last executing test programs:

47.559332302s ago: executing program 2 (id=970):
r0 = io_uring_setup(0x70c3, &(0x7f0000000040)={0x0, 0x2c43, 0x0, 0x1, 0x2})
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
preadv2(r1, &(0x7f00000000c0)=[{&(0x7f00000001c0)=""/175, 0xaf}], 0x1, 0x4, 0x4, 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

47.388126884s ago: executing program 2 (id=974):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000480)={0x0, 0x0, 0x0, {0x0, 0x1}, {0x3a, 0x2}})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)

47.220409514s ago: executing program 2 (id=976):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000404c05f20dafd60000000109022400010000000009040000010300010009210101000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="000657"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000600)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000580), 0x0})

44.923020078s ago: executing program 2 (id=1012):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc40a, &(0x7f0000000180)={[{@noblock_validity}, {@dioread_lock}, {@nobh}, {@noinit_itable}, {@acl}, {@usrjquota, 0x2e}, {@noacl}, {@nodiscard}, {@jqfmt_vfsv0}, {@mblk_io_submit}], [], 0x2c}, 0x84, 0x45e, &(0x7f0000000480)="$eJzs20tvG0UcAPD/2nHfJaGUR0sBQ3lEPJImLdADlyKQekFCgkM5hjStSt0GNUGiVUUDh3JE/QTAEYlPwIleEHACcYU7QqpQLxQOaNHaa2Ps2DhOXLf17ydtPLM7653/7k48O2MHMLLK2Z8kYkdE/BwR4xFRbC1Qrr3cuH5x/s/rF+eTSNM3fk+y3eKP6xfn60WT/HV7npksNFa1WTp/4fRcpbJwLs9PL595d3rp/IXnTp2ZO7lwcuHs7OHDhw7OvPjC7PMbEufOrK57P1jct+foW1demz925e3vvswqtyPf3hxHzcS6j1mOcscT8MS63/3WsjN/7XjBuSVlbX0sIkrV9j8exWquZjxe/WiolQMGKk3TdHPb2kYPYCUF7mBJDLsGwHDUP+iz59/6chO7H0N37UjtASiL+0a+1LaMRSEvU2p6vt1o5Yg4tvLXp9kSq45DAABsrK+z/s+zq/X/CnFfU7m78rmhiYi4OyJ2RcQ9EbE7Iu6NqJa9PyIeWOPxyy359v7Pj1v7CqxH145E8lI+t/Xf/l+99xcTxTy3sxp/KTlxqrJwID8nk1HanOVnuhzj6is/fdJpW3P/L1uy49f7gnk9fhtrGaA7Prc8t56Ym137sDoGeKk9/qQxE5BExJ6I2NvH+2+JiFNPf7GvbUPTRFH3+LsY66NCLdLPI56qXf+VaIm/uapd5ient0Rl4cB0/a5o9/0Pl1/vdPz/v/6DlV3/bave/434J5Lm+dqltR/j8i8fd3ym6ff+35S8WU1vyte9P7e8fG4mYlOy0r5+9t996/l6+Sz+yf2rt/9dEX9/lu/3YERkN/FDEfFwRDyS1/3RiHgsIvZ3if/blx9/p//4ByuL//iarv/aE8XT33zV6fi9Xf9D1dRkvqaX/3+9VnA95w4AAABuF4Xqd+CTwlQjXShMTdW+w787thUqi0vLz5xYfO/s8dp35SeiVKiPdI03jYfO5GPD9fxsS/5gddw4TdN0azU/Nb9YGdScOtCb7R3af+bX4rBrBwzcmubR/MIL7igbMI8O3Ka0fxhd2j+MLu0fRtdq7f9SxI0hVAW4yXz+w+jS/mF0af8wurR/GEnr+V1/t8Suo4N659sxcTUiOpUpDrWGT27vd/coDPus9p4o5Xd7Y03hFqlYNbE5InotfCluVsWG/I8JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7CF5k8=")
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000000)='./file0\x00')

44.172816373s ago: executing program 2 (id=1026):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000180)='./file2\x00', 0x2008002, &(0x7f0000000500)={[{@acl}, {@dax_never}, {@nodioread_nolock}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x2}}, {@resgid={'resgid', 0x3d, 0xee01}}, {@delalloc}, {@grpjquota}, {@nodioread_nolock}, {@nouid32}]}, 0x1, 0x558, &(0x7f0000000680)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x8e408, 0x0, 0x0, 0x0, &(0x7f0000000140))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0)=0x13)

43.576254637s ago: executing program 2 (id=1030):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x468, 0x24, 0x4ee4e6a52ff56541, 0x2000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x43c, 0x2, [@TCA_TBF_PTAB={0x45b, 0x3, [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25cf, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10000, 0x0, 0xfffffffd, 0x7, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x8, 0x4, 0x9, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0xfffffffa, 0x7fffffff, 0x9, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7b2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x9, 0xfeffff02, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, 0x0, 0x0, 0x100000, 0x1000, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0xd4, 0xc, 0x5, 0x0, 0x0, 0x0, 0x3032, 0x0, 0x1, 0x0, 0x6, 0x8, 0x0, 0x1, 0x0, 0xfffffffc, 0x0, 0x0, 0x8, 0x0, 0x1, 0x20000000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, 0x3ff, 0xfffffffc, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6b, 0x8000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x80]}, @TCA_TBF_RATE64={0xc}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x2, 0x0, 0x5, 0x0, 0x0, 0x40}}}]}}]}, 0x468}}, 0x0)

43.242944178s ago: executing program 32 (id=1030):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x468, 0x24, 0x4ee4e6a52ff56541, 0x2000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x43c, 0x2, [@TCA_TBF_PTAB={0x45b, 0x3, [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25cf, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10000, 0x0, 0xfffffffd, 0x7, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x8, 0x4, 0x9, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0xfffffffa, 0x7fffffff, 0x9, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7b2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x9, 0xfeffff02, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, 0x0, 0x0, 0x100000, 0x1000, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0xd4, 0xc, 0x5, 0x0, 0x0, 0x0, 0x3032, 0x0, 0x1, 0x0, 0x6, 0x8, 0x0, 0x1, 0x0, 0xfffffffc, 0x0, 0x0, 0x8, 0x0, 0x1, 0x20000000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, 0x3ff, 0xfffffffc, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6b, 0x8000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x80]}, @TCA_TBF_RATE64={0xc}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x2, 0x0, 0x5, 0x0, 0x0, 0x40}}}]}}]}, 0x468}}, 0x0)

3.519924578s ago: executing program 1 (id=1491):
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f000001fc80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x208000, &(0x7f0000001d40)=ANY=[@ANYBLOB="009c1b06223d15055c6d39aecad6836294e3e1fc38b80cd5eb20b39dc7dceb316fa1203f802b4368850fdef916202a989ea54a4e800c324c19bad386d9a72fc1de2fa7f100eae8a434158d0ed0d6a9061d60971bcf895342571bae0ea58240ebdd0f6f3dd42fa0f9754224a9c2045d2e098e01000000943549e2c2e191b7da91b8645dfdb324ceaf445cdc974884e2d5ac6dbf8b92da3a8a65176db66ca798dce71880c5e6837b5a99b6696d5003a06f62bbfb0b9ba0a6ffbfc2dd37662e077430379386d8e3abf802401b0e8382824a68cf51cde62ac99470edf8c757396564c8079d89017df3182005ec9fe433b122f1c02ca72eb68e41fc7ff69975649149ff4be64bd665e56a5fe9ef4d6ee02ff30ad838a9744100d520765c83c0178534e09d2f578bd10d3bfc68d1e75d6965613448d1045b6a0298d0804f82bc984e271c346d1e30886f81feb02b8320d47dc752b2dd23b4d8e20f2bda7ff84c57d63da96f044f8daaac7cb7132ef6"], 0x41, 0x5e62, &(0x7f0000011a80)="$eJzs3cuOFNcZB/Cvunt6LsQwshTLQlmMsXMhGBguhtxtbxIpq0gRm6xA47GFgpMISBRbKIw1i7xBlCwSJfus8gTZw0N4kWWQINl4lYpq5hyoKffQYJiuYc7vJzVVX52q7lP8+zpd1ScAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjxD396poqIy79JC5YjvhTDiEHEYlOvRMTiynJefxQRr8ZWc7zSrD4f0Wy/9c+RiPMRcfdwxP0Ht9aaxWefsB//PfTlI//++49O/vEff7hz/M8n3uy2/2X9X3d+djvdFgAAAPBU6rquq/Qx/2j6fD/ou1MAwEzk1/86ycvVarVarVYfvLqtnux2u4iIjfY2zXuG25OuDADYvzbis767QI/kX7RRRBzquxPAvua4+4Pp/oNba1XKt2q/Hqxst+djQXbkv1E9PL9jt+k03WNMZnX/2oxhvLxLfxZn1If9JOc/6OZ/ebt9nNbb6/xnZbf8x9unPhUn5z/s5t9xcPIfTMy/VDn/0VPlP5Q/AAAAAADsY/nv/8sz+/632nG92fzz2Z2pHvf978qM+gAAAAAAAAAAz9uzjv/3kPH/AAAAYN9qPqs3/nr40bLdPmM3yy9VES911gcKk06WWeq7HwAAAAAAAAAAAABQktH2MbyXqoi5iHhpaamu6+bS1q2f1rNu/6Irff+hZH0/yQMAwLa7hzvn8lcRCxFxKf3W39zS0lJdLywu1Uv14nx+PzueX6gXW59r87RZNj9+gjfEo3HdXNlCa7u2aZ+Xp7V3r6+5rXE9fIKOzUaPgQNARGy/Gt33inTA1PWR6PtdDi8Gj/+Dx+OfJ9H3/RQAAADYe3Vd11X6Oe+j6Tv/Qd+dAgBmIr/+d78XUKvVarVaffDqtnqy2+0iIjba2zTvGW5PujIAYP/aiM/67gI9kn/RRhHxat+dAPa1qu8OsCfuP7i1VqV8q/brQRrfPR8LsiP/jWpru7z9pOk03WNMZnX/2oxhvLxLf16ZUR/2k5z/oJv/5e32cVpvr/Ofld3yb/ZzuYf+9C3nP+zm33Fw8h9MzL9UOf/RU+U/lD8AAAAAAOxj+e//y77/zbsMAAAAAAAAAC+c+w9ureXzXvP3/1+ZsJ7zPw+mnH8l/yLl/Aed/L/RWW/Ymr/37qP8//Pg1tpP/vTp0Tx90vzn80yV7llVukdU6ZaqUZo+y9593ubccNzc0lw1GI7SMT/13PtxNa7FeqzuWHeQ/j8etZ/Z0d70dC7dlbfbz+5oH223t7Y/t6N9Lv3uQL2Y20/FWvwyrsV7W+1N2/yU/V+Y0l5Pac/5Dz3+i5TzH7UuTf5Lqb3qTBv3Phl87nHfnk66nXd+f+fu6t7vzlSbMXy4b23N/h3roT9b/yeHxvHrG+vXT/32ys2b189EmuxYejbS5DnL+c+ly8Pn/9e32/Pzfvvxeu+T8VPnv19sxmjX/F9vzTf7e3zGfetDzn+cLjn/91L75Mf/i5z/7o//Ez30BwAAAAAAAAAAAAAAAB6nruutU0TfiYgL6fyfvs7NBABmK7/+10lerlar1Wq1+uDVbfVkb7eLiPhne5vmPcPvJl0ZALCf/S8iPu27E/RG/gXLv/fXTN/ouzPATN346OOfX7l2bf36jb57AgAAAAAAAAB8UXn8z5XW+M9vRMRyZ70d47++GyvPOv7nKM88HGD0OQ/0vYvNwXg4aA03/lo8fvzvY/H48b9HU25vbkr7eEr7/JT2hSntE0/0aMn5v9Ya77zJ/2hn+PUSxn/tjnlfgpz/sdb9ucn/65312vnXf3uR8x/syP/0zQ9/dfrGRx+fvPrhlQ/WP1j/xfnV1QvnLr61enH19PtXr62nf3vs8d7K+eexrx0HWpacf85c/mXJ+X811fIvS87/a6mWf1ly/vn9nvzLkvPPn33kX5ac//FUy78sOf9vplr+Zcn5n0i1/MuS838z1fIvS87/ZKrlX5ac/6lUy78sOf/TqZZ/WXL++Rsu+Zcl55+PbJB/WXL+Z1Mt/7Lk/M+lWv5lyfmfT7X8y5LzfyvV8i9Lzv9CquVflpz/xVTLvyw5/2+lWv5lyfl/O9XyL0vO/zupln9Zcv7fTbX8y5Lz/16q5V+WnP/3Uy3/suT8f5Bq+Zcl5/92quVflke//2/GjBkzeabvZyYAAAAAAAAAAAAAoGsWhxP3vY8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb17jZHrLO8AfvbmrB0uWwjBDQE2jgkmWbLre0xrMLeSJqSlQGhLL8a118bgW702t0aKUWiJ1KiNVD7Ah3IrUvlSEQGqqEqRK7UCCSTyiVZqG1IFqohCa2g/QEXYambe592Z8V7PbOyZc34/KX7s2TMz75x5Z3b/6/zXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ7qbXzn54qCiKxn/NXyaK4hmN32+cnGj8cesrrvYKAQAAgF491fz10rPzBQdWcaW2Y776om9+cX5+fr547Lsve/5H5ufzByaLYuKaomh+LDx5z99ubT8meaAYHxpu+/PwCnc/ssLHR1f4+NgKH9+wwsevWeHj4yt8/LITcJmNre/HNG9sa/O3E61TWlxXjDU/tnWRaz0wdM3wcHwvp2moeZ35saPF8eJEMVvMdBzfOnaoefyXb2rc151F3Ndw233d2NghP7zvcKxhKJ3jrR33tXCb4QevLiZ/9MP7Dr/pY4/fsNhc8TR03F5rndu2NNb5oXRJa61DxTX5nMQ6h9vWeeMiz8lIxzqHmtdr/L57nZdWuc6RhWVeUd3P+Xgx3Pz9o83zNNr+bb18nm5Ml/345qIoLiwsu/uYy+6rGC42dVwyvPD8jLd2ZOM2GlvpOcXomvbpTavYp415ZGvnPu1+TcTzf1O63ugSa2h/mn7wwQ2XPe9r3aeh8aiXeq1078H1fq30yx6MffFo80E/uOge3Joe/323LL0HF907i+zB/Ljb9uCWlfbg8IaR5przkzDUvM7CHtzecfxI856GmvPJW5bfg9PnTp6Znnv/B15+/OShY7PHZk/tmpnZs3Pv7pm9M9NHj5+YTb+WPNv9b1MxnF8DW9K5i9fAS7uObd+q859av9fh+DKvw4muY9f7dTja/eCGrswL8vI93XptvLVx0scfGi6WeI01n59be38d5sfd9jocbXsdLvo5ZZHX4egqXoeNY87curqvWUbb/ltsDU/X54KJtj3Y/fVI9x5c769H+mUPjqd98a+3Lv254Ma03gen1vr1yMhlezA/3PTe07gkf70/fkdzLLYvb2h84NoNxfm52bO3v+/QuXNntxdpXBHPbdsr3ft1U9tjKi7br8Nr3q8HPvz1b9ywyOUT6VyNv7zxy/iSz1XjmF23L/9cNT+7LX4+Oy7dUaSxzq70+Vzss3njfOYsucz5bBzzoenevxbPubTt/XdsifffyP0/a97P1nxTD4yMjbZevyP57Ix1vB93PlWjzfeuoeZ9X5pe3fvxWPrvSr8fX7fM+/HmrmPX+/14rPvBxfvx0Erf7ehN9/M5nvbJiZnl348bx2zesdY9Obrs+/HNaQ6l8/+ylBRyLmrbO0vt23xfo6Nj6XGNxj107tOdHcePpWzWuK/P7ii3T7fd3LqtkfzoFlypfTrZdex679P8frXUPh1a6btv5XQ/n+NpX1y3c/l92jjm4q7e3zs3xm/b3js3rLQHx0Y2NNY8ljdh6/1+fmPswduLw8Xp4kRxpPnRDc39NNS8r6ndq9uDG9J/V/q9cvMye3Bb17HrvQfz57Gl9t7Q6OUPfh10P5/jaV98dPfye7BxzOv2ru/XrtvSJfmYtq9du7+/ttT3vG7oOk1P5/e8Guv8h73Lf2+2ccyJO9aaM5c/T7elS65d5Dx1v36Xek0dKa7Medqc1vn9O5Y+T431NI75yL5V7qcDRVF84e4Dze/3pr9f+fz5b32x4+9dDrQ+9qV9C7d12Vcdi/29zxfuPnDxn+/6yVoeIwD97WfNX7duan2ua/ubqdX8/T8AAAAwECL3D6eZyf8AAABQGZH74/8Kz+R/AAAAqIzI/aNpZjXJ/w/+2/Pe/dP7i9zMn0/i43EazjzROi46rp9Mf56cX9C4/DWf+cevv/3+1d33cFEUP73rXxY9/sEnYl0tD6d1Tn678/LLbP72qu7/HfcuHNfeAZxItx+Pp3sbfPm/n2heb3Jfa16862JzvvnCgw80Pn5pX+vP0Z188n9ax/15KvMeOPr3Hdff9ljr/rY+tvzjiut97o0b737B2xbuL643tOVZzYfx0Ve2bjd+7s3Dr20dfykdt9T6/+6PP/u5xvHve8ni679/ePH1P5lu9ztp/uSp1uXt57Tx57jeH6b1x/3F9W7/9FcWXf8jb2gd/0h6Xj6ZZvf6X/2nL3yq/XzF+uN+Djzeul7c/8xf/0fzenF7cfvd6x9/1RMd56P79i9+vnU7+9/zvyPtx8flcT953z3e+Tw3bqd9v4XP/tHFjvNc/Hvren/Ttf64vTOPL77+27rWeWb7pub1l6qMf3z2O4s+3ljPgb96tOPxPPK9dP5ec0/zdsd/nPZj+vj/Pdy6ve6flvDo9zrfT+L4T060Xpdxe9Nd63+4a/0XXtw4dyuv/84ftdb/yKu+2vl8/GdrHQd+0Jorrf/YJ77Zcf1Pfav1fJx979Sp03Pnj0eHeiL97J8z323d3jXjGzdd+4xnPuvZ6b2y+88HT5975+zZyZnJmaKYHMAfifd0r//Taf5Xa1xY79u/ryiK97Z9Xrv19a39V7zo0p+8+M7PvDOO+6fXtS5/6O7W562XpuMeTpdfSM933M7HP9b6fNjr+uN+lpp5vat0/msf3rOqA9Pj/+hN1zdfZUMXWxd3v1+VFa/zx5/X+bp/7K2t+aV0XufTT2becv3Xmsd133/8bISH3tJ6fcdXcnH9Xtf/l+n5vuc7rduP283rTV/HfGVz5/tjPD9fur/rJw1MtH6Kx4X0/lFcaH08joqvqR66dP1alrmkuffPTZ84fur8+6bPzc6dm557/wcOnjx9/tS5g82fzXnwXStdf+H1van5+j4yu2dX0Xy1n26Np9nVXv+Zew8f2Ttzy5HZo4fOHz1375nZs8cOz80dnj0yd8uho0dn37vS9Y8f2b99x76de3dMHTt+ZP8d+/bt3Dd1/NTpxjJai1rBnpl3T506e7B5lbn9u/Zt371718zUydNHZvfvnZmZOr/S9Zufm6Ya137P1NnZE4fOHT85OzV3/AOz+7fv27Nnx4o/3e/kmaNzk9Nnz5+aPj83e3a69VgmzzUvbnzuW+n60DD3iY2Lfp4aSl+9b79tT/75rA2f+eCSN9U6pOsHiH4//Syab/zFn+1ezZ8j94+lmdUk/wMAAEAdRO7fkGYm/wMAAEBlRO6/Js1M/gcAAIDKiNw/nmZWk/yv/6//r/+v/x/0//X/y9D/1/8vQ/9f/38Q1q//r/9P7/qt/x+5f2NR1DL/AwAAQB1E7t+UZib/AwAAQGVE7r82zUz+BwAAgMqI3P+MNLOa5H/9f/1//X/9/6D/r/9fhv6//n8Z+v/6/4Owfv1//X9612/9/8j9z0wzq0n+BwAAgDqI3P+sNDP5HwAAACojcv+z08zkfwAAAKiMyP0TaWY1yf/6//r/+v/6/0H/X/+/DP1//f8y9P/1/wdh/fr/+v/0rt/6/5H7fy7NrCb5HwAAAOogcv9z0szkfwAAAKiMyP3PTTOT/wEAAKAyIvdfl2ZWk/yv/6//3z/9/4VarP6//r/+/+DQ/9f/L0P/X/9/ENav/6//T+/6rf8fuf95aWY1yf8AAABQB5H7r08zk/8BAACgMiL3Pz/NTP4HAACAyojcvznNrCb5X/9f/79/+v/+/f+g/6//P0j0//X/y9D/1/8fhPXr/+v/07t+6/9H7v/5NLOa5H8AAACog8j9N6SZyf8AAABQGZH7X5BmJv8DAABAZUTuvzHNrCb5X/9f/1//X/8/6P/r/5eh/6//X4b+v/7/IKxf/1//n971W/8/cv8L08xqkv8BAACgDiL3vyjNTP4HAACAyojc/+I0M/kfAAAAKiNy/2SaWU3yv/6//r/+v/5/0P/X/y9D/1//vwz9f/3/QVi//r/+P73rt/5/5P6b0sxqkv8BAACgDiL3b0kzk/8BAACgMiL335xmJv8DAABAZUTu35pmVpP8r/+v/6//r/8f9P/1/8vQ/9f/L0P/X/9/ENav/6//T+/6rf8fuf8laWY1yf8AAABQB5H7b0kzk/8BAACgMiL3vzTNTP4HAACAyojcvy3NrCb5X/9f/1//X/8/6P/r/5eh/6//X4b+v/7/IKxf/1//n971W/8/cv/L0sxqkv8BAACgDiL335pmJv8DAABAZUTuvy3NTP4HAACAyojcP5VmVpP8r/+v/6//r/8f9P/1/8vQ/9f/L0P/X/9/ENav/6//T+/6rf8fuf/laWY1yf8AAABQB5H7b08zk/8BAACgMiL3T6eZyf8AAABQGZH7Z9LMapL/9f/1//X/9f+D/r/+fxn6//r/Zej/6/8Pwvr1//X/6V2/9f8j929PM6tJ/gcAAIA6iNy/I81M/gcAAIDKiNy/M81M/gcAAIDKiNy/K82sJvlf/1//X/9f/z/o/+v/l6H/r/9fhv6//v8grF//X/+f3vVb/z9y/+40s5rkfwAAAKiDyP170szkfwAAAKiMyP1708zkfwAAAKiMyP13pJnVJP/r/+v/6//r/wf9f/3/MvT/9f/L0P/X/x+E9ev/6//Tu37r/0fu35dmVpP8DwAAAHUQuf8VaWbyPwAAAFRG5P5fSDOT/wEAAKAyIvf/YppZTfK//r/+v/6//n/Q/9f/L0P/X/+/DP1//f9BWL/+v/4/veu3/n/k/v1pZjXJ/wAAAFAHkftfmWYm/wMAAEBlRO5/VZqZ/A8AAACVEbn/QJpZTfK//r/+v/6//n/Q/x+Q/v8frOKYK0j/X/+/DP1//f9BWL/+v/4/veu3/n/k/lenmdUk/wMAAEAdRO5/TZqZ/A8AAACVEbn/tWlm8j8AAABURuT+16WZ1ST/6//r/+v/6/8H/f8B6f/3Gf1//f8y9P/1/wdh/fr/+v/0rt/6/5H7X59mVpP8DwAAAHUQuf+X0szkfwAAAKiMyP1vSDOT/wEAAKAyIvffmWZWk/yv/6///3T1/zek29D/b9t3+v9N+v/6/2uh/6//X6yl/z+UXsH6/01Xuz8/6OvX/9f/p3f91v+P3P/LaWY1yf8AAABQB5H770ozk/8BAACgMiL3351mJv8DAABAZUTuf2OaWU3yf9/3/9Md6v8v2f9/ZmP2Y/8/6P+37Tv9/yb9f/3/tdD/1/8v/Pv/pV3t/vygr1//X/+f3vVb/z9y/z1pZjXJ/wAAAFAHkft/Jc1M/gcAAIDKiNz/q2lm8j8AAABURuT+N6WZ1ST/933/P9H/H7x//z/o/7ftO/3/Jv1//f+10P/X/y/0/0u72v35QV+//r/+P73rt/5/5P5fSzOrSf4HAACAOojc/+Y0M/kfAAAAKiNy/1vSzOR/AAAAqIzI/W9NM6tJ/tf/1//X/9f/D/r/+v9l6P/r/5eh/6//Pwjr1//X/6d3/db/j9x/b5pZTfI/AAAA1EHk/relmcn/AAAAUBmR+389zUz+BwAAgMqI3P8baWY1yf/6//r/+v/6/0H/X/+/DP1//f8y9P/1/wdh/fr/+v/0rt/6/5H7fzPNrCb5HwAAAOogcv/b08zkfwAAAKiMyP2/lWYm/wMAAEBlRO7/7TSzmuR//X/9f/1//f+g/6//X4b+v/5/Gfr/+v+DsH79f/1/etdv/f/I/b+TZlaT/A8AAAB1ELn/d9PM5H8AAACojMj9B9PM5H8AAACojMj970gzq0n+1//X/9f/1/8P+v/6/2Xo/+v/l6H/r/8/COvX/9f/p3f91v+P3H8ozawm+R8AAADqIHL/76WZyf8AAABQGZH7D6eZyf8AAABQGZH7j6SZ1ST/6//r/+v/6/8H/X/9/zL0//X/y9D/1/8Pyz0hV3v969X/Hyn0/6mvfuv/R+6fTTOrSf4HAACAOojcfzTNTP4HAACAyojcfyzNTP4HAACAyojc/840s5rkf/1//X/9f/3/oP+v/1+G/r/+fxn6//r/g7B+//6//j+967f+f+T+42lmNcn/AAAAUAeR+9+VZib/AwAAQGVE7n93mpn8DwAAAJURuf9EmllN8r/+v/6//r/+f9D/1/8vQ/9f/78M/X/9/0FYv/6//j+967f+f+T+k2lmNcn/AAAAUAeR+0+lmcn/AAAAUBmR+0+nmcn/AAAAUBmR+8+kmdUk/+v/6//r/+v/B/1//f8y9P/1/8vQ/9f/H4T16//r/9O7fuv/R+7//TSzmuR/AAAAqIPI/WfTzOR/AAAAqIzI/XNpZvI/AAAAVEbk/nNpZjXJ//r/+v/6//r/Qf9f/78M/X/9/zL0//X/B2H9/8/eXfuIkl1bHL7JkyZ6/+1jNDMzM/OYmZmZmZnZgYPea0uWx7Z8ymNXnf19yZZucHXU6qBX8FPp//X/HHe2/j+7/1/qtiH7HwAAACbI7v/Xus3+BwAAgG1k9/9b3Wb/AwAAwDay+/+9bhuy//X/+n/9v/4/9P/6/xX6f/3/Cv2//v8K79f/6/857mz9f3b/f9RtQ/Y/AAAATJDd/591m/0PAAAA28ju/6+6zf4HAACAbWT3/3fdNmT/6//1//p//X/o//X/K/T/+v8V+n/9/xXer//X/3Pc2fr/7P7/qduG7H8AAACYILv/f+s2+x8AAAC2kd3/f3Wb/Q8AAADbyO7//7ptyP7X/+v/9f/6/9D/6/9X6P/1/yv0//r/K7xf/6//57iz9f/Z/Xep24bsfwAAAJggu/+udZv9DwAAANvI7r9b3Wb/AwAAwDay++9etw3Z//p//b/+X/8f+n/9/wr9v/5/hf5f/3+F9+v/9f8cd7b+P7v/HnXbkP0PAAAAE2T337Nus/8BAABgG9n996rb7H8AAADYRnb/veu2Iftf/6//1//r/0P/r/9fof/X/6/Q/+v/r/B+/b/+n+PO1v9n99+nbhuy/wEAAGCC7P771m32PwAAAGwju/9+dZv9DwAAANvI7r9/3TZk/+v/9f/6f/1/6P/1/yv0//r/Ffp//f8V3q//1/9z3Nn6/+z+B9RtQ/Y/AAAATJDd/8C6zf4HAACAbWT3P6hus/8BAABgG9n9D67bhux//b/+X/+v/w/9v/5/hf5f/79C/6//v8L79f/6f447W/+f3f+Qum3I/gcAAIAJsvsfWrfZ/wAAALCN7P6H1W32PwAAAGwju//hdduQ/a//1//r//X/of/X/6/Q/+v/V+j/9f9XeL/+X//PcWfr/7P7H1G3Ddn/AAAAMEF2/yPrNvsfAAAAtpHd/6i6zf4HAACAbWT3P7puG7L/9f/6f/2//j/0//r/Ffp//f8K/b/+/wrv1//r/znubP1/dv9j6rYh+x8AAAAmyO5/bN1m/wMAAMA2svsfV7fZ/wAAALCN7P7H121D9r/+X/+v/9f/h/5f/79C/6//X6H/1/9f4f36f/0/x52t/8/uf0LdNmT/AwAAwATZ/U+s2+x/AAAA2EZ2/5PqNvsfAAAAtpHd/+S6bcj+1//r//X/+v/Q/+v/V2zY/9/8Cuj/9f/6f/2//l//z2Fn6/+z+59Stw3Z/wAAADBBdv9T6zb7HwAAALaR3f+0us3+BwAAgG1k9z+9bhuy//X/+n/9v/4/9P/6/xUb9v++/3/rb93/3/ZH/6L/1/9f4f36f/0/x52t/8/uf0bdNmT/AwAAwATZ/c+s2+x/AAAA2EZ2/7PqNvsfAAAAtpHd/+y6bcj+1//r//X/+v/Q/+v/V+j/9f8r9P/6/yu8X/+v/+e4s/X/2f3PqduG7H8AAACYILv/uXWb/Q8AAADbyO5/Xt1m/wMAAMA2svufX7cN2f/6f/2//l//H/p//f8K/b/+f4X+X/9/hffr//X/HHe2/j+7/wV125D9DwAAAJf1V2z37P4X1l35PwAAAIBzy+5/Ud1m/wMAAMA2svtfXLcN2f/6f/3/Ofr/22/d0fv1//r/W/r/09P/6/9X6P/1/1d4v/5f/89xZ+v/s/tfUrcN2f8AAAAwQXb/7XWb/Q8AAADbyO5/ad1m/wMAAMA2svtfVrcN2f/6f/3/Ofr/md//v03//wc/T/2//v+O6P/1/7f0/8v+0f381d+v/9f/c9zZ+v/s/pfXbUP2PwAAAEyQ3f+Kus3+BwAAgG1k97+ybrP/AQAAYBvZ/a+q24bsf/2//l//7/v/of/X/6/Q/+v/V+j/9f9XeL/+X//PcWfr/7P7X123Ddn/AAAAMEF2/2vqNvsfAAAAtpHd/9q6zf4HAACAbWT3v65uG7L/9f/6f/2//j/0//r/Ffp//f8K/b/+/wrv1//r/znubP1/dv/r67Yh+x8AAAAmyO5/Q91m/wMAAMA2svvfWLfZ/wAAALCN7P431W1D9r/+X/+v/9f/h/5f/79C/6//X6H/1/9f4f36f/0/x52t/8/uf3PdNmT/AwAAwATZ/W+p2+x/AAAA2EZ2/1vrNvsfAAAAtpHd/7a6bcj+1//r//X/+v/Q/+v/V+j/9f8r9P/6/yu8X/+v/+e4s/X/2f1vr9uG7H8AAACYILv/HXWb/Q8AAADbyO5/Z91m/wMAAMA2svvfVbcN2f/6f/2//l//H/p//f8K/b/+f4X+X/9/hffr//X/HHe2/j+7/91125D9DwAAABNk97+nbrP/AQAAYBvZ/e+t2+x/AAAA2EZ2//vqtiH7X/+v/9f/6/9D/6//X6H/1/+v0P/r/6/wfv2//p/jztb/Z/e/v24bsv8BAABgguz+D9Rt9j8AAABsI7v/g3Wb/Q8AAADbyO7/UN02ZP/r//X/+n/9f+j/9f8r9P/6/xX6f/3/Fd6v/9f/c9zZ+v/s/g/XbUP2PwAAAEyQ3f+Rus3+BwAAgG1k93+0brP/AQAAYBvZ/R+r24bsf/2//l//r/8P/b/+f4X+X/+/Qv+v/7/C+/X/+n+OO1v/n93/8bptyP4HAACACbL7P1G32f8AAACwjez+T9Zt9j8AAABsI7v/U3XbkP2v/9f/79X/36R4+v8b+v8b+v87l/5f/79C/6//v8L79f/6f447W/+f3f/pum3I/gcAAIAJsvs/U7fZ/wAAALCN7P7P1m32PwAAAGwju/9zdduQ/a//1//v1f/f0P/f0P/f0P/fufT/+v8V+n/9/xXer//X/3Pc2fr/7P7P121D9j8AAABMkN3/hbrN/gcAAIBtZPd/sW6z/wEAAGAb2f1fqtuG7H/9v/5f/6//D/2//n+F/l//v0L/r///U/75RO/X/+v/Oe5s/X92/5frtiH7HwAAACbI7v9K3Wb/AwAAwDay+79at9n/AAAAsI3s/q/VbUP2v/5f/6//1/+H/l//v0L/r/9fof/X/1/h/fp//T/Hna3/z+7/et02ZP8DAADABNn936jb7H8AAADYRnb/N+s2+x8AAAC2kd3/rbptyP7X/+v/9f/6/9D/6/9X6P/1/yv0//r/K7xf/6//57iz9f/Z/d+u24bsfwAAAJggu/87dZv9DwAAANvI7v9u3Wb/AwAAwDay+79Xtw3Z//p//b/+X/8f+n/9/wr9v/5/hf5f/3+F9+v/9f8c9+f6//qb/+/a/2f3f79uG7L/AQAAYILs/h/UbfY/AAAAbCO7/4d1m/0PAAAA28ju/1HdNmT/6//1//p//X/o//X/K/T/+v8V+n/9/xXer//X/3Pc2b7/n93/47ptyP4HAACACbL7f1K32f8AAACwjez+n9Zt9j8AAABsI7v/Z3XbkP3/l/r/f6qr/7+h/9f/39L/N/2//v+W/l//v0j/r/+/wvv1//p/jjtb/5/d//O6bcj+BwAAgAmy+39Rt9n/AAAAsI3s/l/WbfY/AAAAbCO7/1d125D97/v/+n/9v/4/9P/6/xX6f/3/Cv2//v8K79f/6/857mz9f3b/r+u2IfsfAAAAJsju/03dZv8DAADANrL7f1u32f8AAACwjez+39VtQ/a//l//r//X/4f+X/+/Qv+v/1+h/9f/X+H9+n/9P8edrf/P7v99AAAA//8VVGrr")
chdir(&(0x7f0000000340)='./file0\x00')
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x12)
unlink(&(0x7f0000000040)='./file1\x00')

