDaQDWVD2Ug2ko1lY9lEPiibygEwBB6WlyfTQo6ElnIUtJKtZRvZVr4Jj8v2cgx0kB1lJ/mkHAdjoYts75LlM7KrnATd5HNyMjwve8ip0FO+KHvJ3rKPfEn2lR1cP9lfzoABcqCcDYPkYDlEDpXzoK68PLF68nWZKkfKUfINuRTelGPkW3KsHCfHy7flBDlRTpKT5RQ5VabJd+Q0+a6cLt+TM+RMOUvOlulyjpwr35fz5Hy5QH4gF8oP5SK5WC6RS2WG/EhmymUyS34sl8tPZLZcIVfKVXK1XCPXynVyvdwgN8pNcrPcIrfKbXK7/FTukDvlLrlb7pF75T75mdwvP5cH5BcyR34pD8q/yEPyK3lYfi1z5TfyiPxWHpXfyWPye3lc/iBPyJPylPxRnpY/yTPyrDwnf5bn5S/ygrwoL0kvhQIllVJaBSqfyq9iVAEVq65RcepaVVBdpyLqehWvblCF1I2qsCqiiqpiKkEVVyWUUaisIhWqkqqUiqqbVGl1s0pUZVRZVU45VV4lqVtUBXWrqqhuU5XU7aqyukNVUVVVNVVd3alqqLtUTVVL1VZ3qzqqrqqn6qt7VAN1r2qo7lON1P2qsXpANVEPqqbqIdVMPayaq0dUC/WoaqkeU61Ua9VGtVXt1OOqvXpCdVAdVSf1pOqsnlJd1NMqWT2juqpnVTf1nOqunlc91Auqp3pR9VK9VR91UV1SXvVT/VWKGqAGqlfUIDVYDVFD1TD1qhquXlMj1OsqVY1Uo9QbarR6U41Rb6mxapwar95WE9RENUlNVlPUVJWm3lHT1LtqunpPzVAz1Sw1W6WrOWrI3yot+Bfy3/0n+SN+ffZtarv6VO1QO9UutVvtUXvVPrVP7Vf71QF1QOWoHHVQHVSH1CF1WB1WuSpXHVFH1FF1VB1Tx9RxdVydUCfVz+pHdVr9pM6os+qs+lmdV+fVhb/9DIQGLbXSWgc6n86vY3QBHauv0XH6Wl1QX6cj+nodr2/QhfSNurAuoovqYjpBF9cltNGorSYd6pK6lI7qm3RpfbNO1GV0WV1OO11eJ+lb/u38P+qvnW6n2+v2uoPuoDvpTrqz7qy76C46WSfrrrqr7qa76e66u+6he+ieuqfupXvpPrqP7qv76n66n07RKXqgfkUP0oP1ED1UD9Ov6uF6uB6hR+hUnapH6VF6tB6tx+gxeqweq8fr8XqCnqAn6Ul6ip6i03Sanqan6el6up6hZ+hZepZO1+l6rp6r5+l5eoFeoBfqhXqRXqSX6CU6Q2foTJ2ps3SWXq6X62y9Qq/Qq/QqvUav0ev0Or1Bb9Cb9Ca9RW/R2Xq73q536B16l96l9+g9ep/ep/fr/fqAPqBzdI4+qA/qQ/qQPqwP61ydq4/oI/qoPqqP6WP6uD6uT+gT+pQ+pU/r0/qMPqPP6XP6vD6vL+gL+pK+dPmyL5CBDHSgg3xBviAmiAlig9ggLogLCgYFg0gQCeKD+KBQcGNQOCgSFA2KBQlB8aBEYAIMbEBBGJQMSgXR4KagdHBzkBiUCcoG5QIXlA+SgluCCsGtQcXgtqBScHtQObgjqBJUDaoF1YM7gxrBXUHNoFZQO7g7qBPUDeoF9YN7ggbBvUHD4L6gUXB/0Dh4IGgSPBg0DR4KmgUPB82DR4IWwaNBy+CxoFXQOmgTtA3a/an1vT9T5AnXz/Q3KWaAGWheMYPMYDPEDDXDzKtmuHnNjDCvm1Qz0owyb5jR5k0zxrxlxppxZrx520wwE80kM9lMMVNNmnnHTDPvmunmPTPDzDSzzGyTbuaYueZ9M8/MNwvMB2ah+dAsMovNErPUZJiPTKZZZrLMx2a5+cRkmxVmpVllVps1Zq1ZZ9abDWaj2WQ2my1mq9lmtptPzQ6z0+wyu80es9fsM5+Z/eZzc8B8YXLMl+ag+Ys5ZL4yh83XJtd8Y46Yb81R8505Zr43x80P5oQ5aU6ZH81p85M5Y86ac+Znc978Yi6Yi+aS8Zcv7i+/vKNGjfkwH8ZgDMZiLMZhHBbEghjBCMZjPBbCQlgYC2NRLIoJmIAlsAReRkhYEktiFKNYGktjIiZiWSyLDh0mYRJWwApYEStiJayElbEyVsEqWA2r4Z14J96Fd2EtrIV3491YF+tifayPDbABNsSG2AgbYWNsjE2wCTbFptgMm2FzbI4tsAW2xJbYClthG2yD7bAdtsf22AE7YCfshJ2xM3bBLpiMydgVu2I37IbdsTv2wB7YE3tiL+yFfbAP9sW+2A/7YQqm4EAciINwEA7BITgMh+FwHI4jcASmYiqOwlE4GkfjGByDY3Ecjse3cQJOxEk4GafgVEzDNJyG03A6TscZOANn4SxMx3Sci3NxHs7DBbgAF+JCXISLcAkuwQzMwEzMxCzMwuW4HLMxG1fiSlyNq3EtrsX1uB434kbcjJtxK27F7bgdd+AO3IW7cA/uwX24D/fjfjyABzAHc/AgHsRDeAgP42HMxVw8gkfwKB7FY3gMj+NxPIEn8BSewtN4Gs/gGTyH5/A8/oIX8CJeQo8xVopYe42Ns9fagvY6G2ML2N/GRW0xm2CL2xLW2MK2yD/EaK1NtGVsWVvOOlveJtlbfhdXsVVtNVvd3mlr2Ltszd/FDey9tqG9zzay99v69p5/iBvbB2wT+6htah+zzWxr29y2tS3so7alfcy2sq1tG9vWdrZP2S72aZtsn7Fd7bO/izPtMrvebrAb7Sa7335uz9mf7VH7nT1vf7H9bH87zL5qh9vX7Aj7uk21I38Xj7dv2wl2op1kJ9spdurv4ll2tk23c+xc+76dZ+f/Ls6wH9mFNssusovtErv01/hyT1n2Y7vcfmKz7Qq70q6yq+0au9au+49eV9ktdqvdZvfZz+wOu9PusrvtHrv31/jyeRywX9gc+6U9Yr+1h+xX9rA9ZnPtN7/Gl8/vmP3eHrc/2BP2pD1lf7Sn7U/2jD376/lfPvcf7UV7yXorCEiSIk0B5aP8FEMFKJauoTi6lgrSdRSh6ymebqBCdCMVpiJUlIpRAhWnEmQIyRJRSCWpFEXpJipNN1MilaGyVI4clackuoUq0K1UkW6jSnQ7VaY7qApVpWpUne6kGnQX1aRaVJvupjpUl+pRfbqHGtC91JDuo0Z0PzWmB6gJPUhN6SFqRg9Tc3qEWtCj1JIeo1bUmtpQW2pHj1N7eoI6UEfqRE9SZ3qKutDTlEzPUFd6lrrRc9Sdnqce9AL1pBepF/WmPvQS9aWXqR/1pxQaQAPpFRpEg2kIDaVh9CoNp9doBL1OqTSSRtEbNJrepDH0Fo2lcTSe3qYJNJEm0WSaQlMpjd6hafQuTaf3aAbNpFk0m9JpDs2l92kezacF9AEtpA9pES2mJbSUMugjyqRllEUf03L6hLJpBa2kVbSa1tBaWkfraQNtpE20mbbQVtpG2+lT2kE7aRftpj20l/bRZ7SfPqcD9AXl0Jd0kP5Ch+grOkxfUy59Q0foWzpK39Ex+p6O0w90gk7SKfqRTtNPdIbO0jn6mc7TL3SBLtIl8iRCCGWoQh0GYb4wfxgTFghjw2vCuPDasGB4XRgJrw/jwxvCQuGNYeGwSFg0LBYmhMXDEqEJMbQhhWFYMiwVRsObwtLhzWFiWCYsG5YLXVg+TApvCSuEt4YVw9vCSuHtYeXwjrBKWDV89P7q4Z1hjfCusGZYK6wd3h3WCeuG9cL64T1hg/DesGF4X9govD+sGD4QNgkfDJuGD4XNwofD5uEjYYvw0bBl+FjYKmwdtgnbhu3Cx8P24RNhh7Bj2Cl8MuwcPhV2CZ8Ok8Nnwq7hs394PCUcEA4MXwlfCb2/Ty2JLo1mRD+KZkaXRbOiH0eXRz+JZkdXRFdGV0VXR9dE10bXRddHN0Q3RjdFN0e3RLdGt0W9r59fOHDSKadd4PK5/C7GFXCx7hoX5651Bd11LuKud/HuBlfI3egKuyKuqCvmElxxV8IZh846cqEr6Uq5qLvJlXY3u0RXxpV15Zxz5V2Sa+vauXauvXvCdXAdXSf3pHvSPeWeck+7p90zrqt71nVzz7nu7nnXw73gXnAvul6ut+vjXnJ93cuun+vvUlyKG+gGukFukBvihrhhbpgb7oa7EW6ES3WpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Npblpbpqb7qa7GW6Gm+VmuXSX7ua6uW6em+cWuAVuYeJCt8gtckvcEpfhMlymy3RZLsstd8tdtst2K91Kt9qtdmvdWrferXcb3Ua32W12W91Wt91tdzvcDrfL7XJ73B63z+1z+91+d8AdcDkuxx10B90hd8gddl+7XPeNO+K+dUfdd+6Y+94ddz+4E+6kO+V+dKfdT+6MO+vOuZ/defeLu+AuukvOu7TIO5FpkXcj0yPvRWZEZkZmRWZH0iNzInMj70fmReZHFkQ+iCyMfBhZFFkcWRJZGsmIfBTJjCyLZEU+jiyPfBLJjqyIrIysiqyOrIl4X3xH6Ev6Uj7qb/Kl/c0+0ZfxZX0573x5n+Rv8RX8rb6iv81X8rf7yv4OX8VX9dX8Y76Vb+3b+La+nX/ct/dP+A6+o+/kn/Sd/VO+i3/aJ/tnfFf/rO/mn/Pd/fO+h3/B9/Qv+l6+t+/jX/J9/cu+n+/vU/wAP9C/4gf5wX6IH+qH+Vf9cP+aH+Ff96l+pB/l3/Cj/Zt+jH/Lj/Xj/Hj/tp/gJ/pJfrKf4qf6NP+On+bf9dP9e36Gn+ln+dk+3c/xc/37fp6f7xf4D/xC/6Ff5Bf7JX6pz/Af+Uy/zGf5j/1y/4nP9iv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vr/Nb/ef+h1+p9/ld/s9fq/f5z/z+/3n/oD/wuf4L/1B/xd/yH/lD/uvfa7/xh/x3/qj/jt/zH/vj/sf/Al/0p/yP/rT/id/xp/15/zP/rz/xV/wF/0l/p81xhhjjLF/ifqD4wP+yffk39ZlA4UQ1+4slvufa24u/Nf9YJnQOSKEeKZ/z4f/vurUSdn698dmKxGUWiyEiFzJzyeuxCtEJ/GUSBYdRYV/2t9g2fs8/b5+Sspv6kdvFyL2Nzkx4kp8pf6t/0X9x58cn1k5PBf/39RfLERiqSs5BcSV+Er9iv9F/SLt/6D/Al+lCdHhNzlx4kp8pX6SeEI8K5L/4ZGMMcYYY4wxxthfDZbVuv/R/fPl+/MEfSUnv7gS/9H9OWOMMcYYY4wxxq6+53v3efrx5OSO3XnDG97w5j82V/svE2OMMcYYY+zPduWi/2p3whhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5V3/Gx8ndrXPkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLva/l8AAAD//zG6PD0=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000496000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x37961000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)

1m54.102061549s ago: executing program 33 (id=1774):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f0000000240)='./file1\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x81, 0x14fc, &(0x7f0000001480)="$eJzs3AuUjlXbOPB97b1vxjTpaZLDsK993TxpsE2S5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDR5pUmSkJCw/0vv+356v97v6/3W2/+z1jfXb629Zl9zP9f1XPdcs+a572eteb7rOapei/q1mxGR+LfAX7+kCCFihBDDhBDXCSECIUSl+Erxl48XUJDy7z0J+3M9nH61O2BXE88/b+P55208/7yN55+38fzzNp5/3sbzz9t4/ozlZdvnFLueV95d/P5/Xsav//+H5Jaf/NXG8jf2+h+k8PzzNp5/3sbzz9t4/nkbzz9v4/n/31frvznG88/beP6M5WVX+/1nXld3Xe3fP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjecM5f4UWQvx9f7X7YowxxhhjjDHG2J/H57/aHTDGGGOMMcYYY+z/PxBSKKFFIPKJ/CJGFBCx4hoRJ64VBcV1IiKuF/HiBlFI3CgKiyKiqCgmEkRxUUIYgcIKEqEoKUqJqLhJlBY3i0RRRpQV5YQT5UWSuEVUELeKiuI2UUncLiqLO0QVUVVUE9XFnaKGuEvUFLVEbXG3qCPqinqivrhHNBD3iobiPtFI3C8aiwdEE/GgaCoeEs3Ew6K5eES0EI+KluIx0Uq0Fm1EW9Hut/l98/+L+S+JvuJl0U/0FyligBgoXhGDxGAxRAwVw8SrYrh4TYwQr4tUMVKMEm+I0eJNMUa8JcaKcWK8eFtMEBPFJDFZTBFTRZp4R0wT74rp4j0xQ8wUs8RskS7miLnifTFPzBcLxAdiofhQLBKLxRKxVGSIj0SmWCayxMdiufhEZIsVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLT8UOsVPsErvFHrFX7BOfif3ic3FAfCFyxJf/w/yz/ym/FwgQIEGCBg35IB/EQAzEQizEQRwUhIIQgQjEQzwUgkJQGApDUSgKCZAAJaAEICAQEJSEkhCFKJSG0pAIiVAWyoIDB0mQBBXgVqgIFaESVILKUBmqQFWoCtWhOtSAGlATakJtqA11oA7Ug3pwD9wD90JDaAiNoBE0hsbQBJpAU2gKzaAZNIfm0AJaQEtoCa2gFbSBNtAO2kF7aA8doAN0gk7QGTpDF+gCyZAMXaErdINu0B26Qw/oAT2hJ/SC3tAbXoKX4GV4GfpDHTkABsJAGASDYAgMhaHwKgyH1+A1eB1SYSSMgjfgDXgTxsAZGAvjYDyMhxpyIkyCyUByKqRBGkyDaTAdpsMMmAkzYTakwxyYC3NhHsyH+fABLIQP4UNYDIthKWRABmTCMsiCLFgOZyEbVsBKWAWrYQ2shnWwHtbBRtgEG2ELbIFtsA0+hU9hJ+yE3bAb9sJe+Aw+g8/hc0iFHMiBg3AQDsEhOAyHIRdy4QgcgaNwFI7BMTgOx+EEnIRTcBJOw2k4A2fhHJyD83AeLsALCd8031tmQ6qQl2mpZT6ZT8bIGBkrY2WcjJMFZUEZkREZL+NlIVlIFpaFZVFZVCbIBFlClpAoUZIMZUlZUkZlVJaWpWWiTJRlZVnppJNJMklWkBVkRVlRVpK3y8ryDllFVpUdXXVZXdaQnVxNWUvWlrVlHVlX1pP1ZX3ZQDaQDWVD2Ug2ko1lY9lEPiibygEwBB6WlyfTQo6ElnIUtJKtZRvZVr4Jj8v2cgx0kB1lJ/mkHAdjoYts75LlM7KrnATd5HNyMjwve8ip0FO+KHvJ3rKPfEn2lR1cP9lfzoABcqCcDYPkYDlEDpXzoK68PLF68nWZKkfKUfINuRTelGPkW3KsHCfHy7flBDlRTpKT5RQ5VabJd+Q0+a6cLt+TM+RMOUvOlulyjpwr35fz5Hy5QH4gF8oP5SK5WC6RS2WG/EhmymUyS34sl8tPZLZcIVfKVXK1XCPXynVyvdwgN8pNcrPcIrfKbXK7/FTukDvlLrlb7pF75T75mdwvP5cH5BcyR34pD8q/yEPyK3lYfi1z5TfyiPxWHpXfyWPye3lc/iBPyJPylPxRnpY/yTPyrDwnf5bn5S/ygrwoL0kvhQIllVJaBSqfyq9iVAEVq65RcepaVVBdpyLqehWvblCF1I2qsCqiiqpiKkEVVyWUUaisIhWqkqqUiqqbVGl1s0pUZVRZVU45VV4lqVtUBXWrqqhuU5XU7aqyukNVUVVVNVVd3alqqLtUTVVL1VZ3qzqqrqqn6qt7VAN1r2qo7lON1P2qsXpANVEPqqbqIdVMPayaq0dUC/WoaqkeU61Ua9VGtVXt1OOqvXpCdVAdVSf1pOqsnlJd1NMqWT2juqpnVTf1nOqunlc91Auqp3pR9VK9VR91UV1SXvVT/VWKGqAGqlfUIDVYDVFD1TD1qhquXlMj1OsqVY1Uo9QbarR6U41Rb6mxapwar95WE9RENUlNVlPUVJWm3lHT1LtqunpPzVAz1Sw1W6WrOWrI3yot+Bfy3/0n+SN+ffZtarv6VO1QO9UutVvtUXvVPrVP7Vf71QF1QOWoHHVQHVSH1CF1WB1WuSpXHVFH1FF1VB1Tx9RxdVydUCfVz+pHdVr9pM6os+qs+lmdV+fVhb/9DIQGLbXSWgc6n86vY3QBHauv0XH6Wl1QX6cj+nodr2/QhfSNurAuoovqYjpBF9cltNGorSYd6pK6lI7qm3RpfbNO1GV0WV1OO11eJ+lb/u38P+qvnW6n2+v2uoPuoDvpTrqz7qy76C46WSfrrrqr7qa76e66u+6he+ieuqfupXvpPrqP7qv76n66n07RKXqgfkUP0oP1ED1UD9Ov6uF6uB6hR+hUnapH6VF6tB6tx+gxeqweq8fr8XqCnqAn6Ul6ip6i03Sanqan6el6up6hZ+hZepZO1+l6rp6r5+l5eoFeoBfqhXqRXqSX6CU6Q2foTJ2ps3SWXq6X62y9Qq/Qq/QqvUav0ev0Or1Bb9Cb9Ca9RW/R2Xq73q536B16l96l9+g9ep/ep/fr/fqAPqBzdI4+qA/qQ/qQPqwP61ydq4/oI/qoPqqP6WP6uD6uT+gT+pQ+pU/r0/qMPqPP6XP6vD6vL+gL+pK+dPmyL5CBDHSgg3xBviAmiAlig9ggLogLCgYFg0gQCeKD+KBQcGNQOCgSFA2KBQlB8aBEYAIMbEBBGJQMSgXR4KagdHBzkBiUCcoG5QIXlA+SgluCCsGtQcXgtqBScHtQObgjqBJUDaoF1YM7gxrBXUHNoFZQO7g7qBPUDeoF9YN7ggbBvUHD4L6gUXB/0Dh4IGgSPBg0DR4KmgUPB82DR4IWwaNBy+CxoFXQOmgTtA3a/an1vT9T5AnXz/Q3KWaAGWheMYPMYDPEDDXDzKtmuHnNjDCvm1Qz0owyb5jR5k0zxrxlxppxZrx520wwE80kM9lMMVNNmnnHTDPvmunmPTPDzDSzzGyTbuaYueZ9M8/MNwvMB2ah+dAsMovNErPUZJiPTKZZZrLMx2a5+cRkmxVmpVllVps1Zq1ZZ9abDWaj2WQ2my1mq9lmtptPzQ6z0+wyu80es9fsM5+Z/eZzc8B8YXLMl+ag+Ys5ZL4yh83XJtd8Y46Yb81R8505Zr43x80P5oQ5aU6ZH81p85M5Y86ac+Znc978Yi6Yi+aS8Zcv7i+/vKNGjfkwH8ZgDMZiLMZhHBbEghjBCMZjPBbCQlgYC2NRLIoJmIAlsAReRkhYEktiFKNYGktjIiZiWSyLDh0mYRJWwApYEStiJayElbEyVsEqWA2r4Z14J96Fd2EtrIV3491YF+tifayPDbABNsSG2AgbYWNsjE2wCTbFptgMm2FzbI4tsAW2xJbYClthG2yD7bAdtsf22AE7YCfshJ2xM3bBLpiMydgVu2I37IbdsTv2wB7YE3tiL+yFfbAP9sW+2A/7YQqm4EAciINwEA7BITgMh+FwHI4jcASmYiqOwlE4GkfjGByDY3Ecjse3cQJOxEk4GafgVEzDNJyG03A6TscZOANn4SxMx3Sci3NxHs7DBbgAF+JCXISLcAkuwQzMwEzMxCzMwuW4HLMxG1fiSlyNq3EtrsX1uB434kbcjJtxK27F7bgdd+AO3IW7cA/uwX24D/fjfjyABzAHc/AgHsRDeAgP42HMxVw8gkfwKB7FY3gMj+NxPIEn8BSewtN4Gs/gGTyH5/A8/oIX8CJeQo8xVopYe42Ns9fagvY6G2ML2N/GRW0xm2CL2xLW2MK2yD/EaK1NtGVsWVvOOlveJtlbfhdXsVVtNVvd3mlr2Ltszd/FDey9tqG9zzay99v69p5/iBvbB2wT+6htah+zzWxr29y2tS3so7alfcy2sq1tG9vWdrZP2S72aZtsn7Fd7bO/izPtMrvebrAb7Sa7335uz9mf7VH7nT1vf7H9bH87zL5qh9vX7Aj7uk21I38Xj7dv2wl2op1kJ9spdurv4ll2tk23c+xc+76dZ+f/Ls6wH9mFNssusovtErv01/hyT1n2Y7vcfmKz7Qq70q6yq+0au9au+49eV9ktdqvdZvfZz+wOu9PusrvtHrv31/jyeRywX9gc+6U9Yr+1h+xX9rA9ZnPtN7/Gl8/vmP3eHrc/2BP2pD1lf7Sn7U/2jD376/lfPvcf7UV7yXorCEiSIk0B5aP8FEMFKJauoTi6lgrSdRSh6ymebqBCdCMVpiJUlIpRAhWnEmQIyRJRSCWpFEXpJipNN1MilaGyVI4clackuoUq0K1UkW6jSnQ7VaY7qApVpWpUne6kGnQX1aRaVJvupjpUl+pRfbqHGtC91JDuo0Z0PzWmB6gJPUhN6SFqRg9Tc3qEWtCj1JIeo1bUmtpQW2pHj1N7eoI6UEfqRE9SZ3qKutDTlEzPUFd6lrrRc9Sdnqce9AL1pBepF/WmPvQS9aWXqR/1pxQaQAPpFRpEg2kIDaVh9CoNp9doBL1OqTSSRtEbNJrepDH0Fo2lcTSe3qYJNJEm0WSaQlMpjd6hafQuTaf3aAbNpFk0m9JpDs2l92kezacF9AEtpA9pES2mJbSUMugjyqRllEUf03L6hLJpBa2kVbSa1tBaWkfraQNtpE20mbbQVtpG2+lT2kE7aRftpj20l/bRZ7SfPqcD9AXl0Jd0kP5Ch+grOkxfUy59Q0foWzpK39Ex+p6O0w90gk7SKfqRTtNPdIbO0jn6mc7TL3SBLtIl8iRCCGWoQh0GYb4wfxgTFghjw2vCuPDasGB4XRgJrw/jwxvCQuGNYeGwSFg0LBYmhMXDEqEJMbQhhWFYMiwVRsObwtLhzWFiWCYsG5YLXVg+TApvCSuEt4YVw9vCSuHtYeXwjrBKWDV89P7q4Z1hjfCusGZYK6wd3h3WCeuG9cL64T1hg/DesGF4X9govD+sGD4QNgkfDJuGD4XNwofD5uEjYYvw0bBl+FjYKmwdtgnbhu3Cx8P24RNhh7Bj2Cl8MuwcPhV2CZ8Ok8Nnwq7hs394PCUcEA4MXwlfCb2/Ty2JLo1mRD+KZkaXRbOiH0eXRz+JZkdXRFdGV0VXR9dE10bXRddHN0Q3RjdFN0e3RLdGt0W9r59fOHDSKadd4PK5/C7GFXCx7hoX5651Bd11LuKud/HuBlfI3egKuyKuqCvmElxxV8IZh846cqEr6Uq5qLvJlXY3u0RXxpV15Zxz5V2Sa+vauXauvXvCdXAdXSf3pHvSPeWeck+7p90zrqt71nVzz7nu7nnXw73gXnAvul6ut+vjXnJ93cuun+vvUlyKG+gGukFukBvihrhhbpgb7oa7EW6ES3WpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Npblpbpqb7qa7GW6Gm+VmuXSX7ua6uW6em+cWuAVuYeJCt8gtckvcEpfhMlymy3RZLsstd8tdtst2K91Kt9qtdmvdWrferXcb3Ua32W12W91Wt91tdzvcDrfL7XJ73B63z+1z+91+d8AdcDkuxx10B90hd8gddl+7XPeNO+K+dUfdd+6Y+94ddz+4E+6kO+V+dKfdT+6MO+vOuZ/defeLu+AuukvOu7TIO5FpkXcj0yPvRWZEZkZmRWZH0iNzInMj70fmReZHFkQ+iCyMfBhZFFkcWRJZGsmIfBTJjCyLZEU+jiyPfBLJjqyIrIysiqyOrIl4X3xH6Ev6Uj7qb/Kl/c0+0ZfxZX0573x5n+Rv8RX8rb6iv81X8rf7yv4OX8VX9dX8Y76Vb+3b+La+nX/ct/dP+A6+o+/kn/Sd/VO+i3/aJ/tnfFf/rO/mn/Pd/fO+h3/B9/Qv+l6+t+/jX/J9/cu+n+/vU/wAP9C/4gf5wX6IH+qH+Vf9cP+aH+Ff96l+pB/l3/Cj/Zt+jH/Lj/Xj/Hj/tp/gJ/pJfrKf4qf6NP+On+bf9dP9e36Gn+ln+dk+3c/xc/37fp6f7xf4D/xC/6Ff5Bf7JX6pz/Af+Uy/zGf5j/1y/4nP9iv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vr/Nb/ef+h1+p9/ld/s9fq/f5z/z+/3n/oD/wuf4L/1B/xd/yH/lD/uvfa7/xh/x3/qj/jt/zH/vj/sf/Al/0p/yP/rT/id/xp/15/zP/rz/xV/wF/0l/p81xhhjjLF/ifqD4wP+yffk39ZlA4UQ1+4slvufa24u/Nf9YJnQOSKEeKZ/z4f/vurUSdn698dmKxGUWiyEiFzJzyeuxCtEJ/GUSBYdRYV/2t9g2fs8/b5+Sspv6kdvFyL2Nzkx4kp8pf6t/0X9x58cn1k5PBf/39RfLERiqSs5BcSV+Er9iv9F/SLt/6D/Al+lCdHhNzlx4kp8pX6SeEI8K5L/4ZGMMcYYY4wxxthfDZbVuv/R/fPl+/MEfSUnv7gS/9H9OWOMMcYYY4wxxq6+53v3efrx5OSO3XnDG97w5j82V/svE2OMMcYYY+zPduWi/2p3whhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5V3/Gx8ndrXPkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLva/l8AAAD//zG6PD0=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000496000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x37961000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)

34.240654871s ago: executing program 1 (id=2172):
r0 = epoll_create(0x101)
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040))
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000140)={0x0, 0x2, 0x4})

33.489266031s ago: executing program 1 (id=2177):
ioprio_set$uid(0x3, 0x0, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x82900, 0x0)
sendfile(r0, r1, 0x0, 0x10ffff)

32.869855012s ago: executing program 1 (id=2182):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB="12000000400000000800000001"], 0x48)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000140), &(0x7f0000000240)=@udp6=r1}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000040)={r0, &(0x7f0000000200), 0x0}, 0x20)

32.444408523s ago: executing program 1 (id=2186):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x81008e, &(0x7f0000003f80)=ANY=[@ANYBLOB="726f6469722c7379735f696d6d757461626c652c6572726f72733d636f6e74696e75652c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c636865636b3d7374726963742c636f6465706167653d3935302c696f636861727365743d63703836302c696f636861727365743d63703433372c73686f72746e616d653d77696e6e742c696f636861727365743d63703933322c6e6f6e756d7461696c3d302c6e66732c726f6469722c757466383d312c73686f72746e616d653d6d697865642c757466383d302c00e23bb66df271dc392ed708", @ANYRES16], 0x4, 0x2ba, &(0x7f00000001c0)="$eJzs3T9ra2UYAPDnpPmnDskgDiJ4QIc7XW7v6mCq9MLFTEoGXfTiTUGaILRQ8A+mnVxdHP0EguDW1Q/g4jcQXAU3OxSOnJNzmqZN00ZMq97fb+nTc97nfZ+3edvSwnny0Svj3adp7Bx9+Wu020nUetGLkyS6UYvKYczpfRMAwH/ZSZbFH9nUKnlJRLTXVxYAsEYr//7/ce0lAQBr9t77H7yz1e9vv5um7Xg0/vpgkP9ln3+c3t/aiU9iFMN4EJ04jcjOTONHWZZN6mmuG6+PJweDPHP84c/l/Fu/RxT5m9GJbnFpPv9xf3sznTqXP8nreL5cv5fnP6x34sUF6z/ubz9ckB+DZtx7raw/4jDuRyd++Tg+jVE8LYqY5X+1maZvZ9/++UXxH408P5kcDFrFuJls47ZfGwAAAAAAAAAAAAAAAAAAAAAA/r/ul71zWlH078kvlf13Nk7zTxqRVrrz/Xmm+Uk10YX+QJMsvqv66zxIX2pl5cBZfj1erkf9bnYNAAAAAAAAAAAAAAAAAAAA/y77n32++2Q0Gu4tC248uOoGUD3Wf+3MVwS94d5xdeXVWD64NVurVoajYV7IwqzYqMYkEUvLyDfxt4pfPXiuqHnBre9/WHXC9vVjGovX+ieD6sDsPkkWfw1bZ69Ouzokx+fHNOOGazWnwZuXbmUrHb/mwludG6Qn8/O8UASTJVmRLCvsjd8iGhHVmU8u7qJ51cEeDRtFcO/qb732Suf58s+KRLcOAAAAAAAAAAAAAAAAAABYq8sP+Z9ztDS1lrXWVhYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3KrZ+/+vEEzK5OmVn95aMrgZe/t3vEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeAX8FAAD//9OuWkY=")
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x2bc3c1f, 0xffffffffffffffff, 0x7, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)

