last executing test programs:

10m41.651825234s ago: executing program 4 (id=5):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r1, 0x1, 0x6, @local}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000002c0)={r1, 0x11, 0x6}, 0x10)
setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000580)={0x0, 0x1, 0x6, @random="589ed7ad9c41"}, 0x10)

10m40.610092269s ago: executing program 4 (id=12):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x47, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000001c0)={r2, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xd4}, 0x9c)

10m39.183857768s ago: executing program 4 (id=19):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file1\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x6, 0x229, &(0x7f00000005c0)="$eJzsmL9rFEEUx79vbm+9FRFtUthYGDCiucvtoaQ5NIJgJULir0oPs4aYS04uK5iAmGBjo52FkMbCf8AihZWFnf+AoIUKgoVXWNjYjMzO3N7k5s49l+t8n2L4zsybH+/tm1csGIb5b/n65dfnp+dnF04BOIBJ7DPj3wsAkda01bP/9OL+yef1CzuvP756t3bw4Zv+/dQSKfcOlP5yvgfg7VwBcdIT9urfSkyazgJEqq9A4ITR10AoG30LAleNjkC4YfRdS7eUfbl8Z7kZlW+3motKzKimqppQNbX++3W2CYumL6WUZM2vb2yuNJrNqG0Jz8wNmMol0sNWJpz4FeGjMydQt+6nonj9yeNt1e/GZsaKXxUCVeNEDYR5Mz6LnW5sdEgs/494vf0Ljv8DvCWTDECWkyUt6j/HEixbHJ7Ot3xKuXPOnTqEPNfA3lVF9KZUJIcuH5Ze/5Y6ifCyc/Gs+aA5zrrU74V8NPgBPAsAjP0ruyKXF10x0aH37tQ3LcTQfJaUfQSNnj+lUe/cfYj5IxZA+ZWOeGP6FsCHXV0/5EvCcas+eVb9qMSr9yrrG5vTy6uNpWgpWgvD2hkCtk6HlaQQ6dape736HCT1aT+CdP/iEFtf+HjQiON2Vbc++QgQx+0w6YfWs5nfbf24aZbFuAjgmO6okuanOxacM8jXNiKxVWrKNWIYhmEYhmEYhmEYhmEYhsnFUVDyFzSD8HJi/ScAAP//bUVZjQ==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000001c0)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file3\x00', 0xec3294b766f12b21, 0xa4)
acct(&(0x7f0000000200)='./file2\x00')

10m36.845446054s ago: executing program 4 (id=27):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000080)=0x40)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000180)="80fd02000040", 0x42}], 0x1, 0x0, 0x0)

10m35.776152745s ago: executing program 4 (id=31):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xdd860600, &(0x7f0000000040)={&(0x7f0000000500)=@newlink={0xec, 0x10, 0x801, 0x2000000, 0x0, {0x0, 0x0, 0x0, r3, 0xb}, [@IFLA_AF_SPEC={0xcc, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET={0xb0, 0x2, 0x0, 0x1, {0x9, 0x1, 0x0, 0x1, [{0xc}, {0x8}, {0xa}, {0x8}, {0x8}]}}, @AF_INET={0x18, 0x2, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x9, 0xd}, {0x8}]}}, @AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}]}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x24, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}]}}, @AF_MPLS={0x4}, @AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE]}, @AF_MPLS={0x4}]}]}, 0xec}}, 0x0)

10m31.545036616s ago: executing program 32 (id=31):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xdd860600, &(0x7f0000000040)={&(0x7f0000000500)=@newlink={0xec, 0x10, 0x801, 0x2000000, 0x0, {0x0, 0x0, 0x0, r3, 0xb}, [@IFLA_AF_SPEC={0xcc, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET={0xb0, 0x2, 0x0, 0x1, {0x9, 0x1, 0x0, 0x1, [{0xc}, {0x8}, {0xa}, {0x8}, {0x8}]}}, @AF_INET={0x18, 0x2, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x9, 0xd}, {0x8}]}}, @AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}]}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x24, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}]}}, @AF_MPLS={0x4}, @AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE]}, @AF_MPLS={0x4}]}]}, 0xec}}, 0x0)

9m28.333839095s ago: executing program 1 (id=211):
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f00000000c0)='./file1\x00', 0x4490, &(0x7f0000002cc0)=ANY=[], 0xfd, 0x297, &(0x7f0000000480)="$eJzs3c1qE18Yx/HfmUyb/P8tdfoignRVLbiSvmzETUFyB25cidpEKIYKWkFdRdfiBbjPLXgBLl2Ja6G7rryA7CLnzBkzSWaSGBonid8PJEw655l5TuZMz3lSSgTgn3Wvet46vLAPI5VUknRXCiRVpFDSVV2rvDo9Ozlr1GvDDlRyEfZhFEeagTbHp/WsUBvnIrzIvgq1mv4ZpqPyQ83tlaKzQNHc3Z8hkMr+7nT7K389s+loFp1AwUxbbb3WWtF5AACK5ef/wM/zq379HgTSrp/24/k/WdXP+QTaLjqBKfsyYn9q/ndVVsfY63vF7erWe+5ih1ryQa3Di0lyWVY8snoWmGZUVelyCf57etKo3z5+3qgFeq8jb6nbbMs91+KhmzhvGVfT2u13g4fe8bXpmPVlUiGP1zrNFVbBku3DQTr/VJPNyz3jaOar+WYemkifVPu9/gs7xl4md6WivisV57+Xf0TXy2W5Vjm9XHcnue7P4A3tZUk5FYmSEbXedwGjnDzDnqiNvqi4d/v5vXNRm5lRByOitvqjuqM5P3LazEfzwOzopz6rmlr/B/bd3tU4d6Zt41r6kTG0P6FrGbn5xM8dze3MlsGkPcIEPuiJ7mjt5Zu3zx43GvUXC7th78QZSGOmNpJBMCv5LOyGfZMLOXsy70x+nPxfHXwsvzi6F/0PAxkEi8Kuu0xc/6XqlT23WLNPUe86vZyO7Yw6eOqI+zm1wYZ7/r+/gsupDYz76GEl46+Lg2ccWnPduCXdHOeMscjnOXuOJgkyVX3XIz7/BwAAAAAAAAAAAAAAAAAAmDeX9y8HFeXtKrqPAAAAAAAAAAAAAAAAAAAAAADMu4zv/y0X+v2/9xW/4vt/gan7FQAA//+pI3MQ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x143041, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
ioctl$FIBMAP(r1, 0x1, &(0x7f00000099c0))

9m27.46198954s ago: executing program 1 (id=218):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x2c, 0x3, 0x0)
setsockopt$sock_attach_bpf(r2, 0x11b, 0x2, 0x0, 0x0)

9m26.707109986s ago: executing program 1 (id=223):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
syz_emit_ethernet(0x86, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x1b59, 0x64, 0x0, @wg=@response={0x2, 0x0, 0xe0, "00ab08653904030401c50900000009c5000000efffffffff00", "9384bbeb3018ad591b661fe808b21b77", {"694c875dfb1be5d2a0057a62022a1564", "a329d3a13bd5b6cc6a9471314a1d8c69"}}}}}}}, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000ac0)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={r2, 0xffffffff}, 0x8)

9m26.24661452s ago: executing program 1 (id=227):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f0000000040)='./file0/../file0/file0\x00', 0x0, 0x8b101a, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000380)='./file0/../file0/file0\x00', r0, &(0x7f0000000140)='./file0\x00', 0x103)

9m23.591874204s ago: executing program 1 (id=234):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000380)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
chdir(0x0)

9m22.906186038s ago: executing program 1 (id=237):
r0 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r1, &(0x7f0000e15000)={0x2, 0x4e20, @empty}, 0x10)

9m20.942867071s ago: executing program 33 (id=237):
r0 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r1, &(0x7f0000e15000)={0x2, 0x4e20, @empty}, 0x10)

5m30.724042256s ago: executing program 6 (id=1158):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)={0x1, 0x920, 0x0, {0x0, 0x2710}, {0x0, 0x2710}, {}, 0x1, @canfd={{}, 0x20, 0x0, 0x0, 0x0, "5c91440132bb112240fcbcc3fa9d0431575f8614d3538ce09c50eecd6ac579e8e83b944b666113f3afed71231e6653a13532f17b33515bdd7e1be14f53b9fc9b"}}, 0x80}}, 0x40000)
sendmsg$can_bcm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x2, 0x0, 0x0, {0x0, 0x2710}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "ee6a491530f05065"}}, 0x48}}, 0x0)

5m29.943225669s ago: executing program 6 (id=1164):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1, 0x0, 0x9833bf88d1b218f5, 0x3}, {{@in6=@ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x4d6, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x40000}}, 0xe8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

5m29.393104308s ago: executing program 6 (id=1167):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_mount_image$btrfs(&(0x7f0000000200), &(0x7f0000005600)='./file0\x00', 0x800, &(0x7f0000000740), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000080)=0x2)
ioctl$BTRFS_IOC_SEND(r0, 0x40489426, &(0x7f00000000c0)={{}, 0x0, 0x0})

5m26.144241504s ago: executing program 6 (id=1177):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0xc)

5m23.262546775s ago: executing program 6 (id=1188):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000001701000003000000000000000000000010000000000000001701"], 0x138, 0x4041001}, 0x8000)

5m21.94169531s ago: executing program 6 (id=1192):
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x40001}, 0x1)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[], 0x28}}, 0x0)
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000000)={0xffffffff, 0xee3, 0x800006, 0x8002, 0xe, "99212c0155b6056ee613657266ec62b016d5a9"})
r0 = socket(0x1000000010, 0x80802, 0x0)
sendmmsg$alg(r0, &(0x7f0000000200), 0x4924924924926d3, 0x0)

5m19.634383069s ago: executing program 34 (id=1192):
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x40001}, 0x1)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[], 0x28}}, 0x0)
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000000)={0xffffffff, 0xee3, 0x800006, 0x8002, 0xe, "99212c0155b6056ee613657266ec62b016d5a9"})
r0 = socket(0x1000000010, 0x80802, 0x0)
sendmmsg$alg(r0, &(0x7f0000000200), 0x4924924924926d3, 0x0)

5m16.460443468s ago: executing program 2 (id=1208):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r2, {0x8, 0x7}, {0x0, 0x2}, {0xa, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

5m16.013842863s ago: executing program 2 (id=1211):
r0 = io_uring_setup(0x491, &(0x7f0000000240)={0x0, 0x3a29, 0x800, 0x2, 0x4000157})
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522)
close_range(r0, 0xffffffffffffffff, 0x0)

5m15.564588479s ago: executing program 2 (id=1214):
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="62a02a3a34097272"], 0xa)

5m15.326843588s ago: executing program 2 (id=1216):
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000340)={[{@numtail}, {@shortname_lower}, {@shortname_mixed}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'ascii'}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {}, {@shortname_mixed}, {@shortname_win95}, {@fat=@usefree}, {@shortname_winnt}, {@shortname_win95}, {@numtail}, {@numtail}, {@fat=@discard}, {@nonumtail}, {@fat=@codepage={'codepage', 0x3d, '865'}}, {@numtail}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'macceltic'}}]}, 0x1, 0x36b, &(0x7f0000000a00)="$eJzs3U1vG1UXAODTvM1H85I6C4QECHFVNrCxkvAHGqFWQkQChRoVFkhTMgEr0zjyWEGuEHTHlt9RsWSHhPgDWcCeHbtsWHZRdVDsuPloCIvUHgrPI0X3xPce+4zHM7qb0dm//d3drc2yuZn1Yup6iqmImHoYsTiIhi4djlODeCaOux9vNW7/9tqHH3/y3ura2o31lG6u3np7JaV09fWfvvzq+2s/9/7/0Q9Xf5yNvcVP9/9Y+X3vpb2X9x/f+qJdpnaZtju9lKU7nU4vu1PkaaNdbjVT+qDIszJP7e0y756Y3yw6Ozv9lG1vLMzvdPOyTNl2P23l/dTrpF63n7LPs/Z2ajabaWE++DutB+vr2eownjtn3fVJFcQYdLur2cE1PPvUTOtBLQUBALW66P5/5pnu/6fD/n+Sju//+bc62P/PHF6/J9n/AwAAAAAAAAAAAADA8+BhVTWqqmqMxmr0kPDh/zWXx5g9df5P/dVdH+N17MG9uYji293Wbms4DudXN6MdReSxFI14dHBbGBnGN99du7GUBhZj4e43g/xrv0S0/ncyfzkasXh2/vIwPz3Jj4NxOuaP569EI148O3/lzPyZePONY/nNaMSvn0UnitgY3N6O8r9eTumd99dO5c8O1gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw39BMI6/GsO/9biviSuwe9u9vHi1YPNkff5j/pL/+UjTi0dn9+ZfO7M9/OV65XO+xAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBI2b+3lRVF3p1UMOr5P3hlZhT8ddal4fL7p6auxARrLop86lm94eOqqsZV6txkT+VFgumI885gdfgrufhnvRAR56yZjYj6v41/YlDXHQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqc9T0u+5KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqFPZv7eVFUXeHWNQ9zECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8T/4MAAD//yeQEY0=")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000540)='./bus\x00', 0x0, 0x100)
preadv2(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x100000}], 0x2, 0x0, 0x0, 0x0)

5m14.359222755s ago: executing program 2 (id=1219):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
setpriority(0x1, 0x0, 0x1)

5m13.426904264s ago: executing program 2 (id=1224):
socket$kcm(0xa, 0x3, 0x3a)
r0 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
syz_emit_ethernet(0x66, &(0x7f0000000140)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @local, @void, {@ipv6={0x86dd, @icmpv6={0xe, 0x6, "f22ada", 0x30, 0x3a, 0xff, @private1={0xfc, 0x1, '\x00', 0x1}, @local, {[], @time_exceed={0x3, 0x1, 0x0, 0x1, '\x00', {0x2, 0x6, "40a619", 0x40, 0x33, 0x0, @loopback, @ipv4={'\x00', '\xff\xff', @multicast2}}}}}}}}, 0x0)

5m11.846957981s ago: executing program 35 (id=1224):
socket$kcm(0xa, 0x3, 0x3a)
r0 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
syz_emit_ethernet(0x66, &(0x7f0000000140)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @local, @void, {@ipv6={0x86dd, @icmpv6={0xe, 0x6, "f22ada", 0x30, 0x3a, 0xff, @private1={0xfc, 0x1, '\x00', 0x1}, @local, {[], @time_exceed={0x3, 0x1, 0x0, 0x1, '\x00', {0x2, 0x6, "40a619", 0x40, 0x33, 0x0, @loopback, @ipv4={'\x00', '\xff\xff', @multicast2}}}}}}}}, 0x0)

3m48.183481007s ago: executing program 3 (id=1547):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)

3m46.272664963s ago: executing program 3 (id=1555):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r0 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchownat(r1, &(0x7f0000000080)='.\x00', 0xffffffffffffffff, 0x0, 0x0)

3m45.74944431s ago: executing program 3 (id=1558):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1801000021000000000000003b81000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2}, 0x94)
io_uring_setup(0x3411, &(0x7f0000000140)={0x0, 0x21f5, 0x1226, 0x3, 0x105})
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x22, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x0, 0x95ffffff]}}], 0xffc8)

3m45.156918652s ago: executing program 3 (id=1560):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

3m44.31278957s ago: executing program 3 (id=1564):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4048aecb, &(0x7f00000000c0)=ANY=[@ANYRES64, @ANYRES64])
open_tree(0xffffffffffffffff, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYRES32, @ANYRESHEX], 0x20)
r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r0, r0, r0}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})

3m43.132789652s ago: executing program 3 (id=1567):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000201010100000000000000000200000004000180180002801400018008000100b04c94a708000200ac1414aa140019800800010004000000080002"], 0x44}}, 0x0)

3m40.605258716s ago: executing program 36 (id=1567):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000201010100000000000000000200000004000180180002801400018008000100b04c94a708000200ac1414aa140019800800010004000000080002"], 0x44}}, 0x0)

14.733890604s ago: executing program 9 (id=2408):
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x1ff, 0x802, 0x8, 0x1d, 0x402})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

14.260501984s ago: executing program 9 (id=2410):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f00000004c0)=0x27)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000100)={r2, 0xf}, &(0x7f0000000140)=0x8)

12.405020839s ago: executing program 9 (id=2414):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r2 = fcntl$dupfd(r1, 0x406, r0)
ioctl$TCFLSH(r2, 0x400455c8, 0x1)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0xe3)

10.06217927s ago: executing program 7 (id=2425):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000680)=0x8)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="636865636b706f696e743d64697361626c652c6261636b67726f756e645f67633d73796e632c61636c2c616c6c6f635f6d6f64653d72657573652c696e6c696e655f78617474722c6e6f666c7573685f6d657267652c6d6f64653d6c66732c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c6167655f657874656e745f63616368652c646973636172642c6e6f696e6c696e655f64656e7472792c008bfb3c1e4b1b12ae77c937da8858"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x441, 0x105)
fallocate(r0, 0x10, 0x3ffd, 0x4003)

9.872816673s ago: executing program 8 (id=2426):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001d40)=@base={0x12, 0x1, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xa4}, {0x9}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, &(0x7f0000000040)}, 0x20)

9.74482546s ago: executing program 9 (id=2427):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000795d6c08450c3e616dc4010203010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x2c, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000440)=ANY=[@ANYBLOB="00000100000012"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

9.404076215s ago: executing program 5 (id=2429):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000040)={0x1d, r1, 0x8000000000000003}, 0x18)
r2 = epoll_create(0x1)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000080))
sendmmsg$inet6(r0, &(0x7f0000002e40)=[{{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f00000003c0)='S', 0x1}], 0x1}}], 0x1, 0x44004)

9.003081894s ago: executing program 8 (id=2430):
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x400, 0x802, 0xff, 0x19, 0x402, 0x1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

8.136991917s ago: executing program 7 (id=2432):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x1, @multicast, 'ip6gre0\x00'}}, 0x1e)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x84a200, 0x0)
ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000040)=0x1)
ioctl$PPPIOCBRIDGECHAN(r1, 0x40047435, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0x7434, 0x0)

8.047428511s ago: executing program 8 (id=2433):
r0 = signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}})
r1 = syz_io_uring_setup(0x239, &(0x7f0000000680)={0x0, 0x405e5, 0x10100, 0x0, 0xfffffffe}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000500)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x31a0}})
io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)

7.290631323s ago: executing program 5 (id=2435):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty, 0x0, 0x80000}, 0x20)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)
connect$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0xc}, 0x20)
syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES8], 0x0)