2.555998585s ago: executing program 1 (id=1499):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100), 0x2, 0x4fd, &(0x7f0000000b00)="$eJzs3ctvW1kZAPDv3jycyWQmGZgFoAHKMFBQVTtxZ6LRbBhWI4RGQsySRSckThTFiaPYGZrQRbpkj0QlVrDiHwCJBVJX7JFYwI5NWSDxqEANEgsjX19nnIcbq03sNv79pCufe47t75xa9xzrc3NPACPrWkQcRMRkRHwcEbN5fZIf8X77aD3v8aO7y4eP7i4n0Wx+9M8ka2/VRddrWl7O33MqIr7/QcQPkxNB/xhR39vfWKpWKzt5VamxuV2q7+3fXN9cWqusVbbK5cWFxfl3b71TvqCR/vqo9LvffvHhHw6++eNWt2byuu5xXKT20CeO4rSMR8R3LyPYEIzl45l8mhc/1Yu4SGlEfCYi3syu/9kYyz7N445/TN+K/NIGAF5QzeZsNGe7zwGAqy7NcmBJWsxzATORpsViO4f3ekyn1Vq9cWO1tru10s6VzcVEurpercznucK5mEhW18crC1m5c16tlE+c34qI1yLip4WXsvPicq26MswvPgAwwl4+sf7/p9Be/wGAK67r1/zCMPsBAAyO/80HAKPH+g8Ao8f6DwCjx/oPAKPH+g8Ao8f6DwAj5Xsfftg6mof5/a9XPtnb3ah9cnOlUt8obu4uF5drO9vFtVptLbtnz+Z571et1bYX3o7dO6VGpd4o1ff2b2/Wdrcat7P7et+uTAxkVADAk7z25Qd/TiLi4L2XsiO67vd/7lr9xmX3DrhM6bA7AAzN2LA7AAzN6d2+gFEhHw90bdF7r6t66lThpPt9vX2a7xsKPEeuf/4Z8v/AC03+H0bX0+X/fZeHq0D+H0ZXs5nY8x8ARowcP5Cc0979+/98s+ukv9//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4EqayY4kLeZ7gc9EmhaLEa9ExFxMJKvr1cp8RLwaEX8qTBRa5wsRYd8gAHiRpX9L8v2/rs++NXOydbLw30L2GBE/+vlHP7uz1GjsLERMJv86qm/cz+vLw+g/AHCezjrdWcc7Hj+6u9w5Btmfv3+7vbloK+5hfrRbxmM8e5zKcg3T/07y87bW95WxC4h/cC8iPnfW+JMsNzKX73x6Mn4r9isDjZ8ei59mbe3H1r/FZy+gLzBqHrTmn/fPuv7SuJY9nn39T2Uz1LPrzH+Hp+a/9Gj+G+sx/13rN8bbv//OqcrmbLvtXsQXxiMOO2/eNf904ic94r/VZ/y/vPGlN3u1NX8RcT3OGn9yLFapsbldqu/t31zfXFqrrFW2yuXFhcX5d2+9Uy5lOepSJ1N92j/eu/Fqr/it8U/3iD91zvi/1uf4f/m/j3/wlSfE/8ZXz/78X39C/Naa+PU+4y9N/2aqV1sr/kqP8Z/3+d/oM/7Dv+6v9PlUAGAA6nv7G0vVamXnsgvp5YfICknEwQCG0y4UfvWTDwYV6xIL8Xx0Q+F5Kgx7ZgIu26cX/bB7AgAAAAAAAAAAAAAA9DKIPyca9hgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//2KH0wQ=")
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
ioctl$SNDCTL_SEQ_GETINCOUNT(r0, 0xc0046d00, 0xfffffffffffffffe)

2.174480497s ago: executing program 5 (id=1505):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x0, 0x4, 0x61, 0x0, 0x221, 0x22224001, 0x8000000, '\x00', 0x8e})

2.107217527s ago: executing program 4 (id=1507):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f00000000c0)=0x5, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)

2.016028388s ago: executing program 3 (id=1510):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x80000000000008, &(0x7f0000000180)="8c", 0x1)
setsockopt$inet_opts(r0, 0x0, 0xc, &(0x7f0000000000)="c1", 0x1)
getsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000001640)=""/17, &(0x7f00000000c0)=0x11)

1.944916678s ago: executing program 3 (id=1511):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000002c0)=ANY=[@ANYBLOB="010000000000000099000040"])

1.64718976s ago: executing program 1 (id=1512):
r0 = syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
lseek(r0, 0x2004, 0x0)

1.64696642s ago: executing program 5 (id=1513):
r0 = syz_open_dev$usbmon(&(0x7f0000000100), 0x0, 0x20000)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x13, r0, 0xffffd000)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000180)={{{@in=@remote, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x20}}, {{@in6=@loopback, 0x4d3, 0x6c}, 0x0, @in=@remote, 0x0, 0x5}}, 0xe8)

1.6468101s ago: executing program 3 (id=1514):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x1, 0x200000, 0x6000001, {0x0, 0x0, 0x0, r1, {0x5}, {0xd}, {0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400c840}, 0x20048054)