31.743508804s ago: executing program 1 (id=2191):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)={0x2, 0x0, [{0x5, 0x4, 0x0, 0x0, @msi={0x8, 0xffffffff, 0x1000, 0x4}}, {0x10001, 0x2, 0x1, 0x0, @irqchip={0x0, 0x7}}]})

31.055753298s ago: executing program 1 (id=2196):
sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x6)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75737271756f74612c696f636861727365743d69736f383835392d352c696f636861727365743d6575632d6a702c696e746567726974792c71756f74612c6e6f71756f74612c71756f7461006572726f72733d636f6e74696e75652c756d61736b3d3078303030303030303030303030303038312c75737271756f74612c06000000756f74612c756d61736b3d3078303030303030303030303030303030312c67727071756f74612c756d61736b3d3078303030303030303030303032303034352c726f6f74636f6e746578743d7379752c646566636f6e746578743d73797361646d5f752c66736e616d653d003f0000587d5b2d292b2c00a9c1a30bc3207997b7f4e9447ee50b7a7e32bbde0fc9243970c38a6cb5080b27024c8fa61254ca59336acbf090ea35b6e7e44f4af2c218e937a7689e5f17975998f3ff7c1c7b896131aaf5097320e70b9b3c7424cb12be8a69b44da8d201000000abf6813950c019ae80f2a89a067e768d0c305f77357aaccfbf7dc0503768aaa6b8940e1ccbc41e021e0cf63c2d1c991852b2b84c2d677f2898bde305ce8fa91a7c14e01f5f066af16ae8fa48cdee8bf24677ab469a4f18d640cc", @ANYRES64], 0xfe, 0x619d, &(0x7f00000012c0)="$eJzs3c9vHGf9B/DP/vSPfptaPVT9Rgi5aflRSpM4KSFQoO0BDlx6QLmiRK5bRaSAkoDSyiKufOHAib8AhMQRIY6IA39AD1y5ceJEJBsJ1BODxn6eeHay23VwvLP2vF6SM/OZZ9b7jN87+yMzs08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPHd73xvrRMR13+aFqxE/F/0IroRS2W9GhFLqyt5/X5EPB97zfFcRAwWIsrb7/3zTMRrEfHxmYid3c31cvGlQ/bj27//62++/9Tbf/nd4MK//3C39/qk9e7d+8W//nj/aNsMAAAAbVMURdFJH/PPps/33aY7BQDMRH79L5K8/NTXv/z723+ap/6o1Wq1Wj2DuqoY7361iIit6m3K9wwOxwPACbMVnzTdBRok/1brR8RTTXcCmGudpjvAsdjZ3VzvpHw71deD1f32fC7ISP5bnYfXd0yaTlM/x2RWj6/t6MWzE/qzNKM+zJOcf7ee//X99mFa77jzn5VJ+Q/3L31qnZx/r55/zenJvzs2/7bK+fcfK/+e/AEAAAAAYI7l//9fafj478LRN+VQPu347+qM+gAAAAAAAAAAT9pRx/97yPh/AAAAMLfKz+qlX505WDbpu9jK5dc6EU/X1gdaJl0ss9x0PwAAAAAAAAAAAACgTfr75/Be60QMIuLp5eWiKMqfqnr9uI56+5Ou7dsPbdb0kzwAAOz7+EztWv5OxGJEXEvf9TdYXl4uisWl5WK5WFrI72eHC4vFUuVzbZ6WyxaGh3hD3B8W5S9brNyuatrn5Wnt9d9X3tew6B2iY0/IIP01JzQ3FDYAJPuvRjtekU6Zonhm0psPGGH/P4VWYqXpxxXzr+mHKQAAAHD8iqIoOunrvM+mY/7dpjsFAMxEfv2vHxc4Ut2d0B7xZH7/3NaDmK/+qNVqtVo9WlcV492vFhGxVb1N+Z7BcPwAcMJsxSdNd4EGyb/V+hHxfNOdAOZap+kOcCx2djfXOynfTvX1II3vns8FGcl/q7N3u3z7cdNp6ueYzOrxtR29eHZCf56bUR/mSc6/W8//+n77MK133PnPyqT8h3uXzLVPzr9Xz7/m9OTfHZt/W+X8+4+Vf0/+AAAAAAAwx/L//684/ps3GQAAAAAAAABOnJ3dzfV83Ws+/v+ZMeu5/vN0yvl3Hjf/pTQv/xMt59+t5f/F2nq9yvyDtw72/3/ubq7/9u4//j9PD5v/Qp7ppEdWJz0iOumeOv00PcrWPWp70BuW9zTodHv9dM5PMXg3bsat2IiLI+t209/joH1tpL3s6WCk/dJIe/+R9ssj7YP0vQPFUm4/H+vxo7gV7+y1l20LU7Z/cUp7MaU959/z/N9KOf9+5afMfzm1d2rT0oOPuo/s99XpuPt58+Znf37x+Ddnqu3oPdy2qnL7zjXQn72/yVPD+Mmdjdvn7924e/f2WqTJyNJLkSZPWM5/sPezcPD8/+J+e37er+6vDz4aPnb+82I7+hPzf7EyX27vyzPuWxNy/sP0k/N/J7WP3/9Pcv6T9/9XGugPAAAAAAAAAAAAAAAAfJqiKPYuEX0zIq6k63+aujYTAJit/PpfJHm5Wq1Wq9Xq01dXFeO9US0i4s/V25TvGX427pcBAPPsPxHxt6Y7QWPk32L5+/7K6UtNdwaYqTsffPiDG7dubdy+03RPAAAAAAAAAID/VR7/c7Uy/vNLEbFSW29k/Ne3YvWo43/288zDAUaf8EDfE2x3h71uZbjxF2JvfO7zk8b/PhePjv+dx8TtVbdjgsGU9uGU9oUp7Ytjlx6kNfZCj4qc/wuV8c7L/M/Whl9vw/iv9THv2yDnf67yeC7z/0JtvWr+xa/nLv+tw664Hd2R/C/cff/HF+588OGrN9+/8d7Gexs/vLy2dvHylStXr1698O7NWxsX9/89nl7PgZx/HvvaeaDtkvPPmcu/XXL+n0u1/Nsl5//5VMu/XXL++f2e/Nsl558/+8i/XXL+L6da/u2S8/9SquXfLju7mwtl/q+kWv7tkvf/L6da/u2S83811fJvl5z/+VTLv11y/hdSfYj8fT38KZLzz0e47P/tkvNfS7X82yXnfynV8m+XnP/lVMu/XXL+r6Va/u2S8/9KquXfLjn/K6mWf7vk/L+aavm3S87/aqrl3y45/6+lWv7tkvP/eqrl3y45/9dTLf92yfl/I9Xyb5ec/zdTLf92yfl/K9Xyb5ec/xupln+7HHz/vxkzZszkmaafmQAAAAAAAAAAAACAulmcTtz0NgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLUauu74D+Jm9ee0QYiAEJzWwSYwxzpJdX+ILrYsJ1wYoBRIKvWC73rVZ8A2vXQJFsmmgRMKoqKJq+tAWEGojVRVWxQOtKM1D1ctTaR/oS0VVCalRFZBBRWormq1mzv//98zs7Myud7yePf/PR7J/uzNn5pw5c2Z2v2t/9wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs3vfOPvZWlEU9T+NvzYXxQvqH2+c2Ny47HW3egsBAACA1fq/xt/X7kgXHF7GjZqW+btX/OPXFxYWFor3D//u6BcXFtIVE0UxuqEoGtdFV//9A7XmZYInivHaUNPnQz1WP9zj+pEe14/2uH6sx/Ubelw/3uP6RTtgkY3lz2Mad7at8eHmcpcWdxajjeu2dbjVE7UNQ0PxZzkNtcZtFkZPFHPFqWK2mG5Zvly21lj+m/fW1/W2Iq5rqGldW+tHyA8/eTxuQy3s420t67p+n9H331BM/OiHnzz+xxeeu7vT7LkbWu6v3M4d99W389PhknJba8WGtE/idg41befWDs/JcMt21hq3q3/cvp3Xlrmdw9c3c021P+fjxVDj42839tNI84/10n7aGi777/uLorh8fbPbl1m0rmKo2NRyydD152e8PCLr91E/lF5cjKzoOL13Gcdpfc5saz1O218T8fm/N9xuZIltaH6avv+psUXP+0qP06j+qJd6rbQfg/1+rQzKMRiPi283HvSTHY/BbeHxf3L70sdgx2OnwzGYHnfTMXhfr2NwaGy4sc3pSag1bnP9GNzVsvxwY021xnx2e/djcOrC6XNT8x//xGvnTh87OXty9syeXbum9+zbd+DAgakTc6dmp8u/b3BvD75NxVB6DdwX9l18Dby6bdnmQ3Xhy/17HY53eR1ublu236/DkfYHV1ubF+TiY7p8bTxa3+njV4aKJV5jjedn5+pfh+lxN70OR5pehx2/pnR4HY4s43VYX+bczuV9zzLS9KfTNtysrwWbm47B9u9H2o/Bfn8/MijH4Hg4Lv5159JfC7aG7X1ycqXfjwwvOgbTww3vPfVL0vf74wcao9NxeU/9itvGiovzs+cffPzYhQvndxVhrImXNB0r7cfrpqbHVCw6XodWfLwennvFk/d0uHxz2Ffjr63/Nb7kc1VfZu+D3Z+rxle3zvuz5dLdRRh9ttb7s9NX8/r+TFmyy/6sL/PpqdV/L55yadP77+gS778x9z9fri/d1RPDoyPl63c47Z3Rlvfj1qdqpPHeVWus+9rU8t6PR8OftX4/vrPL+/GWtmX7/X482v7g4vtxrddPO1an/fkcD8fJqenu78f1ZbbsXukxOdL1/fj+MGth/78mJIWUi5qOnaWO27SukZHR8LhG4hpaj9M9LcuPhmxWX9fTu2/sON1xf3lfw+nRXbdWx+lE27L9Pk7T+9VSx2mt10/fbkz78zkejos793Q/TuvLPLN39e+dG+OHTe+dY41j8NrS9zM6PFbf5tF0EJbv9wsb4zH4YHG8OFucKmYa1441jqdaY12TDy3vGBwLf9b6vXJLl2NwR9uy/T4G09expY692sjiB98H7c/neDgunnqo+zFYX+ZN+/v7veuOcElapul71/afry31M6972nbTzfyZV307/2Z/95/N1pc5dWClObP7fnogXHJbh/001vY1ZKnX1EyxNvtpS9jO5w4svZ/q21Nf5osHl3k8HS6K4tJHH278vDf8+8qfX/zO11v+3aXTv+lc+ujDP7j9xN+uZPsBWP+eL8em8mtd079MLeff/wEAAIB1Ieb+oTAT+R8AAAAqI+b++L/CE/kfAAAAKiPm/pEwk0zy/5Y3PTf3/KUiNfMXgnh92g2PlMvFjut0+Hxi4br65Q9/dfbHf3lpeeseKoriJ4/8RsfltzwSt6s0Ebbz6ptbL198w0vLWv/Rx64v19xf/1K4//h4lnsYdKrgThdF8c07Pt9Yz8QHrjTmM48cbcz3XH7yifoy1w6Wn8fbP/uScvk/COXfwyeOtdz+2bAfvhfm9Ns77494u69dec3W/e+7vr54u9p9L2w87Kc+WN5v/D05X3iiXD7u56W2/68+9/TX6ss//qrO239pqPP2Px3u96th/s/Ly+Wbn4P65/F2nwnbH9cXb/fgV77VcfuvfrZc/txbyuWOhhnXvyN8vu0tz80176/Ha8daHlfx1nK5uP7p7/x24/p4f/H+27d//MiVlv3Rfnw888/l/Uy1LR8vj+uJ/qJt/fX7aT4+4/qf/q2jLfu51/qvvufZl9fvt339D7QtN9x2+/bf2PSHn/l8x/XF7Tn8Z+daHs/hd4fXcVj/Ux8Mx2O4/n+vfr5lvdHRd7e+/8Tlv7T5Usvjid72o3L9V19/sjH/Y+LHv3/bC25/4eVX1vddUXz7veX99Vr/yT8627L9X75rZ+P5iNfHjn77+pcS13/+Y5Nnzs5fnJtp2quN353zjnJ7Noxv3FTf3jvCe2v750fOXvjQ7PmJ6Ynpopio7q/Qu2FfCfMH5bi80tvvfCw8n/f83jc3bf+nz8XL/+XR8vIrby+/br06LPeFcPnm8vlbqK1y/U/de1fj9V17pvy8pcfeB1u3/eeBZS0YHn/79wXxeD/30g819kP9usbXjfi6XuX2f3emvJ9vhP26EH4z8313XV9f8/LxdyNceW/5el/1/gtvc/F5/ZPwfL/ze+X9x+2Kj/e74fuYb21pfb+Lx8c3Lg2133/jt3hcDu8nxeXy+rhU3N9Xrt3VcfPi7yEpLt/d+Px30v3cvaKHuZT5j89PnZo7c/HxqQuz8xem5j/+iSOnz148c+FI43d5Hvlwr9tff3/a1Hh/mpndt7eY3lgUxdlieg3esG7O9tc/Wt72n3vs+Mz+6e0zsyeOXTxx4bFzs+dPHp+fPz47M7/92IkTsx/rdfu5mUO7dh/cs3/35Mm5mUMHDh7cc3By7szZ+maUG9XDvumPTJ45f6Rxk/lDew/ueuihvdOTp8/OzB7aPz09ebHX7Rtfmybrt/71yfOzp45dmDs9Ozk/94nZQ7sO7tu3u+dvAzx97sT8xNT5i2emLs7Pnp8qH8vEhcbF9a99vW5PNc3/W/n9bLta+Yv4inc9sC/9fta6r35qybsqF2n7BaLPhd9F8w8vOndgOZ/H3D8aZpJJ/gcAAIAcxNw/FmYi/wMAAEBlxNy/IcxE/gcAAIDKiLl/PMwkk/yv/6//v7z+f3m9/n9e/f9zHy17peu9/x/78/r/ebjF/f9Vr1//X/+/ev3/5ffn1/v26//r/7PYoPX/Y+7fWBRZ5n8AAADIQcz9m8JM5H8AAACojJj7bwszkf8BAACgMmLuf0GYSSb5X/9/Wf3/3b0KV9Xv/zv/v/5/sT77//HJ0f/Pxor79+97tOVT/f9A/1//X/9f/1//n1UbXfKaW9X/j7n/9jCTTPI/AAAA5CDm/heGmcj/AAAAUBkx998RZiL/AwAAQGXE3L85zCST/K//7/z/+v/6/937/2NN97QO+/+rPf9/08bo/68Pzv/fnf5/Dzfc/x/X/1+P/f/R/m7/YPf/e26+/j83xaCd/z/m/heFmWSS/wEAACAHMfe/OMxE/gcAAIDKiLn/JWEm8j8AAABURsz9d4aZZJL/9f/1//X/9f8rff7/1fb/u57/v/xI/3+w6P93p//fg/P/59X/7/P2D3b/v9/n/x99c/vt9f/pZND6/zH3vzTMJJP8DwAAADmIuf+uMBP5HwAAACoj5v6XhZnI/wAAAFAZMfdvCTPJJP/r/+v/6//r/+v/d15/7/5/Sf9/sOj/d6f/34P+v/6//v/y+v8dvvnV/6eTQev/x9x/d5hJJvkfAAAAchBz/z1hJvI/AAAAVEbM/T8VZiL/AwAAQGXE3L81zCST/K//r/+v/59X//+BMf1//f9q0//vTv+/B/1//X/9/2We/3+xlfT/N/S6Mypj0Pr/Mfe/PMwkk/wPAAAAOYi5/xVhJvI/AAAAVEbM/a8MM5H/AQAAoDJi7p8IM8kk/+v/V6v//6d//dQrC/1//f8e669o/z8eBvr/mdP/707/vwf9f/1//f816f+Tj0Hr/8fcf2+YSSb5HwAAAHIQc/99YSbyPwAAAFRGzP33h5nI/wAAAFAZMfdvCzOpfP4vmw/6/9Xq/0f6//r/3dZf0f5/ov+fN/3/DppepPr/Pej/Z9//j2kg3/5//O5X/5/+GLT+f8z9rwozqXz+BwAAgHzE3L89zET+BwAAgMqIuf/VYSbyPwAAAFRGzP07wkwyyf/6//r/+v/6//r/ndev/78+6f93t9L+/5j+v/5/Zv1/5/93/n/6a9D6/zH3vybMJJP8DwAAADmIuX9nmIn8DwAAAJUR//9m+f9e5X8AAACoopj7J8NMMsn/+v/6/zn1/2v6//r/+v+Vp//fnfP/96D/r/+v/6//T18NWv8/5v7Xhplkkv8BAAAgBzH3PxhmIv8DAABAZcTcPxVmIv8DAABAZcTcPx1mkkn+1//X/8+p/+/8//r/+v/Vp//fnf5/D/r/+v9V6/8Xhf4/t9Sg9f9j7t8VZpJJ/gcAAIAcxNy/O8xE/gcAAIDKiLl/T5iJ/A8AAACVEXP/3jCTTPK//r/+v/6//r/+f+f16/+vT/r/3en/96D/r/9ftf6/8/9ziw1a/z/m/ofCTDLJ/wAAAJCDmPv3hZnI/wAAAFAZMffvDzMJ+b/T/+sGAAAA1peY+w+EmWTy7//6/xXp///m37esW/9f/7/L+tPVq+v/b9T/D1P/f7BUtP/f/rK4Yfr/Pej/6//r/+v/01eD1v+Puf9gmEkm+R8AAAByEHP/68JM5H8AAACojJj7fzrMRP4HAACAyoi5/2fCTDLJ//r/Fen/t9H/1//vtn7n/9f/r7KK9v/7plL9/yH9f/3/wdp+/X/9fxa7+f3/+NHy+v8x9x8KM8kk/wMAAEAOYu7/2TAT+R8AAAAqI+b+14eZyP8AAABQGTH3Hw4zyST/6//r/+v/6//fnP7/64t2g9j/rx88+v/Vov/fXaX6/87/r/8/YNuv/6//z2KDdv7/mPvfEGaSSf4HAACAHMTc/3CYifwPAAAAlRFz/xvDTOR/AAAAqIyY+98UZpJJ/tf/1//X/9f/d/7/zuvX/1+f9P+70//vQf9f/z/X/v8z+v/cHIPW/4+5/81hJpnkfwAAAMhBzP1vCTOR/wEAAKAyYu5/a5iJ/A8AAACVEXP/28JMMsn/+v/6//r/+v/6/53Xr/+/Pun/d6f/34P+v/5/rv1/5//nJhm0/n/M/T8XZpJJ/gcAAIAcxNz/SJiJ/A8AAACVEXP/28NM5H8AAACojJj73xFmkkn+v7X9/9pIUej/6//r/+v/l/T/9f/7Qf+/O/3/HvT/9f/1//X/6atB6//H3P/OMJNM8j8AAADkIOb+nw8zkf8BAACgMmLuf1eYifwPAAAAlRFz/y+EmWSS/53/X/9/sPr/C5eab6f/r/9f9Kv/X7+R/n8W9P+70//voUP/f4P+v/6//r/+Pzds0Pr/Mfe/O8wkk/wPAAAAOYi5/z1hJvI/AAAAVEbM/e8NM5H/AQAAoDJi7n80zCST/K//n2X/Pz3kwev/O/+//r/z/+v/r47+f3f6/z04/7/+v/6//j99NWj9/5j7HwszyST/AwAAQA5i7n9fmIn8DwAAAJURc/8vhpnI/wAAAFAZMfe/P8wkk/yv/59l/3+Az/9ftf7/SMvxkVP/f7zp+UzHpf6//v8a0P/vbg36/y13o/+v/6//38f+fziaNy5xe/1/BtGg9f9j7v9AmEkm+R8AAAByEHP/L4WZyP8AAABQGTH3/3KYifwPAAAAlRFz/6+EmWSS//X/9f/1/53/3/n/O69f/3990v/vzvn/e9D/1/8f5P5/D/r/DKJB6//H3P+rYSZLBr8f/NcyHiYAAAAwQGLu/2CYSSb//g8AAAA5iLn/SJiJ/A8AAACVEXP/0TCTTPK//n97/z+eUVX/X/9f/1//X/9/Pepf//9ltxeF/r/+v/6//r/+v/4/qzFo/f+Y+4+FmWSS/wEAACAHMff/WpiJ/A8AAACVEXP/8TAT+R8AAAAqI+b+mTCTTPL/Lez/jw5m/9/5/2+0//8T/X/9/0D/vzP9/7Xh/P/d6f/3oP+v/6//r/9PXw1a/z/m/tkwk0zyPwAAAFRY+nFwzP0nwkzkfwAAAKiMmPtPhpnI/wAAAFAZMfd/KMwkk/zv/P/6/87/fyv6/yMty+v/l/T/9f/7Qf+/O/3/HvT/9f/1//X/6atB6//H3D8XZpJJ/gcAAIAcxNz/4TAT+R8AAAAqI+b+j4SZyP8AAABQGTH3nwozyST/6//r/+fe/68VxWXn/8+8/z/eef36/+uT/n93+v896P/r/+v/6//TV4PW/4+5/3SYSSb5HwAAAHIQc/+ZMBP5HwD+n737aLLrrPo+fB4/tqQewUdgzIghjOyPwJQBVVQxpkgmB1tkk03OweScczI5B5MzJudoonGVKHevtdStPtq7pd46Z+/7vq7Jeq2y3j6NGz/1R/WrGwCgGbn77xu32P8AAADQjNz994tbOtn/+n/9f+/9/2or7/8f/Pv1/3u8/6//n8Kh/v7y9X/f+aLw8/b/d7nr1ffS/+v/9f+D9P/6f/0/55pb/5+7//5xSyf7HwAAAHqQu/8BcYv9DwAAAM3I3f/AuMX+BwAAgGbk7r86bulk/+v/59D/n/0E+n/9/9b7/xv1//r/ZfP+/zD9/wj9v/5f/6//Z1Jz6/9z9z8obulk/wMAAEAPcvc/OG6x/wEAAKAZufsfErfY/wAAANCM3P0PjVs62f/6/zn0/97/1/8fpf8/4f3/c74f/b/+fx39/zD9/wj9v/5f/6//Z1Jz6/9z9z8sbulk/wMAAEAPcvc/PG6x/wEAAKAZufsfEbfY/wAAANCM3P2PjFs62f/6f/2//n8p/f+G3v/X/+v/F+6G1dl/J+j/D9P/jxjp/1cr/f+QI/fz67+95Xz+89D/6/85bG79f+7+R8UtV61WJy72mwQAAABmJXf/o+OWTv78HwAAAHqQu/+auMX+BwAAgGbk7r82bulk/+v/9f/6/yP1//kt6v/30f/v0f/Pi/f/hx2//7/zHe9z7377f+//D/P+/9T9/+0/Gfp/lm1u/X/u/tNxSyf7HwAAAHqQu/8xcYv9DwAAAM3I3f/YuMX+BwAAgGbk7n9c3NLJ/tf/t9b///+B37ev/9+tXfT/3v/X/+v/W6f/H+b9/xG7/5rbqb/U/+v/vf+v/+d45tb/5+5/fNzSyf4HAACAHuTuf0LcYv8DAABAM3L3PzFusf8BAACgGbn7nxS3dLL/9f+t9f8Hf5/3//X/676+/l//3zL9/zD9/4hW3v+/yJ+abffzx7Xtz6//1/9z2Nz6/9z918Utnex/AAAA6EHu/ifHLfY/AAAANCN3/1PiFvsfAAAAmpG7/6lxSyf7X/+v/19G/59fQf+v/7/0/X/S/y+T/n+Y/n9EK/3/Rdp2P7/0zz/Y/++Mf379Py2aW/+fu/9pcUsn+x8AAAB6kLv/6Xv3nvU/E9v/AAAA0IzY/atnxC32PwAAADQjd/8z45ZO9r/+X/+/jP7f+//6f+//6/+PRv8/TP8/Qv+v//f+v/6fSc2t/8/df33c0sn+BwAAgB7k7n9W3GL/AwAAQDNy9z87brH/AQAAoBm5+58Tt3Sy//X/+n/9v/5f/7/+6+v/l0n/P0z/P0L/r//X/+v/mdSM+v99v+vU6rlxSyf7HwAAAHqQu/95cYv9DwAAAM3I3f/8uMX+BwAAgGbk7n9B3NLJ/tf/z6b/38352ur/d1arlf5/1Wn/v7Pvn2f9XOr/9f8boP8fpv8fof/X/+v/9f9Makb9/+5f5+5/YdzSyf4HAACAHuTuf1HcYv8DAABAM3L3vzhusf8BAACgGbn7XxK3dLL/9f+z6f93tdX/e///3J+Pnvp/7/8fpv/fDP3/MP3/CP2//l//r/9nUnPr/3P3vzRuOnHFRX+LAAAAwMzk7n9Z3NLJn/8DAABAD3L3vzxusf8BAABgoa4/9Cu5+18Rt3Sy//X/0/b/J/b9mv5f/3/uz4f+X/+v/7/09P/D9P8j9P/6f/2//p9Jza3/z93/yrilk/0PAAAAPcjdf0PcYv8DAABAM3L3vypusf8BAACgGbn7Xx23dLL/9f/e/9f/6//1/+u/vv5/mfT/wy55/x//QtT/6//X9fO3TfzzvOnPP2aC/v/k2f+n/p82XED/f+bMmWsuef+fu/81cUsn+x8AAAB6kLv/tXGL/Q8AAADNyN3/urjF/gcAAIBm5O5/fdzSyf7X/3fa/+eP+rL6/2tXK/2//l//r/8fpv8f5v3/Efp/7/97/1//z6Tm9v5/7v43xC2d7H8AAADoQe7+N8Yt9j8AAAA0I3f/m+IW+x8AAACakbv/zXFLJ/tf/99p/+/9f/2//n/T/f+tK/3/Riyi/985/9efe/9/Wv+v/x/QXf9/97sd+Ev9v/6fw+bW/+fuf0vc0sn+BwAAgB7k7n9r3GL/AwAAQDNy978tbrH/AQAAoBm5+98eN13eyf7X/+v/9f/6f/3/+q+/4ff/T6xWK/3/BBbR/w+Ye/8/zfv/5/63/Cz9v/5/yZ9f/6//57C59f+5+98Rt3Sy/wEAAKAHufvfGbfY/wAAANCM3P3vilvsfwAAAGhG7v53xy2d7H/9v/5f/6//b77/P72I/t/7/xPZbP9/Wv/f4/v/V+n/z0f/r//X/3NU2+r/c/e/J27pZP8DAABAD3L3vzdusf8BAACgGbn73xe32P8AAADQjNz9749bOtn/+n/9/4X0//k59f9t9f8nZ9f/nzrw/18n7//r/yfi/f9h+v8R3v/X/+v/r9f/M6W5vf+fu/8DcUsn+x8AAAB6kLv/g3Hrf7q1/wEAAKAZufs/FLfY/wAAANCM3P0fjls62f/6f/2/9//1/82//6//74r+f5j+f4T+X/+v//f+P5OaW/+fu/8jcUsn+x8AAAB6kLv/o3GL/Q8AAADNyN3/sbjF/gcAAIBm5O6/MW7pZP/r//X/+n/9v/5/75+h/r8N+v9hm+n/d/T/+v/q5/8v/lug/9f/j/1+2jS3/j93/8fjlk72PwAAAPQgd/8n4hb7HwAAAJqRu/+TcYv9DwAAAIt0+Zpfy93/qbilk/2v/9f/6//1//r/9V9f/79MW+n/84dC/+/9/9BP/3+nA3+1tPf/z/2/X/p//T/Tm1v/n7v/03FLJ/sfAAAAepC7/zNxi/0PAAAAzcjd/9m4xf4HAACAZuTu/1zc0sn+1//r//X/+n/9//qvr/9fJu//D9P/j9D/b/X9/KV/fv2//p/D5tb/5+7/fNzSyf4HAACAHuTu/0LcYv8DAABAM3L3fzFusf8BAACgGbu7P+OyDve//l//r//X/+v/1399/f8y6f+H6f9H6P/1//p//T+Tmlv//6Xd33Vq9eW4pZP9DwAAAD3I3f+VuMX+BwAAgGbk7v9q3GL/AwAAQDNy938tbulk/+v/9f/L6P/PnDlzjf5f/3/w+znb/9+s/6fo/4fp/0fo//X/+n/9P5OaW/+fu/+muKWT/Q8AAAA9yN3/9bjF/gcAAIBm5O7/Rtxi/wMAAEAzcvd/M27pZP/r/2fQ/5/S/3v/X/+/8v6//n8i+v9h+v8RLfb/p47+7W+7nz+ubX9+/b/+n8Pm1v/n7v9W3NLJ/gcAAIAe5O7/dtxi/wMAAEAzcvd/J26x/wEAAKAZufu/G7d0sv/1/5vr/2//z66X9/93Vus/v/5f/6//1/9favr/Yfr/ES32/xdg2/380j+//l//z2Fz6/9z938vbjk4/K64sO8SAAAAmJPc/d+PWzr5838AAADoQe7+H8Qt9j8AAAA0I3f/D+OWTva//n8G7/832P97/3/9z4f+f9b9/2X6/zbo/4fp/0csu/+/6YK+1zW23c8v/fPr//f3//nTrP/v3dz6/9z9P4pbOtn/AAAA0IPc/T+OW+x/AAAAaEbu/p/ELfY/AAAANCN3/81xy779v67tboX+X/+v/9f/6//Xf339/zLp/4cdtf8/uTpe/5/0/97/1//32v97/589c+v/c/f/NG7x5/8AAACwOFec59dz9/8sbrH/AQAAoBm5+38et9j/AAAA0Izc/b+IW265bFsfaaP0//p//b/+X/+//uvr/5dJ/z/M+/8j9P9T9PNX6v/b6P9XK/0/xze3/j93/y/jFn/+DwAAAM3I3f+ruMX+BwAAgGbk7v913GL/AwAAQDNy9/8mbulk/+v/9f/H7P9300z9/x79/x79/3r6/83Q/w/T/4/Q/3v/X//v/X8mNbf+P3f/b+OWTvY/AAAA9CB3/+/iFvsfAAAAmpG7//dxi/0PAAAAzcjd/4e4pZP9v7X+P/6j1v8vvv/3/r/+X/+v/58V/f8w/f8I/b/+X/+v/2dSc+v/c/f/MW7pZP8DAABAD3L3/ylusf8BAACgGbn7/xy32P8AAADQjNz9f4lbOtn/3v/X/+v/9f/6//VfX/+/TPr/Yfr/9eoflP5f/6//1/8zqbn1/7n7/xq3dLL/AQAAoAe5+/8Wt9j/AAAA0Izc/bfELfY/AAAANCN3/9/jlk72v/5f/6//1//r/9d/ff3/Mun/h22z/7/HHca/rPf/t97/50fQ/+v/9f9MYm79f+7+f8Qtnex/AAAA6EHu/n/GLfY/AAAANCN3/7/iFvsfAAAAmpG7/99xSyf7f6T/P1l/o/5/kP7/4OfX/6//+dD/V/9/XfyS/l//Pzn9/zDv/4/Q/3v/X/+v/2dSc+v/c/f/J27pZP8DAABAD3L33xq32P8AAADQjNz9/41b7H8AAABoRu7+2+KWTva/9/+X1P9fqf/X/7fS/3v/X/9/yej/h+n/R+j/9f/6f/0/k5pb/5+7/38BAAD//w4+TuQ=")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r0, 0x10001, 0x0)