6.92025576s ago: executing program 5 (id=2437):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000003c0)=0x1)
syz_mount_image$jfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x210004, &(0x7f00000001c0)=ANY=[@ANYBLOB="0076c4c8e20569103216561d72be881eec01432b3a44016dfb06d83f5994dac5e0380d219e05895501781b159fe5bbc521ac90df20cc8effefe08291b95ac0d30ef1158a9927c0613d0e57c60ed63baa08ee2bd75935040390de247903f8cad7c0abcc1e143b69c521be9565fa4f799ffd1fc6fd2c02cba73f8b3755a225664f1f423e34a37600000000"], 0x3, 0x62b5, &(0x7f00000069c0)="$eJzs3UuPHFfZB/Cn+jYXv3GsLKK8FkKTxFxCiK/BGAIkWcCCDQvkLbI1mUQWDiDbICey8ESzYcGHACGxRIglKz5AFmzZ8QGwZCOBskqhmjlnXNPpdo/Hma4en99Pmql6+lRNn/K/qy+uqj4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMQPf/Djc1VEXPlVuuFExP9FP6IXsdLUaxGxsnYiLz+IiBdiuzmej4jhUkSz/vavZyNej4iPj0fcf3Bnvbn5/D778f0//+MPPzn2o7//aXjmv3+51X9j2nK3b//2P3+9+2TbDAAAAKWp67qu0sf8k+nzfa/rTgEAc5Ff/+sk365euHpzwfqjVqvV6iNYt9WT3W0XEbHZXqd5z+BwPAAcMZvxSdddoEPyL9ogIo513QlgoVVdd4BDcf/BnfUq5Vu1Xw/WdtrzuSB78t+sdq/vmDadZfwck3k9vraiH89N6c/KnPqwSHL+vfH8r+y0j9Jyh53/vEzLf7Rz6VNxcv798fzHpPyXt38f6fx7E/MvVc5/sL/8d2z25Q8AAAAAAAss////iY6P/y4dpPMHOIjwqOO/awfpAwAAAAAAAAAsgCcd/2+X8f8AAABgYTWf1Ru/O/7wtmnfxdbcfrmKeGZseaAw6WKZ1a77AQAAAAAAAAAAAAAlGeycw3u5ihhGxDOrq3VdNz9t4/XjetL1j7rStx9K1vWTPAAA7Pj4+Ni1/FXEckRcTt/1N1xdXa3r5ZXVerVeWcrvZ0dLy/VK63Ntnja3LY328YZ4MKqbP7bcWq9t1uflWe3jf6+5r1Hd30fH5qPDwAEgInZeje57RXrK1PWz0fW7HI4G+//Tx/7PfnT9OAUAAAAOX13XdZW+zvtkOubf67pTAMBc5Nf/8eMCarVarVarn766rZ7sbruIiM32Os17BsPxA8ARsxmfdN0FOiT/og0i4oWuOwEstKrrDnAo7j+4s16lfKv260Ea3z2fC7In/81qe728/qTpLOPnmMzr8bUV/XhuSn+en1MfFknOvzee/5Wd9lFa7qD5T8u1q3OMpuXfbOeJDvrTtZx/fzz/MYe9/8/LVvQm5l+qnP/gsfLvyx8AAAAAABZY/v//Ewt1/Hd00M2Z6VHHf9cO7V4BAAAAAAAA4HDdf3BnPV/3mo//f2HCcq7/fDrl/Cv5Fynn3xvL/6tjy/Vb8/fefpj/vx/cWf/jrX/9f57uN/+lPFOlR1aVHhFVuqdqkKZPsnWftTXsj5p7Gla9fnMPa7t//3psxNk9y/bSv0c9fDeubbef29Pe9HS43V73d9rP72kf7Lbn9S/saR+mM53qldx+Otbj53E93tlub9qWZmz/8oz2ekZ7zr9v/y9Szn/Q+mnyX03t1di0ce+j3mf2+/Z00v28de2Lvzl7+Jsz01b0d7etrdm+lzroz/a/ybFR/PLmxo3Tt6/eunXjXKTJnlvPR5p8znL+w/Sz+/z/8k57ft5v76/3Pho9dv6LYisGU/N/uTXfbO8rc+5bF3L+o/ST838ntU/e/49y/tP3/1c76A8AAAAAAAAAAAAAAAA8Sl3X25eIvhURF9P1P11dmwkAzFd+/a+TfPu86v6c70+tPuJ1tWD9mWv9ab1Y/VGrj2LdVk/2ZruIiL+112neM/x60h8DABbZpxHxz647QWfkX7D8fX/N9NSeb/kFnnY3P/jwp1evX9+4cbPrngAAAAAAAAAAB5XH/1xrjf98qq7ru2PL7Rn/9e1Ye9LxPwd5ZneA0SkDVX/OpyRt9Ub9Xmu48RejPT53e4Ti4e7co8b/Hsy4v+GM9tGM9qUZ7csz2ide6NGS83+xNd75qYg4OTb8egnjv46PeV+CnP9Lrcdzk/9XxpZr51///ijn39uT/5lb7//izM0PPnzt2vtX39t4b+NnF86dO3vh4sVLly6deffa9Y2zO7877PHhyvnnsa9z/pQh558zl39Zcv5fSrX8y5Lz/3Kq5V+WnH9+vyf/suT882cf+Zcl5/9KquVflpz/11It/7Lk/F9NtfzLkvP/eqrlX5ac/2upln9Zcv6nUy3/suT8z6R6n/mvHHa/mI+cfz7CZf8vS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzfz3V8i9Lzv8bqZZ/WXL+F1Mt/7Lk/L+ZavmXJed/KdXyL0vO/1upln9Zcv7fTrX8y5LzfyPV8i9Lzv87qZZ/WXL+3021/MuS8/9equVflpz/m6mWf1kefv//os7kS+wXpT9mzJQw0/UzEwAAAAAAAAAAAAAwbh6nE3e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb27jZHjru8APvfoswOJgZA6qSEXx4SQOLmznfiBNsWEx4anEgiFPmC7vrM5cGzHZ5dAI9lRoETCqAjRNrxoCwi1kaoKq+IFrQDlBWpVqRK0L+gbRIWK1KgKKCBVaivIVTvz//9vd29u9863d96d+Xwk++fbnZ35z+x/5/Z35+8OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS75Q2znxrKsqzxJ/9ra5a9qPHvzZNb89tee7VHCAAAAKzVL/K/n78u3XBoBQ9qWuYfX/mdry0sLCxk7x/547HPLyykOyazbGxTluX3RZd/+IGh5mWCJ7KJoeGmr4e7bH6ky/2jXe4f63L/eJf7N3W5f6LL/UsOwBKbi5/H5Cvbmf9za3FIs+uzsfy+nSWPemJo0/Bw/FlObih/zMLY8WwuO5nNZtMtyxfLDuXLf+OWxrbemsVtDTdta3tjhvz0sWNxDEPhGO9s2dbiOqMfvz6b/NlPHzv2l+eeu7Gsdj0MLesrxnn7jsY4PxFuKcY6lG1KxySOc7hpnNtLnpORlnEO5Y9r/Lt9nM+vcJwji8PcUO3P+UQ2nP/7u/lxGm3+sV46TtvDbf9za5ZlFxeH3b7Mkm1lw9mWlluGF5+fiWJGNtbRmEovzUZXNU9vWcE8bdSZna3ztP01EZ//W8LjRpcZQ/PT9OPHx5ue958vXMk8jRp7vdxrpX0O9vq10i9zMM6L7+Y7/WTpHNwZ9v+x25afg6Vzp2QOpv1umoM7us3B4fGRfMzpSRjKH7M4B3e3LD+Sb2kor8/e1nkOTp17+MzU/Mc+ftfcw0dPzJ6YPbV39+7pvfv2HThwYOr43MnZ6eLvKzza/W9LNpxeAzvCsYuvgVe3Lds8VRe+NL7k/Hulr8OJDq/DrW3L9vp1ONq+c0Mb84JcOqeL18Z7Gwd94tJwtsxrLH9+7lj76zDtd9PrcLTpdVj6PaXkdTi6gtdhY5kzd6zsPcto05+yMSz/vWBtc3Br0xxsfz/SPgd7/X6kX+bgRJgX379j+e8F28N4n9y12vcjI0vmYNrdcO5p3JLe708cyEvZvLypccc149n5+dmzdz969Ny5s7uzUDbEy5rmSvt83dK0T9mS+Tq86vl6aO6VT95UcvvWcKwm7mr8NbHsc9VY5p67Oz9X+Xe38uPZcuueLJQe2+jjWfbdvHE8x7PsC99+/MFvPvaFNyx7PBv95iem1v5ePPWlTeffsWXOv7Hvf6HYXlrVEyNjo8XrdyQdnbGW83HrUzWan7uG8m0/P7Wy8/FY+LPR5+PrO5yPt7Ut2+vz8Vj7zsXz8VC3n3asTfvzORHmycnpzufjxjLb9qx2To52PB/fGupQOP6vCZ1C6oua5s5y8zZta3R0LOzXaNxC6zzd27L8WOjNGtt6es+VzdPbby3WNZL2btFGzdPJtmV7PU/Tz76Wm6dD3X76dmXan8+JMC+u39t5njaWeeaetZ87N8d/Np07x7vNwbGR8caYx9IkzM/32cLmOAfvzo5lp7OT2Ux+73g+n4bybe26d2VzcDz82ehz5bYOc/D2tmV7PQfT97Hl5t7Q6NKd74H253MizIun7u08BxvLvHF/b9+73h5uScs0vXdt//nacj/zuqntMK3XXBkN4/z2/s4/m20sc/LAavvMzsfpznDLNSXHqf31u9xraibbmOO0LYzzuQPLH6fGeBrLfP7gCufToSzLLjxyf/7z3vD7lb89/72vtfzepex3Ohceuf8nLz7+D6sZPwCD74WibCm+1zX9Zmolv/8HAAAABkLs+4dDTfT/AAAAUBmx74//KzzR/wMAAEBlxL5/NNSkJv3/tjc+N/fChSwl8xeCeH86DA8Uy8WM63T4enJhUeP2+78y+99/f2Fl2x7OsuznD/xB6fLbHojjKkyGcV5+U+vtS3ztrhVt+8hDF9J2m/PrXwzrj/uz0mlQFsGdzrLsG9d9Jt/O5Acu5fWZB47k9cGLTz7RWOb5g8XX8fHPvqxY/s9C+PfQ8aMtj382HIcfhTr9tvLjER/31Uuv2b7/fYvbi48b2nFtvttPfbBYb/ycnM8+USwfj/Ny4//mp5/+amP5R19VPv4Lw+Xjfzqs9yuh/u8riuWbn4PG1/Fxnwzjb2yvMUPj4+7+8rdKx3/5U8XyZ95cLHck1Lj928PXO9/83Fzz8Xp06GjLfmVvKZaL25/+3h/l98f1xfW3j3/i8KWW49E+P57512I9U23Lx9vjdqK/a9t+Yz3N8zNu/+k/PNJynLtt//KDz76isd727d/ZttyZR+7It7+4vtZPbPrzT36mdHtxPIf+5kzL/hx6d3gdh+0/9cEwH8P9/3e5WF/7pysceXfr+Scu/8WtF1r2J3rrz4rtX37dibxumti85ZoXvfjaizc3jl2WfXdTsb5u2z/xF6dbxv+lG4rjEe+PGf327S8nbv/sR3edOj1/fm4mHdXHrss/O+ftxXjieK8L59b2rw+fPveh2bOT05PTWTZZ3Y/Qu2JfDvUnRbnYeemFJWfQOx4Kz+dNf/qNLbf9y6fj7f/23uL2S28rvm+9Oiz32XD71vD8rW77Sz11yw3563vomTDChaWfF7wW23f+14EVLRj2v/19QZzvZ17+ofw4NO7Lv2/E1/Uax/+DmWI9Xw/HdSF8MvOOGxa317x8/GyES+8pXu9rPn7hNBef178Kz/c7flSsP44r7u8PwvuYb21rPd/F+fH1C8Pt688/xeNiOJ9kF4v741LxeF96/obS4cXPIcku3ph//bm0nhtXtZvLmf/Y/NTJuVPnH506Nzt/bmr+Yx8//PDp86fOHc4/y/Pwh7s9fvH8tCU/P83M7rsny89Wp4uyzq72+M88dGxm//RtM7PHj54/fu6hM7NnTxybnz82OzN/29Hjx2c/2u3xczP37d5zcO/+PbtOzM3cd+Dgwb0Hd82dOt0YRjGoLvZNf2TXqbOH84fM33fPwd333nvP9K6HT8/M3rd/enrX+W6Pz7837Wo8+vd3nZ09efTc3MOzu+bnPj573+6D+/bt6fppgA+fOT4/OXX2/Kmp8/OzZ6eKfZk8l9/c+N7X7fFU0/y/F+9n2w0VH8SXvevOfenzWRu+8viyqyoWafsA0efCZ9H800vOHFjJ17HvHws1qUn/DwAAAHUQ+/7xUBP9PwAAAFRG7Ps3hZro/wEAAKAyYt8/EWpSk/6/cvn/bRdWtH35/8HL/2fy//L/bftzxfn/9/Rb/r84X8j/98Za8/fy/4H8v/y//L/8v/w/PdBv+f/Y92/Oslr2/wAAAFAHse/fEmqi/wcAAIDKiH3/NaEm+n8AAACojNj3vyjUpCb9v/y//L/8v/y//H/59leR/9+UrYD8/8aQ/++s5vn/4a4DkP+fyuqV/7/Yy/HXN/9f9FDy/5Tpt/x/7PtfHGpSk/4fAAAAKuU/y2+Off+1oSb6fwAAAKiM2PdfF2qi/wcAAIDKiH3/1lCTmvT/8v/y//L/8v/y/+Xbd/3/wST/31nN8//dyf+7/r/8v+v/01P9lv+Pff9LQk1q0v8DAABAHcS+/6WhJvp/AAAA6D+jV/aw2Pe/LNRkSf9/hRsAAAAArrrY91+ftQXBa/L7f/l/+X/5f/l/+f/y7a88/z+Syf/3D/n/zuT/u5D/l/+X/5f/p6f6Lf+f9/3ZRPbyUJOa9P8AAABQB7HvvyHURP8PAAAAlRH7/l8KNdH/AwAAQGXEvn9bqElN+n/5/0rm/xtPk/y//P+y269A/j8/WfdP/n9dr/8/GwKb8v8rJP/fmfx/F/L/8v/y//L/9FS/5f9j339jqElN+n8AAACog9j33xRqov8HAACAyoh9/y+Hmuj/AQAAoDJi37891KQm/b/8f5/n/2Ny1PX/5f8X8/+PyP8XapL/d/3/VZL/70z+vwv5f/l/+X/5f3qq3/L/se9/RahJTfp/AAAAqIPY978y1ET/DwAAAJUR+/6bQ030/wAAAFAZse+fDDWpSf8v/9/n+f8ru/6//H+18/+ruv7/zfL/8v81I//fmfx/F/L/8v/y//L/9FS/5f9j339LqElN+n8AAACog9j37wg10f8DAABAZcS+/9ZQE/0/AAAAVEbs+3eGmtSk/5f/l/+X/692/r9s+/L/8v9VJv/fmfx/F/L/8v/y//L/9FS/5f9j3/+qUJOa9P8AAABQB7Hvvy3URP8PAAAAlRH7/leHmuj/AQAAoDJi3397qElN+n/5f/l/+X/5/5rn/y/I/1eL/H9n8v9dyP/3Ij//Dvl/+X/5f6J+y//Hvv81oSY16f8BAACgDmLff0eoif4fAAAAKiP2/XeGmuj/AQAAoDJi378r1KQm/b/8v/y//L/8f83z/67/XzF9kP+fWMv25f/l/yuQ/3f9f/l/+X+Sq5X/z7Ly/H/s++8KNalJ/w8AAAB1EPv+u0NN9P8AAAAwgDaX3hr7/qlQE/0/AAAAVEbs+6dDTWrS/8v/y//L/9c6/39x1fn/mxfXK/9fkP/vL+uW/x/OXP9f/l/+v4tBy/+3/3awP/L/Y/L/VMoV5f+/Wrqqnlz/P/b9u0NNatL/AwAAQB3Evn9PqIn+HwAAACoj9v17Q030/wAAAFAZse+/J9SkJv2//P/G5f9HM/l/+f++y/+7/r/8f+X0wfX/17T9wcv/x12U/5f/H7z8f6/H7/r/8v8sdUX5/3I9yf/Hvv/eUJOa9P8AAABQB7Hv3xdqov8HAACAyoh9//5QE/0/AAAAVEbs+w+EmtSk/5f/d/1/+X/5f/n/8u3L/w8m+f/OXP+/C/l/+X/5f/l/eqrf8v+x7z8YalKT/h8AAADqIPb9rw010f8DAABAZcS+/1dCTfT/AAAAUBmx7//VUJOa9P/y//L/8v/y//L/5duX/x9M8v+dyf93If8v/y//L/9PT/Vb/j/2/feFmtSk/wcAAIA6iH3/r4Wa6P8BAACgMmLf/7pQE/0/AAAAVEbs+w+FmtSk/5f/X2H+f3Pn9cn/t45f/r98fsj/y//L/68/+f/O5P+7kP+X/69g/v9x+X+uon7L/8e+//WhJjXp/wEAAKAOYt9/f6iJ/h8AAAAqI/b9bwg10f8DAABAZcS+/42hJjXp/+X/Xf9f/l/+X/6/fPvy/4NJ/r8z+f8u5P/l/yuY/9+A6/+Phyr/zxIrzf/H91Xrnf+Pff+bQk1q0v8DAABAHcS+/82hJvp/AAAAqIzY978l1ET/DwAAAJUR+/63hprUpP+X/5f/l/+X/5f/L9++/P9gkv/vTP6/C/l/+f8Byf9/r+TxVzH/n3P9f8r02/X/Y9//66EmNen/AQAAoA5i3/9AqIn+HwAAACoj9v1vCzXR/wMAAEBlxL7/7aEmNen/e5f/H5f/byP/L//fPj/k/+X/5f/Xn/x/ZwOW///FteF2+f+C/P86jX/yc8WBH6D8f5nS/P8Pl8v/L2xqf7z8P+uh3/L/se9/R6hJTfp/AAAAqIPY978z1ET/DwAAAJUR+/53hZro/wEAAGDwLRTxgdj3/0aoSU36f9f/b4xjMb28zvn/v5b/l/+X/5f/l/9fX/L/nQ1Y/t/1/9vI//f3+Psy/+/6/1xl/Zb/j33/u0NNatL/AwAAQB3Evv/BUBP9PwAAAFRG7PvfE2qi/wcAAIDKiH3/e0NNatL/y/+7/r/8/4Dn/yezLJP/l/8nkf/vTP6/C/l/+f9+y///h/w/g63f8v+x738o1KQm/T8AAADUQez73xdqov8HAACAyoh9/2+Gmuj/AQAAoDJi3//+UJOa9P/y/4OS/5+U/5f/d/3/tv2R/5f/LyP/39nG5/9X94ZK/l/+f5DH7/r/8v8s1W/5/9j3fyDUZOXfriZWvCQAAABwVcS+/7dCTWry+38AAACog9j3/3aoif4fAAAAKiP2/b8TalKT/l/+f1Dy/67/n8n/y/+37Y/8v/x/mY3L/8czj/y/6//L/0fy//L/8v+067f8f+z7fzfUpCb9PwAAANRB7Ps/GGqi/wcAAICBUPZ/stvFvv9wqEn3/n/V/6cPAAAAuDpi338k1KQmv/+X/5f/l//v0/z/n+z45+9/551Hdsv/y//L/6/Khl7/v/Hid/1/+X/5/0T+X/6/NP+/Sf6/ztYh/z/WfONq8/+x7z8aalKT/h8AAADqIPb9vxdqov8HAACAyoh9/7FQE/0/AAAAVEbs+2dCTWrS/8v/y//L//dp/n+V1/8fCtvph/x/PB7y/616lv+PJ135/1Ibmv9/32JOXP5/tfn/8dJb5f9XnP/P37jJ//fX+OX/Xf+fpXqV/x9ZzP+3WG3+P/b9s6EmNen/AQAAoA5C3z98vKiLd+j/AQAAoDJi338i1ET/DwAAAJUR+/4PhZrUpP+X/5f/l/+vRv7f9f8Xl698/t/1/zuS/++sf/L/5eT/Xf9/kMcv/y//z1LrcP3/FqvN/8e+fy7UpCb9PwAAANRB7Ps/HGqi/wcAAIDKiH3/R0JN9P8AAABQGbHvPxlq8v/s3dmT5fVZx/HT2FPMFBeWVVZ54YXcW/4FXMC1/gFeeOONVZRV4gLuC4P7ivuGC7ivuIAibriCCmpCQvaQlSRkTwhJCElqUsw8zzOnu0//Tvf06enf+T6v10UeGTM5nXGcySfDu75N9r/+X/+v/9f/6/9Xf/7l/n/36r+u/n876P+n6f/X0P/r//X/+n82am79f+7+b4pbmux/AAAA6CB3/x1xi/0PAAAAw8jd/81xi/0PAAAAw8jd/y1xS5P9r//X/w/b/9+q/z/s8/X/3v8fmf5/mv5/jS3q/7/0vP5/bl+//l//z0Fz6/9z939r3NJk/wMAAEAHufu/LW6x/wEAAGAYufvvjFvsfwAAABhG7v674pYm+39f/7+z6Nn/Z8ar/x+p//f+/6Gfr//X/4/s+vb/97zyK5/+X//v/f+g/9f/6//Zb279f+7+b49bmux/AAAA6CB3/3fELfY/AAAADCN3/3fGLfY/AAAADCN3/3fFLU32/8ne/98dpf8vG+j/d7JF1//r//f//ND/6//1/6fP+//TOvX/dz5z0x0vPPLljx7n8/X/+n/9v/6fzZpb/5+7/7vjlib7HwAAADrI3f89cYv9DwAAAMPI3f+9cYv9DwAAAEN4/qsWtfu/L25psv9P1v8P8/5/8f6//v/yN+j/9f/6/62l/5/Wqf+/ls/X/+v/r+Hrr98G9f/6fw6aW/+fu//745Ym+x8AAAA6yN3/A3GL/Q8AAADDyN1/d9xi/wMAAMAwcvdfjFua7H/9/+n3/5/X/299/39uof+/Qv+v/58//f80/f8a+n/9v/f/9f9s1Nz6/9z998QtTfY/AAAAdJC7/wfjFvsfAAAAhpG7/4fiFvsfAAAAhpG7/4fjlib7X//v/X/9v/f/9f+rP1//v530/9P0/2vo/0/az5/T/+v/9f8sO2b///LEL9sb6f9z9/9I3NJk/wMAAEAHuft/NG6x/wEAAGAYuft/LG6x/wEAAGAYuft/PG5psv/1//p//b/+X/+/+vP1/9tJ/z9tNv3/zu7Kb9b/b33/7/1//b/+nz3m9v5/7v6fiFua7H8AAADoIHf/T8Yt9j8AAAAMI3f/T8Ut9j8AAAAMI3f/T8ctTfa//l//r//X/+v/V3/+VP//6NLXp/+fl432/zv6f+//6//1//p//T8nMbf+P3f/z8QtTfY/AAAAdJC7/964xf4HAACAYeTu/9m4ZWn/7/97UQEAAIDtkrv/5+KWJn/+v7r/v/q/1/8fzXXq/3f1//r/K//3vvKvqP+f7P9v8/5/T97/n7a+/89fUfX/+n/9/0b6/8XOKP3/hXXfX//PKnPr/3P3/3zc0mT/AwAAQAe5+38hbrH/AQAAYBi5+38xbrH/AQAAYBi5+38pbmmy/73/v1X9v/f/e/X/D5zz/v9lc3z/f3Hd+/9d/f8R6f+nef9/Df2//t/7/97/Z6Pm1v/n7v/luKXJ/gcAAIAOcvf/Stxi/wMAAMB2WP57Bw55xD93/6/GLfY/AAAADCN3/6/FLU32/+D9/62H/dP0//r/5R+vmfb/h77/r/+/olf/7/3/o9L/T9P/r6H/P41+fnew/v/+w77/HPr/u/X/zMye/v+xq99+Vv1/7v5fj1ua7H8AAADoIHf/fXGL/Q8AAADDyN3/G3GL/Q8AAADDyN3/m3FLk/1/6v3/hcM/2/v/+n/9v/5f/6//3zT9/zT9/xr7+/9X/qOh/t/7/97/1/9zzfb0/0vOqv/P3f9bcUuT/Q8AAAAd5O7/7bjF/gcAAIBh5O6/P26x/wEAAGAYufsfiFua7P/B3/8/lP5f/7/846X/1/+v+nz9/3bS/0/T/6/h/X/9/1n0//ETQP/PiObW/+fu/524pcn+BwAAgA5y9/9u3GL/AwAAwDBy9/9e3GL/AwAAwDBy9/9+3NJk/+v/T7f/z2/X/+v/F/p//b/+/7po2//vrPqd6KBD+v+nbr/4NXu/Rf+v/x+y/3/uVL9+7//r/zloFv3/pav/6TJ3/x/ELU32PwAAAHSQu/8P4xb7HwAAAIaRu/+P4hb7HwAAAIaRu/+P45Ym+3+p/8/kQv/v/X/9v/5f/6//31pt+/8j8v7/tJfi36/+f9T+/3S/fv2//p+DZtH/L/117v4/iVua7H8AAADoIHf/n8Yt9j8AAAAMI3f/n8Ut9j8AAAAMI3f/n8ctTfa/9/979P83LvT/+n/9v/6/B/3/NP3/Gt7/1//r//X/bNTc+v/c/Q/GLU32PwAAAHSQu/8v4hb7HwAAAIaRu/8v4xb7HwAAAIaRu/+v4pYm+1//f0j/vxir//f+v/5/of/X/zeh/5921v3/qt8vl12X/v+hiS9gVf9/6Ub9/5b3/+eP+P31//p/Nm9u/X/u/r+OW5rsfwAAAOggd/9DcYv9DwAAAMPI3f9w3GL/AwAAwDBy9/9N3NJk/+v/e7z/r//X/y/0//r/JvT/01b3/zcc/Cbv/3v/f6D+3/v/+n/Oztz6/9z9fxu3NNn/AAAA0EHu/kfiFvsfAAAAhpG7/+/iFvsfAAAAhpG7/9G4pcn+1//r//X/+n/9/+rP1/9vp9Pr/xcD9/8r6P/1//p//b/+nw2YW/+fu//v45Ym+x8AAAA6yN3/D3GL/Q8AAADDyN3/j3GL/Q8AAADDyN3/T3FLk/1/Vv3/bfp//b/+X/+v/68fVf3/5nj/f5r+fw39v/5f/6//Z6Pm1v/n7v/nuKXJ/gcAAIAOcvc/FrfY/wAAADCM3P3/ErfY/wAAADCM3P3/Grc02f/e/9f/7+3/F4uZ9//5/6T6f/3/CP3/+YX+f+P0/9P0/2vo/8fs/29YDNT/Xzj0++v/maO59f+5+/8tbmmy/wEAAKCD3P3/HrfY/wAAADCM3P3/EbfY/wAAADCM3P3/Gbc02f/6f/2/9//H6f8ff3H1z0f9/2z7//pR1f9vjv5/mv5/Df3/mP2/9//1/5yZufX/ufsfj1ua7H8AAADoIHf/E/v/DNX+BwAAgGE8cfkfzy/+K26x/wEAAGAYufv/O25psv/1//p//f84/b/3/6/Q//d2Rv3/zqY+X/+v/9f/b+/Xr//X/3PQ3Pr/3P3/E7c02f8AAADQQe7+J+MW+x8AAACGkbv/qbjF/gcAAIBh5O7/37ilyf7X/+v/9f/b2f+f1/8P3//nV6b/P565vP9/yy1f/bT+X/+v/9f/6//1/93Nrf/P3f9/cUuT/Q8AAAAd5O7//7jF/gcAAIBh5O5/Vdxi/wMAAMAwcve/Om5psv8P9v/nFlcK1StW9f/RqOn/l+j/9379+v/VPz+8/6//9/7/6ZtL/+/9/2v7+ufW/9+l/9f/n1b/f/PB76//Z0Rz6/9z9z8dtzTZ/wAAANBB7v7XxC32PwAAAMzYqr8T+3C5+18bt9j/AAAAMIzc/c/ELU32v/f/9f/6f/2//n/156/r/5P+f170/9P0/2t4/1//3+j9//j9r36dqv7/i/T/bM7c+v/c/a+LW5rsfwAAAOggd//r4xb7HwAAAIaRu/8NcYv9DwAAAMPI3f/GuKXJ/tf/b7T/313+Nv2//n/fzw/9/2D9v/f/50n/P03/v4b+X//fqP/fz/v/nIa59f+5+98UtzTZ/wAAANBB7v43xy1H2v8XTumrAgAAADYpd/9b4hZ//g8AAADDyN3/1rilyf6fa/9/93b2/3vo/+fS/3+9/n/f5+v/9f8j0//n7+ir6f/X0P8ft59/afkv9P/6f/0/+82t/8/d/2zc0mT/AwAAQAe5+98Wt9j/AAAAMIzc/W+PW+x/AAAAGEbu/nfELU32/1z7/y19/3+POfb/O4uO/b/3/y//9c6O/l//34L+f5r+f43N9v/3NOj/99D/6//1/+w3t/4/d/8745Ym+x8AAAC21dd+5Tc+e9R/bu7+d8Ut9j8AAAAMI3f/u+MW+x8AAACGkbv/ubilyf7X//fq/3u+/6//9/6//r8T/f80/f8a3v/X/+v/9f9s1Nz6/9z974lblobf7rH/XQIAAABzkrv/vXFLkz//BwAAgA5y978vbjmw/y8d8e9qBwAAAOYmd//zcUuTP/8/cf+/2NH/n2b/v9D/6//1//p//f9x6P+nnbD/v7Sj/9f/T9D/6//1/yy7MMP+P3f/++OWJvsfAAAABrXnv1HI3f+BuMX+BwAAgGHk7v9g3GL/AwAAwDBy938obmmy/73/P/P+/5re/79Q/5P+v3n/f+/5lZ+v/9f/j0z/f6gvidvp/f9LX6z/P5az7ue3/evX/+v/OWhu/X/u/g/HLU32PwAAAHSQu/8jcYv9DwAAAMPI3f/RuMX+BwAAgGHk7v9Y3NJk/+v/R+z/vf+v/5/+/HH6/y+76eKTX/cNDz+o/+eq69n/58+FLen/Lzvh+//b1v8f5/Pvu/yP+n/9v/7/2P3/zXH1/6wyt/4/d//H45Ym+x8AAAA6yN3/Qtxi/wMAAMAwcvd/Im6x/wEAAGAYuftfjFua7P+t6v+/Qv8/cv+fP9Zn0P9f3L7+P5vi7v2/9//1/wd5/3+a/n8N/b/+X//v/X82am79f+7+T8YtTfY/AAAAdJC7/1Nxi/0PAAAAw8jd/+m4xf4HAACAYeTufyluabL/t6r/9/7/0P1/upb+Pz/f+//6/4X+vz39/5Ldg9+k/19D/6//1//r/9moufX/ufs/E7c02f8AAADQQe7+l+MW+x8AAACGkbv/s3GL/Q8AAADDyN3/ubilyf7X/+v/R+j/T/j+/9n0/6/8cqP/1//r/zdO/z9N/7+G/l//377/v13/z0bNrf/P3f+FAAAA//9/pV3V")
mkdir(&(0x7f0000000000)='./file0\x00', 0xfffffffffffffffe)
open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)