1.60489385s ago: executing program 5 (id=1515):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
syz_mount_image$xfs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x4000000, &(0x7f0000000140), 0x1, 0x983d, &(0x7f0000002240)="$eJzs3QW8pWWheP8zwwBDhyJYgJSYpISBdCiipCghSEsKiIDSoYQKioACCiiISHd3S3d3d3f8PwMDwrjgcn//e4XLWuvjnH12nH2e/Xzf5/Xs8x72XnLeReccGBh34LVeP/1XZ+1667KLjbXgukfvPOSavXZY6IHhF4/y2sl4sw8/nWP46ZwDAwODht/PoNcuGzLbUUcPHhgyMOx//2rM0UYfPObAwOjDzw6/n4GZXzsZY//Xb/fKCPFAJx327bZ/7d+rjTXsToZ9svRyL601MDAw9E1fP2xc0/7bA5W25BzzzfsvqzfcBg+/etC/rnv1dMhr/8bYd2BgjL0H3n77GHbbkd/0tf/Jhn3PcScfWPzW9+B7/59ryTnmW2AE/2FrcaThl808bI2PuAaNjbid77Do6vcNn8JBwyduyJvWy3ux3f8/teQc8y448PbreGCheTa595VX95tD5h4YGDLPwMCQeQcGhsz3XnvU/0zv6cZXVVVV70lzzDnDsOfsg0f4eWDo6z/X0s+F57043Z0DA0MWeu154pDlXn8uWFVVVVVVVVXvz+aYc4a54Pn/uO/0/H/SE7cer+f/VVVVVVVVVf93WmCOOWcY9lx/hOf/E73T8/9H7z94v9f+9n/2mV/7qpff2wdRVVVVVVVVVe/YvAvg8/9J3+n5/wVHTXpxz/+rqqqqqqqq/u+0yCuvvLLZm15nb/jFU79+PT3/P/mem5d5zwZcVVVVVVVVVf/tXn7ohFP+9ZrvEw+M8Hrvrzb89wKDDjvt0kvfs4G+Pxr0778P2fy9HtP/34Y5Dz1w0oGBtRZ/r4dS70H/Z16rvv5Xyt9d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v8xb3N8f83Xv//5CNWeP294D895QzXnvCvr3z1vf+HLLTAQ1u8R0N/L/qgHv8fWG3QwMBw33FXGxgYWGiORRabemBg4IRrZ5hyioE3rptl2HVfGX+kV98g/vX/TGSe8fiON5/stdNhG8rAh9+4j8Nevf8FXtlnpEEjDOJNjXfMfvutuuQzM454OtXbP47Bb3w21tH3v/7fsgwe4UZD3+aLX7//1x/LiM7Dxz71sLFPs/6a60yz3kYbf2G1NZdfZaVVVlpr1ulnmm7GWWedaaZpVl5tjZWmfe3j283ZpK9+nOvdzNmYI87ZQ3O8ec5GfGxvN2eTvvOcvXqPu5w/9Ouvz9mQ/+aczfXOczbpasO/0Xizjzyw3KtzM2hgYLy5Rx7YcNiZ6UYdGBhvnuG3nWjYbb86/uCBgZ3+9UCHfTbqG9vgoM2H3WbJeRed87Xd1MDAv07/1du8n/0ow0c++/DTOYafzvnatxl34F+b4pDZjjp68LC5eMt0jDna6IPHHBgYffjZ4fczMOtrJ6Of+Prt3uZ91kcY6Ksvs7L9a/9ebayBgYExhn0y8fInbzNs6v8D79P+//T////mNcugN7bHQcP/Db/Na15zzLfAv77Xq9MwbO5GGn7ZzMNM/off2v4t/dt4Jx06MOk7jPcdXhfn1Wj7WuOECbb8n3pdHBrvRO8w3nd4Hd+3He8Sd+5+32t39T823hH2dQu++nH2d7OvG3jnfd1IdAcrXfTJEfd133z7Ib5ld/n6HI06wo3ebl830Z6TbD7s/md/533dgsPGPvJb9nWDBwbGm+v1fd2wHd+8Iw/sNOzM9MPOzDfywAHDzszw6pnRBk4bduaLK6y9xorDLpj/37eDqQe95Q80YZ3NO8I6G/Smxz5ohL/vHPLa6Rj7vv4eTm+z3xw0/GH9l/sK2m7HfYfxvsP7T+E8D7tsxcOHTvA/9f5TNN6h7zzet3u/7Lcd745Pn3zr//B431hnI79puuZ/N+ts0reus2EPcaQ3rYx3+3PYinD71z6f6I1722DT+9/4mWLkEe73v/qZYv53XmfjrjbC122398Cgd5qb+d7N3Hzi3/ZBW7x5bt7tz1tTT/7a9SO9w9yMOuuyU70+N6P8N+dmvv/u3Mw+MNJb52bIwDwDAwNTDN8/zPtu5maid56bd7vdjA63f+3zld64aO4dDjzn9bkZcS7+q7mZ9787N5O+sd1M8ep1kw0eGGWUgQ2XX3/9dad77ePrZ6d/7eM7r8G5381cjvs/M5cfG/J2c/mvTXXMOy/e979Yg/+2T3/9/uf+787lwBtzObDaiIul3q/1+z93+bvL313+7vJ3l7+7/MW9zfH/N17/f7dxv7Lz8F9ujHzxJBNu+16P9z3uA338f7jvW47/bzvhJBcPHnjjunc8Pvvabd6Xx2dnfu1kjP1fv92Ixwd5oG9/fHbvWWfe+j90fPb/qdfX6rv4PVz7f3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+4tzn+P+3rfwdwz3QLPz78QOjID2y11MLv9Xjf4z7Qx/+H+77l+P/CS231wOCBN657x+P/r93Gcfz/9hfm3fH9fPz/9bXa8f/6L8rfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/MW9zfH/2V//O4CDD95949f/HuDK8bY/4b0e73vcB/X4f+//7639v7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y1/c8OP/AyO8veV32i4wOP7/f7u38V84f8ziv0j+mMV/0fwxi/9i+WMW/8Xzxyz+S+SPWfy/mz9m8V8yf8zi/738MYv/9/PHLP5L5Y9Z/JfOH7P4L5M/ZvFfNn/M4v+D/DGL/3L5Yxb/5fPHLP4/zB+z+K+QP2bxXzF/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP6r5Y9Z/H+UP2bxXz1/zOK/Rv6YxX/N/DGL/1r5Yxb/tfPHLP7r5I9Z/H+cP2bxXzd/zOK/Xv6YxX/9/DGL/0/yxyz+G+SPWfx/mj9m8d8wf8ziv1H+mMV/4/wxi//P8scs/j/PH7P4b5I/ZvHfNH/M4r9Z/pjFf/P8MYv/FvljFv8t88cs/lvlj1n8t84fs/hvkz9m8d82f8zi/4v8MYv/L/PHLP7b5Y9Z/LfPH7P475A/ZvHfMX/M4v+r/DGL/6/zxyz+v8kfs/jvlD9m8d85f8zi/9v8MYv/7/LHLP675I9Z/H+fP2bx3zV/zOK/W/6YxX/3/DGL/x/yxyz+f8wfs/jvkT9m8d8zf8ziv1f+mMX/T/ljFv8/549Z/PfOH7P475M/ZvHfN3/M4v+X/DGL/1/zxyz+++WPWfz3zx+z+P8tf8zif0D+mMX/7/ljFv8D88cs/v/IH7P4H5Q/ZvE/OH/M4n9I/pjF/9D8MYv/YfljFv/D88cs/kfkj1n8j8wfs/gflT9m8T86f8zif0z+mMX/2Pwxi/9x+WMW/+Pzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOJ/Sv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8/5k/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/hfkT9m8b8yf8zif1X+mMX/6vwxi/81+WMW/2vzxyz+1+WPWfyvzx+z+N+QP2bxvzF/zOJ/U/6Yxf/m/DGL/y35Yxb/W/PHLP635Y9Z/G/PH7P435E/ZvG/M3/M4n9X/pjF/+78MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8X8wf8zi/1D+mMX/4fwxi/8j+WMW/0fzxyz+j+WPWfwfzx+z+D+RP2bxfzJ/zOL/VP6Yxf/p/DGL/zP5Yxb/Z/PHLP7P5Y9Z/J/PH7P4v5A/ZvF/MX/M4v9S/pjF/+X8MYv/K/ljEv9BA/ljFv9B+WMW/8H5Yxb/kfLHLP5D8scs/iPnj1n8R8kfs/iPmj9m8R+aP2bxHy1/zOI/ev6YxX+M/DGL/5j5Yxb/sfLHLP5j549Z/MfJH7P4j5s/ZvEfL3/M4j9+/pjF/0P5Yxb/D+ePWfwnyB+z+H8kf8ziP2H+mMV/ovwxi/9H88cs/h/LH7P4fzx/zOL/ifwxi/8n88cs/hPnj1n8J8kfs/hPmj9m8f9U/pjFf7LX/Ye+R+N6n2bxn7z1j1n8p8gfs/hPmT9m8Z8qf8zi/+n8MYv/1PljFv/P5I9Z/D+bP2bx/1z+mMX/8/ljFv8v5I9Z/L+YP2bxnyZ/zOI/bf6YxX+6/DGL//T5Yxb/GfLHLP4z5o9Z/L+UP2bxnyl/zOI/c/6YxX+W/DGL/6z5Yxb/L+ePWfy/kj9m8f9q/pjF/2v5Yxb/2fLHLP5fzx+z+M+eP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvFfIH/M4v+N/DGL/zfzxyz+C+aPWfy/lT9m8V8of8zi/+38MYv/d/LHLP4L549Z/BfJH7P4L5o/ZvFfLH/M4r94/pjFf4n8MYv/d/PHLP5L5o9Z/L+XP2bx/37+mMV/qfwxi//S+WMW/2Xyxyz+y+aPWfx/kD9m8V8uf8ziv3z+mMX/h/ljFv8V8scs/ivmj1n8V8ofs/ivnD9m8V8lf8ziv2r+mMV/tfwxi/+P8scs/qvnj1n818gf+4D6Xzcwgv+a+WMfUP9Xe7P/WvljFv+188cs/uvkj1n8f5w/ZvFfN3/M4r9e/pjFf/38MYv/T/LHLP4b5I9Z/H+aP2bx3zB/zOK/Uf6YxX/j/DGL/8/yxyz+P88fs/hvkj9m8d80f8ziv1n+mMV/8/wxi/8W+WMW/y3zxyz+W+WPWfy3zh+z+G+TP2bx3zZ/zOL/i/wxi/8v88cs/tvlj1n8t88fs/jvkD9m8d8xf8zi/6v8MYv/r/PHLP6/yR+z+O+UP2bx3zl/zOL/2/wxi//v8scs/rvkj1n8f58/ZvHfNX/M4r9b/pjFf/f8MYv/H/LHLP5/zB+z+O+RP2bx3zN/zOK/V/6Yxf9P+WMW/z/nj1n8984fs/jvkz9m8d83f8zi/5f8MYv/X/PHLP775Y9Z/PfPH7P4/+2t/nf/x8f1Ps3if0DrH7P4/z1/zOJ/YP6Yxf8f+WMW/4Pyxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGJ/6vl/+9J/AddmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8h+FLrT4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8sck/q9+mv+/Z/EflD9m8R+cP2bxHyl/zOI/JH/M4j9y/pjFf5T8MYv/qPljFv+h+WMW/9Hyxyz+o+ePWfzHyB+z+I+ZP2bxHyt/zOI/dv6YxX+c/DGL/7j5Yxb/8fLHLP7j549Z/D+UP2bx/3D+mMV/gvwxi/9H8scs/hPmj1n8J8ofs/h/NH/M4v+x/DGL/8fzxyz+n8gfs/h/Mn/M4j9x/pjFf5L8MYv/pPljFv9P5Y9Z/CfLH7P4T54/ZvGfIn/M4j9l/pjFf6r8MYv/p/PHLP5T549Z/D+TP2bx/2z+mMX/c/ljFv/P549Z/L+QP2bx/2L+mMV/mvwxi/+0+WODztp15IGBgQ+8/3T5Y5b1P33+mMV/hvwxi/+M+WMW/y/lj1n8Z8ofs/jPnD9m8Z8lf8ziP2v+mMX/y/ljFv+v5I9Z/L+aP2bx/1r+mMV/tvwxi//X88cs/rPnj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfwXyB+z+H8jf8zi/838MYv/gvljFv9v5Y9Z/BfKH7P4fzt/zOL/nfwxi//C+WMW/0Xyxyz+i+aPWfwXyx+z+C+eP2bxXyJ/zOL/3fwxi/+S+WMW/+/lj1n8v58/ZvFfKn/M4r90/pjFf5n8MYv/svljFv8f5I9Z/JfLH7P4L58/ZvH/Yf6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvFfLX/M4v+j/DGL/+r5Yxb/NfLHLP5r5o9Z/NfKH7P4r50/ZvFfJ3/M4v/j/DGL/7r5Yxb/9fLHLP7r549Z/H+SP2bx3yB/zOL/0/wxi/+G+WMW/43yxyz+G+ePWfx/lj9m8f95/pjFf5P8MYv/pvljFv/N8scs/pvnj1n8t8gfs/hvmT9m8d8qf8ziv3X+mMV/m/wxi/+2+WMW/1/kj1n8f5k/ZvHfLn/M4r99/pjFf4f8MYv/jvljFv9f5Y9Z/H+dP2bx/03+mMV/p/wxi//O+WMW/9/mj1n8f5c/ZvHfJX/M4v/7/DGL/675Yxb/3fLHLP67549Z/P+QP2bx/2P+mMV/j/wxi/+e+WMW/73yxyz+f8ofs/j/OX/M4r93/pjFf5/8MYv/vvljFv+/5I9Z/P+aP2bx3y9/zOK/f/6Yxf9v+WMW/wPyxyz+f88fs/gfmD9m8f9H/pjF/6D8MYv/wfljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvE/I3/M4n9m/pjF/6z8MYv/2fljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zi/8/8MYv/hfljFv+L8scs/hfnj1n8L8kfs/hfmj9m8b8sf8zif3n+mMX/ivwxi/+V+WMW/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfk/iPNJA/ZvEflD9m8R+cP2bxHyl/zOI/JH/M4j9y/pjFf5T8MYv/qPljFv+h+WMW/9Hyxyz+o+ePWfzHyB+z+I+ZP2bxHyt/zOI/dv6YxX+c/DGL/7j5Yxb/8fLHLP7j549Z/D+UP2bx/3D+mMV/gvwxi/9H8scs/hPmj1n8J8ofs/h/NH/M4v+x/DGL/8fzxyz+n8gfs/h/Mn/M4j9x/pjFf5L8MYv/pPljFv9P5Y9Z/CfLH7P4T54/ZvGfIn/M4j9l/pjFf6r8MYv/p/PHLP5T549Z/D+TP2bx/2z+mMX/c/ljFv/P549Z/L+QP2bx/2L+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/1L+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfy/nD9m8f9K/pjF/6v5Yxb/r+WPWfxnyx+z+H89f8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/zfyxyz+38wfs/gvmD9m8f9W/pjFf6H8MYv/t/PHLP7fyR+z+C+cP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP7fzR+z+C+ZP2bx/17+mMX/+/ljFv+l8scs/kvnj1n8l8kfs/gvmz9m8f9B/pjFf7n8MYv/8vljFv8f5o9Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/j/KH7P4r54/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/j/OH7P4r5s/ZvFfL3/M4r9+/pjF/yf5Yxb/DfLHLP4/zR+z+G+YP2bx3yh/zOK/cf6Yxf9n+WMW/5/nj1n8N8kfs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx/0X+mMX/l/ljFv/t8scs/tvnj1n8d8gfs/jvmD9m8f9V/pjF/9f5Yxb/3+SPWfx3yh+z+O+cP2bx/23+mMX/d/ljFv9d8scs/r/PH7P475o/ZvHfLX/M4r97/pjF/w/5Yxb/P+aPWfz3yB+z+O+ZP2bx3yt/zOL/p/wxi/+f88cs/nvnj1n898kfs/jvmz9m8f9L/pjF/6/5Yxb//fLHLP77549Z/P+WP2bxPyB/zOL/9/wxi/+B+WMW/3/kj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+/8wfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxif+Qgfwxi/+gd+c/yv/auN6nWfwHt/4xi/9I+WMW/yH5Yxb/kfPHLP6j5I9Z/EfNH7P4D80fs/iPlj9m8R89f8ziP0b+mMV/zPwxi/9Y+WMW/7Hzxyz+4+SPWfzHzR+z+I+XP2bxHz9/zOL/ofwxi/+H88cs/hPkj1n8P5I/ZvGfMH/M4j9R/pjF/6P5Yxb/j+WPWfw/nj9m8f9E/pjF/5P5Yxb/ifPHLP6T5I9Z/CfNH7P4fyp/zOI/Wf6YxX/y/DGL/xT5Yxb/KfPHLP5T5Y9Z/D+dP2bxnzp/zOL/mfwxi/9n88cs/p/LH7P4fz5/zOL/hfwxi/8X88cs/tPkj1n8p80fs/hPlz9m8Z8+f8ziP0P+mMV/xvwxi/+X8scs/jPlj1n8Z84fs/jPkj9m8Z81f8zi/+X8MYv/V/LHLP5fzR+z+H8tf8ziP1v+mMX/6/ljFv/Z88cs/nPkj1n858wfs/jPlT9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+C+SPWfy/kT9m8f9m/pjFf8H8MYv/t/LHLP4L5Y9Z/L+dP2bx/07+mMV/4fwxi/8i+WMW/0Xzxyz+i+WPWfwXzx+z+C+RP2bx/27+mMV/yfwxi//38scs/t/PH7P4L5U/ZvFfOn/M4r9M/pjFf9n8MYv/D/LHLP7L5Y9Z/JfPH7P4/zB/zOK/Qv6YxX/F/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4r5Y/ZvH/Uf6YxX/1/DGL/xr5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvH/cf6YxX/d/DGL/3r5Yxb/9fPHLP4/yR+z+G+QP2bx/2n+mMV/w/wxi/9G+WMW/43zxyz+P8sfs/j/PH/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/8v8scs/r/MH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/r/LHLP6/zh+z+P8mf8ziv1P+mMV/5/wxi/9v88cs/r/LH7P475I/ZvH/ff6YxX/X/DGL/275Yxb/3fPHLP5/yB+z+P8xf8ziv0f+mMV/z/wxi/9e+WMW/z/lj1n8/5w/ZvHfO3/M4r9P/pjFf9/8MYv/X/LHLP5/zR+z+O+XP2bx3z9/zOL/t/wxi/8B+WMW/7/nj1n8D8wfs/j/I3/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvE/M3/M4n9W/pjF/+z8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8f9n/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj0n8Rx7IH7P4D8ofs/gPzh+z+I+UP2bxH5I/ZvEfOX/M4j9K/pjFf9T8MYv/0Pwxi/9o+WMW/9Hzxyz+Y+SPWfzHzB+z+I+VP2bxHzt/zOI/Tv6YxX/c/DGL/3j5Yxb/8fPHLP4fyh+z+H84f8ziP0H+mMX/I/ljFv8J88cs/hPlj1n8P5o/ZvH/WP6Yxf/j+WMW/0/kj1n8P5k/ZvGfOH/M4j9J/pjFf9L8MYv/p/LHLP6T5Y9Z/CfPH7P4T5E/ZvGfMn/M4j9V/pjF/9P5Yxb/qfPHLP6fyR+z+H82f8zi/7n8MYv/5/PHLP5fyB+z+H8xf8ziP03+mMV/2vwxi/90+WMW/+nzxyz+M+SPWfxnzB+z+H8pf8ziP1P+mMV/5vwxi/8s+WMW/1nzxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+s+WPWfy/nj9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6Yxf8b+WMW/2/mj1n8F8wfs/h/K3/M4r9Q/pjF/9v5Yxb/77j8h7zbG1r8F3b5v+ss/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/u/ljFv8l88cs/t/LH7P4fz9/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/yB+z+C+XP2bxXz5/zOL/w/wxi/8K+WMW/xXzxyz+K+WPWfxXzh+z+K+SP2bxXzV/zOK/Wv6Yxf9H+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6Yxf/H+WMW/3Xzxyz+6+WPWfzXzx+z+P8kf8ziv0H+mMX/p/ljFv8N88cs/hvlj1n8N84fs/j/LH/M4v/z/DGL/yb5Yxb/TfPHLP6b5Y9Z/DfPH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv9t88cs/r/IH7P4/zJ/zOK/Xf6YxX/7/DGL/w75Yxb/HfPHLP6/yh+z+P86f8zi/5v8MYv/TvljFv+d88cs/r/NH7P4/y5/zOK/S/6Yxf/3+WMW/13zxyz+u+WPWfx3zx+z+P8hf8zi/8f8MYv/HvljFv8988cs/nvlj1n8/5Q/ZvH/c/6YxX/v/DGL/z75Yxb/ffPHLP5/yR+z+P81f8ziv1/+mMV///wxi//f8scs/gfkj1n8/54/ZvE/MH/M4v+P/DGL/0H5Yxb/g/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+p+SPWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf/M/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF/5/5Yxb/C/PHLP4X5Y9Z/C/OH7P4X5I/ZvG/NH/M4n9Z/pjF//L8MYv/FfljFv8r88cs/lflj1n8r84fs/hfkz9m8b82f8zif13+mMX/+vwxi/8N+WMW/xvzxyz+N+WPWfxvzh+z+N+SP2bxvzV/zOJ/W/6Yxf/2/DGL/x35Yxb/O/PHLP535Y9Z/O/OH7P435M/ZvG/N3/M4n9f/pjF//78MYv/A/ljFv8H88cs/g/lj1n8H84fs/g/kj9m8X80f8zi/1j+mMX/8fwxi/8T+WMW/yfzxyz+T+WPWfyfzh+z+D+TP2bxfzZ/zOL/XP6Yxf/5/DGL/wv5Yxb/F/PHLP4v5Y9Z/F/OH7P4v5I/JvEfZSB/zOI/KH/M4j84f8ziP1L+mMV/SP6YxX/k/DGL/yj5Yxb/UfPHLP5D88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+mMV/7Pwxi/84+WMW/3Hzxyz+4+WPWfzHzx+z+H8of8zi/+H8MYv/BPljFv+P5I9Z/CfMH7P4T5Q/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvH/ZP6YxX/i/DGL/yT5Yxb/SfPHLP6fyh+z+E+WP2bxnzx/zOI/Rf6YxX/K/DGL/1T5Yxb/T+ePWfynzh+z+H8mf8zi/9n8MYv/5/LHLP6fzx+z+H8hf8zi/8X8MYv/NPljFv9p88cs/tPlj1n8p88fs/jPkD9m8Z8xf8zi/6X8MYv/TPljFv+Z88cs/rPkj1n8Z80fs/h/OX/M4v+V/DGL/1fzxyz+X8sfs/jPlj9m8f96/pjFf/b/2n/U/9VxvU+z+M/R+scs/nPmj1n858ofs/jPnT9m8Z8nf8ziP2/+mMV/vvwxi//8+WMW/wXyxyz+38gfs/h/M3/M4r9g/pjF/1v5Yxb/hfLHLP7fzh+z+H8nf8ziv3D+mMV/kfwxi/+i+WMW/8Xyxyz+i+ePWfyXyB+z+H83f8ziv2T+mMX/e/ljFv/v549Z/JfKH/uA+g8awXqUpfPHPqD+r/bm9b9M/pjFf9n8MYv/D/LHLP7L5Y9Z/JfPH7P4/zB/zOK/Qv7YoLMGDZ+ZD7b/ivljlvW/Uv6YxX/l/DGL/yr5Yxb/VfPHLP6r5Y9Z/H+UP2bxXz1/zOK/Rv6YxX/N/DGL/1r5Yxb/tfPHLP7r5I9Z/H+cP2bxXzd/zOK/Xv6YxX/9/DGL/0/yxyz+G+SPWfx/mj9m8d8wf8ziv1H+mMV/4/wxi//P8scs/j/PH7P4b5I/ZvHfNH/M4r9Z/pjFf/P8MYv/FvljFv8t88cs/lvlj1n8t84fs/hvkz9m8d82f8zi/4v8MYv/L/PHLP7b5Y9Z/LfPH7P475A/ZvHfMX/M4v+r/DGL/6/zxyz+v8kfs/jvlD9m8d85f8zi/9v8MYv/7/LHLP675I9Z/H+fP2bx3zV/zOK/W/6YxX/3/DGL/x/yxyz+f8wfs/jvkT9m8d8zf8ziv1f+mMX/T/ljFv8/549Z/PfOH7P475M/ZvHfN3/M4v+X/DGL/1/zxyz+++WPWfz3zx+z+P8tf8zif0D+mMX/7/ljFv8D88cs/v/IH7P4H5Q/ZvE/OH/M4n9I/pjF/1Cd/6B39XAt/ofp/N9dFv/D88cs/kfkj1n8j8wfs/gflT9m8T86f8zif0z+mMX/2Pwxi/9x+WMW/+Pzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOJ/Sv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8/5k/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/hf8S79h/xvjet9msX/ytY/ZvG/Kn/M4n91/pjF/5r8MYv/tfljFv/r8scs/tfnj1n8b8gfs/jfmD9m8b8pf8zif3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfzvyB+z+N+ZP2bxvyt/zOJ/d/6Yxf+e/DGL/735Yxb/+/LHLP73549Z/B/IH7P4P5g/ZvF/KH/M4v9w/pjF/5H8MYv/o/ljFv/H8scs/o/nj1n8n8gfs/g/mf/AaHCZxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8sck/qMO5I9Z/Aflj1n8B+ePWfxHyh+z+A/JH7P4j5w/ZvEfJX/M4j9q/pjFf2j+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/bv6YxX+8/Ic39C3nLP7j549Z/D+UP2bx/3D+mMV/gvwxi/9H8scs/hPmj1n8J8ofs/h/NH/M4v+x/DGL/8fzxyz+n8gfs/h/Mn/M4j9x/pjFf5L8MYv/pPljFv9P5Y9Z/CfLH7P4T54/ZvGfIn/M4j9l/pjFf6r8MYv/p/PHLP5T549Z/D+TP2bx/2z+mMX/c/ljFv/P549Z/L+QP2bx/2L+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/1L+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfy/nD9m8f9K/pjF/6v5Yxb/r+WPWfxnyx+z+H89f8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/zfyxyz+38wfs/gvmD9m8f9W/pjFf6H8MYv/t/PHLP7fyR+z+C+cP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP7fzR+z+C+ZP2bx/17+mMX/+/ljFv+l8scs/kvnj1n8l8kfs/gvmz9m8f9B/pjFf7n8MYv/8vljFv8f5o9Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/j/KH7P4r54/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/j/OH7P4r5s/ZvFfL3/M4r9+/pjF/yf5Yxb/DfLHLP4/zR+z+G+YP2bx3yh/zOK/cf6Yxf9n+WMW/5/nj1n8N8kfs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3Qf+2CIv/tmljFv9f5I9Z/H+ZP2bx3y5/zOK/ff6YxX+H1/xfeuW9Gtf7NIv/jq1/zOL/q/wxi/+v88cs/r/JH7P475Q/ZvHfOX/M4v/b/DGL/+/yxyz+u+SPWfx/nz9m8d81f8ziv1v+mMV/9/wxi/8f8scs/n/MH7P475E/ZvHfM3/M4r9X/pjF/0/vyn/k/71xvU+z+P+59Y9Z/PfOH7P475M/ZvHfN3/M4v+X/DGL/1/zxyz+++WPWfz3zx+z+P8tf8zif0D+mMX/7/ljFv8D88cs/v/IH7P4H5Q/ZvE/OH/M4n9I/pjF/9D8MYv/YfljFv/D88cs/kfkj1n8j8wfs/gflT9m8T86f8zif0z+mMX/2Pwxi/9x+WMW/+Pzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOJ/Sv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8/5k/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/hfkT9m8b8yf8zif1X+mMX/6vwxi/81+WMW/2vzxyz+1+WPWfyvzx+z+N+QP2bxvzF/zOJ/U/6Yxf/m/DGL/y35Yxb/W/PHLP635Y9Z/G/PH7P435E/ZvG/M3/M4n9X/pjF/+78MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8X8wf8zi/1D+mMX/4fwxi/8j+WMW/0fzxyz+j+WPWfwfzx+z+D+RP2bxfzJ/zOL/VP6Yxf/p/DGL/zP5Yxb/Z/PHLP7P5Y9Z/J/PH7P4v5A/ZvF/MX/M4v9S/pjF/+X8MYv/K/ljEv+hA/ljFv9B+WMW/8H5Yxb/kfLHLP5D8scs/iPnj1n8R8kfs/iPmj9m8R+aP2bxHy1/zOI/ev6YxX+M/DGL/5j5Yxb/sfLHLP5j549Z/MfJH7P4j5s/ZvEfL3/M4j9+/pjF/0P