28.436513253s ago: executing program 34 (id=2196):
sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x6)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75737271756f74612c696f636861727365743d69736f383835392d352c696f636861727365743d6575632d6a702c696e746567726974792c71756f74612c6e6f71756f74612c71756f7461006572726f72733d636f6e74696e75652c756d61736b3d3078303030303030303030303030303038312c75737271756f74612c06000000756f74612c756d61736b3d3078303030303030303030303030303030312c67727071756f74612c756d61736b3d3078303030303030303030303032303034352c726f6f74636f6e746578743d7379752c646566636f6e746578743d73797361646d5f752c66736e616d653d003f0000587d5b2d292b2c00a9c1a30bc3207997b7f4e9447ee50b7a7e32bbde0fc9243970c38a6cb5080b27024c8fa61254ca59336acbf090ea35b6e7e44f4af2c218e937a7689e5f17975998f3ff7c1c7b896131aaf5097320e70b9b3c7424cb12be8a69b44da8d201000000abf6813950c019ae80f2a89a067e768d0c305f77357aaccfbf7dc0503768aaa6b8940e1ccbc41e021e0cf63c2d1c991852b2b84c2d677f2898bde305ce8fa91a7c14e01f5f066af16ae8fa48cdee8bf24677ab469a4f18d640cc", @ANYRES64], 0xfe, 0x619d, &(0x7f00000012c0)="$eJzs3c9vHGf9B/DP/vSPfptaPVT9Rgi5aflRSpM4KSFQoO0BDlx6QLmiRK5bRaSAkoDSyiKufOHAib8AhMQRIY6IA39AD1y5ceJEJBsJ1BODxn6eeHay23VwvLP2vF6SM/OZZ9b7jN87+yMzs08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPHd73xvrRMR13+aFqxE/F/0IroRS2W9GhFLqyt5/X5EPB97zfFcRAwWIsrb7/3zTMRrEfHxmYid3c31cvGlQ/bj27//62++/9Tbf/nd4MK//3C39/qk9e7d+8W//nj/aNsMAAAAbVMURdFJH/PPps/33aY7BQDMRH79L5K8/NTXv/z723+ap/6o1Wq1Wj2DuqoY7361iIit6m3K9wwOxwPACbMVnzTdBRok/1brR8RTTXcCmGudpjvAsdjZ3VzvpHw71deD1f32fC7ISP5bnYfXd0yaTlM/x2RWj6/t6MWzE/qzNKM+zJOcf7ee//X99mFa77jzn5VJ+Q/3L31qnZx/r55/zenJvzs2/7bK+fcfK/+e/AEAAAAAYI7l//9fafj478LRN+VQPu347+qM+gAAAAAAAAAAT9pRx/97yPh/AAAAMLfKz+qlX505WDbpu9jK5dc6EU/X1gdaJl0ss9x0PwAAAAAAAAAAAACgTfr75/Be60QMIuLp5eWiKMqfqnr9uI56+5Ou7dsPbdb0kzwAAOz7+EztWv5OxGJEXEvf9TdYXl4uisWl5WK5WFrI72eHC4vFUuVzbZ6WyxaGh3hD3B8W5S9brNyuatrn5Wnt9d9X3tew6B2iY0/IIP01JzQ3FDYAJPuvRjtekU6Zonhm0psPGGH/P4VWYqXpxxXzr+mHKQAAAHD8iqIoOunrvM+mY/7dpjsFAMxEfv2vHxc4Ut2d0B7xZH7/3NaDmK/+qNVqtVo9WlcV492vFhGxVb1N+Z7BcPwAcMJsxSdNd4EGyb/V+hHxfNOdAOZap+kOcCx2djfXOynfTvX1II3vns8FGcl/q7N3u3z7cdNp6ueYzOrxtR29eHZCf56bUR/mSc6/W8//+n77MK133PnPyqT8h3uXzLVPzr9Xz7/m9OTfHZt/W+X8+4+Vf0/+AAAAAAAwx/L//684/ps3GQAAAAAAAABOnJ3dzfV83Ws+/v+ZMeu5/vN0yvl3Hjf/pTQv/xMt59+t5f/F2nq9yvyDtw72/3/ubq7/9u4//j9PD5v/Qp7ppEdWJz0iOumeOv00PcrWPWp70BuW9zTodHv9dM5PMXg3bsat2IiLI+t209/joH1tpL3s6WCk/dJIe/+R9ssj7YP0vQPFUm4/H+vxo7gV7+y1l20LU7Z/cUp7MaU959/z/N9KOf9+5afMfzm1d2rT0oOPuo/s99XpuPt58+Znf37x+Ddnqu3oPdy2qnL7zjXQn72/yVPD+Mmdjdvn7924e/f2WqTJyNJLkSZPWM5/sPezcPD8/+J+e37er+6vDz4aPnb+82I7+hPzf7EyX27vyzPuWxNy/sP0k/N/J7WP3/9Pcv6T9/9XGugPAAAAAAAAAAAAAAAAfJqiKPYuEX0zIq6k63+aujYTAJit/PpfJHm5Wq1Wq9Xq01dXFeO9US0i4s/V25TvGX427pcBAPPsPxHxt6Y7QWPk32L5+/7K6UtNdwaYqTsffPiDG7dubdy+03RPAAAAAAAAAID/VR7/c7Uy/vNLEbFSW29k/Ne3YvWo43/288zDAUaf8EDfE2x3h71uZbjxF2JvfO7zk8b/PhePjv+dx8TtVbdjgsGU9uGU9oUp7Ytjlx6kNfZCj4qc/wuV8c7L/M/Whl9vw/iv9THv2yDnf67yeC7z/0JtvWr+xa/nLv+tw664Hd2R/C/cff/HF+588OGrN9+/8d7Gexs/vLy2dvHylStXr1698O7NWxsX9/89nl7PgZx/HvvaeaDtkvPPmcu/XXL+n0u1/Nsl5//5VMu/XXL++f2e/Nsl558/+8i/XXL+L6da/u2S8/9SquXfLju7mwtl/q+kWv7tkvf/L6da/u2S83811fJvl5z/+VTLv11y/hdSfYj8fT38KZLzz0e47P/tkvNfS7X82yXnfynV8m+XnP/lVMu/XXL+r6Va/u2S8/9KquXfLjn/K6mWf7vk/L+aavm3S87/aqrl3y45/6+lWv7tkvP/eqrl3y45/9dTLf92yfl/I9Xyb5ec/zdTLf92yfl/K9Xyb5ec/xupln+7HHz/vxkzZszkmaafmQAAAAAAAAAAAACAulmcTtz0NgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLUauu74D+Jm9ee0QYiAEJzWwSYwxzpJdX+ILrYsJ1wYoBRIKvWC73rVZ8A2vXQJFsmmgRMKoqKJq+tAWEGojVRVWxQOtKM1D1ctTaR/oS0VVCalRFZBBRWormq1mzv//98zs7Myud7yePf/PR7J/uzNn5pw5c2Z2v2t/9wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs3vfOPvZWlEU9T+NvzYXxQvqH2+c2Ny47HW3egsBAACA1fq/xt/X7kgXHF7GjZqW+btX/OPXFxYWFor3D//u6BcXFtIVE0UxuqEoGtdFV//9A7XmZYInivHaUNPnQz1WP9zj+pEe14/2uH6sx/Ubelw/3uP6RTtgkY3lz2Mad7at8eHmcpcWdxajjeu2dbjVE7UNQ0PxZzkNtcZtFkZPFHPFqWK2mG5Zvly21lj+m/fW1/W2Iq5rqGldW+tHyA8/eTxuQy3s420t67p+n9H331BM/OiHnzz+xxeeu7vT7LkbWu6v3M4d99W389PhknJba8WGtE/idg41befWDs/JcMt21hq3q3/cvp3Xlrmdw9c3c021P+fjxVDj42839tNI84/10n7aGi777/uLorh8fbPbl1m0rmKo2NRyydD152e8PCLr91E/lF5cjKzoOL13Gcdpfc5saz1O218T8fm/N9xuZIltaH6avv+psUXP+0qP06j+qJd6rbQfg/1+rQzKMRiPi283HvSTHY/BbeHxf3L70sdgx2OnwzGYHnfTMXhfr2NwaGy4sc3pSag1bnP9GNzVsvxwY021xnx2e/djcOrC6XNT8x//xGvnTh87OXty9syeXbum9+zbd+DAgakTc6dmp8u/b3BvD75NxVB6DdwX9l18Dby6bdnmQ3Xhy/17HY53eR1ublu236/DkfYHV1ubF+TiY7p8bTxa3+njV4aKJV5jjedn5+pfh+lxN70OR5pehx2/pnR4HY4s43VYX+bczuV9zzLS9KfTNtysrwWbm47B9u9H2o/Bfn8/MijH4Hg4Lv5159JfC7aG7X1ycqXfjwwvOgbTww3vPfVL0vf74wcao9NxeU/9itvGiovzs+cffPzYhQvndxVhrImXNB0r7cfrpqbHVCw6XodWfLwennvFk/d0uHxz2Ffjr63/Nb7kc1VfZu+D3Z+rxle3zvuz5dLdRRh9ttb7s9NX8/r+TFmyy/6sL/PpqdV/L55yadP77+gS778x9z9fri/d1RPDoyPl63c47Z3Rlvfj1qdqpPHeVWus+9rU8t6PR8OftX4/vrPL+/GWtmX7/X482v7g4vtxrddPO1an/fkcD8fJqenu78f1ZbbsXukxOdL1/fj+MGth/78mJIWUi5qOnaWO27SukZHR8LhG4hpaj9M9LcuPhmxWX9fTu2/sON1xf3lfw+nRXbdWx+lE27L9Pk7T+9VSx2mt10/fbkz78zkejos793Q/TuvLPLN39e+dG+OHTe+dY41j8NrS9zM6PFbf5tF0EJbv9wsb4zH4YHG8OFucKmYa1441jqdaY12TDy3vGBwLf9b6vXJLl2NwR9uy/T4G09expY692sjiB98H7c/neDgunnqo+zFYX+ZN+/v7veuOcElapul71/afry31M6972nbTzfyZV307/2Z/95/N1pc5dWClObP7fnogXHJbh/001vY1ZKnX1EyxNvtpS9jO5w4svZ/q21Nf5osHl3k8HS6K4tJHH278vDf8+8qfX/zO11v+3aXTv+lc+ujDP7j9xN+uZPsBWP+eL8em8mtd079MLeff/wEAAIB1Ieb+oTAT+R8AAAAqI+b++L/CE/kfAAAAKiPm/pEwk0zy/5Y3PTf3/KUiNfMXgnh92g2PlMvFjut0+Hxi4br65Q9/dfbHf3lpeeseKoriJ4/8RsfltzwSt6s0Ebbz6ptbL198w0vLWv/Rx64v19xf/1K4//h4lnsYdKrgThdF8c07Pt9Yz8QHrjTmM48cbcz3XH7yifoy1w6Wn8fbP/uScvk/COXfwyeOtdz+2bAfvhfm9Ns77494u69dec3W/e+7vr54u9p9L2w87Kc+WN5v/D05X3iiXD7u56W2/68+9/TX6ss//qrO239pqPP2Px3u96th/s/Ly+Wbn4P65/F2nwnbH9cXb/fgV77VcfuvfrZc/txbyuWOhhnXvyN8vu0tz80176/Ha8daHlfx1nK5uP7p7/x24/p4f/H+27d//MiVlv3Rfnw888/l/Uy1LR8vj+uJ/qJt/fX7aT4+4/qf/q2jLfu51/qvvufZl9fvt339D7QtN9x2+/bf2PSHn/l8x/XF7Tn8Z+daHs/hd4fXcVj/Ux8Mx2O4/n+vfr5lvdHRd7e+/8Tlv7T5Usvjid72o3L9V19/sjH/Y+LHv3/bC25/4eVX1vddUXz7veX99Vr/yT8627L9X75rZ+P5iNfHjn77+pcS13/+Y5Nnzs5fnJtp2quN353zjnJ7Noxv3FTf3jvCe2v750fOXvjQ7PmJ6Ynpopio7q/Qu2FfCfMH5bi80tvvfCw8n/f83jc3bf+nz8XL/+XR8vIrby+/br06LPeFcPnm8vlbqK1y/U/de1fj9V17pvy8pcfeB1u3/eeBZS0YHn/79wXxeD/30g819kP9usbXjfi6XuX2f3emvJ9vhP26EH4z8313XV9f8/LxdyNceW/5el/1/gtvc/F5/ZPwfL/ze+X9x+2Kj/e74fuYb21pfb+Lx8c3Lg2133/jt3hcDu8nxeXy+rhU3N9Xrt3VcfPi7yEpLt/d+Px30v3cvaKHuZT5j89PnZo7c/HxqQuz8xem5j/+iSOnz148c+FI43d5Hvlwr9tff3/a1Hh/mpndt7eY3lgUxdlieg3esG7O9tc/Wt72n3vs+Mz+6e0zsyeOXTxx4bFzs+dPHp+fPz47M7/92IkTsx/rdfu5mUO7dh/cs3/35Mm5mUMHDh7cc3By7szZ+maUG9XDvumPTJ45f6Rxk/lDew/ueuihvdOTp8/OzB7aPz09ebHX7Rtfmybrt/71yfOzp45dmDs9Ozk/94nZQ7sO7tu3u+dvAzx97sT8xNT5i2emLs7Pnp8qH8vEhcbF9a99vW5PNc3/W/n9bLta+Yv4inc9sC/9fta6r35qybsqF2n7BaLPhd9F8w8vOndgOZ/H3D8aZpJJ/gcAAIAcxNw/FmYi/wMAAEBlxNy/IcxE/gcAAIDKiLl/PMwkk/yv/6//v7z+f3m9/n9e/f9zHy17peu9/x/78/r/ebjF/f9Vr1//X/+/ev3/5ffn1/v26//r/7PYoPX/Y+7fWBRZ5n8AAADIQcz9m8JM5H8AAACojJj7bwszkf8BAACgMmLuf0GYSSb5X/9/Wf3/3b0KV9Xv/zv/v/5/sT77//HJ0f/Pxor79+97tOVT/f9A/1//X/9f/1//n1UbXfKaW9X/j7n/9jCTTPI/AAAA5CDm/heGmcj/AAAAUBkx998RZiL/AwAAQGXE3L85zCST/K//7/z/+v/6/937/2NN97QO+/+rPf9/08bo/68Pzv/fnf5/Dzfc/x/X/1+P/f/R/m7/YPf/e26+/j83xaCd/z/m/heFmWSS/wEAACAHMfe/OMxE/gcAAIDKiLn/JWEm8j8AAABURsz9d4aZZJL/9f/1//X/9f8rff7/1fb/u57/v/xI/3+w6P93p//fg/P/59X/7/P2D3b/v9/n/x99c/vt9f/pZND6/zH3vzTMJJP8DwAAADmIuf+uMBP5HwAAACoj5v6XhZnI/wAAAFAZMfdvCTPJJP/r/+v/6//r/+v/d15/7/5/Sf9/sOj/d6f/34P+v/6//v/y+v8dvvnV/6eTQev/x9x/d5hJJvkfAAAAchBz/z1hJvI/AAAAVEbM/T8VZiL/AwAAQGXE3L81zCST/K//r/+v/59X//+BMf1//f9q0//vTv+/B/1//X/9/2We/3+xlfT/N/S6Mypj0Pr/Mfe/PMwkk/wPAAAAOYi5/xVhJvI/AAAAVEbM/a8MM5H/AQAAoDJi7p8IM8kk/+v/V6v//6d//dQrC/1//f8e669o/z8eBvr/mdP/707/vwf9f/1//f816f+Tj0Hr/8fcf2+YSSb5HwAAAHIQc/99YSbyPwAAAFRGzP33h5nI/wAAAFAZMfdvCzOpfP4vmw/6/9Xq/0f6//r/3dZf0f5/ov+fN/3/DppepPr/Pej/Z9//j2kg3/5//O5X/5/+GLT+f8z9rwozqXz+BwAAgHzE3L89zET+BwAAgMqIuf/VYSbyPwAAAFRGzP07wkwyyf/6//r/+v/6//r/ndev/78+6f93t9L+/5j+v/5/Zv1/5/93/n/6a9D6/zH3vybMJJP8DwAAADmIuX9nmIn8DwAAAJUR//9m+f9e5X8AAACoopj7J8NMMsn/+v/6/zn1/2v6//r/+v+Vp//fnfP/96D/r/+v/6//T18NWv8/5v7Xhplkkv8BAAAgBzH3PxhmIv8DAABAZcTcPxVmIv8DAABAZcTcPx1mkkn+1//X/8+p/+/8//r/+v/Vp//fnf5/D/r/+v9V6/8Xhf4/t9Sg9f9j7t8VZpJJ/gcAAIAcxNy/O8xE/gcAAIDKiLl/T5iJ/A8AAACVEXP/3jCTTPK//r/+v/6//r/+f+f16/+vT/r/3en/96D/r/9ftf6/8/9ziw1a/z/m/ofCTDLJ/wAAAJCDmPv3hZnI/wAAAFAZMffvDzMJ+b/T/+sGAAAA1peY+w+EmWTy7//6/xXp///m37esW/9f/7/L+tPVq+v/b9T/D1P/f7BUtP/f/rK4Yfr/Pej/6//r/+v/01eD1v+Puf9gmEkm+R8AAAByEHP/68JM5H8AAACojJj7fzrMRP4HAACAyoi5/2fCTDLJ//r/Fen/t9H/1//vtn7n/9f/r7KK9v/7plL9/yH9f/3/wdp+/X/9fxa7+f3/+NHy+v8x9x8KM8kk/wMAAEAOYu7/2TAT+R8AAAAqI+b+14eZyP8AAABQGTH3Hw4zyST/6//r/+v/6//fnP7/64t2g9j/rx88+v/Vov/fXaX6/87/r/8/YNuv/6//z2KDdv7/mPvfEGaSSf4HAACAHMTc/3CYifwPAAAAlRFz/xvDTOR/AAAAqIyY+98UZpJJ/tf/1//X/9f/d/7/zuvX/1+f9P+70//vQf9f/z/X/v8z+v/cHIPW/4+5/81hJpnkfwAAAMhBzP1vCTOR/wEAAKAyYu5/a5iJ/A8AAACVEXP/28JMMsn/+v/6//r/+v/6/53Xr/+/Pun/d6f/34P+v/5/rv1/5//nJhm0/n/M/T8XZpJJ/gcAAIAcxNz/SJiJ/A8AAACVEXP/28NM5H8AAACojJj73xFmkkn+v7X9/9pIUej/6//r/+v/l/T/9f/7Qf+/O/3/HvT/9f/1//X/6atB6//H3P/OMJNM8j8AAADkIOb+nw8zkf8BAACgMmLuf1eYifwPAAAAlRFz/y+EmWSS/53/X/9/sPr/C5eab6f/r/9f9Kv/X7+R/n8W9P+70//voUP/f4P+v/6//r/+Pzds0Pr/Mfe/O8wkk/wPAAAAOYi5/z1hJvI/AAAAVEbM/e8NM5H/AQAAoDJi7n80zCST/K//n2X/Pz3kwev/O/+//r/z/+v/r47+f3f6/z04/7/+v/6//j99NWj9/5j7HwszyST/AwAAQA5i7n9fmIn8DwAAAJURc/8vhpnI/wAAAFAZMfe/P8wkk/yv/59l/3+Az/9ftf7/SMvxkVP/f7zp+UzHpf6//v8a0P/vbg36/y13o/+v/6//38f+fziaNy5xe/1/BtGg9f9j7v9AmEkm+R8AAAByEHP/L4WZyP8AAABQGTH3/3KYifwPAAAAlRFz/6+EmWSS//X/9f/1/53/3/n/O69f/3990v/vzvn/e9D/1/8f5P5/D/r/DKJB6//H3P+rYSZLBr8f/NcyHiYAAAAwQGLu/2CYSSb//g8AAAA5iLn/SJiJ/A8AAACVEXP/0TCTTPK//n97/z+eUVX/X/9f/1//X/9/Pepf//9ltxeF/r/+v/6//r/+v/4/qzFo/f+Y+4+FmWSS/wEAACAHMff/WpiJ/A8AAACVEXP/8TAT+R8AAAAqI+b+mTCTTPL/Lez/jw5m/9/5/2+0//8T/X/9/0D/vzP9/7Xh/P/d6f/3oP+v/6//r/9PXw1a/z/m/tkwk0zyPwAAAFRY+nFwzP0nwkzkfwAAAKiMmPtPhpnI/wAAAFAZMfd/KMwkk/zv/P/6/87/fyv6/yMty+v/l/T/9f/7Qf+/O/3/HvT/9f/1//X/6atB6//H3D8XZpJJ/gcAAIAcxNz/4TAT+R8AAAAqI+b+j4SZyP8AAABQGTH3nwozyST/6//r/+fe/68VxWXn/8+8/z/eef36/+uT/n93+v896P/r/+v/6//TV4PW/4+5/3SYSSb5HwAAAHIQc/+ZMBP5HwD+n737aLLrrPo+fB4/tqQewUdgzIghjOyPwJQBVVQxpkgmB1tkk03OweScczI5B5MzJudoonGVKHevtdStPtq7pd46Z+/7vq7Jeq2y3j6NGz/1R/WrGwCgGbn77xu32P8AAADQjNz994tbOtn/+n/9f+/9/2or7/8f/Pv1/3u8/6//n8Kh/v7y9X/f+aLw8/b/d7nr1ffS/+v/9f+D9P/6f/0/55pb/5+7//5xSyf7HwAAAHqQu/8BcYv9DwAAAM3I3f/AuMX+BwAAgGbk7r86bulk/+v/59D/n/0E+n/9/9b7/xv1//r/ZfP+/zD9/wj9v/5f/6//Z1Jz6/9z9z8obulk/wMAAEAPcvc/OG6x/wEAAKAZufsfErfY/wAAANCM3P0PjVs62f/6/zn0/97/1/8fpf8/4f3/c74f/b/+fx39/zD9/wj9v/5f/6//Z1Jz6/9z9z8sbulk/wMAAEAPcvc/PG6x/wEAAKAZufsfEbfY/wAAANCM3P2PjFs62f/6f/2//n8p/f+G3v/X/+v/F+6G1dl/J+j/D9P/jxjp/1cr/f+QI/fz67+95Xz+89D/6/85bG79f+7+R8UtV61WJy72mwQAAABmJXf/o+OWTv78HwAAAHqQu/+auMX+BwAAgGbk7r82bulk/+v/9f/6/yP1//kt6v/30f/v0f/Pi/f/hx2//7/zHe9z7377f+//D/P+/9T9/+0/Gfp/lm1u/X/u/tNxSyf7HwAAAHqQu/8xcYv9DwAAAM3I3f/YuMX+BwAAgGbk7n9c3NLJ/tf/t9b///+B37ev/9+tXfT/3v/X/+v/W6f/H+b9/xG7/5rbqb/U/+v/vf+v/+d45tb/5+5/fNzSyf4HAACAHuTuf0LcYv8DAABAM3L3PzFusf8BAACgGbn7nxS3dLL/9f+t9f8Hf5/3//X/676+/l//3zL9/zD9/4hW3v+/yJ+abffzx7Xtz6//1/9z2Nz6/9z918Utnex/AAAA6EHu/ifHLfY/AAAANCN3/1PiFvsfAAAAmpG7/6lxSyf7X/+v/19G/59fQf+v/7/0/X/S/y+T/n+Y/n9EK/3/Rdp2P7/0zz/Y/++Mf379Py2aW/+fu/9pcUsn+x8AAAB6kLv/6Xv3nvU/E9v/AAAA0IzY/atnxC32PwAAADQjd/8z45ZO9r/+X/+/jP7f+//6f+//6/+PRv8/TP8/Qv+v//f+v/6fSc2t/8/df33c0sn+BwAAgB7k7n9W3GL/AwAAQDNy9z87brH/AQAAoBm5+58Tt3Sy//X/+n/9v/5f/7/+6+v/l0n/P0z/P0L/r//X/+v/mdSM+v99v+vU6rlxSyf7HwAAAHqQu/95cYv9DwAAAM3I3f/8uMX+BwAAgGbk7n9B3NLJ/tf/z6b/38352ur/d1arlf5/1Wn/v7Pvn2f9XOr/9f8boP8fpv8fof/X/+v/9f9Makb9/+5f5+5/YdzSyf4HAACAHuTuf1HcYv8DAABAM3L3vzhusf8BAACgGbn7XxK3dLL/9f+z6f93tdX/e///3J+Pnvp/7/8fpv/fDP3/MP3/CP2//l//r/9nUnPr/3P3vzRuOnHFRX+LAAAAwMzk7n9Z3NLJn/8DAABAD3L3vzxusf8BAABgoa4/9Cu5+18Rt3Sy//X/0/b/J/b9mv5f/3/uz4f+X/+v/7/09P/D9P8j9P/6f/2//p9Jza3/z93/yrilk/0PAAAAPcjdf0PcYv8DAABAM3L3vypusf8BAACgGbn7Xx23dLL/9f/e/9f/6//1/+u/vv5/mfT/wy55/x//QtT/6//X9fO3TfzzvOnPP2aC/v/k2f+n/p82XED/f+bMmWsuef+fu/81cUsn+x8AAAB6kLv/tXGL/Q8AAADNyN3/urjF/gcAAIBm5O5/fdzSyf7X/3fa/+eP+rL6/2tXK/2//l//r/8fpv8f5v3/Efp/7/97/1//z6Tm9v5/7v43xC2d7H8AAADoQe7+N8Yt9j8AAAA0I3f/m+IW+x8AAACakbv/zXFLJ/tf/99p/+/9f/2//n/T/f+tK/3/Riyi/985/9efe/9/Wv+v/x/QXf9/97sd+Ev9v/6fw+bW/+fuf0vc0sn+BwAAgB7k7n9r3GL/AwAAQDNy978tbrH/AQAAoBm5+98eN13eyf7X/+v/9f/6f/3/+q+/4ff/T6xWK/3/BBbR/w+Ye/8/zfv/5/63/Cz9v/5/yZ9f/6//57C59f+5+98Rt3Sy/wEAAKAHufvfGbfY/wAAANCM3P3vilvsfwAAAGhG7v53xy2d7H/9v/5f/6//b77/P72I/t/7/xPZbP9/Wv/f4/v/V+n/z0f/r//X/3NU2+r/c/e/J27pZP8DAABAD3L3vzdusf8BAACgGbn73xe32P8AAADQjNz9749bOtn/+n/9/4X0//k59f9t9f8nZ9f/nzrw/18n7//r/yfi/f9h+v8R3v/X/+v/r9f/M6W5vf+fu/8DcUsn+x8AAAB6kLv/g3Hrf7q1/wEAAKAZufs/FLfY/wAAANCM3P0fjls62f/6f/2/9//1/82//6//74r+f5j+f4T+X/+v//f+P5OaW/+fu/8jcUsn+x8AAAB6kLv/o3GL/Q8AAADNyN3/sbjF/gcAAIBm5O6/MW7pZP/r//X/+n/9v/5/75+h/r8N+v9hm+n/d/T/+v/q5/8v/lug/9f/j/1+2jS3/j93/8fjlk72PwAAAPQgd/8n4hb7HwAAAJqRu/+TcYv9DwAAAIt0+Zpfy93/qbilk/2v/9f/6//1//r/9V9f/79MW+n/84dC/+/9/9BP/3+nA3+1tPf/z/2/X/p//T/Tm1v/n7v/03FLJ/sfAAAAepC7/zNxi/0PAAAAzcjd/9m4xf4HAACAZuTu/1zc0sn+1//r//X/+n/9//qvr/9fJu//D9P/j9D/b/X9/KV/fv2//p/D5tb/5+7/fNzSyf4HAACAHuTu/0LcYv8DAABAM3L3fzFusf8BAACgGbu7P+OyDve//l//r//X/+v/1399/f8y6f+H6f9H6P/1//p//T+Tmlv//6Xd33Vq9eW4pZP9DwAAAD3I3f+VuMX+BwAAgGbk7v9q3GL/AwAAQDNy938tbulk/+v/9f/L6P/PnDlzjf5f/3/w+znb/9+s/6fo/4fp/0fo//X/+n/9P5OaW/+fu/+muKWT/Q8AAAA9yN3/9bjF/gcAAIBm5O7/Rtxi/wMAAEAzcvd/M27pZP/r/2fQ/5/S/3v/X/+/8v6//n8i+v9h+v8RLfb/p47+7W+7nz+ubX9+/b/+n8Pm1v/n7v9W3NLJ/gcAAIAe5O7/dtxi/wMAAEAzcvd/J26x/wEAAKAZufu/G7d0sv/1/5vr/2//z66X9/93Vus/v/5f/6//1/9favr/Yfr/ES32/xdg2/380j+//l//z2Fz6/9z938vbjk4/K64sO8SAAAAmJPc/d+PWzr5838AAADoQe7+H8Qt9j8AAAA0I3f/D+OWTva//n8G7/832P97/3/9z4f+f9b9/2X6/zbo/4fp/0csu/+/6YK+1zW23c8v/fPr//f3//nTrP/v3dz6/9z9P4pbOtn/AAAA0IPc/T+OW+x/AAAAaEbu/p/ELfY/AAAANCN3/81xy779v67tboX+X/+v/9f/6//Xf339/zLp/4cdtf8/uTpe/5/0/97/1//32v97/589c+v/c/f/NG7x5/8AAACwOFec59dz9/8sbrH/AQAAoBm5+38et9j/AAAA0Izc/b+IW265bFsfaaP0//p//b/+X/+//uvr/5dJ/z/M+/8j9P9T9PNX6v/b6P9XK/0/xze3/j93/y/jFn/+DwAAAM3I3f+ruMX+BwAAgGbk7v913GL/AwAAQDNy9/8mbulk/+v/9f/H7P9300z9/x79/x79/3r6/83Q/w/T/4/Q/3v/X//v/X8mNbf+P3f/b+OWTvY/AAAA9CB3/+/iFvsfAAAAmpG7//dxi/0PAAAAzcjd/4e4pZP9v7X+P/6j1v8vvv/3/r/+X/+v/58V/f8w/f8I/b/+X/+v/2dSc+v/c/f/MW7pZP8DAABAD3L3/ylusf8BAACgGbn7/xy32P8AAADQjNz9f4lbOtn/3v/X/+v/9f/6//VfX/+/TPr/Yfr/9eoflP5f/6//1/8zqbn1/7n7/xq3dLL/AQAAoAe5+/8Wt9j/AAAA0Izc/bfELfY/AAAANCN3/9/jlk72v/5f/6//1//r/9d/ff3/Mun/h22z/7/HHca/rPf/t97/50fQ/+v/9f9MYm79f+7+f8Qtnex/AAAA6EHu/n/GLfY/AAAANCN3/7/iFvsfAAAAmpG7/99xSyf7f6T/P1l/o/5/kP7/4OfX/6//+dD/V/9/XfyS/l//Pzn9/zDv/4/Q/3v/X/+v/2dSc+v/c/f/J27pZP8DAABAD3L33xq32P8AAADQjNz9/41b7H8AAABoRu7+2+KWTva/9/+X1P9fqf/X/7fS/3v/X/9/yej/h+n/R+j/9f/6f/0/k5pb/5+7/38BAAD//w4+TuQ=")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r0, 0x10001, 0x0)

