last executing test programs:

6.963892277s ago: executing program 1 (id=175):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r1, 0x0, <r2=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x334e8b})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000040)={0x48, 0x6, r2, 0x334, 0x0, 0x0, 0x8, 0x7de95, 0x2, 0xffffffffffffff7b})

6.494893056s ago: executing program 1 (id=178):
unshare(0x6020400)
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_pressure(r1, &(0x7f0000000280)='cpu.pressure\x00', 0x2, 0x0)
read(r2, &(0x7f0000000040)=""/252, 0xfc)

6.305845059s ago: executing program 1 (id=181):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB="00000100000022"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_connect(0x3, 0x61, &(0x7f0000000840)=ANY=[@ANYBLOB="120101024d0bf308c505020076930102030109024f000105a3800909049f0502f652f0d909210d00000122e40f09050803ff030c029b090502080004c37310223055b42a9fd0a7d964ead5632881572c9641d9aa26769d883d0300aecb373d"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000700)={0x84, &(0x7f0000000640)=ANY=[@ANYBLOB="201104060000000101"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4.048736473s ago: executing program 1 (id=206):
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f00000000c0)='./file4\x00', 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="6e6f696e6c696e655f78617474722c6163746976655f6c6f67733d342c6e6f646973636172642c6661756c745f696e6a656374696f6e3d30303030303030303030303030303034313136302c6661756c745f747970653d30303030303030303030303030303030303030362c757365725f78617474722c6661756c745f747970653d30303030303030303030303030303030303030352c66617374626f6f742c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c000ce7e2bf64dcc28850d7c8cf301d9de5c501d9ade9ad845686de6a35fa221f313b4c91877885fc16c59409ba21606e7a10449f72c116fb28d8200197557459c9da918f1bbd23a76fadc2865d92a6b4ef01e0671b4d5ab76f74158fd07a9fa2c9b53c236172a2bac6c66d71804b6177e921a00856789660ecf7733680fd7d62d3a5b3c6204e59c01b6ee4754fd6d3598005214a0711cf8759006f48e66c0f6615957508eaf0aac8e72d6457dc2f557f6293b142786d356d543bf2882162490d9c633e96cc75ac796fcb5c8e79b6c6bd0268b9"], 0x21, 0x5548, &(0x7f00000058c0)="$eJzs3E1vG1UXAOBjp2nffrwlQizYdVCFlEi1Vacfgl2BVny2qgosWIFju5Zb2xPFrhu66oIlYsE/QSCxYslvYMGaHWIBYocE8txJoS2VKsWOSfM80vjMvXPnzL2jJNKZiRzAgbWS/f5rJU7G0YhYiogTEcV+pdwKl1J4MSJORUT1H1ul7H/QcTgijkXEyWnylLNSHvryzOT0hV/e+e27H44cOv7Vtz8ubtXAor0cEYPNtH93kGLeTfFW2d+c9Io4OD8pYzowuF228xTvdjaKDHebO+OaRTzXTePzzTujabzZb7amsdu7WfRvDtMFR5PuTp7ihFvNraLd7mwUsTfKi9i9l+a1fS/9bbs3Gqc87TLfp0X6GI93YurvbHfSejZvF7E1HJf9KW/e7mxP46SM5eWilffbxTw2dnOn/9Neeq83vLOdTTpbo14+zC7UG6/UGxdrja283Rl3zteag/bF89lqtz8dVht3moNL3Tzv9jv1Vj5Yy1a7rVat0chWL3c2es3h/Uajfq5+tnZhLUt7Z7I3r32Y9dvZ6jS+3hveGff6o+xmvpWlM9ay9fq5V9ey043s/avXs+s3rly5ev2Djy9/dO21q2+/UQ56bFrZ6vrZ9fVa42xtvbG2uxsw0/Vnc17/Z+WkZ7h+2JXKoicAsP+o/4FFmF/9v3Uj4vH6vzrj+j/U/zOxr+rfg17/z2H9sCvqfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA+un5a/fKnZWUvt42f//suv5sl2JiGpE/PkvluLwQzmXyjzLTxi//Mgcvq9EkWF6jSPldiwiLpXbH8/N+y4AAADAs+ub+6e+SNV6+lh5qrOOznlW7JH00KZ64pMZ5atExPLKzzPKVp1+vDCjZMXP96HYnlG24gHW/2aULD1yOzSrbE+l+HV/N4UHKylCJYXqo2fMbLUAAMDCLD0U9rYKAQAAYC99/sQjt/d0HuyxSuy8ytx5F1z85/3fL/uOprZXfwAAALB/VRY9AQAAAGDuivrf9/8BAADAsy19/x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBf7NxNbtpAGAbgz8Yu9E9FVfe9SndwjB6hyy4rDtBLcAR6hV6AM5BdjhBBhMdBISIJxGNQoueR7MGWeT3mZzEz0gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECfrurF9N+f73+75qw33eR5GgAAAOCQVb2YNi/G6fhje/5ze+pre1xERBkRh8bug3i3lzloc+pHrq8f9OF/RJOwvcew3T5ExI+0beJL358CAAAAvEnVdreczSdptJ5240v3is5O+A7TpE356WemWxcRUY+vM6WV27xvmcKa33cVvzOlNRNYo0xhacqtypV2lObvvpu1G91ritSUT78/27MDAABnNNhrzjsKAQAA4Jx+XboD9OH9s1cUcbeUuVsKHKZmtBdhsQ8AAABer+LSHQAAAAB614z/T6n/F8fU/6uy1/+LG/X/AAAA4MVS/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6tKoX0+VsPumas950k+dpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhlf95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmf7Q8U1yh4iouBBL3a7ra29iQclePBPEEK6rbFbf7Q52FKEXLxJzr2IHkUEJd76D3jqTWihl3rrYQ8VRPCyMrMz2UkTcGPIzJp8PvDmfXcymfd9MxDynTcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURu9M4yTbdCZxXOy79/jWStbff6LP3Nl4sJi1LI7qTPr/4aXqh6jbXCIAAAAcHUlZ34cQHqabS1kfd/L6Py2PyWr+b5+ZxGU9/2TdX/Zl7Z+1X35+9MLWQJ3JONlJL60OB6d3ptI6uFnOt2f/9YhWfuXzZy9JfkPi99efH6X59Yy+vnv33XYeHqsjWwDgvzhV9kVQ/j6U9f0mEwPgyGhVCu+i/v8r6TScFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEANRuvhqTKOQgiLrWmcuf/41spu/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8HEJoavS3i+lf+XCGg0No5PocVPD3eDze03cdbz7nfQVxcbNnOLg9Lzk3HzT4QwkAgEMpLVpW1z9MN5eyfdFCCOPvttf/r1XiMGP9/+ij8/eqY1Xr/35tM5x/vbWrn/Wu37j5xurV5cuDy4NP3jzTf6t/9sK5cxd6+bOSnicmAAAA7E+7aNX6P17Yuf5/shKHGev/z7/pfzkd6bd8q/7fabro13QmAAAAR9tzr/z5R7TL/qjdDl8sr61d60+2W5/PTLYNpLpnx4pWrf+ThaazAgAAAOowWo+2rf9frMRhxvX/p79/8cfqOZMQwoli/f/UyqfDi/VNZ67V8efETc8RAACAZp0oWnX9P83f/4+3XnmIQwivvzqJi38DOFP9n7z31Q/VsZLK+/9n65viXIq7k+uR990QWt1tX/61scQAAAA4lI4XLSv2f083lz7+6eQHbe//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTtnwAAAP//gQBD5A==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x9)
fallocate(r0, 0x0, 0x8003, 0x7)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x66842, 0x0)
write$snddsp(r0, &(0x7f0000000280)="b53252be", 0x4)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000840)="a60a3534256652", 0x7}], 0x1, 0x7, 0x0, 0xd)

3.705684489s ago: executing program 2 (id=208):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x541b, 0x0)

3.531482132s ago: executing program 0 (id=209):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)

3.294816077s ago: executing program 0 (id=210):
r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x4cfb, 0x80, 0x3, 0x135}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x42}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

2.668562089s ago: executing program 0 (id=212):
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = mq_open(&(0x7f0000000040)='!selinuxsel\xad\"\x0e\xabx\xb8\xc9\xa8x\x00', 0x6e93ebbbcc0884f2, 0x0, 0x0)
mq_notify(r0, &(0x7f0000000200))
mq_notify(r0, &(0x7f0000000180))

2.382674684s ago: executing program 0 (id=213):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f0000001ff0)={0x1d, r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)

2.014597842s ago: executing program 0 (id=214):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000001c0)={0x6c, 0x2, 0x6, 0x1, 0x6000006, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x21c}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x21c}}, @IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x174)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r2, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="e00000001000090500000000000000006f6d8864d22a3f2ffaa46c88bca90000002b0e13e735a3184f123d6da2f1acfac0ee2dd2b184b27db1f302de337c0004060000000000bf852c8986626691b01b2d44e4ce2871282828"], 0xe0}], 0x1}, 0x40040)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000200)=0x800000)

1.988479122s ago: executing program 1 (id=215):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
ioctl$HIDIOCSFEATURE(r1, 0xc0404806, &(0x7f0000000040))
write$UHID_SET_REPORT_REPLY(r0, &(0x7f00000001c0)={0xe, {0x1, 0x4, 0x6}}, 0xc)

1.770064856s ago: executing program 3 (id=216):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000740)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000009a5ab6e10c00000000000000040000000000000000000000000000000000000000000000ffffffffffffffff000000000020000000000000000000000000000000000000000a000000000000feffffffff7f40000200000000000008000000000000000001000000000000004400050000000000000000000000000000000000000000003c00000002000000ffffffff0002000000000000000000000600000004"], 0xfc}}, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @mcast2, 0x5}, 0x1c)

1.619321199s ago: executing program 3 (id=217):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
ioctl$SIOCGSTAMPNS(r0, 0x8907, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="050000000300000000000000", @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0)
read(r0, &(0x7f0000001480)=""/4096, 0x38)

1.446240203s ago: executing program 0 (id=218):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x1, &(0x7f00000001c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000c4b20710200e01015a00000000010902"], 0x0)
sendmmsg$inet(r0, &(0x7f0000001e40)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000ac0)="89e4192d", 0x4}], 0x1}}], 0x1, 0x40)

1.416902323s ago: executing program 3 (id=219):
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x1c, 0x0, 0x8, 0x2, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

1.413859073s ago: executing program 2 (id=220):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)

1.215774407s ago: executing program 3 (id=221):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffd, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="672d6a44b036", 0x0, 0x0, 0x0, 0x0, 0x0})
read$usbfs(r1, &(0x7f0000001040)=""/192, 0xc0)
write$tun(r1, &(0x7f0000000400)=ANY=[], 0xa2)