5Yxb/D+ePWfwnyB+z+H8kf8ziP2H+mMV/ovwxi/9H88cs/h/LH7P4fzx/zOL/ifwxi/8n88cs/hPnj1n8J8kfs/hPmj9m8f9U/pjFf7L8MYv/5PljH2D/wW/2nyJ/7APs/5b1P2X+mMV/qvwxi/+n88cs/lPnj1n8P5M/ZvH/bP6Yxf9z+WMW/8/nj1n8v5A/ZvH/Yv6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/Uv6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/L+cP2bx/8o7+u/+vz+u92kW/6+2/jGL/9fyxyz+s+WPWfy/nj9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6Yxf8b+WMW/2/mj1n8F8wfs/h/K3/M4r9Q/pjF/9v5Yxb/7+SPWfwXzh+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/7+aPWfyXzB+z+H8vf8zi//38MYv/UvljFv+l88cs/svkj1n8l80fs/j/IH/M4r9c/pjFf/n8MYv/D/PHLP4r5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv8f5Y9Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv8f549Z/NfNH7P4r5c/ZvFfP3/M4v+T/LEPpv89nxnh0qEb5I99MP1f683r/6f5Yxb/DfPHLP4b5Y9Z/DfOH7P4/yx/zOL/8/wxi/8m+WMW/03zxyz+m+WPWfw3zx+z+G+RP2bx3zJ/zOK/Vf6YxX/r/DGL/zb5Yxb/bfPHLP6/yB+z+P8yf8ziv13+mMV/+/wxi/8O+WMW/x3zxyz+v8ofs/j/On/M4v+b/DGL/075Yxb/nfPHLP6/zR+z+P8uf8ziv0v+mMX/9/ljFv9d88cs/rvlj1n8d88fs/j/IX/M4v/H/DGL/x75Yxb/PfPHLP575Y9Z/P+UP2bx/3P+mMV/7/wxi/8++WMW/33zxyz+f8kfs/j/NX/M4r9f/pjFf//8MYv/3/LHLP4H5I9Z/P+eP2bxPzB/zOL/j/wxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf+f+WMW/wvzxyz+F+WPWfwvzh+z+F+SP2bxvzR/zOJ/Wf6Yxf/y/DGL/xX5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/3zv5j/0fGNf7NIv//a1/zOL/QP6Yxf/B/DGL/0P5Ywb/QUMGhj6cP2bwH7b+H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH5P4jzaQP2bxH5Q/ZvEfnD9m8R8pf8ziPyR/zOI/cv6YxX+U/DGL/6j5Yxb/ofljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMV/nPwxi/+4+WMW//Hyxyz+4+ePWfw/lD9m8f9w/pjFf4L8MYv/R/LHLP4T5o9Z/CfKH7P4fzR/zOL/sfwxi//H88cs/p/IH7P4fzJ/zOI/cf6YxX+S/DGL/6T5Yxb/T+WPWfwnyx+z+E+eP2bxnyJ/zOI/Zf6YxX+q/DGL/6fzxyz+U+ePWfw/kz9m8f9s/pjF/3P5Yxb/z8v8p3uXt7P4f0Hm/26z+H8xf8ziP03+mMV/2oGBzd6rIb2fs/hP1/rHLP7T549Z/GfIH7P4z5g/ZvH/Uv6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/L+cP2bx/0r+mMX/q+/kL94wLP5fczO/bRb/2fLHLP5fzx+z+M+eP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvFfIH/M4v+N/DGL/zfzxyz+C+aPWfy/lT9m8V8of8zi/+38MYv/d/LHLP4L549Z/BfJH7P4L5o/ZvFfLH/M4r94/pjFf4n8MYv/d/PHLP5L5o9Z/L+XP2bx/37+mMV/qfwxi//S+WMW/2Xyxyz+y+aPWfx/kD9m8V8uf8ziv3z+mMX/h/ljFv8V8scs/ivmj1n8V8ofs/ivnD9m8V8lf8ziv2r+mMV/tfwxi/+P8scs/qvnj1n818gfs/ivmT9m8V8rf8ziv3b+mMV/nfwxi/+P88cs/uvmj1n818sfs/ivnz9m8f9J/pjFf4P8MYv/T/PHLP4b5o9Z/DfKH7P4b5w/ZvH/Wf6Yxf/n+WMW/03yxyz+m+aPWfw3yx+z+G+eP2bx3yJ/zOK/Zf6YxX+r/DGL/9b5Yxb/bfLHLP7b5o9Z/H+RP2bx/2X+mMV/u/wxi//2+WMW/x3yxyz+O+aPWfx/lT9m8f91/pjF/zf5Yxb/nfLHLP47549Z/H+bP2bx/13+mMV/l/wxi//v88cs/rvmj1n8d8sfs/jvnj9m8f9D/pjF/4/5Yxb/PfLHLP575o9Z/PfKH7P4/yl/zOL/5/wxi//e+WMW/33yxyz+++aPWfz/kj9m8f9r/pjFf7/8MYv//vljFv+/5Y9Z/A/IH7P4/z1/zOJ/YP6Yxf8f+WMW/4Pyxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5Ej+g/9D4/rfZrF/6jWP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP4n5I9Z/E/MH/vg+u9x/psuHe2k/LEPrv9b1//J+WMW/1Pyxyz+p+aPWfxPyx+z+J+eP2bxPyN/zOJ/Zv6Yxf+s/DGL/9n5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4v/P/DGL/4X5Yxb/i/LHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv+r8scs/lfnj1n8r8kfs/hfmz9m8b8uf8zif33+mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH5P4jz6QP2bxH5Q/ZvEfnD9m8R8pf8ziPyR/zOI/cv6YxX+U/DGL/6gq/9He9S0t/kNV/u8+i/9o+WMW/9Hzxyz+Y+SPWfzHzB+z+I+VP2bxHzt/zOI/Tv6YxX/c/DGL/3j5Yxb/8fPHLP4fyh+z+H84f8ziP0H+mMX/I/ljFv8J88cs/hPlj1n8P5o/ZvH/WP6Yxf/j+WMW/0/kj1n8P5k/ZvGfOH/M4j9J/pjFf9L8MYv/p/LHLP6T5Y9Z/CfPH7P4T5E/ZvGfMn/M4j9V/pjF/9P5Yxb/qfPHLP6fyR+z+H82f8zi/7n8MYv/5/PHLP5fyB+z+H8xf8ziP03+mMV/2vwxi/90+WMW/+nzxyz+M+SPWfxnzB+z+H8pf8ziP1P+mMV/5vwxi/8s+WMW/1nzxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+s+WPWfy/nj9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6Yxf8b+WMW/2/mj1n8F8wfs/h/K3/M4r9Q/pjF/9v5Yxb/7+SPWfwXzh+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/7+aPWfyXzB+z+H8vf8zi//38MYv/UvljFv+l88cs/svkj1n8l80fs/j/IH/M4r9c/pjFf/n8MYv/D/PHLP4r5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv8f5Y9Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv8f549Z/NfNH7P4r5c/ZvFfP3/M4v+T/DGL/wb5Yxb/n+aPWfw3zB+z+G+UP2bx3zh/zOL/s/wxi//P88cs/pvkj1n8N80fs/hvlj9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfy3zR+z+P8if8zi/8v8MYv/dvljFv/t88cs/jvkj1n8d8wfs/j/Kn/M4v/r/DGL/2/yxyz+O+WPWfx3fjv/Uf9D43qfZvH/besfs/j/Ln/M4r9L/pjF//f5Yxb/XfPHLP675Y9Z/HfPH7P4/yF/zOL/x/wxi/8e+WMW/z3zxyz+e+WPWfz/lD9m8f9z/pjFf+/8MYv/PvljFv9988cs/n/JH7P4/zV/zOK/X/6YxX///DGL/9/yxyz+B+SPWfz/nj9m8T8wf8zi/4/8MYv/QfljFv+D88cs/ofkj1n8D80fs/gflj9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+x+SPWfyPzR+z+B+XP2bxPz5/zOJ/Qv6Yxf/EN/kPfi/G9T7N4n9S6x+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8sbf6D3xg/c/PH7Os/wvyxyz+/8wfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s8L/Ud7F7ex+L8g9H83WfxfzB+z+L+UP2bxfzl/zOL/Sv6YxH+Mgfwxi/+g/DGL/+D8MYv/SPljFv8h+WMW/5Hzxyz+o+SPWfxHzR+z+A/NH7P4j5Y/ZvEfPX/M4j9G/pjFf8z8MYv/WPljFv+x88cs/uPkj1n8x80fs/iPlz9m8R8/f8zi/6H8MYv/h/PHLP4T5I9Z/D+SP2bxnzB/zOI/Uf6Yxf+j+WMW/4/lj1n8P54/ZvH/RP6Yxf+T+WMW/4nzxyz+k+SPWfwnzR+z+H8qf8ziP1n+mMV/8vwxi/8U+WMW/ynzxyz+U+WPWfw/nT9m8Z86f8zi/5n8MYv/Z/PHLP6fyx+z+H8+f8zi/4X8MYv/F/PHLP7T5I9Z/KfNH7P4T5c/ZvGfPn/M4j9D/pjFf8b8MYv/l/LHLP4z5Y9Z/GfOH7P4z5I/ZvGfNX/M4v/l/DGL/9xD86cs/l9t/WMW/6/lj1n8Z8sfs/h/PX/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/838scs/t/MH7P4L5g/ZvH/Vv6YxX+h/DGL/7fzxyz+38kfs/gvnD9m8V8kf8ziv2j+mMV/sfwxi//i+WMW/yXyxyz+380fs/gvmT9m8f9e/pjF//v5Yxb/pfLHLP5L549Z/JfJH7P4L5s/ZvH/Qf6YxX+5/DGL//L5Yxb/H+aPWfxXyB+z+K+YP2bxXyl/zOK/cv6YxX+V/DGL/6r5Yxb/1fLHLP4/yh+z+K+eP2bxXyN/zOK/Zv6YxX+t/DGL/9r5Yxb/dfLHLP4/zh+z+K+bP2bxXy9/zOK/fv6Yxf8n+WMW/w3yxyz+P80fs/hvmD9m8d8of8ziv3H+mMX/Z/ljFv+f549Z/DfJH7P4b5o/ZvHfLH/M4r95/pjFf4v8MYv/lvljFv+t8scs/lvnj1n8t8kfs/hvmz9m8f9F/pjF/5f5Yxb/7fLHLP7b549Z/HfIH7P475g/ZvH/Vf6Yxf/X+WMW/9/kj33g/N+E/Gb/nfLHPnD+b7P+d84fs/j/Nn/M4v+7/DGL/y75Yxb/3+ePWfx3zR+z+O+WP2bx3z1/zOL/h/wxi/8f88cs/nvkj1n898wfs/jvlT9m8f9T/pjF/8/5Yxb/vfPHLP775I9Z/PfNH7P4/yV/zOL/1/wxi/9++WMW//3zxyz+f8sfs/gfkD9m8f97/pjF/8D8MYv/P/LHLP4H5Y9Z/A/OH7P4H5I/ZvE/NH/M4n9Y/pjF//D8MYv/EfljFv8j88cs/kflj1n8j84fs/gfkz9m8T82f8zif1z+mMX/+Pwxi/8J+WMW/xPzx173Hxg6MPBB9j8pf8yy/k/OH7P4n5I/ZvE/NX/M4n9a/pjF//T8MYv/GfljFv8z88cs/mflj1n8z84fs/ifkz9m8T83f8zif17+mMX//Pwxi/8F+WMW/3/mj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88cs/nfkj1n878wfs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMO/+TfLof/wBgPtBVgFv8H88cs/g/lj1n8H84fs/g/kj9m8X80f8zi/1j+mMX/8fwxi/8T+WMW/yfzxyz+T+WPWfyfzh+z+D+TP2bxfzZ/zOL/XP6Yxf/5/DGL/wv5Yxb/F/PHLP4v5Y9Z/F/OH7P4v5I/JvEfcyB/zOI/KH/M4j84f8ziP1L+mMV/SP6YxX/k/DGL/yj5Yxb/UfPHLP5D88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+mMV/7Pwxi/84+WMW/3Hzxyz+4+WPWfzHzx+z+H8of8zi/+H8MYv/BPljFv+P5I9Z/CfMH7P4T5Q/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvH/ZP6YxX/i/DGL/yT5Yxb/SfPHLP6fyh+z+E+WP2bxnzx/zOI/Rf6YxX/K/DGL/1T5Yxb/T+ePWfynzh+z+H8mf8zi/9n8MYv/5/LHLP6fzx+z+H8hf8zi/8X8MYv/NPljFv9p88cs/tPlj1n8p88fs/jPkD9m8Z8xf8zi/6X8MYv/TPljFv+Z88cs/rPkj1n8Z80fs/h/OX/M4v+V/DGL/1fzxyz+X8sfs/jPlj9m8f96/pjFf/b8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz9m8Z83f8ziP1/+mMV//vwxi/8C+WMW/2/kj1n8v5k/ZvFfMH/M4v+t/DGL/0L5Yxb/b+ePWfy/kz9m8V84f8ziv0j+mMV/0fwxi/9i+WMW/8Xzxyz+S+SPWfy/mz9m8V8yf8zi/738MYv/9/PHLP5L5Y9Z/JfOH7P4L5M/ZvFfNn/M4v+D/DGL/3L5Yxb/5fPHLP4/zB+z+K+QP2bxX9Ho/y4esMV/JaP/u8jiv3L+mMV/lfwxi/+q+WMW/9Xyxyz+P8ofs/ivnj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+P84fs/ivmz9m8V8vf8ziv37+mMX/J/ljFv8N8scs/j/NH7P4b5g/ZvHfKH/M4r9x/pjF/2f5Yxb/n+ePWfw3yR+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvH/Rf6Yxf+X+WMW/+3yxyz+2+ePWfx3yB+z+O+YP2bx/1X+mMX/1/ljFv/f5I9Z/HfKH7P475w/ZvH/bf6Yxf93+WMW/13yxyz+v88fs/jvmj9m8d8tf8ziv3v+mMX/D/ljFv8/5o9Z/PfIH7P475k/ZvHfK3/M4v+n/DGL/5/zxyz+e+ePWfz3yR+z+O+bP2bx/0v+mMX/r/ljFv/98scs/vvnj1n8/5Y/ZvE/IH/M4v/3/DGL/4H5Yxb/f+SPWfwPyh+z+B+cP2bxPyR/zOJ/aP6Yxf+w/DGL/+H5Yxb/I/LHLP5H5o9Z/I/KH7P4H50/ZvE/Jn/M4n9s/pjF/7j8MYv/8fljFv8T8scs/ifmj1n8T8ofs/ifnD9m8T8lf8zif2r+mMX/tPwxi//p+WMW/zPyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP7/zB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvG/Kn/M4n91/pjF/5r8MYv/tfljFv/r8scs/tfnj1n8b8gfs/jfmD9m8b8pf+yD7X/r65eOeXP+2Afb/43GvCV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/9gH1n3KES8e8J3/sA+r/am9e//fmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8sck/mMN5I9Z/Aflj1n8B+ePWfxHyh+z+A/JH7P4j5w/ZvEfJX/M4j9q/pjFf2j+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/bv6YxX+8/DGL//j5Yxb/D+WPWfw/nD9m8Z8gf8zi/5H8MYv/hPljFv+J8scs/h/NH7P4fyx/zOL/8fwxi/8n8scs/p/MH7P4T5w/ZvGfJH/M4j9p/pjF/1P5Yxb/yfLHLP6T549Z/KfIH7P4T5k/ZvGf6h39d/nfH9f7NIv/p1v/mMV/6vwxi/9n8scs/p/NH7P4fy5/zOL/+fwxi/8X8scs/l/MH7P4T5M/ZvGfNn/M4j9d/pjFf/r8MYv/DPljFv8Z88cs/l/KH7P4z5Q/ZvGfOX/M4j9L/thb/IdfNu57PKb/X72N/6z5Y5b1/+X8MYv/V/LHLP5fzR+z+H8tf8ziP1v+mMX/6/ljFv/Z88cs/nPkj1n858wfs/jPlT9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+C+SPWfy/kT9m8f9m/pjFf8H8MYv/t/LHLP4L5Y9Z/L+dP2bx/07+mMV/4fwxi/8i+WMW/0Xzxyz+i+WPWfwXzx+z+C+RP2bx/27+mMV/yfwxi//38scs/t/PH7P4L5U/ZvFfOn/M4r9M/pjFf9n8MYv/D/LHLP7L5Y9Z/JfPH7P4/zB/zOK/Qv6YxX/F/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4r5Y/ZvH/Uf6YxX/1/DGL/xr5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvH/cf6YxX/d/DGL/3r5Yxb/9fPHLP4/yR+z+G+QP2bx/2n+mMV/w/wxi/9G+WMW/43zxyz+P8sfs/j/PH/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/8v8scs/r/MH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/r/LHLP6/zh+z+P8mf8ziv1P+mMV/5/yxD6r/0BH8f5s/9kH1HxjB/3f5Yxb/XfLHLP6/zx+z+O+aP2bx3y1/zOK/e/6Yxf8P+WMW/z/mj1n898gfs/jvmT9m8d8rf8zi/6f8MYv/n/PHLP57549Z/PfJH7P475s/ZvH/S/6Yxf+v+WMW//3yxyz+++ePWfz/lj9m8T8gf8zi//f8MYv/gfljFv9/5I9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/v/MH7P4X5g/ZvG/KH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/54R/Tf/D4/rfZrF/97WP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+L+WMW/5fyxyz+L+ePWfxfyR+T+I89kD9m8R+UP2bxH5w/ZvEfKX/M4j8kf8ziP3L+mMV/lPwxi/+o+WMW/6H5Yxb/0fLHLP6j549Z/MfIH7P4j5k/ZvEfK3/M4j92/pjFf5z8MYv/uPljFv/x8scs/uPnj1n8P5Q/ZvH/cP6YxX+C/DGL/0fyxyz+E+aPWfwnyh+z+H80f8zi/7H8MYv/x/PHLP6fyB+z+H8yf8ziP3H+mMV/kvwxi/+k+WMW/0/lj1n8J8sfs/hPnj9m8Z8if8ziP2X+mMV/qvwxi/+n88cs/lPnj1n8P5M/ZvH/bP6Yxf9z+WMW/8/nj1n8v5A/ZvH/Yv6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/Uv6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/GfLH7P4f13tv9wYb3eNxX92tf/bZ/GfI3/M4j9n/pjFf678MYv/3PljFv958scs/vPmj1n858sfs/jPnz9m8V8gf8zi/438MYv/N/PHLP4L5o9Z/L+VP2bxXyh/zOL/7fwxi/938scs/gvnj1n8F8kfs/gvmj9m8V8sf8ziv3j+mMV/ifwxi/9388cs/kvmj1n8v5c/ZvH/fv6YxX+p/DGL/9L5Yxb/ZfLHLP7L5o9Z/H+QP2bxXy5/zOK/fP6Yxf+H+WMW/xXyxyz+K+aPWfxXyh+z+K+cP2bxXyV/zOK/av6YxX+1/DGL/4/yxyz+q+ePWfzXyB+z+K+ZP2bxXyt/zOK/dv6YxX+d/DGL/4/zxyz+6+aPWfzXyx+z+K+fP2bx/0n+mMV/g/wxi/9P88cs/hvmj1n8N8ofs/hvnD9m8f9Z/gMDA6P92yUW/5/nj1n8N8kfs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx/0X+mMX/l/ljFv/t8scs/tvnj1n8d8gfs/jvmD9m8f9V/pjF/9f5Yxb/3+SPWfx3yh+z+O+cP2bx/23+mMX/d/ljFv9d8scs/r/PH7P475o/ZvHfLX/M4r97/pjF/w/5Yxb/P+aPWfz3yB+z+O+ZP2bx3yt/zOL/p/wxi/+f88cs/nvnj1n898kfs/jvmz9m8f9L/pjF/6/5Yxb//fLHLP77549Z/P+WP2bxPyB/zOL/9/wxi/+B+WMW/3/kj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+/8wfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxif84A/ljFv9B+WMW/8H5Yxb/kfLHLP5D8scs/iPnj1n8R8kfs/iPmj9m8R+aP2bxHy1/zOI/ev6YxX+M/DGL/5j5Yxb/sfLHLP5j549Z/MfJH7P4j5s/ZvH//9i5/3Ct6/qO4ze/yXL2sU1d2nBozLUZiYxGLURF8fjjlIlm/kY9AgkiPyTBFNhopY5Nl7pZsImFY85WLXG4uX6taFjWbI3YWuUU18IYc7DInLHrwDkIZ2/PtfNl36/L9+PxB+fc9/F9pzyvl/ftxXVV9A9l6X+g/qEs/V+lfyhL/5/WP5Sl/8/oH8rS/yD9Q1n6H6x/KEv/Q/QPZen/s/qHsvR/tf6hLP0P1T+Upf9h+oey9H+N/qEs/X9O/1CW/sP0D2Xpf7j+oSz9f17/UJb+w/UPZel/hP6hLP2P1D+Upf9r9Q9l6T9C/1CW/r+gfyhL/6P0D2Xp/4v6h7L0f53+oSz9f0n/UJb+v6x/KEv/o/UPZen/ev1DWfqP1D+Upf8b9A9l6X+M/qEs/UfpH8rS/1j9Q1n6j9Y/lKX/r+gfytJ/jP6hLP3fqH8oS/9f1T+Upf9Y/UNZ+r9J/1CW/m/WP5Sl/6/pH8rS/y36h7L0H6d/KEv/4/QPZek/Xv9Qlv7H6x/K0v8E/UNZ+p+ofyhL/wn6h7L0P0n/UJb+J+sfytJ/ov6hLP1P0T+UpX+b/qEs/U/VP5Sl/2n6h7L0P13/UJb+Z+gfytK/Xf9Qlv5v1T+Upf/b9A9l6X+m/qEs/d+ufyhL/7P0D2XpP0n/UJb+Z+sfytL/HP1DWfq/Q/9Qlv7n6h/K0v+d+oey9D9P/1CW/ufrH8rS/wL9Q1n6X6h/KEv/i/QPZel/sf6hLP0v0T+Upf9k/UNZ+l+qfyhL/8v0D2Xpf7n+oSz9O/QPZel/hf6hLP2n6B/K0n+q/qEs/afpH8rS/136h7L0v1L/UJb+0/UPZek/Q/9Qlv5X6R/K0n+m/qEs/a/WP5Sl/yz9Q1n6z9Y/lKX/HP1DWfrP1T+Upf81+oey9J+nfyhL/3frH8rS/1r9Q1n6z9c/lKX/Av1DWfpfp38oS//36B/K0v96/UNZ+t+gfyhL/4X6h7L0X6R/KEv/xfqHsvT/df1DWfr/hv6hLP2X6B/K0v+9+oey9P9N/UNZ+r9P/1CW/u/XP5Sl/436h7L0v0n/UJb+N+sfytL/t/QPZem/VP9Qlv6/rX8oS//f0T+Upf8t+oey9L9V/1CW/r+rfyhL/w/oH8rS/zb9Q1n6365/KEv/O/QPZen/e/qHsvT/ff1DWfrfqX8oS/8P6h/K0v9D+oey9F+mfyhL/+X6h7L0/wP9Q1n6/6H+oSz979I/lKX/Cv1DWfrfrX8oS/8P6x/K0v8j+oey9F+pfyhL/3v0D2Xp/0f6h7L0X6V/KEv/P9Y/lKX/vfqHsvT/E/1DWfrfp38oS/+P6h/K0v9P9Q9l6f8x/UNZ+n9c/1CW/p/QP5Sl/5/pH8rS/5P6h7L0v1//UJb+q/UPZen/gP6hLP3/XP9Qlv5r9A9l6f+g/qEs/f9C/1CW/n+pfyhL/4f0D2Xp/1f6h7L0/5T+oSz9P61/KEv/z+gfytL/s/qHsvT/nP6hLP3/Wv9Qlv6f1z+Upf8X9A9l6b9W/1CW/l/UP5Sl/9/oH8rSf53+oSz9H9Y/lKX/l/QPZen/Zf1DWfo/on8oS/+v6B/K0v+r+oey9P9b/UNZ+j+qfyhL/6/pH8rS/+/0D2Xp/3X9Q1n6/73+oSz91+sfytL/G/qHsvTfoH8oS/9/0D+Upf8/6h/K0v+b+oey9P8n/UNZ+n9L/1CW/t/WP5Sl/3f0D2Xp/5j+oSz9/1n/UJb+j+sf6uo/YGCr9ZLu/4T+oSz736h/KEv/J/UPZen/L/qHsvT/rv6hLP3/Vf9Qlv7f0z+Upf8m/UNZ+j+lfyhL/+/rH8rSf7P+oSz9/03/UJb+W/QPZen/7/qHsvR/Wv9Qlv7/oX8oS/+t+oey9N+mfyhL///UP5Sl/w/0D2Xpv13/UJb+P9Q/lKX/M/qHsvT/kf6hLP2f1T+Upf9/6R/K0v85/UNZ+v9Y/1CW/jv0DyXp/8qW/qEs/fvpH8rSv7/+oSz9B+gfytJ/oP6hLP0H6R/K0n+w/qEs/YfoH8rSf6j+oSz9X6Z/KEv//fQPZen/cv1DWfq/Qv9Qlv776x/K0v+n9A9l6X+A/qGXXH8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/b+bMX3Dl5OnTO2b7xje+8c3ub17sfzMBAAD/157/0P9i/50AAAAAAAAAAAAAAAAAAABAXk3834m92P+MAAAAAAAAAAAAAADwk66t/fjNA/rt9dSAPR+85pGOnV9Hbz936sqVD5Tur10/Pi14yf57PtixY8eO5U+Pm9D1cEir1er8X3tl1+OhPY87X3/RsGWH7HpUxn/+jscumrT/6bNX3zrwG8tvbn9q0M5nB7UuuWLa9I439G+1yomDWtd2PjimX6tVTh7UuqXzwajOBxMHtVZ1Pjh254OXtT7T+eD1l82cfnnnE6dU/j2Dl4q29kWtAXsttrXXvw323P+iYY9P7f7ay0t2v9rAVtf+h6/+0sE9ftbtBfbf/frl+J777/M/IPCC+rb/ZzZ0f+3lJf/H+/+H121fEP3shfff/frlBPuH+gSf//faaM/P/T0+/x8evOTu++OGrrutc/9tZ997WNdTA/83n/+ff/1yYs/999/r83/n5/gJ3Z//h7Ra5aR9/O2AVNraF2/u7f2/9/0PfHWPm3577v/ur2x8Ref+73m2taTrqUF93P+E3t7/b+zx9wr0TVv7ih093v/7sP/WiOAld+9/0+r9d37+33jfZQft8bO+7P+knvsfOXfG1SPnzF9w9LQZk6d0TOm4auyoMceMHjt2zJiROz8R7Pp1H39TIIl9e/9v7dfjpl+r1bH7fu29N0/o3P+WB5d8pOupoX3c/8m9vv8f7v0fQsP7twYPbl07ee7c2cfs+rX74ahdv+76y4L99+G//484qusv6/4zw36t1iG770dcNHZI5/6vm1XWdD01uI/7n9jr/sfv/WeVQN/s4/v/5T1u9tr/cZtumNe5/yN/cODGrqf6+t//p/S6/7u8/8O+aGtv1fom2rn/Y4csPrXadWnz539Qnyb2P2zrLduqXZdT7R/q08T+Jy1986XVrstp9g/1aWL/D8y4eGm163K6/UN9mtj/c6/admi163KG/UN9mtj/o999cmW169Ju/1CfJvb/wTvbj612Xd5q/1CfJvZ/9DU/HFfturzN/qE+Tez/ipeftaradTnT/qE+Tez/1B0nHFTturzd/qE+Tey/3+LvLap2Xc6yf6hPE/t/YvLSmdWuyyT7h/o0sf9Vw0Y8U+26nG3/UJ8m9r/kqTdOrHZdzrF/qE8T+//q7cserXZd3mH/UJ8m9v+JCw5cVu26nGv/UJ8m9v+j4Q/uV+26vNP+oT5N7H/9+lX3V7su59k/1KeJ/S9fNWB4tetyvv1DfZrY/8JTpjxS7bpcYP9Qnyb2P3rMl8+vdl0utH+oTxP7P+Rz33qy2nW5yP6hPk3s/6yH5s2pdl0utn+oTxP7n3fox39c7bpcYv9Qnyb2/5aOQ6dWuy6T7R/q08T+y637ra92XS61f6hPE/s/b8uK8dWuy2X2D/VpYv9rDvjCx6pdl8vtH+rTxP63zrpqbLXr0mH/UJ8m9v+d9y58X7XrcoX9Q32a2P9tz369VLsuU+wf6tPE/jeNOu+Catdlqv1DfZrY/4rTn3642nWZZv9Qnyb2v3TNY3OrXZd32T/Up4n9r1172uPVrsuV9g/1aWL/R44YuX+16zLd/qE+Tex/5rlLPlTtusywf6hPE/s/8b7bX1vtulxl/1CfJvY/9GvjPlntusy0f6hPE/v/9Lj3f6radbna/qE+Tex/2/gjjqp2XWbZP9Snif1vuH/UHdWuy2z7h/o0sf8PPHxnxesyx/6hPk3sf9brnttS7brMtX+oTxP7f9Okc+ZXuy7X2D/Up4n9H3TXxC9Wuy7z7B/q08T+L/z298+sdl3ebf9Qnyb2f8TBlx5W7bpca/9Qnyb2P3XaupuqXZf59g/1aWL/E5ZvGF3tuiywf6hPE/s/4Ik5d1e7LtfZP9Snif1vHnDwGdWuy3vsH+rTxP7vuf6hb1a7LtfbP9Snif3fdONHO6pdlxvsH+rTxP4/u33w1mrXZaH9AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/80OHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADxwIAAAAAwvytg+jdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgKAAA//+93Olf")
openat(0xffffffffffffff9c, &(0x7f0000001180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x42, 0x1)