7.148585939s ago: executing program 6 (id=2309):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x5bec, &(0x7f0000000040))
io_uring_register$IORING_REGISTER_FILES(r1, 0x12, 0x0, 0x0)

5.247984063s ago: executing program 6 (id=2318):
r0 = syz_clone(0xa0000280, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$ARCH_FORCE_TAGGED_SVA(0x1e, r0, 0x0, 0x4004)
ptrace(0x10, r0)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x0, 0x0)

4.818777795s ago: executing program 7 (id=2201):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x10008085, 0x0, 0x0)
poll(&(0x7f0000000000)=[{r0, 0x120a}], 0x1, 0x6)

4.612682397s ago: executing program 0 (id=2322):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x87}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000009f80)="c674015814a875ec92e8793fce1d", 0x0, 0x130000b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x27)

4.583614571s ago: executing program 6 (id=2323):
r0 = landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r0, 0x2, &(0x7f00000000c0)={0x3}, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r0, 0x2, &(0x7f0000000100)={0x1, 0x9}, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r0, 0x2, &(0x7f0000000180)={0x3, 0x9}, 0x0)

4.38175531s ago: executing program 7 (id=2325):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x25, &(0x7f0000000000))
fcntl$lock(r0, 0x25, &(0x7f00000000c0)={0x2, 0x0, 0x4004, 0xffffffffffffffff})
fcntl$lock(r0, 0x25, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x200})

4.199073596s ago: executing program 6 (id=2327):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtaction={0x2c8, 0x30, 0x300, 0x71bd22, 0x25dfdbff, {}, [{0x4}, {0x2b0, 0x1, [@m_bpf={0x9c, 0x6, 0x0, 0x0, {{0x8}, {0x18, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}]}, {0x5d, 0x6, "bfb48d1c9cbd39c403490f71e7c26903a2429639badf09f7f1460a1a37776d69ba43d012403ff817b805f05e15fda7d5abfefd6f88a71220a3dc2a6660c265b59ed90ce6980eda6d48215f2ed37602646c6855209b52b2022e"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ct={0x60, 0x15, 0x0, 0x0, {{0x7}, {0x38, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x5, 0x3, 0x7, 0x3}}, @TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e20}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_csum={0xb8, 0x1d, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xf, 0x7fffffff, 0x5, 0x7, 0xd}, 0x70}}]}, {0x6e, 0x6, "f0b8bf92cf8611111a0ff27fcc8825ca405600cfd0f6876d2892df6b5723118bb7d9d86de0a2706031cc8c62f7d1b04f3a9ed11665c75023f87c16ce970413ede5e5f6782d0d17be877ac54c09075ed841c7daeddf3395a210eab4335ed3bcb36fe1598dc94259da0136"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_connmark={0xb0, 0x13, 0x0, 0x0, {{0xd}, {0x74, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7, 0x7, 0x3, 0x7, 0x2}, 0x5a}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7, 0xdbc6, 0xfffffffffffffff8, 0x401, 0xdbc0}, 0x6a}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x5a, 0x7a1e, 0x0, 0x7fff, 0x9}, 0xfeff}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xf, 0x1, 0x4, 0x8001, 0xaf0a}, 0xa26}}]}, {0xd, 0x6, "535d12bc76a5c6d165"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_ctinfo={0x48, 0x1d, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0x7, 0x14, 0x2, 0x1, 0xe6}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x2c8}, 0x1, 0x0, 0x0, 0x4000810}, 0x20040800)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

3.986434124s ago: executing program 7 (id=2329):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@my=0x1, 0x4}, 0x1, 0x3, 0x3ff})

3.396405234s ago: executing program 7 (id=2330):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x2, &(0x7f0000000180)={[{@quota}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@noquota}, {@nodiscard}, {@discard_size={'discard', 0x3d, 0x4}}, {@nodiscard}, {@quota}, {@discard}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}]}, 0x1, 0x6108, &(0x7f000000fa40)="$eJzs3UuPHFfZB/Cn+jaXvEmsLKK8FkKTxFxCiK/BGALEWcCCDQvkLbI1mUQWDiDbICey8ESzYcGHACGxRIglKz5AFmzZ8QGwZCOBskqhmjlnXNPpdo8zma6eOb+fNK56+lRNn/K/qy9TVX0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIgf/uDH56qIuPqrdMOJiP+LfkQvYqWp1yJiZe1EXn4QES/EdnM8HxHDpYhm/e1/no14PSI+eibiwcO7683N5/fZj+//+R9/+MlTP/r7n4Zn/vuX2/03pi13585v//PXewfbZgAAAChNXdd1lT7mn0yf73tddwoAmIv8+l8n+Xb1wtWbC9YftVqtVh/Buq2e7F67iIjN9jrNewaH4wHgiNmMj7vuAh2Sf9EGEfFU150AFlrVdQc4FA8e3l2vUr5V+/Vgbac9nwuyJ//Navf6jmnTWcbPMZnX42sr+vHclP6szKkPiyTn3xvP/+pO+ygtd9j5z8u0/Ec7lz4VJ+ffH89/zPHJvzcx/1Ll/AdPlH9f/gAAAAAAsMDy3/9PdHz8d+ngm7Ivjzv+uzanPgAAAAAAAADA5+2g4//tMv4fAAAALKzms3rjd888um3ad7E1t1+pIp4eWx4oTLpYZrXrfgAAAAAAAAAAAABASQY75/BeqSKGEfH06mpd181P23j9pA66/lFX+vZDybp+kgcAgB0fPTN2LX8VsRwRV9J3/Q1XV1frenlltV6tV5by+9nR0nK90vpcm6fNbUujfbwhHozq5pctt9Zrm/V5eVb7+O9r7mtU9/fRsfnoMHAAiIidV6MHXpGOmbp+Nrp+l8PRYP8/fuz/7EfXj1MAAADg8NV1XVfp67xPpmP+va47BQDMRX79Hz8uoFar1Wq1+vjVbfVk99pFRGy212neMxiOHwCOmM34uOsu0CH5F20QES903QlgoVVdd4BD8eDh3fUq5Vu1Xw/S+O75XJA9+W9W2+vl9SdNZxk/x2Rej6+t6MdzU/rz/Jz6sEhy/r3x/K/utI/Scoed/7xMy7/ZzhMd9KdrOf/+eP5jjk/+vYn5lyrnP3ii/PvyBwAAAACABZb//n9ioY7/jj7r5sz0uOO/a4d2rwAAAAAAAABwuB48vLuer3vNx/+/MGE5138eTzn/Sv5Fyvn3xvL/6thy/db8/bce5f/vh3fX/3j7X/+fp/vNfynPVOmRVaVHRJXuqRqk6UG27tO2hv1Rc0/DqtcfpHN+6uE7cT1uxEac3bNsL/1/PGo/t6e96elwu73u77Sf39M+2G3P61/Y0z5MZzrVK7n9dKzHz+NGvL3d3rQtzdj+5Rnt9Yz2nH/f/l+knP+g9dPkv5raq7Fp4/6HvU/t9+3ppPu5fP2Lvzl7+Jsz01b0d7etrdm+lzroz/b/yVOj+OWtjZun71y7ffvmuUiTPbeejzT5nOX8h+ln9/n/5Z32/Lzf3l/vfzh64vwXxVYMpub/cmu+2d5X5ty3LuT8R+kn5/92ap+8/x/l/Kfv/6920B8AAAAAAAAAAAAAAAB4nLquty8RvRwRF9P1P11dmwkAzNfl9JUbdZJvn1fdn/P9qdVHvK4WrD9zrT+pF6s/avVRrNvqyd5sFxHxt/Y6FyPi15N+GQCwyD6JiH923Qk6I/+C5e/7a6anuu4MMFe33v/gp9du3Ni4eavrngAAAAAAAAAAn1Ue/3OtNf7zqbqu740tt2f817di7aDjfw7yzO4Ao1MGqu4/+TY9zlZv1O+1hht/MaaN/z3cnXvc+N+DGfc3nNE+mtG+NKN9eUb7xAs9WnL+L7bGOz8VESfHhl8vYfzX8THvS5Dzf6n1eG7y/8rYcu38698f5fx7e/I/c/u9X5y59f4Hr11/79q7G+9u/OzCuXNnL1y8eOnSpTPvXL+xcXbn3w57fLhy/nnsa+eBliXnnzOXf1ly/l9KtfzLkvP/cqrlX5acf36/J/+y5PzzZx/5lyXn/0qq5V+WnP/XUi3/suT8X021/MuS8/96quVflpz/a6mWf1ly/qdTLf+y5PzPpHqf+a8cdr+Yj5x/PsJl/y9Lzj+f2SD/suT8z6da/mXJ+V9ItfzLkvN/PdXyL0vO/xupln9Zcv4XUy3/suT8v5lq+Zcl538p1fIvS87/W6mWf1ly/t9OtfzLkvN/I9XyL0vO/zupln9Zcv7fTbX8y5Lz/16q5V+WnP+bqZZ/WR59/78ZM2bM5Jmun5kAAAAAAAAAAAAAgHHzOJ24620EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4HztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwt69xsh11vcDP7M3r52bgZC/k7+BtWOMcTbZ9SW+0LqYcG24lUBS0kts17t2FnyL1y5JGsmOAiUSRkUVbcOLtoCiNm8qrCovaBVQXqBWlSqR9gV9g6hQeRFVAQWkSm0VstWceZ5nZ2ZnZ3a94/XMOZ+PlPzimTNzzpx5Zna/63x3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6m167/QXK1mWVf/J/7U+y66v/vfasfX5Ze+61kcIAAAArNQv83+/elO64OASblS3zT++9fvPz83NzWWfHvyT4a/OzaUrxrJseE2W5ddFl3/8YKV+m+CpbLQyUPfngQ67H+xw/VCH64c7XD/S4fo1Ha4f7XD9ghOwwNraz2PyO9uS/+f62inNbs6G8+u2tLjVU5U1AwPxZzm5Sn6bueFj2Ux2IpvOJhu2r21bybd/YVN1Xx/K4r4G6va1sbpCfv7E0XgMlXCOtzTsa/4+o5++Jxv7xc+fOPpX5165tdXseBoa7q92nNs2V4/z8+GS2rFWsjXpnMTjHKg7zo0tnpPBhuOs5Ler/nfzcb66xOMcnD/MVdX8nI9mA/l/v5Sfp6H6H+ul87QxXPbft2dZdnH+sJu3WbCvbCBb13DJwPzzM1pbkdX7qC6lN2ZDy1qnm5awTqtzakvjOm1+TcTnf1O43dAix1D/NP30yZG65/21uStZp1H1US/2Wmleg91+rfTKGozr4qX8QT/dcg1uCY//ia2Lr8GWa6fFGkyPu24Nbu60BgdGBvNjTk9CJb/N/Brc0bD9YL6nSj5f3tp+DU6cO3lmYvaxx++cOXnk+PTx6VO7duyY3LVnz759+yaOzZyYnqz9+wrPdu9blw2k18DmcO7ia+AdTdvWL9W5b4wseP+90tfhaJvX4fqmbbv9OhxqfnCV1XlBLlzTtdfGp6onffTSQLbIayx/frav/HWYHnfd63Co7nXY8mtKi9fh0BJeh9Vtzmxf2vcsQ3X/tDqGxb8WrGwNrq9bg83fjzSvwW5/P9Ira3A0rIsfbl/8a8HGcLxPjy/3+5HBBWswPdzw3lO9JH2/P7ovH63W5W3VK64byc7PTp+969Ej586d3ZGFsSreVLdWmtfrurrHlC1YrwPLXq8HZ9769G0tLl8fztXondV/jS76XFW32X1X++cq/+rW+nw2XLozC6PLVvt8tvpqXj2fI1n2te89ed93nvjaexc9n9W8+fmJlX8vnnJp3fvv8CLvvzH3v17bX7qrpwaHh2qv38F0doYb3o8bn6qh/L2rku/71YmlvR8Ph39W+/345jbvxxuatu32+/Fw84OL78eVTj/tWJnm53M0rJMTk+3fj6vbbNi53DU51Pb9+PYwK+H8vzMkhZSL6tbOYus27WtoaDg8rqG4h8Z1uqth++GQzar7em7nla3TbbfX7mswPbp5q7VOx5q27fY6TT/7WmydVjr99O3KND+fo2Fd3Lyr/TqtbvPi7pW/d66N/1n33jnSaQ0OD45Uj3k4LcL8/T6bWxvX4F3Z0ex0diKbyq8dyddTJd/X+N1LW4Mj4Z/Vfq/c0GYNbmvatttrMH0dW2ztVYYWPvguaH4+R8O6eObu9muwus379nb3e9dt4ZK0Td33rs0/X1vsZ163NZ2mq7VWhsJxfm9v+5/NVrc5sW+5ObP9ebojXHJdi/PU/Ppd7DU1la3OedoQjvOVfYufp+rxVLf56v4lrqeDWZZdeOSe/Oe94e9X/vb8D55v+HuXVn+nc+GRe352w7F/WM7xA9D/Xq+NdbWvdXV/M7WUv/8HAAAA+kLM/QNhJvI/AAAAFEbM/fH/Ck/kfwAAACiMmPuHwkxKkv83vO+VmdcvZKmZPxfE69NpuLe2Xey4ToY/j83Nq15+z7PT//X3F5a274Esy1679w9abr/h3nhcNWPhOC+/v/HyBZ6/c0n7Pnz/hbTf+v7618P9x8ez1GXQqoI7mWXZCzd9Od/P2IOX8vnivYfzed/Fp5+qbvPq/tqf4+1fflNt+z8P5d+Dx4403P7lcB5+Eubkh1ufj3i7b11658a9D8zvL96usvnG/GE/81DtfuPvyfnKU7Xt43le7Pi/86XnvlXd/tG3tz7+CwOtj/+5cL/Phvk/b6ltX/8cVP8cb/eFcPxxf/F2d33zuy2P//IXa9uf+UBtu8Nhxv1vC3/e8oFXZurP16OVIw2PK/tgbbu4/8kf/FF+fby/eP/Nxz966FLD+WheHy/+a+1+Jpq2j5fH/UR/17T/6v3Ur8+4/+f+8HDDee60/8v3vfyW6v027/+Opu3OPLI93//8/TX+xqa/+MKXW+4vHs/BvznT8HgOfiK8jsP+n3korMdw/f9ert1f829XOPyJxvefuP3X119oeDzRh35R2//ldx/P55rRteuuu/6GGy++rXrusuylNbX767T/4395uuH4v3FL7XzE62NHv3n/i4n7P/u58VOnZ8/PTKWz+sRN+e/O+UjteOLx3hTeW5v/fOj0uYenz45Njk1m2Vhxf4XeFftmmD+rjYvtt55b8A66/f7wfN72Zy+s2/ovX4qX/9unapdf+nDt69Y7wnZfCZevD8/f8va/0DObbslf35UXwxHOLfx9wSuxcct/7lvShuHxN39fENf7mTc/nJ+H6nX51434ul7h8f9oqnY/3w7ndS78ZubNt8zvr377+LsRLn2y9npf8fkLb3Pxef3r8Hx/9Ce1+4/HFR/vj8L3Md/d0Ph+F9fHty8MNN9//ls8Lob3k+xi7fq4VTzfl169peXhxd9Dkl28Nf/zH6f7uXVZD3Mxs4/NTpyYOXX+0Ylz07PnJmYfe/zQydPnT507lP8uz0Of6XT7+fendfn709T0nt1Z/m51ujausmt9/GfuPzq1d3Lr1PSxI+ePnbv/zPTZ40dnZ49OT81uPXLs2PTnOt1+ZurAjp37d+3dOX58ZurAvv37d+0fnzl1unoYtYPqYM/kZ8dPnT2U32T2wO79O+6+e/fk+MnTU9MH9k5Ojp/vdPv8a9N49da/P352+sSRczMnp8dnZx6fPrBj/549Ozv+NsCTZ47Njk2cPX9q4vzs9NmJ2mMZO5dfXP3a1+n2FNPsv9e+n21Wqf0ivuzjd+xJv5+16tknF72r2iZNv0D0lfC7aP7pDWf2LeXPMfcPh5mUJP8DAABAGcTcPxJmIv8DAABAYcTcvybMRP4HAACAwoi5fzTMpCT5v3D9/w0XlrR//X/9//rzpf9fsv7/J3ut/197v9D/746V9u/1/wP9f/1//X/9f/1/uqDX+v8x96/NslLmfwAAACiDmPvXhZnI/wAAAFAYMfdfF2Yi/wMAAEBhxNx/fZhJSfK//v/V7v8P6v/r/+v/x3Wp/6//vwr0/9vT/+9A/38iK1f//2I3j1//X/+fhXqt/x9z/w1hJiXJ/wAAAFAGMfffGGYi/wMAAEBhxNx/U5iJ/A8AAACFEXP/+jCTkuR//X+f/6//r/+v/996//r//Un/vz39/w70/33+v/6//j9d1Wv9/5j73xBmUpL8DwAAAGUQc/8bw0zkfwAAAOg9Q1d2s5j73xRmsiD/X+EOAAAAgGsu5v6bs6YieEn+/l//X/9f/1//X/+/9f6X3v8fzPT/e4f+f3v6/x3o/+v/6//r/9NVvdb/z3N/Npq9OcykJPkfAAAAyiDm/lvCTOR/AAAAKIyY+/9fmIn8DwAAAIURc/+GMJOS5H/9f/1//X/9f/3/1vv3+f/9Sf+/Pf3/DvT/9f/1//X/6ape6//H3H9rmElJ8j8AAACUQcz9t4WZyP8AAABQGDH3//8wE/kfAAAACiPm/o1hJiXJ//r/Pd7/j81R/X/9f/1//X/9/yXR/29P/78D/X/9f/1//X+6qtf6/zH3vyXMpCT5HwAAAMog5v63hpnI/wAAAFAYMfe/LcxE/gcAAIDCiLl/LMykJPlf/79L/f8tNyy4zOf/6/+n9RGm/r/+v/7/1af/357+fwf6//r/+v/6/3RVr/X/Y+7fFGZSkvwPAAAAZRBz/+YwE/kfAAAACiPm/tvDTOR/AAAAKIyY+7eEmZQk/+v/9/jn/+v/6//r/+v/6/8vi/5/e/r/Hej/6//r/+v/01W91v+Puf/tYSYlyf8AAABQBjH3bw0zkf8BAACgMGLuf0eYifwPAAAAhRFz/7Ywk5Lkf/1//X/9f/1//f/W+9f/70/6/+3p/3eg/6//r/+v/09X9Vr/P+b+d4aZlCT/AwAAQBnE3L89zET+BwAAgMKIuf+OMBP5HwAAAAoj5v7xMJOS5H/9f/1//X/9f/3/1vvX/+9P+v/t6f93oP+v/6//r/9PV/Va/z/m/jvDTEqS/wEAAKAMYu6/K8xE/gcAAIDCiLl/IsxE/gcAAIDCiLl/MsykJPlf/1//X/9f/39Z/f+3zd+v/n+N/n9v0f9vT/+/A/1//f9r3v8f1v+nUHqt/x9z/44wk5LkfwAAACiDmPt3hpnI/wAAAFAYMffvCjOR/wEAAKAwYu7fHWZSkvyv/6//r/+v/+/z/1vvX/+/P+n/t9f9/n98iPr/+v/6/z7/X/+fhXqt/x9z/91hJiXJ/wAAAFAGMffvCTOR/wEAAKAwYu7fG2Yi/wMAAEBhxNy/L8ykJPlf/1//X/9f/1//v/X+9f/7k/5/ez7/vwP9f/1//X/9f7qq1/r/MffvDzMpSf4HAACAMoi5/11hJvI/AAAAFEbM/b8SZiL/AwAAQGHE3P+rYSYlyf/6//r/+v/6//r/rfev/9+f+rb/X/syrP+v/6//38fHr/+v/89Cvdb/j7n/QJhJSfI/AAAAlEHM/b8WZiL/AwAAQGHE3P/uMBP5HwAAAAoj5v6DYSYlyf/6//r/+v/6//r/rfev/9+f+rb/H5Ss/z/SfIH+v/5/Px+//r/+Pwv1Wv8/5v73hJmUJP8DAABAGcTcf0+YifwPAAAAhRFz/3vDTOR/AAAAKIyY+98XZlKS/K//r/+v/6//r//fev/6//1J/7+9Huv/L6D/r//fz8ev/6//z0K91v+Puf/9YSYlyf8AAABQBjH3fyDMRP4HAACAwoi5/4NhJvI/AAAAFEbM/R8KMylJ/tf/1//X/9f/1/9vvX/9//6k/9+e/n8H+v8F6/+P3aD/r//P1dIqAS10Zf3/619bdIcr7P/H3P/rYSYlyf8AAABQBjH33xtmIv8DAABAYcTc/+EwE/kfAAAACiPm/o+EmZQk/6+o/z+i/x/p/zcev/5/6/Wh/6//r/9/9en/t9dn/f9f3hgu1/+v0f/v7ePvyf7/jxfr/8+tab69/j9Xw5X1/1vqSv8/5v6PhpmUJP8DAABAGcTc/7EwE/kfAAAACiPm/o+Hmcj/AAAAUBgx9/9GmElJ8r/P/68ex3x7Wf9f/z+/QP9f/1//v2/p/7fXZ/1/n//fRP+/t4+/J/v/Pv+fa6zX+v8x938izKQk+R8AAADKIOb++8JM5H8AAAAojJj7PxlmIv8DAABAYcTc/6kwk5Lkf/1/n/+v/6//r//fev/6//1J/789/f8O9P/1/3ut//8f+v/0t17r/8fcf3+YSUnyPwAAAJRBzP0PhJnI/wAAAFAYMff/ZpiJ/A8AAACFEXP/p8NMSpL/9f/7pf8/pv+v/6//3/R49P/1/1vR/29P/78D/X/9/17r//v8f/pcr/X/Y+5/MMxk6fl/dMlbAgAAANdEzP2/FWZSkr//BwAAgDKIuf+3w0zkfwAAACiMmPt/J8ykJPlf/79f+v8+/z/T/9f/b3o8+v/6/62sXv8/vvPo/+v/6/9H+v/6//r/NOu1/n/M/b8bZlKS/A8AAABlEHP/Q2Em8j8AAAD0hVb/T3azmPsPhZnI/wAAAFAYMfcfDjMpSf7X/9f/1//v0f7/n27+5x9+/2OHd+j/6//r/y/Lqn7+f/XF7/P/9f/1/xP9f/1//X+a9Vr/P+b+I2EmJcn/AAAAUAYx9/9emIn8DwAAAIURc//RMBP5HwAAAAoj5v6pMJOS5H/9f/1//f8e6f9XKllWkM//j+dD/79R1/r/8U1X/7+lVe3/PzDfE9f/X27/f6Tlpfr/+v/9fPz6//r/LNRr/f+Y+6fDTEqS/wEAAKAMQu4fOFab81fI/wAAAFAYMfcfDzOR/wEAAKAwYu5/OMykJPlf/1//X/+/R/r/zZ//38f9f5//35rP/18d+v/t9U7/vzX9f/3/fj5+/X/9fxbqtf5/zP0zYSYlyf8AAABQBjH3fybMRP4HAACAwoi5/7NhJvI/AAAAFEbM/SfCTEqS//X/9f/1//X/9f9b71//vz/p/7en/9+B/r/+v/6//j9d1Wv9/5j7T4aZlCT/AwAAQBnE3H8qzET+BwAAgMKIuf90mIn8/3/s3UevnXe1x/Htex1dW3kBd3Anmd9XgDIAiRm8AAZMGICEGNBCb3EgtACh90DoPZQEQmiht4QWCJ3QO4QSegAZobPWss/xPs+2zT728/zX5zNZ4HDYB2Ql+cX+6g8AAADDyN3/4Lilyf7X/+v/h+3/76r/3+/z9f/6/5Hp/6fp/zfQ/+v/9f/6f7Zqbv1/7v6HxC1N9j8AAAB0kLv/oXGL/Q8AAADDyN1/Sdxi/wMAAMAwcvc/LG5psv/39P+HVj37/8x49f8j9f/e/9/38/X/+v+Rndv+/7J//5lP/6//1/8H/b/+X//PXnPr/3P3PzxuabL/AQAAoIPc/Y+IW+x/AAAAGEbu/kfGLfY/AAAADCN3/6Pilib73/v/3v/X/+v/9f/rP1//v0ze/5/Wqf+/5NYLH3jH9f93w5l8vv5f/6//1/+zXXPr/3P3Pzpu2T387r7370cBAACA5cjd/5i4pcmv/wMAAEAHufsfG7fY/wAAADCM3P2Pi1ua7H/9v/5f/6//1/+v/3z9/zLp/6d16v/P5vP1//p//b/+n+2aW/+fu//xcUuT/Q8AAAAd5O5/Qtxi/wMAAMAwcvdfGrfY/wAAADCM3P3H4pYm+1//f/D9/z/1//r/uPp//b/+/+Dp/6fp/zfQ/+v/9f/6f7Zqbv1/7v7L4pYm+x8AAAA6yN3/xLjF/gcAAIBh5O5/Utxi/wMAAMAwcvdfHrc02f/6f+//6//1//r/9Z+v/18m/f+0c9//r/sr5P70/4vv/y/Q/+v/9f+c7Az7/zsn/rS9lf4/d/+T45Ym+x8AAAA6yN3/lLjF/gcAAIBh5O5/atxi/wMAAMAwcvc/LW5psv/1//p//b/+X/+//vP1/8uk/582m/f/Dx1e+8P6/8X3/97/1//r/9llbu//5+5/etzSZP8DAABAB7n7r4hb7H8AAAAYRu7+Z8Qt9j8AAAAMI3f/M+OWJvtf/6//1//r//X/6z9/qv+/4aTvT/8/L/r/abPp//eh/9f/L/n71//r/znV3Pr/3P3Pilua7H8AAADoIHf/lXGL/Q8AAADDyN3/7LjF/gcAAIBh5O5/TtzSZP+v7/9P/HH9/+nR/+/+/vX/639+bKv/z/9G/f9k/3837//3pP+fpv/fQP+v/9f/79f/H9309fp/1plb/5+7/7lxS5P9DwAAAB3k7n9e3GL/AwAAwDBy9z8/brH/AQAAYBi5+18QtzTZ/97/1//r/5fX/3v/f8f5fP9/dc77/8P6/9Ok/5+m/99A/6//1/97/5+tmlv/n7v/hXFLk/0PAAAAHeTuf1HcYv8DAADAMpz8ewf2/obSkLv/xXGL/Q8AAADDyN3/krilyf7X/+v/9f/6/979/5GF9P/e/z9d+v9p+v8Nzm//f2jQ/v/wYP3/1ft9/Rz6/0v1/8zMrv7/xhM/fr76/9z9L41bmux/AAAA6CB3/8viFvsfAAAAhpG7/+Vxi/0PAAAAw8jdf1Xc0mT/H3j/f3T/z9b/6//1//r/89//L+X9f/3/6dL/T9P/b+D9f+//e/9f/89W7er/T3K++v/c/a+IW5rsfwAAAOggd/8r4xb7HwAAAIaRu//quMX+BwAAgGHk7n9V3NJk/2+p/7/qisvv4v3/PfT/+v+9Pz/0//p//f/B0/9P0/9voP/X/+v/9f9s1dz6/9z9r45bmux/AAAA6CB3/2viFvsfAAAAhpG7/7Vxi/0PAAAAw8jd/7q4pcn+P/D3/yd06P/zx/X/+v+V/l//r/8/J9r2/4fW/ZXoVPv0/zff/9g9d/+I/l//r//X/+v/2YJZ9P/HT/zdZe7+18ctTfY/AAAAdJC7/w1xi/0PAAAAw8jd/8a4xf4HAACAYeTuf1PcMsj+P7Lhj+v/vf+v/9f/6//Xf77+f5na9v+nyfv/G+j/9f/6f/0/WzWL/v+kf5+7/81xyyD7HwAAAFjV7n9L3GL/AwAAwDBy9781brH/AQAAYBi5+98WtzTZ//p//b/+X/+v/1//+fr/ZdL/T9P/b6D/1//r//X/bNXc+v/c/dfELU32PwAAAHSQu//tcYv9DwAAAMPI3f+OuMX+BwAAgGHk7n9n3NJk/+v/9f/6f/2//n/95+v/l0n/P03/v1qtrp34Btb1/8f/R/+v/9f/6/85S3Pr/3P3vytuabL/AQAAoIPc/dfGLfY/AAAADCN3/3Vxi/0PAAAAw8jd/+64pcn+1//r//X/+n/9//rP1/8vk/5/mv5/A+//6//1//p/tmpu/X/u/vfELU32PwAAAHSQu//6uMX+BwAAgGHk7n9v3GL/AwAAwDBy998QtzTZ//p//b/+X/+v/1//+fr/ZTq4/n+l/9f/6/830P/r//X/7DW3/j93//vilib7HwAAADrI3f/+uMX+BwAAgGHk7v9A3GL/AwAAwDBy938wbmmy//X/+n/9v/5f/7/+8/X/y+T9/2n6/w30//p//b/+n62aW/+fu/9DcUuT/Q8AAAAd5O6/MW6x/wEAAGAYufs/HLfY/wAAADCM3P0fiVua7H/9v/5/d/+/Wun/9f/6/x3noP8/stL/b53+f5r+fwP9/5j9/3+tBur/j+779fp/5mhu/X/u/o/GLU32PwAAAHSQu/9jcYv9DwAAAMPI3f/xuMX+BwAAgGHk7v9E3NJk/+v/9f/e/9f/6//Xf773/5dJ/z9N/7+B/n/M/t/7//p/zpu59f+5+z8ZtzTZ/wAAANBB7v5PxS32PwAAAAwjd/+n4xb7HwAAAIaRu/8zO/fEPwBosv/1//p//b/+X/+//vP1/8uk/5+m/99A/6//1//r/9mqufX/sftXn41bmux/AAAA6CB3/01xi/0PAAAAw8jdf3PcYv8DAADAMHL3fy5uabL/9f/6f/3/Mvv/I/p//b/+f6259P8XX3yPW/T/+n/9v/5f/6//725u/X/u/s/HLU32PwAAAHSQu/8LcYv9DwAAAMPI3f/FuMX+BwAAgGHk7v9S3NJk/5/a/1+w2ilUd6zr/6NR0/+fRP+/+/vX/6//+eH9f/2//v/gzaX/9/7/2X3/+n/9/5K//zPq/y869ev1/4xobv1/7v5b4pYm+x8AAAA6yN3/5bjF/gcAAIBh5O7/Stxi/wMAAMAwcvffGrc02f/e/9f/6//1//r/9Z+v/18m/f80/f8G+n/9v/f/H3Tf/9b/sz1z6/9z9381bmmy/wEAAKCD3P1fi1vsfwAAABhG7v6vxy32PwAAAAwjd/834pYm+1//r//X/+v/9f/rP1//v0z6/2n6/w30//p//b/3/9mqufX/ufu/Gbc02f8AAADQQe7+b8Ut9j8AAAAMI3f/t+MW+x8AAACGkbv/O3FLk/2//f7/Iv1/0P/Ppf+/j/5/z+fr//X/I9P/51/R19P/b6D/1//r//X/bNXc+v/c/bfFLU32PwAAAHSQu/+7cYv9DwAAAMPI3f+9uMX+BwAAgGHk7v9+3NJk/3v/v1f/f2jVsf/3/r/+X//fif5/mv5/A/2//l//r/9nq+bW/+fu/0Hc0mT/AwAAwFLd6/8fcNvp/mdz9/8wbrH/AQAAYBi5+38Ut9j/AAAAMIzc/T+OW5rsf/1/r/6/5/v/+n/9v/6/E/3/NP3/Bvp//b/+X//PVs2t/8/d/5O45aThd/iM/1cCAAAAc5K7/6dxS5Nf/wcAAIAOcvf/LG45Zf8fP83f1Q4AAADMTe7+n8ctTX79X/8/8/5/NX7/f/tK/6//36H/1/9vg/5/2n/Y/x8/pP/X/0/Q/+v/9f/sNbf+P3f/L+KWJvsfAAAABrXrnyjk7v9l3GL/AwAAwDBy9/8qbrH/AQAAYBi5+38dtzTZ//r/mff/Z/X+/9H6V0vo/73/f4D9/5VH1n6+/l//PzL9/zTv/2+g/9f/6//1/2zV3Pr/3P23xy1N9j8AAAB0kLv/N3GL/Q8AAADDyN3/27jF/gcAAIBh5O7/XdzSZP/r/0fs/5f1/r/+3/v/Z9///++Fx2669/2uu0b/zwnnsv/Pnwv6f/2//n+H/l//r/9nr7n1/7n7fx+3NNn/AAAA0EHu/jviFvsfAAAAhpG7/w9xi/0PAAAAw8jd/8e4pcn+1//r/+fS/+f/1+eh/z+2vP4/m+Lu/b/3//X/p/L+/zT9/wb6f/2//l//z1bNrf/P3f+nuKXJ/gcAAIAOcvf/OW6x/wEAAGAYufv/ErfY/wAAADCM3P1/jVua7H/9v/5/Lv1/8v7/ia/z/v8O/b/+/0zo/6fp/zfQ/+v/9f/6f7Zqbv1/7v6/xS1N9j8AAAB0kLv/zrjF/gcAAIBh5O7/e9xi/wMAAMAwcvf/I25psv/1//p//b/+X/+//vP1/8uk/5+m/99A/6//1//r/9mqufX/ufv/FQAA///1FHDi")
mknodat(0xffffffffffffff9c, &(0x7f0000000440)='./file6\x00', 0x10, 0x6fd)