1.183327847s ago: executing program 2 (id=222):
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
mremap(&(0x7f0000006000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x10})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000b72000/0x400000)=nil, 0x400000}, 0x1})

964.494802ms ago: executing program 2 (id=223):
r0 = syz_open_dev$cec(&(0x7f0000000200), 0x0, 0x81)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000040)={'\x00\f\x00', 0x0, 0x5, 0x2, 0x0, 0x0, "00000000020000000000002100", "00004702", "0300", "97ad3700", ["fdffffff84a438dfc5d5c010", "d78cb8b0211a83be12ff0bff", "0000efffffffffffbfff00"]})
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x541b, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f00000000c0)={"4c97aef4", 0xb, 0x5, 0x0, 0x3, 0x1000006, "5b0004000001030094000000f000", "158ba859", "0725eade", '\'q6O', ["5a535857c62224475793eca7", "7f9ce2d2c4f439ff80e1d1c8", "fa89bbe62b42a3023be516d1", "969a13a6806ad2b97b77791a"]})

955.947012ms ago: executing program 3 (id=224):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[], 0x2, 0x62a6, &(0x7f0000009900)="$eJzs3c1vHGcdB/Df7JtfStOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFBQogjJ/6AHrhy4w8gUoIE6qmD1n4eZzxde+2k3ln7+XwkZ+Y3z4z3mXx3vLueGT8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMQPf/Dj81VEXP1VWnAy4nPRj+hFLI3rlYhYWjmZ1x9ExPOx2RzPRcRwIaLKjc9EvBYRH52IePDw7up40YV99uP7f/nnH37y1I/+8efh2f/99Xb/9d3Wu3Pnt//9273H318AAAAoUV3XdZU+5p9Kn+97XXcKAJiJ/PpfJ3m5eu7q9Tnrj1qtVquPYN1UT3avWUTEenOb8XsGp+MB4IhZj4+77gIdkn/RBhHxVNedAOZa1XUHOBQPHt5drVK+VfP1YGWrPV8LsiP/9Wr7/o7dptO0rzGZ1fNrI/rx7C79WZpRH+ZJzr/Xzv/qVvsorXfY+c/KbvmPtm59Kk7Ov9/Ov+X45N+bmH+pcv6DA+Xflz8AAAAAAMyx/Pv/kx2f/1148l3Zl73O/67MqA8AAAAAAAAA8Fl70vH/tlXG/wMAAIB5Nf6sPva7E4+WNa/1H8XO5VeqiKdb6wOFSTfLLHfdDwAAAAAAAAAAAAAoyWDrGt4rVcQwIp5eXq7revzV1K4P6km3P+pK338oWdc/5AEAYMtHJ1r38lcRixFxJf2tv+Hy8nJdLy4t18v10kJ+PztaWKyXGp9r83S8bGG0jzfEg1E9/maLje2apn1entbe/n7jxxrV/X10bDY6DBwAImLr1eiBV6Rjpq6fia7f5XA0OP6PH8c/+9H18xQAAAA4fHVd11X6c96n0jn/XtedAgBmIr/+t88LqNVqtVqtPn51Uz3ZvWYREevNbcbvGQzHDwBHzHp83HUX6JD8izaIiOe77gQw16quO8ChePDw7mqV8q2arwdpfPd8LciO/Nerze3y9pOm07SvMZnV82sj+vHsLv15bkZ9mCc5/147/6tb7aO03mHnPyu75T/ez5Md9KdrOf9+O/+W45N/b2L+pcr5Dw6Uf1/+AAAAAAAwx/Lv/0/O1fnf0ePuzlR7nf9dObRHBQAAAAAAAIDD9eDh3dV832s+//+FCeu5//N4yvlX8i9Szr/Xyv+rrfX6jfn7bz3K/z8P767+8fa/P5+n+81/Ic9U6ZlVpWdElR6pGqTpk+zdp20M+6PxIw2rXn+Qrvmph+/E9bgRa3Fux7q99P/xqP38jvZxT4eb7XV/q/3CjvbBdnve/uKO9mG60qleyu1nYjV+Hjfi7c32cdvClP1fnNJeT2nP+fcd/0XK+Q8aX+P8l1N71ZqO3f+w96njvjmd9DhvXv/ib84d/u5MtRH97X1rGu/fix30Z/P/5KlR/PLW2s0zd67dvn3zfKTJjqUXIk0+Yzn/Yfra/vn/0lZ7/rnfPF7vfzg6cP7zYiMGu+b/UmN+vL8vz7hvXcj5j9JXzv/t1D75+D9A/r0/zWxf9mOv4/+VDvoDAAAAAAAAAAAAAAAAe6nrevMW0Tcj4lK6/6erezMBgNnKr/91kpfPqu7P+PHU6iNeV3PWn5nWn9Tz1R+1+ijWTfVkbzSLiPh7c5vxe4ZfT/pmAMA8+yQi/tV1J+iM/AuW/97feHq6684AM3Xr/Q9+eu3GjbWbt7ruCQAAAAAAAADwuPL4nyuN8Z9P13V9r7XejvFf34qVJx3/dZBntgcY3WWg6v7B92kvG71Rv9cYbvyF2G387+H23F7jfw+mPN5wSvtoSvvClPbFKe0Tb/RoyPm/0Bjv/HREnGoNv/7Y47/Omb3Gf22PeV+CnP+LjefzOP+vtNZr5l///ijn39uR/9nb7/3i7K33P3j1+nvX3l17d+1nF8+fP3fx0qXLly+ffef6jbVzW/922OPDlfPPY1+7DrQsOf+cufzLkvP/UqrlX5ac/5dTLf+y5Pzz+z35lyXnnz/7yL8sOf+XUy3/suT8v5Zq+Zcl5/9KquVflpz/11Mt/7Lk/F9NtfzLkvM/k2r5lyXnfzbV+8x/6bD7xWzk/PMZLsd/WXL++coG+Zcl538h1fIvS87/YqrlX5ac/2upln9Zcv7fSLX8y5Lzv5Rq+Zcl5//NVMu/LDn/y6mWf1ly/t9KtfzLkvP/dqrlX5ac/+upln9Zcv7fSbX8y5Lz/26q5V+WnP/3Ui3/suT830i1/Mvy6O//mzFjxkye6fonEwAAAAAAAAAAAADQNovLibveRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCnv3FiPXXd8B/MzevHEgMRBSJzVh4xhjnE12fYkvtC4mXBtuJSEUesF2vWuz4BteuwQa1Y4CJRJGRRVtw0NbQKjNS4VV8UArQHlArSpVgvaBviAqVB6iKqCAVKmtgK1mzv//35nZ2Zld73h95pzPR4Kfd+bMnP858z9n5reb7xwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmt39htlP1bIsq9Vq+Q2bsuxF9XrTxKbGLa+9seMDAAAA1u7njf9/4dZ0w+EVPKhpmX+669tfXVhYWMjeN/yno59bWEh3TGTZ6IYsa9wXXf3B+2vNywRPZuO1oaafh3qsfrjH/SM97h/tcf9Yj/s39Lh/vMf9S3bAEjdltfRk2xr/3JTv0uy2bLRx37YOj3qytmGovu/SY7Na4zELoyeyuexUNptNtyyfL1trLP/1u+vremsW1zXUtK4t9Rnyk8ePxzHUwj7e1rKuxeeMfvT6bOKnP3n8+F9feP6OTrXnbmh5vnycO7bWx/mJcEs+1lq2Ie2TOM6hpnFu6fCaDLeMs9Z4XP3f7eN8YYXjHF4c5rpqf83Hs6HGv7/T2E8jtazDftoSbvufe7Isu7w47PZllqwrG8o2ttwytPj6jOczsv4c9an00myk+zxdqLXM07vTv5efp/U6s611nrYfE/H1vzs8bmSZMTS/TD96Yqzpdf/ZwrXM06i+1csdK+1zsN/HSlHmYJwX32ls9FMd5+C2sP2Pb19+DnacOx3mYNrupjm4tdccHBobbow5vQi1xmMWz5W7WpYfbqyp1qjPbe8+B6cunD43Nf+xj983d/rYydmTs2f27No1vWffvgMHDkydmDs1O53//zXu7eLbmA2lY2Br2HfxGHh127LNU3Xhi2NLzr/XehyOdzkON7Ut2+/jcKR942rrc0AundP5sfGe+k4fvzKULXOMNV6fnWs/DtN2Nx2HI03HYcf3lA7H4cgKjsP6Mud2ruwzy0jT/zqNYfn3grXNwU1Nc7D980j7HOz355GizMHxMC++t3P594ItYbxPTa7288jwkjmYNjece+q3pM/74wcapdO8vLN+x81j2cX52fP3P3bswoXzu7JQ1sXLmuZK+3zd2LRN2ZL5OrTq+Xp47q6n7uxw+6awr8bvq//f+LKvVX2Zvfd3f60a726d92fLrbuzUPos7M+FDeu0Pzu9m9f351iWff5bTzz8jcc//4Zl92e93/zE1No/i6e+tOn8O7rM+Tf2/b/I15ee6snh0ZH8+B1Oe2e05Xzc+lKNNM5dtca6X5jqcT4eyY7HMY3egPPxbV3Ox5vblu33+Xi0fePi+bjW67cda9P+eo6HeXJquvv5uL7M5t2rnZMjXc/H94RaC/v/NaFTSH1R09xZbt6mdY2MjIbtGolraJ2ne1qWHw29WX1dz+xe2eeG9nm64578uYbT1i1ar3k60bZsv+dp+t3XcvO01uu3b9em/fUcD/Pitj