1.364668282s ago: executing program 3 (id=1516):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f00000000c0)={0x1, 0x9394})

1.196391163s ago: executing program 3 (id=1518):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000f80)={[{@grpquota}, {}, {@nombcache}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@noauto_da_alloc}]}, 0xfe, 0x54c, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec+9Nzz0593t6Tk5CAhhaE9mPQsSrEfFtEnG47dho5Acn1s5bfXh9NtuSaDQ++yuJJN/XOj/Jfx/MM69ExG9fR5wsbCy3tryyUCqX08U8P1mvXJmsLa+culQpzafz6eXpmZkz78xMv//eu32r65vn//nh07sfnfnm+Or3v9w/cjuJs3EoP9Zejx240Z6ZiIn8ORmLs0+cONWHwgZJstsXwLaM5HE+FlkfcDhG8qgH/v++iogGMKQS8Q9DqjUOaM3t+zQPfmE8+HBtArSx/qNrr43Evubc6MBq8tjMKJvvjveh/KyMX/+8czvbon+vQwBs6cbNiDg9Orqx/0vy/m/7TvdwzpNl6P/g+bmbjX/e6jT+KayPf6LD+Odgh9jdjq3jv3C/D8V0lY3/Pug4/l1ftBofyXMvNcd8Y8nFS+U069tejogTMbY3y2+2nnNm9V6j27H28V+2ZeW3xoL5ddwf3fv4Y+ZK9dJO6tzuwc2I1zqOf5P19k86tH/2fJzvsYxj6Z3Xux3buv7PVuPniDc6tv+jFa1k8/XJyeb9MNm6Kzb6+9ax37uVv9v1z9r/wOb1H0/a12trT1/GT/v+Tbsd2+79vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr/Kz+J45v3v91uv/3R8QXPdb/1tFbXU8dhPafe6r2f/rEvY+//LFb+b21/9vN1Il8Ty/9X68XuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G5XHgAAAAAAAAAAAAAAAAAAAAbEwS6f/8/8MbLbVwc8c77yG4bXlvHfj296AgaS//8wvMQ/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/AMAAAAAAAAAAAAAAAAAAAAAAAAAAEBfnT93Ltsaqw+vz2b5uavLSwvVq6fm0tpCsbI0W5ytLl4pzler8+W0OFutbPX3ytXqlanpWLo2WU9r9cna8sqFSnXpcv3CpUppPr2Qjj2XWgEAAAAAAAAAAAAAAAAAAMCLpba8slAql9NFCYltJUYH4zIk+pzY7Z4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB75LwAA///MUDi3")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1)
openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x84800, 0x0)
unlink(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1.172687463s ago: executing program 4 (id=1519):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="3400000011000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000014001a80100005800c000680"], 0x34}}, 0x0)

993.237934ms ago: executing program 4 (id=1520):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r2, @ANYBLOB="08002600940900000800b700"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

964.778644ms ago: executing program 0 (id=1521):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000280)=0x14)
syz_read_part_table(0x1061, &(0x7f0000001080)="$eJzsz71tAlEQBOA5n33nwJJdgku5yB24GSemCiogogdEA8SUgYRIkRZx/HUABN+XPI3erFYbHquZzqqqfhan+LfKe30m2TbXypj7oW2PYZLxSZf+/N0lr8m+Km+3kSH1kl2+kmZstJd135ssP1L1n6zzO7/bnQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxA4BAAD//0yNF/Y=")
read(r0, &(0x7f00000019c0)=""/4097, 0x1001)

963.726634ms ago: executing program 4 (id=1523):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x50, r1, 0x1, 0x20000002, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98a}], @key_params=[@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}], @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @key_params=[@NL80211_ATTR_KEY={0xc, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5, 0x2, 0x9}]}]]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

896.425824ms ago: executing program 4 (id=1524):
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x0, 0x0, 0x5})
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})

896.070024ms ago: executing program 5 (id=1525):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in=@remote, 0x4e22, 0xeb, 0x4e20, 0x1, 0xa, 0x80, 0x120, 0x73}, {0x5, 0x9, 0x0, 0xeb, 0x70000, 0x5, 0x4, 0x3}, {0x8, 0x7, 0x80000001, 0x400}, 0x6, 0x0, 0x0, 0x1, 0x2, 0x3}, {{@in=@rand_addr=0x64010101, 0x4d5, 0x33}, 0x2, @in=@private=0xa010102, 0x3502, 0x4, 0x2, 0x1, 0x201, 0x9, 0xb03}}, 0xe8)
syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0)

895.847195ms ago: executing program 4 (id=1526):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000240)='./file0\x00', 0x8c0, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x4431, &(0x7f00000088c0)="$eJzs3b9PHFceAPA3Az6Dz/ZhnwufdNKtdJbudHdC4OoSLAVjbAw2ceTELtKsF1jbJAtrwRKlcEE6S6kipYhSWImUjspCSu38CWlSOrWlpEgTKZIVop2dxcywGzaEhdj6fIod5v2G78zbN8Xw4lTt7vxyYX65UFosVGdvL58tvFetrCyUQ7xPWvZ/aP/6pzPduE5+rc0v92zktHLtwqU3b54N4au5b55ubGxshLre0NLwlp9//OH+7NZjU5yrU2+3dWt75e0Qwqlt46rrCSH0hRCiEML5NG0sPfaHEI6leTfvf3irsEejefSkfK74bPrB+siZqbWH6+1/9yiETyt/+9+dhe/+2TPy7X/2qHsAAAAAAAAAAAAAAAAAAF5wE9ev3XhjaDg8jkLvWrT9fd2J9Nju/diNPfOP7v+yAAAAAAAAAAAAAAAAAAAA8Af1/P3/QnSyxfv/4+lxtE39jde6P0a6Z/L1a+MXh4bT/d+jbfn/T5O+P98TTrTY9z2///v5XP3W+79v72e3muNr9jsQongwcx7Hg4MhfJ5u/H46OhJXqsu1/96urizO7dkwXljZ+Dd2789EJ93Qv8P4x2O59ru///9ft11N9fNbe3eJvdSy8e9pW+6LD6KO7v8LuXr7EX92Lxv/3iStf2uB0cYEUI//R707x38813634n88hFCI6mMtZGaA+hqmnt5uvUJWNv6HkrTM1Jn+Idvd/z/l4n8x1/5Bzf+r+S8iWsrG/09JWl+mxOHkM4l/vPP9fynX/kHEvz7+Vd//HcnGvxHr0JspkvwlO53/J3Ltt43/4d837htxOs7jUeYKWIsa6e3+Xx1Z2fj3bct//vwXd7T+u5yrv1/Pf81+m89/zen/31Hj+Y/WsvHvb1uu0/t/Mlev2/P/aLL+Y7ey8T+SpGXXzgPJZ6fxn8q13634J08lfc34P59Pfj7cSP/M+q8j2fj/uZEYby2xmnwm679o5/X/lVz7B7H+q49/Ne5ury+LbPyPti1Xj//XHXz/X83V6378Qxiy1t+1bPyPtS2X3P99O8d/Olev2/H/VzcbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgBjKXHgRDFg5nzOB4cDOFCen46HIlmSnPFmUp19t3lEMbT9EI4Gd2pVGdKleL8YnWuXCxVKtXZEC6m+adCX7RcqdaKC6V7lzbb6o/ulktLtZlyqRZCmEjT/x6ONduama8tlO6FEC5v5v0lri7du1taLM7NL706NDQ0FCY3x3AiKr9fKy/WGr03ckOY2qw7EG0ZXJJ9ZXMsR6N3qitLi6VKkn51S51KdbZU2VJnOs37OJyIaksri7OlWrlYqd5p9neQRtPj+OT1t65fHd6WfytqHMf2d1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/EaPR175JITQ2ziLQwijzR+iVuUfPSmfKz6bfrA+cmZq7eH603blAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgF3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8eoCQRRGIDfTIokXY6Rakm6tBsCISmyQfAEegwPo0fxEt7BwsLWQgTZRV13YRutvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCY71E1/n97j0jxtH+MWE5X6/P8t67zz+77D3eYkdv5+au+Tn+YrvKP+mhT5mO6284m0VEbi9aetPfpss9z71x9+9Y3X9P3JVIuIqKs89eUc1EMewsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgwA4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/AgAA////gRtE")
r0 = open(&(0x7f0000000300)='./file0\x00', 0x145cfe, 0x29)
ioctl$SIOCX25GCALLUSERDATA(r0, 0x89e4, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dd7b)

764.211165ms ago: executing program 3 (id=1527):
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

506.638057ms ago: executing program 0 (id=1528):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x17, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000017000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

500.623797ms ago: executing program 1 (id=1529):
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000005c0)={[{@session={'session', 0x3d, 0x4}}, {@check_strict}, {@check_strict}, {@session={'session', 0x3d, 0x48}}, {@dmode={'dmode', 0x3d, 0x4}}, {@map_acorn}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'iso8859-7'}}, {@map_off}, {@nocompress}, {@mode}, {@hide}, {@nojoliet}, {@dmode={'dmode', 0x3d, 0x40}}]}, 0x0, 0x3f1, &(0x7f0000000840)="$eJzs3M9OG0ccwPFZYlJKJVQpaiCEw6RpJXqIs7sUIyun7XpsJlnvrmbWEZyqqECECqQqqVS4VFzSVmofIte+QS99o6h9A6rdNZQ/BlP+GUXfj4Rm7P3NzG9W1oxsNCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBwwobreo6IdNxZkCcLGyZp97rw+UZR7PX36aHilHGFcPI/MTIiJsq3Ju78d/mTspPx8tW4GMmLEbH90d2Pn9ypDO21PyXha7G5tf3qzzLHM8VX/tktXHli16SlYm0T3Q5aSmqbyHqt5j6eb1rZ1JGyizZTbRkaFWSJkdPhF9Kr12ekqi4mnbjVCCK19+bcI991a/JpNVWBsUn8+GnVhvM6inTcKmLyy3nMXP5BfKYzmamgLeXK6tryTL8k8yDvLEF+vyDf9X3P832vNlufnXPdiu/68tAb7hHiWJPBf2gxWJe5fAMXstvd/wEAAAAAwPvLKX5jz7//Dxe/wzuiqSPlDjotAAAAAABwiYr//I/nxXBemxAO3/8BAAAAAHjf/HLwjN2Hvc7Y2fQD56+/hTHDzk668JmzHuThwbqoFO1uHe0xa046Y91OiqJW6b4K1ZRzrwy6txf9rlus9Dvr5xxLoDvy0QTKE3a7P/VIQPwmJsugyaWyXNq7Uo4y2tSRqoZJ9MQTQTA2lKmF7IeN1R9FMf1f4/aYI1ZW15ar37xaWypy2cl72VnvHqA4do7i5JshXu+fe+w94+Hih5juuKPluO7B+Q+VzYf+x5hvxP0y5v5oWY4env9IPqZXPWn23Sy8C878jZgqY6amH+bFw+keWfj9svAPZnGue3GGLGb6ZTFzwSwAYFBW+uxCzvGN/xyr3OXt7qev6A/KmAeTxcJameyxorv9VnT3grvbH8eegXDSHpuP+3vcrt4WYn9XfZs3eHviuDbynfwW3nq9/p24u7m1/Wh1/cXL5ZfLG74/U3O/dN1ZXwwX0+gW7D0AgB6UeeeMZj87xuj0a69e94JsXkmThM+k0Y2WkjrOlAnng7ilZGqSLAmTKK881w1lpe2kaWIy2UyMTBOrF4onv8juo1+sagdxpkObRiqwSoZJnAVhJhvahjLtfBVpO69M0dimKtRNHQaZTmJpk44JVVVKq9SBQN1QcaabOq/GMjW6HZhF+TyJOm0lG8qGRqdZkk/L7I+l42Zi2kW31UHfbAAAbojNre1vX6ytLX9/hZVBzxEAABzGLg0AAAAAAAAAAAAAAAAAAAAAwM13Hef/LrfiCCFuQBpUqFx25fZ5P9i7V5DPoFcmAFft3wAAAP//0uSrPQ==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x1d4)
getdents64(r0, 0xfffffffffffffffe, 0xffffffffffffff15)

328.284218ms ago: executing program 0 (id=1530):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)={0x54, 0xb, 0x6, 0x301, 0x0, 0x0, {0x5, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e24}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x10}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x4800}, 0x4800)

285.626808ms ago: executing program 0 (id=1531):
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r0 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x8a73, 0x800, 0x2, 0x800001b7}, &(0x7f0000000300)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/15, 0xf}], 0x1})
io_uring_enter(r0, 0x47ba, 0x3000000, 0x0, 0x0, 0x0)

239.232179ms ago: executing program 5 (id=1532):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x54}}, 0x24000000)
sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0xf3965d25fe304a6d, 0x0, 0x0, {0xa, 0x0, 0x7}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x3c}, 0x1, 0x0, 0x0, 0x48082}, 0x48010)

195.624449ms ago: executing program 1 (id=1533):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000100)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000000)=ANY=[@ANYBLOB='b 75:*\tr\nr'], 0xa)

124.486799ms ago: executing program 0 (id=1534):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f00000001c0)='cgroup.max.descendants\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x9)

124.058369ms ago: executing program 5 (id=1535):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/204, 0xcc)

67.884979ms ago: executing program 1 (id=1536):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 0 (id=1537):
r0 = socket$nl_route(0x10, 0x3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
recvmmsg(r0, &(0x7f0000003400)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x10100, &(0x7f00000022c0)={0x0, 0x989680})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="48000000100001"], 0x48}}, 0x0)

kernel console output (not intermixed with test programs):