3.329462171s ago: executing program 6 (id=2333):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x31)

3.00158632s ago: executing program 0 (id=2334):
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x2, 0x1}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

2.70599889s ago: executing program 5 (id=2335):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f00000003c0)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x7d, &(0x7f0000000880)={0x0, 0x6}, 0x8)

2.534977984s ago: executing program 4 (id=2336):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0x4}]}}}, {0x28, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_NAT_REG_ADDR_MIN={0x8, 0x3, 0x1, 0x0, 0x14}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x98}, 0x1, 0x0, 0x0, 0x850}, 0x0)
close_range(r0, r0, 0x0)

2.388184748s ago: executing program 7 (id=2337):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0xf0b, 0xfffffffe, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x6}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_RATE_ENABLE={0x8, 0x5, 0x900}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x200480c4}, 0x0)

2.348400377s ago: executing program 5 (id=2338):
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x80101, 0x0)
r0 = syz_io_uring_setup(0x22f, &(0x7f0000000080)={0x0, 0x5325, 0x10000, 0x0, 0x100002cf}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

2.262062523s ago: executing program 0 (id=2339):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28012, r0, 0x83cff000)
r1 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r1, 0x1, 0x25, &(0x7f00000002c0)=r0, 0x4)

2.128913124s ago: executing program 4 (id=2340):
capset(0x0, &(0x7f00000000c0)={0x1, 0x6, 0xec9b, 0x80000001, 0x4})
r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000240)="03", 0x1, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r1}, 0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={'crc32c-generic\x00'}})

2.102180799s ago: executing program 5 (id=2341):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x21, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x2})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000340)={0x5, 0x90, 0x1, 'queue0\x00', 0x3})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f0000000ec0)={0x800100, 0xfffffffd, 0x22, 0x100, 0x81, 0x5})

1.873245621s ago: executing program 0 (id=2342):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x44, 0x0, &(0x7f0000000900)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000480)={0x2020}, 0x2020)

1.77944437s ago: executing program 5 (id=2343):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = dup(r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_MODE={0x8}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x40004085}, 0x40408c0)

1.681323233s ago: executing program 4 (id=2344):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x80000001}, 0x18)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x7fffffff}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000880}, 0x8000)

1.493546193s ago: executing program 0 (id=2345):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0100000003000000610200000200000000000000", @ANYRES32, @ANYBLOB="00000000000000809bc296b4d8f228917bc375fa", @ANYRES32=r1], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0xf, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x200002}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)

1.389798988s ago: executing program 5 (id=2346):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001600)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000040000000000080000100850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c0000001300050000000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="00000400000000001400030064756d6d79300000000000000000000005003b"], 0x3c}}, 0x8084)

1.012198213s ago: executing program 4 (id=2347):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000200)={0x44, r0, 0x1, 0x70bd25, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x28, 0x11d, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc0}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}]}]}, 0x44}}, 0x0)

919.350199ms ago: executing program 5 (id=2348):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x24, &(0x7f0000000440)={0x20, 0xd, 0x1, '\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000680)={0x1, 0x2, 0x3, &(0x7f0000000400)={0x1b, "65c28678ec59b73ade02da39a66f440cfa56ec4319a52702236bf319b49de48232"}})

911.067834ms ago: executing program 0 (id=2349):
syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
r0 = openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

743.787957ms ago: executing program 7 (id=2350):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x175)
close(r0)
r1 = fanotify_init(0x12, 0x141402)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

626.004054ms ago: executing program 6 (id=2351):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000100)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='user\x00', &(0x7f0000001980)='\xc9$#\xf1\xfe\xb8V\x00\xe9Ps\xfe\xf7\x80\xa2\xb2\xec\';iId\xd2\x1e\xe2g/\xc9\xba\x1d\xc9o9\x89]\xfe \x04\x13\xf0^Kc\rQQ\xf6\x81\'\xf6VM%\x9a\xb3\xeb\xcd;\x99{\xa4\x89/\x80j\x8d\x94\xb7\x89\x11\xc2\b\xb2\xc2\xa1\xaa\x1fQ\xb8\xc9\xc0\xbf\x9f\xf0\a\x04xb;\xc4dQ\x01S\xab\x95H\xadIK\xde\xd7\xaf\xcf\x11\xc2\x0eH\ni\xc1_\xf0\x91_1Z\xca\x7f\xcdn\x85\x83K\xac\xae0Q\x7fr\xe6v\xa2|\xcc\xf1(\xf0\xc1\xa6o\xa2\x87#F\x9d\xb2\x0f\x90\xa6!\x99\x0e\xd9\xa8U\xa5\xe1\x85\xcd&B\x90\xfb\x83\xa1\x1a\xd4[\x05S\xebm\xb3\xef\x19K\x16Gp,\xf2\x82D=', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='user\x00', &(0x7f0000000440)='\x00\x00E\x01\x00\x00\f\x01\x00\x00\x00Y\x00\xc1~\x99l\xb7\xd6\xfc\xebw1hn\x1a\xc5\x7fn\a\\\xec\xd8\x94oh\x1d\xec\xf5jb\xe5\xb2\xa2e\xfd\x9c\xc4\xd22\x9c\xe97#(/\xb1\xe6\x03\xe1\xaa\x96\x92\x8b4}\xc1L\x1b\x9b\xe6n\x97\xc7\x06\xb2Y\xadQ\xa4c\x1b&\x0e]$\x1b\x1bt\xda\x9eA\xd3\x1b\x12A\x82\xd5\xa8@\x1eIw\xb2y2F\xe8\xc7\x03e&\x98\"9\t\xe0\x81Pj\xee&\xae{P\xe8\xceL\xe1\xd1V\xc7\xeaF\xd54\x80\xb6%\xaf\xbbK\x85\x95\xf2\x1bG\xf1\xdaq:\xae\xe22\\~j~\xfe\x83\xbb>\xb0\x9b.\xa4\x95\x0eY\xb8j\xe1M\xf5\xa5\x87`\x04\xab\xf1\xc7[\xda{\r\x95\xa4\xea^\xfc\xa7\x8b\x85\xd1\x1d\xaa\x99\xeb\t|@\xd5p\x1d>+\x0e\xec\xe2\xcd\xdc\x8f\x01\xf7\xabH=z\xa5x\x1b\x9f\x95\xd1\x88k\x85L#\x99^p\x18\x98\xec6\xf69y\x052\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00k\x1d\xa3\x80\x9c[\xfa\xab\xf6\xbcB6\xac-\xe6?\xb8\xd3\x82(\xbd\xb7\a\xbf\xf6~{)\xc9:\'(\x85u\xf76\xe4l\xb94a!\t\xb8\xc7\xfamF\x8f\x87$:eU\xe2P\x1d\x82\x04P\xee\xd7,\x93/\x14\x11\xbd\x8d\xc8\x94\x91\x04?\xc2\xb7\x96\x81q\xc3_\xb3;]*\x89\xd4\n\x06Z\xc3\xdbbJ\xact|\xb5\xf6\x98\xb6\xbb*S\x15|[\xb9\xb59+\xa0\xa5we\x92u\"\xc8\xbac\xea-\xed\xd8!\xcf&\r\xb3\xf7\x9f\xf1s\x7f\xaa\x85p\xaa\xe6\x7f\xd9\x94\xae\xf6\xe7f~\xf3a\x02\x1a\x1a\xce5<~w\xd0\xd5\xa1\x04.\x98\xaa\xff\xa7\xb86n\xbe\xfd\x95\x16\xe6`\xa3R\xb6\xf9E\xa8\x13k\xcf!\xd2(\x8c\x18C>\xec\x99Q\xdf!]\xe7WV%K\x92\xdc\xafM\xea]K\f\x1f\xe5\xe3\xbd\xdc#\xc7kv\x9aI\xa9y\xde8G\xbfQ@J\xe9\xb6\a\x96\xc4!\xdeO\x1d\xc5\xec\xf0c\xba\xe8v\xc8\\3\xcfi\xf4\xed>c\x85n8\xc4\t\x95Y\xfa\x00'/535, 0x0)

526.484973ms ago: executing program 4 (id=2352):
r0 = socket$kcm(0x2, 0x1000000000000002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ced4fbd44e24eb0d34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3a06d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796efea77aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece72f2090000f44a3210223fdae7ed04935c3c90941576aebc8619d73415cda2130f5011e4845505000001000000004f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c040035cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bf463261135e24d154114df1381b02a0dcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f884cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e1700000000000000000000000000000000000000000000000000000520500002952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9a33c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a62415f78000000005f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c81c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b40824095135861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac00000b0000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e5dd921a5eadd4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293d5c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e602c28ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f257aac5af18d8c6b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e29b10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe8e4cd14dc5c1eb98b63198f6f830745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b51c34a5384f2cf51180c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af243b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380ecf1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f558982d57c556ca1427b5960b79990565ca2a20996fcba472213744d3a156979651596afde2b0089f023fcfccd072bd6ea8445fc787390d71ec61d5b7b0f05f6931914bf49aa0d66eff294271a93e32f54f281068514a4cd2d0700a43df59e9924e4affdbd22405e675e9d7cdc10546571131831d4dc8c8363077a908d9ae4f27ff095f5b07667f93a3573d3fabfca58ee0a6b6a691102bb3c7be4dc5b816853275e7ae8c13ec341bad15353fad794b46c4fd73e1b4cc78de2156cb158870d5b8446dae9ba5f7f244e6cf8f6791671057347208a313ebbcb72b04706005670f2b0055e440d72c7c3316982c6ebe8675458cf6bb393b007f5cedb7bc411834600000000000000000000000000a20071b07d568a8150ed646b4978d0226d9651647a5999ae7c7c85322a215fcdb1adbad63499518fe0d10145d430422c78367dfa941f74b63f3884565ac89c673da2c2b1172be5f2cd1f3f453ebddd432bd24c73fa773b739e20fcec16a821230654a383ac1868495f67d942c772ca75e09073dbe9307ff5cac7c2c411149a4d989a8a019e068da218d4bc34e4102fd2f97397331e4cd70b4915582b635f07ca87f00dc929f902540f565c20add8675b79e005cf0277d954697317b907b77fa5d6b7feaebaf676a2a37de8aa70748fee4bc198ffd3e2de11eb0eff896fd94de0805ba6b1054a7b3e300d4581e9af62a1ecaee96d2819b3d192e5b9561eb622da25450f586be14017a1cf74f89a1dd18af004decfe266134c3d036ae7996931fe6008a73ed34c35f0da4ffee1fe63bc1af6ef1b4731d50b8ceb582a1e9c6e8d97f8290cc105754f592d16ccdb1df8636d7ca5e372cea97dd0f005cc7092b126dd46758917fb0d94b8483d403bd451429cc1660f0b5a529d8134dc2702f6d8e2f943d98fbe50a3ba653f13f98a00fcbf311f9758ade8e4eb87b4b9fb2d387f5d8c4bdcab2fff9ed8c9de961fd831a070381c8020352fea7c334b2959ddd956701a7ea415e224a81c9fa1ebbabe74f7743e09b6c8b72650b51d5c2000ef3679c039b3604374fc1af7ab354204afbd24f0e701bc08a98452ce2668617e85e0d876f5a8b6d9b777f1c384d8a9883e4262defb6b9aab8d5b76bc91ca50f87966797da2499ca0ac76707c0408a7b6d8708fe7714988babdc11f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x88, 0x67, &(0x7f00000002c0)=r1, 0x4)
sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e1f, @multicast2}, 0x10, &(0x7f0000000300)=[{&(0x7f0000000100)="00446916ab", 0x5}], 0x1, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast2}}}], 0x20}, 0x0)

0s ago: executing program 4 (id=2353):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a40)=@newqdisc={0x8c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0xe, [0x7, 0x1, 0x8, 0x1, 0x6, 0x7, 0x1, 0x7, 0x9, 0xd, 0x3, 0xb, 0x0, 0x0, 0x3, 0xd], 0x0, [0xf3, 0x7, 0x101, 0x2, 0x6, 0x6, 0x0, 0x400, 0x9, 0x8001, 0x33, 0x1, 0xfff8, 0x61cd, 0x0, 0x4], [0x40, 0xc3, 0x5, 0x1ba6, 0x0, 0xfffc, 0xd08e, 0x1, 0xd, 0x1, 0x4, 0x7f, 0x10, 0x7, 0x2, 0x2]}}]}}]}, 0x8c}}, 0x0)

kernel console output (not intermixed with test programs):