3d52l9mWf3rv3ceVP8Z9O5c6zXHBwdHquPeTRNwsb5Plu4Kc7B+7Pj2dnsVDbTuHesMZ9qjXVNPrCyOTgW/rfe58rNXebgjrZl+z0H0/vYcnOvNrJ04/ug/fUcD/Pi6Qe6z8H6Mm/c39/PrjvCLWmZps+u7b9fW+53Xne27abecyW2Jav/nVd9nN/a3/13s/VlTh1YbZ/ZfT/dG265ucN+aj9+lzumZrLV7qdrP6bq43z+wPL7qT6e+jKfO7jC+XQ4y7JLH3mw8fve8PeVv7v43a+2/N2l0990Ln3kwR+/+MQ/rmb8AAy+X+RlY/5e1/SXqZX8/R8AAAAYCLHvHwo10f8DAABAacS+P/5X4Yn+HwAAAEoj9v0joSYV6f83v/H5uV9cylIyfyGI96fd8FC+XMy4ToefJxYW1W9/8Muz//0Pl1a27qEsy3720B90XH7zQ3FcuYkwzqtvar19ia/et6J1H330Ulpvc379C+H54/asdBp0iuBOZ1n29Vs/01jPxPuvNOqzDx1t1IcvP/VkfZkXDuY/x8c/97J8+b8I4d/DJ461PP65sB9+GOr02zrvj/i4r1x5zZb9711cX3xcbestjc1++gP588bvyfnsk/nycT8vN/5vfPqZr9SXf+xVncd/aajz+J8Jz/vlUP/3Ffnyza9B/ef4uE+G8cf1xcfd/6Vvdhz/1U/ly597c77c0VDj+neEn7e9+fm55v31WO1Yy3Zlb8mXi+uf/u4fN+6Pzxefv33840eutOyP9vnx7L/lzzPVtny8Pa4n+vu29defp3l+xvU/80dHW/Zzr/Vfffi5V9Sft33997Ytd+4jOxvrX3y+1m9s+stPfqbj+uJ4Dv/tuZbtOfzucByH9T/9gTAfw/3/dzV/vvZvVzj67tbzT1z+C5suNW3P4jeSvvWn+fqvvu5ko24Yv2njzS968S2XX1nfd1n2nQ358/Va/8m/Otsy/i/enu+PeH9cY9yeXuL6z3908szZ+YtzM2mvPn5r47tz3p6PJ4731nBubf/5yNkLH5w9PzE9MZ1lE+X9Cr1r9qVQf5yXy92XXlhyBt35aHg97/zzr2/c/q+fjrf/+3vy26+8LX/fenVY7rPh9k3h9Vvd+pd6+u7bG8d37dkwwoWl3xe8Flu2/deBFS0Ytr/9c0Gc7+de/sHGfqjf13jfiMf1Gsf//Zn8eb4W9utC+Gbmrbcvrq95+fjdCFceyY/3Ne+/cJqLr+vfhNf7HT/Mnz+OK27v98PnmG9ubj3fxfnxtUtD7c/f+BaPy+F8kl3O749Lxf195YXbOw4vfg9JdvmOxs9/kp7njlVt5nLmPzY/dWruzMXHpi7Mzl+Ymv/Yx4+cPnvxzIUjje/yPPKhXo9fPD9tbJyfZmb37c0aZ6uzebnObvT4zz16fGb/9PaZ2RPHLp648Oi52fMnj8/PH5+dmd9+7MSJ2Y/2evzczKFduw/u2b978uTczKEDBw/uOTg5d+ZsfRj5oHrYN/3hyTPnjzQeMn9o78FdDzywd3ry9NmZ2UP7p6cnL/Z6fOO9abL+6N+fPD976tiFudOzk/NzH589tOvgvn27e34b4OlzJ+Ynps5fPDN1cX72/FS+LRMXGjfX3/t6PZ5ymv+P/PNsu1r+RXzZu+7dl76fte7LTyz7VPkibV8g+nz4Lpp/fsm5Ayv5Ofb9o6EmFen/AQAAoApi3z8WaqL/BwAAgNKIff+GUBP9PwAAAJRG7PvHQ00q0v+XLv+/+dKK1i//L//fvL/k/8uQ/19cvmf+/5Gi5f/z84X8f3+sNX8v/x/I/8v/y/8PTP5/Ibwhyf9TREXL/8e+/6Ysq2T/DwAAAFUQ+/6NoSb6fwAAACiN2PffHGqi/wcAAIDSiH3/i0JNKtL/y//L/8v/y//L/3dev/z/YJL/707+vwf5/6msWvn/y/0cv+v/y/+zVNHy/7Hvf3GoSUX6fwAAAKiC2PffEmqi/wcAAIDSiH3/raEm+n8AAAAojdj3bwo1qUj/L/8v/y//L/8v/995/fL/g0n+vzv5/x7k/13/X/5f/p++Klr+P/b9Lwk1qUj/DwAAAFUQ+/6Xhpro/wEAAKB4Rq7tYbHvf1moyZL+/xpXAAAAANxwse+/LWsLglfk7//y//L/xc//b0j3yf/L/2eFzP8PZ/L/xSH/3538fw/y//L/8v/y//RV0fL/jb4/G89eHmpSkf4fAAAAqiD2/beHmuj/AQAAoDRi3/9LoSb6fwAAACiN2PdvDjWpSP8v/y//f6Pz/6NtY3f9/8XHyf/nip//d/3/IpH/707+vwf5f/l/+X/5f/qqaPn/2PffEWpSkf4fAAAAqiD2/XeGmuj/AQAAoDRi3//LoSb6fwAAACiN2PdvCTWpSP8v/1/w/H9MjpY4/9/7+v/y//L/8v/y/ysn/9+d/H8P8v/y//L/8v/0VdHy/7Hvf0WoSUX6fwAAAKiC2PffFWqi/wcAAIDSiH3/K0NN9P8AAABQGrHvnwg1qUj/L/9f8Px/noMfK/P1/+X/5f/l/+X/+0n+vzv5/x7Cae5HWZbJ/1c4/x9bAvl/+X/WrGj5/9j33x1qUpH+HwAAAKog9v1bQ030/wAAAFAase+/J9RE/w8AAAClEfv+baEmFen/5f8HIv+fyf/L/8v/y//L/6+M/H938v89uP6//L/r/8v/01dFy//Hvv9VoSYV6f8BAACgCmLfvz3URP8PAAAApRH7/leHmuj/AQAAoDRi378j1KQi/b/8v/y//L/8v/x/5/XL/w8m+f/u5P97kP+X/5f/l/+nr4qW/499/2tCTSrS/wMAAEAVxL5/Z6iJ/h8AAABKI/b994aa6P8BAACgNGLfPxlqUpH+X/5f/l/+X/5f/r/z+uX/B5P8f3fy/z3I/8v/y//L/9NXRcv/x77/vlCTivT/AAAAUAWx778/1ET/DwAAAKUR+/6pUBP9PwAAAJRG7PunQ00q0v/L/8v/y//L/68q///KxeeV/8/J/xeL/H938v89yP/L/9/w/P+o/D+lUrT8f+z7d4WapMZv7Bq2EgAAACiS2PfvDjWpyN//AQAAoApi378n1ET/DwAAAKUR+/69oSYV6f/l/+X/5f/l/13/v/P65f8Hk/x/d/3P/8dNlP+X/5f/d/1/+X+WKlr+P/b9D4SaVKT/BwAAgCqIff++UBP9PwAAAJRG7Pv3h5ro/wEAAKA0Yt9/INSkIv2//L/8v/y//L/8f+f1y/8PJvn/7lz/v4fi5f9f1/zw9cz/19cl/y//L//P6j3yh80/FS3/H/v+g6EmFen/AQAAoApi3//aUBP9PwAAAJRG7Pt/JdSke/+/4fqOCgAAAOin2Pf/aqhJRf7+L/8v/y//L/8v/995/fL/g0n+vzv5/x6Kl/9v4fr/xR6//L/8P0sVLf8f+/5DoSYV6f8BAACgCmLf/2uhJvp/AAAAKI3Y978u1ET/DwAAAKUR+/7DoQad4tylJP8v/z+Y+f9x+X/5/9Ll/8fi88r/r4n8f3fy/z3I/8v/y//L/9NXRcv/x77/9aEm/v4PAAAApRH7/gdDTfT/AAAAUBqx739DqIn+HwAAAEoj9v1vDDWpSP8v/y//P5j5f9f/z+T/S5f/d/3//pD/707+vwf5f/l/+X/5f/qqaPn/2Pe/KdSkIv0/AAAAVEHs+98caqL/BwAAgNKIff9bQk30/wAAAFAase9/a6hJRfp/+X/5/xuZ/89dlv+X/2+Q/5f/7wf5/+7k/3uQ/5f/l/+X/6evipb/j33/r4eaVKT/BwAAgCqIff9DoSb6fwAAACiN2Pe/LdRE/w8AAAClEfv+t4eaVKT/l/+X/3f9f/l/+f/O65f/H0zy/90NWP7/57eE2+X/c/L/xR7/avP/I20/X5f8/w+Wy/8vbGh/vPw/10PR8v+x739HqElF+n8AAACogtj3vzPURP8PAAAApRH7/neFmjT1/339D+8AAACAdRf7/t8INanI3//l/+vjWEwvy//L/zdukP+X/5f/H1jy/90NWP7f9f/byP8Xe/yu/y//z1JFy//Hvv/doSYV6f8BAACgCmLf/3Coif4fAAAASiP2/Y+Emuj/AQAAoDRi3/+eUJOK9P/y/67/L/8v/y//33n98v+DSf6/O/n/HuT/5f+Llv//T/l/BlvR8v+x73801KQi/T8AAABUQez73xtqov8HAACA0oh9/2+Gmuj/AQAAoDRi3/++UJOK9P/y/4OS/58Y0Pz/E/L/1zH/f9ct+XLy//L/LJL/707+vwf5f/n/ouX/Xf+fAVe0/H/s+98farLy/n98xUsCAAAA19HIsvfEvv+3Qk0q8vd/AAAAqILY9/92qIn+HwAAAEoj9v2/E2pSkf5f/n9Q8v+u/5/J/7v+f9v2yP/L/3eyfvn/eOaR/5f/L1b+f9OqNrjVjc7Pr9WNHn918//5O6P8P50ULf8f+/7fDTWpSP8PAAAAVRD7/g+Emuj/AQAAYCB0+m+y28W+/0ioif4fAAAASiP2/UdDTSrS/8v/y//L/xc0//9nW//le99+59Fd8v/y//L/q7Ku1/+vH/yu/y//X7D8/1rc6Pz8eo2/tsylweT/Xf+f/ita/j/2/cdCTSrS/wMAAEAVxL7/90JN9P8AAABQGrHvPx5qov8HAACA0oh9/0yoSUX6f/l/+X/5/4Lm/wf4+v9xf8j/t+pb/j+edOX/O1rX/P97F3Pi8v+rzf+PdbxV/l/+f5DHL/8v/89SRcv/x75/NtSkIv0/AAAAVEHo+4dO5HXxDv0/AAAAlEbs+0+Gmuj/AQAAoDRi3//BUJOK9P/y//L/8v/y/67/33n93fL/tRHX/y8q+f/uipP/70z+X/5/kMcv/y//T5YtfjLPFS3/H/v+uVCTivT/AAAAUAWx7/9QqIn+HwAAAEoj9v0fDjXR/wMAAEBpxL7/VKhJRfp/+X/5f/l/