SB to Serial Driver converter now disconnected from ttyUSB1
[  110.337565][    T7] quatech2 5-1:0.51: device disconnected
[  110.986847][ T6031] loop3: detected capacity change from 0 to 128
[  111.177939][ T6031] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  111.261906][ T6031] ext4 filesystem being mounted at /148/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  111.263394][ T6025] loop0: detected capacity change from 0 to 32768
[  111.420146][ T6025] XFS (loop0): Mounting V5 Filesystem
[  111.536991][ T6025] XFS (loop0): Ending clean mount
[  111.580661][ T6025] XFS (loop0): Quotacheck needed: Please wait.
[  111.628943][ T6026] loop1: detected capacity change from 0 to 32768
[  111.638021][ T6025] XFS (loop0): Quotacheck: Done.
[  111.739480][ T4184] XFS (loop0): Unmounting Filesystem
[  111.755909][ T6026] XFS (loop1): Mounting V5 Filesystem
[  111.850327][ T4241] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  111.917232][ T6026] XFS (loop1): Ending clean mount
[  111.945271][ T6068] loop4: detected capacity change from 0 to 1024
[  111.994137][ T4182] XFS (loop1): Unmounting Filesystem
[  112.022728][ T6068] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  112.251160][ T4241] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.280088][ T4241] usb 3-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  112.303515][ T4241] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.345596][ T4241] usb 3-1: config 0 descriptor??
[  112.841255][ T4241] hid-picolcd 0003:04D8:C002.0007: unknown main item tag 0xe
[  112.848646][ T4241] hid-picolcd 0003:04D8:C002.0007: unknown main item tag 0x0
[  112.856132][ T4241] hid-picolcd 0003:04D8:C002.0007: unbalanced collection at end of report description
[  112.865975][ T4241] hid-picolcd 0003:04D8:C002.0007: device report parse failed
[  112.873496][ T4241] hid-picolcd: probe of 0003:04D8:C002.0007 failed with error -22
[  113.059800][ T5837] usb 3-1: USB disconnect, device number 11
[  113.706774][ T6104] netlink: 8 bytes leftover after parsing attributes in process `syz.3.650'.
[  113.728604][ T6104] device syz_tun entered promiscuous mode
[  114.005677][ T5837] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  114.142059][ T6099] loop2: detected capacity change from 0 to 32768
[  114.156417][ T4453] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  114.256307][ T6099] XFS (loop2): Mounting V5 Filesystem
[  114.261897][ T5837] usb 2-1: Using ep0 maxpacket: 8
[  114.368936][ T6099] XFS (loop2): Ending clean mount
[  114.406606][ T6099] XFS (loop2): Quotacheck needed: Please wait.
[  114.420189][ T5837] usb 2-1: unable to get BOS descriptor or descriptor too short
[  114.440365][ T4453] usb 5-1: Using ep0 maxpacket: 8
[  114.500239][ T5837] usb 2-1: config 4 interface 0 has no altsetting 0
[  114.524066][ T6099] XFS (loop2): Quotacheck: Done.
[  114.530122][ T6138] loop0: detected capacity change from 0 to 1024
[  114.584418][ T4453] usb 5-1: unable to get BOS descriptor or descriptor too short
[  114.595813][ T4453] usb 5-1: too many configurations: 73, using maximum allowed: 8
[  114.605244][ T4193] XFS (loop2): Unmounting Filesystem
[  114.680592][ T4453] usb 5-1: unable to read config index 0 descriptor/start: -71
[  114.690161][ T4453] usb 5-1: can't read configurations, error -71
[  114.699950][ T5683] hfsplus: b-tree write err: -5, ino 4
[  114.742774][ T5837] usb 2-1: string descriptor 0 read error: -22
[  114.748947][ T5837] usb 2-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  114.758305][ T5837] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[  114.813258][ T5837] usb 2-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  114.850174][ T4241] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  114.860820][ T5837] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  114.885840][ T5837] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  114.893610][ T5837] usb 2-1: media controller created
[  114.928144][ T5837] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  115.120034][ T4241] usb 4-1: Using ep0 maxpacket: 8
[  115.149772][ T6159] netlink: 8 bytes leftover after parsing attributes in process `syz.4.673'.
[  115.270121][ T4241] usb 4-1: config index 0 descriptor too short (expected 30, got 18)
[  115.381873][ T6168] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.460326][ T4241] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  115.476939][ T4241] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.495340][ T4241] usb 4-1: Product: syz
[  115.499514][ T4241] usb 4-1: Manufacturer: syz
[  115.509499][ T4241] usb 4-1: SerialNumber: syz
[  115.537930][ T4241] usb 4-1: config 0 descriptor??
[  115.601882][ T4241] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  115.619571][ T4241] usb 4-1: setting power ON
[  115.633506][ T4241] dvb-usb: bulk message failed: -22 (2/0)
[  115.658615][ T4241] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  115.673040][ T6183] loop0: detected capacity change from 0 to 256
[  115.700332][ T4241] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  115.708782][ T4241] usb 4-1: media controller created
[  115.724543][ T6185] loop4: detected capacity change from 0 to 256
[  115.735829][ T6183] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  115.742631][ T4241] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  115.796169][ T6185] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0x2f9e4978, utbl_chksum : 0xe619d30d)
[  115.822178][ T4241] usb 4-1: selecting invalid altsetting 6
[  115.836499][ T4241] usb 4-1: digital interface selection failed (-22)
[  115.850813][ T4241] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  116.020733][ T5837] zl10353_read_register: readreg error (reg=127, ret==0)
[  116.028303][ T6105] usb 2-1: dvb_usb_au6610: wlen=0, aborting
[  116.074187][ T6144] usb 2-1: dvb_usb_au6610: wlen=84, aborting
[  116.095528][ T5837] usb 2-1: USB disconnect, device number 6
[  116.464376][ T6187] loop2: detected capacity change from 0 to 131072
[  116.508698][ T6187] F2FS-fs (loop2): Invalid segment/section count (31, 24 x 150994945)
[  116.516944][ T6187] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  116.527123][ T4241] usb 4-1: setting power OFF
[  116.532668][ T6187] F2FS-fs (loop2): invalid crc value
[  116.548391][ T4241] dvb-usb: bulk message failed: -22 (2/0)
[  116.572412][ T4241] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  116.624573][ T6192] loop4: detected capacity change from 0 to 512
[  116.644521][ T4241] (NULL device *): no alternate interface
[  116.649141][ T6187] F2FS-fs (loop2): Found nat_bits in checkpoint
[  116.696456][ T6187] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2
[  116.748056][ T6187] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  116.755126][ T6187] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  116.775435][ T6187] F2FS-fs (loop2): sanity_check_inode: corrupted inode footer i_ino=8, ino,nid: [10986248, 8] run fsck to fix.
[  116.789532][ T6199] loop3: detected capacity change from 0 to 1024
[  116.811171][ T4241] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  116.818133][ T6192] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.688: inode #1: comm syz.4.688: iget: illegal inode #
[  116.886269][ T6192] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.688: error while reading EA inode 1 err=-117
[  116.910300][ T4241] usb 4-1: USB disconnect, device number 7
[  116.966045][ T6199] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  116.977582][ T6199] ext4 filesystem being mounted at /169/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.995719][ T6192] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2826: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  117.096430][ T6192] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.688: inode #1: comm syz.4.688: iget: illegal inode #
[  117.188633][ T6192] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.688: error while reading EA inode 1 err=-117
[  117.230692][ T6192] EXT4-fs (loop4): 1 orphan inode deleted
[  117.256748][ T6192] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000003,norecovery,noinit_itable,init_itable=0x0000000000000001,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,errors=continue,dioread_lock,noblock_validity,noquota,,errors=continue. Quota mode: none.
[  117.567820][ T6190] loop0: detected capacity change from 0 to 32768
[  117.643636][ T6190] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.687 (6190)
[  117.717007][ T6190] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  117.767154][ T6190] BTRFS info (device loop0): using free space tree
[  117.800128][ T6190] BTRFS info (device loop0): has skinny extents
[  117.896882][ T6205] loop3: detected capacity change from 0 to 32768
[  118.049498][ T6207] loop2: detected capacity change from 0 to 32768
[  118.082059][ T6205] XFS (loop3): Mounting V5 Filesystem
[  118.118444][ T6190] BTRFS info (device loop0): enabling ssd optimizations
[  118.201124][ T6207] XFS (loop2): Mounting V5 Filesystem
[  118.208831][ T6205] XFS (loop3): Ending clean mount
[  118.287130][ T6205] XFS (loop3): Quotacheck needed: Please wait.
[  118.300090][ T5837] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  118.381588][ T6207] XFS (loop2): Ending clean mount
[  118.407258][ T6205] XFS (loop3): Quotacheck: Done.
[  118.466784][ T4183] XFS (loop3): Unmounting Filesystem
[  118.543059][ T4193] XFS (loop2): Unmounting Filesystem
[  118.555875][ T5837] usb 5-1: Using ep0 maxpacket: 32
[  118.680119][ T5837] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  118.688544][ T5837] usb 5-1: config 0 has no interface number 0
[  118.833983][ T4290] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  118.870373][ T5837] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  118.889626][ T5837] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.909836][ T5837] usb 5-1: Product: syz
[  118.914263][ T5837] usb 5-1: Manufacturer: syz
[  118.919059][ T5837] usb 5-1: SerialNumber: syz
[  118.932121][ T5837] usb 5-1: config 0 descriptor??
[  118.985202][ T5837] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  119.041587][ T6266] loop3: detected capacity change from 0 to 512
[  119.095498][ T6266] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  119.108729][ T6266] EXT4-fs (loop3): Test dummy encryption mode enabled
[  119.115777][ T4290] usb 2-1: Using ep0 maxpacket: 8
[  119.149844][ T6266] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  119.158954][ T6274] loop2: detected capacity change from 0 to 128
[  119.165663][ T6266] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  119.191787][ T5837] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  119.210714][ T6266] EXT4-fs (loop3): 1 truncate cleaned up
[  119.239329][ T5837] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  119.240738][ T4290] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  119.257033][ T6266] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,abort,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none.
[  119.274616][ T4290] usb 2-1: config 179 has no interface number 0
[  119.306288][ T4290] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  119.324253][ T4290] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  119.339190][ T4290] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  119.350482][ T4290] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  119.376379][ T4290] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  119.393169][ T4290] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  119.402506][ T4290] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.445642][ T6258] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  119.600072][ T4993] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  119.624126][    T7] usb 5-1: USB disconnect, device number 10
[  119.630099][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  119.652480][    T7] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  119.680458][    T7] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  119.700536][    T7] quatech2 5-1:0.51: device disconnected
[  119.748908][ T4290] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input15
[  119.840046][ T4993] usb 1-1: Using ep0 maxpacket: 32
[  119.937143][ T4290] usb 2-1: USB disconnect, device number 7
[  119.943302][    C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  119.943339][    C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  119.960244][ T4993] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[  119.966884][ T6290] loop3: detected capacity change from 0 to 4096
[  119.968973][ T4993] usb 1-1: config 0 has no interface number 0
[  119.980591][ T4290] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  120.042415][ T6290] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
[  120.140242][ T4993] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  120.152184][ T4993] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.164797][ T4993] usb 1-1: Product: syz
[  120.168970][ T4993] usb 1-1: Manufacturer: syz
[  120.173871][ T4993] usb 1-1: SerialNumber: syz
[  120.180564][ T4993] usb 1-1: config 0 descriptor??
[  120.188078][ T4183] ntfs3: loop3: ntfs_sync_fs r=1a failed, -22.
[  120.199136][ T4183] ntfs3: loop3: ntfs_evict_inode r=1a failed, -22.
[  120.206492][ T4183] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  120.221217][ T4993] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  120.433161][ T4993] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  120.458659][ T4993] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  120.490116][ T5311] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  120.590363][ T4290] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  120.651037][ T6310] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  120.852113][ T4993] usb 1-1: USB disconnect, device number 7
[  120.860102][ T4290] usb 4-1: Using ep0 maxpacket: 8
[  120.870032][    C0] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -108
[  120.879907][ T4993] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  120.899740][ T4993] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  120.916753][ T4993] quatech2 1-1:0.51: device disconnected
[  120.920799][ T5311] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  120.945302][ T5311] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  120.965499][ T5311] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[  120.975603][ T5311] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.000185][ T4290] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  121.011162][ T5311] usb 5-1: config 0 descriptor??
[  121.016226][ T4290] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  121.025327][ T4290] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.041374][ T4290] usb 4-1: config 0 descriptor??
[  121.160103][ T4241] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  121.301558][ T4290] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  121.420152][ T4993] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  121.503030][ T5311] lua 0003:1E7D:2C2E.0008: unbalanced collection at end of report description
[  121.528165][ T5311] lua 0003:1E7D:2C2E.0008: parse failed
[  121.541459][ T5311] lua: probe of 0003:1E7D:2C2E.0008 failed with error -22
[  121.558183][ T5311] usb 4-1: USB disconnect, device number 8
[  121.570340][ T4241] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  121.587818][ T4241] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  121.608699][ T6340] loop0: detected capacity change from 0 to 512
[  121.660056][ T4993] usb 3-1: Using ep0 maxpacket: 8
[  121.682815][ T6340] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  121.693407][ T4241] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  121.706875][ T4241] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  121.717277][ T5837] usb 5-1: USB disconnect, device number 11
[  121.729372][ T4241] usb 2-1: SerialNumber: syz
[  121.736408][ T6340] EXT4-fs (loop0): 1 orphan inode deleted
[  121.755542][ T6340] EXT4-fs (loop0): 1 truncate cleaned up
[  121.763777][ T6340] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,max_dir_size_kb=0x0000000000000004,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,jqfmt=vfsold,noload,data_err=ignore,init_itable,debug_want_extra_isize=0x0000000000000006. Quota mode: none.
[  121.780113][ T4993] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  121.792372][    C1] vkms_vblank_simulate: vblank timer overrun
[  121.807269][ T4993] usb 3-1: config 179 has no interface number 0
[  121.813591][ T4993] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  121.824655][ T4993] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  121.832086][ T6340] EXT4-fs error (device loop0): ext4_lookup:1858: inode #15: comm syz.0.735: iget: bad extra_isize 46 (inode size 256)
[  121.835982][ T4993] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  121.859740][ T4993] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  121.861529][ T6340] EXT4-fs (loop0): Remounting filesystem read-only
[  121.871188][ T4993] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  121.871236][ T4993] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  121.871260][ T4993] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.890387][ T6326] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[  122.051726][ T4241] usb 2-1: 0:2 : does not exist
[  122.064336][ T4241] usb 2-1: USB disconnect, device number 8
[  122.191418][ T4993] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input16
[  122.281357][ T4176] udevd[4176]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  122.389899][ T4993] usb 3-1: USB disconnect, device number 12
[  122.395944][    C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  122.395978][    C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  122.412935][ T5837] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  122.430996][ T4993] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  122.671830][ T5837] usb 4-1: Using ep0 maxpacket: 32
[  122.693344][ T6364] loop4: detected capacity change from 0 to 512
[  122.698922][ T6366] bridge: RTM_NEWNEIGH with invalid state 0x20
[  122.740212][ T6364] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  122.779773][ T6364] EXT4-fs (loop4): orphan cleanup on readonly fs
[  122.791678][ T5837] usb 4-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  122.811094][ T5837] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.819812][ T6364] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.745: iget: bad i_size value: 360287970189639680
[  122.836965][ T5837] usb 4-1: config 0 descriptor??
[  122.846524][ T6364] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.745: couldn't read orphan inode 15 (err -117)
[  122.858998][ T6364] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrquota,barrier,nogrpid,max_dir_size_kb=0x0000000000001000,,errors=continue. Quota mode: writeback.
[  122.893752][ T5837] gspca_main: sq930x-2.14.0 probing 041e:403c
[  122.995546][ T6375] loop2: detected capacity change from 0 to 64
[  123.168247][ T6384] netlink: 23 bytes leftover after parsing attributes in process `syz.1.753'.
[  123.292297][ T6388] loop1: detected capacity change from 0 to 2048
[  123.347378][ T6388] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  123.572980][ T6403] vivid-003: disconnect
[  123.589838][ T6400] vivid-003: reconnect
[  123.594999][ T5837] gspca_sq930x: reg_w 0305 fd00 failed -71
[  123.611379][ T5837] sq930x: probe of 4-1:0.0 failed with error -71
[  123.643180][ T5837] usb 4-1: USB disconnect, device number 9
[  123.841011][ T6411] loop2: detected capacity change from 0 to 1764
[  124.253209][ T6432] loop3: detected capacity change from 0 to 1024
[  124.288217][ T6432] EXT4-fs (loop3): Ignoring removed orlov option
[  124.354147][ T6432] EXT4-fs (loop3): mounted filesystem without journal. Opts: block_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,norecovery,,errors=continue. Quota mode: none.
[  124.571835][ T6447] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  124.644307][ T6447] overlayfs: overlapping lowerdir path
[  124.658958][ T6418] loop4: detected capacity change from 0 to 40427
[  124.708791][ T6451] input: syz1 as /devices/virtual/input/input17
[  124.727687][ T6418] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[  124.736244][ T6418] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  124.924208][ T6418] F2FS-fs (loop4): Found nat_bits in checkpoint
[  124.949232][ T6453] loop3: detected capacity change from 0 to 32768
[  125.032121][ T6453] JBD2: Invalid start block of journal: 0
[  125.037877][ T6453] (syz.3.781,6453,0):ocfs2_journal_wipe:1154 ERROR: status = -22
[  125.045712][ T6453] (syz.3.781,6453,0):ocfs2_check_volume:2424 ERROR: status = -22
[  125.053516][ T6453] (syz.3.781,6453,0):ocfs2_check_volume:2493 ERROR: status = -22
[  125.061466][ T6453] (syz.3.781,6453,0):ocfs2_mount_volume:1824 ERROR: status = -22
[  125.093030][ T6453] (syz.3.781,6453,0):ocfs2_fill_super:1177 ERROR: status = -22
[  125.142074][ T6418] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  125.149468][ T6418] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  125.179467][ T6418] attempt to access beyond end of device
[  125.179467][ T6418] loop4: rw=2049, want=53264, limit=40427
[  125.198411][ T6464] device bond0 entered promiscuous mode
[  125.226035][ T6464] device bond_slave_0 entered promiscuous mode
[  125.254411][ T4191] attempt to access beyond end of device
[  125.254411][ T4191] loop4: rw=2049, want=45104, limit=40427
[  125.275050][ T6464] device bond_slave_1 entered promiscuous mode
[  125.314920][ T6464] device bond0 left promiscuous mode
[  125.334951][ T6464] device bond_slave_0 left promiscuous mode
[  125.381221][ T6464] device bond_slave_1 left promiscuous mode
[  125.676604][ T6476] loop3: detected capacity change from 0 to 32768
[  125.865650][ T6476] XFS (loop3): Mounting V5 Filesystem
[  125.925970][ T6476] XFS (loop3): Ending clean mount
[  125.939545][ T6476] XFS (loop3): Quotacheck needed: Please wait.
[  126.007482][ T6492] loop4: detected capacity change from 0 to 512
[  126.025788][ T6476] XFS (loop3): Quotacheck: Done.
[  126.031280][ T6476] XFS (loop3): Unmounting Filesystem
[  126.105178][ T6492] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  126.260797][ T6492] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,bsddf,,errors=continue. Quota mode: writeback.
[  126.307545][ T6492] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.374378][ T6492] EXT4-fs error (device loop4): __ext4_new_inode:1286: comm syz.4.796: failed to insert inode 16: doubly allocated?
[  126.548728][ T6505] netlink: 16 bytes leftover after parsing attributes in process `syz.1.801'.
[  126.600404][ T6508] loop4: detected capacity change from 0 to 1024
[  126.724853][ T6515] loop2: detected capacity change from 0 to 128
[  126.805486][ T6515] FAT-fs (loop2): bogus number of FAT sectors
[  126.820160][ T6515] FAT-fs (loop2): Can't find a valid FAT filesystem
[  127.122482][ T6530] loop4: detected capacity change from 0 to 1024
[  127.271176][ T6541] loop2: detected capacity change from 0 to 8
[  127.276319][ T6530] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  127.316837][ T6537] loop1: detected capacity change from 0 to 4096
[  127.317259][ T6541] SQUASHFS error: zlib decompression failed, data probably corrupt
[  127.372466][ T6546] loop0: detected capacity change from 0 to 1024
[  127.379239][ T6541] SQUASHFS error: Failed to read block 0x9b: -5
[  127.385661][ T6541] SQUASHFS error: Unable to read metadata cache entry [99]
[  127.394673][ T6541] SQUASHFS error: Unable to read inode 0x127
[  127.439720][ T6546] hfsplus: found bad thread record in catalog
[  127.466947][ T6537] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  127.503208][ T6537] ntfs3: loop1: Failed to load $Extend.
[  127.527424][    T9] hfsplus: found bad thread record in catalog
[  127.555294][    T9] hfsplus: found bad thread record in catalog
[  128.073224][ T6583] netlink: 12 bytes leftover after parsing attributes in process `syz.2.838'.
[  128.300717][ T6587] loop3: detected capacity change from 0 to 1024
[  128.358129][ T6587] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  128.522259][ T6601] x_tables: duplicate underflow at hook 4
[  128.785731][ T6613] loop2: detected capacity change from 0 to 256
[  128.811640][ T6569] loop0: detected capacity change from 0 to 40427
[  128.851615][ T6569] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x1ffff
[  128.866372][ T6569] F2FS-fs (loop0): invalid crc value
[  128.895387][ T6613] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  128.920074][ T4241] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  128.932656][ T6569] F2FS-fs (loop0): Found nat_bits in checkpoint
[  129.092821][ T6569] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  129.207791][ T4184] attempt to access beyond end of device
[  129.207791][ T4184] loop0: rw=2049, want=45104, limit=40427
[  129.219564][ T4241] usb 2-1: Using ep0 maxpacket: 16
[  129.380375][ T4241] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  129.385706][ T6642] loop4: detected capacity change from 0 to 64
[  129.391954][ T4241] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  129.416371][ T4241] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1023
[  129.583366][ T6650] loop3: detected capacity change from 0 to 128
[  129.625557][ T6650] FAT-fs (loop3): bogus number of FAT sectors
[  129.637039][ T6650] FAT-fs (loop3): Can't find a valid FAT filesystem
[  129.644177][ T4241] usb 2-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  129.663531][ T4241] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.690214][ T4241] usb 2-1: Product: syz
[  129.704630][ T4241] usb 2-1: Manufacturer: syz
[  129.714752][ T4241] usb 2-1: SerialNumber: syz
[  129.733701][ T4241] usb 2-1: config 0 descriptor??
[  129.770624][ T6605] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  129.807068][ T4241] mcba_usb 2-1:0.0 can0: failed tx_urb -90
[  129.831509][ T4241] mcba_usb 2-1:0.0 can0: Failed to send cmd (169)
[  129.848507][ T4241] mcba_usb 2-1:0.0 can0: failed tx_urb -90
[  129.860442][ T4241] mcba_usb 2-1:0.0 can0: Failed to send cmd (169)
[  129.867019][ T4241] mcba_usb 2-1:0.0: Microchip CAN BUS Analyzer connected
[  129.925636][ T6664] loop0: detected capacity change from 0 to 64
[  130.007919][ T4241] usb 2-1: USB disconnect, device number 9
[  130.021475][ T4241] mcba_usb 2-1:0.0 can0: device disconnected
[  130.033742][   T25] audit: type=1800 audit(1761850106.419:26): pid=6664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.861" name="file2" dev="loop0" ino=21 res=0 errno=0
[  130.158511][ T6677] loop3: detected capacity change from 0 to 64
[  130.254876][ T6677] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing
[  130.699077][ T6716] loop4: detected capacity change from 0 to 2048
[  130.782613][ T6716] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  130.897217][ T6275] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  131.193653][ T6748] netlink: 4 bytes leftover after parsing attributes in process `syz.0.905'.
[  131.276645][ T6275] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  131.298030][ T6275] usb 2-1: New USB device found, idVendor=5543, idProduct=0004, bcdDevice= 0.00
[  131.322011][ T6755] Set syz1 is full, maxelem 2 reached
[  131.336281][ T6275] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.369150][ T6275] usb 2-1: config 0 descriptor??
[  131.443642][ T6763] loop3: detected capacity change from 0 to 512
[  131.523848][ T6763] EXT4-fs (loop3): Ignoring removed orlov option
[  131.537025][ T6763] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  131.641054][ T6763] EXT4-fs error (device loop3): ext4_orphan_get:1427: comm syz.3.911: bad orphan inode 131083
[  131.666043][ T6763] EXT4-fs (loop3): mounted filesystem without journal. Opts: orlov,data_err=ignore,noquota,jqfmt=vfsv1,min_batch_time=0x0000000000000009,nodelalloc,data_err=ignore,,errors=continue. Quota mode: none.
[  131.863644][ T6275] uclogic 0003:5543:0004.0009: No inputs registered, leaving
[  131.882164][ T6275] uclogic 0003:5543:0004.0009: hidraw0: USB HID v0.02 Device [HID 5543:0004] on usb-dummy_hcd.1-1/input0
[  131.928256][ T6789] loop3: detected capacity change from 0 to 2048
[  131.976162][ T6789] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  132.029172][ T6795] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  132.064618][    T7] usb 2-1: USB disconnect, device number 10
[  132.130375][ T4290] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  132.248315][ T6803] loop0: detected capacity change from 0 to 4096
[  132.334512][ T6806] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  132.355170][ T6803] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[  132.375533][ T6803] Remounting filesystem read-only
[  132.563540][ T4290] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  132.572590][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  132.572630][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  132.595798][ T4290] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.609491][ T4290] usb 3-1: config 0 descriptor??
[  132.651694][ T4290] cp210x 3-1:0.0: cp210x converter detected
[  132.930122][ T6275] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  133.072237][ T6829] loop3: detected capacity change from 0 to 128
[  133.080127][ T4290] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  133.123760][ T4290] usb 3-1: cp210x converter now attached to ttyUSB0
[  133.126629][ T6831] loop0: detected capacity change from 0 to 256
[  133.153132][ T6829] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  133.206859][ T6831] FAT-fs (loop0): Directory bread(block 64) failed
[  133.255111][ T6831] FAT-fs (loop0): Directory bread(block 65) failed
[  133.272359][ T6829] ext4 filesystem being mounted at /221/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  133.292389][ T6831] FAT-fs (loop0): Directory bread(block 66) failed
[  133.300359][ T6275] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  133.308202][ T6831] FAT-fs (loop0): Directory bread(block 67) failed
[  133.322020][ T6275] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  133.328239][ T4290] usb 3-1: USB disconnect, device number 13
[  133.340457][ T6275] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  133.355950][ T4290] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  133.357515][ T6275] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.364587][ T6831] FAT-fs (loop0): Directory bread(block 68) failed
[  133.391139][ T4290] cp210x 3-1:0.0: device disconnected
[  133.406785][ T6831] FAT-fs (loop0): Directory bread(block 69) failed
[  133.430380][ T6818] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  133.431557][ T6839] loop4: detected capacity change from 0 to 512
[  133.450070][ T6831] FAT-fs (loop0): Directory bread(block 70) failed
[  133.470356][ T6831] FAT-fs (loop0): Directory bread(block 71) failed
[  133.477526][ T6831] FAT-fs (loop0): Directory bread(block 72) failed
[  133.484526][ T6831] FAT-fs (loop0): Directory bread(block 73) failed
[  133.518723][ T6839] EXT4-fs (loop4): Ignoring removed nobh option
[  133.540085][ T6839] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  133.594582][ T6839] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.940: iget: bad i_size value: 38620345925642
[  133.620191][ T6842] loop3: detected capacity change from 0 to 1024
[  133.628389][ T6839] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.940: couldn't read orphan inode 15 (err -117)
[  133.655005][ T6839] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,jqfmt=vfsv0,data_err=ignore,,errors=continue. Quota mode: writeback.
[  133.677851][ T6275] usb 2-1: USB disconnect, device number 11
[  133.711986][ T6839] ALSA: mixer_oss: invalid OSS volume 'ôF)/S®ù~ÛIÃñÞÜÛƒñðf´ºñëcj'
[  133.761918][ T6842] hfsplus: bad catalog entry type
[  133.921247][ T6847] netlink: 'syz.4.943': attribute type 8 has an invalid length.
[  133.933571][ T5679] hfsplus: b-tree write err: -5, ino 4
[  133.967550][ T6850] raw_sendmsg: syz.2.947 forgot to set AF_INET. Fix it!
[  133.982563][ T6848] loop0: detected capacity change from 0 to 4096
[  134.063853][ T6856] loop4: detected capacity change from 0 to 2048
[  134.073062][ T6848] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  134.119781][ T6856] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  134.156809][ T6848] ntfs: volume version 3.1.
[  134.511624][ T6876] loop0: detected capacity change from 0 to 512
[  134.600078][ T6275] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  134.637269][ T6876] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  134.664927][ T6882] netlink: 'syz.1.961': attribute type 4 has an invalid length.
[  134.705589][ T6876] ext4 filesystem being mounted at /158/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.780476][   T25] audit: type=1800 audit(1761850111.169:27): pid=6876 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.955" name="file1" dev="loop0" ino=15 res=0 errno=0
[  134.805046][ T6869] loop2: detected capacity change from 0 to 40427
[  134.829367][ T6884] loop1: detected capacity change from 0 to 8
[  134.847621][ T6869] F2FS-fs (loop2): invalid crc value
[  134.857840][   T25] audit: type=1800 audit(1761850111.199:28): pid=6876 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.955" name="file2" dev="loop0" ino=16 res=0 errno=0
[  134.892870][ T6869] F2FS-fs (loop2): Found nat_bits in checkpoint
[  134.981201][ T6275] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  134.992585][ T6275] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.015916][ T6275] usb 5-1: config 0 descriptor??
[  135.041674][ T6869] F2FS-fs (loop2): Start checkpoint disabled!
[  135.061838][ T6275] cp210x 5-1:0.0: cp210x converter detected
[  135.114063][ T6869] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  135.247249][ T6878] loop3: detected capacity change from 0 to 40427
[  135.270762][ T6896] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  135.291620][    T9] attempt to access beyond end of device
[  135.291620][    T9] loop2: rw=2049, want=40984, limit=40427
[  135.325990][ T6878] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  135.346529][ T6878] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  135.389691][ T6878] F2FS-fs (loop3): invalid crc_offset: 33558524
[  135.422357][ T6878] F2FS-fs (loop3): Found nat_bits in checkpoint
[  135.450141][    T7] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  135.581980][ T6878] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  135.589039][ T6878] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  135.720200][ T6275] cp210x 5-1:0.0: failed to get vendor val 0x000e size 678: -71
[  135.727975][    T7] usb 2-1: Using ep0 maxpacket: 16
[  135.741533][ T6275] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  135.758609][ T6275] usb 5-1: cp210x converter now attached to ttyUSB0
[  135.773009][ T6275] usb 5-1: USB disconnect, device number 12
[  135.811153][ T6275] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  135.831635][ T6275] cp210x 5-1:0.0: device disconnected
[  136.006640][ T6922] netlink: 8 bytes leftover after parsing attributes in process `syz.0.977'.
[  136.015945][    T7] usb 2-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  136.025671][    T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.040932][    T7] usb 2-1: Product: syz
[  136.049893][    T7] usb 2-1: Manufacturer: syz
[  136.056898][    T7] usb 2-1: SerialNumber: syz
[  136.063344][    T7] usb 2-1: config 0 descriptor??
[  136.121449][    T7] visor 2-1:0.0: Sony Clie 3.5 converter detected
[  136.220079][   T21] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  136.368673][ T6932] loop0: detected capacity change from 0 to 32768
[  136.441045][ T6942] loop4: detected capacity change from 0 to 64
[  136.452845][ T6932] JBD2: Ignoring recovery information on journal
[  136.459301][ T6932] JBD2: corrupted journal superblock
[  136.464911][ T6932] JBD2: error -117 scanning journal
[  136.470255][ T6932] (syz.0.982,6932,0):ocfs2_journal_wipe:1154 ERROR: status = -117
[  136.478261][ T6932] (syz.0.982,6932,0):ocfs2_check_volume:2424 ERROR: status = -117
[  136.486258][ T6932] (syz.0.982,6932,0):ocfs2_check_volume:2493 ERROR: status = -117
[  136.494369][ T6932] (syz.0.982,6932,0):ocfs2_mount_volume:1824 ERROR: status = -117
[  136.514269][ T6932] (syz.0.982,6932,0):ocfs2_fill_super:1177 ERROR: status = -117
[  136.562267][    T7] usb 2-1: Sony Clie 3.5 converter now attached to ttyUSB0
[  136.616056][   T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  136.636440][   T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  136.675350][   T21] usb 3-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  136.686000][ T6945] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (65535)
[  136.705629][   T21] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.714104][ T6945] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023
[  136.740373][   T21] usb 3-1: config 0 descriptor??
[  136.762810][    T7] usb 2-1: USB disconnect, device number 12
[  136.785275][    T7] clie_3.5 ttyUSB0: Sony Clie 3.5 converter now disconnected from ttyUSB0
[  136.816476][    T7] visor 2-1:0.0: device disconnected
[  137.086755][ T6959] loop3: detected capacity change from 0 to 8192
[  137.180168][ T6959] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  137.194183][ T6959] REISERFS (device loop3): using ordered data mode
[  137.206835][ T6959] reiserfs: using flush barriers
[  137.219895][ T6959] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  137.247542][ T6959] REISERFS (device loop3): checking transaction log (loop3)
[  137.250258][   T21] playstation 0003:054C:0DF2.000A: unknown main item tag 0x0
[  137.282779][   T21] playstation 0003:054C:0DF2.000A: unknown main item tag 0x0
[  137.290713][   T21] playstation 0003:054C:0DF2.000A: unknown main item tag 0x0
[  137.298249][   T21] playstation 0003:054C:0DF2.000A: unknown main item tag 0x0
[  137.309746][   T21] playstation 0003:054C:0DF2.000A: unknown main item tag 0x0
[  137.320119][   T21] playstation 0003:054C:0DF2.000A: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.2-1/input0
[  137.460333][   T21] playstation 0003:054C:0DF2.000A: Invalid byte count transferred, expected 20 got 0
[  137.480069][   T21] playstation 0003:054C:0DF2.000A: Failed to retrieve DualSense pairing info: -22
[  137.486111][ T6959] REISERFS (device loop3): Using tea hash to sort names
[  137.489567][   T21] playstation 0003:054C:0DF2.000A: Failed to get MAC address from DualSense
[  137.503829][ T6959] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  137.507965][ T6979] loop1: detected capacity change from 0 to 256
[  137.524515][ T6959] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  137.535354][   T21] playstation 0003:054C:0DF2.000A: Failed to create dualsense.
[  137.574157][   T21] playstation: probe of 0003:054C:0DF2.000A failed with error -22
[  137.590574][ T6979] exfat: Deprecated parameter 'namecase'
[  137.599435][ T6979] exfat: Deprecated parameter 'utf8'
[  137.635986][ T6979] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  137.668631][ T4453] usb 3-1: USB disconnect, device number 14
[  137.777391][ T6980] fido_id[6980]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  138.053061][ T6988] loop3: detected capacity change from 0 to 8192
[  138.243061][ T6991] loop1: detected capacity change from 0 to 32768
[  138.246051][ T6988] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  138.278801][ T6988] REISERFS (device loop3): using ordered data mode
[  138.286280][ T6988] reiserfs: using flush barriers
[  138.300506][ T6988] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  138.318437][ T6988] REISERFS (device loop3): checking transaction log (loop3)
[  138.339749][ T6988] REISERFS (device loop3): Using r5 hash to sort names
[  138.357820][ T6988] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  138.373051][ T6988] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  138.401272][ T7000] loop2: detected capacity change from 0 to 512
[  138.505411][ T7000] EXT4-fs (loop2): Ignoring removed nobh option
[  138.531312][ T7000] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  138.640974][ T7000] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  138.712291][ T7000] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1012: invalid indirect mapped block 256 (level 1)
[  138.826961][ T7000] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1012: invalid indirect mapped block 2683928664 (level 1)
[  138.840933][    T7] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  138.870639][ T7000] EXT4-fs (loop2): 1 truncate cleaned up
[  138.876422][ T7000] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,dioread_lock,nobh,noinit_itable,acl,usrjquota=.noacl,nodiscard,jqfmt=vfsv0,mblk_io_submit,,,errors=continue. Quota mode: writeback.
[  138.987316][ T4193] EXT4-fs error (device loop2): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  139.028360][ T4193] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:476: comm syz-executor: Invalid block bitmap block 3 in block_group 0
[  139.061393][ T4193] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6178: Corrupt filesystem