D=0x1) not attached to queue pair (handle=0x4d3:0xd)
[  465.142967][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  465.149696][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  465.789490][ T8886] loop3: detected capacity change from 0 to 512
[  466.108597][ T8895] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1110'.
[  466.141890][ T8886] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  466.158308][ T8886] ext4 filesystem being mounted at /228/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  466.904322][ T8911] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1114'.
[  468.013127][ T5806] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  468.324996][ T8920] loop5: detected capacity change from 0 to 32768
[  468.336146][ T8920] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1117 (8920)
[  468.368992][ T8920] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  468.379653][ T8920] BTRFS info (device loop5): using crc32c (crc32c-x86_64) checksum algorithm
[  468.390057][ T8920] BTRFS info (device loop5): using free-space-tree
[  468.851890][ T6918] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  469.681866][   T30] audit: type=1800 audit(1751145422.557:34): pid=8944 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.3.1119" name="/" dev="tmpfs" ino=1107 res=0 errno=0
[  471.070137][ T8964] loop3: detected capacity change from 0 to 4096
[  471.191749][ T8964] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  473.823582][ T5923] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  474.101061][ T5923] usb 1-1: Using ep0 maxpacket: 16
[  474.145004][ T5923] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  474.158063][ T5923] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  474.273535][ T5923] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  474.283186][ T5923] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  474.293671][ T5923] usb 1-1: Product: syz
[  474.298076][ T5923] usb 1-1: Manufacturer: syz
[  474.305664][ T5923] usb 1-1: SerialNumber: syz
[  474.794132][ T5923] usb 1-1: 0:2 : does not exist
[  475.241231][ T5923] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  475.514268][ T5923] usb 1-1: USB disconnect, device number 8
[  475.962021][ T9029] bridge0: entered promiscuous mode
[  475.967650][ T9029] macvlan2: entered promiscuous mode
[  476.729199][ T8592] udevd[8592]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  477.439234][ T9053] can0: slcan on ttyS3.
[  477.583780][ T9053] can0 (unregistered): slcan off ttyS3.
[  477.742685][ T9058] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1170'.
[  477.954255][ T9063] loop1: detected capacity change from 0 to 128
[  478.713369][ T9072] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  479.649529][ T9088] loop5: detected capacity change from 0 to 2048
[  479.706533][ T9088] EXT4-fs: Ignoring removed bh option
[  479.889025][ T9088] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  479.959966][ T9098] pimreg: entered allmulticast mode
[  480.093230][ T9098] pimreg: left allmulticast mode
[  480.658030][ T9096] loop4: detected capacity change from 0 to 32768
[  480.866021][ T9096] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  480.866170][ T9096]   allowing incompatible features above 0.0: (unknown version)
[  480.866254][ T9096]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  480.917921][ T9096] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  480.926511][ T9096] bcachefs (loop4): initializing new filesystem
[  480.946871][ T9096] bcachefs (loop4): going read-write
[  480.973094][ T9095] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  481.043910][ T9096] bcachefs (loop4): marking superblocks
[  481.095138][ T9096] bcachefs (loop4): initializing freespace
[  481.124775][ T9096] bcachefs (loop4): done initializing freespace
[  481.144673][ T9096] bcachefs (loop4): reading snapshots table
[  481.151302][ T9096] bcachefs (loop4): reading snapshots done
[  481.235250][ T9096] bcachefs (loop4): done starting filesystem
[  481.775618][ T6918] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  481.786067][ T5798] bcachefs (loop4): shutting down
[  481.786137][ T5798] bcachefs (loop4): going read-only
[  481.786239][ T5798] bcachefs (loop4): finished waiting for writes to stop
[  481.810259][ T5798] bcachefs (loop4): flushing journal and stopping allocators, journal seq 2
[  481.853097][ T9113] netlink: 'syz.3.1191': attribute type 14 has an invalid length.
[  482.197074][ T5798] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  482.279318][ T5798] bcachefs (loop4): clean shutdown complete, journal seq 4
[  482.313478][ T5798] bcachefs (loop4): marking filesystem clean
[  482.595797][ T5798] bcachefs (loop4): shutdown complete
[  482.781467][ T9122] overlayfs: upper fs does not support tmpfile.
[  484.943405][ T9141] loop1: detected capacity change from 0 to 32768
[  485.392936][ T9141] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  485.393076][ T9141]   allowing incompatible features above 0.0: (unknown version)
[  485.393169][ T9141]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  485.445164][ T9141] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  485.453762][ T9141] bcachefs (loop1): initializing new filesystem
[  485.475064][ T9141] bcachefs (loop1): going read-write
[  485.500275][ T9153] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1206'.
[  485.678594][ T9141] bcachefs (loop1): marking superblocks
[  485.735413][ T9141] bcachefs (loop1): initializing freespace
[  485.762091][ T9141] bcachefs (loop1): done initializing freespace
[  485.781373][ T9141] bcachefs (loop1): reading snapshots table
[  485.787708][ T9141] bcachefs (loop1): reading snapshots done
[  485.868914][ T9141] bcachefs (loop1): done starting filesystem
[  486.280828][ T5803] bcachefs (loop1): shutting down
[  486.288241][ T5803] bcachefs (loop1): going read-only
[  486.294106][ T5803] bcachefs (loop1): finished waiting for writes to stop
[  486.335121][ T5803] bcachefs (loop1): flushing journal and stopping allocators, journal seq 2
[  486.742812][ T5803] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[  486.864476][ T5803] bcachefs (loop1): clean shutdown complete, journal seq 4
[  486.912178][ T5803] bcachefs (loop1): marking filesystem clean
[  487.193456][ T5803] bcachefs (loop1): shutdown complete
[  487.396293][ T9164] loop5: detected capacity change from 0 to 32768
[  487.564799][ T9164] JBD2: Ignoring recovery information on journal
[  487.693354][ T9164] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  487.721211][ T9164] (syz.5.1210,9164,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options
[  487.928780][ T6918] ocfs2: Unmounting device (7,5) on (node local)
[  488.572771][ T9178] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  489.761404][ T9194] block nbd0: server does not support multiple connections per device.
[  489.771326][ T9194] block nbd0: shutting down sockets
[  490.838758][ T9200] loop4: detected capacity change from 0 to 32768
[  491.071839][ T9200] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=zstd,background_compression=gzip,str_hash=crc32c,journal_flush_disabled,recovery_pass_last=set_may_go_rw,reconstruct_alloc
[  491.071990][ T9200]   allowing incompatible features above 0.0: (unknown version)
[  491.072074][ T9200]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  491.119266][ T9200] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  491.133519][ T9200] bcachefs (loop4): recovering from clean shutdown, journal seq 10
[  491.147613][ T9200] bcachefs (loop4): Version upgrade required:
[  491.147613][ T9200] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  491.147613][ T9200] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  491.147613][ T9200]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  491.253920][ T9200] bcachefs (loop4): dropping and reconstructing all alloc info
[  491.337532][ T9200] bcachefs (loop4): accounting_read... done
[  491.367423][ T9200] bcachefs (loop4): alloc_read... done
[  491.378630][ T9200] bcachefs (loop4): snapshots_read... done
[  491.394096][ T9200] bcachefs (loop4): check_allocations... done
[  491.579173][ T9200] bcachefs (loop4): going read-write
[  491.707675][ T9200] bcachefs (loop4): done starting filesystem
[  491.917838][ T3626] bcachefs (loop4): bucket incorrectly unset in freespace btree
[  491.917927][ T3626]   u64s 5 type deleted 0:25:0 len 0 ver 0, , continuing
[  491.991699][ T9220] loop3: detected capacity change from 0 to 256
[  492.149719][ T5798] bcachefs (loop4): shutting down
[  492.156132][ T5798] bcachefs (loop4): going read-only
[  492.164274][ T5798] bcachefs (loop4): finished waiting for writes to stop
[  492.210304][ T3857] bcachefs (loop4): bucket incorrectly unset in freespace btree
[  492.210611][ T3857]   u64s 5 type deleted 0:28:0 len 0 ver 0, , continuing
[  492.401205][ T5798] bcachefs (loop4): flushing journal and stopping allocators, journal seq 11
[  492.403901][ T3857] bcachefs (loop4): bucket incorrectly unset in freespace btree
[  492.418339][ T3857]   u64s 5 type deleted 0:26:0 len 0 ver 0, , continuing
[  492.596633][ T3857] bcachefs (loop4): bucket incorrectly unset in freespace btree
[  492.596722][ T3857]   u64s 5 type deleted 0:29:0 len 0 ver 0, , continuing
[  492.842524][   T57] bcachefs (loop4): bucket incorrectly unset in freespace btree
[  492.842612][   T57]   u64s 5 type deleted 0:40:0 len 0 ver 0, , continuing
[  492.916418][ T5798] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 11
[  492.964610][ T5798] bcachefs (loop4): unclean shutdown complete, journal seq 12
[  493.019724][ T5798] bcachefs (loop4): done going read-only, filesystem not clean
[  493.122167][ T5798] bcachefs (loop4): shutdown complete
[  493.278906][ T9230] loop3: detected capacity change from 0 to 512
[  493.348943][ T9230] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  493.578903][ T9230] EXT4-fs (loop3): 1 truncate cleaned up
[  493.587201][ T9230] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  494.056466][ T9232] loop5: detected capacity change from 0 to 32768
[  494.063592][   T30] audit: type=1800 audit(1751145446.857:35): pid=9230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1233" name="file1" dev="loop3" ino=15 res=0 errno=0
[  494.124521][ T9232] o2cb: This node has not been configured.
[  494.132965][ T9232] o2cb: Cluster check failed. Fix errors before retrying.
[  494.140573][ T9232] (syz.5.1234,9232,1):ocfs2_dlm_init:3354 ERROR: status = -22
[  494.173514][ T9232] (syz.5.1234,9232,1):ocfs2_mount_volume:1735 ERROR: status = -22
[  494.187035][ T9232] (syz.5.1234,9232,1):ocfs2_fill_super:1177 ERROR: status = -22
[  494.645128][ T5806] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.329470][ T9244] loop1: detected capacity change from 0 to 32768
[  495.344166][ T9244] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1237 (9244)
[  495.411900][ T9244] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  495.423044][ T9244] BTRFS info (device loop1): using crc32c (crc32c-x86_64) checksum algorithm
[  495.428897][ T5923] kernel write not supported for file /cpu/0/msr (pid: 5923 comm: kworker/0:5)
[  495.435401][ T9244] BTRFS info (device loop1): using free-space-tree
[  495.941306][ T5803] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  496.262366][ T9267] sp0: Synchronizing with TNC
[  496.748262][ T9272] mkiss: ax0: crc mode is auto.
[  496.986180][ T9275] Falling back ldisc for ttyS3.
[  499.502341][ T9299] loop5: detected capacity change from 0 to 4096
[  499.597800][ T9299] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  500.053464][   T42] kernel write not supported for file /sysvipc/shm (pid: 42 comm: kworker/1:1)
[  500.373554][ T9309] loop1: detected capacity change from 0 to 4096
[  500.441321][ T9309] EXT4-fs: Ignoring removed orlov option
[  500.448727][ T9309] EXT4-fs: Ignoring removed nobh option
[  500.610218][ T9309] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  500.619356][ T9309] EXT4-fs (loop1): Test dummy encryption mode enabled
[  500.803292][ T9309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  501.508304][ T5803] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  502.590180][ T9343] loop5: detected capacity change from 0 to 512
[  502.739817][ T9336] loop1: detected capacity change from 0 to 32768
[  502.753764][ T9343] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  502.845637][ T9336] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  502.938725][ T9343] EXT4-fs (loop5): 1 truncate cleaned up
[  502.947957][ T9343] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  503.141083][   T30] audit: type=1800 audit(1751145456.027:36): pid=9343 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1273" name="file1" dev="loop5" ino=15 res=0 errno=0
[  503.186752][ T9336] XFS (loop1): Ending clean mount
[  503.416239][ T5803] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  503.725777][ T6918] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  504.300895][ T5923] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  504.541099][ T5923] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  504.550775][ T5923] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.649767][ T5923] usb 2-1: config 0 descriptor??
[  505.862132][ T5923] ath6kl: Failed to submit usb control message: -110
[  505.869733][ T5923] ath6kl: unable to send the bmi data to the device: -110
[  505.879497][ T5923] ath6kl: Unable to send get target info: -110
[  506.386914][ T5923] ath6kl: Failed to init ath6kl core: -110
[  506.410033][ T5923] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -110
[  506.496663][ T9378] loop0: detected capacity change from 0 to 32768
[  506.591783][ T5923] usb 2-1: USB disconnect, device number 4
[  506.760264][ T9378] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  506.760556][ T9378]   allowing incompatible features above 0.0: (unknown version)
[  506.760641][ T9378]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  506.783425][    C1] vkms_vblank_simulate: vblank timer overrun
[  506.815247][ T9378] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  506.823834][ T9378] bcachefs (loop0): initializing new filesystem
[  506.842565][ T9378] bcachefs (loop0): going read-write
[  506.882383][ T9378] bcachefs (loop0): marking superblocks
[  506.932241][ T9378] bcachefs (loop0): initializing freespace
[  506.957916][ T9378] bcachefs (loop0): done initializing freespace
[  506.976910][ T9378] bcachefs (loop0): reading snapshots table
[  506.983486][ T9378] bcachefs (loop0): reading snapshots done
[  507.069462][ T9396] loop4: detected capacity change from 0 to 8
[  507.077111][ T9378] bcachefs (loop0): done starting filesystem
[  507.131626][ T9396] squashfs image failed sanity check
[  507.417170][ T5802] bcachefs (loop0): shutting down
[  507.424621][ T5802] bcachefs (loop0): going read-only
[  507.430911][ T5802] bcachefs (loop0): finished waiting for writes to stop
[  507.510087][ T5802] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[  507.741381][ T5923] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  507.758599][ T5802] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[  507.793515][ T5802] bcachefs (loop0): clean shutdown complete, journal seq 4
[  507.811439][ T5802] bcachefs (loop0): marking filesystem clean
[  507.897660][ T5802] bcachefs (loop0): shutdown complete
[  507.968145][ T5923] usb 5-1: Using ep0 maxpacket: 32
[  508.164401][ T5923] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  508.175828][ T5923] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  508.316598][ T5923] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  508.326557][ T5923] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  508.337651][ T5923] usb 5-1: Product: syz
[  508.346588][ T5923] usb 5-1: Manufacturer: syz
[  508.636013][ T5923] hub 5-1:4.0: USB hub found
[  508.908206][ T5923] hub 5-1:4.0: config failed, hub doesn't have any ports! (err -19)
[  509.272096][   T42] usb 5-1: USB disconnect, device number 5
[  509.315381][ T9409] overlayfs: upper fs does not support tmpfile.
[  510.255979][ T9414] loop5: detected capacity change from 0 to 4096
[  510.332850][ T9417] loop1: detected capacity change from 0 to 1024
[  510.399815][ T9417] EXT4-fs: Ignoring removed i_version option
[  510.406613][ T9417] EXT4-fs: Ignoring removed mblk_io_submit option
[  510.418106][ T9417] EXT4-fs: Ignoring removed nobh option
[  510.424166][ T9417] EXT4-fs: Ignoring removed bh option
[  510.662677][ T9417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  510.913771][ T9414] ntfs3(loop5): failed to convert "0080" to cp775
[  510.983932][ T5803] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  511.988838][ T9425] loop3: detected capacity change from 0 to 32768
[  512.229271][ T9425] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  512.229421][ T9425]   allowing incompatible features above 0.0: (unknown version)
[  512.229513][ T9425]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  512.277684][ T9425] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  512.286275][ T9425] bcachefs (loop3): initializing new filesystem
[  512.307115][ T9425] bcachefs (loop3): going read-write
[  512.338317][ T9439] loop4: detected capacity change from 0 to 64
[  512.380203][ T9425] bcachefs (loop3): marking superblocks
[  512.428760][ T9425] bcachefs (loop3): initializing freespace
[  512.457121][ T9425] bcachefs (loop3): done initializing freespace
[  512.476192][ T9425] bcachefs (loop3): reading snapshots table
[  512.482683][ T9425] bcachefs (loop3): reading snapshots done
[  512.669925][ T9425] bcachefs (loop3): done starting filesystem
[  513.030087][ T5806] bcachefs (loop3): shutting down
[  513.035837][ T5806] bcachefs (loop3): going read-only
[  513.041648][ T5806] bcachefs (loop3): finished waiting for writes to stop
[  513.117906][ T9444] loop1: detected capacity change from 0 to 512
[  513.193240][ T5806] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3
[  513.381973][ T9444] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  513.395300][ T9444] ext4 filesystem being mounted at /264/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  513.498124][ T5806] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 3
[  513.613096][ T5806] bcachefs (loop3): clean shutdown complete, journal seq 4
[  513.643159][ T5806] bcachefs (loop3): marking filesystem clean
[  513.843722][ T5806] bcachefs (loop3): shutdown complete
[  514.301988][ T9458] netlink: 116 bytes leftover after parsing attributes in process `syz.5.1308'.
[  514.311780][ T9458] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1308'.
[  514.773452][ T5803] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  515.178518][ T9464] loop5: detected capacity change from 0 to 1024
[  515.220559][ T9464] EXT4-fs: Ignoring removed i_version option
[  515.227093][ T9464] EXT4-fs: Ignoring removed mblk_io_submit option
[  515.234542][ T9464] EXT4-fs: Ignoring removed nobh option
[  515.240501][ T9464] EXT4-fs: Ignoring removed bh option
[  515.371234][ T9464] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  515.580066][ T6918] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  516.071464][ T9477] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  516.112041][ T9477] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  516.910909][   T42] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  517.117385][   T42] usb 2-1: Using ep0 maxpacket: 8
[  517.156162][   T42] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  517.165687][   T42] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  517.255596][   T42] pvrusb2: Hardware description: Terratec Grabster AV400
[  517.263899][   T42] pvrusb2: **********
[  517.268082][   T42] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  517.282886][   T42] pvrusb2: Important functionality might not be entirely working.
[  517.291459][   T42] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  517.303136][   T42] pvrusb2: **********
[  517.553634][ T2329] pvrusb2: Invalid write control endpoint
[  517.770969][ T9483] pvrusb2: Invalid write control endpoint
[  517.794137][   T42] usb 2-1: USB disconnect, device number 5
[  518.023600][ T2329] pvrusb2: Invalid write control endpoint
[  518.029623][ T2329] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  518.039452][ T2329] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  518.047462][ T2329] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  518.057923][ T2329] pvrusb2: Device being rendered inoperable
[  518.064235][ T2329] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  518.074106][ T2329] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  518.084291][ T2329] pvrusb2: Attached sub-driver cx25840
[  518.089993][ T2329] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  518.100544][ T2329] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  519.042346][ T9503] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  521.887840][ T9537] loop3: detected capacity change from 0 to 32768
[  521.906524][ T9537] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1334 (9537)
[  522.006502][ T9537] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  522.017271][ T9537] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  522.026558][ T9537] BTRFS info (device loop3): using free-space-tree
[  522.377060][ T5806] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  522.591949][ T5923] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  522.850624][ T5923] usb 5-1: Using ep0 maxpacket: 8
[  523.031179][ T5923] usb 5-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  523.042809][ T5923] usb 5-1: config 0 interface 0 has no altsetting 0
[  523.049721][ T5923] usb 5-1: New USB device found, idVendor=056a, idProduct=0094, bcdDevice= 0.00
[  523.059290][ T5923] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.182961][ T5923] usb 5-1: config 0 descriptor??
[  523.727151][ T5923] wacom 0003:056A:0094.000C: unknown main item tag 0x6
[  523.764554][ T5923] wacom 0003:056A:0094.000C: Using device in hidraw-only mode
[  523.826912][ T5923] wacom 0003:056A:0094.000C: hidraw0: USB HID v3.ff Device [HID 056a:0094] on usb-dummy_hcd.4-1/input0
[  524.018978][   T42] usb 5-1: USB disconnect, device number 6
[  524.455940][ T9574] fido_id[9574]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  525.705035][ T9590] loop4: detected capacity change from 0 to 64
[  526.341153][   T30] audit: type=1800 audit(1751145479.207:37): pid=9590 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1352" name="file1" dev="loop4" ino=18 res=0 errno=0
[  526.507609][ T9598] loop5: detected capacity change from 0 to 1024
[  526.593417][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  526.600167][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  526.767203][ T9598] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  526.951938][ T9598] EXT4-fs error (device loop5): __ext4_remount:6736: comm syz.5.1357: Abort forced by user
[  527.018133][ T9598] EXT4-fs (loop5): Remounting filesystem read-only
[  527.031619][ T9598] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000.
[  527.488040][ T6918] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.041973][ T9607] loop0: detected capacity change from 0 to 32768
[  528.054490][ T9607] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1360 (9607)
[  528.074959][ T9607] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  528.087247][ T9607] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  528.098487][ T9607] BTRFS info (device loop0): using free-space-tree
[  528.398610][ T5802] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  529.523242][ T9644] loop1: detected capacity change from 0 to 256
[  529.666463][ T9641] loop4: detected capacity change from 0 to 1024
[  530.493378][ T5150] udevd[5150]: worker [8592] terminated by signal 33 (Unknown signal 33)
[  530.555198][ T5150] udevd[5150]: worker [8592] failed while handling '/devices/virtual/block/loop0'
[  530.615324][   T57] hfsplus: b-tree write err: -5, ino 4
[  531.398450][ T9666] use of bytesused == 0 is deprecated and will be removed in the future,
[  531.408094][ T9666] use the actual size instead.
[  531.952710][   T30] audit: type=1800 audit(1751145484.847:38): pid=9675 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1381" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  532.615918][ T9684] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  532.939719][ T9690] loop0: detected capacity change from 0 to 1024
[  533.667508][ T9702] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1395'.
[  535.089976][ T9723] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1400'.
[  535.099606][ T9723] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1400'.
[  535.183386][ T9725] loop6: detected capacity change from 0 to 524287999
[  535.268447][ T9725] buffer_io_error: 9 callbacks suppressed
[  535.268525][ T9725] Buffer I/O error on dev loop6, logical block 0, async page read
[  535.289328][ T9725] Buffer I/O error on dev loop6, logical block 0, async page read
[  535.299457][ T9725] Buffer I/O error on dev loop6, logical block 0, async page read
[  535.307841][ T9725] Buffer I/O error on dev loop6, logical block 0, async page read
[  535.316171][ T9725] Buffer I/O error on dev loop6, logical block 0, async page read
[  535.324590][ T9725] Buffer I/O error on dev loop6, logical block 0, async page read
[  535.333085][ T9725] Buffer I/O error on dev loop6, logical block 0, async page read
[  535.341398][ T9725] Buffer I/O error on dev loop6, logical block 0, async page read
[  535.349466][ T9725] ldm_validate_partition_table(): Disk read failed.
[  535.357230][ T9725] Buffer I/O error on dev loop6, logical block 0, async page read
[  535.367779][ T9725] Buffer I/O error on dev loop6, logical block 0, async page read
[  535.382215][ T9725] Dev loop6: unable to read RDB block 0
[  535.388484][ T9725]  loop6: unable to read partition table
[  535.462670][ T9725] loop_reread_partitions: partition scan of loop6 (3��x��C�

) failed (rc=-5)
[  535.617754][ T6077] ldm_validate_partition_table(): Disk read failed.
[  535.625128][ T6077] Dev loop6: unable to read RDB block 0
[  535.631585][ T6077]  loop6: unable to read partition table
[  535.692031][ T9726] ldm_validate_partition_table(): Disk read failed.
[  535.699182][ T9726] Dev loop6: unable to read RDB block 0
[  535.705644][ T9726]  loop6: unable to read partition table
[  535.751515][ T9726] loop_reread_partitions: partition scan of loop6 (3��x��C�

