last executing test programs:

1m0.231028678s ago: executing program 2 (id=255):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)={0x2c, r2, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x90}, 0x20000000)

1m0.067571361s ago: executing program 2 (id=257):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)='\\', 0x1)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x4})
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)

59.290480053s ago: executing program 2 (id=263):
r0 = syz_io_uring_setup(0x88b, &(0x7f0000000280)={0x0, 0xaedf, 0x8, 0xfffffffd, 0x25d}, &(0x7f0000000140)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x68, 0x3, r3, 0x0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0, 0x40000020, 0x1, {0x2}})
io_uring_enter(r0, 0x52de, 0xf62e, 0x8, 0x0, 0x0)

58.253935058s ago: executing program 2 (id=271):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[], 0x1, 0x6276, &(0x7f0000003680)="$eJzs3c1vHGcdB/Df7JtfStOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFBQogjJ/6AHrhy4w8gUoIE6qmD1n4eZzxde+2k3ln7+XwkZ+Y3z4z3mXx3vLueGT8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMQPf/Dj81VEXP1VWnAy4nPRj+hFLI3rlYhYWjmZ1x9ExPOx2RzPRcRwIaLKjc9EvBYRH52IePDw7up40YV99uP7f/nnH37y1I/+8efh2f/99Xb/9d3Wu3Pnt//9273H318AAAAoUV3XdZU+5p9Kn+97XXcKAJiJ/PpfJ3m5eu7q9Tnrj1qtVquPYN1UT3avWUTEenOb8XsGp+MB4IhZj4+77gIdkn/RBhHxVNedAOZa1XUHOBQPHt5drVK+VfP1YGWrPV8LsiP/9Wr7/o7dptO0rzGZ1fNrI/rx7C79WZpRH+ZJzr/Xzv/qVvsorXfY+c/KbvmPtm59Kk7Ov9/Ov+X45N+bmH+pcv6DA+Xflz8AAAAAAMyx/Pv/kx2f/1148l3Zl73O/67MqA8AAAAAAAAA8Fl70vH/tlXG/wMAAIB5Nf6sPva7E4+WNa/1H8XO5VeqiKdb6wOFSTfLLHfdDwAAAAAAAAAAAAAoyWDrGt4rVcQwIp5eXq7revzV1K4P6km3P+pK338oWdc/5AEAYMtHJ1r38lcRixFxJf2tv+Hy8nJdLy4t18v10kJ+PztaWKyXGp9r83S8bGG0jzfEg1E9/maLje2apn1entbe/n7jxxrV/X10bDY6DBwAImLr1eiBV6Rjpq6fia7f5XA0OP6PH8c/+9H18xQAAAA4fHVd11X6c96n0jn/XtedAgBmIr/+t88LqNVqtVqtPn51Uz3ZvWYREevNbcbvGQzHDwBHzHp83HUX6JD8izaIiOe77gQw16quO8ChePDw7mqV8q2arwdpfPd8LciO/Nerze3y9pOm07SvMZnV82sj+vHsLv15bkZ9mCc5/147/6tb7aO03mHnPyu75T/ez5Md9KdrOf9+O/+W45N/b2L+pcr5Dw6Uf1/+AAAAAAAwx/Lv/0/O1fnf0ePuzlR7nf9dObRHBQAAAAAAAIDD9eDh3dV832s+//+FCeu5//N4yvlX8i9Szr/Xyv+rrfX6jfn7bz3K/z8P767+8fa/P5+n+81/Ic9U6ZlVpWdElR6pGqTpk+zdp20M+6PxIw2rXn+Qrvmph+/E9bgRa3Fux7q99P/xqP38jvZxT4eb7XV/q/3CjvbBdnve/uKO9mG60qleyu1nYjV+Hjfi7c32cdvClP1fnNJeT2nP+fcd/0XK+Q8aX+P8l1N71ZqO3f+w96njvjmd9DhvXv/ib84d/u5MtRH97X1rGu/fix30Z/P/5KlR/PLW2s0zd67dvn3zfKTJjqUXIk0+Yzn/Yfra/vn/0lZ7/rnfPF7vfzg6cP7zYiMGu+b/UmN+vL8vz7hvXcj5j9JXzv/t1D75+D9A/r0/zWxf9mOv4/+VDvoDAAAAAAAAAAAAAAAAe6nrevMW0Tcj4lK6/6erezMBgNnKr/91kpfPqu7P+PHU6iNeV3PWn5nWn9Tz1R+1+ijWTfVkbzSLiPh7c5vxe4ZfT/pmAMA8+yQi/tV1J+iM/AuW/97feHq6684AM3Xr/Q9+eu3GjbWbt7ruCQAAAAAAAADwuPL4nyuN8Z9P13V9r7XejvFf34qVJx3/dZBntgcY3WWg6v7B92kvG71Rv9cYbvyF2G387+H23F7jfw+mPN5wSvtoSvvClPbFKe0Tb/RoyPm/0Bjv/HREnGoNv/7Y47/Omb3Gf22PeV+CnP+LjefzOP+vtNZr5l///ijn39uR/9nb7/3i7K33P3j1+nvX3l17d+1nF8+fP3fx0qXLly+ffef6jbVzW/922OPDlfPPY1+7DrQsOf+cufzLkvP/UqrlX5ac/5dTLf+y5Pzz+z35lyXnnz/7yL8sOf+XUy3/suT8v5Zq+Zcl5/9KquVflpz/11Mt/7Lk/F9NtfzLkvM/k2r5lyXnfzbV+8x/6bD7xWzk/PMZLsd/WXL++coG+Zcl538h1fIvS87/YqrlX5ac/2upln9Zcv7fSLX8y5Lzv5Rq+Zcl5//NVMu/LDn/y6mWf1ly/t9KtfzLkvP/dqrlX5ac/+upln9Zcv7fSbX8y5Lz/26q5V+WnP/3Ui3/suT830i1/Mvy6O//mzFjxkye6fonEwAAAAAAAAAAAADQNovLibveRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCnt3FyPXWd4B/Mx+eeNAYiCkTmrCxjHGOJvs+iP+oHUx4bPhqySEQj+wXe/aLPgLr10CjWpHgRIJo6KKtuGiLSDU5qbCqrigFaBcoFaVKkF7QW8QFSoXURVQQKrUVsBWM+d9352ZnZ3Z9Y7XZ875/ST78c6cmfedM++c2WfX/zkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANLv7DbOfqmVZVqvV8gs2ZdmL6vWmiU2NS157Y+cHAAAArN3PG3+/cGu64PAKbtS0zT/d9e2vLiwsLGTvG/7T0c8tLKQrJrJsdEOWNa6Lrv7g/bXmbYIns/HaUNPXQz2GH+5x/UiP60d7XD/W4/oNPa4f73H9kh2wxE1ZLd3ZtsY/N+W7NLstG21ct63DrZ6sbRiq77t026zWuM3C6IlsLjuVzWbTLdvn29Ya23/97vpYb83iWENNY22pr5CfPH48zqEW9vG2lrEW7zP60euziZ/+5PHjf33h+Ts61Z67oeX+8nnu2Fqf5yfCJflca9mGtE/iPIea5rmlw3My3DLPWuN29X+3z/OFFc5zeHGa66r9OR/Phhr//k5jP43Usg77aUu47H/uybLs8uK027dZMlY2lG1suWRo8fkZz1dk/T7qS+ml2Uj3dbpQa1mnd69gndbrzLbWddr+mojP/93hdiPLzKH5afrRE2NNz/vPFq5lnUb1R73ca6V9Dfb7tVKUNRjXxXcaD/qpjmtwW3j8j29ffg12XDsd1mB63E1rcGuvNTg0NtyYc3oSao3bLK7BXS3bDzdGqjXqc9u7r8GpC6fPTc1/7OP3zZ0+dnL25OyZPbt2Te/Zt+/AgQNTJ+ZOzU7nf1/j3i6+jdlQeg1sDfsuvgZe3bZt81Jd+OLYkuPvtb4Ox7u8Dje1bdvv1+FI+4Orrc8Lcumazl8b76nv9PErQ9kyr7HG87Nz7a/D9LibXocjTa/Dju8pHV6HIyt4Hda3ObdzZd+zjDT96TSH5d8L1rYGNzWtwfbvR9rXYL+/HynKGhwP6+J7O5d/L9gS5vvU5Gq/HxlesgbTww3Hnvol6fv98QON0mld3lm/4uax7OL87Pn7Hzt24cL5XVko6+JlTWulfb1ubHpM2ZL1OrTq9Xp47q6n7uxw+aawr8bvq/81vuxzVd9m7/3dn6vGu1vn/dly6e4slD4L+3Nhwzrtz07v5vX9OZZln//WEw9/4/HPv2HZ/VnvNz8xtfbvxVNf2nT8HV3m+Bv7/l/k46W7enJ4dCR//Q6nvTPacjxufapGGseuWmPsF6ZWdjweDX/W+3h8W5fj8ea2bft9PB5tf3DxeFzr9dOOtWl/PsfDOjk13f14XN9m8+7VrsmRrsfje0Kthf3/mtAppL6oae0st27TWCMjo+FxjcQRWtfpnpbtR0NvVh/rmd3Xtk533JPf13B6dIvWa51OtG3b73Wafva13Dqt9frp27Vpfz7Hw7q4bU/3dVrf5tm9az923hT/2XTsHOu1BkeHx+pzHk2LsHG8zxZuimvw/ux4djY7lc00rh1rrKdaY6zJB1a2BsfCn/U+Vm7usgZ3tG3b7zWY3seWW3u1kaUPvg/an8/xsC6efqD7Gqxv88b9/f3edUe4JG3T9L1r+8/XlvuZ151tu+l6rZWRMM9v7e/+s9n6NqcOrLbP7L6f7g2X3NxhP7W/fpd7Tc1k67OfNod5Pn9g+f1Un099m88dXOF6Opxl2aWPPNj4eW/4/crfXfzuV1t+79LpdzqXPvLgj1984h9XM38ABt8v8rIxf69r+s3USn7/DwAAAAyE2PcPhZro/wEAAKA0Yt8f/1d4ov8HAACA0oh9/0ioSUX6/81vfH7uF5eylMxfCOL1aTc8lG8XM67T4euJhUX1yx/88ux//8OllY09lGXZzx76g47bb34ozis3EeZ59U2tly/x1ftWNPbRRy+lcZvz618I9x8fz0qXQacI7nSWZV+/9TONcSbef6VRn33oaKM+fPmpJ+vbvHAw/zre/rmX5dv/RQj/Hj5xrOX2z4X98MNQp9/WeX/E233lymu27H/v4njxdrWttzQe9tMfyO83fk7OZ5/Mt4/7ebn5f+PTz3ylvv1jr+o8/0tDnef/TLjfL4f6v6/It29+Dupfx9t9Msw/jhdvd/+Xvtlx/lc/lW9/7s35dkdDjePvCF9ve/Pzc83767HasZbHlb0l3y6OP/3dP25cH+8v3n/7/MePXGnZH+3r49l/y+9nqm37eHkcJ/r7tvHr99O8PuP4z/zR0Zb93Gv8qw8/94r6/baPf2/bduc+srMx/uL9tX5i019+8jMdx4vzOfy351oez+F3h9dxGP/pD4T1GK7/v6v5/bV/usLRd7cef+L2X9h0qeXxRG/9aT7+1dedbNQN4zdtvPlFL77l8ivr+y7LvrMhv79e45/8q7Mt8//i7fn+iNfHjH77+MuJ45//6OSZs/MX52bSXn381sZn57w9n0+c763h2Nr+9ZGzFz44e35iemI6yybK+xF61+xLof44L5e7b72w5Ai689HwfN7551/fuP1fPx0v//f35JdfeVv+vvXqsN1nw+WbwvO3uvGXevru2xuv79qzYYYLSz8veC22bPuvAyvaMDz+9u8L4no/9/IPNvZD/brG+0Z8Xa9x/t+fye/na2G/LoRPZt56++J4zdvHz0a48kj+el/z/guHufi8/k14vt/xw/z+47zi4/1++D7mm5tbj3dxfXzt0lD7/Tc+xeNyOJ5kl/Pr41Zxf1954faO04ufQ5JdvqPx9Z+k+7ljVQ9zOfMfm586NXfm4mNTF2bnL0zNf+zjR06fvXjmwpHGZ3ke+VCv2y8enzY2jk8zs/v2Zo2j1dm8XGc3ev7nHj0+s396+8zsiWMXT1x49Nzs+ZPH5+ePz87Mbz924sTsR3vdfm7m0K7dB/fs3z15cm7m0IGDB/ccnJw7c7Y+jXxSPeyb/vDkmfNHGjeZP7T34K4HHtg7PXn67Mzsof3T05MXe92+8d40Wb/170+enz117MLc6dnJ+bmPzx7adXDfvt09Pw3w9LkT8xNT5y+embo4P3t+Kn8sExcaF9ff+3rdnnKa/4/8+9l2tfyD+LJ33bsvfT5r3ZefWPau8k3aPkD0+fBZNP/8knMHVvJ17PtHQ00q0v8DAABAFcS+fyzURP8PAAAApRH7/g2hJvp/AAAAKI3Y94+HmlSk/y9d/n/zpRWNL/8v/9+8v+T/K5b/f6Ro+f/8eCH/3x9rzd/L/wfy//L/8v8Dk/9fCG9I8v8UUdHy/7HvvynLKtn/AwAAQBXEvn9jqIn+HwAAAEoj9v03h5ro/wEAAKA0Yt//olCTivT/8v/y//L/8v/y/53Hl/8fTPL/3cn/9yD/P5VVK/9/uZ/zd/5/+X+WKlr+P/b9Lw41qUj/DwAAAFUQ+/5bQk30/wAAAFAase+/NdRE/w8AAAClEfv+TaEmFen/5f/l/+X/5f/l/zuPL/8/mOT/u5P/70H+3/n/5f/l/+mrouX/Y9//klCTivT/AAAAUAWx739pqIn+HwAAAIpn5NpuFvv+l4WaLOn/r3EAAAAA4IaLff9tWVsQvCK//5f/l/8vfv5/Q7pO/l/+Pytk/n84k/8vDvn/7uT/e5D/l/+X/5f/p6+Klv9v9P3ZePbyUJOK9P8AAABQBbHvvz3URP8PAAAApRH7/l8KNdH/AwAAQGnEvn9zqElF+n/5f/n/G53/H22bu/P/L95O/j9X/Py/8/8Xifx/d/L/Pcj/y//L/8v/01dFy//Hvv+OUJOK9P8AAABQBbHvvzPURP8PAAAApRH7/l8ONdH/AwAAQGnEvn9LqElF+n/5/4Ln/2NytMT5/97n/5f/l/+X/5f/Xzn5/+7k/3uQ/5f/l/+X/6evipb/j33/K0JNKtL/AwAAQBXEvv+uUBP9PwAAAJRG7PtfGWqi/wcAAIDSiH3/RKhJRfp/+f+C5//zHPxYmc//L/8v/y//L//fT/L/3cn/9xAOcz/Kskz+X/5f/l/+n