5.267152986s ago: executing program 8 (id=2438):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x4a}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r0}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

5.254931156s ago: executing program 9 (id=2439):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000005880)=ANY=[@ANYBLOB="6e6f646973636172642c6e6f636865636b706f696e745f6d657267652c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c757365725f78617474722c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030303031362c646973636172642c6e6f61636c2c6673796e635f6d6f64653d706f7369782c616c6c6f635f6d6f64653d64656661756c742c6e6f657874656e745f63616368652c6163746976655f6c6f67733d322c6661756c745f747970653d30303030303030303030303031363737373231342c0084538367d8b9c04bebbf0f4ea4d5617c063f0a30b5325e5d939d497829d8452e38794f1563bf34cdaaf9b70591db2f2a066e339d0c0b7c189bac05d8e91e9d1f4670d79a57f83b67f1f98b905d3b06be7de7829439d0b21d1744d7fad3fe3f3f9b3361f4bfa2c2e375c048af0d6ecac62d07c6a85e2558b9e8639b050137830520aea2c9243f9f9eca12969def7d15c8bac687164c38cf349d738c"], 0x1, 0x5505, &(0x7f0000000340)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0)=0x404)

5.248669021s ago: executing program 5 (id=2440):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x3, 0xc, &(0x7f00000012c0)=ANY=[@ANYBLOB="180200000000020000000000000001008500000027000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008ce0000b703000000000000850000009b00000095"], &(0x7f0000000080)='GPL\x00'}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[@ANYBLOB="38000000180001002abd7000fcdbdf250a200000fd00ff05001000000c001680080003007f000001080006004300000008000100ff", @ANYRES32=r1], 0x38}}, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4081}, 0x2400c800)

4.061416888s ago: executing program 0 (id=2442):
r0 = socket$xdp(0x2c, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440))
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x400, 0x4)
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0xf)
close_range(r0, 0xffffffffffffffff, 0x0)

3.361038114s ago: executing program 9 (id=2443):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000000c0)="5c00000014006b05c84e21000ab16d6e230675f811000000440002005817d30461bc24eeb556a705251e6182149a36c23d3b48dfd8cdbf9367b098fa51f60a64c9f408000000e786a6d0bdd70000b6c0504bb9189d9193e9bd1c1b78", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x24000000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'dummy0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=@delchain={0x24, 0x11, 0x1, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x10, 0xf}, {0x0, 0xc}, {0x4, 0x1}}}, 0x24}}, 0x0)

3.227225178s ago: executing program 0 (id=2444):
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002, 0xfffffffa, @rand_addr, 0x5}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000000080)='D', 0x1, 0x404c814, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0x1, 0x0)

2.375953286s ago: executing program 7 (id=2445):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000040)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0, <r2=>0x0], &(0x7f0000000200), 0x4, r1})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000500)={0x601, 0x1, &(0x7f0000000180)=[r3], &(0x7f0000000480)=[0x2], &(0x7f0000000440)=[r2], &(0x7f0000000040), 0x0, 0x8})

2.375614333s ago: executing program 8 (id=2446):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000580)='./bus\x00', 0x200080, &(0x7f0000000180), 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)
write$P9_RSTATFS(r0, &(0x7f0000000000)={0x43, 0x9, 0x2, {0x5, 0xfffffffd, 0x5e5, 0x7, 0x52f064d, 0xfffffffffffffff9, 0x7fff, 0x0, 0xa}}, 0x43)
pipe2(&(0x7f00000000c0), 0x80000)

1.968912802s ago: executing program 0 (id=2447):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040), 0x6)
ioctl$sock_bt_hci(r0, 0x400448e6, &(0x7f0000000240)='|')
ioctl$sock_bt_hci(r0, 0x400448e6, &(0x7f0000000500))
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f00000000c0), &(0x7f0000000100)=0x30)
ioctl$sock_bt_hci(r0, 0x400448e7, &(0x7f0000000080))

1.867316281s ago: executing program 5 (id=2448):
r0 = io_uring_setup(0x2e34, &(0x7f0000000180))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=ANY=[@ANYBLOB="180200000000000000000000cfffffff850000001700000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'dummy0\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={r1, r3, 0x25, 0x2, @val=@kprobe_multi=@addrs={0x0, 0x0, 0x0, 0x0, 0x3}}, 0x30)
close_range(r0, 0xffffffffffffffff, 0x0)

1.778649116s ago: executing program 7 (id=2449):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x80}, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000300)=[r0], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x6000, @fd_index, 0x80000001, 0x0, 0x0, 0xf})
io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0)

1.156249189s ago: executing program 7 (id=2450):
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000340)={0x100000011, @multicast2, 0x0, 0x0, 'sh\x00', 0x1f, 0x4001000, 0x4a}, 0x2c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0)

1.139371473s ago: executing program 0 (id=2451):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f00000001c0)={0x1d, r1}, 0x10)
recvmmsg(r0, &(0x7f00000006c0)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)=""/58, 0x3a}, {0x0}], 0x2}, 0x2139}, {{0x0, 0x0, 0x0}, 0x6}], 0x2, 0x40000002, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "0000000000000003"}, 0x10}}, 0x20000000)

1.014248093s ago: executing program 5 (id=2452):
r0 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x403, 0x6030, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x2}}}}]}}]}}, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x5, "10fbb178"}]}}, 0x0}, 0x0)

520.217395ms ago: executing program 8 (id=2453):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f00000001c0)={0x1d, r1}, 0x10)
recvmmsg(r0, &(0x7f0000004440)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000340)=""/70, 0x46}], 0x1}, 0x2139}], 0x1, 0x40000002, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "0000000000000003"}, 0x10}}, 0x20000000)

463.282616ms ago: executing program 0 (id=2454):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x6, @mcast1}, 0x1c)
sendto$inet6(r0, &(0x7f0000000e80)="0d0ad7", 0x3, 0x6d91fb6102d8910c, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x40000, 0x0, 0x0)
recvfrom(r0, 0x0, 0x0, 0xb2e8cac17a6e5d7c, 0x0, 0x0)

462.755752ms ago: executing program 7 (id=2455):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000280), r2)
getsockname$packet(r2, &(0x7f00000004c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090200000000000000000100000008000600ac1414aa08000b00", @ANYRES32=r3, @ANYBLOB="08000800e000000106000a004e"], 0x34}, 0x1, 0x0, 0x0, 0x4008080}, 0x0)

0s ago: executing program 0 (id=2456):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x200, 0xfffffffd}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000001c0)={0x8000042, 0x3}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x42, 0x1, 0x3}, 0x10)

kernel console output (not intermixed with test programs):