+X/5//9n706+LK3rO47fgoauPmSRXRbZ5Jws8yewCOtknyyyySI5JyfnBJKQhMw0GZxFUXFWFGcFBxBEVJwncEJxBhUV5xEnRD3toer7/XYNT91bVX1v3+f5/V6vBd90hep77dNCf7r67TP8+qN9/r/+fy79/3z6/wX0//p//b/+n6UaW/+fu//v4pZO9j8AAAD0IHf/5XGL/Q8AAADNyN1/Rdxi/wMAAEAzcvf/fdzSyf7X/+v/m+3//1j/f9Dr6//1/y3T/8+n/19A/6//1//r/1mqsfX/ufv/IW7pZP8DAABAD3L3/2PcYv8DAABAM3L3Xxm32P8AAADQjNz9/xS3dLL/9/T/G7M++//MePX/LfX/nv9/4Ovr/8+h/79Q/z9257f/v+axf/Lp//X/+v+g/z9U/3/yoM/X/9OisfX/ufv/OW7pZP8DAABAD3L3/0vcYv8DAADA9O36kzebs6viFvsfAAAAmpG7/1/jlk72//Ke/39q6+MT7f+L/l//v/UB/b/+/6D+/8TZb+v/x8nz/+frqf+/8r5LLn/49t+/4yivr//X/3v+v/6f5Rpb/5+7/9/ilk72PwAAAPQgd/+/xy32PwAAADQjd/9/xC32PwAAADQjd/9/xi2d7P/l9f+Tfv5/0f/r/7c+oP/X/x/U//+Z5/+Pnf5/vp76/+O8vv5f/6//1/+zXOvu//M7zm/n7v+vuKWT/Q8AAAA9yN3/33GL/Q8AAADNyN1/ddxi/wMAAEAzcvefjls62f/6/9X3/7/R/+v/4+r/9f/6/9XT/8+n/19A/6//1//r/1mqdff/e7+du/+auKWT/Q8AAAA9yN3/P3GL/Q8AAADNyN3/v3GL/Q8AAADNyN3/f3FLJ/tf/+/5//p//b/+f/j19f/TpP+fT/+/gP7/XPv5i/T/E+z/4xdS+n9W4Yj9/6Nz/rG9lP4/d///xy2d7H8AAADoQe7+x8Ut9j8AAAA0I3f/4+MW+x8AAACakbv/CXFLJ/tf/6//1//r/4/d/+//qbdF/z9M/39+6P/nG03/v3Fi8MP6/8n3/57/P8X+P+j/WYWxPf8/d/8T45ZO9j8AAAD0IHf/k+KWOfv/yL+ZDwAAAKxV7v4nxy2+/g8AAACTl9VZ7v6nxC2d7H/9v/5f/6//9/z/4def1//fseP96f/HRf8/32j6/wPo//X/U37/+v+z/X/+2kz/z9j6/9z9T41bOtn/AAAA0IPc/dfGLfY/AAAANCN3/9PiFvsfAAAAmpG7/+lxSyf7f7j/P/v/1/8fjv5/9/vX/w///FhW/5/fo/5/bv9/mef/90n/P9/57/9P6v93f//6/xVa9/tvvP8/tejzPf+fIWPr/3P3Xxe3dLL/AQAAoAe5+58Rt9j/AAAA0Izc/c+MW+x/AAAAaEbu/mfFLZ3s/zU///+aiw96X/r/Lfp//b/n/4/z+f+z897/n9D/H5L+fz7P/19A/6//1/8v5fn/+n/S2Pr/3P3Xxy2d7H8AAADowfWPzLZ2/7NnM/sfAAAApmjnnx3Y+wdKQ+7+58Qt9j8AAAA0I3f/c+OWTvb/mvv/VT3//6JFr63/1//v/PHS/+v/h15/XP2/5/8flv5/Pv3/Avr/VfTzJxrr/2846PPH0P9frf9nZHb1/3ed/fi6+v/c/c+LWzrZ/wAAANCD3P3Pj1vsfwAAAGhG7v4XxC32PwAAADQjd/8L45ZO9v/K+/9TB7/2Cvv/hfT/+v+dP176f/3/0Ovr/6dJ/z+f/n8B/b/n/3v+v/6fpdrV/++wrv4/d/+L4pZO9j8AAAD0IHf/i+MW+x8AAACakbv/hrjF/gcAAIBm5O5/SdzSyf5v9Pn/C+n/9f87f7z0//r/odfX/0+T/n8+/f8C+n/9v/5/cf+/91/UQf/PkLH1/7n7Xxq3dLL/AQAAoAe5+2+MW+x/AAAAaEbu/pfFLfY/AAAANCN3/8vjlk72v/5/tf1/flz/r/+fHaX/j0/Q/2/T/+v/j2Jq/f/e//4cu1/fGPo30X4H9P/3/M3pP939Ef2//l//r//3/H+WYBT9/5mzv7rM3f+KuKWT/Q8AAAA9yN3/yrjF/gcAAIBm5O5/Vdxi/wMAAEAzcve/Om454v7/3aW+q/NH/+/5//r/Efb/Qf+/Tf+v/z+KqfX/e3n+v/5f/z/d96//1/+z3yj6/x3fzt3/mrjF1/8BAACgGbn7Xxu32P8AAADQjNz9r4tb7H8AAABoRu7+m+KWTva//l//r//X/+v/h1//uP3/5myY/v/80P/Pp/9fQP+v/9f/6/9ZqrH1/7n7b45bOtn/AAAA0IPc/a+PW+x/AAAAaEbu/jfELfY/AAAATEmmY4Ny978xbulk/+v/9f/6f/2//n/49T3/f5om2v/XPwan2v9fOKX+/5Y5b2Co/z9zUv+v/9f/6/85prH1/7n73xS3dLL/AQAAoAe5+2+JW+x/AAAAaEbu/lvjFvsfAAAAmpG7/81xSyf7X/+v/19m/5/0/8M/P/T/+n/9/+pNtP8vU+3/Pf9f/z/T/+v/9f8MGFv/n7v/trilk/0PAAAAPcjdf3vcYv8DAABAM3L3vyVusf8BAACgGbn774hbOtn/+n/9v+f/6//1/8Ovr/+fptX1/7P19f8PXXDU7+ZA+v8F9P/6f/2//p+lGlv/n7v/rXFLJ/sfAAAAepC7/864xf4HAACAZuTuf1vcYv8DAABAM3L3vz1u6WT/6//1/9Ps/6/bHHr/+n/9/0z/3z3P/59P/7+A/l//r//X/7NUY+v/c/e/I27pZP8DAABAD3L33xW32P8AAADQjNz974xb7H8AAABoRu7+d8Utnex//b/+f3f/P5tNo//3/P+Z/r+F/n9zpv9fOv3/fIfr/y/T/+v/2+r/L5g11P+fOvDz9f+M0dj6/9z9745bOtn/AAAA0IPc/e+JW+x/AAAAaMD2n53J3f/euMX+BwAAgDE7cZS/OXf/++KWTvb/9Pv/k3s+Uf8/m83uv6r55//r/2f6/xb6//pR1f8vj/5/Ps//X0D/32b/7/n/+n/WZmz9f+7+98ctnex/AAAA6EHu/g/ELfY/AAAANCN3/wfjFvsfAAAAmpG7/0NxSyf7f/r9/95P1P/Pzun5//r/rQ/o//X/+v/J0v/Pp/9fQP+/sJ/fOODXPTP9v/5f/8+AsfX/ufs/HLd0sv8BAACgB7n7745b7H8AAABoRu7+e+IW+x8AAACakbv/I3FLJ/tf/6//1/9Ps//f1P/r//X/g8bS/1966Z/cq//X/7fY/8+j/9f/6//Za2z9f+7+j8Ytnex/AAAA6EHu/o/FLfY/AAAANCN3/8fjFvsfAAAAmpG7/xNxSyf7f3//f9Fsu1DdNtT/R6Om/99B/7/7/ev/h39+eP6//l//v3pj6f89//9471//r/+f8vs/Uv//B/s/X/9Pi8bW/+fuvzdu6WT/AwAAQA9y938ybrH/AQAAoBm5+z8Vt9j/AAAA0Izc/ffFLZ3sf8//1//r//X/+v/h19f/T5P+fz79/wL6f/2/5/9f8VcX6v9ZnrH1/7n7Px23bA2/P/ydY/7HBAAAAEYkd/9n4pZOvv4PAAAAPcjd/9m4xf4HAACAZuTu/1zc0sn+1//r//X/+n/9//Dr6/+nSf8/n/5/gX76/82hD667nz9X637/zfT/nv/PEo2t/8/d//m4pZP9DwAAAD3I3f+FuMX+BwAAgGbk7v9i3GL/AwAAQDNy998ft3Sy//X/+v/2+/+/1P/veX39v/6/Zfr//Df6MP3/Av30/4PW3c9P/f3r//X/7De2/j93/wNxSyf7HwAAAHqQu/9LcYv9DwAAAM3I3f/luMX+BwAAgGbk7v9K3NLJ/tf/99X/b8x67P89/1//r//vyXT6/xtPDH3U8//1//r/6b5//b/+n/3G1v/n7n9w40SX+x8AAACm6s//6G8fOOzf++DWXzdnX41b7H8AAABoRu7+r8Ut9j8AAAA0I3f/1+OWTva//r+v/r/P5//r//X/+v+eTKf/H6b/1//r/6f7/vX/+n/2G1v/n7v/obhlx/Ab/B/oAQAAACYjd/834pZOvv4PAAAAPcjd/824Zd/+P3PIP9UOAAAAjE3u/m/FLZ18/V//P/L+f7ai/j/+Pv3/Nv2//n/o9fX/09Ra/39yNqr+/8yG/l//P4f+X/+v/2evsfX/ufvvvG3W5f4HAACARu36HYVvb/11c/aduMX+BwAAgGbk7v9u3GL/AwAAQDNy938vbulk/+v/R97/H+v5/6fq//L8/877/2s3B19f/6//b1lr/b/n/29/XP+/Tf8/7vev/9f/s98R+v+tQbrq/j93//fjlk72PwAAAPQgd/8P4hb7HwAAAJqRu/+HcYv9DwAAAM3I3f+juKWT/a//X0P/f93J2Wyl/f8hnv+v/++j/z/g9dvp/3/vktN3/8Vf33qz/p+zzmf/nz8X9P/6/zX0/zfFzz/9/4jev/5f/89+Y3v+f+7+H8ctnex/AAAA6EHu/ofjFvsfAAAAmpG7/ydxi/0PAAAAzcjd/9O4pZP9r/9v8fn/0+z/88d6Df3/6en1/9kU997/e/6//n8/z/+fT/+/wHT6/61ve/7/uN6//l//z35j6/9z9/8sbulk/wMAAEAPcvf/PG7J/b9x5N+6BwAAAEYmd/8v4hZf/wcAAIBm5O5/JG7pZP/r//X/Y+n/k+f/n/08z//fpv/X/x+F/n8+/f8C+n/9v/5f/89Sja3/z93/y7ilk/0PAAAAPcjd/2jcYv8DAABAM3L3/ypusf8BAACgGbn7fx23dLL/9f/6f/2//l//P/z6+v9p0v/Pp/9/zMUHvwH9v/5f/6//Z6nG1v/n7v9tAAAA//89hVJZ")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000, 0xa00}])