7UrWv4/9v13h5pUpP8HAACAKoh9/9ZQE/0/AAAAlEbs++8JNdH/AwAAQGnEvn9bqElF+n/5/4HI/2fy//L/8v/y//L/KyP/3538fw/O/y//L/8v/09fFS3/H/v+V4WaVKT/BwAAgCqIff/2UBP9PwAAAJRG7PtfHWqi/wcAAIDSiH3/jlCTivT/8v/y//L/8v/y/53Hl/8fTPL/3cn/9yD/L/8v/y//T18VLf8f+/7XhJpUpP8HAACAKoh9/85QE/0/AAAAlEbs++8NNdH/AwAAQGnEvn8y1KQi/b/8v/y//L/8v/x/5/Hl/weT/H938v89yP/L/8v/y//TV0XL/8e+/75Qk4r0/wAAAFAFse+/P9RE/w8AAAClEfv+qVAT/T8AAACURuz7p0NNKtL/y//L/8v/y/+vKv//ysX7lf/Pyf8Xi/x/d/L/Pcj/y//f8Pz/qPw/pVK0/H/s+3eFmqTGb+waHiUAAABQJLHv3x1qUpHf/wMAAEAVxL5/T6iJ/h8AAABKI/b9e0NNKtL/y//L/8v/y/87/3/n8eX/B5P8f3f9z//Hhyj/L/8v/+/8//L/LFW0/H/s+x8INalI/w8AAABVEPv+faEm+n8AAAAojdj37w810f8DAABAacS+/0CoSUX6f/l/+X/5f/l/+f/O48v/Dyb5/+6c/7+H4uX/X9d88/XM/9fHkv+X/5f/Z/Ue+cPmr4qW/499/8FQk4r0/wAAAFAFse9/baiJ/h8AAABKI/b9vxJq0r3/33B9ZwUAAAD0U+z7fzXUpCK//5f/l/+X/5f/l//vPL78/2CS/+9O/r+H4uX/Wzj/f7HnL/8v/89SRcv/x77/UKhJRfp/AAAAqILY9/9aqIn+HwAAAEoj9v2vCzXR/wMAAEBpxL7/cKhBpzh3Kcn/y/8PZv5/XP5f/r90+f+xeL/y/2si/9+d/H8P8v/y//L/8v/0VdHy/7Hvf32oid//AwAAQGnEvv/BUBP9PwAAAJRG7PvfEGqi/wcAAIDSiH3/G0NNKtL/y//L/w9m/t/5/zP5/9Ll/53/vz/k/7uT/+9B/l/+X/5f/p++Klr+P/b9bwo1qUj/DwAAAFUQ+/43h5ro/wEAAKA0Yt//llAT/T8AAACURuz73xpqUpH+X/5f/v9G5v9zl+X/5f8b5P/l//tB/r87+f8e5P/l/+X/5f/pq6Ll/2Pf/+uhJhXp/wEAAKAKYt//UKiJ/h8AAABKI/b9bws10f8DAABAacS+/+2hJhXp/+X/5f+d/1/+X/6/8/jy/4NJ/r+7Acv///yWcLn8f07+v9jzX23+f6Tt6+uS///Bcvn/hQ3tt5f/53ooWv4/9v3vCDWpSP8PAAAAVRD7/neGmuj/AQAAoDRi3/+uUJOm/r+v//EOAAAAWHex7/+NUJOK/P5f/r8+j8X0svy//H/jAvl/+X/5/4El/9/dgOX/nf+/jfx/sefv/P/y/yxVtPx/7PvfHWpSkf4fAAAAqiD2/Q+Hmuj/AQAAoDRi3/9IqIn+HwAAAEoj9v3vCTWpSP8v/+/8//L/8v/y/53Hl/8fTPL/3cn/9yD/L/9ftPz/f8r/M9iKlv+Pff+joSYV6f8BAACgCmLf/95QE/0/AAAAlEbs+38z1ET/DwAAAKUR+/73hZpUpP+X/x+U/P/EgOb/n5D/v475/7tuybeT/5f/Z5H8f3fy/z3I/8v/Fy3/7/z/DLii5f9j3//+UJOV9//jK94SAAAAuI5Glr0m9v2/FWpSkd//AwAAQBXEvv+3Q030/wAAAFAase//nVCTivT/8v+Dkv93/v9M/t/5/9sej/y//H8n65f/j0ce+X/5/2Ll/zet6gG3utH5+bW60fOvbv4/f2eU/6eTouX/Y9//u6EmFen/AQAAoApi3/+BUBP9PwAAAAyETv8nu13s+4+Emuj/AQAAoDRi33801KQi/b/8v/y//H9B8/9/tvVfvvftdx7dJf8v/y//vyrrev7/+ovf+f/l/wuW/1+LG52fX6/515Y5NZj8v/P/039Fy//Hvv9YqElF+n8AAACogtj3/16oif4fAAAASiP2/cdDTfT/AAAAUBqx758JNalI/y//L/8v/1/Q/P8An/8/7g/5/1Z9y//Hg678f0frmv9/72JOXP5/tfn/sY6Xyv/L/w/y/OX/5f9Zqmj5/9j3z4aaVKT/BwAAgCoIff/QibwuXqH/BwAAgNKIff/JUBP9PwAAAJRG7Ps/GGpSkf5f/l/+X/5f/t/5/zuP3y3/Xxtx/v+ikv/vrjj5/87k/+X/B3n+8v/y/yxVtPx/7PvnQk0q0v8DAABAFcS+/0OhJvp/AAAAKI3Y93841ET/DwAAAKUR+/5ToSYV6f/l/+X/5f/l/+X/O49f2PP/y/93Jf/fnfx/D/L/8v/y//L//8/enXxZWtd3HL8FDV19yCK7LLLJOVnmT2AR1sk+WWSTRXJOTs4JRFFxpnEeUVScFcVZwQEEERXnCZxQnEFFxXnECVFPe6j6fr9dw1P3VlXf6vs8v9/rteCbrlB9r31a6E9Xv31YqrH1/7n7/y9u6WT/AwAAQA9y918ct9j/AAAA0Izc/ZfELfY/AAAANCN3///HLZ3sf/2//r/Z/v+f9f97vb7+X//fMv3/fPr/BfT/+n/9v/6fpRpb/5+7/2FxSyf7HwAAAHqQu//hcYv9DwAAAM3I3X9p3GL/AwAAQDNy9z8ibulk/+/o/9dmffb/mfHq/1vq/z3/f8/X1/+fQf9/rv5/7M5u/3/FQ//k0//r//X/Qf+/r/7/+F6fr/+nRWPr/3P3PzJu6WT/AwAAQA9y9z8qbrH/AQAAoBm5+y+LW+x/AAAAaEbu/kfHLZ3s/+U9///Exscn2v8X/b/+f+MD+n/9/179/7HT39b/j5Pn/8/XU/9/6V0XXHz/zX9/y0FeX/+v//f8f/0/yzW2/j93/2Pilk72PwAAAPQgd/9j4xb7HwAAAJqRu/9xcYv9DwAAAM3I3f/4uKWT/b+8/n/Sz/8v+n/9/8YH9P/6/736/3/z/P+x0//P11P/f5jX1//r//X/+n+Wa9X9f37H+e3c/U+IWzrZ/wAAANCD3P1PjFvsfwAAAGhG7v7L4xb7HwAAAJqRu/9k3NLJ/tf/H33//xf9v/4/rv5f/6//P3r6//n0/wvo//X/+n/9P0u16v5/57dz918Rt3Sy/wEAAKAHufufFLfY/wAAANCM3P1PjlvsfwAAAGhG7v6nxC2d7H/9v+f/6//1//r/4dfX/0+T/n8+/f8C+v8z7efP0/9PsP+PX0jp/zkKB+z/H5zzj+2l9P+5+58at3Sy/wEAAKAHufufFrfY/wAAANCM3P1Pj1vsfwAAAGhG7v5nxC2d7H/9v/5f/6//P3T/v/un3gb9/zD9/9mh/59vNP3/2rHBD+v/J9//e/7/FPv/oP/nKIzt+f+5+58Zt3Sy/wEAAKAHufufFbfM2f8H/s18AAAAYKVy9z87bvH1fwAAAJi8rM5y9z8nbulk/+v/9f/6f/2/5/8Pv/68/v+WLe9P/z8u+v/5RtP/70H/r/+f8vvX/+v/2W1s/X/u/ufGLZ3sfwAAAOhB7v4r4xb7HwAAAJqRu/95cYv9DwAAAM3I3f/8uKWT/T/c/5/+/+v/90f/v/396/+Hf34sq//P71H/P7f/v8jz//uk/5/v7Pf/x/X/279//f8RWvX7b7z/P7Ho8/X/DBlb/5+7/6q4pZP9DwAAAD3I3f+CuMX+BwAAgGbk7n9h3GL/AwAAQDNy978obulk/6/4+f9XnL/X+9L/b9D/6/89/3+cz/+fnfX+/5j+f5/0//N5/v8C+n/9v/7f8/9ZqrH1/7n7r45bOtn/AAAA0IOrH5ht7P4Xz2b2PwAAAEzR1j87sPMPlIbc/S+JW+x/AAAAaEbu/pfGLZ3s/xX3/0f1/P/zFr22/l//v/XHS/+v/x96/XH1/57/v1/6//n0/wvo/4+inz/WWP9/zV6fP4b+/3L9PyOzrf+/7fTHV9X/5+5/WdzSyf4HAACAHuTuf3ncYv8DAABAM3L3vyJusf8BAACgGbn7Xxm3dLL/j7z/P7H3ax9h/7+Q/l//v/XHS/+v/x96ff3/NOn/59P/L6D/9/x/z//X/7NU2/r/LVbV/+fuf1Xc0sn+BwAAgB7k7n913GL/AwAAQDNy918Tt9j/AAAA0Izc/a+JWzrZ/40+/38h/b/+f+uPl/5f/z/0+vr/adL/z6f/X0D/r//X/y/u/3f+izro/xkytv4/d/9r45ZO9j8AAAD0IHf/tXGL/Q8AAADNyN3/urjF/gcAAIBm5O5/fdzSyf7X/x9t/58f1//r/2cH6f/jE/T/m/T/+v+DmFr/v/O/P4fu19eG/k202x79/x3/c/Jft39E/6//1//r/z3/nyUYRf9/6vSvLnP3vyFu6WT/AwAAQA9y978xbrH/AQAAoBm5+98Ut9j/AAAA0Izc/W+OWw64//92qe/q7NH/e/6//n+E/X/Q/2/S/+v/D2Jq/f9Onv+v/9f/T/f96//1/+w2iv5/y7dz978lbvH1fwAAAGhG7v63xi32PwAAADQjd//b4hb7HwAAAJqRu/+6uKWT/a//1//r//X/+v/h1z9s/78+G6b/Pzv0//Pp/xfQ/+v/9f/6f5ZqbP1/7v7r45ZO9j8AAAD0IHf/2+MW+x8AAACakbv/HXGL/Q8AAABTkunYoNz974xbOtn/+n/9v/5f/6//H359z/+fpon2//WPwan2/+dOqf+/Yc4bGOr/Tx3X/+v/9f/6fw5pbP1/7v53xS2d7H8AAADoQe7+G+IW+x8AAACakbv/xrjF/gcAAIBm5O5/d9zSyf7X/+v/9f/6f/3/8Ovr/6dpov1/mWr/7/n/+v+Z/l//r/9nwNj6/9z9N8Utnex/AAAA6EHu/pvjFvsfAAAAmpG7/z1xi/0PAAAAzcjdf0vc0sn+1//r//X/+n/9//Dr6/+n6ej6/9nq+v/7zjnod7Mn/f8C+n/9v/5f/89Sja3/z93/3rilk/0PAAAAPcjdf2vcYv8DAABAM3L3vy9usf8BAACgGbn73x+3dLL/9f/6/2n2/1etD71//b/+f6b/757n/8+n/19A/6//1//r/1mqsfX/ufs/ELd0sv8BAACgB7n7b4tb7H8AAABoRu7+D8Yt9j8AAAA0I3f/h+KWTva//l//v73/n82m0f97/v9M/99C/78+0/8vnf5/vv31/xfp//X/bfX/58wa6v9P7Pn5+n/GaGz9f+7+D8ctnex/AAAA6EHu/o/ELfY/AAAANGDzz87k7v9o3GL/AwAAwJgdO8jfnLv/Y3FLJ/t/+v3/8R2fqP+fzWZ3X9b88//1/zP9fwv9f/2o6v+XR/8/n+f/L6D/b7P/9/x//T8rM7b+P3f/x+OWTvY/AAAA9CB3/yfiFvsfAAAAmpG7/5Nxi/0PAAAAzcjd/6m4pZP9P/3+f+cn6v9nZ/T8f/3/xgf0//p//f9k6f/n0/8voP9f2M+v7fHrnpn+X/+v/2fA2Pr/3P2fjls62f8AAADQg9z9t8ct9j8AAAA0I3f/HXGL/Q8AAADNyN3/mbilk/2v/9f/6/+n2f+v6//1//r/QWPp/y+88F/u1P/r/1vs/+fR/+v/9f/sNLb+P3f/Z+OWTvY/AAAA9CB3/+fiFvsfAAAAmpG7//Nxi/0PAAAAzcjd/4W4pZP9v7v/P2+2WahuGur/o1HT/2+h/9/+/vX/wz8/PP9f/6//P3pj6f89//9w71//r/+f8vs/UP//D7s/X/9Pi8bW/+fuvzNu6WT/AwAAQA9y938xbrH/AQAAoBm5+78Ut9j/AAAA0Izc/XfFLZ3sf8//1//r//X/+v/h19f/T5P+fz79/wL6f/2/5/9f8l/n6v9ZnrH1/7n7vxy3bAy/f/ybQ/7HBAAAAEYkd/9X4pZOvv4PAAAAPcjd/9W4xf4HAACAZuTu/1rc0sn+1//r//X/+n/9//Dr6/+nSf8/n/5/gX76//WhD666nz9Tq37/zfT/nv/PEo2t/8/d//W4pZP9DwAAAD3I3f+NuMX+BwAAgGbk7v9m3GL/AwAAQDNy998dt3Sy//X/+v/2+///1P/veH39v/6/Zfr//Df6MP3/Av30/4NW3c9P/f3r//X/7Da2/j93/z1xSyf7HwAAAHqQu/9bcYv9DwAAAM3I3f/tuMX+BwAAgGbk7v9O3NLJ/tf/99X/r8167P89/1//r//vyXT6/2uPDX3U8//1//r/6b5//b/+n93G1v/n7r937ViX+x8AAACm6t//6X/v2e/fe+/GX9dn341b7H8AAABoRu7+78Ut9j8AAAA0I3f/9+OWTva//r+v/r/P5//r//X/+v+eTKf/H6b/1//r/6f7/vX/+n92G1v/n7v/vrhly/Ab/B/oAQAAACYjd/8P4pZOvv4PAAAAPcjd/8O4Zdf+P7XPP9UOAAAAjE3u/h/FLZ18/V//P/L+f3ZE/X/8ffr/Tfp//f/Q6+v/p6m1/v/4bFT9/6k1/b/+fw79v/5f/89OY+v/c/ffetOsy/0PAAAAjdr2Owo/3vjr+uwncYv9DwAAAM3I3f/TuMX+BwAAgGbk7v9Z3NLJ/tf/j7z/P9Tz/0/U/+X5/533/1euD76+/l//37LW+n/P/9/8uP5/k/5/3O9f/6//Z7cD9P8bg/So+//c/T+PWzrZ/wAAANCD3P2/iFvsfwAAAGhG7v5fxi32PwAAADQjd/+v4pZO9r/+fwX9/1XHZ7Mj7f/38fx//X8f/f8er99O//93F5y8/T/++8br9f+cdjb7//y5oP/X/6+g/78ufv7p/0f0/vX/+n92G9vz/3P3/zpu6WT/AwAAQA9y998ft9j/AAAA0Izc/b+JW+x/AAAAaEbu/t/GLZ3sf/1/i8//n2b/nz/WK+j/T06v/8+muPf+3/P/9f+7ef7/fPr/BabT/2982/P/x/X+9f/6f3YbW/+fu/93cUsn+x8AAAB6kLv/93FL7v+1A//WPQAAADAyufv/ELf4+j8AAAA0I3f/A3FLJ/tf/6//H0v/nzz///Tnef7/Jv2//v8g9P/z6f8X0P/r//X/+n+Wamz9f+7+P8Ytnex/AAAA6EHu/gfjFvsfAAAAmpG7/09xi/0PAAAAzcjd/+e4pZP9r//X/+v/9f/6/+HX1/9Pk/5/Pv3/Q87f+w3o//X/+n/9P0s1tv4/d/9fAwAA//+9M2Fu")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r0, 0xfffffffffffffffe, 0x29)