9): enabling ssd optimizations
[  744.999408][T11913] BTRFS info (device loop9): turning on sync discard
[  745.006570][T11913] BTRFS info (device loop9): enabling free space tree
[  745.013560][T11913] BTRFS info (device loop9): force clearing of disk cache
[  745.021247][T11913] BTRFS info (device loop9): enabling auto defrag
[  745.028109][T11913] BTRFS info (device loop9): max_inline set to 0
[  745.073946][T11919] bcachefs (loop5): done starting filesystem
[  745.102129][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  745.102209][   T30] audit: type=1800 audit(1758807810.463:121): pid=11913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1982" name="file2" dev="loop9" ino=261 res=0 errno=0
[  745.369673][T10741] BTRFS info (device loop9): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  745.440220][ T6102] bcachefs (loop5): shutting down
[  745.445640][ T6102] bcachefs (loop5): going read-only
[  745.451049][ T6102] bcachefs (loop5): finished waiting for writes to stop
[  745.460473][ T6102] bcachefs (loop5): flushing journal and stopping allocators, journal seq 10
[  745.471781][ T6102] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 10
[  745.482868][ T6102] bcachefs (loop5): unclean shutdown complete, journal seq 10
[  745.538972][ T6102] bcachefs (loop5): done going read-only, filesystem not clean
[  745.610177][ T6102] bcachefs (loop5): shutdown complete
[  745.935448][ T9709] usb 9-1: new full-speed USB device number 6 using dummy_hcd
[  746.111565][T11961] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1994'.
[  746.177925][ T9709] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  746.188576][ T9709] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  746.200606][ T9709] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  746.214517][ T9709] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  746.225594][ T9709] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  746.265073][ T9709] usb 9-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  746.275174][ T9709] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  746.283573][ T9709] usb 9-1: Product: syz
[  746.288063][ T9709] usb 9-1: Manufacturer: syz
[  746.292871][ T9709] usb 9-1: SerialNumber: syz
[  746.356707][ T9709] usb 9-1: config 0 descriptor??
[  746.606682][ T9709] radio-si470x 9-1:0.0: DeviceID=0x6465 ChipID=0x7669
[  746.758874][ T4050] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  746.809737][ T9709] radio-si470x 9-1:0.0: software version 100, hardware version 101
[  747.014012][ T9709] radio-si470x 9-1:0.0: submitting int urb failed (-90)
[  747.448403][ T9709] radio-si470x 9-1:0.0: si470x_set_report: usb_control_msg returned -71
[  747.458784][ T9709] radio-si470x 9-1:0.0: probe with driver radio-si470x failed with error -22
[  747.555071][ T9709] usb 9-1: USB disconnect, device number 6
[  748.103493][T11978] loop7: detected capacity change from 0 to 2048
[  748.268804][T11978] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  748.281698][T11978] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  748.729899][ T9622] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  749.668413][T11990] loop8: detected capacity change from 0 to 32768
[  749.945475][T11990] bcachefs (loop8): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  749.945636][T11990]   allowing incompatible features above 0.0: (unknown version)
[  749.945715][T11990]   features: lz4
[  749.968514][    C0] vkms_vblank_simulate: vblank timer overrun
[  749.988046][T11990] bcachefs (loop8): Using encoding defined by superblock: utf8-12.1.0
[  749.998966][T11990] bcachefs (loop8): initializing new filesystem
[  750.019750][T11990] bcachefs (loop8): going read-write
[  750.065756][T11990] bcachefs (loop8): marking superblocks
[  750.126645][T11994] loop7: detected capacity change from 0 to 32768
[  750.168320][T11990] bcachefs (loop8): initializing freespace
[  750.207283][T11990] bcachefs (loop8): done initializing freespace
[  750.230269][T11994] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  750.243522][T11990] bcachefs (loop8): reading snapshots table
[  750.243785][T11990] bcachefs (loop8): reading snapshots done
[  750.388932][T11990] bcachefs (loop8): done starting filesystem
[  750.486432][T11994] XFS (loop7): Ending clean mount
[  750.497438][T11994] XFS (loop7): Quotacheck needed: Please wait.
[  750.585704][T11990] bcachefs (loop8): shutdown by ioctl type 2emergency read only at seq 2
[  750.613952][ T5876] bcachefs (loop8): going read-only
[  750.619510][ T5876] bcachefs (loop8): finished waiting for writes to stop
[  750.936360][ T9698] bcachefs (loop8): shutting down
[  750.954852][T12012] infiniband syz0: set active
[  750.959784][T12012] infiniband syz0: added bond_slave_0
[  750.973247][ T5876] bcachefs (loop8): flushing journal and stopping allocators, journal seq 2
[  750.983243][ T5876] bcachefs (loop8): flushing journal and stopping allocators complete, journal seq 2
[  750.993095][ T5876] bcachefs (loop8): unclean shutdown complete, journal seq 2
[  751.050309][ T5876] bcachefs (loop8): done going read-only, filesystem not clean
[  751.080022][T11994] XFS (loop7): Quotacheck: Done.
[  751.102615][T12020] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  751.188640][ T9698] bcachefs (loop8): shutdown complete
[  751.229902][T12012] RDS/IB: syz0: added
[  751.234452][T12012] smc: adding ib device syz0 with port count 1
[  751.240819][T12012] smc:    ib device syz0 port 1 has pnetid 
[  752.298019][ T9622] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  754.419280][T12050] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2022'.
[  754.429413][T12050] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2022'.
[  754.514522][ T1894] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  754.545209][ T1894] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  754.610805][ T1894] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  754.619328][ T1894] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  755.395208][   T30] audit: type=1326 audit(1758807820.758:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12052 comm="syz.7.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e28f8eec9 code=0x7ffc0000
[  755.421119][   T30] audit: type=1326 audit(1758807820.758:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12052 comm="syz.7.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e28f8eec9 code=0x7ffc0000
[  755.444410][   T30] audit: type=1326 audit(1758807820.768:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12052 comm="syz.7.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2e28f2af79 code=0x7ffc0000
[  755.467200][   T30] audit: type=1326 audit(1758807820.768:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12052 comm="syz.7.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2e28f2af79 code=0x7ffc0000
[  755.490617][   T30] audit: type=1326 audit(1758807820.768:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12052 comm="syz.7.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2e28f2af79 code=0x7ffc0000
[  755.513875][   T30] audit: type=1326 audit(1758807820.768:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12052 comm="syz.7.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2e28f2af79 code=0x7ffc0000
[  755.538329][   T30] audit: type=1326 audit(1758807820.768:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12052 comm="syz.7.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2e28f2af79 code=0x7ffc0000
[  755.562769][   T30] audit: type=1326 audit(1758807820.768:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12052 comm="syz.7.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2e28f2af79 code=0x7ffc0000
[  755.585558][   T30] audit: type=1326 audit(1758807820.768:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12052 comm="syz.7.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2e28f2af79 code=0x7ffc0000
[  755.609529][   T30] audit: type=1326 audit(1758807820.768:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12052 comm="syz.7.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2e28f2af79 code=0x7ffc0000
[  757.073221][T12083] Driver unsupported XDP return value 0 on prog  (id 163) dev N/A, expect packet loss!
[  757.163572][T12087] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2037'.
[  757.181119][T12087] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2037'.
[  757.351883][T12088] loop7: detected capacity change from 0 to 2048
[  757.433304][T12088] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  758.506169][T12098] loop5: detected capacity change from 0 to 32768
[  758.564128][T12098] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2043 (12098)
[  758.609996][T12098] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  758.620936][T12098] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  758.656591][T12099] loop8: detected capacity change from 0 to 128
[  759.060327][T12098] BTRFS info (device loop5): enabling ssd optimizations
[  759.067819][T12098] BTRFS info (device loop5): enabling free space tree
[  759.074808][T12098] BTRFS info (device loop5): use zstd compression, level 3
[  759.124106][T12116] overlayfs: upper fs does not support file handles, falling back to index=off.
[  759.133779][T12116] overlayfs: fs on './file0' does not support file handles, falling back to xino=off.
[  759.280042][ T6102] BTRFS info (device loop5): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  759.697917][ T9709] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  759.931698][ T9709] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  759.942323][ T9709] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  760.076784][ T9709] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  760.086702][ T9709] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  760.095602][ T9709] usb 9-1: SerialNumber: syz
[  760.539649][ T9709] usb 9-1: 0:2 : does not exist
[  760.583818][T12127] loop7: detected capacity change from 0 to 32768
[  760.739844][T12127] bcachefs (loop7): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,checksum_err_retry_nr=12,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,degraded=yes,nojournal_transaction_names
[  760.740016][T12127]   allowing incompatible features above 0.0: (unknown version)
[  760.740014][ T9709] usb 9-1: USB disconnect, device number 7
[  760.740117][T12127]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  760.799935][T12127] bcachefs (loop7): Using encoding defined by superblock: utf8-12.1.0
[  760.808600][T12127] bcachefs (loop7): initializing new filesystem
[  760.830599][T12127] bcachefs (loop7): going read-write
[  760.874133][T12127] bcachefs (loop7): marking superblocks
[  760.927618][T12127] bcachefs (loop7): initializing freespace
[  760.959126][T12127] bcachefs (loop7): done initializing freespace
[  760.979909][T12127] bcachefs (loop7): reading snapshots table
[  760.986228][T12127] bcachefs (loop7): reading snapshots done
[  761.025254][T12143] loop9: detected capacity change from 0 to 256
[  761.077726][T12127] bcachefs (loop7): done starting filesystem
[  761.093452][T12143] exfat: Deprecated parameter 'utf8'
[  761.099633][T12143] exfat: Deprecated parameter 'utf8'
[  761.105384][T12143] exfat: Deprecated parameter 'utf8'
[  761.249233][T12143] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x743489c8, utbl_chksum : 0xe619d30d)
[  761.507335][ T9622] bcachefs (loop7): shutting down
[  761.512563][ T9622] bcachefs (loop7): going read-only
[  761.518690][ T9622] bcachefs (loop7): finished waiting for writes to stop
[  761.555201][ T9622] bcachefs (loop7): flushing journal and stopping allocators, journal seq 3
[  761.724147][ T9622] bcachefs (loop7): flushing journal and stopping allocators complete, journal seq 3
[  761.809183][ T9622] bcachefs (loop7): clean shutdown complete, journal seq 4
[  761.825334][ T9622] bcachefs (loop7): marking filesystem clean
[  761.916964][ T9622] bcachefs (loop7): shutdown complete
[  762.425617][T12159] loop9: detected capacity change from 0 to 512
[  762.466609][T12159] EXT4-fs (loop9): orphan cleanup on readonly fs
[  762.479613][T12159] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.2060: bg 0: block 248: padding at end of block bitmap is not set
[  762.501524][T12159] __quota_error: 44 callbacks suppressed
[  762.501609][T12159] Quota error (device loop9): write_blk: dquota write failed
[  762.515618][T12159] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  762.526224][T12159] EXT4-fs error (device loop9): ext4_acquire_dquot:6937: comm syz.9.2060: Failed to acquire dquot type 1
[  762.545353][T12159] EXT4-fs (loop9): 1 truncate cleaned up
[  762.566035][T12159] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  762.597494][T12159] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended
[  762.618410][T12159] EXT4-fs warning (device loop9): read_mmp_block:115: Error -117 while reading MMP block 0
[  762.659036][T12162] loop8: detected capacity change from 0 to 256
[  762.710076][T10741] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  762.865488][T12162] exFAT-fs (loop8): failed to load upcase table (idx : 0x00011f3f, chksum : 0x23ae2a4b, utbl_chksum : 0xe619d30d)
[  762.914528][T12164] loop5: detected capacity change from 0 to 512
[  762.943036][T12164] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  763.050144][T12164] EXT4-fs (loop5): 1 truncate cleaned up
[  763.059339][T12164] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  763.231931][T12164] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2062: bg 0: block 256: padding at end of block bitmap is not set
[  763.351143][T12164] EXT4-fs (loop5): Remounting filesystem read-only
[  763.392687][T12174] fs-verity (loop5, inode 15): Error -117 getting verity descriptor size
[  763.667298][T12176] loop8: detected capacity change from 0 to 64
[  763.744084][T12176] BFS-fs: bfs_fill_super(): loop8 is unclean, continuing
[  763.845628][ T6102] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  763.866491][T12169] loop9: detected capacity change from 0 to 32768
[  763.881391][T12169] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.2063 (12169)
[  763.934589][T12169] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  763.945423][T12169] BTRFS info (device loop9): using crc32c (crc32c-lib) checksum algorithm
[  764.140529][T12169] BTRFS info (device loop9): setting nodatasum
[  764.147454][T12169] BTRFS info (device loop9): setting nodatacow
[  764.153842][T12169] BTRFS info (device loop9): enabling free space tree
[  764.161026][T12169] BTRFS info (device loop9): max_inline set to 0
[  764.447019][T10741] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  765.023271][ T9709] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  765.109859][ T9709] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  765.165557][T12204] loop8: detected capacity change from 0 to 1024
[  765.208812][T12204] EXT4-fs: Ignoring removed nomblk_io_submit option
[  765.243370][T12204] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  765.344269][T12204] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  765.572582][T12202] loop5: detected capacity change from 0 to 32768
[  765.597320][T12202] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  765.645827][T12202] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  765.805021][ T9698] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  765.870166][ T6102] ocfs2: Unmounting device (7,5) on (node local)
[  767.105976][T12215] loop9: detected capacity change from 0 to 32768
[  767.481348][T12222] loop8: detected capacity change from 0 to 1024
[  767.617857][T12226] Invalid ELF header len 7
[  767.652564][T12228] loop7: detected capacity change from 0 to 64
[  768.493917][T12236] loop7: detected capacity change from 0 to 128
[  768.568500][T12236] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  768.618598][T12236] ext4 filesystem being mounted at /145/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  769.141176][ T9622] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  770.794641][T12265] loop9: detected capacity change from 0 to 4096
[  771.417779][T12238] loop5: detected capacity change from 0 to 32768
[  771.443181][T12238] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  771.572218][T12238] XFS (loop5): Ending clean mount
[  771.594594][T12238] XFS (loop5): Quotacheck needed: Please wait.
[  771.634389][T12238] XFS (loop5): Quotacheck: Done.
[  771.803874][ T6102] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  772.051340][ T5876] IPVS: starting estimator thread 0...
[  772.152948][T12281] IPVS: using max 192 ests per chain, 9600 per kthread
[  774.115599][T12301] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(3)
[  774.122455][T12301] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  774.131122][T12301] vhci_hcd vhci_hcd.0: Device attached
[  774.223323][ T5876] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  774.246343][T12305] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  774.343150][    T9] vhci_hcd: vhci_device speed not set
[  774.378545][T12301] vhci_hcd vhci_hcd.0: pdev(9) rhport(2) sockfd(5)
[  774.385330][T12301] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  774.393899][T12301] vhci_hcd vhci_hcd.0: Device attached
[  774.447423][    T9] usb 51-1: new full-speed USB device number 2 using vhci_hcd
[  774.525023][ T5876] usb 6-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.17
[  774.534897][ T5876] usb 6-1: New USB device strings: Mfr=129, Product=2, SerialNumber=3
[  774.544039][ T5876] usb 6-1: Product: syz
[  774.548409][ T5876] usb 6-1: Manufacturer: syz
[  774.553411][ T5876] usb 6-1: SerialNumber: syz
[  774.614801][T12305] vhci_hcd vhci_hcd.0: pdev(9) rhport(3) sockfd(8)
[  774.621596][T12305] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  774.630330][T12305] vhci_hcd vhci_hcd.0: Device attached
[  774.748585][T12310] vhci_hcd vhci_hcd.0: pdev(9) rhport(4) sockfd(13)
[  774.755470][T12310] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  774.764183][T12310] vhci_hcd vhci_hcd.0: Device attached
[  774.771622][T12297] loop7: detected capacity change from 0 to 32768
[  774.785586][T12297] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.2107 (12297)
[  774.823302][T12297] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  774.833975][T12297] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm
[  774.834899][ T5876] usb 6-1: config 0 descriptor??
[  774.849927][T12311] vhci_hcd: connection closed
[  774.851474][T12302] vhci_hcd: connection reset by peer
[  774.875798][T12307] vhci_hcd: connection closed
[  774.883787][   T78] vhci_hcd: stop threads
[  774.893664][   T78] vhci_hcd: release socket
[  774.898336][   T78] vhci_hcd: disconnect device
[  774.906397][T12309] vhci_hcd: connection closed
[  774.967125][ T5876] ch341 6-1:0.0: ch341-uart converter detected
[  774.993320][   T78] vhci_hcd: stop threads
[  774.997862][   T78] vhci_hcd: release socket
[  775.002771][   T78] vhci_hcd: disconnect device
[  775.014929][   T78] vhci_hcd: stop threads
[  775.019487][   T78] vhci_hcd: release socket
[  775.024460][   T78] vhci_hcd: disconnect device
[  775.047885][   T78] vhci_hcd: stop threads
[  775.052567][   T78] vhci_hcd: release socket
[  775.057420][   T78] vhci_hcd: disconnect device
[  775.138387][T12297] BTRFS info (device loop7): rebuilding free space tree
[  775.191650][T12297] BTRFS info (device loop7): enabling ssd optimizations
[  775.199312][T12297] BTRFS info (device loop7): using spread ssd allocation scheme
[  775.207307][T12297] BTRFS info (device loop7): turning off barriers
[  775.214193][T12297] BTRFS info (device loop7): turning on sync discard
[  775.221084][T12297] BTRFS info (device loop7): enabling free space tree
[  775.228247][T12297] BTRFS info (device loop7): force clearing of disk cache
[  775.236037][T12297] BTRFS info (device loop7): enabling auto defrag
[  775.242819][T12297] BTRFS info (device loop7): use zstd compression, level 3
[  775.251267][ T9709] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  775.473786][ T9709] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  775.487593][ T9709] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  775.498656][ T9709] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  775.512091][ T9709] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  775.521555][ T9709] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  775.631810][ T9709] usb 9-1: config 0 descriptor??
[  775.721028][T12297] BTRFS warning (device loop7): failed to trim 3 block group(s), last error -512
[  775.751702][ T5876] usb 6-1: failed to send control message: -71
[  775.758664][ T5876] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  775.836785][ T5876] usb 6-1: USB disconnect, device number 14
[  775.846357][ T5876] ch341 6-1:0.0: device disconnected
[  776.117970][ T9709] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[  776.264549][T12297] BTRFS warning (device loop7): failed to trim 1 device(s), last error -512
[  776.353084][ T9622] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  776.378943][ T5876] usb 9-1: USB disconnect, device number 8
[  776.681158][T12340] loop9: detected capacity change from 0 to 736
[  776.714456][T10707] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  776.750290][T12343] batadv_slave_1: entered promiscuous mode
[  776.768759][T12341] batadv_slave_1: left promiscuous mode
[  776.931389][T10707] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  776.941888][T10707] usb 1-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00
[  776.951480][T10707] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  777.090665][T10707] usb 1-1: config 0 descriptor??
[  777.559077][T10707] hid (null): global environment stack underflow
[  777.591572][T10707] logitech-djreceiver 0003:046D:C71F.0011: global environment stack underflow
[  777.601007][T10707] logitech-djreceiver 0003:046D:C71F.0011: item 0 4 1 11 parsing failed
[  777.629591][T12353] loop8: detected capacity change from 0 to 1024
[  777.666695][T10707] logitech-djreceiver 0003:046D:C71F.0011: logi_dj_probe: parse failed
[  777.676314][T10707] logitech-djreceiver 0003:046D:C71F.0011: probe with driver logitech-djreceiver failed with error -22
[  777.813838][T10707] usb 1-1: USB disconnect, device number 19
[  778.471489][T12358] loop7: detected capacity change from 0 to 32768
[  778.505639][T12358] (syz.7.2122,12358,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  778.520612][T12358] (syz.7.2122,12358,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  778.666471][T12358] JBD2: Ignoring recovery information on journal
[  778.777983][ T4050] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  778.832122][T12358] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  779.086845][T12362] loop9: detected capacity change from 0 to 32768
[  779.098020][T12362] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.2124 (12362)
[  779.100888][ T9622] ocfs2: Unmounting device (7,7) on (node local)
[  779.131699][T12362] BTRFS info (device loop9): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  779.142643][T12362] BTRFS info (device loop9): using sha256 (sha256-lib) checksum algorithm
[  779.359714][T12362] BTRFS info (device loop9): rebuilding free space tree
[  779.424195][T12362] BTRFS info (device loop9): disabling free space tree
[  779.431515][T12362] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  779.441957][T12362] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  779.489597][T12362] BTRFS info (device loop9): enabling ssd optimizations
[  779.497158][T12362] BTRFS info (device loop9): force clearing of disk cache
[  779.506905][T12362] BTRFS info (device loop9): enabling auto defrag
[  779.513687][T12362] BTRFS info (device loop9): doing ref verification
[  779.547271][    T9] vhci_hcd: vhci_device speed not set
[  779.740523][T10741] BTRFS info (device loop9): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  781.863013][    T9] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  782.053196][    T9] usb 10-1: Using ep0 maxpacket: 32
[  782.100726][    T9] usb 10-1: config 0 has an invalid interface number: 51 but max is 0
[  782.109672][    T9] usb 10-1: config 0 has no interface number 0
[  782.224020][    T9] usb 10-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  782.234763][    T9] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  782.244826][    T9] usb 10-1: Product: syz
[  782.249287][    T9] usb 10-1: Manufacturer: syz
[  782.254689][    T9] usb 10-1: SerialNumber: syz
[  782.476986][    T9] usb 10-1: config 0 descriptor??
[  782.552196][    T9] quatech2 10-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  782.671289][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  782.678415][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  782.853910][    T9] usb 10-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  782.903407][T12417] loop5: detected capacity change from 0 to 40427
[  782.916844][T12417] F2FS-fs (loop5): build fault injection rate: 14
[  782.923872][T12417] F2FS-fs (loop5): build fault injection type: 0x3bfe8c
[  782.944156][T12417] F2FS-fs (loop5): invalid crc value