[  139.073747][ T4193] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2229: inode #15: comm syz-executor: corrupted in-inode xattr
[  139.091534][ T4193] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2229: inode #15: comm syz-executor: corrupted in-inode xattr
[  139.202740][ T7033] loop0: detected capacity change from 0 to 1024
[  139.208971][ T7034] loop4: detected capacity change from 0 to 2048
[  139.211318][    T7] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  139.269386][ T7035] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  139.292024][ T7033] EXT4-fs (loop0): Ignoring removed bh option
[  139.298323][ T7033] EXT4-fs (loop0): inline encryption not supported
[  139.298772][ T7005] loop1: detected capacity change from 0 to 32768
[  139.335677][ T7033] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[  139.351845][ T7033] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #3: block 2: comm syz.0.1028: lblock 2 mapped to illegal pblock 2 (length 1)
[  139.367795][ T7033] Quota error (device loop0): qtree_write_dquot: dquota write failed
[  139.376036][ T7033] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #3: block 48: comm syz.0.1028: lblock 0 mapped to illegal pblock 48 (length 1)
[  139.390873][    T7] usb 4-1: New USB device found, idVendor=05ac, idProduct=0238, bcdDevice= 0.40
[  139.401626][ T7033] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  139.403697][ T7034] NILFS error (device loop4): nilfs_dotdot: directory #12 missing '.'
[  139.411434][    T7] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.411456][    T7] usb 4-1: Product: syz
[  139.432369][ T7033] EXT4-fs error (device loop0): ext4_acquire_dquot:6209: comm syz.0.1028: Failed to acquire dquot type 0
[  139.444129][ T7033] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5850: Corrupt filesystem
[  139.452927][ T7005] XFS (loop1): Mounting V5 Filesystem
[  139.453622][    T7] usb 4-1: Manufacturer: syz
[  139.464608][    T7] usb 4-1: SerialNumber: syz
[  139.476829][ T7033] EXT4-fs error (device loop0): ext4_evict_inode:282: inode #11: comm syz.0.1028: mark_inode_dirty error
[  139.480131][ T7034] Remounting filesystem read-only
[  139.526986][ T7033] EXT4-fs warning (device loop0): ext4_evict_inode:285: couldn't mark inode dirty (err -117)
[  139.536732][    T7] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input18
[  139.568709][ T7033] EXT4-fs (loop0): 1 orphan inode deleted
[  139.593871][ T7033] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrquota,noblock_validity,bh,max_batch_time=0x00000000000008c9,debug,inlinecrypt,,errors=continue. Quota mode: writeback.
[  139.633050][ T4191] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  139.658403][ T7005] XFS (loop1): Ending clean mount
[  139.675745][ T5679] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #3: block 1: comm kworker/u4:9: lblock 1 mapped to illegal pblock 1 (length 1)
[  139.676696][ T7005] XFS (loop1): Quotacheck needed: Please wait.
[  139.719015][ T4318] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.748180][ T3546] bcm5974 4-1:1.0: could not read from device
[  139.756875][ T7005] XFS (loop1): Quotacheck: Done.
[  139.759481][ T5679] Quota error (device loop0): remove_tree: Can't read quota data block 1
[  139.782083][ T5679] EXT4-fs error (device loop0): ext4_release_dquot:6245: comm kworker/u4:9: Failed to release dquot type 0
[  139.812245][    T7] usb 4-1: USB disconnect, device number 10
[  139.840244][ T3546] bcm5974 4-1:1.0: could not read from device
[  139.881333][ T7033] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #3: block 48: comm syz.0.1028: lblock 0 mapped to illegal pblock 48 (length 1)
[  139.951115][ T7033] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=-117
[  139.984258][ T4318] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.048913][ T4182] XFS (loop1): Unmounting Filesystem
[  140.896115][ T7070] loop1: detected capacity change from 0 to 4096
[  140.935018][ T7070] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  141.034678][ T7070] ntfs: volume version 3.1.
[  141.313795][ T4318] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.385299][ T7088] loop3: detected capacity change from 0 to 16
[  141.431529][ T7088] erofs: Unknown parameter 'ÿ'
[  141.453692][ T4318] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.630072][   T21] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  141.763059][ T7051] chnl_net:caif_netlink_parms(): no params data found
[  141.857382][ T7088] loop3: detected capacity change from 0 to 32768
[  141.907735][ T7088] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.1049 (7088)
[  141.920118][   T21] usb 1-1: Using ep0 maxpacket: 32
[  141.987634][ T7088] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  142.012700][ T7088] BTRFS info (device loop3): using free space tree
[  142.019253][ T7088] BTRFS info (device loop3): has skinny extents
[  142.070192][   T21] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  142.088001][   T21] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.102169][   T21] usb 1-1: config 0 descriptor??
[  142.146205][ T7051] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.155208][ T7051] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.191133][ T7051] device bridge_slave_0 entered promiscuous mode
[  142.251392][ T7051] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.255896][ T4993] Bluetooth: hci4: command 0x0409 tx timeout
[  142.265727][ T7088] BTRFS info (device loop3): enabling ssd optimizations
[  142.287284][ T7051] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.338747][ T7051] device bridge_slave_1 entered promiscuous mode
[  142.400250][   T21] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  142.436514][   T21] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  142.511134][   T21] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  142.518853][   T21] usb 1-1: media controller created
[  142.551943][   T21] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  142.587824][ T1166] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared)
[  142.631324][   T21] az6027: usb out operation failed. (-71)
[  142.652792][ T4993] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  142.656826][ T7051] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  142.669570][   T21] az6027: usb out operation failed. (-71)
[  142.695540][   T21] stb0899_attach: Driver disabled by Kconfig
[  142.717060][   T21] az6027: no front-end attached
[  142.717060][   T21] 
[  142.760089][   T21] az6027: usb out operation failed. (-71)
[  142.765820][   T21] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  142.782027][   T21] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input19
[  142.818786][   T21] dvb-usb: schedule remote query interval to 400 msecs.
[  142.826947][   T21] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  142.891600][   T21] usb 1-1: USB disconnect, device number 8
[  142.976665][ T7051] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  143.031129][   T21] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  143.040310][ T4993] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30
[  143.051348][ T4993] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  143.068540][ T4993] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196
[  143.103594][ T7051] team0: Port device team_slave_0 added
[  143.120922][ T4993] usb 5-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  143.130094][ T4993] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.139173][ T7051] team0: Port device team_slave_1 added
[  143.164778][ T4993] usb 5-1: config 0 descriptor??
[  143.229466][ T7051] batman_adv: batadv0: Adding interface: batadv_slave_0
[  143.238532][ T7051] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  143.286862][ T7051] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  143.299723][ T7051] batman_adv: batadv0: Adding interface: batadv_slave_1
[  143.337517][ T7051] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  143.372304][ T7051] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  143.472627][ T7167] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1063'.
[  143.502026][ T7051] device hsr_slave_0 entered promiscuous mode
[  143.509577][ T7051] device hsr_slave_1 entered promiscuous mode
[  143.524173][ T7051] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  143.535521][ T7051] Cannot create hsr debugfs directory
[  143.640873][ T7145] udc-core: couldn't find an available UDC or it's busy
[  143.655696][ T7145] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  143.681775][ T4993] holtek_kbd 0003:04D9:A055.000B: unbalanced delimiter at end of report description
[  143.713635][ T4993] holtek_kbd: probe of 0003:04D9:A055.000B failed with error -22
[  143.876733][ T4318] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.885978][ T4318] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.913301][ T4993] usb 5-1: USB disconnect, device number 13
[  143.920690][ T4318] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.948393][ T4318] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.969196][ T4318] device bridge_slave_1 left promiscuous mode
[  143.991208][ T4318] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.013455][ T4318] device bridge_slave_0 left promiscuous mode
[  144.019748][ T4318] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.068433][ T4318] device veth1_macvtap left promiscuous mode
[  144.081944][ T4318] device veth0_macvtap left promiscuous mode
[  144.088163][ T4318] device veth1_vlan left promiscuous mode
[  144.092195][ T7179] loop1: detected capacity change from 0 to 32768
[  144.096008][ T4318] device veth0_vlan left promiscuous mode
[  144.149609][ T7179] JBD2: Ignoring recovery information on journal
[  144.299496][ T7179] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  144.336771][ T4993] Bluetooth: hci4: command 0x041b tx timeout
[  144.501924][ T4182] ocfs2: Unmounting device (7,1) on (node local)
[  144.510367][ T7202] loop4: detected capacity change from 0 to 256
[  144.533569][ T4318] team0 (unregistering): Port device team_slave_1 removed
[  144.563686][ T7202] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  144.583205][ T4318] team0 (unregistering): Port device team_slave_0 removed
[  144.628120][ T4318] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  144.671819][ T4318] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  144.801278][ T4318] bond0 (unregistering): Released all slaves
[  144.965487][ T7206] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  145.000724][ T7051] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  145.049531][ T7051] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  145.104935][ T7051] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  145.138226][ T7208] loop3: detected capacity change from 0 to 8192
[  145.157875][ T7051] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  145.177456][ T7217] loop4: detected capacity change from 0 to 512
[  145.248758][ T7217] EXT4-fs (loop4): inline encryption not supported
[  145.264302][ T7208] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  145.297895][ T7217] EXT4-fs (loop4): Ignoring removed oldalloc option
[  145.325789][ T7208] REISERFS (device loop3): using ordered data mode
[  145.360129][ T7208] reiserfs: using flush barriers
[  145.429227][ T7208] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  145.447852][ T7217] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000000,inlinecrypt,oldalloc,,errors=continue. Quota mode: writeback.
[  145.470201][ T7217] ext4 filesystem being mounted at /214/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  145.480806][ T7208] REISERFS (device loop3): checking transaction log (loop3)
[  145.506014][ T7051] 8021q: adding VLAN 0 to HW filter on device bond0
[  145.519030][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  145.550666][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  145.601653][ T7051] 8021q: adding VLAN 0 to HW filter on device team0
[  145.628898][ T5683] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  145.640689][ T5683] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  145.690720][ T5683] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.697806][ T5683] bridge0: port 1(bridge_slave_0) entered forwarding state
[  145.778400][ T5683] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  145.803862][ T7208] REISERFS (device loop3): Using tea hash to sort names
[  145.822092][ T7250] loop1: detected capacity change from 0 to 256
[  145.872492][ T5680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  145.891443][ T7208] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  145.891632][ T7250] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x8d1bf2bd, utbl_chksum : 0xe619d30d)
[  145.921435][ T5680] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  145.936316][ T5680] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.943446][ T5680] bridge0: port 2(bridge_slave_1) entered forwarding state
[  146.007715][ T5680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  146.062239][ T5680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  146.104529][ T5680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  146.158001][ T5680] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  146.176794][ T5680] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  146.234682][ T5683] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  146.273657][ T5683] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  146.286096][ T7265] netlink: 277 bytes leftover after parsing attributes in process `syz.1.1089'.
[  146.314993][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  146.339777][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  146.405349][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  146.410127][ T4993] Bluetooth: hci4: command 0x040f tx timeout
[  146.422783][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  146.438858][ T7051] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  146.622066][ T7274] loop4: detected capacity change from 0 to 1024
[  146.726026][ T7272] loop0: detected capacity change from 0 to 4096
[  146.781320][ T7274] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  146.807970][ T7272] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing.
[  146.850010][ T7274] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  146.859629][ T7274] EXT4-fs error (device loop4): ext4_get_journal_inode:5160: comm syz.4.1093: inode #1: comm syz.4.1093: iget: illegal inode #
[  146.875070][ T7272] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  146.892343][ T7288] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.940533][ T7272] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  146.946703][ T7274] EXT4-fs (loop4): no journal found
[  146.992465][ T5683] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  147.023498][ T5683] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  147.072723][ T7272] ntfs: volume version 3.1.
[  147.086632][ T7051] 8021q: adding VLAN 0 to HW filter on device batadv0
[  147.284939][ T4184] ntfs: (device loop0): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  147.581987][ T7326] loop1: detected capacity change from 0 to 256
[  147.669063][   T25] audit: type=1326 audit(1761850124.049:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6492ac7fc9 code=0x7ffc0000
[  147.760256][ T4993] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  147.797742][   T25] audit: type=1326 audit(1761850124.049:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6492ac7fc9 code=0x7ffc0000
[  147.870110][ T5680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  147.890239][   T25] audit: type=1326 audit(1761850124.069:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6492ac7fc9 code=0x7ffc0000
[  147.891620][ T5680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  147.921144][   T25] audit: type=1326 audit(1761850124.159:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6492ac7fc9 code=0x7ffc0000
[  148.000127][ T4993] usb 5-1: Using ep0 maxpacket: 16
[  148.004917][   T25] audit: type=1326 audit(1761850124.159:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.1110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6492ac7fc9 code=0x7ffc0000
[  148.098359][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  148.120216][ T4993] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.127393][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  148.174157][ T4993] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  148.198895][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  148.226032][ T4993] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  148.237544][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  148.280217][ T7051] device veth0_vlan entered promiscuous mode
[  148.298222][ T7051] device veth1_vlan entered promiscuous mode
[  148.320048][ T4993] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  148.329123][ T4993] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.376736][ T7350] loop1: detected capacity change from 0 to 4096
[  148.415129][ T4993] usb 5-1: config 0 descriptor??
[  148.438172][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  148.464369][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  148.490225][ T6271] Bluetooth: hci4: command 0x0419 tx timeout
[  148.521315][ T7051] device veth0_macvtap entered promiscuous mode
[  148.553170][ T7051] device veth1_macvtap entered promiscuous mode
[  148.618615][ T7051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.670236][ T7051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.717605][ T7051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.762162][ T7051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.830106][ T7051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.861137][ T7051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.890063][ T7051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.919155][ T7051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.946993][ T4993] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.000C/input/input20
[  148.951284][ T7051] batman_adv: batadv0: Interface activated: batadv_slave_0
[  149.001528][ T1166] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  149.020387][ T1166] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  149.030859][ T4993] microsoft 0003:045E:07DA.000C: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  149.043689][ T1166] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  149.080618][ T1166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  149.139914][ T7051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.182156][ T7051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.187397][ T5837] usb 5-1: USB disconnect, device number 14
[  149.226901][ T7051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.238974][ T7375] fido_id[7375]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory
[  149.252874][ T7051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.284689][ T7361] loop3: detected capacity change from 0 to 32768
[  149.299539][ T7051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.326729][ T7361] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by syz.3.1120 (7361)
[  149.338487][ T7051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.361013][ T7051] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.384567][ T7361] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  149.396191][ T7051] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.419548][ T7051] batman_adv: batadv0: Interface activated: batadv_slave_1
[  149.427803][ T7361] BTRFS info (device loop3): using free space tree
[  149.443050][ T5680] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  149.460587][ T5680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  149.471152][ T7361] BTRFS info (device loop3): has skinny extents
[  149.481092][ T7051] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  149.489804][ T7051] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  149.518899][ T7051] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  149.530079][ T7051] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  149.701212][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.750241][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.841311][ T7400] tap0: tun_chr_ioctl cmd 2147767511
[  149.905040][ T7361] BTRFS info (device loop3): enabling ssd optimizations
[  149.917429][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  149.957138][ T7405] loop4: detected capacity change from 0 to 1024
[  149.973336][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.043459][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.076059][ T1166] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  150.130081][ T7405] hfsplus: bad catalog entry type
[  150.221728][    T9] hfsplus: b-tree write err: -5, ino 4
[  150.612436][ T7423] input: syz1 as /devices/virtual/input/input21
[  151.008813][ T7431] loop3: detected capacity change from 0 to 4096
[  151.039594][ T7436] blk_update_request: I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  151.082518][ T7436] FAT-fs (loop11): unable to read boot sector
[  151.109096][ T7431] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  151.165945][ T7431] ntfs3: loop3: Failed to load $Extend.
[  151.333187][ T4182] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[  151.339635][ T4182] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  151.566111][ T7449] loop0: detected capacity change from 0 to 1024
[  151.575566][ T7421] loop4: detected capacity change from 0 to 40427
[  151.634861][ T7449] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  151.672508][ T7421] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x1ffff
[  151.688097][ T7449] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,nobarrier,norecovery,errors=remount-ro,resgid=0x0000000000000000,. Quota mode: writeback.
[  151.754135][ T7421] F2FS-fs (loop4): invalid crc value
[  151.759552][ T7449] EXT4-fs error (device loop0): htree_dirblock_to_tree:1112: inode #2: block 48: comm syz.0.1141: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=16, rec_len=5, size=1024 fake=0
[  151.788009][ T7421] F2FS-fs (loop4): Found nat_bits in checkpoint
[  151.836809][ T7460] loop1: detected capacity change from 0 to 512
[  151.875222][ T7421] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  151.908351][ T7460] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[  152.081891][ T7470] loop0: detected capacity change from 0 to 2048
[  152.117422][ T7460] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,bsddf,,errors=continue. Quota mode: writeback.
[  152.159101][ T4191] attempt to access beyond end of device
[  152.159101][ T4191] loop4: rw=2049, want=45104, limit=40427
[  152.177904][ T7460] ext4 filesystem being mounted at /219/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.272768][ T7470] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  152.339480][ T7460] EXT4-fs error (device loop1): __ext4_new_inode:1286: comm syz.1.1137: failed to insert inode 16: doubly allocated?
[  152.352181][ T7485] loop5: detected capacity change from 0 to 256
[  152.405320][ T7485] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  152.533584][   T25] audit: type=1800 audit(1761850128.919:34): pid=7485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1149" name="file1" dev="loop5" ino=1048616 res=0 errno=0
[  152.541380][ T7485] exFAT-fs (loop5): error, tried to truncate zeroed cluster.
[  152.615965][ T7485] exFAT-fs (loop5): Filesystem has been set read-only
[  152.677622][ T7493] loop1: detected capacity change from 0 to 4096
[  152.688108][ T7491] exFAT-fs (loop5): hint_cluster is invalid (1)
[  152.699583][ T7451] loop3: detected capacity change from 0 to 40427
[  152.728440][ T7493] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[  152.767026][ T7451] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x1ffff
[  152.810644][ T7451] F2FS-fs (loop3): invalid crc value
[  152.848265][ T7493] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  152.874872][ T7451] F2FS-fs (loop3): Found nat_bits in checkpoint
[  152.891000][ T7491] exFAT-fs (loop5): error, invalid access to exfat cache (entry 0x00000000)
[  152.910493][ T7491] exFAT-fs (loop5): error, failed to bmap (inode : ffff888062822860 iblock : 9, err : -5)
[  152.961520][ T7491] exFAT-fs (loop5): error, tried to truncate zeroed cluster.
[  152.987345][ T7491] attempt to access beyond end of device
[  152.987345][ T7491] loop5: rw=2049, want=34359738496, limit=256
[  153.013963][ T7451] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  153.193299][ T7506] loop4: detected capacity change from 0 to 1024
[  153.230751][ T4183] attempt to access beyond end of device
[  153.230751][ T4183] loop3: rw=2049, want=45104, limit=40427
[  153.709432][ T4325] hfsplus: b-tree write err: -5, ino 4
[  153.719372][ T7524] loop5: detected capacity change from 0 to 32768
[  153.837696][ T7536] loop4: detected capacity change from 0 to 128
[  153.925522][ T7536] FAT-fs (loop4): Directory bread(block 162) failed
[  153.953494][ T7536] FAT-fs (loop4): Directory bread(block 163) failed
[  153.967371][ T7540] ALSA: mixer_oss: invalid OSS volume 'LIøÄ'
[  153.993910][ T7536] FAT-fs (loop4): Directory bread(block 164) failed
[  154.017704][ T7536] FAT-fs (loop4): Directory bread(block 165) failed
[  154.036151][ T7536] FAT-fs (loop4): Directory bread(block 166) failed
[  154.071559][ T7536] FAT-fs (loop4): Directory bread(block 167) failed
[  154.119394][ T7536] FAT-fs (loop4): Directory bread(block 168) failed
[  154.136548][ T7536] FAT-fs (loop4): Directory bread(block 169) failed
[  154.221579][ T7536] FAT-fs (loop4): Directory bread(block 162) failed
[  154.235168][ T7536] FAT-fs (loop4): Directory bread(block 163) failed
[  154.264263][ T7556] loop1: detected capacity change from 0 to 1024
[  154.267238][ T7536] attempt to access beyond end of device
[  154.267238][ T7536] loop4: rw=3, want=232, limit=128
[  154.355075][ T7536] attempt to access beyond end of device
[  154.355075][ T7536] loop4: rw=2051, want=234, limit=128
[  154.511633][ T1166] hfsplus: b-tree write err: -5, ino 4
[  154.650097][ T5836] Bluetooth: hci5: command 0x1003 tx timeout
[  154.656206][ T4201] Bluetooth: hci5: sending frame failed (-49)
[  154.704115][ T7576] loop1: detected capacity change from 0 to 256
[  154.730190][ T5837] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  154.911189][ T7580] loop4: detected capacity change from 0 to 32768
[  155.020238][ T5837] usb 4-1: Using ep0 maxpacket: 32
[  155.151237][ T7594] loop5: detected capacity change from 0 to 128
[  155.170318][ T5837] usb 4-1: too many endpoints for config 64 interface 0 altsetting 8: 33, using maximum allowed: 30
[  155.191714][ T5837] usb 4-1: config 64 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  155.220917][ T7594] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  155.242926][ T5837] usb 4-1: config 64 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.260141][ T7594] hpfs: filesystem error: improperly stopped
[  155.266203][ T7594] hpfs: You really don't want any checks? You are crazy...
[  155.274133][ T5837] usb 4-1: config 64 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 33
[  155.293720][ T7594] hpfs: hpfs_map_sector(): read error
[  155.299096][ T7594] hpfs: code page support is disabled
[  155.306893][ T5837] usb 4-1: config 64 interface 0 has no altsetting 0
[  155.316991][ T7594] hpfs: hpfs_map_4sectors(): unaligned read
[  155.325172][ T5837] usb 4-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[  155.337491][ T7594] hpfs: hpfs_map_4sectors(): unaligned read
[  155.345705][ T5837] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.352625][ T7594] hpfs: filesystem error: unable to find root dir
[  155.362181][ T5836] kernel write not supported for file /input/event2 (pid: 5836 comm: kworker/0:13)
[  155.367155][ T7594] hpfs: hpfs_map_4sectors(): unaligned read
[  155.398028][ T7594] hpfs: hpfs_map_sector(): read error
[  155.774273][ T7621] loop5: detected capacity change from 0 to 4096
[  155.847054][ T5837] hid-rmi 0003:17EF:6085.000D: unknown main item tag 0x0
[  155.870056][ T5837] hid-rmi 0003:17EF:6085.000D: unknown main item tag 0x0
[  155.877117][ T5837] hid-rmi 0003:17EF:6085.000D: unknown main item tag 0x0
[  155.890016][ T5837] hid-rmi 0003:17EF:6085.000D: unknown main item tag 0x0
[  155.897074][ T5837] hid-rmi 0003:17EF:6085.000D: unknown main item tag 0x0
[  155.915868][ T7051] ntfs3: loop5: ntfs_evict_inode r=5 failed, -22.
[  155.921711][ T5837] hid-rmi 0003:17EF:6085.000D: hidraw0: USB HID v0.00 Device [HID 17ef:6085] on usb-dummy_hcd.3-1/input0
[  155.927580][ T7051] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  156.049832][ T5837] usb 4-1: USB disconnect, device number 11
[  156.838281][ T7641] loop4: detected capacity change from 0 to 16
[  156.869698][ T4176] udevd[4176]: incorrect erofs checksum on /dev/loop4
[  156.889433][ T7641] erofs: Unknown parameter 'ÿ'
[  156.898001][ T7633] loop1: detected capacity change from 0 to 32768
[  156.908601][ T5837] Bluetooth: hci5: command 0x1001 tx timeout
[  156.914777][ T4201] Bluetooth: hci5: sending frame failed (-49)
[  156.961201][ T7633] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  156.969784][ T7633] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  157.016918][ T7633] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  157.032058][ T5836] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  157.039856][ T5836] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  157.087186][ T5836] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 47ms
[  157.101082][ T5836] gfs2: fsid=syz:syz.0: jid=0: Done
[  157.118313][ T7633] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  157.646030][ T7641] loop4: detected capacity change from 0 to 32768
[  157.663830][ T7641] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1200 (7641)
[  157.744532][ T7641] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  157.762456][ T7641] BTRFS info (device loop4): using free space tree
[  157.785908][ T7641] BTRFS info (device loop4): has skinny extents
[  158.108199][ T7666] loop1: detected capacity change from 0 to 32768
[  158.127144][ T7675] loop3: detected capacity change from 0 to 256
[  158.171696][ T7675] exfat: Deprecated parameter 'utf8'
[  158.181696][ T7675] exfat: Deprecated parameter 'namecase'
[  158.265947][ T7641] BTRFS info (device loop4): enabling ssd optimizations
[  158.291101][ T7675] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d)
[  158.296585][ T7666] XFS (loop1): Mounting V5 Filesystem
[  158.471207][ T7666] XFS (loop1): Ending clean mount
[  158.488007][ T7666] XFS (loop1): Quotacheck needed: Please wait.
[  158.553620][ T5683] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  158.599495][ T7666] XFS (loop1): Quotacheck: Done.
[  158.604869][ T7666] XFS (loop1): Unmounting Filesystem
[  159.018940][ T7707] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1219'.
[  159.429551][ T7703] loop3: detected capacity change from 0 to 32768
[  159.495625][ T7703] ERROR: (device loop3): xtTruncate_pmap: XT_GETPAGE: xtree page corrupt
[  159.495625][ T7703] 
[  159.510088][ T4442] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  159.568047][ T7703] ERROR: (device loop3): remounting filesystem as read-only
[  159.587811][ T7703] ERROR: (device loop3): jfs_rename: 
[  159.587811][ T7703] 
[  159.589958][    C0] sched: RT throttling activated
[  159.592447][ T5836] Bluetooth: hci5: command 0x1009 tx timeout
[  159.635096][ T4183] ERROR: (device loop3): xtTruncate: XT_GETPAGE: xtree page corrupt
[  159.635096][ T4183] 
[  159.673809][ T4183] ERROR: (device loop3): remounting filesystem as read-only
[  159.780049][ T4442] usb 6-1: Using ep0 maxpacket: 32
[  159.814951][ T7716] loop4: detected capacity change from 0 to 2048
[  159.900130][ T4442] usb 6-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  159.919784][ T7716] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  159.929005][ T4442] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.949775][ T4442] usb 6-1: config 0 descriptor??
[  159.997039][ T4442] gspca_main: sq930x-2.14.0 probing 041e:403c
[  160.585286][ T7751] netlink: 'syz.1.1235': attribute type 8 has an invalid length.
[  160.680040][ T4442] gspca_sq930x: reg_w 0305 fd00 failed -71
[  160.685940][ T4442] sq930x: probe of 6-1:0.0 failed with error -71
[  160.697704][ T4442] usb 6-1: USB disconnect, device number 2
[  160.820056][ T4290] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  161.070083][ T4290] usb 4-1: Using ep0 maxpacket: 16
[  161.421347][ T4290] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  161.444853][ T4290] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  161.460277][ T4290] usb 4-1: Product: syz
[  161.464447][ T4290] usb 4-1: Manufacturer: syz
[  161.469042][ T4290] usb 4-1: SerialNumber: syz
[  161.491675][ T4290] usb 4-1: config 0 descriptor??
[  161.597763][ T7778] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1245'.
[  161.659292][ T7764] loop4: detected capacity change from 0 to 40427
[  161.665646][ T7778] device batadv0 entered promiscuous mode
[  161.672683][ T7778] device batadv0 left promiscuous mode
[  161.712875][ T7781] loop5: detected capacity change from 0 to 2048
[  161.736694][ T7764] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x1ffff
[  161.752055][ T4290] usb 4-1: USB disconnect, device number 12
[  161.779005][ T7764] F2FS-fs (loop4): invalid crc value
[  161.792432][ T7781] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  161.818879][ T7764] F2FS-fs (loop4): Found nat_bits in checkpoint
[  161.985837][ T7764] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  162.038448][ T7793] loop1: detected capacity change from 0 to 1024
[  162.118152][ T4191] attempt to access beyond end of device
[  162.118152][ T4191] loop4: rw=2049, want=45104, limit=40427
[  162.187599][ T7793] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  162.220168][ T7793] ext4 filesystem being mounted at /249/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.251101][ T7793] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.1251: inode has both inline data and extents flags
[  162.389776][ T7816] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.1251: inode has both inline data and extents flags
[  162.484404][ T7820] loop3: detected capacity change from 0 to 8
[  162.796444][ T7836] loop3: detected capacity change from 0 to 256
[  162.898982][ T7842] loop5: detected capacity change from 0 to 512
[  162.925565][ T7836] FAT-fs (loop3): Directory bread(block 64) failed
[  162.937016][ T7836] FAT-fs (loop3): Directory bread(block 65) failed
[  162.948592][ T7836] FAT-fs (loop3): Directory bread(block 66) failed
[  162.963393][ T7836] FAT-fs (loop3): Directory bread(block 67) failed
[  162.970090][ T4290] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  162.971448][ T7836] FAT-fs (loop3): Directory bread(block 68) failed
[  163.018708][ T7836] FAT-fs (loop3): Directory bread(block 69) failed
[  163.026736][ T7842] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  163.047283][ T7842] EXT4-fs (loop5): orphan cleanup on readonly fs
[  163.059719][ T7836] FAT-fs (loop3): Directory bread(block 70) failed
[  163.079003][ T7836] FAT-fs (loop3): Directory bread(block 71) failed
[  163.092681][ T7836] FAT-fs (loop3): Directory bread(block 72) failed
[  163.099214][ T7836] FAT-fs (loop3): Directory bread(block 73) failed
[  163.103159][ T7842] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 16777216 out of range 0-5
[  163.165469][ T7842] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  163.191068][ T7842] EXT4-fs error (device loop5): ext4_acquire_dquot:6209: comm syz.5.1266: Failed to acquire dquot type 1
[  163.213920][ T7842] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1266: bg 0: block 40: padding at end of block bitmap is not set
[  163.230184][ T4290] usb 2-1: Using ep0 maxpacket: 32
[  163.259745][ T7833] loop0: detected capacity change from 0 to 32768
[  163.282887][ T7842] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6178: Corrupt filesystem
[  163.297386][ T7842] EXT4-fs (loop5): 1 truncate cleaned up
[  163.304171][ T7842] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  163.370236][ T4290] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  163.378333][ T4290] usb 2-1: config 0 has no interface number 0
[  163.580257][ T4290] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  163.590929][ T4290] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.600364][ T4290] usb 2-1: Product: syz
[  163.604684][ T4290] usb 2-1: Manufacturer: syz
[  163.609305][ T4290] usb 2-1: SerialNumber: syz
[  163.638523][ T4290] usb 2-1: config 0 descriptor??
[  163.703575][ T4290] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  163.863714][ T7872] vivid-002: disconnect
[  163.871154][ T7866] vivid-002: reconnect
[  163.922282][ T4290] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  163.979595][ T4290] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  164.100996][ T7886] vivid-006: disconnect
[  164.122354][ T7882] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  164.222082][ T7882] overlayfs: overlapping lowerdir path
[  164.274928][ T7855] loop5: detected capacity change from 0 to 40427
[  164.321437][ T7894] loop4: detected capacity change from 0 to 512
[  164.357255][ T7855] F2FS-fs (loop5): invalid crc value
[  164.371194][ T7894] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  164.382885][ T5836] usb 2-1: USB disconnect, device number 13
[  164.399994][    C1] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  164.418944][ T5836] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  164.435434][ T7855] F2FS-fs (loop5): Found nat_bits in checkpoint
[  164.487988][ T7894] EXT4-fs (loop4): 1 truncate cleaned up
[  164.500145][ T7894] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,barrier,lazytime,quota,. Quota mode: writeback.
[  164.524766][ T5836] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  164.581342][ T5836] quatech2 2-1:0.51: device disconnected
[  164.586702][ T7855] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  164.589187][ T7895] loop0: detected capacity change from 0 to 8192
[  164.715355][ T7051] attempt to access beyond end of device
[  164.715355][ T7051] loop5: rw=2049, want=45104, limit=40427
[  164.746161][ T7895] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[  164.799000][ T7895] REISERFS (device loop0): using ordered data mode
[  164.840097][ T7895] reiserfs: using flush barriers
[  164.858924][ T7895] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  164.878103][ T7884] vivid-006: reconnect
[  165.001807][ T7895] REISERFS (device loop0): checking transaction log (loop0)
[  165.100242][ T4249] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  165.227854][ T7895] REISERFS (device loop0): Using tea hash to sort names
[  165.245479][ T7895] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  165.300539][   T25] audit: type=1800 audit(1761850141.689:35): pid=7895 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1281" name="file1" dev="loop0" ino=4 res=0 errno=0
[  165.425423][ T7937] loop1: detected capacity change from 0 to 512
[  165.455740][ T7937] EXT4-fs (loop1): Ignoring removed orlov option
[  165.469590][ T7940] vivid-001: disconnect
[  165.476729][ T7933] vivid-001: reconnect
[  165.484222][ T7937] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  165.510661][ T4249] usb 5-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  165.550121][ T4249] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.575756][ T7937] EXT4-fs error (device loop1): ext4_orphan_get:1427: comm syz.1.1290: bad orphan inode 131083
[  165.590606][ T4249] usb 5-1: config 0 descriptor??
[  165.607575][ T7937] EXT4-fs (loop1): mounted filesystem without journal. Opts: orlov,data_err=ignore,noquota,jqfmt=vfsv1,min_batch_time=0x0000000000000009,nodelalloc,data_err=ignore,,errors=continue. Quota mode: none.
[  165.650014][ T4249] gspca_main: spca508-2.14.0 probing 8086:0110
[  165.650880][ T7945] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  165.728018][ T7945] overlayfs: overlapping lowerdir path
[  165.857787][ T4249] gspca_spca508: reg_read err -32
[  165.900070][ T4249] gspca_spca508: reg_read err -32
[  166.170274][ T4249] gspca_spca508: reg_read err -71
[  166.201248][ T4249] gspca_spca508: reg_read err -71
[  166.240172][ T4249] gspca_spca508: reg write: error -71
[  166.255779][ T4249] spca508: probe of 5-1:0.0 failed with error -71
[  166.276652][ T4249] usb 5-1: USB disconnect, device number 15
[  166.401406][ T7958] loop5: detected capacity change from 0 to 16
[  166.411241][ T7956] program syz.1.1293 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  166.460655][ T7958] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  166.476893][ T4176] udevd[4176]: incorrect cramfs checksum on /dev/loop5
[  166.533325][ T4176] udevd[4176]: incorrect cramfs checksum on /dev/loop5
[  166.973018][ T7998] program syz.4.1312 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  167.063998][ T8006] vivid-000: disconnect
[  167.080933][ T8003] vivid-000: reconnect
[  167.096070][ T8007] loop4: detected capacity change from 0 to 1024