57.011081607s ago: executing program 2 (id=283):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x9, 0x8, 0x40, 0x42, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000000000), 0x86, r0}, 0x38)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r0, &(0x7f0000000580), &(0x7f0000000540)=""/96}, 0x20)

56.251453009s ago: executing program 2 (id=292):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80, 0xfd}, 'port1\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1000001})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f0000000680)={0x800100, 0xffffffff, 0x2, 0x1, 0x8, 0x5})
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/107, 0x6b)

55.860554434s ago: executing program 32 (id=292):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80, 0xfd}, 'port1\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1000001})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f0000000680)={0x800100, 0xffffffff, 0x2, 0x1, 0x8, 0x5})
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/107, 0x6b)

3.001340235s ago: executing program 1 (id=758):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xf}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r0)
sendmsg$IEEE802154_LIST_PHY(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)={0x14, r2, 0x30b}, 0x14}, 0x1, 0x0, 0x0, 0x14}, 0x20000004)

2.866638587s ago: executing program 1 (id=760):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

2.832034978s ago: executing program 0 (id=761):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000018c0), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000740)={'wpan0\x00', <r3=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x28, r1, 0x1, 0x70bd25, 0x25dfdbff, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000850}, 0x4000050)

2.627555391s ago: executing program 0 (id=763):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x30, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[@ANYBLOB="24000000190001000000000000c3b2000a0000000003c8000000000008000600ffffffff"], 0x24}, 0x1, 0x0, 0x0, 0x40080}, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$rfkill(r0, &(0x7f0000000040), 0x8)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)

2.555981122s ago: executing program 0 (id=765):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000000)=0x2)

2.335547465s ago: executing program 0 (id=766):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000040)='./bus\x00', 0x18, &(0x7f0000000300)={[{@space_cache_v1}, {@nossd_spread}, {@ref_verify}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@clear_cache}, {@noacl}, {@nodatacow}, {@barrier}, {@ref_verify}]}, 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000008c0)='.\x00', 0x40000, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r0, 0x50009417, &(0x7f0000002480)={{r0}, 0x0, 0x0, @unused, @subvolid=0x3})

1.781750613s ago: executing program 4 (id=770):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/mcfilter\x00')
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000000080)=""/57, 0x39}], 0x1, 0x5, 0x0)

1.742204334s ago: executing program 1 (id=771):
r0 = syz_mount_image$btrfs(&(0x7f00000004c0), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000000180)={[{@clear_cache}, {@user_subvol_rm}, {@nodiscard}, {@noautodefrag}, {@autodefrag}, {@autodefrag}, {@max_inline={'max_inline', 0x3d, [0x7, 0x32, 0x38, 0x2d, 0x32, 0x36, 0x78, 0x2d, 0x2d, 0x37]}}, {@space_cache}]}, 0x0, 0x559e, &(0x7f00000103c0)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0xdd52d6c}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000100)={0x0, 0x9, [0x6, 0x6, 0x69f, 0x1, 0x1, 0x800]})

1.292944811s ago: executing program 4 (id=774):
r0 = syz_io_uring_setup(0x45b4, &(0x7f00000035c0)={0x0, 0x702f, 0x10100, 0x200000}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000300)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x88, 0x0, 0x200, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x6, 0x57}}}}, [@NL80211_ATTR_FRAME={0x60, 0x33, @action_no_ack={{{0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, {0xfb}, @device_b, @device_b, @from_mac=@device_b, {0x3, 0x81}, @value=@ver_80211n={0x0, 0xf, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, @mesh_hwmp_psel={0xd, 0x1, {@val={0x82, 0x25, {{0x1, 0x0, 0x1}, 0x0, 0x0, 0x4, @broadcast, 0x10000, @void, 0xfff, 0xfffffff7, 0x1, [{{}, @device_b, 0x9}]}}, @void, @void, @val={0x7e, 0x15, {{0x0, 0x7d}, 0xda, 0x7, @device_b, 0x5, 0x0, 0x40}}}}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x40)
io_uring_enter(r0, 0x3486, 0x0, 0x0, 0x0, 0x0)

1.210780752s ago: executing program 3 (id=775):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000080)={0x2c, r2, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x25, 0x4}, @NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2400c891}, 0x0)

1.055686814s ago: executing program 4 (id=776):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000ac0), 0x1, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000600)={0x223e3, 0x0, 0xd, 0x2})
mknodat$null(r0, &(0x7f0000000000)='./bus\x00', 0x20, 0x103)

1.050743645s ago: executing program 3 (id=777):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="0001"])

857.111397ms ago: executing program 4 (id=778):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000180)={0x9, 0x7})

806.354098ms ago: executing program 0 (id=779):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r1, 0x5607, 0x4)

673.78616ms ago: executing program 1 (id=780):
r0 = open(&(0x7f0000000380)='./bus\x00', 0x40, 0x0)
r1 = creat(&(0x7f0000000200)='./bus\x00', 0x84)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000240)=ANY=[@ANYBLOB='+\x00\x00\x00', @ANYRES32=r0], 0x2b)
sendfile(r2, r0, 0x0, 0x4000000053d2)

586.561812ms ago: executing program 3 (id=781):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)
write$vhost_msg_v2(r0, &(0x7f0000000640)={0x2, 0x0, {&(0x7f0000010140)=""/248, 0xf8, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000001f00)={0x2, 0x0, {&(0x7f0000000180)=""/114, 0x72, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f00000003c0)={0x2, 0x0, {&(0x7f00000002c0)=""/119, 0xfca2, 0x0, 0x0, 0x3}}, 0x48)

506.019543ms ago: executing program 4 (id=782):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000240), 0x4000000044402, 0x0)
io_setup(0x5, &(0x7f00000000c0)=<r1=>0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r2, 0x0)
io_submit(r1, 0x2, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x6417, r0, &(0x7f0000000000)="ab", 0x1, 0x6ed}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x5, 0x3eb, r0, 0x0, 0x1f}])

384.746625ms ago: executing program 3 (id=783):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000002e80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000380)='mm_khugepaged_scan_pmd\x00', r1}, 0x18)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)

230.727647ms ago: executing program 4 (id=784):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r3, 0x0, r1, 0x0, 0xf3a, 0x0)
ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000008780))
write$binfmt_elf64(r2, &(0x7f0000003380)=ANY=[], 0x18c6)

230.044077ms ago: executing program 1 (id=785):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4a}, [@exit, @generic={0x8, 0x5, 0x7, 0xa, 0xffffffff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}]}, 0x0, 0x5, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x6, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x5, 0x8, 0xb5, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300), 0x10, 0x3}, 0x94)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="f800000016008502000000000000000020010000000000000000000000000002a600000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032"], 0xf8}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[], 0x134}}, 0x0)

175.526178ms ago: executing program 3 (id=786):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000140)=ANY=[@ANYBLOB="180800001bc81a000000000000000001851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000101180000000000000000000000000000009500000000000000360a000000000000180000002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000021000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
sendmsg$inet(r1, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380), 0xff7a}], 0x1, &(0x7f0000007880)=[@ip_tos_u8={{0x11, 0x34000}}, @ip_pktinfo={{0x1c, 0xfd000f00, 0x8, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x28f0700, 0x8, {0x0, @empty=0xa0050000}}}, @ip_retopts={{0x24, 0x0, 0x7, {[@ra={0x94, 0x4}, @timestamp={0x44, 0x10, 0x88, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}}, @ip_tos_u8={{0x11}}], 0x98}, 0x0)

175.329488ms ago: executing program 0 (id=787):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e20, @rand_addr=0x64010101}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000040)={0x400, 0x1, 0x7, 0x4, r2}, &(0x7f0000000080)=0x10)

116.168259ms ago: executing program 1 (id=788):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000500)=0x7)

0s ago: executing program 3 (id=789):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000207d1e5a2d00000000000109022400010000000009040000010300000009210000000122080009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="002208000000a20100c3"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000a00), 0x0, 0x40c00)
readv(r1, &(0x7f0000000280)=[{&(0x7f0000000a40)=""/191, 0xbf}], 0x1)

kernel console output (not intermixed with test programs):