[  782.978474][    C1] F2FS-fs (loop5): inject read IO error in f2fs_read_end_io of bio_endio+0xeb4/0x1010
[  783.000294][    C1] F2FS-fs (loop5): inject read IO error in f2fs_read_end_io of bio_endio+0xeb4/0x1010
[  783.028427][    T9] usb 10-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  783.296133][T12417] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  783.305474][T12417] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_get_tmp_folio+0x38/0x50
[  783.314895][    C0] usb 10-1: qt2_read_bulk_callback - non-zero urb status: -71
[  783.327274][T10707] usb 10-1: USB disconnect, device number 2
[  783.351432][T10707] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  783.356899][T12417] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  783.388077][T12417] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x831/0x19b0
[  783.433992][T10707] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  783.448448][T10707] quatech2 10-1:0.51: device disconnected
[  783.480745][ T6102] F2FS-fs (loop5): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0x129f/0x2fc0
[  783.493613][ T6102] F2FS-fs (loop5): inconsistent node block, node_type:0, nid:13, node_footer[nid:13,ino:3,ofs:431431,cpver:0,blkaddr:0]
[  783.589224][    C0] F2FS-fs (loop5): inject write IO error in f2fs_write_end_io of bio_endio+0xeb4/0x1010
[  783.599607][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(none) 
[  783.599757][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  783.599843][    C0] Call Trace:
[  783.599894][    C0]  <TASK>
[  783.599956][    C0]  __dump_stack+0x26/0x30
[  783.600136][    C0]  dump_stack_lvl+0x1df/0x270
[  783.600313][    C0]  dump_stack+0x1e/0x25
[  783.600467][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  783.600715][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  783.600929][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  783.601117][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  783.601287][    C0]  bio_endio+0xeb4/0x1010
[  783.601493][    C0]  blk_update_request+0xf4c/0x1a90
[  783.601714][    C0]  blk_mq_end_request+0x50/0xb0
[  783.601872][    C0]  lo_complete_rq+0x188/0x3a0
[  783.602067][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  783.602258][    C0]  blk_done_softirq+0x10f/0x1f0
[  783.602461][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  783.602661][    C0]  handle_softirqs+0x166/0x6e0
[  783.602849][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  783.603019][    C0]  run_ksoftirqd+0x29/0x50
[  783.603204][    C0]  smpboot_thread_fn+0x56c/0xa30
[  783.603432][    C0]  kthread+0xd59/0xf00
[  783.603575][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  783.603819][    C0]  ? __pfx_kthread+0x10/0x10
[  783.603958][    C0]  ret_from_fork+0x233/0x380
[  783.604105][    C0]  ? __pfx_kthread+0x10/0x10
[  783.604247][    C0]  ret_from_fork_asm+0x1a/0x30
[  783.604458][    C0]  </TASK>
[  783.751395][    C0] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  783.758692][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(none) 
[  783.758851][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  783.758935][    C0] Call Trace:
[  783.758987][    C0]  <TASK>
[  783.759038][    C0]  __dump_stack+0x26/0x30
[  783.759227][    C0]  dump_stack_lvl+0x1df/0x270
[  783.759418][    C0]  dump_stack+0x1e/0x25
[  783.759578][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  783.759845][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  783.760063][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  783.760263][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  783.760412][    C0]  bio_endio+0xeb4/0x1010
[  783.760591][    C0]  blk_update_request+0xf4c/0x1a90
[  783.760808][    C0]  blk_mq_end_request+0x50/0xb0
[  783.760966][    C0]  lo_complete_rq+0x188/0x3a0
[  783.761162][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  783.761356][    C0]  blk_done_softirq+0x10f/0x1f0
[  783.761596][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  783.761799][    C0]  handle_softirqs+0x166/0x6e0
[  783.761978][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  783.762147][    C0]  run_ksoftirqd+0x29/0x50
[  783.762305][    C0]  smpboot_thread_fn+0x56c/0xa30
[  783.762536][    C0]  kthread+0xd59/0xf00
[  783.762693][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  783.762933][    C0]  ? __pfx_kthread+0x10/0x10
[  783.763077][    C0]  ret_from_fork+0x233/0x380
[  783.763222][    C0]  ? __pfx_kthread+0x10/0x10
[  783.763373][    C0]  ret_from_fork_asm+0x1a/0x30
[  783.763593][    C0]  </TASK>
[  783.910601][    C0] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  783.917924][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(none) 
[  783.918069][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  783.918149][    C0] Call Trace:
[  783.918200][    C0]  <TASK>
[  783.918266][    C0]  __dump_stack+0x26/0x30
[  783.918446][    C0]  dump_stack_lvl+0x1df/0x270
[  783.918616][    C0]  dump_stack+0x1e/0x25
[  783.918786][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  783.919026][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  783.919235][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  783.919430][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  783.919574][    C0]  bio_endio+0xeb4/0x1010
[  783.919754][    C0]  blk_update_request+0xf4c/0x1a90
[  783.919957][    C0]  blk_mq_end_request+0x50/0xb0
[  783.920122][    C0]  lo_complete_rq+0x188/0x3a0
[  783.920312][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  783.920503][    C0]  blk_done_softirq+0x10f/0x1f0
[  783.920722][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  783.920922][    C0]  handle_softirqs+0x166/0x6e0
[  783.921097][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  783.921264][    C0]  run_ksoftirqd+0x29/0x50
[  783.921432][    C0]  smpboot_thread_fn+0x56c/0xa30
[  783.921660][    C0]  kthread+0xd59/0xf00
[  783.921821][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  783.922067][    C0]  ? __pfx_kthread+0x10/0x10
[  783.922212][    C0]  ret_from_fork+0x233/0x380
[  783.922362][    C0]  ? __pfx_kthread+0x10/0x10
[  783.922508][    C0]  ret_from_fork_asm+0x1a/0x30
[  783.922750][    C0]  </TASK>
[  784.069555][    C0] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  784.076917][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(none) 
[  784.077062][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  784.077147][    C0] Call Trace:
[  784.077198][    C0]  <TASK>
[  784.077253][    C0]  __dump_stack+0x26/0x30
[  784.077431][    C0]  dump_stack_lvl+0x1df/0x270
[  784.077619][    C0]  dump_stack+0x1e/0x25
[  784.077785][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  784.078028][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  784.078228][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  784.078439][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  784.078581][    C0]  bio_endio+0xeb4/0x1010
[  784.078762][    C0]  blk_update_request+0xf4c/0x1a90
[  784.078962][    C0]  blk_mq_end_request+0x50/0xb0
[  784.079124][    C0]  lo_complete_rq+0x188/0x3a0
[  784.079304][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  784.079485][    C0]  blk_done_softirq+0x10f/0x1f0
[  784.079681][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  784.079880][    C0]  handle_softirqs+0x166/0x6e0
[  784.080078][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  784.080232][    C0]  run_ksoftirqd+0x29/0x50
[  784.080382][    C0]  smpboot_thread_fn+0x56c/0xa30
[  784.080601][    C0]  kthread+0xd59/0xf00
[  784.080746][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  784.080968][    C0]  ? __pfx_kthread+0x10/0x10
[  784.081115][    C0]  ret_from_fork+0x233/0x380
[  784.081261][    C0]  ? __pfx_kthread+0x10/0x10
[  784.081404][    C0]  ret_from_fork_asm+0x1a/0x30
[  784.081634][    C0]  </TASK>
[  784.081687][    C0] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  784.237463][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(none) 
[  784.237619][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  784.237701][    C0] Call Trace:
[  784.237754][    C0]  <TASK>
[  784.237811][    C0]  __dump_stack+0x26/0x30
[  784.237986][    C0]  dump_stack_lvl+0x1df/0x270
[  784.238167][    C0]  dump_stack+0x1e/0x25
[  784.238337][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  784.238596][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  784.238817][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  784.239011][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  784.239157][    C0]  bio_endio+0xeb4/0x1010
[  784.239340][    C0]  blk_update_request+0xf4c/0x1a90
[  784.239546][    C0]  blk_mq_end_request+0x50/0xb0
[  784.239710][    C0]  lo_complete_rq+0x188/0x3a0
[  784.239886][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  784.240069][    C0]  blk_done_softirq+0x10f/0x1f0
[  784.240263][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  784.240463][    C0]  handle_softirqs+0x166/0x6e0
[  784.240622][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  784.240770][    C0]  run_ksoftirqd+0x29/0x50
[  784.240921][    C0]  smpboot_thread_fn+0x56c/0xa30
[  784.241133][    C0]  kthread+0xd59/0xf00
[  784.241262][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  784.241462][    C0]  ? __pfx_kthread+0x10/0x10
[  784.241601][    C0]  ret_from_fork+0x233/0x380
[  784.241729][    C0]  ? __pfx_kthread+0x10/0x10
[  784.241862][    C0]  ret_from_fork_asm+0x1a/0x30
[  784.242060][    C0]  </TASK>
[  784.242118][    C0] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  784.275541][T12435] netlink: 'syz.7.2148': attribute type 3 has an invalid length.
[  784.343818][ T6102] F2FS-fs (loop5): do_checkpoint failed err:-5, stop checkpoint
[  784.345073][T12435] netlink: 199836 bytes leftover after parsing attributes in process `syz.7.2148'.
[  785.348708][T12436] loop8: detected capacity change from 0 to 32768
[  786.074369][T10707] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  786.260173][T10707] usb 10-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  786.270024][T10707] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  786.318183][T10707] usb 10-1: config 0 descriptor??
[  786.568204][T10707] udl 10-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  786.811228][T10707] [drm:udl_init] *ERROR* Selecting channel failed
[  786.884168][T10707] [drm] Initialized udl 0.0.1 for 10-1:0.0 on minor 2
[  786.895141][T10707] [drm] Initialized udl on minor 2
[  786.972203][T10707] udl 10-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  786.981669][T10707] udl 10-1:0.0: [drm] Cannot find any crtc or sizes
[  787.018506][    T9] udl 10-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  787.028661][    T9] udl 10-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  787.038245][    T9] udl 10-1:0.0: [drm] Cannot find any crtc or sizes
[  787.094435][T10707] usb 10-1: USB disconnect, device number 3
[  787.936538][T12456] loop7: detected capacity change from 0 to 40427
[  787.955872][T12456] F2FS-fs (loop7): build fault injection rate: 14
[  787.963037][T12456] F2FS-fs (loop7): build fault injection type: 0x3bfe8c
[  787.993520][T12456] F2FS-fs (loop7): invalid crc value
[  788.030035][    C0] F2FS-fs (loop7): inject read IO error in f2fs_read_end_io of bio_endio+0xeb4/0x1010
[  788.075522][    C0] F2FS-fs (loop7): inject read IO error in f2fs_read_end_io of bio_endio+0xeb4/0x1010
[  788.349162][T12456] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  788.358541][T12456] F2FS-fs (loop7): inject page alloc in f2fs_grab_cache_folio of f2fs_get_tmp_folio+0x38/0x50
[  788.382703][T12467] loop5: detected capacity change from 0 to 2048
[  788.404440][T12456] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  788.414860][T12467] NILFS (loop5): invalid segment: Inconsistency found
[  788.421878][T12467] NILFS (loop5): trying rollback from an earlier position
[  788.474813][T12467] NILFS (loop5): recovery complete
[  788.500670][   T30] audit: type=1804 audit(788.488:176): pid=12474 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.2161" name="/newroot/152/bus" dev="tmpfs" ino=837 res=1 errno=0
[  788.521675][    C0] vkms_vblank_simulate: vblank timer overrun
[  788.551732][T12475] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  788.701717][    C1] F2FS-fs (loop7): inject write IO error in f2fs_write_end_io of bio_endio+0xeb4/0x1010
[  788.712223][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(none) 
[  788.712388][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  788.712474][    C1] Call Trace:
[  788.712530][    C1]  <TASK>
[  788.712581][    C1]  __dump_stack+0x26/0x30
[  788.712761][    C1]  dump_stack_lvl+0x1df/0x270
[  788.712947][    C1]  dump_stack+0x1e/0x25
[  788.713114][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  788.713364][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  788.713576][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  788.713775][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  788.713927][    C1]  bio_endio+0xeb4/0x1010
[  788.714108][    C1]  blk_update_request+0xf4c/0x1a90
[  788.714316][    C1]  blk_mq_end_request+0x50/0xb0
[  788.714490][    C1]  lo_complete_rq+0x188/0x3a0
[  788.714695][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  788.714888][    C1]  blk_done_softirq+0x10f/0x1f0
[  788.715092][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  788.715289][    C1]  handle_softirqs+0x166/0x6e0
[  788.715463][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  788.715621][    C1]  run_ksoftirqd+0x29/0x50
[  788.715775][    C1]  smpboot_thread_fn+0x56c/0xa30
[  788.715999][    C1]  kthread+0xd59/0xf00
[  788.716141][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  788.716372][    C1]  ? __pfx_kthread+0x10/0x10
[  788.716519][    C1]  ret_from_fork+0x233/0x380
[  788.716661][    C1]  ? __pfx_kthread+0x10/0x10
[  788.716807][    C1]  ret_from_fork_asm+0x1a/0x30
[  788.717027][    C1]  </TASK>
[  788.863797][    C1] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  788.870930][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(none) 
[  788.871080][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  788.871171][    C1] Call Trace:
[  788.871231][    C1]  <TASK>
[  788.871297][    C1]  __dump_stack+0x26/0x30
[  788.871485][    C1]  dump_stack_lvl+0x1df/0x270
[  788.871664][    C1]  dump_stack+0x1e/0x25
[  788.871831][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  788.872101][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  788.872321][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  788.872512][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  788.872661][    C1]  bio_endio+0xeb4/0x1010
[  788.872831][    C1]  blk_update_request+0xf4c/0x1a90
[  788.873034][    C1]  blk_mq_end_request+0x50/0xb0
[  788.873190][    C1]  lo_complete_rq+0x188/0x3a0
[  788.873391][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  788.873573][    C1]  blk_done_softirq+0x10f/0x1f0
[  788.873767][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  788.873960][    C1]  handle_softirqs+0x166/0x6e0
[  788.874127][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  788.874289][    C1]  run_ksoftirqd+0x29/0x50
[  788.874453][    C1]  smpboot_thread_fn+0x56c/0xa30
[  788.874667][    C1]  kthread+0xd59/0xf00
[  788.874811][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  788.875035][    C1]  ? __pfx_kthread+0x10/0x10
[  788.875178][    C1]  ret_from_fork+0x233/0x380
[  788.875328][    C1]  ? __pfx_kthread+0x10/0x10
[  788.875495][    C1]  ret_from_fork_asm+0x1a/0x30
[  788.875723][    C1]  </TASK>
[  789.022464][    C1] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  789.029577][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(none) 
[  789.029728][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  789.029816][    C1] Call Trace:
[  789.029870][    C1]  <TASK>
[  789.029922][    C1]  __dump_stack+0x26/0x30
[  789.030099][    C1]  dump_stack_lvl+0x1df/0x270
[  789.030294][    C1]  dump_stack+0x1e/0x25
[  789.030457][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  789.030708][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  789.030918][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  789.031102][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  789.031243][    C1]  bio_endio+0xeb4/0x1010
[  789.031436][    C1]  blk_update_request+0xf4c/0x1a90
[  789.031630][    C1]  blk_mq_end_request+0x50/0xb0
[  789.031779][    C1]  lo_complete_rq+0x188/0x3a0
[  789.031947][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  789.032114][    C1]  blk_done_softirq+0x10f/0x1f0
[  789.032307][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  789.032495][    C1]  handle_softirqs+0x166/0x6e0
[  789.032652][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  789.032801][    C1]  run_ksoftirqd+0x29/0x50
[  789.032941][    C1]  smpboot_thread_fn+0x56c/0xa30
[  789.033150][    C1]  kthread+0xd59/0xf00
[  789.033283][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  789.033490][    C1]  ? __pfx_kthread+0x10/0x10
[  789.033623][    C1]  ret_from_fork+0x233/0x380
[  789.033756][    C1]  ? __pfx_kthread+0x10/0x10
[  789.033892][    C1]  ret_from_fork_asm+0x1a/0x30
[  789.034128][    C1]  </TASK>
[  789.180838][    C1] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  789.188112][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(none) 
[  789.188257][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  789.188349][    C1] Call Trace:
[  789.188399][    C1]  <TASK>
[  789.188451][    C1]  __dump_stack+0x26/0x30
[  789.188625][    C1]  dump_stack_lvl+0x1df/0x270
[  789.188832][    C1]  dump_stack+0x1e/0x25
[  789.188997][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  789.189272][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  789.189484][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  789.189677][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  789.189826][    C1]  bio_endio+0xeb4/0x1010
[  789.189995][    C1]  blk_update_request+0xf4c/0x1a90
[  789.190190][    C1]  blk_mq_end_request+0x50/0xb0
[  789.190366][    C1]  lo_complete_rq+0x188/0x3a0
[  789.190544][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  789.190723][    C1]  blk_done_softirq+0x10f/0x1f0
[  789.190922][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  789.191118][    C1]  handle_softirqs+0x166/0x6e0
[  789.191269][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  789.191424][    C1]  run_ksoftirqd+0x29/0x50
[  789.191590][    C1]  smpboot_thread_fn+0x56c/0xa30
[  789.191812][    C1]  kthread+0xd59/0xf00
[  789.191953][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  789.192175][    C1]  ? __pfx_kthread+0x10/0x10
[  789.192321][    C1]  ret_from_fork+0x233/0x380
[  789.192459][    C1]  ? __pfx_kthread+0x10/0x10
[  789.192602][    C1]  ret_from_fork_asm+0x1a/0x30
[  789.192814][    C1]  </TASK>
[  789.339123][    C1] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  789.346430][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(none) 
[  789.346587][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  789.346678][    C1] Call Trace:
[  789.346735][    C1]  <TASK>
[  789.346798][    C1]  __dump_stack+0x26/0x30
[  789.346989][    C1]  dump_stack_lvl+0x1df/0x270
[  789.347183][    C1]  dump_stack+0x1e/0x25
[  789.347355][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  789.347610][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  789.347824][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  789.348036][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  789.348189][    C1]  bio_endio+0xeb4/0x1010
[  789.348374][    C1]  blk_update_request+0xf4c/0x1a90
[  789.348580][    C1]  blk_mq_end_request+0x50/0xb0
[  789.348743][    C1]  lo_complete_rq+0x188/0x3a0
[  789.348928][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  789.349118][    C1]  blk_done_softirq+0x10f/0x1f0
[  789.349331][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  789.349539][    C1]  handle_softirqs+0x166/0x6e0
[  789.349719][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  789.349888][    C1]  run_ksoftirqd+0x29/0x50
[  789.350046][    C1]  smpboot_thread_fn+0x56c/0xa30
[  789.350292][    C1]  kthread+0xd59/0xf00
[  789.350440][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  789.350664][    C1]  ? __pfx_kthread+0x10/0x10
[  789.350802][    C1]  ret_from_fork+0x233/0x380
[  789.350949][    C1]  ? __pfx_kthread+0x10/0x10
[  789.351108][    C1]  ret_from_fork_asm+0x1a/0x30
[  789.351346][    C1]  </TASK>
[  789.351402][    C1] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  789.506671][ T9622] F2FS-fs (loop7): do_checkpoint failed err:-5, stop checkpoint
[  789.679116][T12480] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2164'.
[  790.319627][T12495] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2170'.
[  790.340989][T12490] loop8: detected capacity change from 0 to 1024
[  790.388104][T12490] EXT4-fs: Ignoring removed nobh option
[  790.474754][T12490] EXT4-fs (loop8): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  790.548196][T12490] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  790.759943][T12490] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4183: comm syz.8.2169: Allocating blocks 385-513 which overlap fs metadata
[  790.860518][T12490] EXT4-fs (loop8): pa ffff888123a807e0: logic 16, phys. 129, len 24
[  790.869340][T12490] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  790.886321][T12503] loop5: detected capacity change from 0 to 16
[  790.929805][T12503] erofs (device loop5): mounted with root inode @ nid 36.
[  791.515230][ T9698] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  792.250100][T12517] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2177'.
[  792.475791][T10707] kernel write not supported for file /vcsa (pid: 10707 comm: kworker/0:5)
[  792.655933][T12516] loop7: detected capacity change from 0 to 4096
[  792.669346][T12516] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512).
[  792.909808][T12516] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[  793.141974][ T5871] kernel read not supported for file /dsp (pid: 5871 comm: kworker/1:4)
[  794.385359][T12545] af_packet: tpacket_rcv: packet too big, clamped from 32 to 4294967272. macoff=96
[  794.656658][T12543] loop9: detected capacity change from 0 to 32768
[  794.666344][T12543] btrfs: Deprecated parameter 'usebackuproot'
[  794.672891][T12543] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  794.686917][T12543] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.2190 (12543)
[  794.724467][T12543] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  794.737040][T12543] BTRFS info (device loop9): using crc32c (crc32c-lib) checksum algorithm
[  794.943540][T12543] BTRFS info (device loop9): rebuilding free space tree
[  794.991807][T12543] BTRFS info (device loop9): enabling ssd optimizations
[  794.999300][T12543] BTRFS info (device loop9): turning on flush-on-commit
[  795.006633][T12543] BTRFS info (device loop9): enabling free space tree
[  795.013829][T12543] BTRFS info (device loop9): force clearing of disk cache
[  795.021821][T12543] BTRFS info (device loop9): trying to use backup root at mount time
[  795.030802][T12543] BTRFS info (device loop9): use zstd compression, level 3
[  795.411321][T12570] loop5: detected capacity change from 0 to 128
[  795.435614][T10741] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  795.532065][T12570] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  795.907486][T12568] loop8: detected capacity change from 0 to 32768
[  796.073577][T12568] bcachefs (loop8): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  796.073752][T12568]   allowing incompatible features above 0.0: (unknown version)
[  796.073834][T12568]   features: lz4
[  796.108477][T12568] bcachefs (loop8): Using encoding defined by superblock: utf8-12.1.0
[  796.122528][T12568] bcachefs (loop8): initializing new filesystem
[  796.144267][T12568] bcachefs (loop8): going read-write
[  796.204876][ T6102] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  796.225657][T12568] bcachefs (loop8): marking superblocks
[  796.328016][T12568] bcachefs (loop8): initializing freespace
[  796.365698][T12568] bcachefs (loop8): done initializing freespace
[  796.401107][T12568] bcachefs (loop8): reading snapshots table
[  796.407741][T12568] bcachefs (loop8): reading snapshots done
[  796.513963][T12568] bcachefs (loop8): done starting filesystem
[  796.802298][ T9698] bcachefs (loop8): shutting down
[  796.807868][ T9698] bcachefs (loop8): going read-only
[  796.814388][ T9698] bcachefs (loop8): finished waiting for writes to stop
[  796.877706][ T9698] bcachefs (loop8): flushing journal and stopping allocators, journal seq 3
[  797.121844][ T9698] bcachefs (loop8): flushing journal and stopping allocators complete, journal seq 3
[  797.158888][ T9698] bcachefs (loop8): clean shutdown complete, journal seq 4
[  797.184287][ T9698] bcachefs (loop8): marking filesystem clean
[  797.327517][ T9698] bcachefs (loop8): shutdown complete