) failed (rc=-5)
[  536.257568][ T9733] bridge0: port 2(bridge_slave_1) entered disabled state
[  536.341674][ T9737] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1407'.
[  536.522733][ T9740] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1407'.
[  538.030174][ T9766] loop5: detected capacity change from 0 to 2048
[  538.162896][ T9767] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  538.265782][   T30] audit: type=1800 audit(1751145491.157:39): pid=9766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1420" name="file2" dev="loop5" ino=16 res=0 errno=0
[  538.306709][ T9766] NILFS error (device loop5): nilfs_lookup: deleted inode referenced: 12
[  538.332954][ T9766] Remounting filesystem read-only
[  538.484227][ T6918] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer
[  538.510618][   T30] audit: type=1800 audit(1751145491.387:40): pid=9770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1422" name="dmabuf" dev="dmabuf" ino=1 res=0 errno=0
[  539.022221][ T9779] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1425'.
[  539.032441][ T9779] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1425'.
[  540.200678][   T42] usb 1-1: new low-speed USB device number 9 using dummy_hcd
[  540.210749][ T1939] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  540.242271][ T9797] loop3: detected capacity change from 0 to 1024
[  540.390874][ T1939] usb 2-1: Using ep0 maxpacket: 32
[  540.407441][ T9800] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1436'.
[  540.432897][ T1939] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  540.441782][ T1939] usb 2-1: config 0 has no interface number 0
[  540.448339][ T1939] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  540.460058][ T1939] usb 2-1: config 0 interface 85 has no altsetting 0
[  540.502146][   T42] usb 1-1: unable to get BOS descriptor or descriptor too short
[  540.540649][   T42] usb 1-1: unable to read config index 0 descriptor/start: -71
[  540.548709][   T42] usb 1-1: can't read configurations, error -71
[  540.607352][ T1939] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  540.617201][ T1939] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  540.625642][ T1939] usb 2-1: Product: syz
[  540.630105][ T1939] usb 2-1: Manufacturer: syz
[  540.635527][ T1939] usb 2-1: SerialNumber: syz
[  540.695795][ T1939] usb 2-1: config 0 descriptor??
[  540.735531][ T3673] hfsplus: b-tree write err: -5, ino 4
[  541.367499][ T1939] appletouch 2-1:0.85: Geyser mode initialized.
[  541.377562][ T1939] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input9
[  541.575068][ T1939] usb 2-1: USB disconnect, device number 6
[  541.667765][ T1939] appletouch 2-1:0.85: input: appletouch disconnected
[  541.756935][ T9810] loop0: detected capacity change from 0 to 1024
[  542.108522][   T57] hfsplus: b-tree write err: -5, ino 4
[  542.678453][ T9827] loop5: detected capacity change from 0 to 512
[  542.734409][ T9827] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  543.155938][ T9833] loop0: detected capacity change from 0 to 1024
[  543.173459][ T9832] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  543.395476][ T9836] loop5: detected capacity change from 0 to 527
[  543.451352][ T9836] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  543.461486][ T9836] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  543.732504][ T3009] hfsplus: b-tree write err: -5, ino 4
[  545.931412][   T11] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  546.152919][   T11] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  546.163269][   T11] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  546.236570][   T11] usb 6-1: config 0 descriptor??
[  546.294889][   T11] cp210x 6-1:0.0: cp210x converter detected
[  546.477157][ T9872] loop1: detected capacity change from 0 to 512
[  546.499749][ T9872] EXT4-fs: Ignoring removed nobh option
[  546.580200][ T9872] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.1466: iget: bad i_size value: 38620345925642
[  546.655134][ T9872] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1466: couldn't read orphan inode 15 (err -117)
[  546.693604][   T11] cp210x 6-1:0.0: failed to get vendor val 0x0010 size 3: -121
[  546.748483][ T9872] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  546.902861][   T11] cp210x 6-1:0.0: failed to get vendor val 0x000e size 678: -71
[  546.911168][   T11] cp210x 6-1:0.0: GPIO initialisation failed: -71
[  546.982615][   T11] usb 6-1: cp210x converter now attached to ttyUSB0
[  547.037532][   T11] usb 6-1: USB disconnect, device number 4
[  547.143207][   T11] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  547.159121][   T11] cp210x 6-1:0.0: device disconnected
[  547.260632][ T9882] loop0: detected capacity change from 0 to 8
[  547.368747][ T9882] squashfs image failed sanity check
[  547.408058][ T5803] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  547.912110][ T9886] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  547.935939][ T9890] loop5: detected capacity change from 0 to 64
[  548.865053][ T9902] input: syz1 as /devices/virtual/input/input10
[  549.005091][ T9901] loop5: detected capacity change from 0 to 2048
[  549.197157][ T9901] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  549.212185][ T9901] ext4 filesystem being mounted at /216/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  549.494122][   T30] audit: type=1800 audit(1751145502.387:41): pid=9901 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1477" name="file0" dev="loop5" ino=13 res=0 errno=0
[  549.835062][ T9919] netlink: 17279 bytes leftover after parsing attributes in process `syz.0.1484'.
[  549.865838][ T6918] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  550.235691][ T9923] loop1: detected capacity change from 0 to 2048
[  550.320116][ T9923] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  550.395696][ T9926] loop5: detected capacity change from 0 to 1024
[  550.637242][ T9926] hfsplus: bad catalog entry type
[  550.914214][ T3673] hfsplus: b-tree write err: -5, ino 4
[  550.921225][ T9923] UDF-fs: warning (device loop1): udf_truncate_tail_extent: Too long extent after EOF in inode 1367: i_size: 94208 lbcount: 98304 extent 129+62464
[  552.083381][ T9938] loop5: detected capacity change from 0 to 4096
[  552.089879][ T9937] loop3: detected capacity change from 0 to 32768
[  552.094015][ T9937] XFS: attr2 mount option is deprecated.
[  552.194838][ T9937] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  552.566608][ T9942] loop0: detected capacity change from 0 to 1024
[  552.818978][ T9942] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  552.832234][ T9942] ext4 filesystem being mounted at /309/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  552.858219][ T9953] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  552.858219][ T9953] The task syz.4.1496 (9953) triggered the difference, watch for misbehavior.
[  552.908285][ T9937] XFS (loop3): Ending clean mount
[  552.932227][ T9937] XFS (loop3): Quotacheck needed: Please wait.
[  553.004644][ T9937] XFS (loop3): Quotacheck: Done.
[  553.197420][ T5806] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  553.473890][ T5802] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  555.389869][ T9974] loop0: detected capacity change from 0 to 2048
[  555.464861][ T9974] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  556.534783][ T9991] loop3: detected capacity change from 0 to 512
[  556.599143][ T9991] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  556.766595][ T9980] loop4: detected capacity change from 0 to 4096
[  556.811807][ T9991] EXT4-fs (loop3): 1 truncate cleaned up
[  556.819844][ T9991] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  556.976645][ T9987] loop1: detected capacity change from 0 to 4096
[  557.062748][ T9987] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  557.471975][ T5806] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  558.318595][ T9980] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  558.804255][   T30] audit: type=1800 audit(1751145511.707:42): pid=9980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1507" name="/" dev="loop4" ino=0 res=0 errno=0
[  560.591174][T10027] loop5: detected capacity change from 0 to 32768
[  560.621932][T10027] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  560.710637][T10027] (syz.5.1528,10027,1):ocfs2_load_local_alloc:339 ERROR: inconsistent detected, clean journal with unrecovered local alloc, please run fsck.ocfs2!
[  560.710637][T10027] found = 2, set = 0, taken = 0, off = 0
[  560.731617][T10027] (syz.5.1528,10027,1):ocfs2_load_local_alloc:356 ERROR: status = -22
[  560.740060][T10027] (syz.5.1528,10027,1):ocfs2_check_volume:2404 ERROR: status = -22
[  560.748515][T10027] (syz.5.1528,10027,1):ocfs2_check_volume:2432 ERROR: status = -22
[  560.756898][T10027] (syz.5.1528,10027,1):ocfs2_mount_volume:1764 ERROR: status = -22
[  560.783239][T10027] (syz.5.1528,10027,1):ocfs2_fill_super:1177 ERROR: status = -22
[  561.371256][   T11] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  561.379554][T10043] loop4: detected capacity change from 0 to 256
[  561.578747][   T11] usb 6-1: config 0 has an invalid interface number: 101 but max is 0
[  561.587620][   T11] usb 6-1: config 0 has no interface number 0
[  561.714977][   T11] usb 6-1: New USB device found, idVendor=093a, idProduct=2623, bcdDevice=b2.14
[  561.724595][   T11] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  561.733194][   T11] usb 6-1: Product: syz
[  561.737574][   T11] usb 6-1: Manufacturer: syz
[  561.742557][   T11] usb 6-1: SerialNumber: syz
[  561.880085][T10043] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  561.889656][   T11] usb 6-1: config 0 descriptor??
[  561.978030][   T11] gspca_main: gspca_pac7302-2.14.0 probing 093a:2623
[  562.157231][   T30] audit: type=1800 audit(1751145515.047:43): pid=10043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1532" name="file1" dev="loop4" ino=1048664 res=0 errno=0
[  562.748806][   T11] gspca_pac7302: reg_w() failed i: 78 v: 40 error -71
[  562.757620][   T11] gspca_pac7302 6-1:0.101: probe with driver gspca_pac7302 failed with error -71
[  562.798519][   T11] usb 6-1: USB disconnect, device number 5
[  564.167111][T10071] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1546'.
[  564.176601][T10071] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1546'.
[  565.034419][T10074] loop1: detected capacity change from 0 to 32768
[  565.097691][T10082] loop4: detected capacity change from 0 to 512
[  565.212907][ T3673] read_mapping_page failed!
[  565.217681][ T3673] ERROR: (device loop1): txAbort: 
[  565.217681][ T3673] 
[  565.285525][ T3673] ERROR: (device loop1): remounting filesystem as read-only
[  565.293339][ T3673] jfs_write_inode: jfs_commit_inode failed!
[  565.315673][T10082] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  565.358265][T10082] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[  565.459307][T10085] loop3: detected capacity change from 0 to 128
[  565.651962][T10085] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1552'.
[  565.662092][T10085] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1552'.
[  566.430563][T10094] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1557'.
[  566.453915][T10094] bond0: entered promiscuous mode
[  566.459306][T10094] bond_slave_0: entered promiscuous mode
[  566.466355][T10094] bond_slave_1: entered promiscuous mode
[  566.546394][T10094] bond0: left promiscuous mode
[  566.551778][T10094] bond_slave_0: left promiscuous mode
[  566.558359][T10094] bond_slave_1: left promiscuous mode
[  569.751311][ T5808] Bluetooth: hci4: unexpected event for opcode 0x0c47
[  569.961224][T10134] loop0: detected capacity change from 0 to 1024
[  570.134833][T10134] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  570.654218][ T5802] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  571.014833][   T11] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  571.257807][   T11] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  571.269392][   T11] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  571.280072][   T11] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  571.293640][   T11] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  571.303326][   T11] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  571.443349][   T11] usb 5-1: config 0 descriptor??
[  571.594364][T10155] random: crng reseeded on system resumption
[  572.225966][   T11] plantronics 0003:047F:FFFF.000D: unbalanced collection at end of report description
[  572.295081][   T11] plantronics 0003:047F:FFFF.000D: parse failed
[  572.302244][   T11] plantronics 0003:047F:FFFF.000D: probe with driver plantronics failed with error -22
[  572.395557][   T11] usb 5-1: USB disconnect, device number 7
[  573.050035][T10167] bond0: entered promiscuous mode
[  573.055507][T10167] bond_slave_0: entered promiscuous mode
[  573.070233][T10167] bond_slave_1: entered promiscuous mode
[  573.151905][T10167] bond0: left promiscuous mode
[  573.157038][T10167] bond_slave_0: left promiscuous mode
[  573.167621][T10167] bond_slave_1: left promiscuous mode
[  573.839016][ T5808] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  573.847759][ T5808] Bluetooth: hci4: Injecting HCI hardware error event
[  573.861015][ T5808] Bluetooth: hci4: hardware error 0x00
[  574.291848][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  574.492452][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  574.901705][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  574.947747][T10187] loop1: detected capacity change from 0 to 32768
[  574.983760][T10187] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1596 (10187)
[  575.018114][T10187] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  575.028844][T10187] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  575.038579][T10187] BTRFS info (device loop1): using free-space-tree
[  575.337452][T10187] BTRFS info (device loop1): rebuilding free space tree
[  575.456757][T10187] BTRFS info (device loop1): balance: start -f -sprofiles=data|system|metadata|raid0|raid10|raid5|raid6|0x3800,limit=10376293541461622786
[  575.472133][T10187] BTRFS info (device loop1): balance: ended with status: 0
[  575.642583][ T5803] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  575.881646][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  575.921345][ T5808] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  576.243548][T10213] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  576.488242][T10220] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  577.710270][T10228] loop3: detected capacity change from 0 to 2048
[  577.911483][T10228] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  579.777977][T10257] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1620'.
[  579.787388][T10257] netlink: 'syz.5.1620': attribute type 21 has an invalid length.
[  580.780795][T10269] loop3: detected capacity change from 0 to 512
[  580.856994][T10269] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  581.069691][T10269] EXT4-fs (loop3): 1 truncate cleaned up
[  581.078206][T10269] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  581.282038][T10269] fscrypt (loop3, inode 18): Can't use IV_INO_LBLK_32 policy with contents mode other than AES-256-XTS
[  581.759504][ T5808] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  581.874627][ T5806] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  582.803436][T10288] tap0: tun_chr_ioctl cmd 1074025677
[  582.809678][T10288] tap0: linktype set to 768
[  583.576267][T10304] program syz.0.1640 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  584.093194][T10313] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1644'.
[  585.412057][T10331] netlink: 'syz.3.1652': attribute type 2 has an invalid length.
[  585.420237][T10331] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1652'.
[  586.973857][T10343] loop1: detected capacity change from 0 to 32768
[  586.986108][T10343] XFS: noikeep mount option is deprecated.
[  587.042596][T10343] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  587.056230][ T1939] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  587.303646][ T1939] usb 6-1: unable to get BOS descriptor or descriptor too short
[  587.351038][ T1939] usb 6-1: not running at top speed; connect to a high speed hub
[  587.414781][ T1939] usb 6-1: config 3 has an invalid interface number: 104 but max is 1
[  587.423504][ T1939] usb 6-1: config 3 has an invalid interface number: 210 but max is 1
[  587.432297][ T1939] usb 6-1: config 3 has no interface number 0
[  587.438621][ T1939] usb 6-1: config 3 has no interface number 1
[  587.445350][ T1939] usb 6-1: config 3 interface 104 has no altsetting 0
[  587.452551][ T1939] usb 6-1: config 3 interface 210 has no altsetting 0
[  587.523218][T10343] XFS (loop1): Ending clean mount
[  587.547247][T10343] XFS (loop1): Quotacheck needed: Please wait.
[  587.568379][ T1939] usb 6-1: New USB device found, idVendor=07b8, idProduct=4000, bcdDevice=11.ff
[  587.578277][ T1939] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  587.586790][ T1939] usb 6-1: Product: syz
[  587.591581][ T1939] usb 6-1: Manufacturer: syz
[  587.596417][ T1939] usb 6-1: SerialNumber: syz
[  587.640895][T10343] XFS (loop1): Quotacheck: Done.
[  587.752323][ T5803] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  588.018420][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  588.025296][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  588.144560][T10367] loop0: detected capacity change from 0 to 16
[  588.243400][T10367] erofs (device loop0): mounted with root inode @ nid 36.
[  588.374316][ T1939] kaweth 6-1:3.104: Firmware present in device.
[  588.587535][ T1939] kaweth 6-1:3.104: Error reading configuration (-71), no net device created
[  588.598629][ T1939] kaweth 6-1:3.104: probe with driver kaweth failed with error -5
[  588.771282][ T1939] kaweth 6-1:3.210: Firmware present in device.
[  588.829819][ T1939] kaweth 6-1:3.210: Error reading configuration (-71), no net device created
[  588.840270][ T1939] kaweth 6-1:3.210: probe with driver kaweth failed with error -5
[  588.947287][ T1939] usb 6-1: USB disconnect, device number 6
[  590.373048][ T1939] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  590.642339][ T1939] usb 5-1: Using ep0 maxpacket: 32
[  590.837785][ T1939] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  590.848506][ T1939] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  590.859994][ T1939] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  590.870285][ T1939] usb 5-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  590.885801][ T1939] usb 5-1: config 0 interface 0 has no altsetting 0
[  590.894814][ T1939] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  590.904290][ T1939] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  591.116298][ T1939] usb 5-1: config 0 descriptor??
[  591.403099][T10396] netlink: 'syz.5.1679': attribute type 11 has an invalid length.
[  591.411784][T10396] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1679'.
[  591.615606][ T1939] hid-thrustmaster 0003:044F:B65D.000E: global environment stack underflow
[  591.624843][ T1939] hid-thrustmaster 0003:044F:B65D.000E: item 0 4 1 11 parsing failed
[  591.670485][ T1939] hid-thrustmaster 0003:044F:B65D.000E: parse failed with error -22
[  591.679223][ T1939] hid-thrustmaster 0003:044F:B65D.000E: probe with driver hid-thrustmaster failed with error -22
[  591.758287][   T30] audit: type=1326 audit(1751145544.657:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10397 comm="syz.3.1680" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f05fb18e929 code=0x0
[  591.828012][ T1939] usb 5-1: USB disconnect, device number 8
[  592.404307][T10406] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1683'.
[  592.419006][T10406] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1683'.
[  592.538895][T10408] loop0: detected capacity change from 0 to 128
[  593.266784][T10418] netlink: 452 bytes leftover after parsing attributes in process `syz.0.1689'.
[  593.786430][T10428] loop3: detected capacity change from 0 to 256
[  594.619403][T10442] loop0: detected capacity change from 0 to 256
[  594.653433][T10442] FAT-fs (loop0): bogus number of FAT sectors
[  594.672460][T10442] FAT-fs (loop0): Can't find a valid FAT filesystem
[  595.284914][T10453] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1703'.
[  595.542563][T10459] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1707'.
[  595.967897][T10464] loop5: detected capacity change from 0 to 512
[  596.118350][T10464] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  596.274375][T10464] EXT4-fs (loop5): 1 truncate cleaned up
[  596.283698][T10464] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  596.773634][T10475] loop4: detected capacity change from 0 to 2048
[  596.879811][ T6918] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  596.947171][T10475] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  597.349452][T10482] loop1: detected capacity change from 0 to 64
[  597.690736][   T11] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  597.892127][   T11] usb 1-1: Using ep0 maxpacket: 32
[  597.912202][   T11] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  597.922643][   T11] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  598.001249][T10487] loop5: detected capacity change from 0 to 512
[  598.011364][   T11] usb 1-1: config 0 descriptor??
[  598.081574][T10487] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  598.134250][T10487] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  598.202122][T10487] EXT4-fs error (device loop5): ext4_get_verity_descriptor_location:335: inode #15: comm syz.5.1718: verity file corrupted; can't find descriptor
[  598.261461][   T11] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  598.263766][T10493] EXT4-fs error (device loop5): ext4_get_verity_descriptor_location:335: inode #15: comm syz.5.1718: verity file corrupted; can't find descriptor
[  598.283720][   T11] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  598.287194][   T11] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  598.301804][   T11] usb 1-1: media controller created
[  598.358689][T10487] EXT4-fs (loop5): Remounting filesystem read-only
[  598.365619][T10487] fs-verity (loop5, inode 15): Error -117 getting verity descriptor size
[  598.369083][   T11] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  598.375375][T10493] fs-verity (loop5, inode 15): Error -117 getting verity descriptor size
[  598.810095][ T6918] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  598.962865][   T11] az6027: usb out operation failed. (-71)
[  599.042714][   T11] az6027: usb out operation failed. (-71)
[  599.048679][   T11] stb0899_attach: Driver disabled by Kconfig
[  599.055129][   T11] az6027: no front-end attached
[  599.055129][   T11] 
[  599.103476][T10497] loop4: detected capacity change from 0 to 256
[  599.181565][   T11] az6027: usb out operation failed. (-71)
[  599.187553][   T11] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  599.198611][   T11] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input12
[  599.395163][   T11] dvb-usb: schedule remote query interval to 400 msecs.
[  599.404055][   T11] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  599.500919][   T11] usb 1-1: USB disconnect, device number 11
[  599.706917][T10497] FAT-fs (loop4): Directory bread(block 64) failed
[  599.714430][T10497] FAT-fs (loop4): Directory bread(block 65) failed
[  599.721628][T10497] FAT-fs (loop4): Directory bread(block 66) failed
[  599.728458][T10497] FAT-fs (loop4): Directory bread(block 67) failed
[  599.735579][T10497] FAT-fs (loop4): Directory bread(block 68) failed
[  599.742578][T10497] FAT-fs (loop4): Directory bread(block 69) failed
[  599.749469][T10497] FAT-fs (loop4): Directory bread(block 70) failed
[  599.756489][T10497] FAT-fs (loop4): Directory bread(block 71) failed
[  599.763590][T10497] FAT-fs (loop4): Directory bread(block 72) failed
[  599.770488][T10497] FAT-fs (loop4): Directory bread(block 73) failed
[  600.051584][   T11] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  600.585573][T10509] loop1: detected capacity change from 0 to 4096
[  600.704732][T10509] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  600.872280][   T11] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  600.962161][T10509] ntfs3(loop1): ino=1a, mi_enum_attr
[  600.967778][T10509] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  601.060691][   T11] usb 6-1: Using ep0 maxpacket: 32
[  601.093430][   T11] usb 6-1: config 0 has an invalid interface number: 35 but max is 0
[  601.102778][   T11] usb 6-1: config 0 has no interface number 0
[  601.104169][T10512] loop0: detected capacity change from 0 to 4096
[  601.109034][   T11] usb 6-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  601.109190][   T11] usb 6-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  601.191977][T10512] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  601.327008][T10512] ntfs3(loop0): Failed to load $BadClus (-22).
[  601.430998][T10518] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  601.437565][T10518] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  601.555451][T10518] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  601.562333][T10518] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  601.737186][T10518] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  601.743831][T10518] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  601.885125][T10518] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  601.892163][T10518] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  602.081429][T10522] loop3: detected capacity change from 0 to 32768
[  602.113304][   T11] usb 6-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad
[  602.122824][   T11] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  602.131288][   T11] usb 6-1: Product: syz
[  602.135675][   T11] usb 6-1: Manufacturer: syz
[  602.145008][   T11] usb 6-1: SerialNumber: syz
[  602.194917][   T11] usb 6-1: config 0 descriptor??
[  602.228868][T10522] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  602.486002][   T11] radio-si470x 6-1:0.35: this is not a si470x device.
[  602.555860][   T11] radio-raremono 6-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  602.792867][   T11] radio-raremono 6-1:0.35: V4L2 device registered as radio48
[  603.013167][T10522] XFS (loop3): Ending clean mount
[  603.039835][T10522] XFS (loop3): Quotacheck needed: Please wait.
[  603.101351][   T11] usb 6-1: USB disconnect, device number 7
[  603.108965][   T11] radio-raremono 6-1:0.35: Thanko's Raremono disconnected
[  603.122626][ T5808] Bluetooth: hci0: command 0x0406 tx timeout
[  603.186801][T10522] XFS (loop3): Quotacheck: Done.
[  603.353642][ T5806] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  603.590740][ T5808] Bluetooth: hci1: command 0x0406 tx timeout
[  603.831027][ T5808] Bluetooth: hci2: command 0x0406 tx timeout
[  603.911771][ T5808] Bluetooth: hci3: command 0x0406 tx timeout
[  604.379976][T10551] loop4: detected capacity change from 0 to 2048
[  604.535720][T10551] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  604.693472][T10557] loop3: detected capacity change from 0 to 64
[  604.793635][T10559] loop5: detected capacity change from 0 to 256
[  604.853546][T10559] exfat: Deprecated parameter 'utf8'
[  604.859326][T10559] exfat: Deprecated parameter 'utf8'
[  604.865561][T10559] exfat: Deprecated parameter 'utf8'
[  604.877883][T10557] Trying to free block not in datazone
[  605.102473][T10559] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  605.191037][ T5808] Bluetooth: hci0: command 0x0406 tx timeout
[  605.301946][   T30] audit: type=1800 audit(1751145558.167:45): pid=10559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1745" name="file2" dev="loop5" ino=1048686 res=0 errno=0
[  605.680807][ T5808] Bluetooth: hci1: command 0x0406 tx timeout
[  605.910661][ T5808] Bluetooth: hci2: command 0x0406 tx timeout
[  605.991070][ T5808] Bluetooth: hci3: command 0x0406 tx timeout
[  606.009269][T10571] loop5: detected capacity change from 0 to 512
[  606.109385][T10571] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  606.297785][T10571] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  606.311555][T10571] ext4 filesystem being mounted at /271/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  606.881487][T10583] netlink: 'syz.3.1754': attribute type 2 has an invalid length.
[  607.050521][ T6918] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  608.189634][T10601] loop3: detected capacity change from 0 to 16
[  608.254428][T10601] erofs (device loop3): mounted with root inode @ nid 36.
[  608.433319][T10601] erofs (device loop3): read error -117 @ 72 of nid 36
[  609.442400][T10613] loop0: detected capacity change from 0 to 512
[  609.495115][T10613] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  609.609286][T10613] EXT4-fs (loop0): 1 truncate cleaned up
[  609.622755][T10613] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  610.376669][T10617] loop1: detected capacity change from 0 to 32768
[  610.386349][T10617] XFS: ikeep mount option is deprecated.
[  610.407320][ T5802] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  610.540045][T10617] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  610.547133][ T3673] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  610.772039][ T3673] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  610.867513][T10617] XFS (loop1): Ending clean mount
[  610.890880][T10617] XFS (loop1): Quotacheck needed: Please wait.
[  610.992315][ T3673] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  611.022194][T10617] XFS (loop1): Quotacheck: Done.
[  611.207272][ T3673] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  611.240848][ T5803] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  611.354102][T10631] loop4: detected capacity change from 0 to 2048
[  611.474317][T10631] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  611.496593][ T3673] bridge_slave_1: left promiscuous mode
[  611.504036][ T3673] bridge0: port 2(bridge_slave_1) entered disabled state
[  611.610656][T10634] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  611.658794][ T3673] bridge_slave_0: left allmulticast mode
[  611.667157][ T3673] bridge_slave_0: left promiscuous mode
[  611.674027][ T3673] bridge0: port 1(bridge_slave_0) entered disabled state
[  611.773575][T10635] NILFS (loop4): DAT doesn't have a block to manage vblocknr = 3044605952
[  611.783659][T10635] NILFS error (device loop4): nilfs_bmap_truncate: broken bmap (inode number=15)
[  611.995224][T10635] Remounting filesystem read-only
[  612.001204][T10635] NILFS (loop4): error -5 truncating bmap (ino=15)
[  612.541826][ T5798] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  612.600188][ T3673] team0: Port device bridge1 removed
[  612.689906][ T3673] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  612.758583][ T3673] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  612.807484][ T3673] bond0 (unregistering): Released all slaves
[  613.086323][ T3673] tipc: Disabling bearer <udp:s>
[  613.092140][ T3673] tipc: Left network mode
[  613.740702][ T3673] hsr_slave_0: left promiscuous mode
[  613.776969][ T3673] hsr_slave_1: left promiscuous mode
[  613.785030][ T3673] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  613.792986][ T3673] batman_adv: batadv0: Removing interface: batadv_slave_0
[  613.946245][ T3673] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  613.954080][ T3673] batman_adv: batadv0: Removing interface: batadv_slave_1
[  614.102136][ T3673] veth1_macvtap: left promiscuous mode
[  614.107925][ T3673] veth0_macvtap: left promiscuous mode
[  614.114198][ T3673] veth1_vlan: left promiscuous mode
[  614.124493][ T3673] veth0_vlan: left promiscuous mode
[  614.989883][ T5805] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  615.001964][ T5805] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  615.021257][ T5805] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  615.036035][ T5805] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  615.051759][ T5805] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  615.538879][ T3673] team0 (unregistering): Port device team_slave_1 removed
[  615.649177][ T3673] team0 (unregistering): Port device team_slave_0 removed
[  616.987687][T10691] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1792'.
[  617.110881][ T5805] Bluetooth: hci3: command tx timeout
[  617.536017][T10665] chnl_net:caif_netlink_parms(): no params data found
[  619.200866][ T5805] Bluetooth: hci3: command tx timeout
[  619.244608][T10665] bridge0: port 1(bridge_slave_0) entered blocking state
[  619.253601][T10665] bridge0: port 1(bridge_slave_0) entered disabled state
[  619.261564][T10665] bridge_slave_0: entered allmulticast mode
[  619.271687][T10665] bridge_slave_0: entered promiscuous mode
[  619.280303][T10727] loop5: detected capacity change from 0 to 256
[  619.389120][T10731] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1805'.
[  619.424249][T10665] bridge0: port 2(bridge_slave_1) entered blocking state
[  619.431997][T10665] bridge0: port 2(bridge_slave_1) entered disabled state
[  619.439778][T10665] bridge_slave_1: entered allmulticast mode
[  619.452021][T10665] bridge_slave_1: entered promiscuous mode
[  619.526110][T10727] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d)
[  620.030014][T10665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  620.164046][T10665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  620.204991][T10739] loop1: detected capacity change from 0 to 22
[  620.299692][T10739] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  620.574295][T10665] team0: Port device team_slave_0 added
[  620.649408][T10665] team0: Port device team_slave_1 added
[  621.142437][T10665] batman_adv: batadv0: Adding interface: batadv_slave_0
[  621.149733][T10665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  621.175928][    C1] vkms_vblank_simulate: vblank timer overrun
[  621.183729][T10665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  621.301524][ T5805] Bluetooth: hci3: command tx timeout
[  621.315857][T10665] batman_adv: batadv0: Adding interface: batadv_slave_1
[  621.326073][T10665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  621.355282][T10665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  621.826016][   T11] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  622.050891][   T11] usb 5-1: Using ep0 maxpacket: 32
[  622.071698][   T11] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  622.081285][   T11] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  622.154347][T10665] hsr_slave_0: entered promiscuous mode
[  622.164482][T10665] hsr_slave_1: entered promiscuous mode
[  622.174742][T10665] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  622.182637][T10665] Cannot create hsr debugfs directory
[  622.185057][   T11] usb 5-1: config 0 descriptor??
[  622.473102][   T11] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  622.527821][   T11] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  622.573158][   T11] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  622.580902][   T11] usb 5-1: media controller created
[  622.672338][   T11] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  623.268793][   T11] az6027: usb out operation failed. (-71)
[  623.275474][   T11] stb0899_attach: Driver disabled by Kconfig
[  623.281919][   T11] az6027: no front-end attached
[  623.281919][   T11] 
[  623.348341][   T11] az6027: usb out operation failed. (-71)
[  623.359536][   T11] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  623.374247][   T11] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input13
[  623.397401][ T5805] Bluetooth: hci3: command tx timeout
[  623.426817][   T11] dvb-usb: schedule remote query interval to 400 msecs.
[  623.434219][   T11] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  623.478031][T10779] loop5: detected capacity change from 0 to 1024
[  623.514862][T10779] hfsplus: bad catalog entry type
[  623.678825][   T11] usb 5-1: USB disconnect, device number 9
[  624.166084][T10665] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  624.174719][   T11] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  624.312819][T10665] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  624.469981][T10665] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  624.559185][T10665] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  625.925822][T10665] 8021q: adding VLAN 0 to HW filter on device bond0
[  626.161315][T10665] 8021q: adding VLAN 0 to HW filter on device team0
[  626.277411][ T5028] bridge0: port 1(bridge_slave_0) entered blocking state
[  626.285113][ T5028] bridge0: port 1(bridge_slave_0) entered forwarding state
[  626.424632][ T5028] bridge0: port 2(bridge_slave_1) entered blocking state
[  626.432332][ T5028] bridge0: port 2(bridge_slave_1) entered forwarding state
[  628.774890][T10665] 8021q: adding VLAN 0 to HW filter on device batadv0
[  629.339941][T10855] loop5: detected capacity change from 0 to 1024
[  629.382041][T10855] EXT4-fs: Ignoring removed i_version option
[  629.388394][T10855] EXT4-fs: Ignoring removed oldalloc option
[  629.527359][T10855] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0003]
[  629.601667][T10855] System zones: 0-1, 3-8
[  629.674639][T10855] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  629.689216][T10855] ext4 filesystem being mounted at /294/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  629.877178][T10866] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1847'.
[  629.893210][   T30] audit: type=1800 audit(1751145582.777:46): pid=10855 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1845" name="file1" dev="loop5" ino=15 res=0 errno=0
[  630.282843][ T6918] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  630.828523][T10879] loop1: detected capacity change from 0 to 128
[  630.944102][T10879] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  631.074893][T10879] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  631.361154][T10885] loop0: detected capacity change from 0 to 164
[  631.856442][T10665] veth0_vlan: entered promiscuous mode
[  632.001905][T10665] veth1_vlan: entered promiscuous mode
[  632.459714][T10665] veth0_macvtap: entered promiscuous mode
[  632.609264][T10665] veth1_macvtap: entered promiscuous mode
[  632.821786][T10665] batman_adv: batadv0: Interface activated: batadv_slave_0
[  632.887513][T10903] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1860'.
[  632.952985][T10665] batman_adv: batadv0: Interface activated: batadv_slave_1
[  633.052633][T10905] loop5: detected capacity change from 0 to 512
[  633.059048][T10665] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  633.059235][T10665] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  633.084757][T10665] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  633.093915][T10665] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  633.354638][T10905] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  633.367848][T10905] ext4 filesystem being mounted at /298/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  633.713865][T10914] loop4: detected capacity change from 0 to 1024
[  633.773004][T10919] ref_ctr_offset mismatch. inode: 0x820 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x4
[  633.801028][T10914] EXT4-fs: Ignoring removed nobh option
[  633.806980][T10914] EXT4-fs: Ignoring removed bh option
[  634.034106][T10914] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  634.094587][ T6918] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  634.411638][T10914] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  634.474586][T10914] EXT4-fs (loop4): Remounting filesystem read-only
[  634.959573][ T5798] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  635.104791][T10938] loop1: detected capacity change from 0 to 128
[  635.229555][T10938] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  635.422416][T10938] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  636.319792][T10956] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1875'.
[  636.886166][T10964] loop1: detected capacity change from 0 to 256
[  636.997327][T10964] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  637.008583][T10964] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  637.126112][T10966] netlink: 'syz.4.1878': attribute type 2 has an invalid length.
[  637.208473][T10964] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xddfd5d26, utbl_chksum : 0xe619d30d)
[  637.459357][T10972] loop0: detected capacity change from 0 to 256
[  638.013399][T10972] FAT-fs (loop0): Directory bread(block 64) failed
[  638.020258][T10972] FAT-fs (loop0): Directory bread(block 65) failed
[  638.027670][T10972] FAT-fs (loop0): Directory bread(block 66) failed
[  638.034642][T10972] FAT-fs (loop0): Directory bread(block 67) failed
[  638.041849][T10972] FAT-fs (loop0): Directory bread(block 68) failed
[  638.054486][T10972] FAT-fs (loop0): Directory bread(block 69) failed
[  638.062714][T10972] FAT-fs (loop0): Directory bread(block 70) failed
[  638.070167][T10972] FAT-fs (loop0): Directory bread(block 71) failed
[  638.077545][T10972] FAT-fs (loop0): Directory bread(block 72) failed
[  638.088691][T10972] FAT-fs (loop0): Directory bread(block 73) failed
[  638.973932][T10993] bond0: entered promiscuous mode
[  638.979231][T10993] bond_slave_0: entered promiscuous mode
[  638.986286][T10993] bond_slave_1: entered promiscuous mode
[  639.067848][T10993] bond0: left promiscuous mode
[  639.073192][T10993] bond_slave_0: left promiscuous mode
[  639.079732][T10993] bond_slave_1: left promiscuous mode
[  639.910762][T11007] loop1: detected capacity change from 0 to 64
[  639.992459][T11007] hfs: Bad value for 'dir_umask'
[  641.354382][ T3857] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  641.366024][ T3857] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  641.666788][ T5028] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  641.676062][ T5028] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  642.302742][T11039] hsr0: entered promiscuous mode
[  642.861834][T11050] loop4: detected capacity change from 0 to 1024
[  642.902903][T11050] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  643.222180][T11050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  643.234900][T11060] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  643.476530][T11050] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.1904: missing EA_INODE flag
[  643.574831][T11050] EXT4-fs (loop4): Remounting filesystem read-only
[  644.184120][ T5798] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  644.234368][T11073] loop0: detected capacity change from 0 to 512
[  644.324811][T11073] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  644.496841][T11073] EXT4-fs (loop0): 1 truncate cleaned up
[  644.505086][T11073] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  644.914616][T11081] loop6: detected capacity change from 0 to 2048
[  645.090846][T11081] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  645.191473][ T5802] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  645.391877][   T42] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  645.630690][   T42] usb 2-1: Using ep0 maxpacket: 32
[  645.655127][   T42] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  645.665577][   T42] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  645.675280][   T42] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  645.684587][   T42] usb 2-1: config 1 has no interface number 0
[  645.691086][   T42] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  645.702361][   T42] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  645.715765][   T42] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  645.725236][   T42] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  646.074833][   T42] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  646.312351][   T42] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached
[  646.431012][   T30] audit: type=1326 audit(1751145599.327:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.6.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf2758e929 code=0x7ffc0000
[  646.587158][T11101] loop0: detected capacity change from 0 to 1024
[  646.661350][   T30] audit: type=1326 audit(1751145599.357:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.6.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf2758e929 code=0x7ffc0000
[  646.687921][   T30] audit: type=1326 audit(1751145599.387:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.6.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7faf2758e929 code=0x7ffc0000
[  646.693184][T11101] EXT4-fs: Ignoring removed nobh option
[  646.712261][   T30] audit: type=1326 audit(1751145599.387:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.6.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7faf2758e963 code=0x7ffc0000
[  646.716963][T11101] EXT4-fs: Ignoring removed bh option
[  646.739044][    C1] vkms_vblank_simulate: vblank timer overrun
[  646.739183][   T30] audit: type=1326 audit(1751145599.447:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.6.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7faf2758d3df code=0x7ffc0000