lan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.749027][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.759824][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.778601][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.800394][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.822005][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.837609][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.859946][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.903196][ T5770] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.915769][ T5770] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.924961][ T5770] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.937195][ T5770] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.187965][ T4266] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.222453][ T4266] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.245509][ T5868] Illegal XDP return value 4294967274 on prog  (id 4) dev syz_tun, expect packet loss!
[   73.273723][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.300145][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.351382][ T4266] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.365684][ T4266] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.392201][ T1114] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.403364][ T1114] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.672354][ T5877] syz.0.1: attempt to access beyond end of device
[   73.672354][ T5877] nbd0: rw=0, sector=64, nr_sectors = 1 limit=0
[   73.695298][ T5781] Bluetooth: hci2: command tx timeout
[   73.701389][ T5877] syz.0.1: attempt to access beyond end of device
[   73.701389][ T5877] nbd0: rw=0, sector=256, nr_sectors = 1 limit=0
[   73.765348][ T5877] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[   73.802014][ T5877] syz.0.1: attempt to access beyond end of device
[   73.802014][ T5877] nbd0: rw=0, sector=512, nr_sectors = 1 limit=0
[   73.834609][ T5781] Bluetooth: hci1: command tx timeout
[   73.836327][ T5087] Bluetooth: hci3: command tx timeout
[   73.840868][ T5779] Bluetooth: hci0: command tx timeout
[   73.884219][ T5877] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[   73.966437][ T5877] syz.0.1: attempt to access beyond end of device
[   73.966437][ T5877] nbd0: rw=0, sector=64, nr_sectors = 2 limit=0
[   73.982124][ T5877] syz.0.1: attempt to access beyond end of device
[   73.982124][ T5877] nbd0: rw=0, sector=512, nr_sectors = 2 limit=0
[   74.002463][ T5877] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[   74.012866][ T5877] syz.0.1: attempt to access beyond end of device
[   74.012866][ T5877] nbd0: rw=0, sector=1024, nr_sectors = 2 limit=0
[   74.047803][ T5877] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[   74.071036][ T5877] syz.0.1: attempt to access beyond end of device
[   74.071036][ T5877] nbd0: rw=0, sector=64, nr_sectors = 4 limit=0
[   74.099720][ T5877] syz.0.1: attempt to access beyond end of device
[   74.099720][ T5877] nbd0: rw=0, sector=1024, nr_sectors = 4 limit=0
[   74.113271][ T5877] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[   74.146175][ T5877] syz.0.1: attempt to access beyond end of device
[   74.146175][ T5877] nbd0: rw=0, sector=2048, nr_sectors = 4 limit=0
[   74.178346][ T5877] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[   74.222508][ T5877] syz.0.1: attempt to access beyond end of device
[   74.222508][ T5877] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[   74.258726][ T5877] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[   74.258886][ T5877] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[   74.258902][ T5877] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1)
[   74.526082][ T5901] netlink: 48 bytes leftover after parsing attributes in process `syz.1.17'.
[   74.583248][ T5905] syz.0.19 uses obsolete (PF_INET,SOCK_PACKET)
[   75.072480][ T5919] capability: warning: `syz.0.25' uses 32-bit capabilities (legacy support in use)
[   75.096728][ T5919] program syz.0.25 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   75.262876][ T5925] program syz.3.27 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   75.654346][   T28] audit: type=1326 audit(1751387486.138:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.1.33" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc55638e929 code=0x0
[   75.711845][ T5941] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   75.757314][ T5779] Bluetooth: hci2: command tx timeout
[   75.915637][ T5779] Bluetooth: hci3: command tx timeout
[   75.921835][ T5781] Bluetooth: hci0: command tx timeout
[   75.922835][ T5087] Bluetooth: hci1: command tx timeout
[   76.702075][ T5971] batadv_slave_1: entered allmulticast mode
[   76.727933][ T5970] batadv_slave_1: left allmulticast mode
[   76.824505][   T55] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   77.028556][   T55] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   77.061271][   T55] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   77.076502][   T55] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   77.092965][   T55] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.101924][   T55] usb 2-1: Product: syz
[   77.106573][   T55] usb 2-1: Manufacturer: syz
[   77.111265][   T55] usb 2-1: SerialNumber: syz
[   77.507993][ T5989] netlink: 4 bytes leftover after parsing attributes in process `syz.2.57'.
[   77.621532][ T5991] mmap: syz.2.58 (5991) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   77.704277][ T5834] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[   77.717707][  T788] cfg80211: failed to load regulatory.db
[   77.781451][ T5995] syz.0.60[5995]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   77.897552][ T5834] usb 4-1: unable to get BOS descriptor or descriptor too short
[   77.906372][ T5834] usb 4-1: not running at top speed; connect to a high speed hub
[   77.917767][ T5834] usb 4-1: config 1 interface 0 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[   77.929003][ T5834] usb 4-1: config 1 interface 0 has no altsetting 0
[   77.940632][ T5834] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   77.950389][ T5834] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.959006][ T5834] usb 4-1: Product: syz
[   77.963494][ T5834] usb 4-1: Manufacturer: syz
[   77.969994][ T5834] usb 4-1: SerialNumber: syz
[   77.979095][ T5986] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[   77.984335][ T5864] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   78.132289][ T5995] loop0: detected capacity change from 0 to 40427
[   78.150589][ T5995] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   78.160243][ T5995] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   78.183257][ T5995] F2FS-fs (loop0): invalid crc value
[   78.195685][   T55] cdc_ncm 2-1:1.0: bind() failure
[   78.196357][ T5864] usb 3-1: unable to get BOS descriptor or descriptor too short
[   78.217112][ T5995] F2FS-fs (loop0): Found nat_bits in checkpoint
[   78.229405][ T5864] usb 3-1: config 1 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 192, changing to 11
[   78.230386][ T5834] usb 4-1: bad CDC descriptors
[   78.257516][   T55] cdc_ncm: probe of 2-1:1.1 failed with error -71
[   78.263491][ T5864] usb 3-1: config 1 interface 0 altsetting 9 endpoint 0x2 has an invalid bInterval 250, changing to 11
[   78.277909][   T55] cdc_mbim: probe of 2-1:1.1 failed with error -71
[   78.308660][ T5864] usb 3-1: config 1 interface 0 has no altsetting 0
[   78.310078][   T55] usbtest: probe of 2-1:1.1 failed with error -71
[   78.330918][ T5864] usb 3-1: New USB device found, idVendor=1b96, idProduct=000b, bcdDevice= 0.40
[   78.342371][ T5834] usb 4-1: USB disconnect, device number 2
[   78.359166][ T5864] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.383983][   T55] usb 2-1: USB disconnect, device number 2
[   78.392259][ T5864] usb 3-1: Product: syz
[   78.419088][ T5864] usb 3-1: Manufacturer: syz
[   78.433247][ T5864] usb 3-1: SerialNumber: syz
[   78.492522][ T5995] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   78.504488][ T5995] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   78.592164][   T28] audit: type=1800 audit(1751387489.078:3): pid=5995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.60" name="file1" dev="loop0" ino=10 res=0 errno=0
[   78.691642][ T5864] usbhid 3-1:1.0: can't add hid device: -22
[   78.699516][ T5864] usbhid: probe of 3-1:1.0 failed with error -22
[   78.717124][ T5864] usb 3-1: USB disconnect, device number 2
[   78.762074][   T48] bio_check_eod: 2 callbacks suppressed
[   78.762086][   T48] kworker/u4:3: attempt to access beyond end of device
[   78.762086][   T48] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427
[   79.324947][ T5864] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[   79.328417][ T6004] loop1: detected capacity change from 0 to 32768
[   79.366965][ T6004] (syz.1.62,6004,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   79.456108][ T6004] (syz.1.62,6004,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   79.527848][ T6004] JBD2: Ignoring recovery information on journal
[   79.535858][ T5864] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   79.561753][ T5864] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[   79.587622][ T5864] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   79.615183][ T5864] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   79.623222][ T5864] usb 4-1: Product: syz
[   79.629669][ T5864] usb 4-1: Manufacturer: syz
[   79.634375][ T5864] usb 4-1: SerialNumber: syz
[   79.675981][ T6004] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   79.868425][ T5864] usb 4-1: 0:2 : does not exist
[   79.887289][ T5864] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[   79.944376][ T5864] usb 4-1: USB disconnect, device number 3
[   80.114706][  T788] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   80.211731][ T5771] ocfs2: Unmounting device (7,1) on (node local)
[   80.314338][  T788] usb 1-1: Using ep0 maxpacket: 16
[   80.322376][  T788] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   80.342973][  T788] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[   80.365018][  T788] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   80.383609][  T788] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.400173][  T788] usb 1-1: Product: syz
[   80.414173][  T788] usb 1-1: Manufacturer: syz
[   80.419017][  T788] usb 1-1: SerialNumber: syz
[   80.617876][ T6027] loop2: detected capacity change from 0 to 32768
[   80.626939][ T6027] =======================================================
[   80.626939][ T6027] WARNING: The mand mount option has been deprecated and
[   80.626939][ T6027]          and is ignored by this kernel. Remove the mand
[   80.626939][ T6027]          option from the mount to silence this warning.
[   80.626939][ T6027] =======================================================
[   80.683452][  T788] usb 1-1: 0:2 : does not exist
[   80.731531][  T788] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[   80.755310][ T6027] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   80.823136][  T788] usb 1-1: USB disconnect, device number 2
[   80.905137][ T6000] udevd[6000]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   80.964909][ T6039] trusted_key: encrypted_key: keyword 'upw' not recognized
[   81.012954][ T5768] ocfs2: Unmounting device (7,2) on (node local)
[   81.703085][ T6067] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   81.925477][  T788] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   82.184433][  T788] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   82.257184][  T788] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   82.339374][  T788] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   82.402434][  T788] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   82.483235][  T788] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   82.520287][  T788] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   82.577869][  T788] usb 2-1: Manufacturer: syz
[   82.590020][  T788] usb 2-1: config 0 descriptor??
[   82.966546][ T6133] loop3: detected capacity change from 0 to 512
[   82.996557][ T6133] EXT4-fs: Ignoring removed i_version option
[   83.030861][  T788] appleir 0003:05AC:8243.0001: unknown main item tag 0x0
[   83.047608][  T788] appleir 0003:05AC:8243.0001: No inputs registered, leaving
[   83.089790][  T788] appleir 0003:05AC:8243.0001: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[   83.105960][ T6133] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.137209][ T6133] ext4 filesystem being mounted at /27/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.172455][   T28] audit: type=1800 audit(1751387493.658:4): pid=6133 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.95" name="file1" dev="loop3" ino=15 res=0 errno=0
[   83.227505][   T28] audit: type=1800 audit(1751387493.688:5): pid=6133 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.95" name="file2" dev="loop3" ino=16 res=0 errno=0
[   83.258939][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.443403][   T55] usb 2-1: USB disconnect, device number 3
[   83.643913][ T6150] loop3: detected capacity change from 0 to 4096
[   83.666927][ T6150] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[   83.938388][ T6150] syz.3.100 (6150) used greatest stack depth: 19952 bytes left
[   83.998586][ T6158] input: syz1 as /devices/virtual/input/input5
[   84.571538][ T6154] loop2: detected capacity change from 0 to 32768
[   84.699358][   T28] audit: type=1800 audit(1751387495.178:6): pid=6154 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.102" name="file1" dev="loop2" ino=4 res=0 errno=0
[   85.106000][ T6186] netlink: 'syz.0.115': attribute type 13 has an invalid length.
[   85.147995][ T6186] netlink: 24859 bytes leftover after parsing attributes in process `syz.0.115'.
[   85.363530][ T6190] loop0: detected capacity change from 0 to 256
[   85.566363][ T6195] loop2: detected capacity change from 0 to 128
[   85.635858][ T6195] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   85.710463][ T6195] ext4 filesystem being mounted at /33/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   85.894304][ T6178] loop1: detected capacity change from 0 to 40427
[   85.933851][ T6178] F2FS-fs (loop1): build fault injection attr: rate: 691, type: 0x7ffff
[   85.944498][ T6205] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   85.965488][ T6178] F2FS-fs (loop1): Image doesn't support compression
[   85.983958][ T5768] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   86.000536][ T6178] F2FS-fs (loop1): invalid crc value
[   86.063772][ T6178] F2FS-fs (loop1): Found nat_bits in checkpoint
[   86.304949][ T6178] F2FS-fs (loop1): Start checkpoint disabled!
[   86.325208][ T6178] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   86.471641][ T6178] syz.1.113: attempt to access beyond end of device
[   86.471641][ T6178] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   86.551374][ T6178] F2FS-fs (loop1): inject checkpoint error in f2fs_balance_fs of f2fs_insert_range+0x182/0x3b0
[   86.565563][ T6178] F2FS-fs (loop1): Stopped filesystem due to reason: 1
[   86.820008][ T6230] loop3: detected capacity change from 0 to 2048
[   86.869967][ T6230] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[   86.900868][ T6230] UDF-fs: Scanning with blocksize 512 failed
[   86.975125][ T6230] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   87.348798][ T6235] loop3: detected capacity change from 0 to 2048
[   87.439528][ T6239] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   87.643761][ T6241] NILFS (loop3): error -2 truncating bmap (ino=16)
[   87.713159][ T6235] syz.3.136 (6235) used greatest stack depth: 19920 bytes left
[   88.030434][ T6251] loop0: detected capacity change from 0 to 16
[   88.062664][ T6251] erofs: (device loop0): mounted with root inode @ nid 36.
[   88.178764][ T6251] erofs: (device loop0): z_erofs_readahead: readahead error at folio 40 @ nid 36
[   88.225278][ T6251] erofs: (device loop0): z_erofs_readahead: readahead error at folio 36 @ nid 36
[   88.256863][ T6251] erofs: (device loop0): z_erofs_readahead: readahead error at folio 32 @ nid 36
[   88.296294][ T6251] erofs: (device loop0): z_erofs_readahead: readahead error at folio 24 @ nid 36
[   88.332816][ T6251] erofs: (device loop0): z_erofs_readahead: readahead error at folio 19 @ nid 36
[   88.365274][ T6251] erofs: (device loop0): z_erofs_readahead: readahead error at folio 18 @ nid 36
[   88.394576][ T6251] syz.0.141: attempt to access beyond end of device
[   88.394576][ T6251] loop0: rw=524288, sector=67108872, nr_sectors = 16 limit=16
[   88.429031][ T6243] loop2: detected capacity change from 0 to 32768
[   88.439878][ T6251] syz.0.141: attempt to access beyond end of device
[   88.439878][ T6251] loop0: rw=524288, sector=67108880, nr_sectors = 16 limit=16
[   88.452238][ T6243] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.138 (6243)
[   88.484959][ T6251] syz.0.141: attempt to access beyond end of device
[   88.484959][ T6251] loop0: rw=524288, sector=720, nr_sectors = 16 limit=16
[   88.558492][ T6251] syz.0.141: attempt to access beyond end of device