[  797.343948][T12599] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  797.684723][T12604] loop7: detected capacity change from 0 to 2048
[  797.750147][T12604] NILFS (loop7): invalid segment: Magic number mismatch
[  797.757740][T12604] NILFS (loop7): trying rollback from an earlier position
[  797.832733][T12604] NILFS (loop7): recovery complete
[  797.872566][T12607] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  798.128714][T12611] loop9: detected capacity change from 0 to 1024
[  798.288128][    C0] vcan0: j1939_tp_rxtimer: 0xffff888050d75600: rx timeout, send abort
[  798.789007][    C0] vcan0: j1939_tp_rxtimer: 0xffff888050d75000: rx timeout, send abort
[  798.803967][    C0] vcan0: j1939_tp_rxtimer: 0xffff888050d75600: abort rx timeout. Force session deactivation
[  799.192607][   T30] audit: type=1326 audit(799.168:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12614 comm="syz.7.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e28f8eec9 code=0x7fc00000
[  799.215075][   T30] audit: type=1326 audit(799.168:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12614 comm="syz.7.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2e28f8eec9 code=0x7fc00000
[  799.237068][    C1] vkms_vblank_simulate: vblank timer overrun
[  799.248949][   T30] audit: type=1326 audit(799.168:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12614 comm="syz.7.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e28f8eec9 code=0x7fc00000
[  799.271359][   T30] audit: type=1326 audit(799.168:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12614 comm="syz.7.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e28f8eec9 code=0x7fc00000
[  799.293758][   T30] audit: type=1326 audit(799.168:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12614 comm="syz.7.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e28f8eec9 code=0x7fc00000
[  799.298526][    C0] vcan0: j1939_tp_rxtimer: 0xffff888050d75000: abort rx timeout. Force session deactivation
[  799.315991][   T30] audit: type=1326 audit(799.168:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12614 comm="syz.7.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e28f8eec9 code=0x7fc00000
[  799.351444][   T30] audit: type=1326 audit(799.168:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12614 comm="syz.7.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e28f8eec9 code=0x7fc00000
[  799.374522][   T30] audit: type=1326 audit(799.168:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12614 comm="syz.7.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e28f8eec9 code=0x7fc00000
[  799.398021][   T30] audit: type=1326 audit(799.168:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12614 comm="syz.7.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e28f8eec9 code=0x7fc00000
[  799.419978][    C1] vkms_vblank_simulate: vblank timer overrun
[  799.426563][   T30] audit: type=1326 audit(799.168:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12614 comm="syz.7.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e28f8eec9 code=0x7fc00000
[  799.598330][T12621] loop9: detected capacity change from 0 to 32768
[  799.831376][T12621] XFS (loop9): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  800.171565][T12621] XFS (loop9): Ending clean mount
[  800.196056][T12621] XFS (loop9): Quotacheck needed: Please wait.
[  800.290716][T12621] XFS (loop9): Quotacheck: Done.
[  800.393147][T10741] XFS (loop9): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  800.872913][T12646] loop8: detected capacity change from 0 to 8
[  800.905457][T12646] Dev loop8: unable to read RDB block 8
[  800.911383][T12646]  loop8: unable to read partition table
[  800.941318][T12646] loop8: partition table beyond EOD, truncated
[  800.948300][T12646] loop_reread_partitions: partition scan of loop8 (þ被xü^>à– �) failed (rc=-5)
[  802.964716][T10707] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  803.151776][T10707] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  803.163734][T10707] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  803.163951][T10707] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  803.164097][T10707] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  803.210472][T10707] usb 1-1: config 0 descriptor??
[  803.739454][T12687] netlink: 'syz.7.2239': attribute type 1 has an invalid length.
[  803.834820][T12687] bond1: entered promiscuous mode
[  803.844196][T12687] 8021q: adding VLAN 0 to HW filter on device bond1
[  803.994343][T12692] 8021q: adding VLAN 0 to HW filter on device bond2
[  804.016022][T12692] bond1: (slave bond2): making interface the new active one
[  804.024630][T12692] bond2: entered promiscuous mode
[  804.037035][T12692] bond1: (slave bond2): Enslaving as an active interface with an up link
[  804.323129][T10707] uclogic 0003:256C:006D.0012: failed retrieving string descriptor #200: -71
[  804.339620][T10707] uclogic 0003:256C:006D.0012: failed retrieving pen parameters: -71
[  804.350398][T10707] uclogic 0003:256C:006D.0012: failed probing pen v2 parameters: -71
[  804.361897][T10707] uclogic 0003:256C:006D.0012: failed probing parameters: -71
[  804.374356][T10707] uclogic 0003:256C:006D.0012: probe with driver uclogic failed with error -71
[  804.391576][T10707] usb 1-1: USB disconnect, device number 20
[  805.425154][T12714] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2249'.
[  805.756774][T12712] loop5: detected capacity change from 0 to 4096
[  805.815959][T12708] loop8: detected capacity change from 0 to 32768
[  805.850351][T12715] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  805.964255][T12708] bcachefs (loop8): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  805.964383][T12708]   allowing incompatible features above 0.0: (unknown version)
[  805.964476][T12708]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  806.005760][T12708] bcachefs (loop8): Using encoding defined by superblock: utf8-12.1.0
[  806.014337][T12708] bcachefs (loop8): initializing new filesystem
[  806.035140][T12708] bcachefs (loop8): going read-write
[  806.053499][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  806.053579][   T30] audit: type=1800 audit(806.038:194): pid=12712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2250" name="file2" dev="loop5" ino=16 res=0 errno=0
[  806.092920][T12708] bcachefs (loop8): marking superblocks
[  806.147507][T12708] bcachefs (loop8): initializing freespace
[  806.175533][T12708] bcachefs (loop8): done initializing freespace
[  806.198145][T12708] bcachefs (loop8): reading snapshots table
[  806.207025][T12708] bcachefs (loop8): reading snapshots done
[  806.282209][T12708] bcachefs (loop8):  loop8: Superblock write was silently dropped! (seq 0 expected 42)
[  806.296292][T12708] bcachefs (loop8): done starting filesystem
[  806.444265][   T30] audit: type=1800 audit(806.428:195): pid=12708 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2247" name="file1" dev="loop8" ino=4098 res=0 errno=0
[  806.464711][    C1] vkms_vblank_simulate: vblank timer overrun
[  806.546861][ T9698] bcachefs (loop8): shutting down
[  806.552110][ T9698] bcachefs (loop8): going read-only
[  806.643251][ T9698] bcachefs (loop8): finished waiting for writes to stop
[  806.655640][ T9698] bcachefs (loop8): flushing journal and stopping allocators, journal seq 3
[  806.903442][ T9698] bcachefs (loop8): flushing journal and stopping allocators complete, journal seq 3
[  806.982929][ T9698] bcachefs (loop8): clean shutdown complete, journal seq 4
[  806.992219][ T9698] bcachefs (loop8): marking filesystem clean
[  807.016183][T12734] loop5: detected capacity change from 0 to 1024
[  807.035223][T12737] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input34
[  807.117417][ T9698] bcachefs (loop8): shutdown complete
[  807.160679][T12745] netlink: 348 bytes leftover after parsing attributes in process `syz.9.2258'.
[  807.187652][T12734] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  807.369217][T12734] EXT4-fs (loop5): shut down requested (2)
[  807.514640][T12748] dlm: no local IP address has been set
[  807.520395][T12748] dlm: cannot start dlm midcomms -107
[  807.735714][ T6102] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  808.597928][T12750] loop9: detected capacity change from 0 to 40427
[  808.617596][T12750] F2FS-fs (loop9): build fault injection rate: 14
[  808.624602][T12750] F2FS-fs (loop9): build fault injection type: 0x3bfe8c
[  808.635983][T12750] F2FS-fs (loop9): invalid crc value
[  808.711021][    C1] F2FS-fs (loop9): inject read IO error in f2fs_read_end_io of bio_endio+0xeb4/0x1010
[  808.754808][    C1] F2FS-fs (loop9): inject read IO error in f2fs_read_end_io of bio_endio+0xeb4/0x1010
[  809.048538][T12750] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  809.058043][T12750] F2FS-fs (loop9): inject page alloc in f2fs_grab_cache_folio of f2fs_get_tmp_folio+0x38/0x50
[  809.083821][T12750] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  809.101160][T12760] loop7: detected capacity change from 0 to 256
[  809.130727][T12750] F2FS-fs (loop9): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x831/0x19b0
[  809.174096][T12750] F2FS-fs (loop9): inject dquot initialize in f2fs_dquot_initialize of f2fs_link+0x432/0xb40
[  809.286621][T10741] syz-executor: attempt to access beyond end of device
[  809.286621][T10741] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  809.301310][T10741] CPU: 1 UID: 0 PID: 10741 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(none) 
[  809.301451][T10741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  809.301532][T10741] Call Trace:
[  809.301584][T10741]  <TASK>
[  809.301635][T10741]  __dump_stack+0x26/0x30
[  809.301816][T10741]  dump_stack_lvl+0x1df/0x270
[  809.301994][T10741]  dump_stack+0x1e/0x25
[  809.302150][T10741]  f2fs_handle_critical_error+0xa6f/0xc20
[  809.302381][T10741]  f2fs_stop_checkpoint+0x65/0x80
[  809.302573][T10741]  f2fs_write_end_io+0x101c/0x1bc0
[  809.302749][T10741]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  809.302883][T10741]  bio_endio+0xeb4/0x1010
[  809.303046][T10741]  submit_bio_noacct+0x213/0x2750
[  809.303256][T10741]  submit_bio+0x57c/0x630
[  809.303428][T10741]  f2fs_submit_write_bio+0x92/0x250
[  809.303615][T10741]  __submit_merged_bio+0x16f/0x6a0
[  809.303802][T10741]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  809.303977][T10741]  __submit_merged_write_cond+0x458/0x9a0
[  809.304182][T10741]  f2fs_write_data_pages+0x4bb2/0x5480
[  809.304509][T10741]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  809.304681][T10741]  ? __pfx_lru_cache_disable+0x1/0x10
[  809.304893][T10741]  ? filter_irq_stacks+0x49/0x190
[  809.305059][T10741]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  809.305244][T10741]  ? stack_depot_save_flags+0x35/0x7b0
[  809.305396][T10741]  ? kmsan_get_metadata+0xfb/0x160
[  809.305590][T10741]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  809.305748][T10741]  ? kmsan_get_metadata+0xfb/0x160
[  809.305905][T10741]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  809.306096][T10741]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  809.306306][T10741]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  809.306533][T10741]  do_writepages+0x3f2/0x860
[  809.306722][T10741]  ? _raw_spin_unlock+0x30/0x50
[  809.306904][T10741]  ? wbc_attach_and_unlock_inode+0x131/0x680
[  809.307151][T10741]  filemap_fdatawrite+0x207/0x260
[  809.307416][T10741]  f2fs_sync_dirty_inodes+0x2ab/0x9e0
[  809.307613][T10741]  f2fs_write_checkpoint+0xfe2/0x2b00
[  809.307955][T10741]  kill_f2fs_super+0x2ff/0x970
[  809.308134][T10741]  ? __pfx_kill_f2fs_super+0x10/0x10
[  809.308289][T10741]  deactivate_locked_super+0xcb/0x3c0
[  809.308474][T10741]  deactivate_super+0x12f/0x140
[  809.308638][T10741]  cleanup_mnt+0x6fb/0x780
[  809.308861][T10741]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  809.309047][T10741]  ? __pfx___cleanup_mnt+0x10/0x10
[  809.309259][T10741]  __cleanup_mnt+0x22/0x30
[  809.309458][T10741]  task_work_run+0x206/0x2b0
[  809.309645][T10741]  exit_to_user_mode_loop+0x2a6/0x330
[  809.309840][T10741]  do_syscall_64+0x1e3/0x210
[  809.310002][T10741]  ? irqentry_exit+0x16/0x60
[  809.310185][T10741]  ? clear_bhb_loop+0x40/0x90
[  809.310342][T10741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  809.310500][T10741] RIP: 0033:0x7f8e4b3901f7
[  809.310612][T10741] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  809.310751][T10741] RSP: 002b:00007ffdaee7cc38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  809.310895][T10741] RAX: 0000000000000000 RBX: 00007f8e4b411d7d RCX: 00007f8e4b3901f7
[  809.310995][T10741] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdaee7ccf0
[  809.311090][T10741] RBP: 00007ffdaee7ccf0 R08: 0000000000000000 R09: 0000000000000000
[  809.311184][T10741] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdaee7dd80
[  809.311281][T10741] R13: 00007f8e4b411d7d R14: 00000000000c58e0 R15: 00007ffdaee7ddc0
[  809.311416][T10741]  </TASK>
[  809.617996][T12760] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  809.626621][T10741] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  809.988263][ T1891] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  811.862156][T12778] loop5: detected capacity change from 0 to 32768
[  812.056013][T12789] loop9: detected capacity change from 0 to 128
[  812.086287][T12778] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  812.086489][T12778]   allowing incompatible features above 0.0: (unknown version)
[  812.086591][T12778]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  812.133199][T12778] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  812.144532][T12778] bcachefs (loop5): initializing new filesystem
[  812.166487][T12778] bcachefs (loop5): going read-write
[  812.202269][T12778] bcachefs (loop5): marking superblocks
[  812.260605][T12778] bcachefs (loop5): initializing freespace
[  812.289099][T12778] bcachefs (loop5): done initializing freespace
[  812.309746][T12778] bcachefs (loop5): reading snapshots table
[  812.316198][T12778] bcachefs (loop5): reading snapshots done
[  812.443142][T12778] bcachefs (loop5): done starting filesystem
[  812.738680][ T6102] bcachefs (loop5): shutting down
[  812.744303][ T6102] bcachefs (loop5): going read-only
[  812.801274][ T6102] bcachefs (loop5): finished waiting for writes to stop
[  812.855824][ T6102] bcachefs (loop5): flushing journal and stopping allocators, journal seq 3
[  813.107635][ T6102] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 3
[  813.132939][T12805] loop8: detected capacity change from 0 to 1024
[  813.144449][T12805] EXT4-fs: Ignoring removed orlov option
[  813.145257][ T6102] bcachefs (loop5): clean shutdown complete, journal seq 4
[  813.230645][ T6102] bcachefs (loop5): marking filesystem clean
[  813.274821][T12805] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  813.425992][ T6102] bcachefs (loop5): shutdown complete
[  813.635753][T12810] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 232: padding at end of block bitmap is not set
[  813.691370][T12810] EXT4-fs (loop8): Remounting filesystem read-only
[  813.714692][ T9698] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  814.423892][T12823] loop8: detected capacity change from 0 to 4096
[  814.441108][T12823] ntfs3(loop8): Different NTFS sector size (1024) and media sector size (512).
[  816.068610][T12835] loop8: detected capacity change from 0 to 32768
[  816.077830][T12835] XFS: ikeep mount option is deprecated.
[  816.168441][T12835] XFS (loop8): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  816.422921][T12835] XFS (loop8): Ending clean mount
[  816.447835][T12835] XFS (loop8): Quotacheck needed: Please wait.
[  816.480838][T12835] XFS (loop8): Quotacheck: Done.
[  816.530406][T12835] XFS (loop8): User initiated shutdown received.
[  816.548639][T12835] XFS (loop8): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x91/0x200 (fs/xfs/xfs_fsops.c:472).  Shutting down filesystem.
[  816.563845][T12835] XFS (loop8): Please unmount the filesystem and rectify the problem(s)
[  816.673066][ T9698] XFS (loop8): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  817.935852][T12852] loop9: detected capacity change from 0 to 7
[  817.946997][T12851] loop7: detected capacity change from 0 to 512
[  817.973581][T12851] EXT4-fs: Ignoring removed orlov option
[  818.005147][T12852] Dev loop9: unable to read RDB block 7
[  818.010389][T12851] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  818.011194][T12852]  loop9: AHDI p1 p2
[  818.023783][T12852] loop9: partition table partially beyond EOD, truncated
[  818.031321][T12852] loop9: p1 size 4227858431 extends beyond EOD, truncated
[  818.064339][T12851] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  818.115281][T12851] EXT4-fs error (device loop7): ext4_iget_extra_inode:5104: inode #15: comm syz.7.2294: corrupted in-inode xattr: e_value size too large
[  818.173742][T12851] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.2294: couldn't read orphan inode 15 (err -117)
[  818.288528][T12851] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  818.911010][ T9622] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  819.906256][T10707] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  820.112125][T12883] loop8: detected capacity change from 0 to 256
[  820.123509][T10707] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  820.136673][T10707] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  820.147322][T10707] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  820.156873][T10707] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  820.245233][T10707] usb 1-1: config 0 descriptor??
[  820.697857][T10707] cp2112 0003:10C4:EA90.0013: unknown main item tag 0x0
[  820.705742][T10707] cp2112 0003:10C4:EA90.0013: unknown main item tag 0x0
[  820.713246][T10707] cp2112 0003:10C4:EA90.0013: unknown main item tag 0x0
[  820.721374][T10707] cp2112 0003:10C4:EA90.0013: unknown main item tag 0x0
[  820.728903][T10707] cp2112 0003:10C4:EA90.0013: unknown main item tag 0x0
[  820.734927][T12896] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  820.738114][T10707] cp2112 0003:10C4:EA90.0013: unknown main item tag 0x0
[  820.753597][T10707] cp2112 0003:10C4:EA90.0013: unknown main item tag 0x0
[  820.812170][T10707] cp2112 0003:10C4:EA90.0013: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0
[  820.892887][    T9] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  820.905852][T10707] cp2112 0003:10C4:EA90.0013: Part Number: 0x00 Device Version: 0x00
[  821.073353][    T9] usb 6-1: Using ep0 maxpacket: 32
[  821.090541][    T9] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  821.100617][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  821.119214][T10707] cp2112 0003:10C4:EA90.0013: error requesting SMBus config
[  821.133511][T10707] cp2112 0003:10C4:EA90.0013: probe with driver cp2112 failed with error -71
[  821.151412][    T9] usb 6-1: config 0 descriptor??
[  821.187162][T10707] usb 1-1: USB disconnect, device number 21
[  821.406173][    T9] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  821.442259][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  821.505315][    T9] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  821.514038][    T9] usb 6-1: media controller created
[  821.594888][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  822.833054][    T9] az6027: usb out operation failed. (-71)
[  822.847882][    T9] az6027: usb out operation failed. (-71)
[  822.854257][    T9] stb0899_attach: Driver disabled by Kconfig
[  822.860405][    T9] az6027: no front-end attached
[  822.860405][    T9] 
[  822.932246][    T9] az6027: usb out operation failed. (-71)
[  822.938503][    T9] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  822.948833][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input35
[  823.029815][    T9] dvb-usb: schedule remote query interval to 400 msecs.
[  823.037516][    T9] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  823.056670][    T9] usb 6-1: USB disconnect, device number 15
[  823.267297][   T30] audit: type=1326 audit(823.238:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12909 comm="syz.0.2319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa080f8eec9 code=0x7fc00000
[  824.258223][T12927] loop5: detected capacity change from 0 to 32768
[  824.274969][    T9] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  824.326222][T12927] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  824.440890][T12927] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  824.560260][T12936] loop7: detected capacity change from 0 to 1024
[  824.797178][ T6102] ocfs2: Unmounting device (7,5) on (node local)
[  824.970766][T12942] hfsplus: catalog searching failed
[  825.337988][T12939] loop8: detected capacity change from 0 to 32768
[  825.353185][   T30] audit: type=1800 audit(824.788:197): pid=12936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2328" name="file1" dev="loop7" ino=20 res=0 errno=0
[  825.497865][T12939] bcachefs (loop8): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow
[  825.498069][T12939]   allowing incompatible features above 0.0: (unknown version)
[  825.498166][T12939]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  825.545852][T12939] bcachefs (loop8): Using encoding defined by superblock: utf8-12.1.0
[  825.554362][T12939] bcachefs (loop8): initializing new filesystem
[  825.577978][T12939] bcachefs (loop8): going read-write
[  825.618606][T12939] bcachefs (loop8): marking superblocks
[  825.680155][T12939] bcachefs (loop8): initializing freespace
[  825.704454][T12952] loop9: detected capacity change from 0 to 128
[  825.708658][T12939] bcachefs (loop8): done initializing freespace
[  825.730893][T12939] bcachefs (loop8): reading snapshots table
[  825.737301][T12939] bcachefs (loop8): reading snapshots done
[  825.828653][T12939] bcachefs (loop8): done starting filesystem
[  825.947183][T12958] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2334'.
[  826.064059][ T9698] bcachefs (loop8): shutting down
[  826.072016][ T9698] bcachefs (loop8): going read-only
[  826.083111][ T9698] bcachefs (loop8): finished waiting for writes to stop
[  826.112257][ T9698] bcachefs (loop8): flushing journal and stopping allocators, journal seq 9
[  826.403700][ T9698] bcachefs (loop8): flushing journal and stopping allocators complete, journal seq 14
[  826.472849][ T9698] bcachefs (loop8): clean shutdown complete, journal seq 15
[  826.514311][ T9698] bcachefs (loop8): marking filesystem clean
[  826.586004][ T9698] bcachefs (loop8): shutdown complete
[  827.160166][T12967] loop5: detected capacity change from 0 to 2048
[  827.354058][T12967] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  827.885438][T12977] loop9: detected capacity change from 0 to 512
[  828.092943][T12977] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[  828.143156][T12977] System zones: 0-2, 18-18, 34-35
[  828.244343][T12977] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  828.348436][T12982] support for the xor transformation has been removed.
[  828.774070][    T9] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  828.819561][T10741] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  828.974583][    T9] usb 6-1: Using ep0 maxpacket: 8
[  829.014708][    T9] usb 6-1: config index 0 descriptor too short (expected 5924, got 36)
[  829.023946][    T9] usb 6-1: config 250 has an invalid interface number: 228 but max is -1
[  829.033723][    T9] usb 6-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config
[  829.046651][    T9] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0
[  829.056600][    T9] usb 6-1: config 250 has no interface number 0
[  829.063392][    T9] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  829.075409][    T9] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  829.086333][    T9] usb 6-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  829.100186][    T9] usb 6-1: config 250 interface 228 has no altsetting 0
[  829.150629][    T9] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  829.160382][    T9] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  829.169523][    T9] usb 6-1: Product: syz
[  829.174007][    T9] usb 6-1: SerialNumber: syz
[  829.286514][    T9] hub 6-1:250.228: bad descriptor, ignoring hub
[  829.293351][    T9] hub 6-1:250.228: probe with driver hub failed with error -5
[  829.431572][T12994] loop7: detected capacity change from 0 to 128
[  829.475163][T12994] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  829.579211][T12994] FAT-fs (loop7): error, corrupted file size (i_pos 548, 512)
[  829.587466][T12994] FAT-fs (loop7): Filesystem has been set read-only
[  829.602598][T12994] FAT-fs (loop7): error, invalid FAT chain (i_pos 548, last_block 8)
[  829.797273][ T5871] usb 6-1: reset high-speed USB device number 16 using dummy_hcd
[  829.818674][T12998] netlink: 'syz.0.2352': attribute type 83 has an invalid length.
[  830.373362][T12997] loop9: detected capacity change from 0 to 32768
[  830.385473][T12997] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.2351 (12997)