329.368334ms ago: executing program 2 (id=225):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x5, @ipv4={'\x00', '\xff\xff', @empty}, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
r1 = fcntl$dupfd(r0, 0x406, r0)
write$cgroup_pid(r1, &(0x7f0000000240), 0xfdef)
read$FUSE(r1, &(0x7f0000000700)={0x2020}, 0x2020)

179.172017ms ago: executing program 2 (id=226):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), r0)
r2 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x200)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r2, 0xab00, r3)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x70bd2b, 0x6, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8004}, 0x0)

169.265857ms ago: executing program 3 (id=227):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000cc0)={'ip_vti0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x24, r1, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r4}]}, 0x24}}, 0x0)

0s ago: executing program 1 (id=228):
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x5}, 0x0)
r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd)
r1 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000540), &(0x7f0000000380)={'syz', 0x2}, &(0x7f0000000580)="ed", 0x1, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r2, r0, r1}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={'blake2b-256\x00'}})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.173' (ED25519) to the list of known hosts.
[   79.257334][ T5779] cgroup: Unknown subsys name 'net'
[   79.423798][ T5779] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   81.182164][ T5779] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   82.970005][ T5796] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   82.985586][ T5800] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   82.987489][ T5799] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   82.995758][ T5801] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   83.001702][ T5796] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   83.016224][ T5796] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   83.024782][ T5796] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   83.026755][ T5801] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   83.032072][ T5799] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   83.048630][ T5799] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   83.049515][ T5801] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   83.056434][ T5799] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   83.066720][ T5801] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   83.070865][ T5796] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   83.088466][ T5799] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   83.093865][ T5804] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   83.104322][ T5799] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   83.106328][ T5801] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   83.121830][ T5801] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   83.131905][ T5801] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   83.141440][ T5801] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   83.183983][ T5799] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   83.194506][ T5799] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   83.203519][ T5799] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   83.606037][ T5793] chnl_net:caif_netlink_parms(): no params data found
[   83.842339][ T5793] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.850055][ T5793] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.857929][ T5793] bridge_slave_0: entered allmulticast mode
[   83.866113][ T5793] bridge_slave_0: entered promiscuous mode
[   83.902535][ T5793] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.910080][ T5793] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.917582][ T5793] bridge_slave_1: entered allmulticast mode
[   83.924732][ T5793] bridge_slave_1: entered promiscuous mode
[   83.966977][ T5789] chnl_net:caif_netlink_parms(): no params data found
[   83.982736][ T5793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.011083][ T5793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.044251][ T5790] chnl_net:caif_netlink_parms(): no params data found
[   84.110956][ T5802] chnl_net:caif_netlink_parms(): no params data found
[   84.130860][ T5793] team0: Port device team_slave_0 added
[   84.168303][ T5793] team0: Port device team_slave_1 added
[   84.214925][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.222702][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.230278][ T5789] bridge_slave_0: entered allmulticast mode
[   84.238102][ T5789] bridge_slave_0: entered promiscuous mode
[   84.277381][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.285020][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.292984][ T5789] bridge_slave_1: entered allmulticast mode
[   84.300341][ T5789] bridge_slave_1: entered promiscuous mode
[   84.325850][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.333016][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.359791][ T5793] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.373880][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.381381][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.408974][ T5793] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.480142][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.493950][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.504516][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.513082][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.522551][ T5790] bridge_slave_0: entered allmulticast mode
[   84.530209][ T5790] bridge_slave_0: entered promiscuous mode
[   84.592233][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.600752][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.608400][ T5790] bridge_slave_1: entered allmulticast mode
[   84.615798][ T5790] bridge_slave_1: entered promiscuous mode
[   84.633182][ T5802] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.640727][ T5802] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.648316][ T5802] bridge_slave_0: entered allmulticast mode
[   84.655710][ T5802] bridge_slave_0: entered promiscuous mode
[   84.667537][ T5789] team0: Port device team_slave_0 added
[   84.694726][ T5802] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.702478][ T5802] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.710417][ T5802] bridge_slave_1: entered allmulticast mode
[   84.719065][ T5802] bridge_slave_1: entered promiscuous mode
[   84.728347][ T5789] team0: Port device team_slave_1 added
[   84.742405][ T5793] hsr_slave_0: entered promiscuous mode
[   84.750721][ T5793] hsr_slave_1: entered promiscuous mode
[   84.814620][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.851085][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.858390][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.886244][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.899655][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.907492][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.934656][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.948571][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.973464][ T5802] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.986885][ T5802] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.046802][ T5790] team0: Port device team_slave_0 added
[   85.071599][ T5802] team0: Port device team_slave_0 added
[   85.090283][ T5790] team0: Port device team_slave_1 added
[   85.114938][ T5802] team0: Port device team_slave_1 added
[   85.156350][ T5799] Bluetooth: hci2: command tx timeout
[   85.162026][ T5800] Bluetooth: hci1: command tx timeout
[   85.193793][ T5789] hsr_slave_0: entered promiscuous mode
[   85.200559][ T5789] hsr_slave_1: entered promiscuous mode
[   85.208277][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   85.216569][ T5789] Cannot create hsr debugfs directory
[   85.223451][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.231561][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.258411][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.258426][ T5799] Bluetooth: hci0: command tx timeout
[   85.271531][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.275241][ T5800] Bluetooth: hci3: command tx timeout
[   85.292712][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.320608][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.346311][ T5802] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.353569][ T5802] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.380511][ T5802] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.394311][ T5802] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.403018][ T5802] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.430498][ T5802] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.544066][ T5802] hsr_slave_0: entered promiscuous mode
[   85.551515][ T5802] hsr_slave_1: entered promiscuous mode
[   85.558789][ T5802] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   85.566915][ T5802] Cannot create hsr debugfs directory
[   85.577582][ T5790] hsr_slave_0: entered promiscuous mode
[   85.584614][ T5790] hsr_slave_1: entered promiscuous mode
[   85.596420][ T5790] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   85.605276][ T5790] Cannot create hsr debugfs directory
[   85.954548][ T5793] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   85.967285][ T5793] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   85.981463][ T5793] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   86.000777][ T5793] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   86.086556][ T5789] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   86.098742][ T5789] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   86.111130][ T5789] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   86.122227][ T5789] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   86.218384][ T5790] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   86.234146][ T5790] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   86.244067][ T5790] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   86.282296][ T5790] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   86.362983][ T5802] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   86.372735][ T5802] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   86.384708][ T5802] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   86.402012][ T5802] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   86.427416][ T5793] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.491708][ T5793] 8021q: adding VLAN 0 to HW filter on device team0
[   86.517064][ T3485] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.524453][ T3485] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.560150][ T3485] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.567694][ T3485] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.611025][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.680996][ T5789] 8021q: adding VLAN 0 to HW filter on device team0
[   86.727326][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.735011][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.761033][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.776068][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.783341][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.833881][ T5802] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.872722][ T5790] 8021q: adding VLAN 0 to HW filter on device team0
[   86.896356][ T5802] 8021q: adding VLAN 0 to HW filter on device team0
[   86.934295][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.941562][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.953832][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.961107][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.994956][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.002262][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.030411][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.038014][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.231661][ T5802] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   87.251048][ T5800] Bluetooth: hci2: command tx timeout
[   87.257544][ T5799] Bluetooth: hci1: command tx timeout
[   87.315524][ T5800] Bluetooth: hci3: command tx timeout
[   87.320235][ T5793] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.321156][ T5800] Bluetooth: hci0: command tx timeout
[   87.433585][ T5793] veth0_vlan: entered promiscuous mode
[   87.490452][ T5793] veth1_vlan: entered promiscuous mode
[   87.607017][ T5793] veth0_macvtap: entered promiscuous mode
[   87.647280][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.659252][ T5793] veth1_macvtap: entered promiscuous mode
[   87.752254][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_0
[   87.769305][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_1
[   87.784913][ T5793] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.797522][ T5793] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.807414][ T5793] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.816902][ T5793] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.898137][ T5802] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.909055][ T5789] veth0_vlan: entered promiscuous mode
[   87.921524][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.986282][ T5789] veth1_vlan: entered promiscuous mode
[   88.056792][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.070900][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.149086][ T5790] veth0_vlan: entered promiscuous mode
[   88.159317][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.164835][ T5790] veth1_vlan: entered promiscuous mode
[   88.181050][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.183238][ T5789] veth0_macvtap: entered promiscuous mode
[   88.221162][ T5789] veth1_macvtap: entered promiscuous mode