[   88.558492][ T6251] loop0: rw=524288, sector=728, nr_sectors = 16 limit=16
[   88.581217][ T6243] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   88.613400][ T6243] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[   88.629087][ T6251] syz.0.141: attempt to access beyond end of device
[   88.629087][ T6251] loop0: rw=524288, sector=525144, nr_sectors = 16 limit=16
[   88.651399][ T6243] BTRFS info (device loop2): force clearing of disk cache
[   88.667560][ T6243] BTRFS info (device loop2): enabling auto defrag
[   88.689247][ T6243] BTRFS info (device loop2): max_inline at 0
[   88.694460][ T6251] syz.0.141: attempt to access beyond end of device
[   88.694460][ T6251] loop0: rw=524288, sector=525152, nr_sectors = 16 limit=16
[   88.702334][ T6243] BTRFS info (device loop2): enabling disk space caching
[   88.738156][ T6243] BTRFS info (device loop2): disk space caching is enabled
[   88.745768][ T6251] syz.0.141: attempt to access beyond end of device
[   88.745768][ T6251] loop0: rw=524288, sector=8, nr_sectors = 16 limit=16
[   88.814389][ T6251] syz.0.141: attempt to access beyond end of device
[   88.814389][ T6251] loop0: rw=524288, sector=16, nr_sectors = 16 limit=16
[   88.939084][ T6251] syz.0.141: attempt to access beyond end of device
[   88.939084][ T6251] loop0: rw=524288, sector=13478624032, nr_sectors = 16 limit=16
[   89.128586][ T6243] BTRFS info (device loop2): enabling ssd optimizations
[   89.151486][ T6243] BTRFS info (device loop2): rebuilding free space tree
[   89.263657][ T6243] BTRFS info (device loop2): disabling free space tree
[   89.280071][ T6243] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   89.292075][ T6243] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   89.593855][ T6243] BTRFS warning (device loop2): failed to trim 1 device(s), last error -512
[   89.670832][ T5768] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   90.097754][   T12] tipc: Subscription rejected, illegal request
[   90.413074][ T6312] loop0: detected capacity change from 0 to 16
[   90.423103][ T6312] erofs: (device loop0): mounted with root inode @ nid 36.
[   90.489737][ T5770] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 46
[   90.502315][ T5770] erofs: (device loop0): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[   90.512194][ T5770] erofs: (device loop0): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[   90.866720][ T6325] loop0: detected capacity change from 0 to 256
[   90.891932][ T6325] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x1be6ea4b, utbl_chksum : 0xe619d30d)
[   90.933288][ T6327] capability: warning: `syz.1.168' uses deprecated v2 capabilities in a way that may be insecure
[   91.123916][   T28] audit: type=1800 audit(1751387501.608:7): pid=6325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.167" name="file1" dev="loop0" ino=1048609 res=0 errno=0
[   91.160353][ T6332] loop1: detected capacity change from 0 to 4096
[   91.221061][ T6332] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.398948][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.483283][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   91.824750][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   92.503640][ T6347] loop0: detected capacity change from 0 to 40427
[   92.538179][ T6347] F2FS-fs (loop0): invalid crc value
[   92.560425][ T6347] F2FS-fs (loop0): Found nat_bits in checkpoint
[   92.687001][ T6347] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[   92.781988][ T6347] bio_check_eod: 4 callbacks suppressed
[   92.782006][ T6347] syz.0.176: attempt to access beyond end of device
[   92.782006][ T6347] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[   92.869866][ T5770] syz-executor: attempt to access beyond end of device
[   92.869866][ T5770] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   92.898824][ T5770] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[   93.461307][ T6371] loop2: detected capacity change from 0 to 16
[   93.516601][ T6371] erofs: (device loop2): mounted with root inode @ nid 36.
[   93.580646][ T6371] erofs: (device loop2): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 46
[   93.679153][ T6375] binder: 6374:6375 ioctl c0306201 0 returned -14
[   94.264333][ T5813] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   94.456298][ T5813] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.481491][ T5813] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   94.506843][ T5813] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   94.531822][ T5813] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   94.551801][ T5813] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.596833][ T5813] usb 2-1: config 0 descriptor??
[   95.029503][ T5813] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[   95.070598][ T5813] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[   95.366874][   T23] usb 2-1: USB disconnect, device number 4
[   95.606954][ T6398] loop0: detected capacity change from 0 to 32768
[   95.642111][ T6398] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[   95.786777][ T5770] ocfs2: Unmounting device (7,0) on (node local)
[   95.793253][ T6416] loop2: detected capacity change from 0 to 1024
[   95.862109][ T6416] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.001082][ T6422] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2797: inode #13: comm syz.2.204: corrupted in-inode xattr: bad magic number in in-inode xattr
[   96.053023][ T6422] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2867: Unable to expand inode 13. Delete some EAs or run e2fsck.
[   96.237712][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.253572][ T6432] loop0: detected capacity change from 0 to 256
[   96.271087][ T6432] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[   96.816764][ T6449] loop2: detected capacity change from 0 to 2048
[   96.852200][ T6449] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   97.113523][ T6442] loop0: detected capacity change from 0 to 32768
[   97.141432][ T6442] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop0 scanned by syz.0.213 (6442)
[   97.197140][ T6442] BTRFS info (device loop0): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[   97.264301][ T6442] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[   97.300646][ T6442] BTRFS info (device loop0): using free space tree
[   97.485173][ T5864] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   97.513370][ T6442] BTRFS info (device loop0): enabling ssd optimizations
[   97.554406][ T6442] BTRFS info (device loop0): auto enabling async discard
[   97.678944][ T5864] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   97.708101][ T5864] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   97.738833][ T5864] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   97.755964][ T5864] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67
[   97.772611][ T5864] usb 3-1: SerialNumber: syz
[   97.865114][ T6488] binder: 6487:6488 ioctl c0306201 200000000300 returned -14
[   98.030140][ T6491] loop3: detected capacity change from 0 to 1024
[   98.033551][ T5864] usb 3-1: 0:2 : does not exist
[   98.070120][ T6491] EXT4-fs: Ignoring removed nomblk_io_submit option
[   98.093742][ T5864] usb 3-1: USB disconnect, device number 3
[   98.155808][ T6491] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.287626][ T5770] BTRFS info (device loop0): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[   98.334861][ T5813] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   98.437093][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.534280][ T5813] usb 2-1: Using ep0 maxpacket: 8
[   98.546428][ T5813] usb 2-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   98.598098][ T6497] loop3: detected capacity change from 0 to 512
[   98.604873][ T5813] usb 2-1: config 0 interface 0 has no altsetting 0
[   98.604915][ T5813] usb 2-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[   98.604935][ T5813] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.607304][ T5813] usb 2-1: config 0 descriptor??
[   98.633349][ T6497] EXT4-fs: Ignoring removed nomblk_io_submit option
[   98.660363][ T6497] EXT4-fs (loop3): failed to initialize system zone (-117)
[   98.686868][ T6497] EXT4-fs (loop3): mount failed
[   99.145058][ T6511] loop2: detected capacity change from 0 to 512
[   99.160431][ T6511] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   99.185749][ T6511] EXT4-fs (loop2): invalid journal inode
[   99.206861][ T5813] uclogic 0003:5543:0042.0003: No inputs registered, leaving
[   99.214735][ T6511] EXT4-fs (loop2): can't get journal size
[   99.224915][ T5813] uclogic 0003:5543:0042.0003: hidraw0: USB HID v0.07 Device [HID 5543:0042] on usb-dummy_hcd.1-1/input0
[   99.240860][ T6511] EXT4-fs (loop2): 1 truncate cleaned up
[   99.255549][ T6511] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.378145][ T5813] usb 2-1: USB disconnect, device number 5
[   99.448851][ T6511] EXT4-fs warning (device loop2): ext4_group_add:1742: No reserved GDT blocks, can't resize
[   99.536582][ T6517] fido_id[6517]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[   99.602145][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.124993][ T6537] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.157851][ T1114] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.166364][ T1114] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.239909][ T6539] netlink: 'syz.1.247': attribute type 3 has an invalid length.
[  100.247980][ T6539] netlink: 8 bytes leftover after parsing attributes in process `syz.1.247'.
[  101.365679][ T6583] loop0: detected capacity change from 0 to 2048
[  101.401327][ T6583] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  102.002255][ T6599] loop1: detected capacity change from 0 to 128
[  102.472777][ T6606] loop1: detected capacity change from 0 to 8192
[  102.482019][ T5834] kernel write not supported for file bpf-prog (pid: 5834 comm: kworker/1:6)
[  102.531541][ T6606] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  102.589724][ T6606] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal
[  102.601144][ T6606] REISERFS (device loop1): using journaled data mode
[  102.608240][ T6606] reiserfs: using flush barriers
[  102.622594][ T6606] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  102.639891][ T6606] REISERFS (device loop1): checking transaction log (loop1)
[  102.681916][ T6606] REISERFS (device loop1): Using r5 hash to sort names
[  102.694064][ T6606] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  102.781333][ T6606] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  102.988593][ T6606] REISERFS warning (device loop1): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block
[  103.056711][ T6606] REISERFS warning (device loop1): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block
[  103.135473][ T6606] REISERFS warning (device loop1): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block
[  103.410970][ T6621] loop0: detected capacity change from 0 to 8192
[  103.658028][ T6614] loop2: detected capacity change from 0 to 32768
[  103.697778][ T6614] 
[  103.697778][ T6614]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.697778][ T6614] 
[  103.810334][ T6614] read_mapping_page failed!
[  103.832682][ T6634] loop0: detected capacity change from 0 to 512
[  103.840538][ T6614] ERROR: (device loop2): txCommit: 
[  103.840538][ T6614] 
[  103.859133][ T6614] ERROR: (device loop2): remounting filesystem as read-only
[  103.893234][ T6634] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.935601][ T6634] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.950035][ T5768] non-latin1 character 0x3ff found in JFS file name
[  103.958675][ T5768] mount with iocharset=utf8 to access
[  104.129349][ T6634] EXT4-fs error (device loop0): ext4_empty_dir:3136: inode #12: comm syz.0.279: invalid size
[  104.151835][ T6634] EXT4-fs (loop0): Remounting filesystem read-only
[  104.216305][ T6650] syzkaller1: entered promiscuous mode
[  104.226953][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.236421][ T6650] syzkaller1: entered allmulticast mode
[  104.242904][ T1102] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  104.259188][ T1102] Quota error (device loop0): write_blk: dquota write failed
[  104.267616][ T1102] Quota error (device loop0): free_dqentry: Can't write quota data block 5
[  104.466338][ T6654] loop1: detected capacity change from 0 to 4096
[  104.517508][ T1102] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.538896][ T6654] ntfs: volume version 3.1.
[  104.720157][ T1102] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.895546][ T1102] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.120037][ T1102] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.284437][ T6667] loop1: detected capacity change from 0 to 2048
[  105.311117][ T6657] loop0: detected capacity change from 0 to 32768
[  105.337780][ T6667] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  105.399685][ T6657] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  105.522641][ T6657] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  105.541647][ T5781] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  105.552817][ T5781] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  105.564958][ T5781] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  105.573219][ T5781] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  105.625878][ T5781] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  105.635169][ T5781] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  105.648638][   T28] audit: type=1800 audit(1751387516.138:8): pid=6657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.288" name="file1" dev="loop0" ino=17058 res=0 errno=0
[  105.997908][ T6657] syz.0.288 (6657) used greatest stack depth: 18064 bytes left
[  106.037145][ T5770] ocfs2: Unmounting device (7,0) on (node local)
[  106.363704][ T6688] netlink: 40 bytes leftover after parsing attributes in process `syz.1.301'.
[  106.425242][ T6688] netlink: 40 bytes leftover after parsing attributes in process `syz.1.301'.
[  106.527782][ T6693] Bluetooth: MGMT ver 1.22
[  106.688623][ T6672] chnl_net:caif_netlink_parms(): no params data found
[  106.877245][ T6679] loop3: detected capacity change from 0 to 40427
[  106.914840][ T6679] F2FS-fs (loop3): invalid crc value
[  106.993394][ T6679] F2FS-fs (loop3): Found nat_bits in checkpoint
[  107.094180][ T6679] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  107.214291][ T6710] netlink: 452 bytes leftover after parsing attributes in process `syz.1.306'.
[  107.240163][ T6695] loop0: detected capacity change from 0 to 32768
[  107.293648][ T1102] hsr_slave_0: left promiscuous mode
[  107.324790][ T6695] XFS (loop0): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  107.344057][ T1102] hsr_slave_1: left promiscuous mode
[  107.361690][ T5769] syz-executor: attempt to access beyond end of device
[  107.361690][ T5769] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  107.379440][ T5769] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  107.387340][ T1102] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  107.396545][ T1102] batman_adv: batadv0: Removing interface: batadv_slave_0
[  107.407849][ T1102] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  107.415448][ T1102] batman_adv: batadv0: Removing interface: batadv_slave_1
[  107.431172][ T1102] bridge_slave_1: left allmulticast mode
[  107.437190][ T1102] bridge_slave_1: left promiscuous mode
[  107.445497][ T1102] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.466061][ T1102] bridge_slave_0: left allmulticast mode
[  107.471977][ T1102] bridge_slave_0: left promiscuous mode
[  107.478161][ T1102] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.537731][ T1102] veth1_macvtap: left promiscuous mode
[  107.544142][ T1102] veth0_macvtap: left promiscuous mode
[  107.554512][ T6695] XFS (loop0): Ending clean mount
[  107.560681][ T1102] veth1_vlan: left promiscuous mode
[  107.568579][ T1102] veth0_vlan: left promiscuous mode
[  107.754378][ T5087] Bluetooth: hci2: command tx timeout
[  108.132781][ T5770] XFS (loop0): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  108.693302][ T1102] team0 (unregistering): Port device team_slave_1 removed
[  108.797582][ T1102] team0 (unregistering): Port device team_slave_0 removed
[  108.859198][ T1102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  108.883575][ T6731] loop0: detected capacity change from 0 to 32768
[  108.910028][ T6731] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  108.936524][ T1102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  108.966476][ T6731] XFS (loop0): Ending clean mount
[  109.225350][ T5770] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  109.720011][ T1102] bond0 (unregistering): Released all slaves
[  109.801683][ T6672] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.810141][ T6672] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.819779][ T6672] bridge_slave_0: entered allmulticast mode
[  109.828124][ T6672] bridge_slave_0: entered promiscuous mode
[  109.834300][ T5087] Bluetooth: hci2: command tx timeout
[  109.842532][ T6672] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.850115][ T6672] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.857424][ T6672] bridge_slave_1: entered allmulticast mode