[  830.408246][T12997] BTRFS info (device loop9): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  830.426117][T12997] BTRFS info (device loop9): using sha256 (sha256-lib) checksum algorithm
[  830.600734][T12997] BTRFS info (device loop9): rebuilding free space tree
[  830.628986][T12997] BTRFS info (device loop9): setting nodatasum
[  830.635650][T12997] BTRFS info (device loop9): enabling ssd optimizations
[  830.642899][T12997] BTRFS info (device loop9): enabling free space tree
[  830.649874][T12997] BTRFS info (device loop9): force clearing of disk cache
[  830.658088][T12997] BTRFS info (device loop9): enabling auto defrag
[  830.666314][T12997] BTRFS info (device loop9): force zlib compression, level 3
[  831.515042][T10741] BTRFS info (device loop9): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  831.570714][ T5871] usb 6-1: USB disconnect, device number 16
[  831.782964][T13023] loop5: detected capacity change from 0 to 1024
[  831.837906][T13023] EXT4-fs: Ignoring removed bh option
[  832.030287][T13023] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  832.151286][T13028] loop8: detected capacity change from 0 to 1024
[  832.164698][T13028] ext4: Bad value for 'barrier'
[  832.495417][ T6102] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  833.501696][T13033] loop5: detected capacity change from 0 to 32768
[  833.519941][T13033] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2360 (13033)
[  833.561809][T13033] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  833.572568][T13033] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  833.661342][T13041] team0: Device ip6gre1 is of different type
[  833.871695][T13033] BTRFS info (device loop5): rebuilding free space tree
[  833.915386][T13033] BTRFS info (device loop5): disabling free space tree
[  833.927670][T13033] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  833.937688][T13033] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  833.986203][T13033] BTRFS info (device loop5): enabling ssd optimizations
[  833.993657][T13033] BTRFS info (device loop5): force clearing of disk cache
[  834.000993][T13033] BTRFS info (device loop5): enabling auto defrag
[  834.008501][T13033] BTRFS info (device loop5): doing ref verification
[  834.081805][T13058] kernel read not supported for file /file0 (pid: 13058 comm: syz.0.2364)
[  834.142665][   T30] audit: type=1800 audit(834.078:198): pid=13058 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2364" name="file0" dev="mqueue" ino=39699 res=0 errno=0
[  834.181557][    T9] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  834.246373][ T6102] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  834.372902][    T9] usb 9-1: Using ep0 maxpacket: 8
[  834.398456][    T9] usb 9-1: unable to get BOS descriptor or descriptor too short
[  834.438977][    T9] usb 9-1: config 4 interface 0 has no altsetting 0
[  834.484116][    T9] usb 9-1: string descriptor 0 read error: -22
[  834.490938][    T9] usb 9-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  834.500850][    T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  834.565265][    T9] usb 9-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  834.586973][    T9] usb 9-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  834.598769][    T9] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  834.606352][    T9] usb 9-1: media controller created
[  834.667354][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  834.742952][ T5871] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  834.924108][ T5871] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  834.935887][ T5871] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  834.946107][ T5871] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  834.959764][ T5871] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  834.970261][ T5871] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  834.999864][ T5871] usb 1-1: config 0 descriptor??
[  835.549309][ T5871] plantronics 0003:047F:FFFF.0014: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  835.662846][ T9709] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  835.759870][ T5871] usb 1-1: USB disconnect, device number 22
[  835.908345][ T9709] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  835.920957][ T9709] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  835.932723][ T9709] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  835.947245][ T9709] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  835.957592][ T9709] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  836.052515][ T9709] usb 6-1: config 0 descriptor??
[  836.231442][T13068] loop9: detected capacity change from 0 to 32768
[  836.240872][T13068] btrfs: Deprecated parameter 'usebackuproot'
[  836.247407][T13068] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  836.263041][T13068] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.2368 (13068)
[  836.288903][    T9] usb 9-1: USB disconnect, device number 9
[  836.300801][T13068] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  836.313422][T13068] BTRFS info (device loop9): using crc32c (crc32c-lib) checksum algorithm
[  836.434265][T13068] BTRFS info (device loop9): rebuilding free space tree
[  836.489707][T13068] BTRFS info (device loop9): enabling ssd optimizations
[  836.497451][T13068] BTRFS info (device loop9): turning on flush-on-commit
[  836.510720][T13068] BTRFS info (device loop9): turning on async discard
[  836.519591][T13068] BTRFS info (device loop9): enabling free space tree
[  836.526753][T13068] BTRFS info (device loop9): force clearing of disk cache
[  836.539810][T13068] BTRFS info (device loop9): trying to use backup root at mount time
[  836.548288][T13068] BTRFS info (device loop9): force zlib compression, level 3
[  836.643079][ T9709] plantronics 0003:047F:FFFF.0015: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  836.811866][T10741] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  837.874440][    C0] plantronics 0003:047F:FFFF.0015: usb_submit_urb(ctrl) failed: -1
[  838.075542][T13098] loop8: detected capacity change from 0 to 512
[  838.104203][T13096] program syz.9.2371 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  838.169913][T13098] EXT4-fs (loop8): orphan cleanup on readonly fs
[  838.206192][T13098] EXT4-fs error (device loop8): ext4_orphan_get:1418: comm syz.8.2375: bad orphan inode 13
[  838.284120][T13098] ext4_test_bit(bit=12, block=18) = 1
[  838.289720][T13098] is_bad_inode(inode)=0
[  838.294622][T13098] NEXT_ORPHAN(inode)=2130706432
[  838.299654][T13098] max_ino=32
[  838.303231][T13098] i_nlink=1
[  838.308847][T13098] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  838.643135][T13098] EXT4-fs (loop8): warning: mounting fs with errors, running e2fsck is recommended
[  838.743128][T13098] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.2375: bg 0: block 248: padding at end of block bitmap is not set
[  838.771270][T13094] loop7: detected capacity change from 0 to 32768
[  838.783746][ T9709] usb 6-1: USB disconnect, device number 17
[  838.820691][T13098] Quota error (device loop8): write_blk: dquota write failed
[  838.829154][T13098] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  838.840717][T13098] EXT4-fs error (device loop8): ext4_acquire_dquot:6937: comm syz.8.2375: Failed to acquire dquot type 1
[  838.901730][    C1] sd 0:0:1:0: [sda] tag#7148 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  838.912691][    C1] sd 0:0:1:0: [sda] tag#7148 CDB: Write(6) 0a 00 00 00 00 00
[  838.957193][T13098] EXT4-fs warning (device loop8): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  839.054663][T13094] bcachefs (loop7): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  839.054833][T13094]   allowing incompatible features above 0.0: (unknown version)
[  839.054918][T13094]   features: 
[  839.093619][T13094] bcachefs (loop7): Using encoding defined by superblock: utf8-12.1.0
[  839.102079][T13094] bcachefs (loop7): initializing new filesystem
[  839.119283][T13094] bcachefs (loop7): going read-write
[  839.158676][T13094] bcachefs (loop7): marking superblocks
[  839.220079][T13094] bcachefs (loop7): initializing freespace
[  839.248539][T13094] bcachefs (loop7): done initializing freespace
[  839.271411][T13094] bcachefs (loop7): reading snapshots table
[  839.281238][T13094] bcachefs (loop7): reading snapshots done
[  839.383421][T13094] bcachefs (loop7): done starting filesystem
[  839.536266][ T9698] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  839.717879][T10707] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  839.959220][T10707] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  839.971714][T10707] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  839.983357][T10707] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  839.994365][T10707] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  840.009955][T10707] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  840.019773][T10707] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  840.082797][T10707] usb 1-1: config 0 descriptor??
[  841.000901][T13127] loop5: detected capacity change from 0 to 32768
[  841.069045][T10707] plantronics 0003:047F:FFFF.0016: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  841.114737][ T4260] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  841.258764][T13127] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,checksum_err_retry_nr=12,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,degraded=yes,nojournal_transaction_names
[  841.258958][T13127]   allowing incompatible features above 0.0: (unknown version)
[  841.259060][T13127]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  841.308569][T13127] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  841.317145][T13127] bcachefs (loop5): initializing new filesystem
[  841.339613][T13127] bcachefs (loop5): going read-write
[  841.373756][T13127] bcachefs (loop5): marking superblocks
[  841.420070][T13130] loop8: detected capacity change from 0 to 32768
[  841.429817][T13127] bcachefs (loop5): initializing freespace
[  841.458128][T13127] bcachefs (loop5): done initializing freespace
[  841.479222][T13127] bcachefs (loop5): reading snapshots table
[  841.485986][T13127] bcachefs (loop5): reading snapshots done
[  841.512549][ T9709] usb 1-1: USB disconnect, device number 23
[  841.609878][T13127] bcachefs (loop5): done starting filesystem
[  841.668947][T13130] bcachefs (loop8): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  841.669114][T13130]   allowing incompatible features above 0.0: (unknown version)
[  841.669218][T13130]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  841.714590][T13130] bcachefs (loop8): Using encoding defined by superblock: utf8-12.1.0
[  841.723104][T13130] bcachefs (loop8): initializing new filesystem
[  841.748374][T13130] bcachefs (loop8): going read-write
[  841.787912][T13130] bcachefs (loop8): marking superblocks
[  841.847617][T13130] bcachefs (loop8): initializing freespace
[  841.885746][T13130] bcachefs (loop8): done initializing freespace
[  841.906076][T13130] bcachefs (loop8): reading snapshots table
[  841.912557][T13130] bcachefs (loop8): reading snapshots done
[  841.937123][ T6102] bcachefs (loop5): shutting down
[  841.944932][ T6102] bcachefs (loop5): going read-only
[  841.950367][ T6102] bcachefs (loop5): finished waiting for writes to stop
[  841.982657][ T6102] bcachefs (loop5): flushing journal and stopping allocators, journal seq 2
[  842.040315][T13130] bcachefs (loop8): done starting filesystem
[  842.284857][ T6102] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 3
[  842.295299][ T9698] bcachefs (loop8): shutting down
[  842.300616][ T9698] bcachefs (loop8): going read-only
[  842.306527][ T9698] bcachefs (loop8): finished waiting for writes to stop
[  842.364223][ T6102] bcachefs (loop5): clean shutdown complete, journal seq 4
[  842.373849][ T6102] bcachefs (loop5): marking filesystem clean
[  842.383141][ T9698] bcachefs (loop8): flushing journal and stopping allocators, journal seq 3
[  842.578755][ T6102] bcachefs (loop5): shutdown complete
[  842.682296][ T9698] bcachefs (loop8): flushing journal and stopping allocators complete, journal seq 3
[  842.742922][ T9698] bcachefs (loop8): clean shutdown complete, journal seq 4
[  842.793748][ T9698] bcachefs (loop8): marking filesystem clean
[  842.946442][T13160] loop9: detected capacity change from 0 to 256
[  842.958984][T13160] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  842.972077][T13160] exFAT-fs (loop9): Medium has reported failures. Some data may be lost.
[  843.006719][ T9698] bcachefs (loop8): shutdown complete
[  843.133498][T13160] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  843.226130][ T9622] bcachefs (loop7): shutting down
[  843.231501][ T9622] bcachefs (loop7): going read-only
[  843.237080][ T9622] bcachefs (loop7): finished waiting for writes to stop
[  843.295627][ T9622] bcachefs (loop7): flushing journal and stopping allocators, journal seq 8
[  843.724889][ T9622] bcachefs (loop7): flushing journal and stopping allocators complete, journal seq 8
[  843.807567][ T9622] bcachefs (loop7): clean shutdown complete, journal seq 9
[  843.837255][ T9622] bcachefs (loop7): marking filesystem clean
[  844.049715][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  844.071601][ T9622] bcachefs (loop7): shutdown complete
[  844.106908][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  844.113956][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  844.296188][T10707] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  844.593023][T10707] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  844.604091][T10707] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  844.612948][T10707] usb 1-1: Product: syz
[  844.617573][T10707] usb 1-1: Manufacturer: syz
[  844.622648][T10707] usb 1-1: SerialNumber: syz
[  844.775944][T13165] loop9: detected capacity change from 0 to 32768
[  844.859512][T13165] XFS (loop9): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  845.118023][T13165] XFS (loop9): Ending clean mount
[  845.262840][T10741] XFS (loop9): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  845.891389][T10707] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[  845.904029][T10707] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  845.915184][T10707] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  845.996993][T10707] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71
[  846.124909][T10707] usb 1-1: USB disconnect, device number 24
[  846.756071][T13177] loop5: detected capacity change from 0 to 32768
[  846.938060][T13177] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,checksum_err_retry_nr=12,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,degraded=yes,nojournal_transaction_names
[  846.938257][T13177]   allowing incompatible features above 0.0: (unknown version)
[  846.938355][T13177]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  846.991640][T13177] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  847.000669][T13177] bcachefs (loop5): initializing new filesystem
[  847.017817][T13177] bcachefs (loop5): going read-write
[  847.045719][T13177] bcachefs (loop5): marking superblocks
[  847.103973][T13177] bcachefs (loop5): initializing freespace
[  847.131954][T13177] bcachefs (loop5): done initializing freespace
[  847.154500][T13177] bcachefs (loop5): reading snapshots table
[  847.160803][T13177] bcachefs (loop5): reading snapshots done
[  847.309075][T13177] bcachefs (loop5): done starting filesystem
[  847.433246][T13191] loop9: detected capacity change from 0 to 256
[  847.461649][T13191] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  847.476183][ T6102] bcachefs (loop5): shutting down
[  847.476273][ T6102] bcachefs (loop5): going read-only
[  847.476377][ T6102] bcachefs (loop5): finished waiting for writes to stop
[  847.481399][T13191] exFAT-fs (loop9): Medium has reported failures. Some data may be lost.
[  847.508224][ T6102] bcachefs (loop5): flushing journal and stopping allocators, journal seq 3
[  847.647173][T13191] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  847.793654][ T6102] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 3
[  847.850046][ T6102] bcachefs (loop5): clean shutdown complete, journal seq 4
[  847.900150][ T6102] bcachefs (loop5): marking filesystem clean
[  848.260512][ T6102] bcachefs (loop5): shutdown complete
[  848.726901][T13195] loop8: detected capacity change from 0 to 32768
[  848.737859][T13195] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.2388 (13195)
[  848.763243][T13195] BTRFS info (device loop8): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  848.774887][T13195] BTRFS info (device loop8): using sha256 (sha256-lib) checksum algorithm
[  848.971752][T13195] BTRFS info (device loop8): rebuilding free space tree
[  849.047352][T13195] BTRFS info (device loop8): checking UUID tree
[  849.059453][T13195] BTRFS info (device loop8): enabling ssd optimizations
[  849.066929][T13195] BTRFS info (device loop8): enabling free space tree
[  849.074089][T13195] BTRFS info (device loop8): force clearing of disk cache
[  849.081407][T13195] BTRFS info (device loop8): use zlib compression, level 3
[  849.089248][T13195] BTRFS info (device loop8): max_inline set to 0
[  849.311456][ T9698] BTRFS info (device loop8): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  849.473757][T13220] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2383'.
[  850.046366][T13228] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2404'.
[  852.335483][T13244] loop7: detected capacity change from 0 to 40427
[  852.346877][T13244] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  852.355164][T13244] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  852.435316][T13244] F2FS-fs (loop7): invalid crc value
[  852.774826][T13244] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  852.811054][T13244] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  852.818601][T13244] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  853.414468][T13156] Bluetooth: Error in BCSP hdr checksum
[  853.554638][T13258] loop8: detected capacity change from 0 to 256
[  855.043361][T13268] loop5: detected capacity change from 0 to 8192
[  855.233090][ T5823] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  855.983085][ T9709] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  856.205583][ T9709] usb 10-1: Using ep0 maxpacket: 8
[  856.320846][ T9709] usb 10-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  856.330728][ T9709] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  856.339402][ T9709] usb 10-1: Product: syz
[  856.344220][ T9709] usb 10-1: Manufacturer: syz
[  856.349115][ T9709] usb 10-1: SerialNumber: syz
[  856.408542][T13282] loop7: detected capacity change from 0 to 40427
[  856.447725][T13282] F2FS-fs (loop7): invalid crc value
[  856.478886][ T9709] usb 10-1: config 0 descriptor??
[  856.528417][ T9709] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  856.769840][T13282] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  856.789716][T13282] F2FS-fs (loop7): Start checkpoint disabled!
[  856.803813][T13282] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  857.046152][ T3753] kworker/u8:17: attempt to access beyond end of device
[  857.046152][ T3753] loop7: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  857.115926][ T3753] kworker/u8:17: attempt to access beyond end of device
[  857.115926][ T3753] loop7: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  857.130750][ T3753] CPU: 0 UID: 0 PID: 3753 Comm: kworker/u8:17 Not tainted syzkaller #0 PREEMPT(none) 
[  857.130906][ T3753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  857.131018][ T3753] Workqueue: writeback wb_workfn (flush-7:7)
[  857.131281][ T3753] Call Trace:
[  857.131345][ T3753]  <TASK>
[  857.131403][ T3753]  __dump_stack+0x26/0x30
[  857.131593][ T3753]  dump_stack_lvl+0x1df/0x270
[  857.131789][ T3753]  dump_stack+0x1e/0x25
[  857.131956][ T3753]  f2fs_handle_critical_error+0xa6f/0xc20
[  857.132214][ T3753]  f2fs_stop_checkpoint+0x65/0x80
[  857.132423][ T3753]  f2fs_write_end_io+0x101c/0x1bc0
[  857.132610][ T3753]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  857.132766][ T3753]  bio_endio+0xeb4/0x1010
[  857.132936][ T3753]  submit_bio_noacct+0x213/0x2750
[  857.133157][ T3753]  submit_bio+0x57c/0x630
[  857.133381][ T3753]  f2fs_submit_write_bio+0x92/0x250
[  857.133586][ T3753]  __submit_merged_bio+0x16f/0x6a0
[  857.133802][ T3753]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.133998][ T3753]  __submit_merged_write_cond+0x715/0x9a0
[  857.134191][ T3753]  ? filemap_get_folios_tag+0x488/0x510
[  857.134433][ T3753]  f2fs_submit_merged_write+0x31/0x40
[  857.134611][ T3753]  f2fs_sync_node_pages+0x1fd7/0x20c0
[  857.134798][ T3753]  ? dlm_thread+0x5e10/0x7980
[  857.134998][ T3753]  ? kmsan_get_metadata+0xfb/0x160
[  857.135256][ T3753]  f2fs_write_node_pages+0x3c5/0xb40
[  857.135424][ T3753]  ? kmsan_get_metadata+0xfb/0x160
[  857.135651][ T3753]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.135865][ T3753]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  857.136049][ T3753]  do_writepages+0x3f2/0x860
[  857.136200][ T3753]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.136385][ T3753]  ? writeback_sb_inodes+0x11/0x1cb0
[  857.136539][ T3753]  ? kmsan_get_metadata+0xfb/0x160
[  857.136739][ T3753]  __writeback_single_inode+0x101/0x1190
[  857.136923][ T3753]  ? kmsan_get_metadata+0xfb/0x160
[  857.137112][ T3753]  writeback_sb_inodes+0xac1/0x1cb0
[  857.137370][ T3753]  ? kmsan_get_metadata+0xfb/0x160
[  857.137582][ T3753]  wb_writeback+0x4ce/0xc00
[  857.137762][ T3753]  ? queue_io+0x4b1/0x790
[  857.137920][ T3753]  wb_workfn+0x397/0x1910
[  857.138119][ T3753]  ? kmsan_get_metadata+0xfb/0x160
[  857.138310][ T3753]  ? __pfx_wb_workfn+0x10/0x10
[  857.138497][ T3753]  process_scheduled_works+0xb8e/0x1d80
[  857.138773][ T3753]  worker_thread+0xedf/0x1590
[  857.139028][ T3753]  kthread+0xd59/0xf00
[  857.139168][ T3753]  ? __pfx_worker_thread+0x10/0x10
[  857.139398][ T3753]  ? __pfx_kthread+0x10/0x10
[  857.139543][ T3753]  ret_from_fork+0x233/0x380
[  857.139694][ T3753]  ? __pfx_kthread+0x10/0x10
[  857.139856][ T3753]  ret_from_fork_asm+0x1a/0x30
[  857.140099][ T3753]  </TASK>
[  857.404781][ T3753] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  857.412195][ T3753] CPU: 0 UID: 0 PID: 3753 Comm: kworker/u8:17 Not tainted syzkaller #0 PREEMPT(none) 
[  857.412356][ T3753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  857.412478][ T3753] Workqueue: writeback wb_workfn (flush-7:7)
[  857.412713][ T3753] Call Trace:
[  857.412773][ T3753]  <TASK>
[  857.412830][ T3753]  __dump_stack+0x26/0x30
[  857.413002][ T3753]  dump_stack_lvl+0x1df/0x270
[  857.413191][ T3753]  dump_stack+0x1e/0x25
[  857.413355][ T3753]  f2fs_handle_critical_error+0xa6f/0xc20
[  857.413603][ T3753]  f2fs_stop_checkpoint+0x65/0x80
[  857.413817][ T3753]  f2fs_write_end_io+0x101c/0x1bc0
[  857.414009][ T3753]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  857.414152][ T3753]  bio_endio+0xeb4/0x1010
[  857.414344][ T3753]  submit_bio_noacct+0x213/0x2750
[  857.414615][ T3753]  submit_bio+0x57c/0x630
[  857.414812][ T3753]  f2fs_submit_write_bio+0x92/0x250
[  857.415014][ T3753]  __submit_merged_bio+0x16f/0x6a0
[  857.415211][ T3753]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.415399][ T3753]  __submit_merged_write_cond+0x715/0x9a0
[  857.415600][ T3753]  ? filemap_get_folios_tag+0x488/0x510
[  857.415825][ T3753]  f2fs_submit_merged_write+0x31/0x40
[  857.416020][ T3753]  f2fs_sync_node_pages+0x1fd7/0x20c0
[  857.416198][ T3753]  ? dlm_thread+0x5e10/0x7980
[  857.416388][ T3753]  ? kmsan_get_metadata+0xfb/0x160
[  857.416653][ T3753]  f2fs_write_node_pages+0x3c5/0xb40
[  857.416834][ T3753]  ? kmsan_get_metadata+0xfb/0x160
[  857.417005][ T3753]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.417203][ T3753]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  857.417391][ T3753]  do_writepages+0x3f2/0x860
[  857.417546][ T3753]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.417724][ T3753]  ? writeback_sb_inodes+0x11/0x1cb0
[  857.417879][ T3753]  ? kmsan_get_metadata+0xfb/0x160
[  857.418070][ T3753]  __writeback_single_inode+0x101/0x1190
[  857.418239][ T3753]  ? kmsan_get_metadata+0xfb/0x160
[  857.418424][ T3753]  writeback_sb_inodes+0xac1/0x1cb0
[  857.418683][ T3753]  ? kmsan_get_metadata+0xfb/0x160
[  857.418924][ T3753]  wb_writeback+0x4ce/0xc00
[  857.419098][ T3753]  ? queue_io+0x4b1/0x790
[  857.419266][ T3753]  wb_workfn+0x397/0x1910
[  857.419475][ T3753]  ? kmsan_get_metadata+0xfb/0x160
[  857.419675][ T3753]  ? __pfx_wb_workfn+0x10/0x10
[  857.419876][ T3753]  process_scheduled_works+0xb8e/0x1d80
[  857.420154][ T3753]  worker_thread+0xedf/0x1590
[  857.420406][ T3753]  kthread+0xd59/0xf00
[  857.420564][ T3753]  ? __pfx_worker_thread+0x10/0x10
[  857.420806][ T3753]  ? __pfx_kthread+0x10/0x10
[  857.420964][ T3753]  ret_from_fork+0x233/0x380
[  857.421117][ T3753]  ? __pfx_kthread+0x10/0x10
[  857.421273][ T3753]  ret_from_fork_asm+0x1a/0x30
[  857.421509][ T3753]  </TASK>