[  646.773489][    C1] vkms_vblank_simulate: vblank timer overrun
[  646.802923][T11102] loop6: detected capacity change from 0 to 1024
[  646.849358][   T42] usb 2-1: USB disconnect, device number 7
[  646.857569][   T42] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  646.909019][T11102] EXT4-fs: Ignoring removed oldalloc option
[  646.916627][T11102] EXT4-fs: Ignoring removed bh option
[  646.959034][T11104] loop5: detected capacity change from 0 to 2048
[  647.103141][   T30] audit: type=1326 audit(1751145599.697:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.6.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7faf2758e9b7 code=0x7ffc0000
[  647.111929][T11101] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  647.126625][   T30] audit: type=1326 audit(1751145599.697:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.6.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faf2758d290 code=0x7ffc0000
[  647.162906][   T30] audit: type=1326 audit(1751145599.697:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.6.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faf2758e52b code=0x7ffc0000
[  647.185717][   T30] audit: type=1326 audit(1751145599.807:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.6.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7faf2758d58a code=0x7ffc0000
[  647.212646][   T30] audit: type=1326 audit(1751145599.807:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.6.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7faf2758d58a code=0x7ffc0000
[  647.263941][T11102] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  647.422368][T11104] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  647.436677][T11104] ext4 filesystem being mounted at /313/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  647.460125][T11101] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 15: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  647.591721][T11116] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  647.715141][T10665] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  647.867412][ T5802] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  648.063351][ T6918] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  648.693066][T11131] sctp: [Deprecated]: syz.5.1930 (pid 11131) Use of int in max_burst socket option.
[  648.693066][T11131] Use struct sctp_assoc_value instead
[  649.460252][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  649.467007][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  649.929153][T11156] loop5: detected capacity change from 0 to 128
[  650.029877][T11157] loop4: detected capacity change from 0 to 128
[  650.106949][T11157] EXT4-fs: Ignoring removed nobh option
[  650.244463][T11157] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  650.387103][T11157] ext4 filesystem being mounted at /361/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  650.392132][ T3857] FAT-fs (loop5): error, invalid FAT chain (i_pos 548, last_block 8)
[  650.406141][ T3857] FAT-fs (loop5): Filesystem has been set read-only
[  650.413187][ T3857] FAT-fs (loop5): error, corrupted file size (i_pos 548, 522)
[  650.701389][T11166] binder: 11164:11166 ioctl c0306201 200000000640 returned -22
[  651.022548][ T5798] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  652.439821][T11196] loop4: detected capacity change from 0 to 128
[  652.643557][T11196] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  652.748234][T11196] ext4 filesystem being mounted at /363/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  652.780518][    C1] vkms_vblank_simulate: vblank timer overrun
[  652.845832][T11207] loop1: detected capacity change from 0 to 256
[  652.964605][   T11] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  652.965060][T11196] fscrypt (loop4, inode 12): Can't use IV_INO_LBLK_32 policy on filesystem 'loop4' because it doesn't have stable inode numbers
[  653.043890][T11207] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  653.172243][T11207] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008)
[  653.182871][   T11] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  653.183035][   T11] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  653.213001][   T11] usb 7-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  653.222541][   T11] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  653.231002][   T11] usb 7-1: Product: syz
[  653.235387][   T11] usb 7-1: Manufacturer: syz
[  653.243714][   T11] usb 7-1: SerialNumber: syz
[  653.303465][   T11] usb 7-1: config 0 descriptor??
[  653.312760][T11203] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  653.320799][T11203] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  653.612589][T11203] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  653.664562][ T5798] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  653.694602][T11203] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  654.167402][T11221] input: syz1 as /devices/virtual/input/input14
[  654.194109][   T11] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[  654.402760][   T11] dm9601 7-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID
[  654.486888][   T11] usb 7-1: USB disconnect, device number 2
[  654.498935][ T5974] udevd[5974]: setting mode of /dev/bus/usb/007/002 to 020664 failed: No such file or directory
[  654.571724][ T5974] udevd[5974]: setting owner of /dev/bus/usb/007/002 to uid=0, gid=0 failed: No such file or directory
[  655.263429][T11237] loop4: detected capacity change from 0 to 128
[  655.391787][T11237] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  655.714872][T11244] program syz.5.1969 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  655.755497][T11237] FAT-fs (loop4): FAT read failed (blocknr 128)
[  655.782281][T11245] program syz.5.1969 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  655.818731][T11245] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  655.919104][   T42] usb 7-1: new low-speed USB device number 3 using dummy_hcd
[  656.151719][   T42] usb 7-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  656.167470][   T42] usb 7-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 1024, setting to 8
[  656.179426][   T42] usb 7-1: config 0 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 16
[  656.192923][   T42] usb 7-1: config 0 interface 0 has no altsetting 0
[  656.199838][   T42] usb 7-1: New USB device found, idVendor=28bd, idProduct=1903, bcdDevice= 0.00
[  656.210891][   T42] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  656.402027][   T42] usb 7-1: config 0 descriptor??
[  656.409182][T11243] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  657.019287][   T42] input: HID 28bd:1903 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:28BD:1903.000F/input/input15
[  657.212982][   T42] uclogic 0003:28BD:1903.000F: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:1903] on usb-dummy_hcd.6-1/input0
[  657.359467][   T42] usb 7-1: USB disconnect, device number 3
[  658.494931][T11281] loop5: detected capacity change from 0 to 1024
[  658.581869][   T42] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  658.640038][T11276] fido_id[11276]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  658.833486][   T42] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  658.844827][   T42] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  658.855148][   T42] usb 7-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  658.864882][   T42] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  659.029423][   T42] usb 7-1: config 0 descriptor??
[  659.264873][T11291] loop4: detected capacity change from 0 to 128
[  659.355679][T11294] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1988'.
[  659.475783][T11291] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002]
[  659.531629][   T42] hid-steam 0003:28DE:1142.0010: unknown main item tag 0x0
[  659.539284][   T42] hid-steam 0003:28DE:1142.0010: unknown main item tag 0x0
[  659.547481][   T42] hid-steam 0003:28DE:1142.0010: unknown main item tag 0x0
[  659.555198][   T42] hid-steam 0003:28DE:1142.0010: unknown main item tag 0x0
[  659.562924][   T42] hid-steam 0003:28DE:1142.0010: unknown main item tag 0x0
[  659.598185][T11291] System zones: 1-3, 19-19, 35-36
[  659.710275][T11291] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  659.763892][   T42] hid-steam 0003:28DE:1142.0010: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.6-1/input0
[  659.803608][T11291] ext4 filesystem being mounted at /369/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  659.909663][   T42] usb 7-1: USB disconnect, device number 4
[  659.952572][T11291] EXT4-fs warning (device loop4): ext4_group_extend:1891: can't read last block, resize aborted
[  660.483764][ T5798] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  661.227003][T11312] fido_id[11312]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  662.710941][ T9895] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  662.989226][ T9895] usb 7-1: config 0 has no interfaces?
[  662.995474][ T9895] usb 7-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00
[  663.005107][ T9895] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  663.162803][ T9895] usb 7-1: config 0 descriptor??
[  663.392889][T11335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  663.403091][T11335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  663.726611][ T9895] usb 7-1: USB disconnect, device number 5
[  663.967866][T11352] loop5: detected capacity change from 0 to 40427
[  663.983722][T11352] F2FS-fs (loop5): invalid crc value
[  664.243563][T11352] F2FS-fs (loop5): Start checkpoint disabled!
[  664.332797][T11352] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  664.740933][T11358] loop4: detected capacity change from 0 to 32768
[  664.903366][ T4090] kworker/u8:22: attempt to access beyond end of device
[  664.903366][ T4090] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  664.923212][ T4090] CPU: 0 UID: 0 PID: 4090 Comm: kworker/u8:22 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(undef) 
[  664.923360][ T4090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  664.923479][ T4090] Workqueue: writeback wb_workfn (flush-7:5)
[  664.923651][ T4090] Call Trace:
[  664.923698][ T4090]  <TASK>
[  664.923748][ T4090]  __dump_stack+0x26/0x30
[  664.923901][ T4090]  dump_stack_lvl+0x1df/0x270
[  664.924072][ T4090]  dump_stack+0x1e/0x25
[  664.924214][ T4090]  f2fs_handle_critical_error+0xa6f/0xc20
[  664.924435][ T4090]  f2fs_stop_checkpoint+0x65/0x80
[  664.924616][ T4090]  f2fs_write_end_io+0xb4b/0x1920
[  664.924758][ T4090]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  664.924957][ T4090]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  664.925089][ T4090]  bio_endio+0xe24/0xf80
[  664.925254][ T4090]  submit_bio_noacct+0x214/0x2710
[  664.925464][ T4090]  submit_bio+0x5a9/0x5d0
[  664.925627][ T4090]  f2fs_submit_write_bio+0x92/0x250
[  664.925800][ T4090]  __submit_merged_bio+0x16f/0x6a0
[  664.925966][ T4090]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  664.926161][ T4090]  __submit_merged_write_cond+0x458/0x9a0
[  664.926355][ T4090]  f2fs_write_data_pages+0x4bb2/0x5480
[  664.926660][ T4090]  ? blk_trace_startstop+0x780/0xab0
[  664.926797][ T4090]  ? kmsan_get_metadata+0xfb/0x160
[  664.926965][ T4090]  ? kmsan_get_metadata+0xfb/0x160
[  664.927142][ T4090]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  664.927320][ T4090]  ? kmsan_get_metadata+0xfb/0x160
[  664.927490][ T4090]  ? kmsan_get_metadata+0xfb/0x160
[  664.927663][ T4090]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  664.927841][ T4090]  ? kmsan_get_metadata+0xfb/0x160
[  664.928020][ T4090]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  664.928192][ T4090]  ? kmsan_get_metadata+0xfb/0x160
[  664.928364][ T4090]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  664.928542][ T4090]  ? kmsan_get_metadata+0xfb/0x160
[  664.928710][ T4090]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  664.928886][ T4090]  ? kmsan_get_metadata+0xfb/0x160
[  664.929063][ T4090]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  664.929240][ T4090]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  664.929424][ T4090]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  664.929606][ T4090]  do_writepages+0x3ef/0x860
[  664.929760][ T4090]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  664.929945][ T4090]  ? queue_io+0x781/0x790
[  664.930088][ T4090]  ? kmsan_get_metadata+0xfb/0x160
[  664.930280][ T4090]  __writeback_single_inode+0x101/0x1190
[  664.930454][ T4090]  ? kmsan_get_metadata+0xfb/0x160
[  664.930640][ T4090]  writeback_sb_inodes+0xaa9/0x1c90
[  664.930882][ T4090]  ? kmsan_get_metadata+0xfb/0x160
[  664.931103][ T4090]  wb_writeback+0x4ce/0xc00
[  664.931271][ T4090]  ? queue_io+0x481/0x790
[  664.931431][ T4090]  wb_workfn+0x397/0x1910
[  664.931565][ T4090]  ? kmsan_get_metadata+0xfb/0x160
[  664.931771][ T4090]  ? __pfx_wb_workfn+0x10/0x10
[  664.931899][ T4090]  process_scheduled_works+0xb91/0x1d80
[  664.932141][ T4090]  worker_thread+0xedf/0x1590
[  664.932350][ T4090]  kthread+0xd5c/0xf00
[  664.932463][ T4090]  ? __pfx_worker_thread+0x10/0x10
[  664.932657][ T4090]  ? __pfx_kthread+0x10/0x10
[  664.932782][ T4090]  ret_from_fork+0x1e3/0x310
[  664.932906][ T4090]  ? __pfx_kthread+0x10/0x10
[  664.933043][ T4090]  ret_from_fork_asm+0x1a/0x30
[  664.933239][ T4090]  </TASK>
[  665.255574][T11363] loop1: detected capacity change from 0 to 32768
[  665.257433][ T4090] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  665.310901][T11363] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2010 (11363)
[  665.521186][ T9895] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  665.585344][T11363] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  665.596571][T11363] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  665.607795][T11363] BTRFS info (device loop1): using free-space-tree
[  666.180916][   T11] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  666.372152][   T11] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  666.381736][   T11] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  666.503574][   T11] usb 1-1: config 0 descriptor??
[  666.505496][T11363] BTRFS info (device loop1): rebuilding free space tree
[  666.578218][   T11] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  666.872797][   T11] gp8psk: usb in 128 operation failed.
[  666.926616][   T11] gp8psk: usb in 137 operation failed.
[  666.933015][   T11] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  667.045227][   T11] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[  667.054649][   T11] usb 1-1: media controller created
[  667.121462][ T5803] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  667.284532][   T11] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  667.562915][   T11] gp8psk_fe: Frontend attached
[  667.567946][   T11] usb 1-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  667.582980][   T11] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  667.958568][   T11] gp8psk: usb in 138 operation failed.
[  667.965301][   T11] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[  667.975415][   T11] gp8psk: found Genpix USB device pID = 203 (hex)
[  668.251998][   T11] usb 1-1: USB disconnect, device number 12
[  669.713982][   T11] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[  669.859666][T11418] loop0: detected capacity change from 0 to 164
[  670.021481][T11418] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  670.099193][T11418] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  670.181608][T11418] Symlink component flag not implemented
[  670.187677][T11418] Symlink component flag not implemented
[  670.194161][T11418] Symlink component flag not implemented (7)
[  670.200541][T11418] Symlink component flag not implemented (116)
[  671.369707][T11437] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  672.438576][T11456] loop1: detected capacity change from 0 to 128
[  672.640711][   T42] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  672.851234][   T42] usb 1-1: Using ep0 maxpacket: 16
[  672.891689][   T42] usb 1-1: config 0 has an invalid interface number: 251 but max is 0
[  672.901931][   T42] usb 1-1: config 0 has no interface number 0
[  672.908988][   T42] usb 1-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  672.919443][   T42] usb 1-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  673.137195][   T42] usb 1-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  673.146682][   T42] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  673.155168][   T42] usb 1-1: Product: syz
[  673.159565][   T42] usb 1-1: Manufacturer: syz
[  673.164672][   T42] usb 1-1: SerialNumber: syz
[  673.221632][   T42] usb 1-1: config 0 descriptor??
[  673.228656][T11453] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  673.265121][T11453] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  673.570932][T11453] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  673.579031][T11453] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  674.174976][T11478] loop1: detected capacity change from 0 to 24
[  674.256286][T11478] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  674.305304][   T42] asix 1-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  674.316051][   T42] asix 1-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  674.327565][   T42] asix 1-1:0.251: probe with driver asix failed with error -71
[  674.435423][   T42] usb 1-1: USB disconnect, device number 13
[  675.723670][T11495] loop1: detected capacity change from 0 to 40427
[  675.746312][T11495] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  675.754485][T11495] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  675.837445][T11495] F2FS-fs (loop1): invalid crc value
[  676.164410][T11495] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  676.173122][T11495] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  676.247479][T11495] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=619c20, run fsck to fix.
[  676.787630][T11525] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2062'.
[  676.814262][T11526] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  678.087198][T11551] netlink: 'syz.6.2071': attribute type 12 has an invalid length.
[  678.095995][T11551] netlink: 'syz.6.2071': attribute type 29 has an invalid length.
[  678.104571][T11551] netlink: 'syz.6.2071': attribute type 2 has an invalid length.
[  678.112629][T11551] netlink: 260 bytes leftover after parsing attributes in process `syz.6.2071'.
[  678.915382][T11566] loop5: detected capacity change from 0 to 1024
[  679.031202][   T42] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  679.064730][T11566] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  679.215389][T11574] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2078'.
[  679.222660][   T42] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  679.225548][T11574] IPVS: Error joining to the multicast group
[  679.235780][   T42] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  679.253699][   T42] usb 7-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  679.263702][   T42] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  679.359489][   T42] usb 7-1: config 0 descriptor??
[  679.441035][T11565] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  679.766894][ T6918] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  679.801604][T11581] loop0: detected capacity change from 0 to 256
[  679.839485][T11582] loop4: detected capacity change from 0 to 1024
[  679.849806][T11582] EXT4-fs: Ignoring removed nobh option
[  679.855856][T11582] EXT4-fs: Ignoring removed bh option
[  679.891043][   T42] hid-steam 0003:28DE:1142.0011: unknown main item tag 0x0
[  679.938283][T11582] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  679.955332][   T42] hid-steam 0003:28DE:1142.0011: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.6-1/input0
[  680.008503][T11581] FAT-fs (loop0): Directory bread(block 64) failed
[  680.015839][T11581] FAT-fs (loop0): Directory bread(block 65) failed
[  680.022910][T11581] FAT-fs (loop0): Directory bread(block 66) failed
[  680.029668][T11581] FAT-fs (loop0): Directory bread(block 67) failed
[  680.036834][T11581] FAT-fs (loop0): Directory bread(block 68) failed
[  680.041317][   T42] hid-steam 0003:28DE:1142.0011: Steam wireless receiver connected
[  680.043895][T11581] FAT-fs (loop0): Directory bread(block 69) failed
[  680.051933][   T42] hid-steam 0003:28DE:1142.0011: No HID_FEATURE_REPORT submitted -  nothing to read
[  680.058386][T11581] FAT-fs (loop0): Directory bread(block 70) failed
[  680.079231][T11581] FAT-fs (loop0): Directory bread(block 71) failed
[  680.087805][T11581] FAT-fs (loop0): Directory bread(block 72) failed
[  680.094811][T11581] FAT-fs (loop0): Directory bread(block 73) failed
[  680.130168][   T42] hid-steam 0003:28DE:1142.0012: unknown main item tag 0x0
[  680.149275][T11582] EXT4-fs (loop4): shut down requested (2)
[  680.192970][   T42] hid-steam 0003:28DE:1142.0012: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.6-1/input0
[  680.228896][   T42] usb 7-1: USB disconnect, device number 7
[  680.246365][T11581] syz.0.2080: attempt to access beyond end of device
[  680.246365][T11581] loop0: rw=524288, sector=1192, nr_sectors = 4 limit=256
[  680.253321][   T42] hid-steam 0003:28DE:1142.0011: Steam wireless receiver disconnected
[  680.260690][T11581] syz.0.2080: attempt to access beyond end of device
[  680.260690][T11581] loop0: rw=0, sector=1192, nr_sectors = 4 limit=256
[  680.293328][T11588] syz.0.2080: attempt to access beyond end of device
[  680.293328][T11588] loop0: rw=0, sector=1192, nr_sectors = 4 limit=256
[  680.316523][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  680.316599][   T30] audit: type=1800 audit(2000000012.100:70): pid=11581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2080" name="file1" dev="loop0" ino=1048708 res=0 errno=0
[  680.425712][T11581] syz.0.2080: attempt to access beyond end of device
[  680.425712][T11581] loop0: rw=0, sector=1192, nr_sectors = 4 limit=256
[  680.468695][ T5798] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  680.750053][T11595] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2085'.
[  681.885641][T11612] loop5: detected capacity change from 0 to 256
[  682.054873][T11612] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[  682.485920][   T30] audit: type=1326 audit(2000000014.300:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11622 comm="syz.1.2096" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8fcef8e929 code=0x0
[  682.520975][T11624] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0
[  682.745090][T11632] loop6: detected capacity change from 0 to 256
[  684.509634][T11662] sch_tbf: burst 6 is lower than device team_slave_0 mtu (1514) !
[  685.464981][ T5805] Bluetooth: hci3: link tx timeout
[  685.470595][ T5805] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  687.511603][T11680] Bluetooth: hci3: command 0x0405 tx timeout
[  687.830998][   T42] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  688.020799][   T42] usb 7-1: Using ep0 maxpacket: 32
[  688.042702][   T42] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[  688.051716][   T42] usb 7-1: config 0 has no interface number 0
[  688.134844][   T42] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  688.144543][   T42] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  688.152999][   T42] usb 7-1: Product: syz
[  688.158851][   T42] usb 7-1: Manufacturer: syz
[  688.164249][   T42] usb 7-1: SerialNumber: syz
[  688.216320][   T42] usb 7-1: config 0 descriptor??
[  688.316139][T11740] loop4: detected capacity change from 0 to 128
[  688.320792][   T42] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  688.473765][   T42] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  688.567868][   T42] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  688.863954][    C1] usb 7-1: qt2_read_bulk_callback - non-zero urb status: -71
[  688.879921][   T42] usb 7-1: USB disconnect, device number 8
[  688.928315][   T42] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  689.015746][   T42] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  689.029760][   T42] quatech2 7-1:0.51: device disconnected
[  689.440204][T11739] syz.5.2138 (11739): drop_caches: 2
[  690.829990][T11777] loop0: detected capacity change from 0 to 1024
[  690.973665][T11777] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  691.056013][T11785] serio: Serial port ptm0
[  691.239633][T11777] EXT4-fs error (device loop0): ext4_xattr_block_find:1869: inode #15: comm syz.0.2152: corrupted xattr block 161: invalid header
[  691.307383][T11777] EXT4-fs (loop0): Remounting filesystem read-only
[  691.482677][T11794] loop5: detected capacity change from 0 to 128
[  691.635831][ T5802] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  691.881841][T11801] loop1: detected capacity change from 0 to 512
[  691.934077][T11801] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  692.123177][T11801] EXT4-fs (loop1): shut down requested (2)
[  692.513822][ T5803] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  693.355236][T11834] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2171'.
[  693.365078][T11834] netlink: 26 bytes leftover after parsing attributes in process `syz.5.2171'.
[  693.374587][T11834] netlink: 26 bytes leftover after parsing attributes in process `syz.5.2171'.
[  695.265518][T11873] loop1: detected capacity change from 0 to 256
[  695.690203][ T5803] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  695.750269][ T5803] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  696.232839][T11895] loop5: detected capacity change from 0 to 256
[  696.283093][T11895] exfat: Deprecated parameter 'utf8'
[  696.288784][T11895] exfat: Deprecated parameter 'utf8'
[  696.296117][T11895] exfat: Deprecated parameter 'utf8'
[  696.346061][   T58] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  696.499703][T11895] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  696.549173][   T58] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  696.732650][   T58] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  696.849423][   T58] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.060729][   T42] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  697.351802][   T42] usb 5-1: Using ep0 maxpacket: 16
[  697.394169][   T42] usb 5-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  697.404060][   T42] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  697.412594][   T42] usb 5-1: Product: syz
[  697.417039][   T42] usb 5-1: Manufacturer: syz
[  697.421949][   T42] usb 5-1: SerialNumber: syz
[  697.428079][   T58] bridge_slave_1: left allmulticast mode
[  697.434188][   T58] bridge_slave_1: left promiscuous mode
[  697.440902][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  697.484239][   T42] usb 5-1: config 0 descriptor??
[  697.491483][   T58] bridge_slave_0: left allmulticast mode
[  697.497583][   T58] bridge_slave_0: left promiscuous mode
[  697.504794][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  697.941731][   T42] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  697.988691][   T42] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  698.012516][   T42] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  698.020952][   T42] usb 5-1: media controller created
[  698.106997][   T42] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  698.113513][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  698.182889][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  698.203877][   T42] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  698.213478][   T42] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  698.230804][   T58] bond0 (unregistering): Released all slaves
[  698.419539][   T42] usb 5-1: USB disconnect, device number 10
[  698.592627][   T42] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  698.763880][   T58] hsr_slave_0: left promiscuous mode
[  698.772184][   T58] hsr_slave_1: left promiscuous mode
[  698.779851][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  698.787892][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[  698.798995][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  698.809113][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[  698.849175][   T58] veth1_macvtap: left promiscuous mode
[  698.855208][   T58] veth0_macvtap: left promiscuous mode
[  698.861800][   T58] veth1_vlan: left promiscuous mode
[  698.867440][   T58] veth0_vlan: left promiscuous mode
[  700.283177][T11928] could not allocate digest TFM handle _!5����(��i����HP,�om�x��*�71U"~����2.�>�~e���>/y��
[  700.448949][   T58] team0 (unregistering): Port device team_slave_1 removed
[  700.512275][   T58] team0 (unregistering): Port device team_slave_0 removed
[  700.811088][T11926] loop5: detected capacity change from 0 to 40427
[  700.901931][T11926] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504)
[  700.909207][T11926] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  700.920002][T11926] F2FS-fs (loop5): heap/no_heap options were deprecated
[  700.927558][T11926] F2FS-fs (loop5): build fault injection type: 0x0
[  700.945339][T11926] F2FS-fs (loop5): invalid crc value
[  701.230567][T11926] F2FS-fs (loop5): Try to recover 1th superblock, ret: -30
[  701.238073][T11926] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  701.293958][T11932] loop4: detected capacity change from 0 to 1024
[  701.344711][T11926] F2FS-fs (loop5): Try to recover all the superblocks, ret: 0
[  701.356111][T11932] EXT4-fs: Ignoring removed orlov option
[  701.549156][T11680] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  701.559838][T11932] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  701.591418][T11680] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  701.627032][T11680] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  701.811775][T11680] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  701.823262][T11680] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  701.904771][T11947] overlay: filesystem on ./bus not supported
[  702.483837][ T5798] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  703.330140][T11942] chnl_net:caif_netlink_parms(): no params data found
[  703.992538][T11680] Bluetooth: hci2: command tx timeout
[  704.024239][T11983] mac80211_hwsim hwsim13 wlan1: entered promiscuous mode
[  704.034199][T11983] macvtap1: entered promiscuous mode
[  704.095962][T11983] mac80211_hwsim hwsim13 wlan1: left promiscuous mode
[  705.094679][T12003] loop6: detected capacity change from 0 to 256
[  705.197509][T11942] bridge0: port 1(bridge_slave_0) entered blocking state
[  705.205265][T11942] bridge0: port 1(bridge_slave_0) entered disabled state
[  705.213145][T11942] bridge_slave_0: entered allmulticast mode
[  705.222716][T11942] bridge_slave_0: entered promiscuous mode
[  705.268325][T12010] loop5: detected capacity change from 0 to 512
[  705.286196][T12010] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  705.295641][T12010] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  705.307908][T11942] bridge0: port 2(bridge_slave_1) entered blocking state
[  705.316000][T11942] bridge0: port 2(bridge_slave_1) entered disabled state
[  705.324239][T11942] bridge_slave_1: entered allmulticast mode
[  705.333751][T11942] bridge_slave_1: entered promiscuous mode
[  705.398339][T12010] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  705.433708][T12010] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  705.536290][T11942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  705.569525][T11942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  705.570924][T12010] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  705.903492][T11942] team0: Port device team_slave_0 added
[  705.956388][T11942] team0: Port device team_slave_1 added
[  706.106596][T11680] Bluetooth: hci2: command tx timeout
[  706.361717][T11942] batman_adv: batadv0: Adding interface: batadv_slave_0
[  706.369123][T11942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  706.400162][T11942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  706.614206][T11942] batman_adv: batadv0: Adding interface: batadv_slave_1
[  706.617976][T12019] loop6: detected capacity change from 0 to 32768
[  706.621550][T11942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  706.654409][T11942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  706.699266][T12019] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  706.727656][ T6918] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  706.979711][T11942] hsr_slave_0: entered promiscuous mode
[  706.989543][T11942] hsr_slave_1: entered promiscuous mode
[  707.001439][T11942] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  707.009225][T11942] Cannot create hsr debugfs directory
[  707.217713][T12035] tun0: tun_chr_ioctl cmd 1074025675
[  707.223663][T12035] tun0: persist enabled
[  707.370251][T12019] XFS (loop6): Ending clean mount
[  707.479297][T10665] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  708.154622][T11680] Bluetooth: hci2: command tx timeout
[  708.342587][T11942] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  708.364441][T11942] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  708.386672][T11942] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  708.423894][T11942] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  708.507618][T12049] loop5: detected capacity change from 0 to 256
[  708.734404][T12052] loop0: detected capacity change from 0 to 8
[  708.837096][T12052] SQUASHFS error: lzo decompression failed, data probably corrupt
[  708.847188][T12052] SQUASHFS error: Failed to read block 0x91: -5
[  708.854503][T12052] SQUASHFS error: Unable to read metadata cache entry [8f]
[  708.862345][T12052] SQUASHFS error: Unable to read inode 0x11f
[  709.599595][T12065] loop0: detected capacity change from 0 to 1024
[  709.613699][T11942] 8021q: adding VLAN 0 to HW filter on device bond0
[  709.828611][T11942] 8021q: adding VLAN 0 to HW filter on device team0
[  709.918728][T11357] bridge0: port 1(bridge_slave_0) entered blocking state
[  709.926474][T11357] bridge0: port 1(bridge_slave_0) entered forwarding state
[  710.056066][T11357] bridge0: port 2(bridge_slave_1) entered blocking state
[  710.063674][T11357] bridge0: port 2(bridge_slave_1) entered forwarding state
[  710.262601][T11680] Bluetooth: hci2: command tx timeout
[  710.450254][   T57] hfsplus: b-tree write err: -5, ino 4
[  710.898074][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  710.904930][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  711.191328][T12089] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2255'.
[  712.487978][T12099] loop0: detected capacity change from 0 to 4096
[  712.521398][T11942] 8021q: adding VLAN 0 to HW filter on device batadv0
[  714.208244][T12143] loop0: detected capacity change from 0 to 64
[  714.362815][   T30] audit: type=1800 audit(2000000046.160:72): pid=12143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2274" name="file1" dev="loop0" ino=18 res=0 errno=0
[  714.840996][T11942] veth0_vlan: entered promiscuous mode
[  714.905761][   T30] audit: type=1326 audit(2000000046.710:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12149 comm="syz.5.2277" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7fa1e69858e7 code=0x0
[  714.964783][T11942] veth1_vlan: entered promiscuous mode
[  715.226733][T11942] veth0_macvtap: entered promiscuous mode
[  715.301590][T11942] veth1_macvtap: entered promiscuous mode
[  715.408459][T12162] loop4: detected capacity change from 0 to 64
[  715.479094][T11942] batman_adv: batadv0: Interface activated: batadv_slave_0
[  715.553236][T12160] loop0: detected capacity change from 0 to 2048
[  715.567800][T12160] EXT4-fs: Ignoring removed mblk_io_submit option
[  715.579039][T11942] batman_adv: batadv0: Interface activated: batadv_slave_1
[  715.667064][T11942] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  715.676702][T11942] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  715.685861][T11942] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  715.695058][T11942] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  715.711199][T12160] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  716.096530][ T5802] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  717.864838][T12203] loop0: detected capacity change from 0 to 256
[  718.008301][T12203] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2295'.
[  719.292925][T12218] loop6: detected capacity change from 0 to 32768
[  719.304104][T12218] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2300 (12218)
[  719.362531][T12218] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  719.373272][T12218] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm
[  719.383341][T12218] BTRFS info (device loop6): disk space caching is enabled
[  719.395725][T12218] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  719.541799][T12242] loop5: detected capacity change from 0 to 164
[  719.605448][T12242] rock: directory entry would overflow storage
[  719.612026][T12242] rock: sig=0x4f50, size=4, remaining=3
[  719.617800][T12242] iso9660: Corrupted directory entry in block 4 of inode 1792
[  719.808862][T12218] BTRFS info (device loop6): rebuilding free space tree
[  719.896754][T12218] BTRFS info (device loop6): disabling free space tree
[  719.909143][T12218] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  719.919321][T12218] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  720.089607][T12218] BTRFS info (device loop6): balance: start -susage=34359738372,devid=0,drange=7..526336,limit=65536..0,stripes=4294967295..4
[  720.108506][T12218] BTRFS info (device loop6): balance: ended with status: 0
[  720.149456][T12230] loop0: detected capacity change from 0 to 32768
[  720.163402][T12230] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2305 (12230)
[  720.184266][T12230] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  720.196200][T12230] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  720.207594][T12230] BTRFS info (device loop0): using free-space-tree
[  720.274558][T10665] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  720.705001][ T5802] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  721.782864][T12281] loop4: detected capacity change from 0 to 64
[  722.109987][ T3009] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  722.118451][ T3009] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  722.243334][ T3673] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  722.251702][ T3673] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  723.692767][T12313] loop4: detected capacity change from 0 to 64
[  724.476241][ T3673] Bluetooth: hci5: Frame reassembly failed (-84)
[  724.517809][T12320] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 2
[  724.894203][T12316] loop7: detected capacity change from 0 to 32768
[  725.893342][T12342] netlink: 'syz.4.2344': attribute type 13 has an invalid length.
[  726.082783][T12342] gretap0: refused to change device tx_queue_len
[  726.089501][T12342] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  726.474794][T11680] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  726.829042][   T42] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  726.908981][ T3066] kernel write not supported for file /sg0 (pid: 3066 comm: kworker/0:2)
[  727.020857][   T42] usb 6-1: Using ep0 maxpacket: 32
[  727.048846][   T42] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  727.059854][   T42] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.119745][   T42] usb 6-1: config 0 descriptor??
[  727.410876][   T42] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  727.441904][   T42] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  727.482373][   T42] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  727.489923][   T42] usb 6-1: media controller created
[  727.600764][   T42] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  727.619256][T12350] =====================================================
[  727.628097][T12350] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120
[  727.635608][T12350]  _copy_to_user+0xcc/0x120
[  727.640775][T12350]  i2cdev_ioctl_smbus+0x586/0x660
[  727.646009][T12350]  i2cdev_ioctl+0xa14/0xf40
[  727.650874][T12350]  __se_sys_ioctl+0x23c/0x400
[  727.656194][T12350]  __x64_sys_ioctl+0x97/0xe0
[  727.661119][T12350]  x64_sys_call+0x1ebe/0x3db0
[  727.666011][T12350]  do_syscall_64+0xd9/0x210
[  727.671948][T12350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.678042][T12350] 
[  727.680898][T12350] Uninit was stored to memory at:
[  727.686189][T12350]  __i2c_smbus_xfer+0x254d/0x2f60
[  727.694738][T12350]  i2c_smbus_xfer+0x31d/0x4d0
[  727.699656][T12350]  i2cdev_ioctl_smbus+0x4a1/0x660
[  727.707404][T12350]  i2cdev_ioctl+0xa14/0xf40
[  727.712561][T12350]  __se_sys_ioctl+0x23c/0x400
[  727.717466][T12350]  __x64_sys_ioctl+0x97/0xe0
[  727.722458][T12350]  x64_sys_call+0x1ebe/0x3db0
[  727.727371][T12350]  do_syscall_64+0xd9/0x210
[  727.732187][T12350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.738283][T12350] 
[  727.740871][T12350] Local variable msgbuf1.i created at:
[  727.746444][T12350]  __i2c_smbus_xfer+0x86a/0x2f60
[  727.751808][T12350]  i2c_smbus_xfer+0x31d/0x4d0
[  727.756684][T12350] 
[  727.759100][T12350] Bytes 0-1 of 2 are uninitialized
[  727.764584][T12350] Memory access of size 2 starts at ffff88803f8afd06
[  727.772269][T12350] Data copied to user address 0000200000000400
[  727.778551][T12350] 
[  727.781397][T12350] CPU: 0 UID: 0 PID: 12350 Comm: syz.5.2348 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(undef) 
[  727.796990][T12350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  727.808326][T12350] =====================================================
[  727.815550][T12350] Disabling lock debugging due to kernel taint
[  727.822251][T12350] Kernel panic - not syncing: kmsan.panic set ...
[  727.828841][T12350] CPU: 0 UID: 0 PID: 12350 Comm: syz.5.2348 Tainted: G    B               6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(undef) 
[  727.842804][T12350] Tainted: [B]=BAD_PAGE
[  727.847077][T12350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  727.857305][T12350] Call Trace:
[  727.860710][T12350]  <TASK>
[  727.863762][T12350]  __dump_stack+0x26/0x30
[  727.868311][T12350]  dump_stack_lvl+0x53/0x270
[  727.873114][T12350]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  727.879176][T12350]  dump_stack+0x1e/0x25
[  727.883557][T12350]  panic+0x4bd/0xd50
[  727.887731][T12350]  kmsan_report+0x31c/0x320
[  727.892464][T12350]  ? kmsan_internal_check_memory+0x1e1/0x230
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  727.898657][T12350]  ? kmsan_copy_to_user+0xf1/0x190
[  727.903990][T12350]  ? _copy_to_user+0xcc/0x120
[  727.908862][T12350]  ? i2cdev_ioctl_smbus+0x586/0x660
[  727.914254][T12350]  ? i2cdev_ioctl+0xa14/0xf40
[  727.919123][T12350]  ? __se_sys_ioctl+0x23c/0x400
[  727.924191][T12350]  ? __x64_sys_ioctl+0x97/0xe0
[  727.929166][T12350]  ? x64_sys_call+0x1ebe/0x3db0
[  727.934246][T12350]  ? do_syscall_64+0xd9/0x210
[  727.939118][T12350]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.945497][T12350]  ? __pfx_az6027_i2c_xfer+0x10/0x10
[  727.950998][T12350]  ? __i2c_transfer+0x11cd/0x3110
[  727.956226][T12350]  ? kmsan_get_metadata+0xfb/0x160
[  727.961590][T12350]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  727.968163][T12350]  ? kmsan_get_metadata+0xfb/0x160
[  727.973529][T12350]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  727.979602][T12350]  ? __i2c_smbus_xfer+0x1e93/0x2f60
[  727.985036][T12350]  ? kmsan_get_metadata+0xfb/0x160
[  727.990371][T12350]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  727.996424][T12350]  kmsan_internal_check_memory+0x1e1/0x230
[  728.002464][T12350]  kmsan_copy_to_user+0xf1/0x190
[  728.007608][T12350]  _copy_to_user+0xcc/0x120
[  728.012305][T12350]  i2cdev_ioctl_smbus+0x586/0x660
[  728.017540][T12350]  i2cdev_ioctl+0xa14/0xf40
[  728.022218][T12350]  ? __pfx_kmsan_get_shadow_origin_ptr+0x2/0x10
[  728.028690][T12350]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  728.033882][T12350]  __se_sys_ioctl+0x23c/0x400
[  728.038779][T12350]  __x64_sys_ioctl+0x97/0xe0
[  728.043572][T12350]  x64_sys_call+0x1ebe/0x3db0
[  728.048460][T12350]  do_syscall_64+0xd9/0x210
[  728.053138][T12350]  ? irqentry_exit+0x16/0x60
[  728.057939][T12350]  ? clear_bhb_loop+0x40/0x90
[  728.062794][T12350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  728.068884][T12350] RIP: 0033:0x7fa1e698e929
[  728.073455][T12350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  728.093278][T12350] RSP: 002b:00007fa1e771e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  728.101884][T12350] RAX: ffffffffffffffda RBX: 00007fa1e6bb5fa0 RCX: 00007fa1e698e929
[  728.110011][T12350] RDX: 0000200000000680 RSI: 0000000000000720 RDI: 0000000000000004
[  728.118127][T12350] RBP: 00007fa1e6a10b39 R08: 0000000000000000 R09: 0000000000000000
[  728.126235][T12350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  728.134348][T12350] R13: 0000000000000000 R14: 00007fa1e6bb5fa0 R15: 00007ffca12b4128
[  728.142512][T12350]  </TASK>
[  728.145911][T12350] Kernel Offset: disabled
[  728.150307][T12350] Rebooting in 86400 seconds..