[  109.865794][ T6672] bridge_slave_1: entered promiscuous mode
[  110.002947][ T6672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.038368][ T6672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.199863][ T6672] team0: Port device team_slave_0 added
[  110.225467][ T6672] team0: Port device team_slave_1 added
[  110.258005][ T6750] loop3: detected capacity change from 0 to 256
[  110.332775][ T6750] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[  110.348073][ T6672] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.355272][ T6672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.382380][ T6672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.394062][ T6750] exFAT-fs (loop3): error, invalid access to FAT bad cluster (entry 0x00000005)
[  110.406756][ T6750] exFAT-fs (loop3): failed to initialize root inode
[  110.441647][ T6672] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.448932][ T6672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.475727][ T6672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.609205][ T6746] loop1: detected capacity change from 0 to 40427
[  110.612931][ T6672] hsr_slave_0: entered promiscuous mode
[  110.629819][ T6746] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x7ffff
[  110.642574][ T6672] hsr_slave_1: entered promiscuous mode
[  110.649538][ T6672] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  110.652213][ T6746] F2FS-fs (loop1): invalid crc value
[  110.658240][ T6672] Cannot create hsr debugfs directory
[  110.683597][ T6753] syzkaller1: entered promiscuous mode
[  110.685774][ T6746] F2FS-fs (loop1): Found nat_bits in checkpoint
[  110.695530][ T6753] syzkaller1: entered allmulticast mode
[  110.798955][ T6746] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  111.005046][ T5771] syz-executor: attempt to access beyond end of device
[  111.005046][ T5771] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  111.042214][ T5771] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  111.105887][ T6672] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  111.130539][ T6672] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  111.167451][ T6672] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  111.201529][ T6771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.324'.
[  111.201942][ T6672] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  111.432513][ T6782] loop0: detected capacity change from 0 to 64
[  111.468979][ T6672] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.514580][ T6672] 8021q: adding VLAN 0 to HW filter on device team0
[  111.543183][ T1114] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.550440][ T1114] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.588619][ T1087] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.596037][ T1087] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.620376][ T6785] process 'syz.1.322' launched './file0' with NULL argv: empty string added
[  111.626906][ T6782] minix_free_block (loop0:1): bit already cleared
[  111.656160][ T6782] minix_free_block (loop0:4): bit already cleared
[  111.694641][ T6782] minix_free_block (loop0:3): bit already cleared
[  111.727249][ T6782] minix_free_block (loop0:2): bit already cleared
[  111.733943][ T6782] minix_free_block (loop0:1): bit already cleared
[  111.914475][ T5087] Bluetooth: hci2: command tx timeout
[  112.022807][ T6672] 8021q: adding VLAN 0 to HW filter on device batadv0
[  112.194939][ T5834] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  112.290013][ T6672] veth0_vlan: entered promiscuous mode
[  112.313319][ T6672] veth1_vlan: entered promiscuous mode
[  112.377137][ T6672] veth0_macvtap: entered promiscuous mode
[  112.392168][ T6672] veth1_macvtap: entered promiscuous mode
[  112.402173][ T5834] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  112.412068][ T6672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.424022][ T6672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.425629][ T5834] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.435077][ T6672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.452649][ T5834] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.468826][ T6672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.470165][ T5834] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  112.490080][ T6672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.506887][ T6672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.509765][ T5834] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  112.520645][ T6672] batman_adv: batadv0: Interface activated: batadv_slave_0
[  112.541152][ T5834] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  112.542743][ T6672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.562281][ T6672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.571082][ T5834] usb 1-1: Manufacturer: syz
[  112.573094][ T6672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.583997][ T5834] usb 1-1: config 0 descriptor??
[  112.589496][ T6672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.602611][ T6672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.613597][ T6672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.626741][ T6672] batman_adv: batadv0: Interface activated: batadv_slave_1
[  112.647424][ T6672] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.656852][ T6672] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.668363][ T6672] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.677393][ T6672] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  112.766416][ T6105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.780191][ T6105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.797104][ T5813] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  112.822696][ T6105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.832511][ T6105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.834301][   T55] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  112.999303][ T5813] usb 2-1: config 0 has an invalid interface number: 237 but max is 0
[  113.008004][ T5813] usb 2-1: config 0 has no interface number 0
[  113.016712][ T5834] appleir 0003:05AC:8243.0004: unknown main item tag 0x0
[  113.016818][ T6810] loop4: detected capacity change from 0 to 128
[  113.030794][ T5813] usb 2-1: config 0 interface 237 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 10
[  113.031096][ T5834] appleir 0003:05AC:8243.0004: No inputs registered, leaving
[  113.044235][ T5813] usb 2-1: config 0 interface 237 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  113.062427][   T55] usb 4-1: config 0 has an invalid interface number: 104 but max is 0
[  113.064009][ T5813] usb 2-1: config 0 interface 237 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 10
[  113.083989][ T5834] appleir 0003:05AC:8243.0004: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  113.096474][   T55] usb 4-1: config 0 has no interface number 0
[  113.102987][   T28] audit: type=1800 audit(1751387523.588:9): pid=6810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.331" name="file1" dev="loop4" ino=1048615 res=0 errno=0
[  113.104470][ T5813] usb 2-1: config 0 interface 237 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  113.125849][   T55] usb 4-1: config 0 interface 104 has no altsetting 0
[  113.150468][ T5813] usb 2-1: New USB device found, idVendor=045e, idProduct=84bd, bcdDevice=89.b6
[  113.161532][ T5813] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.173640][   T55] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=a1.c9
[  113.176957][ T5813] usb 2-1: Product: syz
[  113.185059][   T55] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.195957][ T5813] usb 2-1: Manufacturer: syz
[  113.213773][ T5813] usb 2-1: SerialNumber: syz
[  113.221831][ T5813] usb 2-1: config 0 descriptor??
[  113.239485][ T5813] xpad 2-1:0.237: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  113.254216][   T55] usb 4-1: Product: syz
[  113.258437][   T55] usb 4-1: Manufacturer: syz
[  113.263130][ T5813] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.237/input/input6
[  113.279852][   T55] usb 4-1: SerialNumber: syz
[  113.293125][   T55] usb 4-1: config 0 descriptor??
[  113.302542][   T55] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  113.407509][ T5813] usb 1-1: USB disconnect, device number 3
[  113.516136][   T55] gspca_vc032x: reg_r err -71
[  113.520882][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.546751][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.556878][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.562314][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.568883][    T9] usb 2-1: USB disconnect, device number 6
[  113.571135][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.576984][    T9] xpad 2-1:0.237: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  113.582193][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.616293][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.629752][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.644373][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.649841][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.656468][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.662253][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.668343][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.673662][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.690741][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.700836][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.707946][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.713275][   T55] gspca_vc032x: I2c Bus Busy Wait 00
[  113.719313][   T55] gspca_vc032x: Unknown sensor...
[  113.726900][   T55] vc032x: probe of 4-1:0.104 failed with error -22
[  113.737565][   T55] usb 4-1: USB disconnect, device number 4
[  113.926767][ T6820] loop4: detected capacity change from 0 to 32768
[  113.994481][ T5087] Bluetooth: hci2: command tx timeout
[  114.052624][ T6820] ERROR: (device loop4): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 1
[  114.052624][ T6820] 
[  114.231347][ T6828] loop3: detected capacity change from 0 to 512
[  114.265280][ T6828] EXT4-fs: Ignoring removed i_version option
[  114.284859][ T6828] EXT4-fs: Ignoring removed nobh option
[  114.322028][ T6828] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  114.379315][ T6828] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  114.427328][ T6828] EXT4-fs (loop3): 1 truncate cleaned up
[  114.445107][ T6828] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.716132][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.812221][ T6844] loop3: detected capacity change from 0 to 128
[  114.845767][ T6844] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  114.950251][ T6839] loop1: detected capacity change from 0 to 32768
[  114.973309][ T6839] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.344 (6839)
[  114.996427][ T5769] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  115.013375][ T6839] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  115.024150][ T5769] FAT-fs (loop3): Filesystem has been set read-only
[  115.033498][ T5769] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  115.063052][ T6839] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  115.074638][ T6839] BTRFS info (device loop1): setting nodatacow, compression disabled
[  115.099807][ T6839] BTRFS info (device loop1): max_inline at 0
[  115.124215][ T6839] BTRFS info (device loop1): enabling disk space caching
[  115.137855][ T6839] BTRFS info (device loop1): turning off barriers
[  115.154764][ T6839] BTRFS info (device loop1): turning on flush-on-commit
[  115.174520][ T6839] BTRFS info (device loop1): doing ref verification
[  115.181178][ T6839] BTRFS info (device loop1): force clearing of disk cache
[  115.189633][ T6839] BTRFS info (device loop1): enabling ssd optimizations
[  115.198167][ T6839] BTRFS info (device loop1): max_inline at 4096
[  115.209671][ T6839] BTRFS info (device loop1): disk space caching is enabled
[  115.582624][ T6839] BTRFS info (device loop1): auto enabling async discard
[  115.628508][ T6839] BTRFS info (device loop1): rebuilding free space tree
[  115.701544][ T6839] BTRFS info (device loop1): disabling free space tree
[  115.728382][ T6839] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  115.773597][ T6839] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  116.194102][    C0] sched: RT throttling activated
[  116.284245][ T6861] loop4: detected capacity change from 0 to 131072
[  116.295826][ T6861] F2FS-fs (loop4): Wrong CP boundary, start(512) end(1536) blocks(0)
[  116.303966][ T6861] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  116.316577][ T6861] F2FS-fs (loop4): invalid crc value
[  116.360497][ T6861] F2FS-fs (loop4): Found nat_bits in checkpoint
[  116.362851][ T6895] loop0: detected capacity change from 0 to 4096
[  116.407227][ T6895] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  116.436335][ T6861] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  116.443457][ T6861] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  116.465958][ T5771] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  116.510442][ T6895] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[  116.993714][ T6892] loop3: detected capacity change from 0 to 32768
[  117.025674][ T6861] F2FS-fs (loop4): Start checkpoint disabled!
[  117.104555][ T6892] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  117.189271][ T6892] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  117.631510][ T5769] ocfs2: Unmounting device (7,3) on (node local)
[  117.830811][ T6912] loop4: detected capacity change from 0 to 512
[  117.909822][ T6912] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.926539][ T6912] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.071325][ T6672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.312310][ T6936] loop0: detected capacity change from 0 to 512
[  118.341403][ T6936] EXT4-fs (loop0): orphan cleanup on readonly fs
[  118.366258][ T6936] EXT4-fs error (device loop0): ext4_orphan_get:1425: comm syz.0.374: bad orphan inode 13
[  118.401277][ T6936] ext4_test_bit(bit=12, block=18) = 1
[  118.408186][ T6936] is_bad_inode(inode)=0
[  118.427655][ T6936] NEXT_ORPHAN(inode)=2130706432
[  118.432640][ T6936] max_ino=32
[  118.444250][ T6936] i_nlink=1
[  118.450104][ T6936] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  118.507483][ T6936] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  118.557887][ T6936] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.374: bg 0: block 248: padding at end of block bitmap is not set
[  118.592394][ T6946] loop3: detected capacity change from 0 to 512
[  118.596504][ T6936] Quota error (device loop0): write_blk: dquota write failed
[  118.612587][ T6936] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  118.629451][ T6946] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  118.630563][ T6936] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.374: Failed to acquire dquot type 1
[  118.664264][ T6936] EXT4-fs warning (device loop0): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  118.693516][ T6946] EXT4-fs (loop3): 1 truncate cleaned up
[  118.711660][ T6946] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.771858][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.852141][ T6950] netlink: 16 bytes leftover after parsing attributes in process `syz.0.380'.
[  118.897195][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.063180][ T6954] netlink: 8 bytes leftover after parsing attributes in process `syz.3.381'.
[  119.196924][ T6958] loop1: detected capacity change from 0 to 1024
[  119.219512][ T6958] EXT4-fs: Ignoring removed nomblk_io_submit option
[  119.266685][ T6958] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.293137][ T6967] loop4: detected capacity change from 0 to 512
[  119.344764][ T6968] loop0: detected capacity change from 0 to 4096
[  119.354059][ T6968] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  119.374227][ T6968] ntfs3: loop0: It is recommened to use chkdsk.
[  119.399221][ T6967] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.424452][ T6967] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.437340][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.626760][ T6980] syzkaller1: entered promiscuous mode
[  119.633351][ T6980] syzkaller1: entered allmulticast mode
[  119.730187][ T6672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.740074][ T6982] loop0: detected capacity change from 0 to 128
[  119.773906][   T28] audit: type=1800 audit(1751387530.258:10): pid=6982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.394" name="file1" dev="loop0" ino=1048625 res=0 errno=0
[  119.848767][ T1102] FAT-fs (loop0): error, invalid FAT chain (i_pos 548, last_block 8)
[  119.858260][ T1102] FAT-fs (loop0): Filesystem has been set read-only
[  119.875763][ T5760] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  119.877080][ T1102] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522)
[  119.905407][ T6986] loop3: detected capacity change from 0 to 1024
[  120.000787][ T6989] loop4: detected capacity change from 0 to 2048