[  857.696314][ T3753] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  857.737551][ T9709] gspca_sonixj: reg_w1 err -71
[  858.030818][T13301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2434'.
[  858.066580][ T9709] sonixj 10-1:0.0: probe with driver sonixj failed with error -71
[  858.087519][ T9709] usb 10-1: USB disconnect, device number 4
[  859.257529][T13312] loop5: detected capacity change from 0 to 32768
[  859.377069][T13312] ERROR: (device loop5): dbAlloc: the hint is outside the map
[  859.377069][T13312] 
[  859.392147][T13312] ERROR: (device loop5): remounting filesystem as read-only
[  859.399899][T13312] ialloc: diAlloc returned -5!
[  860.556464][T13316] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  860.589341][ T5871] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  861.018915][T13319] bridge_slave_0: left allmulticast mode
[  861.025059][T13319] bridge_slave_0: left promiscuous mode
[  861.031781][T13319] bridge0: port 1(bridge_slave_0) entered disabled state
[  861.050028][ T9709] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  861.093284][T13314] loop9: detected capacity change from 0 to 40427
[  861.110227][T13314] F2FS-fs (loop9): build fault injection rate: 14
[  861.117205][T13314] F2FS-fs (loop9): build fault injection type: 0x3bfe8c
[  861.148435][T13314] F2FS-fs (loop9): invalid crc value
[  861.170727][    C1] F2FS-fs (loop9): inject read IO error in f2fs_read_end_io of bio_endio+0xeb4/0x1010
[  861.177627][T13319] bridge_slave_1: left allmulticast mode
[  861.188288][T13319] bridge_slave_1: left promiscuous mode
[  861.197456][T13319] bridge0: port 2(bridge_slave_1) entered disabled state
[  861.243302][    C1] F2FS-fs (loop9): inject read IO error in f2fs_read_end_io of bio_endio+0xeb4/0x1010
[  861.324429][ T9709] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  861.401096][T13319] bond0: (slave 
1
0û]þ5¯\P€): Releasing backup interface
[  861.536557][T13314] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  861.544783][T13323] [U] ^O
[  861.547268][T13314] F2FS-fs (loop9): inject page alloc in f2fs_grab_cache_folio of f2fs_get_tmp_folio+0x38/0x50
[  861.566518][T13319] bond0: (slave bond_slave_1): Releasing backup interface
[  861.587246][T13314] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  861.631630][T13314] F2FS-fs (loop9): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x831/0x19b0
[  861.667498][T13319] team0: Port device team_slave_0 removed
[  861.734329][T13319] team0: Port device team_slave_1 removed
[  861.745855][T13319] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  861.753782][T13319] batman_adv: batadv0: Removing interface: batadv_slave_0
[  861.837580][T13319] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  861.845891][T13319] batman_adv: batadv0: Removing interface: batadv_slave_1
[  861.855513][T10741] F2FS-fs (loop9): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0x129f/0x2fc0
[  861.868448][T10741] F2FS-fs (loop9): inconsistent node block, node_type:0, nid:13, node_footer[nid:13,ino:3,ofs:191623,cpver:0,blkaddr:0]
[  862.123919][    C1] F2FS-fs (loop9): inject write IO error in f2fs_write_end_io of bio_endio+0xeb4/0x1010
[  862.134196][    C1] CPU: 1 UID: 0 PID: 4134 Comm: kworker/u8:25 Not tainted syzkaller #0 PREEMPT(none) 
[  862.134350][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  862.134471][    C1] Workqueue: bat_events batadv_nc_worker
[  862.134647][    C1] Call Trace:
[  862.134700][    C1]  <IRQ>
[  862.134752][    C1]  __dump_stack+0x26/0x30
[  862.134928][    C1]  dump_stack_lvl+0x1df/0x270
[  862.135124][    C1]  dump_stack+0x1e/0x25
[  862.135288][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  862.135543][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  862.135742][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  862.135943][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  862.136089][    C1]  bio_endio+0xeb4/0x1010
[  862.136261][    C1]  blk_update_request+0xf4c/0x1a90
[  862.136473][    C1]  blk_mq_end_request+0x50/0xb0
[  862.136632][    C1]  lo_complete_rq+0x188/0x3a0
[  862.136814][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  862.137001][    C1]  blk_done_softirq+0x10f/0x1f0
[  862.137200][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  862.137410][    C1]  handle_softirqs+0x166/0x6e0
[  862.137584][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[  862.137782][    C1]  __do_softirq+0x14/0x1b
[  862.137966][    C1]  do_softirq+0x99/0x100
[  862.138108][    C1]  </IRQ>
[  862.138161][    C1]  <TASK>
[  862.138221][    C1]  __local_bh_enable_ip+0xa1/0xb0
[  862.138374][    C1]  _raw_spin_unlock_bh+0x2d/0x40
[  862.138556][    C1]  batadv_nc_purge_paths+0x68f/0x740
[  862.138750][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[  862.138983][    C1]  batadv_nc_worker+0x369/0x1aa0
[  862.139154][    C1]  ? kmsan_get_metadata+0xfb/0x160
[  862.139329][    C1]  ? kmsan_get_metadata+0xfb/0x160
[  862.139637][    C1]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  862.139824][    C1]  ? __pfx_batadv_nc_worker+0x10/0x10
[  862.139998][    C1]  process_scheduled_works+0xb8e/0x1d80
[  862.140261][    C1]  worker_thread+0xedf/0x1590
[  862.140533][    C1]  kthread+0xd59/0xf00
[  862.140678][    C1]  ? __pfx_worker_thread+0x10/0x10
[  862.140924][    C1]  ? __pfx_kthread+0x10/0x10
[  862.141073][    C1]  ret_from_fork+0x233/0x380
[  862.141235][    C1]  ? __pfx_kthread+0x10/0x10
[  862.141391][    C1]  ret_from_fork_asm+0x1a/0x30
[  862.141619][    C1]  </TASK>
[  862.141678][    C1] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  862.370472][    C1] CPU: 1 UID: 0 PID: 4134 Comm: kworker/u8:25 Not tainted syzkaller #0 PREEMPT(none) 
[  862.370629][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  862.370746][    C1] Workqueue: bat_events batadv_nc_worker
[  862.370925][    C1] Call Trace:
[  862.370980][    C1]  <IRQ>
[  862.371034][    C1]  __dump_stack+0x26/0x30
[  862.371209][    C1]  dump_stack_lvl+0x1df/0x270
[  862.371374][    C1]  dump_stack+0x1e/0x25
[  862.371522][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  862.371740][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  862.371926][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  862.372120][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  862.372258][    C1]  bio_endio+0xeb4/0x1010
[  862.372424][    C1]  blk_update_request+0xf4c/0x1a90
[  862.372627][    C1]  blk_mq_end_request+0x50/0xb0
[  862.372777][    C1]  lo_complete_rq+0x188/0x3a0
[  862.372946][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  862.373117][    C1]  blk_done_softirq+0x10f/0x1f0
[  862.373311][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  862.373493][    C1]  handle_softirqs+0x166/0x6e0
[  862.373652][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[  862.373844][    C1]  __do_softirq+0x14/0x1b
[  862.374002][    C1]  do_softirq+0x99/0x100
[  862.374123][    C1]  </IRQ>
[  862.374178][    C1]  <TASK>
[  862.374233][    C1]  __local_bh_enable_ip+0xa1/0xb0
[  862.374370][    C1]  _raw_spin_unlock_bh+0x2d/0x40
[  862.374530][    C1]  batadv_nc_purge_paths+0x68f/0x740
[  862.374704][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[  862.374889][    C1]  batadv_nc_worker+0x369/0x1aa0
[  862.375037][    C1]  ? kmsan_get_metadata+0xfb/0x160
[  862.375201][    C1]  ? kmsan_get_metadata+0xfb/0x160
[  862.375353][    C1]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  862.375515][    C1]  ? __pfx_batadv_nc_worker+0x10/0x10
[  862.375665][    C1]  process_scheduled_works+0xb8e/0x1d80
[  862.375899][    C1]  worker_thread+0xedf/0x1590
[  862.376109][    C1]  kthread+0xd59/0xf00
[  862.376250][    C1]  ? __pfx_worker_thread+0x10/0x10
[  862.376479][    C1]  ? __pfx_kthread+0x10/0x10
[  862.376620][    C1]  ret_from_fork+0x233/0x380
[  862.376764][    C1]  ? __pfx_kthread+0x10/0x10
[  862.376906][    C1]  ret_from_fork_asm+0x1a/0x30
[  862.377141][    C1]  </TASK>
[  862.595673][    C1] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  862.602876][    C1] CPU: 1 UID: 0 PID: 4134 Comm: kworker/u8:25 Not tainted syzkaller #0 PREEMPT(none) 
[  862.603047][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  862.603165][    C1] Workqueue: bat_events batadv_nc_worker
[  862.603338][    C1] Call Trace:
[  862.603396][    C1]  <IRQ>
[  862.603453][    C1]  __dump_stack+0x26/0x30
[  862.603638][    C1]  dump_stack_lvl+0x1df/0x270
[  862.603832][    C1]  dump_stack+0x1e/0x25
[  862.604000][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  862.604290][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  862.604514][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  862.604701][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  862.604846][    C1]  bio_endio+0xeb4/0x1010
[  862.605020][    C1]  blk_update_request+0xf4c/0x1a90
[  862.605241][    C1]  blk_mq_end_request+0x50/0xb0
[  862.605416][    C1]  lo_complete_rq+0x188/0x3a0
[  862.605597][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  862.605779][    C1]  blk_done_softirq+0x10f/0x1f0
[  862.605976][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  862.606184][    C1]  handle_softirqs+0x166/0x6e0
[  862.606353][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[  862.606549][    C1]  __do_softirq+0x14/0x1b
[  862.606732][    C1]  do_softirq+0x99/0x100
[  862.606872][    C1]  </IRQ>
[  862.606928][    C1]  <TASK>
[  862.606988][    C1]  __local_bh_enable_ip+0xa1/0xb0
[  862.607145][    C1]  _raw_spin_unlock_bh+0x2d/0x40
[  862.607323][    C1]  batadv_nc_purge_paths+0x68f/0x740
[  862.607517][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[  862.607729][    C1]  batadv_nc_worker+0x369/0x1aa0
[  862.607890][    C1]  ? kmsan_get_metadata+0xfb/0x160
[  862.608065][    C1]  ? kmsan_get_metadata+0xfb/0x160
[  862.608296][    C1]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  862.608481][    C1]  ? __pfx_batadv_nc_worker+0x10/0x10
[  862.608653][    C1]  process_scheduled_works+0xb8e/0x1d80
[  862.608924][    C1]  worker_thread+0xedf/0x1590
[  862.609168][    C1]  kthread+0xd59/0xf00
[  862.609313][    C1]  ? __pfx_worker_thread+0x10/0x10
[  862.609545][    C1]  ? __pfx_kthread+0x10/0x10
[  862.609695][    C1]  ret_from_fork+0x233/0x380
[  862.609845][    C1]  ? __pfx_kthread+0x10/0x10
[  862.610007][    C1]  ret_from_fork_asm+0x1a/0x30
[  862.610250][    C1]  </TASK>
[  862.610324][    C1] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  862.753881][T13329] IPv6: NLM_F_CREATE should be specified when creating new route
[  862.755132][    C1] CPU: 1 UID: 0 PID: 4134 Comm: kworker/u8:25 Not tainted syzkaller #0 PREEMPT(none) 
[  862.755305][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  862.755433][    C1] Workqueue: bat_events batadv_nc_worker
[  862.755631][    C1] Call Trace:
[  862.755693][    C1]  <IRQ>
[  862.755753][    C1]  __dump_stack+0x26/0x30
[  862.755952][    C1]  dump_stack_lvl+0x1df/0x270
[  862.756171][    C1]  dump_stack+0x1e/0x25
[  862.756354][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  862.756629][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  862.756864][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  862.757080][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  862.757250][    C1]  bio_endio+0xeb4/0x1010
[  862.757448][    C1]  blk_update_request+0xf4c/0x1a90
[  862.757674][    C1]  blk_mq_end_request+0x50/0xb0
[  862.757852][    C1]  lo_complete_rq+0x188/0x3a0
[  862.758063][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  862.758278][    C1]  blk_done_softirq+0x10f/0x1f0
[  862.758497][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  862.758752][    C1]  handle_softirqs+0x166/0x6e0
[  862.758948][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[  862.759187][    C1]  __do_softirq+0x14/0x1b
[  862.759398][    C1]  do_softirq+0x99/0x100
[  862.759565][    C1]  </IRQ>
[  862.759625][    C1]  <TASK>
[  862.759695][    C1]  __local_bh_enable_ip+0xa1/0xb0
[  862.759869][    C1]  _raw_spin_unlock_bh+0x2d/0x40
[  862.760072][    C1]  batadv_nc_purge_paths+0x68f/0x740
[  862.760303][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[  862.760543][    C1]  batadv_nc_worker+0x369/0x1aa0
[  862.760732][    C1]  ? kmsan_get_metadata+0xfb/0x160
[  862.760934][    C1]  ? kmsan_get_metadata+0xfb/0x160
[  862.761139][    C1]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  862.761347][    C1]  ? __pfx_batadv_nc_worker+0x10/0x10
[  862.761545][    C1]  process_scheduled_works+0xb8e/0x1d80
[  862.761851][    C1]  worker_thread+0xedf/0x1590
[  862.762112][    C1]  kthread+0xd59/0xf00
[  862.762264][    C1]  ? __pfx_worker_thread+0x10/0x10
[  862.762535][    C1]  ? __pfx_kthread+0x10/0x10
[  862.762705][    C1]  ret_from_fork+0x233/0x380
[  862.762876][    C1]  ? __pfx_kthread+0x10/0x10
[  862.763069][    C1]  ret_from_fork_asm+0x1a/0x30
[  862.763347][    C1]  </TASK>
[  862.763517][    C1] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  863.074268][    C1] CPU: 1 UID: 0 PID: 4134 Comm: kworker/u8:25 Not tainted syzkaller #0 PREEMPT(none) 
[  863.074427][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  863.074544][    C1] Workqueue: bat_events batadv_nc_worker
[  863.074716][    C1] Call Trace:
[  863.074791][    C1]  <IRQ>
[  863.074852][    C1]  __dump_stack+0x26/0x30
[  863.075039][    C1]  dump_stack_lvl+0x1df/0x270
[  863.075242][    C1]  dump_stack+0x1e/0x25
[  863.075425][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  863.075723][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  863.075948][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  863.076148][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  863.076298][    C1]  bio_endio+0xeb4/0x1010
[  863.076469][    C1]  blk_update_request+0xf4c/0x1a90
[  863.076683][    C1]  blk_mq_end_request+0x50/0xb0
[  863.076848][    C1]  lo_complete_rq+0x188/0x3a0
[  863.077067][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  863.077272][    C1]  blk_done_softirq+0x10f/0x1f0
[  863.077476][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  863.077695][    C1]  handle_softirqs+0x166/0x6e0
[  863.077874][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[  863.078087][    C1]  __do_softirq+0x14/0x1b
[  863.078280][    C1]  do_softirq+0x99/0x100
[  863.078427][    C1]  </IRQ>
[  863.078480][    C1]  <TASK>
[  863.078544][    C1]  __local_bh_enable_ip+0xa1/0xb0
[  863.078702][    C1]  _raw_spin_unlock_bh+0x2d/0x40
[  863.078894][    C1]  batadv_nc_purge_paths+0x68f/0x740
[  863.079105][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[  863.079323][    C1]  batadv_nc_worker+0x369/0x1aa0
[  863.079491][    C1]  ? kmsan_get_metadata+0xfb/0x160
[  863.079669][    C1]  ? kmsan_get_metadata+0xfb/0x160
[  863.079845][    C1]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  863.080045][    C1]  ? __pfx_batadv_nc_worker+0x10/0x10
[  863.080245][    C1]  process_scheduled_works+0xb8e/0x1d80
[  863.080517][    C1]  worker_thread+0xedf/0x1590
[  863.080768][    C1]  kthread+0xd59/0xf00
[  863.080912][    C1]  ? __pfx_worker_thread+0x10/0x10
[  863.081145][    C1]  ? __pfx_kthread+0x10/0x10
[  863.081292][    C1]  ret_from_fork+0x233/0x380
[  863.081442][    C1]  ? __pfx_kthread+0x10/0x10
[  863.081593][    C1]  ret_from_fork_asm+0x1a/0x30
[  863.081814][    C1]  </TASK>
[  863.081871][    C1] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  863.289501][T13334] loop8: detected capacity change from 0 to 2048
[  863.327088][T10741] F2FS-fs (loop9): do_checkpoint failed err:-5, stop checkpoint
[  863.610005][T13334] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  863.837192][T13333] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  864.008279][T13334] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  864.021168][T13334] EXT4-fs (loop8): This should not happen!! Data will be lost
[  864.021168][T13334] 
[  864.031332][T13334] EXT4-fs (loop8): Total free blocks count 0
[  864.037905][T13334] EXT4-fs (loop8): Free/Dirty block details
[  864.056907][T13334] EXT4-fs (loop8): free_blocks=2415919504
[  864.065595][T13334] EXT4-fs (loop8): dirty_blocks=16
[  864.071864][T13334] EXT4-fs (loop8): Block reservation details
[  864.078952][T13334] EXT4-fs (loop8): i_reserved_data_blocks=1
[  864.294529][T10707] IPVS: starting estimator thread 0...
[  864.321590][T13348] tipc: Started in network mode
[  864.327513][T13348] tipc: Node identity ac1414aa, cluster identity 4711
[  864.336861][T13348] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  864.344847][T13348] tipc: Enabled bearer <udp:s>, priority 10
[  864.384076][T13350] IPVS: using max 192 ests per chain, 9600 per kthread
[  864.472913][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  864.593197][ T5871] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  864.612586][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  864.638989][ T1891] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  864.752566][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  864.783867][ T5871] usb 6-1: Using ep0 maxpacket: 32
[  864.836780][ T5871] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  864.849195][ T5871] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  864.860127][ T5871] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  864.870457][ T5871] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  864.892565][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  864.992234][ T5871] usb 6-1: config 0 descriptor??
[  865.036323][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  865.119136][T13358] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2455'.
[  865.266856][    C0] =====================================================
[  865.274361][    C0] BUG: KMSAN: uninit-value in can_receive+0x12c/0x4a0
[  865.281337][    C0]  can_receive+0x12c/0x4a0
[  865.286077][    C0]  can_rcv+0x1ff/0x3b0
[  865.290307][    C0]  __netif_receive_skb+0x477/0xac0
[  865.295811][    C0]  process_backlog+0x485/0xa00
[  865.300789][    C0]  __napi_poll+0xda/0x8a0
[  865.305513][    C0]  net_rx_action+0xa59/0x1ac0
[  865.310472][    C0]  handle_softirqs+0x166/0x6e0
[  865.315548][    C0]  __do_softirq+0x14/0x1b
[  865.320252][    C0]  do_softirq+0x99/0x100
[  865.324772][    C0]  __local_bh_enable_ip+0xa1/0xb0
[  865.329988][    C0]  netif_rx+0xdb/0x3f0
[  865.334344][    C0]  can_send+0x11a1/0x1390
[  865.338969][    C0]  raw_sendmsg+0x1796/0x1e90
[  865.343858][    C0]  __sock_sendmsg+0x330/0x3d0
[  865.348721][    C0]  ____sys_sendmsg+0x7e0/0xd80
[  865.353860][    C0]  ___sys_sendmsg+0x271/0x3b0
[  865.358752][    C0]  __x64_sys_sendmsg+0x211/0x3e0
[  865.364021][    C0]  x64_sys_call+0x1dfd/0x3e20
[  865.368916][    C0]  do_syscall_64+0xd9/0x210
[  865.373715][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.379785][    C0] 
[  865.382196][    C0] Uninit was created at:
[  865.386819][    C0]  __kmalloc_node_track_caller_noprof+0x96d/0x12f0
[  865.393651][    C0]  kmalloc_reserve+0x22f/0x4b0
[  865.398610][    C0]  pskb_expand_head+0x1fc/0x1610
[  865.404010][    C0]  do_xdp_generic+0xa79/0x1690
[  865.409006][    C0]  __netif_receive_skb_core+0x2524/0x6df0
[  865.415082][    C0]  __netif_receive_skb+0xcc/0xac0
[  865.420385][    C0]  process_backlog+0x485/0xa00
[  865.425413][    C0]  __napi_poll+0xda/0x8a0
[  865.429969][    C0]  net_rx_action+0xa59/0x1ac0
[  865.434955][    C0]  handle_softirqs+0x166/0x6e0
[  865.439971][    C0]  __do_softirq+0x14/0x1b
[  865.444623][    C0] 
[  865.447058][    C0] CPU: 0 UID: 0 PID: 13362 Comm: syz.8.2453 Not tainted syzkaller #0 PREEMPT(none) 
[  865.456852][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  865.467171][    C0] =====================================================
[  865.474338][    C0] Disabling lock debugging due to kernel taint
[  865.480623][    C0] Kernel panic - not syncing: kmsan.panic set ...
[  865.487202][    C0] CPU: 0 UID: 0 PID: 13362 Comm: syz.8.2453 Tainted: G    B               syzkaller #0 PREEMPT(none) 
[  865.498349][    C0] Tainted: [B]=BAD_PAGE
[  865.502609][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  865.512812][    C0] Call Trace:
[  865.516209][    C0]  <IRQ>
[  865.519156][    C0]  __dump_stack+0x26/0x30
[  865.523707][    C0]  dump_stack_lvl+0x53/0x270
[  865.528703][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  865.534732][    C0]  dump_stack+0x1e/0x25
[  865.539108][    C0]  vpanic+0x361/0xc50
[  865.543344][    C0]  panic+0x15d/0x160
[  865.547493][    C0]  kmsan_report+0x31c/0x320
[  865.552202][    C0]  ? __msan_warning+0x1b/0x30
[  865.557046][    C0]  ? can_receive+0x12c/0x4a0
[  865.561820][    C0]  ? can_rcv+0x1ff/0x3b0
[  865.566227][    C0]  ? __netif_receive_skb+0x477/0xac0
[  865.571753][    C0]  ? process_backlog+0x485/0xa00
[  865.576844][    C0]  ? __napi_poll+0xda/0x8a0
[  865.581567][    C0]  ? net_rx_action+0xa59/0x1ac0
[  865.586613][    C0]  ? handle_softirqs+0x166/0x6e0
[  865.591739][    C0]  ? __do_softirq+0x14/0x1b
[  865.596453][    C0]  ? do_softirq+0x99/0x100
[  865.601032][    C0]  ? __local_bh_enable_ip+0xa1/0xb0
[  865.606411][    C0]  ? netif_rx+0xdb/0x3f0
[  865.610855][    C0]  ? can_send+0x11a1/0x1390
[  865.615505][    C0]  ? raw_sendmsg+0x1796/0x1e90
[  865.620428][    C0]  ? __sock_sendmsg+0x330/0x3d0
[  865.625446][    C0]  ? ____sys_sendmsg+0x7e0/0xd80
[  865.630593][    C0]  ? ___sys_sendmsg+0x271/0x3b0
[  865.635700][    C0]  ? __x64_sys_sendmsg+0x211/0x3e0
[  865.641040][    C0]  ? x64_sys_call+0x1dfd/0x3e20
[  865.646128][    C0]  ? do_syscall_64+0xd9/0x210
[  865.650987][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.657259][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  865.662582][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  865.668628][    C0]  ? __netif_receive_skb_core+0x6670/0x6df0
[  865.674786][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  865.680805][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  865.686125][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  865.691452][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  865.697474][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  865.702824][    C0]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  865.709365][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  865.714686][    C0]  __msan_warning+0x1b/0x30
[  865.719355][    C0]  can_receive+0x12c/0x4a0
[  865.723975][    C0]  can_rcv+0x1ff/0x3b0
[  865.728215][    C0]  ? __pfx_can_rcv+0x10/0x10
[  865.732972][    C0]  __netif_receive_skb+0x477/0xac0
[  865.738313][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  865.743650][    C0]  process_backlog+0x485/0xa00
[  865.748637][    C0]  ? __pfx_process_backlog+0x10/0x10
[  865.754125][    C0]  __napi_poll+0xda/0x8a0
[  865.758894][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  865.764214][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  865.770274][    C0]  net_rx_action+0xa59/0x1ac0
[  865.775154][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  865.780500][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  865.786578][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  865.791876][    C0]  handle_softirqs+0x166/0x6e0
[  865.796832][    C0]  __do_softirq+0x14/0x1b
[  865.801357][    C0]  do_softirq+0x99/0x100
[  865.805753][    C0]  </IRQ>
[  865.808779][    C0]  <TASK>
[  865.811841][    C0]  __local_bh_enable_ip+0xa1/0xb0
[  865.817034][    C0]  netif_rx+0xdb/0x3f0
[  865.821332][    C0]  can_send+0x11a1/0x1390
[  865.825828][    C0]  raw_sendmsg+0x1796/0x1e90
[  865.830618][    C0]  ? __pfx_raw_sendmsg+0x10/0x10
[  865.835728][    C0]  ? __pfx_raw_sendmsg+0x10/0x10
[  865.841018][    C0]  __sock_sendmsg+0x330/0x3d0
[  865.845882][    C0]  ____sys_sendmsg+0x7e0/0xd80
[  865.850892][    C0]  ___sys_sendmsg+0x271/0x3b0
[  865.855798][    C0]  ? __rcu_read_unlock+0x6d/0xd0
[  865.860911][    C0]  ? __fget_files+0x3b4/0x4a0
[  865.865789][    C0]  ? __fget_files+0x3b9/0x4a0
[  865.870657][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  865.875944][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  865.881955][    C0]  __x64_sys_sendmsg+0x211/0x3e0
[  865.887112][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  865.892421][    C0]  x64_sys_call+0x1dfd/0x3e20
[  865.897312][    C0]  do_syscall_64+0xd9/0x210
[  865.901965][    C0]  ? irqentry_exit+0x16/0x60
[  865.906756][    C0]  ? clear_bhb_loop+0x40/0x90
[  865.911598][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.917639][    C0] RIP: 0033:0x7ff970d8eec9
[  865.922185][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  865.941946][    C0] RSP: 002b:00007ff971b85038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  865.950533][    C0] RAX: ffffffffffffffda RBX: 00007ff970fe6090 RCX: 00007ff970d8eec9
[  865.958647][    C0] RDX: 0000000020000000 RSI: 0000200000000440 RDI: 0000000000000003
[  865.966776][    C0] RBP: 00007ff970e11f91 R08: 0000000000000000 R09: 0000000000000000
[  865.974867][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  865.982967][    C0] R13: 00007ff970fe6128 R14: 00007ff970fe6090 R15: 00007ffc716420c8
[  865.991120][    C0]  </TASK>
[  865.994644][    C0] Kernel Offset: disabled
[  865.999040][    C0] Rebooting in 86400 seconds..