[   88.290366][ T5802] veth0_vlan: entered promiscuous mode
[   88.322336][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   88.339101][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.354272][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.373181][ T5790] veth0_macvtap: entered promiscuous mode
[   88.387013][ T5802] veth1_vlan: entered promiscuous mode
[   88.410372][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   88.422135][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.439131][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.451207][ T5790] veth1_macvtap: entered promiscuous mode
[   88.482200][ T5789] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.494810][ T5789] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.507203][ T5789] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.520897][ T5789] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.566628][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   88.586554][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.598081][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   88.609161][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.621220][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.652663][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   88.653063][  T787] kernel read not supported for file /admmidi2 (pid: 787 comm: kworker/0:2)
[   88.664638][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.694220][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   88.705970][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.717858][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.760720][ T5802] veth0_macvtap: entered promiscuous mode
[   88.792946][ T5790] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.805764][ T5790] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.814795][ T5790] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.823903][ T5790] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.857442][ T5802] veth1_macvtap: entered promiscuous mode
[   88.978755][ T3450] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.003305][ T3450] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.020640][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.036801][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.047386][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.058620][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.069095][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.080571][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.095740][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.136665][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.145068][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.162201][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.174055][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.186732][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.202809][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.213488][ T5802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.224720][ T5802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.237814][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.281363][ T5802] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.298506][ T5802] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.308026][ T5802] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.317555][ T5802] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.321149][ T5800] Bluetooth: hci2: command tx timeout
[   89.333305][ T5799] Bluetooth: hci1: command tx timeout
[   89.356270][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.364424][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.399244][ T5800] Bluetooth: hci0: command tx timeout
[   89.401556][ T5799] Bluetooth: hci3: command tx timeout
[   89.549681][ T3450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.573407][ T3450] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.668331][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.688977][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.883955][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.918131][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.951399][ T5903] syz.3.10[5903]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   90.040538][ T5903] loop3: detected capacity change from 0 to 1024
[   90.323234][ T5907] loop0: detected capacity change from 0 to 1024
[   90.342908][ T5907] ext4: Unknown parameter 'context'
[   90.554649][ T5909] loop2: detected capacity change from 0 to 512
[   90.591160][ T5909] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   90.653258][ T5909] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   90.742366][ T5909] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   90.772499][ T5909] EXT4-fs (loop2): 1 truncate cleaned up
[   90.781055][ T5909] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.913454][ T5909] EXT4-fs (loop2): shut down requested (2)
[   90.923058][ T5909] syz.2.12 (pid 5909) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   91.107083][ T5802] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.349463][ T5925] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   91.397356][ T5799] Bluetooth: hci2: command tx timeout
[   91.397384][ T5800] Bluetooth: hci1: command tx timeout
[   91.475587][ T5800] Bluetooth: hci0: command tx timeout
[   91.476045][ T5799] Bluetooth: hci3: command tx timeout
[   91.522796][ T5924] loop3: detected capacity change from 0 to 8192
[   91.535494][ T5837] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   91.565548][ T5924] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   91.583128][ T5924] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[   91.594348][ T5924] REISERFS (device loop3): using ordered data mode
[   91.604961][ T5924] reiserfs: using flush barriers
[   91.615071][ T5924] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   91.647657][ T5924] REISERFS (device loop3): checking transaction log (loop3)
[   91.688433][ T5924] REISERFS (device loop3): Using r5 hash to sort names
[   91.718152][ T5924] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[   91.746829][ T5837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   91.790434][ T5837] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   91.801873][ T5934] loop6: detected capacity change from 0 to 1
[   91.819119][ T5797]  loop6: [POWERTEC] p1 p2 p3 p4 p5 p6
[   91.828002][ T5837] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.832624][ T5797] loop6: p1 start 1048576 is beyond EOD, truncated
[   91.869157][   T28] audit: type=1800 audit(1758553745.727:2): pid=5924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.18" name="file1" dev="loop3" ino=2 res=0 errno=0
[   91.871215][ T5837] usb 1-1: config 0 descriptor??
[   91.889847][ T5797] loop6: p2 size 458752 extends beyond EOD, truncated
[   91.921309][ T5797] loop6: p3 start 12666 is beyond EOD, truncated
[   91.934120][ T5797] loop6: p4 start 16387 is beyond EOD, truncated
[   91.955022][ T5797] loop6: p5 start 2037579777 is beyond EOD, truncated
[   91.987533][ T5797] loop6: p6 start 425986 is beyond EOD, truncated
[   92.020342][ T5934]  loop6: [POWERTEC] p1 p2 p3 p4 p5 p6
[   92.036447][ T5934] loop6: p1 start 1048576 is beyond EOD, truncated
[   92.063239][ T5934] loop6: p2 size 458752 extends beyond EOD, truncated
[   92.088199][ T5934] loop6: p3 start 12666 is beyond EOD, truncated
[   92.094896][ T5934] loop6: p4 start 16387 is beyond EOD, truncated
[   92.114395][ T5934] loop6: p5 start 2037579777 is beyond EOD, truncated
[   92.133969][ T5934] loop6: p6 start 425986 is beyond EOD, truncated
[   92.222199][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[   92.235322][ T5837] usbhid 1-1:0.0: can't add hid device: -71
[   92.241725][ T5837] usbhid: probe of 1-1:0.0 failed with error -71
[   92.287323][ T5837] usb 1-1: USB disconnect, device number 2
[   92.404103][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[   92.459262][    T9] cfg80211: failed to load regulatory.db
[   92.491791][ T5942] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 747
[   92.558671][ T5944] iommufd_mock iommufd_mock1: Adding to iommu group 0
[   92.926196][   T27] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   93.125258][   T27] usb 1-1: Using ep0 maxpacket: 32
[   93.138077][   T27] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   93.168798][ T5954] loop1: detected capacity change from 0 to 32768
[   93.199737][   T27] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[   93.231613][ T5954] JBD2: Ignoring recovery information on journal
[   93.239736][   T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.275608][   T27] usb 1-1: config 0 descriptor??
[   93.291526][   T27] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[   93.300622][ T5954] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[   93.319533][   T27] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[   93.441471][ T5954] OCFS2: ERROR (device loop1): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[   93.463781][    C0] vkms_vblank_simulate: vblank timer overrun
[   93.470517][ T5954] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[   93.481722][ T5954] OCFS2: File system is now read-only.
[   93.487478][ T5954] (syz.1.30,5954,0):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30
[   93.496920][ T5954] (syz.1.30,5954,0):__ocfs2_claim_clusters:2355 ERROR: status = -30
[   93.505263][ T5954] (syz.1.30,5954,0):__ocfs2_claim_clusters:2363 ERROR: status = -30
[   93.513619][ T5954] (syz.1.30,5954,0):ocfs2_add_clusters_in_btree:4831 ERROR: status = -30
[   93.522334][ T5954] (syz.1.30,5954,0):ocfs2_write_cluster:1153 ERROR: status = -30
[   93.530304][ T5954] (syz.1.30,5954,0):ocfs2_write_cluster_by_desc:1248 ERROR: status = -30
[   93.539033][ T5954] (syz.1.30,5954,0):ocfs2_write_begin_nolock:1820 ERROR: status = -30
[   93.548926][ T5954] (syz.1.30,5954,0):ocfs2_write_begin:1907 ERROR: status = -30
[   93.705588][ T5790] ocfs2: Unmounting device (7,1) on (node local)
[   93.814713][ T5781] usb 1-1: USB disconnect, device number 3
[   93.842721][ T5781] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[   94.953739][ T5979] loop2: detected capacity change from 0 to 32768
[   94.998655][ T5979] =======================================================
[   94.998655][ T5979] WARNING: The mand mount option has been deprecated and
[   94.998655][ T5979]          and is ignored by this kernel. Remove the mand
[   94.998655][ T5979]          option from the mount to silence this warning.
[   94.998655][ T5979] =======================================================
[   95.089380][ T5979] XFS: noikeep mount option is deprecated.
[   95.189499][ T5979] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   95.226220][ T5981] loop1: detected capacity change from 0 to 32768
[   95.419038][ T6009] loop3: detected capacity change from 0 to 1024
[   95.450650][ T6009] EXT4-fs: Ignoring removed bh option
[   95.485619][   T27] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   95.524358][ T5979] XFS (loop2): Ending clean mount
[   95.553179][ T6009] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[   95.569817][ T5979] XFS (loop2): Quotacheck needed: Please wait.
[   95.671497][ T5979] XFS (loop2): Quotacheck: Done.
[   95.685562][ T6013] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.48: corrupted in-inode xattr: e_value out of bounds
[   95.718081][   T27] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.745229][   T27] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.775867][   T27] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   95.815262][   T27] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   95.835459][   T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.862164][   T27] usb 1-1: config 0 descriptor??
[   95.897141][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[   96.074186][ T5802] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   96.333203][   T27] plantronics 0003:047F:FFFF.0001: ignoring exceeding usage max
[   96.390334][   T27] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[   96.463495][   T27] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   96.589455][   T28] audit: type=1326 audit(1758553750.447:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.51" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7fc936385d67 code=0x0
[   96.624211][ T6020] loop1: detected capacity change from 0 to 1024
[   96.643933][ T6020] EXT4-fs: Ignoring removed nomblk_io_submit option
[   96.690066][ T6020] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.793206][ T6015] loop3: detected capacity change from 0 to 32768
[   96.871562][ T6015] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   96.937573][ T6015] XFS (loop3): Ending clean mount
[   96.949032][ T6015] XFS (loop3): Quotacheck needed: Please wait.
[   97.018208][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.023185][ T6015] XFS (loop3): Quotacheck: Done.
[   97.056944][    C0] plantronics 0003:047F:FFFF.0001: hid_field_extract() called with n (132) > 32! (syz.3.50)
[   97.198030][ T6033] loop1: detected capacity change from 0 to 512
[   97.226066][ T6033] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.52: casefold flag without casefold feature
[   97.259571][   T27] usb 1-1: USB disconnect, device number 4
[   97.268209][ T6033] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.52: couldn't read orphan inode 15 (err -117)
[   97.289118][ T6033] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.434552][ T6036] loop2: detected capacity change from 0 to 128
[   97.481527][ T6036] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   97.544670][ T6036] ext4 filesystem being mounted at /13/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   97.578980][    C0] vkms_vblank_simulate: vblank timer overrun
[   97.600604][ T5789] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   97.672303][ T5802] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   97.727255][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.025259][ T6041] syz.1.56 uses obsolete (PF_INET,SOCK_PACKET)