[  120.050160][ T6989] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.064267][ T5760] usb 2-1: Using ep0 maxpacket: 8
[  120.078138][ T5760] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  120.090854][ T5760] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.104172][ T5760] usb 2-1: Product: syz
[  120.113280][ T5760] usb 2-1: Manufacturer: syz
[  120.119322][ T5760] usb 2-1: SerialNumber: syz
[  120.128780][ T5760] usb 2-1: config 0 descriptor??
[  120.137444][ T5760] gspca_main: se401-2.14.0 probing 047d:5003
[  120.166171][ T6989] EXT4-fs (loop4): shut down requested (0)
[  120.230818][ T6997] loop0: detected capacity change from 0 to 512
[  120.239640][ T6997] EXT4-fs: Ignoring removed mblk_io_submit option
[  120.269992][ T6997] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  120.286569][ T6997] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.401: attempt to clear invalid blocks 2 len 1
[  120.309316][ T6997] EXT4-fs (loop0): Remounting filesystem read-only
[  120.310614][ T6672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.338402][ T6997] EXT4-fs (loop0): 1 truncate cleaned up
[  120.354024][ T6997] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.504503][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.513569][ T7005] loop4: detected capacity change from 0 to 256
[  120.548022][ T7007] loop3: detected capacity change from 0 to 512
[  120.554360][ T7005] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  120.554710][ T7005] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  120.568815][ T5760] gspca_se401: Frame size: 0x0 1/16th janggu
[  120.598266][ T7007] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.628945][ T7007] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.664457][ T7011] loop0: detected capacity change from 0 to 256
[  120.754886][ T7012] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  120.768770][ T7012] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  120.775842][ T5760] input: se401 as /devices/platform/dummy_hcd.1/usb2/2-1/input/input7
[  120.780500][ T7012] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  120.800919][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.820911][   T28] audit: type=1800 audit(1751387531.308:11): pid=7012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.405" name="file1" dev="loop0" ino=1048626 res=0 errno=0
[  120.858296][ T7012] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001)
[  121.080904][ T5760] usb 2-1: USB disconnect, device number 7
[  121.132014][ T7022] loop4: detected capacity change from 0 to 47
[  121.323407][ T7030] loop0: detected capacity change from 0 to 512
[  121.364365][ T7033] loop4: detected capacity change from 0 to 256
[  121.372938][ T7030] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.377299][ T7033] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  121.392288][ T7030] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.565166][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.914294][ T5781] Bluetooth: hci0: command 0x0401 tx timeout
[  121.920519][ T5087] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  121.981383][ T7055] loop4: detected capacity change from 0 to 1024
[  122.019763][ T7055] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.032374][ T7055] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.077462][ T7055] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  122.112396][ T7055] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  122.132900][ T7055] EXT4-fs (loop4): This should not happen!! Data will be lost
[  122.132900][ T7055] 
[  122.143129][ T7055] EXT4-fs (loop4): Total free blocks count 0
[  122.152023][ T7055] EXT4-fs (loop4): Free/Dirty block details
[  122.158714][ T7055] EXT4-fs (loop4): free_blocks=4293918720
[  122.164740][ T7055] EXT4-fs (loop4): dirty_blocks=64
[  122.174176][ T7055] EXT4-fs (loop4): Block reservation details
[  122.180189][ T7055] EXT4-fs (loop4): i_reserved_data_blocks=4
[  122.249980][ T6672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.250912][ T7060] loop0: detected capacity change from 0 to 2048
[  122.300650][ T7060]  loop0: p1 < > p3
[  122.324843][ T7060] loop0: p3 size 134217728 extends beyond EOD, truncated
[  122.500330][ T7069] loop4: detected capacity change from 0 to 2048
[  122.679617][ T7072] gretap0: entered promiscuous mode
[  122.695246][ T7072] gretap0: left promiscuous mode
[  122.787382][ T7067] loop3: detected capacity change from 0 to 32768
[  122.828417][ T7067] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  122.894525][ T7067] XFS (loop3): Ending clean mount
[  122.934697][ T7067] XFS (loop3): Quotacheck needed: Please wait.
[  122.949616][ T7087] loop1: detected capacity change from 0 to 1024
[  122.957299][ T7087] EXT4-fs: Ignoring removed mblk_io_submit option
[  122.970542][ T7087] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  123.012923][ T7087] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.080899][ T7067] XFS (loop3): Quotacheck: Done.
[  123.268916][ T7073] loop4: detected capacity change from 0 to 32768
[  123.285909][ T7073] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 scanned by syz.4.430 (7073)
[  123.287050][ T5769] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  123.299786][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.320822][ T7073] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  123.333366][ T7073] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  123.358870][ T7073] BTRFS info (device loop4): using free space tree
[  123.509360][ T7073] BTRFS info (device loop4): enabling ssd optimizations
[  123.524738][ T7073] BTRFS info (device loop4): auto enabling async discard
[  123.920161][ T6672] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  123.926042][ T7113] loop3: detected capacity change from 0 to 32768
[  123.958554][ T7113] JBD2: Ignoring recovery information on journal
[  123.960544][ T7117] loop1: detected capacity change from 0 to 1024
[  124.003542][ T7113] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  124.162481][   T28] audit: type=1800 audit(1751387534.648:12): pid=7113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.434" name="file0" dev="loop3" ino=17058 res=0 errno=0
[  124.204993][ T7113] OCFS2: ERROR (device loop3): int ocfs2_reserve_suballoc_bits(struct ocfs2_super *, struct ocfs2_alloc_context *, int, u32, u64 *, int): Invalid chain allocator 71
[  124.223613][ T7113] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  124.233555][ T7113] OCFS2: File system is now read-only.
[  124.239227][ T7113] (syz.3.434,7113,0):ocfs2_reserve_suballoc_bits:850 ERROR: status = -30
[  124.247704][ T7113] (syz.3.434,7113,0):ocfs2_reserve_cluster_bitmap_bits:1133 ERROR: status = -30
[  124.257728][ T7113] (syz.3.434,7113,0):ocfs2_local_alloc_reserve_for_window:1123 ERROR: status = -30
[  124.269220][ T7113] (syz.3.434,7113,0):ocfs2_local_alloc_reserve_for_window:1139 ERROR: status = -30
[  124.280705][ T7113] (syz.3.434,7113,0):ocfs2_local_alloc_slide_window:1254 ERROR: status = -30
[  124.289592][ T7113] (syz.3.434,7113,0):ocfs2_local_alloc_slide_window:1321 ERROR: status = -30
[  124.298464][ T7113] (syz.3.434,7113,0):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -30
[  124.307255][ T7113] (syz.3.434,7113,0):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -30
[  124.316559][ T7113] (syz.3.434,7113,0):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -30
[  124.325699][ T7113] (syz.3.434,7113,0):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -30
[  124.336101][ T7113] (syz.3.434,7113,0):ocfs2_lock_allocators:2672 ERROR: status = -30
[  124.344234][ T7113] (syz.3.434,7113,0):ocfs2_write_begin_nolock:1744 ERROR: status = -30
[  124.352541][ T7113] (syz.3.434,7113,0):ocfs2_dio_wr_get_block:2243 ERROR: status = -30
[  124.366783][ T7113] (syz.3.434,7113,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5
[  124.481837][ T5769] ocfs2: Unmounting device (7,3) on (node local)
[  124.612527][ T7127] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  124.670137][ T7128] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  124.790851][ T7132] loop3: detected capacity change from 0 to 64
[  124.909907][ T7136] loop0: detected capacity change from 0 to 1024
[  124.919631][ T7136] EXT4-fs: Ignoring removed nobh option
[  124.929501][ T7136] EXT4-fs: Ignoring removed bh option
[  124.935794][ T7136] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  124.957977][ T7136] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.025568][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.413188][ T7151] warning: `syz.0.449' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  125.750956][ T7167] loop0: detected capacity change from 0 to 1024
[  125.758437][ T7167] EXT4-fs: Ignoring removed mblk_io_submit option
[  125.778627][ T7167] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  125.818875][ T7167] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.044458][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.058671][ T7177] netlink: 4 bytes leftover after parsing attributes in process `syz.1.459'.
[  126.421608][ T7192] loop1: detected capacity change from 0 to 64
[  126.615551][ T7181] loop0: detected capacity change from 0 to 32768
[  126.629093][ T7181] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.461 (7181)
[  126.653609][ T7181] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  126.664980][ T7181] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  126.674054][ T7181] BTRFS info (device loop0): turning off barriers
[  126.681957][ T7181] BTRFS info (device loop0): setting nodatasum
[  126.688242][ T7181] BTRFS info (device loop0): enabling auto defrag
[  126.694990][ T7181] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  126.705188][ T7181] BTRFS info (device loop0): use zstd compression, level 3
[  126.713236][ T7181] BTRFS info (device loop0): using free space tree
[  126.758039][ T7198] ip6tnl1: entered promiscuous mode
[  126.763386][ T7198] ip6tnl1: entered allmulticast mode
[  126.774289][ T7181] BTRFS info (device loop0): auto enabling async discard
[  126.961554][ T5770] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  127.293897][ T7222] netlink: 'syz.0.469': attribute type 6 has an invalid length.
[  127.479661][ T7230] loop3: detected capacity change from 0 to 256
[  127.498826][ T7230] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  127.714750][ T7240] loop1: detected capacity change from 0 to 128
[  127.774609][   T28] audit: type=1804 audit(1751387538.258:13): pid=7240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.488" name="/newroot/100/file2/file0" dev="loop1" ino=1048627 res=1 errno=0
[  128.309460][ T7251] loop4: detected capacity change from 0 to 4096
[  128.342559][ T7251] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.452516][ T7263] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  128.530088][ T6672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.794329][   T55] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  129.057519][ T7281] loop4: detected capacity change from 0 to 32768
[  129.078753][ T7281] JBD2: Ignoring recovery information on journal
[  129.109723][ T7281] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  129.155213][   T28] audit: type=1800 audit(1751387539.648:14): pid=7281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.498" name="file0" dev="loop4" ino=17058 res=0 errno=0
[  129.165059][ T7281] OCFS2: ERROR (device loop4): int ocfs2_reserve_suballoc_bits(struct ocfs2_super *, struct ocfs2_alloc_context *, int, u32, u64 *, int): Invalid chain allocator 71
[  129.194062][ T7281] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  129.204424][ T7281] OCFS2: File system is now read-only.
[  129.210104][ T7281] (syz.4.498,7281,1):ocfs2_reserve_suballoc_bits:850 ERROR: status = -30
[  129.218622][ T7281] (syz.4.498,7281,1):ocfs2_reserve_cluster_bitmap_bits:1133 ERROR: status = -30
[  129.228318][ T7281] (syz.4.498,7281,1):ocfs2_local_alloc_reserve_for_window:1123 ERROR: status = -30
[  129.238211][ T7281] (syz.4.498,7281,1):ocfs2_local_alloc_reserve_for_window:1139 ERROR: status = -30
[  129.247642][ T7281] (syz.4.498,7281,1):ocfs2_local_alloc_slide_window:1254 ERROR: status = -30
[  129.256559][ T7281] (syz.4.498,7281,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -30
[  129.266412][ T7281] (syz.4.498,7281,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -30
[  129.278451][ T7281] (syz.4.498,7281,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -30
[  129.288130][ T7281] (syz.4.498,7281,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -30
[  129.297349][ T7281] (syz.4.498,7281,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -30
[  129.306471][ T7281] (syz.4.498,7281,1):ocfs2_lock_allocators:2672 ERROR: status = -30
[  129.314553][ T7281] (syz.4.498,7281,1):ocfs2_write_begin_nolock:1744 ERROR: status = -30
[  129.322947][ T7281] (syz.4.498,7281,1):ocfs2_dio_wr_get_block:2243 ERROR: status = -30
[  129.331257][ T7281] (syz.4.498,7281,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5
[  129.331398][ T5834] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  129.358086][   T55] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[  129.366747][   T55] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.408225][   T55] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  129.418442][   T55] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  129.421895][ T6672] ocfs2: Unmounting device (7,4) on (node local)
[  129.429945][   T55] usb 2-1: Manufacturer: syz
[  129.441314][   T55] usb 2-1: config 0 descriptor??
[  129.513604][ T7286] geneve1: entered promiscuous mode
[  129.523577][ T7286] geneve1: left promiscuous mode
[  129.528774][   T55] rc_core: IR keymap rc-hauppauge not found
[  129.535009][ T5834] usb 1-1: Using ep0 maxpacket: 8
[  129.540388][   T55] Registered IR keymap rc-empty
[  129.552903][   T55] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  129.566407][ T5834] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 233, changing to 11
[  129.580270][   T55] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input8
[  129.591155][ T5834] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  129.609939][ T5834] usb 1-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.40
[  129.622491][ T5834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.631107][ T5834] usb 1-1: Product: syz
[  129.635628][ T5834] usb 1-1: Manufacturer: syz
[  129.640276][ T5834] usb 1-1: SerialNumber: syz
[  129.880505][ T5834] usbhid 1-1:1.0: can't add hid device: -71
[  129.887240][ T5834] usbhid: probe of 1-1:1.0 failed with error -71
[  129.906329][ T5834] usb 1-1: USB disconnect, device number 4
[  129.925719][    C1] igorplugusb 2-1:0.0: receive overflow, at least 3 lost
[  130.131502][   T55] usb 2-1: USB disconnect, device number 8
[  130.188643][   T28] audit: type=1326 audit(1751387540.678:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz.4.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f922bf8e929 code=0x7ffc0000
[  130.218417][   T28] audit: type=1326 audit(1751387540.678:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz.4.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f922bf2ab19 code=0x7ffc0000
[  130.264161][   T28] audit: type=1326 audit(1751387540.678:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz.4.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f922bf2ab19 code=0x7ffc0000
[  130.304202][   T28] audit: type=1326 audit(1751387540.678:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz.4.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f922bf2ab19 code=0x7ffc0000
[  130.334831][   T28] audit: type=1326 audit(1751387540.678:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz.4.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f922bf2ab19 code=0x7ffc0000
[  130.357364][   T28] audit: type=1326 audit(1751387540.678:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz.4.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f922bf2ab19 code=0x7ffc0000
[  130.379694][   T28] audit: type=1326 audit(1751387540.678:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz.4.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f922bf2ab19 code=0x7ffc0000
[  130.403658][   T28] audit: type=1326 audit(1751387540.678:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz.4.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f922bf2ab19 code=0x7ffc0000
[  130.428835][   T28] audit: type=1326 audit(1751387540.678:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz.4.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f922bf2ab19 code=0x7ffc0000
[  130.494226][ T5834] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  130.514907][   T28] audit: type=1326 audit(1751387540.708:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz.4.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f922bf2ab19 code=0x7ffc0000
[  130.676926][ T5834] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.686901][ T5834] usb 4-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00
[  130.697602][ T7305] loop4: detected capacity change from 0 to 128
[  130.705006][ T5834] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.745598][ T5834] usb 4-1: config 0 descriptor??