[  167.269704][  T154] hfsplus: b-tree write err: -5, ino 4
[  167.285485][ T4442] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  167.413607][ T8027] loop4: detected capacity change from 0 to 512
[  167.430117][ T5837] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  167.466157][ T8027] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  167.598176][ T8027] EXT4-fs (loop4): 1 truncate cleaned up
[  167.633576][ T8027] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  167.680049][ T5837] usb 1-1: Using ep0 maxpacket: 16
[  167.710140][ T4442] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  167.718461][ T4442] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  167.735222][ T8027] EXT4-fs error (device loop4): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.4.1323: bad entry in directory: '.' directory cannot be the last in data block - offset=0, inode=2, rec_len=1024, size=1024 fake=1
[  167.761964][ T4442] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  167.788315][ T4442] usb 2-1: config 220 has no interface number 2
[  167.800358][ T5837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.810115][ T4442] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  167.832983][ T5837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.843121][ T4442] usb 2-1: config 220 interface 0 has no altsetting 0
[  167.858735][ T8018] loop5: detected capacity change from 0 to 32768
[  167.868249][ T5837] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  167.870004][ T4442] usb 2-1: config 220 interface 76 has no altsetting 0
[  167.892769][ T5837] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.897787][ T8018] XFS: ikeep mount option is deprecated.
[  167.928023][ T5837] usb 1-1: config 0 descriptor??
[  167.933943][ T4442] usb 2-1: config 220 interface 1 has no altsetting 0
[  168.035530][ T8018] XFS (loop5): Mounting V5 Filesystem
[  168.064935][ T8057] loop4: detected capacity change from 0 to 1024
[  168.144717][ T8018] XFS (loop5): Ending clean mount
[  168.150230][ T4442] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  168.159286][ T4442] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.196286][ T8057] hfsplus: bad catalog entry type
[  168.245126][ T4442] usb 2-1: Product: syz
[  168.249641][ T4442] usb 2-1: Manufacturer: syz
[  168.269528][    T9] hfsplus: b-tree write err: -5, ino 4
[  168.286919][ T4442] usb 2-1: SerialNumber: syz
[  168.413798][ T8075] mkiss: ax0: crc mode is auto.
[  168.422175][ T5837] savu 0003:1E7D:2D5A.000E: unknown main item tag 0x0
[  168.439161][ T5837] savu 0003:1E7D:2D5A.000E: unknown main item tag 0x0
[  168.471018][ T5837] savu 0003:1E7D:2D5A.000E: unknown main item tag 0x0
[  168.485701][ T7051] XFS (loop5): Unmounting Filesystem
[  168.511397][ T5837] savu 0003:1E7D:2D5A.000E: unknown main item tag 0x0
[  168.518188][ T5837] savu 0003:1E7D:2D5A.000E: unknown main item tag 0x0
[  168.546524][ T5837] savu 0003:1E7D:2D5A.000E: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[  168.572303][ T8081] loop3: detected capacity change from 0 to 1024
[  168.624461][ T8081] EXT4-fs (loop3): Ignoring removed oldalloc option
[  168.633122][ T5836] usb 1-1: USB disconnect, device number 9
[  168.646711][ T8081] EXT4-fs (loop3): Ignoring removed bh option
[  168.655609][ T8081] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  168.721299][ T8081] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,block_validity,oldalloc,nombcache,nodioread_nolock,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  168.780272][ T4442] usb 2-1: selecting invalid altsetting 0
[  168.807635][ T4442] usb 2-1: Found UVC 7.01 device syz (8086:0b07)
[  168.835548][ T8082] fido_id[8082]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  168.856232][ T4442] usb 2-1: No valid video chain found.
[  168.991032][ T4442] usb 2-1: selecting invalid altsetting 0
[  169.003727][ T4442] usbtest: probe of 2-1:220.1 failed with error -22
[  169.042600][ T4442] usb 2-1: USB disconnect, device number 14
[  169.179481][ T8103] loop5: detected capacity change from 0 to 136
[  169.261731][ T8108] loop0: detected capacity change from 0 to 1024
[  169.300205][ T5836] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  169.320665][ T8103] iso9660: Corrupted directory entry in block 2 of inode 1472
[  169.420669][  T154] hfsplus: b-tree write err: -5, ino 4
[  169.541197][ T5836] usb 5-1: Using ep0 maxpacket: 32
[  169.660166][ T5836] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  169.669228][ T5836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.731537][ T5836] usb 5-1: config 0 descriptor??
[  169.906074][ T8131] loop0: detected capacity change from 0 to 4096
[  169.946544][ T8145] loop3: detected capacity change from 0 to 2048
[  169.991190][ T5836] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  170.020770][ T5836] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  170.032676][ T8145] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  170.068490][ T8131] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  170.085532][ T5836] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  170.116132][ T5836] usb 5-1: media controller created
[  170.179508][ T5836] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  170.300854][ T5836] az6027: usb out operation failed. (-71)
[  170.338698][ T5836] az6027: usb out operation failed. (-71)
[  170.357250][ T5836] stb0899_attach: Driver disabled by Kconfig
[  170.359205][ T8167] loop5: detected capacity change from 0 to 512
[  170.363334][ T5836] az6027: no front-end attached
[  170.363334][ T5836] 
[  170.461119][ T8167] EXT4-fs (loop5): mounted filesystem without journal. Opts: resgid=0x0000000000000000,errors=continue,noblock_validity,,errors=continue. Quota mode: none.
[  170.462726][ T8173] loop3: detected capacity change from 0 to 256
[  170.500463][ T8167] EXT4-fs warning (device loop5): dx_probe:869: inode #2: comm syz.5.1362: Unimplemented hash flags: 0x0001
[  170.515454][ T5836] az6027: usb out operation failed. (-71)
[  170.537643][ T5836] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  170.550053][ T8167] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.1362: Corrupt directory, running e2fsck is recommended
[  170.600990][ T5836] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input22
[  170.618946][ T8167] EXT4-fs error (device loop5): ext4_readdir:263: inode #2: block 3: comm syz.5.1362: path /74/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[  170.705580][ T5836] dvb-usb: schedule remote query interval to 400 msecs.
[  170.713626][ T8173] FAT-fs (loop3): Directory bread(block 64) failed
[  170.724935][ T5836] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  170.732742][ T8173] FAT-fs (loop3): Directory bread(block 65) failed
[  170.753989][ T8173] FAT-fs (loop3): Directory bread(block 66) failed
[  170.756667][ T5836] usb 5-1: USB disconnect, device number 16
[  170.793510][ T8173] FAT-fs (loop3): Directory bread(block 67) failed
[  170.813472][ T8173] FAT-fs (loop3): Directory bread(block 68) failed
[  170.824895][ T8173] FAT-fs (loop3): Directory bread(block 69) failed
[  170.835906][ T8173] FAT-fs (loop3): Directory bread(block 70) failed
[  170.846604][ T8173] FAT-fs (loop3): Directory bread(block 71) failed
[  170.883991][ T5836] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  170.909420][ T8173] FAT-fs (loop3): Directory bread(block 72) failed
[  170.947673][ T8173] FAT-fs (loop3): Directory bread(block 73) failed
[  171.199306][ T8202] loop4: detected capacity change from 0 to 256
[  171.288895][ T8200] loop5: detected capacity change from 0 to 4096
[  171.369151][ T8202] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x2e76b09e, utbl_chksum : 0xe619d30d)
[  171.415747][ T8191] loop1: detected capacity change from 0 to 32768
[  171.479376][ T8214] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  171.524174][ T8191] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.1371 (8191)
[  171.537432][ T8209] loop3: detected capacity change from 0 to 4096
[  171.601443][ T8209] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
[  171.630779][ T8191] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  171.669068][ T8191] BTRFS info (device loop1): using free space tree
[  171.675940][ T8191] BTRFS info (device loop1): has skinny extents
[  171.786900][ T8226] loop4: detected capacity change from 0 to 128
[  171.872541][ T8238] loop5: detected capacity change from 0 to 512
[  171.889652][ T8191] BTRFS info (device loop1): enabling ssd optimizations
[  171.919713][ T8238] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  171.924683][ T8226] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  171.976105][ T8226] hpfs: filesystem error: improperly stopped
[  171.983433][ T8226] hpfs: You really don't want any checks? You are crazy...
[  172.003428][ T8226] hpfs: hpfs_map_sector(): read error
[  172.009003][ T8226] hpfs: code page support is disabled
[  172.014713][ T8226] hpfs: hpfs_map_4sectors(): unaligned read
[  172.021143][ T8226] hpfs: hpfs_map_4sectors(): unaligned read
[  172.027151][ T8226] hpfs: filesystem error: unable to find root dir
[  172.028544][ T8238] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.1381: invalid indirect mapped block 4294967295 (level 1)
[  172.108512][ T8238] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.1381: invalid indirect mapped block 4294967295 (level 1)
[  172.168816][ T8226] hpfs: hpfs_map_4sectors(): unaligned read
[  172.176805][ T8238] EXT4-fs (loop5): 2 truncates cleaned up
[  172.183222][ T8238] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpjquota=,init_itable=0x0000000000000007,dioread_nolock,auto_da_alloc=0x000000007fffffff,,errors=continue. Quota mode: writeback.
[  172.227638][ T8226] hpfs: hpfs_map_sector(): read error
[  172.234171][ T8238] EXT4-fs (loop5): shut down requested (2)
[  172.248958][ T8249] loop3: detected capacity change from 0 to 512
[  172.289622][ T4176] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 10 /dev/loop1 scanned by udevd (4176)
[  172.424348][ T8249] EXT4-fs error (device loop3): ext4_orphan_get:1427: comm syz.3.1383: bad orphan inode 11862016
[  172.461637][ T8249] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,,errors=continue. Quota mode: writeback.
[  172.474815][ T8249] ext4 filesystem being mounted at /309/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.954025][   T25] audit: type=1326 audit(1761850149.339:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8283 comm="syz.3.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b2c0c9fc9 code=0x7ffc0000
[  173.010384][ T4290] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  173.051625][   T25] audit: type=1326 audit(1761850149.359:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8283 comm="syz.3.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b2c0c9fc9 code=0x7ffc0000
[  173.114541][   T25] audit: type=1326 audit(1761850149.359:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8283 comm="syz.3.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f4b2c0c9fc9 code=0x7ffc0000
[  173.206901][   T25] audit: type=1326 audit(1761850149.359:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8283 comm="syz.3.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b2c0c9fc9 code=0x7ffc0000
[  173.292117][ T4290] usb 2-1: Using ep0 maxpacket: 16
[  173.320510][   T25] audit: type=1326 audit(1761850149.369:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8283 comm="syz.3.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b2c0c9fc9 code=0x7ffc0000
[  173.380214][ T6270] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  173.450320][ T4290] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.462356][ T8310] loop0: detected capacity change from 0 to 512
[  173.469151][ T4290] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  173.488196][ T4290] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.496799][ T8310] EXT4-fs (loop0): inline encryption not supported
[  173.503851][ T8310] EXT4-fs (loop0): Ignoring removed oldalloc option
[  173.513890][ T4290] usb 2-1: config 0 descriptor??
[  173.544178][ T8310] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000000,inlinecrypt,oldalloc,,errors=continue. Quota mode: writeback.
[  173.569210][ T8310] ext4 filesystem being mounted at /251/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  173.603001][ T8310] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1411: bg 0: block 217: padding at end of block bitmap is not set
[  173.630306][ T6270] usb 4-1: Using ep0 maxpacket: 32
[  173.635210][ T8310] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6178: Corrupt filesystem
[  173.635523][ T8253] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  173.698685][ T8317] loop5: detected capacity change from 0 to 8192
[  173.728128][ T8317] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal
[  173.738690][ T8317] REISERFS (device loop5): using ordered data mode
[  173.745727][ T8317] reiserfs: using flush barriers
[  173.750128][ T6270] usb 4-1: config 0 has an invalid interface number: 231 but max is 0
[  173.756076][ T8317] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  173.760393][ T6270] usb 4-1: config 0 has no interface number 0
[  173.781638][ T6270] usb 4-1: config 0 interface 231 has no altsetting 0
[  173.832516][ T8317] REISERFS (device loop5): checking transaction log (loop5)
[  173.893556][ T8317] REISERFS (device loop5): Using tea hash to sort names
[  173.902692][ T8317] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
[  173.941264][ T6270] usb 4-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=21.78
[  173.951064][ T6270] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.959064][ T6270] usb 4-1: Product: syz
[  173.963539][ T6270] usb 4-1: Manufacturer: syz
[  173.968144][ T6270] usb 4-1: SerialNumber: syz
[  173.981979][ T6270] usb 4-1: config 0 descriptor??
[  174.023822][ T4290] mcp2221 0003:04D8:00DD.000F: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  174.030102][ T8253] usb 5-1: config 0 has an invalid interface number: 42 but max is 0
[  174.047467][ T8253] usb 5-1: config 0 has no interface number 0
[  174.054803][ T8253] usb 5-1: New USB device found, idVendor=04cb, idProduct=0100, bcdDevice= 0.ae
[  174.069424][ T8253] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.078915][ T8253] usb 5-1: config 0 descriptor??
[  174.124458][ T4249] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  174.150669][ T8253] usb-storage 5-1:0.42: USB Mass Storage device detected
[  174.205721][ T8253] usb-storage 5-1:0.42: Quirks match for vid 04cb pid 0100: 9
[  174.261376][ T8253] usb-storage 5-1:0.42: This device (04cb,0100,00ae S 04 P e0) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller)
[  174.261376][ T8253]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  174.279334][ T8328] loop5: detected capacity change from 0 to 4096
[  174.300252][ T6270] asix 4-1:0.231 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  174.310842][ T6270] asix: probe of 4-1:0.231 failed with error -71
[  174.322259][ T6270] usb 4-1: USB disconnect, device number 13
[  174.342970][ T8328] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  174.363379][    C1] vkms_vblank_simulate: vblank timer overrun
[  174.411201][ T4290] usb 5-1: USB disconnect, device number 17
[  174.432915][ T8253] usb 2-1: USB disconnect, device number 15
[  174.467336][ T8328] ntfs: volume version 3.1.
[  174.520239][ T4249] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  174.538175][ T4249] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  174.549446][ T4249] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  174.561673][ T4249] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.579268][ T8330] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (65535)
[  174.589085][ T8330] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023
[  174.599399][ T8320] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[  174.767130][ T8336] loop5: detected capacity change from 0 to 1024
[  174.805600][ T8336] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  174.835638][ T4290] usb 1-1: USB disconnect, device number 10
[  175.243268][ T8352] loop1: detected capacity change from 0 to 1024
[  175.327458][ T8345] loop5: detected capacity change from 0 to 32768
[  175.396625][ T8345] JBD2: Ignoring recovery information on journal
[  175.461669][ T8356] loop3: detected capacity change from 0 to 512
[  175.479278][ T8345] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  175.527301][ T7051] ocfs2: Unmounting device (7,5) on (node local)
[  175.552839][ T8356] EXT4-fs (loop3): Ignoring removed nobh option
[  175.610525][ T8253] Bluetooth: hci0: command 0x0406 tx timeout
[  175.633114][ T8253] Bluetooth: hci3: command 0x0406 tx timeout
[  175.670997][ T8253] Bluetooth: hci2: command 0x0406 tx timeout
[  175.684134][ T8356] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,nobh,,errors=continue. Quota mode: writeback.
[  175.701396][ T8356] ext4 filesystem being mounted at /314/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  175.703798][ T8253] Bluetooth: hci1: command 0x0406 tx timeout
[  175.790949][ T8371] loop5: detected capacity change from 0 to 1024
[  175.801651][ T8367] loop0: detected capacity change from 0 to 2048
[  175.836154][ T8371] EXT4-fs (loop5): Ignoring removed bh option
[  175.848811][ T8367] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  175.867011][ T8371] EXT4-fs (loop5): inline encryption not supported
[  175.889492][ T8371] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[  175.913694][ T8371] EXT4-fs error (device loop5): ext4_map_blocks:629: inode #3: block 2: comm syz.5.1428: lblock 2 mapped to illegal pblock 2 (length 1)
[  175.931765][ T8371] Quota error (device loop5): qtree_write_dquot: dquota write failed
[  175.939860][ T8371] EXT4-fs error (device loop5): ext4_map_blocks:629: inode #3: block 48: comm syz.5.1428: lblock 0 mapped to illegal pblock 48 (length 1)
[  175.964359][ T8371] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  175.973829][ T8371] EXT4-fs error (device loop5): ext4_acquire_dquot:6209: comm syz.5.1428: Failed to acquire dquot type 0
[  175.985746][ T8371] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5850: Corrupt filesystem
[  175.995674][ T8371] EXT4-fs error (device loop5): ext4_evict_inode:282: inode #11: comm syz.5.1428: mark_inode_dirty error
[  176.007317][ T8371] EXT4-fs warning (device loop5): ext4_evict_inode:285: couldn't mark inode dirty (err -117)
[  176.017921][ T8371] EXT4-fs (loop5): 1 orphan inode deleted
[  176.023876][ T8371] EXT4-fs (loop5): mounted filesystem without journal. Opts: usrquota,noblock_validity,bh,max_batch_time=0x00000000000008c9,debug,inlinecrypt,,errors=continue. Quota mode: writeback.
[  176.042038][ T4318] EXT4-fs error (device loop5): ext4_map_blocks:629: inode #3: block 1: comm kworker/u4:6: lblock 1 mapped to illegal pblock 1 (length 1)
[  176.042500][ T4318] Quota error (device loop5): remove_tree: Can't read quota data block 1
[  176.110249][ T4318] EXT4-fs error (device loop5): ext4_release_dquot:6245: comm kworker/u4:6: Failed to release dquot type 0
[  176.157070][ T8371] EXT4-fs error (device loop5): ext4_map_blocks:629: inode #3: block 48: comm syz.5.1428: lblock 0 mapped to illegal pblock 48 (length 1)
[  176.219989][ T8371] Quota error (device loop5): v2_read_header: Failed header read: expected=8 got=-117
[  176.290324][ T4290] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  176.695912][ T8397] loop5: detected capacity change from 0 to 256
[  176.816704][ T8397] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  177.121134][ T8383] loop1: detected capacity change from 0 to 32768
[  177.183639][ T8383] XFS (loop1): Mounting V5 Filesystem
[  177.191139][ T8391] loop3: detected capacity change from 0 to 131072
[  177.239569][ T8383] XFS (loop1): Ending clean mount
[  177.248821][ T8383] XFS (loop1): Quotacheck needed: Please wait.
[  177.272916][ T8411] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.297847][ T8391] F2FS-fs (loop3): Invalid segment/section count (31, 24 x 150994945)
[  177.306120][ T8391] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  177.321673][ T8391] F2FS-fs (loop3): invalid crc value
[  177.330582][ T8383] XFS (loop1): Quotacheck: Done.
[  177.393464][ T8418] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1449'.
[  177.399744][ T8391] F2FS-fs (loop3): Found nat_bits in checkpoint
[  177.441362][ T8391] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2
[  177.456807][ T4182] XFS (loop1): Unmounting Filesystem
[  177.478098][ T8391] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  177.485296][ T8391] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  177.500343][ T4290] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  177.530139][ T4290] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  177.588094][ T8391] F2FS-fs (loop3): sanity_check_inode: corrupted inode footer i_ino=8, ino,nid: [10986248, 8] run fsck to fix.
[  177.650174][ T4290] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  177.670296][ T4290] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  177.678324][ T4290] usb 5-1: SerialNumber: syz
[  177.809460][ T8432] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1455'.
[  177.848572][ T8432] device syz_tun entered promiscuous mode
[  177.930262][ T6270] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  177.992613][ T4290] usb 5-1: 0:2 : does not exist
[  178.019756][ T4290] usb 5-1: USB disconnect, device number 18
[  178.180297][ T6270] usb 1-1: Using ep0 maxpacket: 16
[  178.217223][ T8448] loop5: detected capacity change from 0 to 512
[  178.269089][ T4176] udevd[4176]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  178.300226][ T6270] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  178.300438][ T8448] EXT4-fs (loop5): mounted filesystem without journal. Opts: acl,dax=never,nodioread_nolock,auto_da_alloc=0x0000000000000002,resgid=0x000000000000ee01,delalloc,grpjquota=,nodioread_nolock,nouid32,,errors=continue. Quota mode: writeback.
[  178.327628][ T6270] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.336173][ T4249] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  178.358163][ T8448] ext4 filesystem being mounted at /105/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.366491][ T6270] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  178.387429][ T6270] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  178.397625][ T6270] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.409426][ T6270] usb 1-1: config 0 descriptor??
[  178.438551][ T8448] EXT4-fs error (device loop5): ext4_do_update_inode:5218: inode #2: comm syz.5.1463: corrupted inode contents
[  178.455547][ T8448] EXT4-fs error (device loop5): ext4_dirty_inode:6054: inode #2: comm syz.5.1463: mark_inode_dirty error
[  178.467984][ T8448] EXT4-fs error (device loop5): ext4_do_update_inode:5218: inode #2: comm syz.5.1463: corrupted inode contents
[  178.482767][ T8448] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #2: comm syz.5.1463: mark_inode_dirty error
[  178.620444][ T4249] usb 2-1: Using ep0 maxpacket: 8
[  178.692784][ T8465] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1466'.
[  178.750114][ T4249] usb 2-1: unable to get BOS descriptor or descriptor too short
[  178.757801][ T4249] usb 2-1: too many configurations: 73, using maximum allowed: 8
[  178.820407][ T4249] usb 2-1: unable to read config index 0 descriptor/start: -71
[  178.838290][ T4249] usb 2-1: can't read configurations, error -71
[  178.898646][ T6270] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0010/input/input23
[  178.933797][ T6270] microsoft 0003:045E:07DA.0010: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  179.010041][ T4233] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  179.139107][ T8481] sp0: Synchronizing with TNC
[  179.164752][ T6270] usb 1-1: USB disconnect, device number 11
[  179.280227][ T4233] usb 5-1: Using ep0 maxpacket: 32
[  179.288286][ T8485] sctp: [Deprecated]: syz.1.1479 (pid 8485) Use of struct sctp_assoc_value in delayed_ack socket option.
[  179.288286][ T8485] Use struct sctp_sack_info instead
[  179.430192][ T4233] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  179.446313][ T4233] usb 5-1: config 0 has no interface number 0
[  179.526278][ T8499] loop5: detected capacity change from 0 to 256
[  179.562897][ T8501] loop3: detected capacity change from 0 to 736
[  179.650351][ T4233] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  179.694852][ T4233] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.713087][ T4233] usb 5-1: Product: syz
[  179.717831][ T4233] usb 5-1: Manufacturer: syz
[  179.750424][ T4233] usb 5-1: SerialNumber: syz
[  179.775498][ T8511] loop0: detected capacity change from 0 to 128
[  179.780395][ T4233] usb 5-1: config 0 descriptor??
[  179.851416][ T4233] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  179.877735][ T8511] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  179.933284][ T8511] ext4 filesystem being mounted at /265/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  180.016120][ T8511] fscrypt (loop0, inode 12): Can't use IV_INO_LBLK_64 policy with contents mode other than AES-256-XTS
[  180.073075][ T4233] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  180.092723][ T4233] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  180.138762][ T8521] loop3: detected capacity change from 0 to 512
[  180.263339][ T8523] loop0: detected capacity change from 0 to 128
[  180.285931][ T8521] EXT4-fs (loop3): Ignoring removed bh option
[  180.310099][ T8521] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  180.334339][ T8521] EXT4-fs (loop3): 1 truncate cleaned up
[  180.334776][ T8507] loop1: detected capacity change from 0 to 32768
[  180.340271][    C1] quatech-serial ttyUSB0: qt2_process_read_urb - status message too short
[  180.363308][ T8523] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  180.378872][ T8521] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,resgid=0x0000000000000000,bh,noload,data_err=ignore,noblock_validity,,errors=continue. Quota mode: none.
[  180.385842][ T8523] hpfs: filesystem error: improperly stopped
[  180.408993][ T8523] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  180.433552][ T8523] hpfs: You really don't want any checks? You are crazy...
[  180.448786][ T8523] hpfs: hpfs_map_sector(): read error
[  180.454784][ T8523] hpfs: code page support is disabled
[  180.486125][ T8521] EXT4-fs warning (device loop3): verify_group_input:147: Cannot add at group 25 (only 1 groups)
[  180.518972][ T8523] hpfs: hpfs_map_4sectors(): unaligned read
[  180.524866][ T6270] usb 5-1: USB disconnect, device number 19
[  180.525062][    C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  180.527776][ T6270] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  180.578161][ T8523] hpfs: hpfs_map_4sectors(): unaligned read
[  180.604379][ T6270] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  180.616209][ T8523] hpfs: filesystem error: unable to find root dir
[  180.647541][ T6270] quatech2 5-1:0.51: device disconnected
[  180.836742][ T8527] kvm [8525]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010006 data 0x0
[  180.866956][ T8528] loop5: detected capacity change from 0 to 4096
[  180.916611][ T8533] netlink: 284 bytes leftover after parsing attributes in process `syz.3.1502'.
[  181.023735][ T7051] ntfs3: loop5: ntfs_evict_inode r=5 failed, -22.
[  181.044991][ T7051] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  181.205798][ T8549] device vlan3 entered promiscuous mode
[  181.220855][ T8549] device bond0 entered promiscuous mode
[  181.249677][ T8549] device bond_slave_0 entered promiscuous mode
[  181.290523][ T8549] device bond_slave_1 entered promiscuous mode
[  181.392529][ T8557] loop1: detected capacity change from 0 to 512
[  181.486857][ T8557] EXT4-fs error (device loop1): ext4_orphan_get:1427: comm syz.1.1499: bad orphan inode 11862016
[  181.497793][ T8557] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  181.508856][ T8557] ext4 filesystem being mounted at /291/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  181.589291][ T8565] loop0: detected capacity change from 0 to 136
[  181.642256][ T8571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1514'.
[  181.741654][ T8565] iso9660: Corrupted directory entry in block 2 of inode 1472
[  181.788482][ T8568] loop5: detected capacity change from 0 to 32768
[  181.988103][ T8568] XFS (loop5): Mounting V5 Filesystem
[  182.000512][ T8585] loop3: detected capacity change from 0 to 1024
[  182.025843][ T8590] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1519'.
[  182.108816][ T8585] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  182.154839][ T8568] XFS (loop5): Ending clean mount
[  182.257248][ T8600] capability: warning: `syz.4.1524' uses 32-bit capabilities (legacy support in use)
[  182.310705][ T7051] XFS (loop5): Unmounting Filesystem
[  182.554822][ T8602] loop0: detected capacity change from 0 to 8192
[  182.735089][ T8610] loop1: detected capacity change from 0 to 136
[  182.869324][ T8610] iso9660: Corrupted directory entry in block 2 of inode 1472
[  183.082104][ T8603] loop4: detected capacity change from 0 to 32768
[  183.155954][ T8603] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  183.202015][ T8603] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  183.253819][ T8634] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1537'.
[  183.283476][   T25] audit: type=1800 audit(1761850159.669:41): pid=8603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1526" name="file0" dev="loop4" ino=17058 res=0 errno=0
[  183.305272][ T8603] 
[  183.307604][ T8603] ======================================================
[  183.314612][ T8603] WARNING: possible circular locking dependency detected
[  183.321624][ T8603] syzkaller #0 Not tainted
[  183.326038][ T8603] ------------------------------------------------------
[  183.333048][ T8603] syz.4.1526/8603 is trying to acquire lock:
[  183.339021][ T8603] ffff88805f753f60 (&oi->ip_alloc_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xb3/0x320
[  183.349638][ T8603] 
[  183.349638][ T8603] but task is already holding lock:
[  183.356988][ T8603] ffff88805f753ff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa1/0x320
[  183.367600][ T8603] 
[  183.367600][ T8603] which lock already depends on the new lock.
[  183.367600][ T8603] 
[  183.377990][ T8603] 
[  183.377990][ T8603] the existing dependency chain (in reverse order) is:
[  183.386995][ T8603] 
[  183.386995][ T8603] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}:
[  183.394814][ T8603]        down_read+0x44/0x2e0
[  183.399493][ T8603]        ocfs2_init_acl+0x2fb/0x720
[  183.404688][ T8603]        ocfs2_mknod+0x142f/0x22b0
[  183.409804][ T8603]        ocfs2_mkdir+0x192/0x410
[  183.414740][ T8603]        vfs_mkdir+0x387/0x570
[  183.419515][ T8603]        do_mkdirat+0x1d7/0x5a0
[  183.424364][ T8603]        __x64_sys_mkdirat+0x85/0x90
[  183.429645][ T8603]        do_syscall_64+0x4c/0xa0
[  183.434591][ T8603]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  183.441010][ T8603] 
[  183.441010][ T8603] -> #3 (jbd2_handle){++++}-{0:0}:
[  183.448305][ T8603]        start_this_handle+0x1338/0x15a0
[  183.453938][ T8603]        jbd2__journal_start+0x2b7/0x5a0
[  183.459574][ T8603]        jbd2_journal_start+0x26/0x30
[  183.464948][ T8603]        ocfs2_start_trans+0x374/0x6c0
[  183.470407][ T8603]        ocfs2_symlink+0x10f1/0x25d0
[  183.475691][ T8603]        vfs_symlink+0x247/0x3d0
[  183.480623][ T8603]        do_symlinkat+0x1be/0x6c0
[  183.485642][ T8603]        __x64_sys_symlink+0x7a/0x90
[  183.490927][ T8603]        do_syscall_64+0x4c/0xa0
[  183.495859][ T8603]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  183.502317][ T8603] 
[  183.502317][ T8603] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  183.510836][ T8603]        down_read+0x44/0x2e0
[  183.515513][ T8603]        ocfs2_start_trans+0x368/0x6c0
[  183.520971][ T8603]        ocfs2_symlink+0x10f1/0x25d0
[  183.526251][ T8603]        vfs_symlink+0x247/0x3d0
[  183.531185][ T8603]        do_symlinkat+0x1be/0x6c0
[  183.536211][ T8603]        __x64_sys_symlink+0x7a/0x90
[  183.541494][ T8603]        do_syscall_64+0x4c/0xa0
[  183.546425][ T8603]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  183.552835][ T8603] 
[  183.552835][ T8603] -> #1 (sb_internal#4){.+.+}-{0:0}:
[  183.560307][ T8603]        ocfs2_start_trans+0x269/0x6c0
[  183.565769][ T8603]        ocfs2_truncate_file+0x60d/0x13b0
[  183.571489][ T8603]        ocfs2_setattr+0x143b/0x1a10
[  183.576783][ T8603]        notify_change+0xbcd/0xee0
[  183.581919][ T8603]        do_truncate+0x197/0x220
[  183.586854][ T8603]        path_openat+0x28af/0x2f30
[  183.591960][ T8603]        do_filp_open+0x1b3/0x3e0
[  183.596994][ T8603]        do_sys_openat2+0x142/0x4a0
[  183.602194][ T8603]        __x64_sys_creat+0x8c/0xb0
[  183.607306][ T8603]        do_syscall_64+0x4c/0xa0
[  183.612243][ T8603]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  183.618650][ T8603] 
[  183.618650][ T8603] -> #0 (&oi->ip_alloc_sem){++++}-{3:3}:
[  183.626513][ T8603]        __lock_acquire+0x2c33/0x7c60
[  183.631884][ T8603]        lock_acquire+0x197/0x3f0
[  183.636906][ T8603]        down_write+0x38/0x60
[  183.641594][ T8603]        ocfs2_try_remove_refcount_tree+0xb3/0x320
[  183.648088][ T8603]        ocfs2_truncate_file+0xda2/0x13b0
[  183.653808][ T8603]        ocfs2_setattr+0x143b/0x1a10
[  183.659089][ T8603]        notify_change+0xbcd/0xee0
[  183.664195][ T8603]        do_truncate+0x197/0x220
[  183.669125][ T8603]        path_openat+0x28af/0x2f30
[  183.674232][ T8603]        do_filp_open+0x1b3/0x3e0
[  183.679253][ T8603]        do_sys_openat2+0x142/0x4a0
[  183.684457][ T8603]        __x64_sys_creat+0x8c/0xb0
[  183.689564][ T8603]        do_syscall_64+0x4c/0xa0
[  183.694505][ T8603]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  183.700911][ T8603] 
[  183.700911][ T8603] other info that might help us debug this:
[  183.700911][ T8603] 
[  183.711127][ T8603] Chain exists of:
[  183.711127][ T8603]   &oi->ip_alloc_sem --> jbd2_handle --> &oi->ip_xattr_sem
[  183.711127][ T8603] 
[  183.724162][ T8603]  Possible unsafe locking scenario:
[  183.724162][ T8603] 
[  183.731596][ T8603]        CPU0                    CPU1
[  183.736949][ T8603]        ----                    ----
[  183.742303][ T8603]   lock(&oi->ip_xattr_sem);
[  183.746904][ T8603]                                lock(jbd2_handle);
[  183.753500][ T8603]                                lock(&oi->ip_xattr_sem);
[  183.760603][ T8603]   lock(&oi->ip_alloc_sem);
[  183.765185][ T8603] 
[  183.765185][ T8603]  *** DEADLOCK ***
[  183.765185][ T8603] 
[  183.773320][ T8603] 3 locks held by syz.4.1526/8603:
[  183.778434][ T8603]  #0: ffff88807b618460 (sb_writers#20){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90
[  183.787672][ T8603]  #1: ffff88805f7542c8 (&sb->s_type->i_mutex_key#26){+.+.}-{3:3}, at: do_truncate+0x183/0x220
[  183.798039][ T8603]  #2: ffff88805f753ff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa1/0x320
[  183.809085][ T8603] 
[  183.809085][ T8603] stack backtrace:
[  183.814961][ T8603] CPU: 0 PID: 8603 Comm: syz.4.1526 Not tainted syzkaller #0
[  183.822326][ T8603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  183.832381][ T8603] Call Trace:
[  183.835655][ T8603]  <TASK>
[  183.838580][ T8603]  dump_stack_lvl+0x168/0x230
[  183.843270][ T8603]  ? load_image+0x3b0/0x3b0
[  183.847776][ T8603]  ? show_regs_print_info+0x20/0x20
[  183.852979][ T8603]  ? print_circular_bug+0x12b/0x1a0
[  183.858172][ T8603]  check_noncircular+0x274/0x310
[  183.863107][ T8603]  ? add_chain_block+0x940/0x940
[  183.868036][ T8603]  ? lockdep_lock+0xdc/0x1e0
[  183.872635][ T8603]  ? lockdep_unlock+0x134/0x2d0
[  183.877482][ T8603]  ? mark_lock+0x94/0x320
[  183.881851][ T8603]  __lock_acquire+0x2c33/0x7c60
[  183.886706][ T8603]  ? mark_lock+0x94/0x320
[  183.891041][ T8603]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  183.897021][ T8603]  ? verify_lock_unused+0x140/0x140
[  183.902221][ T8603]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  183.907851][ T8603]  ? lockdep_hardirqs_on+0x94/0x140
[  183.913054][ T8603]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  183.918686][ T8603]  lock_acquire+0x197/0x3f0
[  183.923191][ T8603]  ? ocfs2_try_remove_refcount_tree+0xb3/0x320
[  183.929354][ T8603]  ? __might_sleep+0xf0/0xf0
[  183.933939][ T8603]  ? preempt_count_add+0x8d/0x190
[  183.938966][ T8603]  ? read_lock_is_recursive+0x10/0x10
[  183.944337][ T8603]  ? rwsem_write_trylock+0x12f/0x1b0
[  183.949627][ T8603]  ? clear_nonspinnable+0x60/0x60
[  183.954665][ T8603]  ? ocfs2_truncate_file+0xcc8/0x13b0
[  183.960040][ T8603]  down_write+0x38/0x60
[  183.964195][ T8603]  ? ocfs2_try_remove_refcount_tree+0xb3/0x320
[  183.970346][ T8603]  ocfs2_try_remove_refcount_tree+0xb3/0x320
[  183.976323][ T8603]  ? ocfs2_remove_refcount_tree+0xd50/0xd50
[  183.982210][ T8603]  ? preempt_count_add+0x8d/0x190
[  183.987229][ T8603]  ? up_write+0x1bb/0x420
[  183.991558][ T8603]  ocfs2_truncate_file+0xda2/0x13b0
[  183.996758][ T8603]  ? ocfs2_simple_size_update+0x470/0x470
[  184.002483][ T8603]  ? do_raw_spin_unlock+0x11d/0x230
[  184.007684][ T8603]  ? _raw_spin_unlock+0x24/0x40
[  184.012551][ T8603]  ? ocfs2_inode_lock_tracker+0x3e8/0x660
[  184.018268][ T8603]  ? ocfs2_inode_lock_atime+0x4e0/0x4e0
[  184.023821][ T8603]  ? ocfs2_rw_lock+0x134/0x240
[  184.028586][ T8603]  ? dquot_initialize+0x20/0x20
[  184.033458][ T8603]  ? ocfs2_create_new_inode_locks+0x640/0x640
[  184.039526][ T8603]  ? mark_lock+0x94/0x320
[  184.043860][ T8603]  ? jbd2_journal_begin_ordered_truncate+0xb7/0x150
[  184.050465][ T8603]  ocfs2_setattr+0x143b/0x1a10
[  184.055235][ T8603]  ? ocfs2_extend_allocation+0x1760/0x1760
[  184.061038][ T8603]  ? ktime_get_coarse_real_ts64+0x36/0x120
[  184.066840][ T8603]  ? seqcount_lockdep_reader_access+0x172/0x1c0
[  184.073078][ T8603]  ? ocfs2_xattr_get+0x12e/0x220
[  184.078053][ T8603]  ? ktime_get_coarse_real_ts64+0x10c/0x120
[  184.083945][ T8603]  ? current_time+0x1a5/0x2b0
[  184.088619][ T8603]  ? atime_needs_update+0x780/0x780
[  184.093814][ T8603]  ? __might_sleep+0xf0/0xf0
[  184.098396][ T8603]  ? preempt_count_add+0x8d/0x190
[  184.103423][ T8603]  ? bpf_lsm_inode_setattr+0x5/0x10
[  184.108619][ T8603]  ? try_break_deleg+0x79/0x120
[  184.113480][ T8603]  ? ocfs2_extend_allocation+0x1760/0x1760
[  184.119283][ T8603]  notify_change+0xbcd/0xee0
[  184.123885][ T8603]  do_truncate+0x197/0x220
[  184.128306][ T8603]  ? aa_get_task_label+0x21c/0x2c0
[  184.133415][ T8603]  ? rcu_lock_release+0x20/0x20
[  184.138265][ T8603]  ? ima_bprm_check+0x1f0/0x1f0
[  184.143113][ T8603]  ? bpf_lsm_path_truncate+0x5/0x10
[  184.148310][ T8603]  path_openat+0x28af/0x2f30
[  184.152911][ T8603]  ? __kasan_slab_alloc+0xb3/0xd0
[  184.157932][ T8603]  ? __kasan_slab_alloc+0x9c/0xd0
[  184.162965][ T8603]  ? verify_lock_unused+0x140/0x140
[  184.168164][ T8603]  ? do_filp_open+0x3e0/0x3e0
[  184.172844][ T8603]  do_filp_open+0x1b3/0x3e0
[  184.177342][ T8603]  ? vfs_tmpfile+0x300/0x300
[  184.181943][ T8603]  ? _raw_spin_unlock+0x24/0x40
[  184.186796][ T8603]  ? alloc_fd+0x598/0x630
[  184.191134][ T8603]  do_sys_openat2+0x142/0x4a0
[  184.195811][ T8603]  ? do_sys_open+0xe0/0xe0
[  184.200222][ T8603]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  184.206202][ T8603]  ? lock_chain_count+0x20/0x20
[  184.211053][ T8603]  ? vtime_user_exit+0x2dc/0x400
[  184.215998][ T8603]  __x64_sys_creat+0x8c/0xb0
[  184.220591][ T8603]  do_syscall_64+0x4c/0xa0
[  184.225001][ T8603]  ? clear_bhb_loop+0x30/0x80
[  184.229680][ T8603]  ? clear_bhb_loop+0x30/0x80
[  184.234355][ T8603]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  184.240242][ T8603] RIP: 0033:0x7ff939534fc9
[  184.244662][ T8603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.264271][ T8603] RSP: 002b:00007ff93779c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  184.272684][ T8603] RAX: ffffffffffffffda RBX: 00007ff93978bfa0 RCX: 00007ff939534fc9
[  184.280658][ T8603] RDX: 0000000000000000 RSI: d931d3864d39dd7b RDI: 0000200000000000
[  184.288663][ T8603] RBP: 00007ff9395b7f91 R08: 0000000000000000 R09: 0000000000000000
[  184.296625][ T8603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  184.304599][ T8603] R13: 00007ff93978c038 R14: 00007ff93978bfa0 R15: 00007ffef3054838
[  184.312582][ T8603]  </TASK>
[  184.356067][ T4191] ocfs2: Unmounting device (7,4) on (node local)
[  184.390076][ T8253] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  184.629975][ T8253] usb 2-1: Using ep0 maxpacket: 32
[  184.750031][ T8253] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  184.940132][ T8253] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  184.949185][ T8253] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  184.957530][ T8253] usb 2-1: Product: syz
[  184.961701][ T8253] usb 2-1: Manufacturer: syz
[  184.966394][ T8253] usb 2-1: SerialNumber: syz
[  184.972360][ T8253] usb 2-1: config 0 descriptor??
[  184.990171][ T8629] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  185.215743][ T8253] usb 2-1: USB disconnect, device number 18