[   98.248693][ T6047] mmap: syz.0.57 (6047) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   98.382011][ T6049] loop1: detected capacity change from 0 to 1024
[   98.577351][ T6039] loop2: detected capacity change from 0 to 32768
[   98.610892][ T6039] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.55 (6039)
[   98.645672][   T39] hfsplus: b-tree write err: -5, ino 4
[   98.706314][ T6039] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   98.742762][ T6039] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[   98.784553][ T6039] BTRFS info (device loop2): turning on sync discard
[   98.791914][ T6039] BTRFS info (device loop2): enabling disk space caching
[   98.807211][ T6039] BTRFS warning (device loop2): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[   98.827165][ T6039] BTRFS info (device loop2): trying to use backup root at mount time
[   98.925753][ T6039] BTRFS info (device loop2): force clearing of disk cache
[   98.943986][ T6039] BTRFS info (device loop2): disk space caching is enabled
[   98.991766][ T6055] loop3: detected capacity change from 0 to 2048
[   99.122316][ T6071] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   99.235629][ T6039] BTRFS info (device loop2): rebuilding free space tree
[   99.426418][ T6039] BTRFS info (device loop2): disabling free space tree
[   99.460462][ T6039] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   99.509384][ T6039] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   99.540477][ T6071] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[   99.565235][ T6071] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4)
[   99.608529][ T6071] Remounting filesystem read-only
[   99.630011][ T6080] iommufd_mock iommufd_mock1: Adding to iommu group 0
[   99.835040][ T5789] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer
[   99.857493][ T5789] NILFS (loop3): discard dirty page: offset=0, ino=18
[   99.874531][ T5789] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[   99.884624][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[   99.896116][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[   99.929129][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[   99.939622][ T5789] NILFS (loop3): discard dirty page: offset=0, ino=2
[   99.948552][ T5789] NILFS (loop3): discard dirty block: blocknr=18, size=1024
[   99.956833][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[   99.966468][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[   99.983663][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.000680][ T5789] NILFS (loop3): discard dirty page: offset=0, ino=6
[  100.001525][ T5802] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  100.008032][ T5789] NILFS (loop3): discard dirty block: blocknr=35, size=1024
[  100.060378][ T5789] NILFS (loop3): discard dirty block: blocknr=36, size=1024
[  100.085727][ T5789] NILFS (loop3): discard dirty block: blocknr=37, size=1024
[  100.093206][ T5789] NILFS (loop3): discard dirty block: blocknr=38, size=1024
[  100.174842][ T5789] NILFS (loop3): discard dirty page: offset=4096, ino=6
[  100.199557][ T5789] NILFS (loop3): discard dirty block: blocknr=39, size=1024
[  100.207942][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.219198][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.229509][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.243624][ T5789] NILFS (loop3): discard dirty page: offset=0, ino=5
[  100.254109][ T5789] NILFS (loop3): discard dirty block: blocknr=41, size=1024
[  100.264494][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.305440][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.325932][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.365766][ T5789] NILFS (loop3): discard dirty page: offset=0, ino=4
[  100.396273][ T5789] NILFS (loop3): discard dirty block: blocknr=40, size=1024
[  100.404304][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.439946][ T6089] syz_tun: entered allmulticast mode
[  100.451095][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.475202][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.496883][ T6088] syz_tun: left allmulticast mode
[  100.500640][ T5789] NILFS (loop3): discard dirty page: offset=0, ino=3
[  100.528335][ T5789] NILFS (loop3): discard dirty block: blocknr=42, size=1024
[  100.551507][ T5789] NILFS (loop3): discard dirty block: blocknr=43, size=1024
[  100.577762][ T5789] NILFS (loop3): discard dirty block: blocknr=44, size=1024
[  100.595288][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.625305][ T5789] NILFS (loop3): discard dirty page: offset=65536, ino=3
[  100.632404][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.656447][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.688925][ T5789] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  100.705622][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.714660][ T5789] NILFS (loop3): discard dirty page: offset=196608, ino=3
[  100.751433][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.790645][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  100.825406][ T5789] NILFS (loop3): discard dirty block: blocknr=49, size=1024
[  100.833355][ T5789] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  101.000451][ T6093] loop2: detected capacity change from 0 to 8192
[  101.037961][ T6093] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  101.062337][ T6093] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  101.076083][ T6093] REISERFS (device loop2): using ordered data mode
[  101.082791][ T6093] reiserfs: using flush barriers
[  101.095615][ T6093] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  101.140996][ T6093] REISERFS (device loop2): checking transaction log (loop2)
[  101.350419][ T6093] REISERFS (device loop2): Using tea hash to sort names
[  101.369483][ T6093] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  101.415571][   T27] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  101.451929][ T6091] loop1: detected capacity change from 0 to 32768
[  101.536594][ T6091] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  101.551846][ T6091] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  101.618068][ T6091] XFS (loop1): Ending clean mount
[  101.651597][ T6091] XFS (loop1): Quotacheck needed: Please wait.
[  101.655519][   T27] usb 1-1: Using ep0 maxpacket: 8
[  101.677439][   T27] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  101.694827][   T27] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  101.705499][   T27] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  101.716513][   T27] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  101.730441][   T27] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  101.739972][   T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.793577][ T6091] XFS (loop1): Quotacheck: Done.
[  101.957559][ T5790] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  102.000353][   T27] usb 1-1: GET_CAPABILITIES returned 0
[  102.029925][   T27] usbtmc 1-1:16.0: can't read capabilities
[  102.274640][    C1] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  102.307262][   T27] usb 1-1: USB disconnect, device number 5
[  102.506224][ T6121] loop2: detected capacity change from 0 to 256
[  103.215255][   T27] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  103.485273][   T27] usb 4-1: Using ep0 maxpacket: 8
[  103.498302][   T27] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  103.515251][   T27] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  103.541970][   T27] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  103.563993][   T27] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  103.595179][   T27] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  103.625235][   T27] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  103.668999][   T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.881659][   T28] audit: type=1326 audit(1758553757.737:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.92" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc96bb8eec9 code=0x0
[  103.927189][   T27] usb 4-1: GET_CAPABILITIES returned 0
[  103.932940][   T27] usbtmc 4-1:16.0: can't read capabilities
[  104.291274][ T6131] usbtmc 4-1:16.0: usb_control_msg returned -71
[  104.292248][    T8] usb 4-1: USB disconnect, device number 2
[  105.281143][ T6175] vlan2: entered allmulticast mode
[  105.299672][ T6175] bridge0: port 3(vlan2) entered blocking state
[  105.325311][ T6175] bridge0: port 3(vlan2) entered disabled state
[  105.343953][ T6175] vlan2: entered promiscuous mode
[  105.363054][ T6175] bridge0: mtu less than device minimum
[  105.608056][ T6166] loop0: detected capacity change from 0 to 32768
[  105.645931][ T6166] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.95 (6166)
[  105.685669][ T6166] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  105.705300][ T6166] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  105.721349][ T6166] BTRFS info (device loop0): force zlib compression, level 3
[  105.734072][ T6166] BTRFS info (device loop0): force clearing of disk cache
[  105.746401][ T6166] BTRFS info (device loop0): setting nodatasum
[  105.759733][ T6166] BTRFS info (device loop0): doing ref verification
[  105.771664][ T6166] BTRFS info (device loop0): allowing degraded mounts
[  105.790159][ T6166] BTRFS info (device loop0): enabling disk space caching
[  105.808209][ T6166] BTRFS info (device loop0): disk space caching is enabled
[  105.933730][ T6166] BTRFS info (device loop0): enabling ssd optimizations
[  105.953220][ T6195] loop2: detected capacity change from 0 to 64
[  105.977789][ T6166] BTRFS info (device loop0): auto enabling async discard
[  106.024393][ T6166] BTRFS info (device loop0): rebuilding free space tree
[  106.076439][ T6166] BTRFS info (device loop0): disabling free space tree
[  106.083618][ T6166] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  106.118151][ T6166] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  106.276283][ T6195] minix_free_block (loop2:4): bit already cleared
[  106.297677][ T6195] minix_free_block (loop2:3): bit already cleared
[  106.314709][ T6195] minix_free_block (loop2:2): bit already cleared
[  106.329549][ T6195] minix_free_block (loop2:1): bit already cleared
[  106.466070][ T5793] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  106.539258][ T6171] loop1: detected capacity change from 0 to 32768
[  106.623572][ T6171] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.97 (6171)
[  106.641279][ T6201] loop2: detected capacity change from 0 to 64
[  106.702015][ T6171] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  106.776207][ T6171] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  106.804880][   T28] audit: type=1800 audit(1758553760.657:5): pid=6201 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.104" name="file1" dev="loop2" ino=21 res=0 errno=0
[  106.846190][ T5781] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  106.906531][ T6171] BTRFS info (device loop1): enabling auto defrag
[  106.935355][ T6171] BTRFS info (device loop1): doing ref verification
[  106.949634][   T28] audit: type=1800 audit(1758553760.807:6): pid=6201 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.104" name="file1" dev="loop2" ino=21 res=0 errno=0
[  106.993492][ T6171] BTRFS info (device loop1): use no compression
[  107.022555][ T6171] BTRFS info (device loop1): force clearing of disk cache
[  107.048053][ T6171] BTRFS info (device loop1): max_inline at 4096
[  107.080871][ T5781] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  107.084156][ T6171] BTRFS info (device loop1): disabling free space tree
[  107.122729][ T5781] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  107.175197][ T5781] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  107.205018][ T5781] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.261775][ T6197] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  107.332398][ T5781] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[  107.695069][ T6171] BTRFS info (device loop1): enabling ssd optimizations
[  107.704998][ T6171] BTRFS info (device loop1): auto enabling async discard
[  107.714701][ T6171] BTRFS info (device loop1): rebuilding free space tree
[  107.772378][ T6171] BTRFS info (device loop1): disabling free space tree
[  107.833455][ T6171] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  107.856543][ T1188] usb 4-1: USB disconnect, device number 3
[  107.868603][ T6171] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  108.345446][ T5790] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  108.865668][ T6243] tls_set_device_offload: netdev not found
[  109.321552][ T6256] loop1: detected capacity change from 0 to 4096
[  109.455046][ T6256] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.703330][   T28] audit: type=1800 audit(1758553763.557:7): pid=6256 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.109" name="bus" dev="loop1" ino=18 res=0 errno=0
[  109.994995][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.173342][ T6266] loop2: detected capacity change from 0 to 128
[  110.323653][ T6270] loop1: detected capacity change from 0 to 512
[  110.339811][ T6270] EXT4-fs: inline encryption not supported
[  110.368218][ T6270] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  110.401003][ T6268] loop0: detected capacity change from 0 to 4096
[  110.416916][ T6270] EXT4-fs (loop1): 1 truncate cleaned up
[  110.459203][ T6273] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  110.493986][ T6270] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.631664][   T28] audit: type=1800 audit(1758553764.487:8): pid=6268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.120" name="file1" dev="loop0" ino=15 res=0 errno=0
[  110.714833][ T6275] tipc: Started in network mode
[  110.743299][ T6275] tipc: Node identity ac14140f, cluster identity 4711
[  110.763155][ T6275] tipc: New replicast peer: 255.255.255.254
[  110.784738][ T6275] tipc: Enabled bearer <udp:syz2>, priority 10
[  111.043006][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.499680][ T6284] loop2: detected capacity change from 0 to 8192
[  111.917373][   T23] tipc: Node number set to 2886997007
[  111.990086][ T6298] loop0: detected capacity change from 0 to 2048
[  112.072276][ T6298] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  112.131052][ T6298] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  112.488389][ T6305] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  112.732405][ T6286] loop3: detected capacity change from 0 to 40427
[  112.810249][ T6286] F2FS-fs (loop3): invalid crc value
[  112.841384][ T6309] loop2: detected capacity change from 0 to 512
[  112.888480][ T6286] F2FS-fs (loop3): Found nat_bits in checkpoint
[  112.930392][ T6309] EXT4-fs: Ignoring removed oldalloc option
[  112.959689][ T6309] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  112.993607][ T6309] EXT4-fs (loop2): corrupt root inode, run e2fsck
[  113.045316][ T6309] EXT4-fs (loop2): mount failed
[  113.166877][ T6286] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  113.468692][   T28] audit: type=1804 audit(1758553767.327:9): pid=6286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.127" name="/newroot/30/file0/bus" dev="loop3" ino=10 res=1 errno=0
[  113.523427][ T6286] Invalid ELF header magic: != ELF
[  113.545820][   T28] audit: type=1800 audit(1758553767.357:10): pid=6286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.127" name="bus" dev="loop3" ino=10 res=0 errno=0
[  113.594835][ T6321] loop2: detected capacity change from 0 to 128
[  113.623178][ T6321] FAT-fs (loop2): bogus number of FAT structure
[  113.680389][ T6321] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  113.700698][ T5789] syz-executor: attempt to access beyond end of device
[  113.700698][ T5789] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  113.732286][ T6321] FAT-fs (loop2): Can't find a valid FAT filesystem
[  113.743431][ T5789] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  115.181084][ T6358] loop3: detected capacity change from 0 to 512
[  115.203222][ T6358] EXT4-fs: Ignoring removed nobh option
[  115.236406][ T6358] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  115.302790][ T6358] EXT4-fs (loop3): 1 truncate cleaned up
[  115.340554][ T6358] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.454420][ T6364] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  115.523618][ T6364] Zero length message leads to an empty skb
[  115.600865][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.749019][ T6371] netlink: 8 bytes leftover after parsing attributes in process `syz.2.159'.
[  115.767031][ T6372] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  115.876037][ T5837] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  115.971127][ T6380] loop1: detected capacity change from 0 to 128
[  115.983844][ T6380] EXT4-fs: Mount option(s) incompatible with ext3
[  115.994065][ T6378] capability: warning: `syz.2.161' uses deprecated v2 capabilities in a way that may be insecure
[  116.030641][ T6221] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  116.075386][ T5837] usb 1-1: Using ep0 maxpacket: 16
[  116.122407][ T5837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  116.161040][ T5837] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  116.203642][ T5837] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  116.239640][ T5837] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.296263][ T5837] usb 1-1: config 0 descriptor??
[  116.443069][ T6392] TCP: tcp_parse_options: Illegal window scaling value 236 > 14 received
[  116.634598][ T6397] pim6reg1: entered promiscuous mode
[  116.640712][ T6397] pim6reg1: entered allmulticast mode
[  116.750551][ T5837] HID 045e:07da: Invalid code 65791 type 1
[  116.781554][ T5837] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0002/input/input5
[  116.838358][ T5837] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  117.409444][ T6411] loop3: detected capacity change from 0 to 256
[  117.780706][   T27] usb 1-1: USB disconnect, device number 6
[  118.970933][ T6441] loop4: detected capacity change from 0 to 7
[  118.981984][ T6441] Dev loop4: unable to read RDB block 7
[  118.989754][ T6441]  loop4: unable to read partition table
[  118.996609][ T6441] loop4: partition table beyond EOD, truncated
[  119.020484][ T6441] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5)
[  119.105314][    T8] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  119.313659][    T8] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  119.345250][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.399054][    T8] usb 2-1: config 0 descriptor??
[  119.438404][    T8] cp210x 2-1:0.0: cp210x converter detected
[  119.700587][ T6460] syzkaller1: entered promiscuous mode
[  119.711763][ T6460] syzkaller1: entered allmulticast mode
[  119.907285][ T6439] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  119.949068][ T6439] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  120.013794][    T8] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  120.055859][    T8] usb 2-1: cp210x converter now attached to ttyUSB0
[  120.158381][ T6469] loop3: detected capacity change from 0 to 512
[  120.204195][ T6469] EXT4-fs: Ignoring removed oldalloc option
[  120.221761][ T6469] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  120.283649][ T6469] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.196: bad orphan inode 131083
[  120.334709][   T27] usb 2-1: USB disconnect, device number 2
[  120.349975][ T6469] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.350723][   T27] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  120.395005][   T27] cp210x 2-1:0.0: device disconnected
[  120.601301][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.567879][ T6483] loop3: detected capacity change from 0 to 32768
[  121.607209][ T6483] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  121.715649][ T1188] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  121.816038][ T6483] XFS (loop3): Ending clean mount
[  121.917876][ T1188] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  121.935334][ T1188] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  121.969268][ T1188] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  121.988406][ T1188] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  122.006786][ T1188] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  122.031924][ T1188] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  122.051099][ T1188] usb 3-1: Manufacturer: syz
[  122.072678][ T1188] usb 3-1: config 0 descriptor??
[  122.088374][ T6492] loop1: detected capacity change from 0 to 40427
[  122.116118][ T6492] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  122.123569][ T6492] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  122.144150][ T6492] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x7ffff
[  122.157323][ T6492] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x6
[  122.167852][ T6492] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x5
[  122.204681][ T6492] F2FS-fs (loop1): invalid crc value
[  122.211644][ T5789] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  122.241575][ T6492] F2FS-fs (loop1): Found nat_bits in checkpoint
[  122.528544][ T6492] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  122.564446][ T6492] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  122.580986][ T1188] appleir 0003:05AC:8243.0003: unknown main item tag 0x0
[  122.630690][ T1188] appleir 0003:05AC:8243.0003: No inputs registered, leaving
[  122.703531][ T1188] appleir 0003:05AC:8243.0003: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  122.871495][ T6492] syz.1.206: attempt to access beyond end of device
[  122.871495][ T6492] loop1: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  122.926732][ T5160] udevd[5160]: worker [6221] terminated by signal 33 (Unknown signal 33)
[  122.952811][ T5160] udevd[5160]: worker [6221] failed while handling '/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:05AC:8243.0003/hidraw/hidraw0'
[  123.010919][ T1188] usb 3-1: USB disconnect, device number 2
[  123.049195][ T5790] syz-executor: attempt to access beyond end of device
[  123.049195][ T5790] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  123.078196][ T5790] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  123.717477][ T6541] Bluetooth: MGMT ver 1.22
[  123.950571][ T1188] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  123.988514][ T1188] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  124.011923][   T27] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  124.513564][ T6556] loop3: detected capacity change from 0 to 32768
[  124.541812][ T6556] 
[  124.541812][ T6556]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  124.541812][ T6556] 
[  124.560678][   T27] usb 1-1: config 0 has no interfaces?
[  124.566430][   T27] usb 1-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[  124.576039][   T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.591232][   T27] usb 1-1: config 0 descriptor??
[  124.620394][ T6556] 
[  124.620394][ T6556]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  124.620394][ T6556] 
[  124.631838][ T6556] 
[  124.631838][ T6556]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  124.631838][ T6556] 
[  124.642586][ T6556] 
[  124.642586][ T6556]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  124.642586][ T6556] 
[  124.653260][ T6556] 
[  124.653260][ T6556]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  124.653260][ T6556] 
[  124.676219][  T112] 
[  124.676219][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  124.676219][  T112] 
[  124.887761][ T3450] 
[  124.887761][ T3450]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  124.887761][ T3450] 
[  124.917796][ T3450] 
[  124.917796][ T3450]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  124.917796][ T3450] 
[  124.942197][    T8] usb 1-1: USB disconnect, device number 7
[  124.945185][ T3450] 
[  124.945185][ T3450]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  124.945185][ T3450] 
[  124.974627][ T5789] 
[  124.974627][ T5789]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  124.974627][ T5789] 
[  124.994479][ T5789] 
[  124.994479][ T5789]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  124.994479][ T5789] 
[  125.019332][  T113] general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] PREEMPT SMP KASAN
[  125.031831][  T113] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047]
[  125.040932][  T113] CPU: 1 PID: 113 Comm: jfsCommit Not tainted syzkaller #0
[  125.048268][  T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  125.058690][  T113] RIP: 0010:lmLogSync+0x139/0x9c0
[  125.063903][  T113] Code: 1a b3 fe 4d 8d 7e f0 4c 89 f8 48 c1 e8 03 80 3c 18 00 74 08 4c 89 ff e8 35 fa dc fe 4d 8b 3f 49 83 c7 40 4c 89 f8 48 c1 e8 03 <80> 3c 18 00 74 08 4c 89 ff e8 19 fa dc fe 49 8b 3f e8 f1 19 b3 fe
[  125.084659][  T113] RSP: 0018:ffffc90002cc7c40 EFLAGS: 00010202
[  125.090765][  T113] RAX: 0000000000000008 RBX: dffffc0000000000 RCX: 7c129d49d5ac0500
[  125.099149][  T113] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  125.107398][  T113] RBP: ffffc90002cc7d48 R08: 0000000000000004 R09: 0000000000000004
[  125.116005][  T113] R10: ffffc90002cc7b64 R11: fffff52000598f75 R12: ffff88807a8ce800
[  125.123994][  T113] R13: dffffc0000000000 R14: ffff8880792f3638 R15: 0000000000000040
[  125.132369][  T113] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  125.141774][  T113] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  125.148410][  T113] CR2: 0000001b2ed1eff8 CR3: 000000002f81e000 CR4: 00000000003506e0
[  125.156763][  T113] Call Trace:
[  125.160076][  T113]  <TASK>
[  125.163027][  T113]  ? lmWriteRecord+0x1ac0/0x1ac0
[  125.168424][  T113]  ? __rwlock_init+0x150/0x150
[  125.173268][  T113]  jfs_syncpt+0x7b/0x90
[  125.177533][  T113]  txEnd+0x2e5/0x520
[  125.181488][  T113]  jfs_lazycommit+0x5a6/0xa60
[  125.186352][  T113]  ? txFreelock+0x5a0/0x5a0
[  125.190870][  T113]  ? do_task_dead+0xd0/0xd0
[  125.195377][  T113]  ? __kthread_parkme+0x7a/0x1c0
[  125.200332][  T113]  kthread+0x2fa/0x390
[  125.204501][  T113]  ? txFreelock+0x5a0/0x5a0
[  125.209019][  T113]  ? kthread_blkcg+0xd0/0xd0
[  125.213785][  T113]  ret_from_fork+0x48/0x80
[  125.218487][  T113]  ? kthread_blkcg+0xd0/0xd0
[  125.223607][  T113]  ret_from_fork_asm+0x11/0x20
[  125.228789][  T113]  </TASK>
[  125.231814][  T113] Modules linked in:
[  125.246045][  T113] ---[ end trace 0000000000000000 ]---
[  125.252054][  T113] RIP: 0010:lmLogSync+0x139/0x9c0
[  125.261377][  T113] Code: 1a b3 fe 4d 8d 7e f0 4c 89 f8 48 c1 e8 03 80 3c 18 00 74 08 4c 89 ff e8 35 fa dc fe 4d 8b 3f 49 83 c7 40 4c 89 f8 48 c1 e8 03 <80> 3c 18 00 74 08 4c 89 ff e8 19 fa dc fe 49 8b 3f e8 f1 19 b3 fe
[  125.265273][ T6564] block nbd2: NBD_DISCONNECT
[  125.282500][  T113] RSP: 0018:ffffc90002cc7c40 EFLAGS: 00010202
[  125.294058][  T113] RAX: 0000000000000008 RBX: dffffc0000000000 RCX: 7c129d49d5ac0500
[  125.303899][  T113] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  125.312807][  T113] RBP: ffffc90002cc7d48 R08: 0000000000000004 R09: 0000000000000004
[  125.315392][ T6564] block nbd2: Disconnected due to user request.
[  125.323290][  T113] R10: ffffc90002cc7b64 R11: fffff52000598f75 R12: ffff88807a8ce800
[  125.349882][  T113] R13: dffffc0000000000 R14: ffff8880792f3638 R15: 0000000000000040
[  125.352724][ T6564] block nbd2: shutting down sockets
[  125.376541][  T113] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  125.385747][  T113] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  125.392770][  T113] CR2: 00007f999f3b12f8 CR3: 000000002f81e000 CR4: 00000000003506e0
[  125.401280][  T113] Kernel panic - not syncing: Fatal exception
[  125.407906][  T113] Kernel Offset: disabled
[  125.412232][  T113] Rebooting in 86400 seconds..