[  131.191043][ T5834] dragonrise 0003:0079:0006.0005: hidraw0: USB HID v0.00 Device [HID 0079:0006] on usb-dummy_hcd.3-1/input0
[  131.224235][ T5834] dragonrise 0003:0079:0006.0005: no inputs found
[  131.239357][ T5834] dragonrise 0003:0079:0006.0005: force feedback init failed
[  131.279529][ T7307] loop0: detected capacity change from 0 to 32768
[  131.298747][ T7307] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop0 scanned by syz.0.508 (7307)
[  131.328604][ T7307] BTRFS info (device loop0): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  131.344694][ T7307] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  131.353607][ T7307] BTRFS info (device loop0): using free space tree
[  131.411368][ T5834] usb 4-1: USB disconnect, device number 5
[  131.421666][ T7307] BTRFS info (device loop0): enabling ssd optimizations
[  131.430332][ T7307] BTRFS info (device loop0): auto enabling async discard
[  131.687215][ T5776] kernel write not supported for file /117/oom_score_adj (pid: 5776 comm: kworker/1:3)
[  131.718934][ T5770] BTRFS info (device loop0): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  131.915425][ T7341] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  132.591618][ T7356] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  132.673635][ T7356] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  133.120545][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  133.130004][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  133.310101][ T7368] netlink: 8 bytes leftover after parsing attributes in process `syz.4.525'.
[  133.597621][ T7375] netlink: 'syz.4.529': attribute type 2 has an invalid length.
[  133.733426][ T7377] loop3: detected capacity change from 0 to 128
[  133.848744][ T7377] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  133.913222][ T7377] ext4 filesystem being mounted at /150/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  133.929422][ T7371] loop1: detected capacity change from 0 to 32768
[  134.041193][ T7383] loop4: detected capacity change from 0 to 512
[  134.058223][ T7383] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c11d, mo2=0002]
[  134.070876][ T7383] System zones: 1-12
[  134.080286][ T7371] syz.1.528: attempt to access beyond end of device
[  134.080286][ T7371] loop1: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[  134.098389][ T7371] metapage_write_end_io: I/O error
[  134.100175][ T7383] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.532: corrupted in-inode xattr: e_value size too large
[  134.106068][ T7371] ERROR: (device loop1): diWrite: ixpxd invalid
[  134.106068][ T7371] 
[  134.127100][ T5769] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  134.141532][ T7371] ERROR: (device loop1): remounting filesystem as read-only
[  134.149141][ T7371] ERROR: (device loop1): txCommit: 
[  134.149141][ T7371] 
[  134.151408][ T7383] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.532: couldn't read orphan inode 15 (err -117)
[  134.172392][  T113] blkno = 8ed2c, nblocks = 1
[  134.177331][  T113] ERROR: (device loop1): dbUpdatePMap: blocks are outside the map
[  134.177331][  T113] 
[  134.199067][ T7371] blkno = 8ed2c, nblocks = 1
[  134.204194][ T7371] ERROR: (device loop1): dbUpdatePMap: blocks are outside the map
[  134.204194][ T7371] 
[  134.227683][ T7371] ERROR: (device loop1): dtSearch: DT_GETPAGE: dtree page corrupt
[  134.227683][ T7371] 
[  134.241124][ T7383] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.298867][ T7371] jfs_mkdir: dtSearch returned -5
[  134.393739][ T7371] ERROR: (device loop1): dtReadFirst: DT_GETPAGE: dtree page corrupt
[  134.393739][ T7371] 
[  134.414372][ T7371] jfs_readdir: unexpected rc = -5 from dtReadNext
[  134.478604][ T6672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.488773][ T5771] syz-executor: attempt to access beyond end of device
[  134.488773][ T5771] loop1: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[  134.525215][ T5771] metapage_write_end_io: I/O error
[  134.531430][ T5771] JFS: metapage_get_blocks failed
[  134.544334][ T5771] JFS: metapage_get_blocks failed
[  134.549853][ T5771] JFS: metapage_get_blocks failed
[  134.564186][ T5771] JFS: metapage_get_blocks failed
[  134.752900][ T7394] loop4: detected capacity change from 0 to 2048
[  134.783633][ T7396] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  134.896018][ T7394] NILFS (loop4): error -2 truncating bmap (ino=16)
[  135.329097][ T7404] input: syz0 as /devices/virtual/input/input9
[  135.552203][ T7409] loop0: detected capacity change from 0 to 4096
[  135.591454][ T7409] NILFS (loop0): invalid segment: Checksum error in segment payload
[  135.618898][ T7409] NILFS (loop0): trying rollback from an earlier position
[  135.642793][ T7398] loop3: detected capacity change from 0 to 32768
[  135.654049][ T7398] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop3 scanned by syz.3.540 (7398)
[  135.657434][ T7409] NILFS (loop0): recovery complete
[  135.680297][ T7398] BTRFS info (device loop3): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  135.699964][ T7398] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  135.704366][ T7415] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  135.715799][ T7398] BTRFS info (device loop3): using free space tree
[  135.803215][ T7398] BTRFS info (device loop3): enabling ssd optimizations
[  135.810487][ T7398] BTRFS info (device loop3): auto enabling async discard
[  136.050436][ T5769] BTRFS info (device loop3): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  136.275031][ T7444] netlink: 104 bytes leftover after parsing attributes in process `syz.0.553'.
[  136.504551][ T7448] loop3: detected capacity change from 0 to 4096
[  136.944018][ T7450] loop0: detected capacity change from 0 to 32768
[  136.985128][ T7450] XFS: ikeep mount option is deprecated.
[  137.018474][ T7450] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  137.116874][ T7450] XFS (loop0): Ending clean mount
[  137.143116][ T7450] XFS (loop0): Quotacheck needed: Please wait.
[  137.231661][ T7450] XFS (loop0): Quotacheck: Done.
[  137.307022][ T5770] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  137.699228][ T7467] loop1: detected capacity change from 0 to 32768
[  137.710749][ T7483] loop0: detected capacity change from 0 to 2048
[  137.723092][ T7467] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop1 scanned by syz.1.560 (7467)
[  137.744854][ T7483] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  137.774953][ T7467] BTRFS info (device loop1): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  137.788783][ T7467] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  137.799062][ T7467] BTRFS info (device loop1): using free space tree
[  137.824399][ T5776] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  137.868647][ T7475] loop3: detected capacity change from 0 to 32768
[  137.874903][ T7467] BTRFS info (device loop1): enabling ssd optimizations
[  137.883385][ T7467] BTRFS info (device loop1): auto enabling async discard
[  138.010490][ T5771] BTRFS info (device loop1): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  138.014246][ T5776] usb 5-1: Using ep0 maxpacket: 32
[  138.031372][ T5776] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  138.052250][ T5776] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  138.061238][ T5776] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  138.087705][ T5776] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  138.097940][ T5776] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  138.108205][ T5776] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  138.121602][ T5776] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  138.141843][ T5776] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.185837][ T5776] usb 5-1: config 0 descriptor??
[  138.445159][ T5776] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  138.445894][ T7504] loop3: detected capacity change from 0 to 4096
[  138.488596][ T5776] usb 5-1: USB disconnect, device number 2
[  138.498857][ T7506] loop0: detected capacity change from 0 to 1024
[  138.520297][ T5776] usblp0: removed
[  138.527887][ T7506] EXT4-fs: Ignoring removed nobh option
[  138.533758][ T7506] EXT4-fs: Ignoring removed oldalloc option
[  138.543608][ T7504] NILFS (loop3): invalid segment: Checksum error in segment payload
[  138.548156][ T7506] EXT4-fs: Ignoring removed bh option
[  138.567890][ T7504] NILFS (loop3): trying rollback from an earlier position
[  138.611381][ T7504] NILFS (loop3): recovery complete
[  138.629169][ T7510] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  138.641496][ T7506] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a803c119, mo2=0102]
[  138.684379][ T7506] System zones: 0-1, 3-12
[  138.715538][ T7506] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[  138.890542][   T28] kauditd_printk_skb: 99 callbacks suppressed
[  138.890556][   T28] audit: type=1800 audit(1751387549.378:124): pid=7506 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.571" name="file1" dev="loop0" ino=15 res=0 errno=0
[  139.001743][ T7516] loop3: detected capacity change from 0 to 512
[  139.043202][ T7516] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.056079][   T55] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  139.076998][ T7516] ext4 filesystem being mounted at /160/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  139.100359][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  139.179796][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.255719][   T55] usb 5-1: Using ep0 maxpacket: 32
[  139.262705][   T55] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  139.278675][   T55] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  139.290127][   T55] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  139.303005][   T55] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  139.319268][ T7523] loop0: detected capacity change from 0 to 2048
[  139.325825][   T55] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  139.339635][   T55] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  139.367725][   T55] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  139.381391][   T55] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.393239][ T7525] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  139.416857][   T55] usb 5-1: config 0 descriptor??
[  139.482827][ T7523] NILFS (loop0): error -2 truncating bmap (ino=16)
[  140.035462][ T7544] program syz.3.584 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  140.047726][ T7533] loop0: detected capacity change from 0 to 32768
[  140.304540][ T7549] loop3: detected capacity change from 0 to 64
[  140.370047][ T7549] Bluetooth: MGMT ver 1.22
[  140.614413][ T7557] Zero length message leads to an empty skb
[  140.664407][    T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  140.744308][ T5834] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  140.864303][    T9] usb 1-1: Using ep0 maxpacket: 16
[  140.877726][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  140.887934][    T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  140.899563][    T9] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  140.908761][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.916887][    T9] usb 1-1: Product: syz
[  140.921141][    T9] usb 1-1: Manufacturer: syz
[  140.925805][    T9] usb 1-1: SerialNumber: syz
[  140.934280][ T5834] usb 4-1: Using ep0 maxpacket: 32
[  140.956749][ T5834] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  140.967027][ T5834] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.982996][ T5834] usb 4-1: config 0 descriptor??
[  141.061154][   T55] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  141.099259][   T55] usb 5-1: USB disconnect, device number 3
[  141.119983][ T7561] loop1: detected capacity change from 0 to 32768
[  141.130538][ T7561] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.592 (7561)
[  141.131770][   T55] usblp0: removed
[  141.162520][ T7561] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  141.173040][ T7561] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  141.182295][ T7561] BTRFS info (device loop1): turning off barriers
[  141.197443][ T7561] BTRFS info (device loop1): setting nodatasum
[  141.203394][ T5834] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  141.203856][ T7561] BTRFS info (device loop1): turning on barriers
[  141.220885][ T7561] BTRFS info (device loop1): using free space tree
[  141.230199][ T5834] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  141.247777][ T5834] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  141.256862][ T5834] usb 4-1: media controller created
[  141.287270][ T5834] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  141.358991][    T9] usb 1-1: 0:2 : does not exist
[  141.422798][ T5834] az6027: usb out operation failed. (-71)
[  141.439741][ T5834] az6027: usb out operation failed. (-71)
[  141.449662][ T5834] stb0899_attach: Driver disabled by Kconfig
[  141.456940][ T5834] az6027: no front-end attached
[  141.456940][ T5834] 
[  141.464517][ T5834] az6027: usb out operation failed. (-71)
[  141.472837][ T5834] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  141.482287][ T5834] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input10
[  141.498546][ T5834] dvb-usb: schedule remote query interval to 400 msecs.
[  141.506309][ T5834] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  141.518463][ T5771] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  141.524398][ T5834] usb 4-1: USB disconnect, device number 6
[  141.595018][ T5834] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  141.773581][    T9] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  141.874892][    T9] usb 1-1: USB disconnect, device number 5
[  142.222231][ T7583] loop4: detected capacity change from 0 to 32768
[  142.240519][ T7583] XFS: ikeep mount option is deprecated.
[  142.265837][ T7583] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  142.302357][ T7583] XFS (loop4): Ending clean mount
[  142.315797][ T7583] XFS (loop4): Quotacheck needed: Please wait.
[  142.320435][ T7594] loop1: detected capacity change from 0 to 512
[  142.338921][ T7594] EXT4-fs (loop1): 1 truncate cleaned up
[  142.344203][ T7583] XFS (loop4): Quotacheck: Done.
[  142.364038][ T7594] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.404234][ T7601] EXT4-fs error (device loop1): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 7: invalid block bitmap
[  142.458032][ T6672] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  142.550340][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.046924][ T7625] loop1: detected capacity change from 0 to 2048
[  143.058190][ T7625] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  143.073261][ T7625] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  143.184404][ T5760] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  143.220531][ T7634] syz.4.614: attempt to access beyond end of device
[  143.220531][ T7634] nbd4: rw=0, sector=64, nr_sectors = 1 limit=0
[  143.235347][ T7634] syz.4.614: attempt to access beyond end of device
[  143.235347][ T7634] nbd4: rw=0, sector=256, nr_sectors = 1 limit=0
[  143.281457][ T7634] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  143.292847][ T7634] syz.4.614: attempt to access beyond end of device
[  143.292847][ T7634] nbd4: rw=0, sector=512, nr_sectors = 1 limit=0
[  143.318918][ T7634] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  143.331462][ T7634] syz.4.614: attempt to access beyond end of device
[  143.331462][ T7634] nbd4: rw=0, sector=64, nr_sectors = 2 limit=0
[  143.349988][ T7634] syz.4.614: attempt to access beyond end of device
[  143.349988][ T7634] nbd4: rw=0, sector=512, nr_sectors = 2 limit=0
[  143.368356][ T7634] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  143.385528][ T5760] usb 1-1: Using ep0 maxpacket: 32
[  143.387295][ T7634] syz.4.614: attempt to access beyond end of device
[  143.387295][ T7634] nbd4: rw=0, sector=1024, nr_sectors = 2 limit=0
[  143.403711][ T5760] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  143.412253][ T7634] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  143.425681][ T5760] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.434686][ T7634] syz.4.614: attempt to access beyond end of device
[  143.434686][ T7634] nbd4: rw=0, sector=64, nr_sectors = 4 limit=0
[  143.440467][ T5760] usb 1-1: config 0 descriptor??
[  143.469602][ T7634] syz.4.614: attempt to access beyond end of device
[  143.469602][ T7634] nbd4: rw=0, sector=1024, nr_sectors = 4 limit=0
[  143.504780][ T7634] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  143.524655][ T7634] syz.4.614: attempt to access beyond end of device
[  143.524655][ T7634] nbd4: rw=0, sector=2048, nr_sectors = 4 limit=0
[  143.538291][ T7634] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  143.573531][ T7634] syz.4.614: attempt to access beyond end of device
[  143.573531][ T7634] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  143.590709][ T7634] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  143.601063][ T7634] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  143.611828][ T7634] UDF-fs: warning (device nbd4): udf_fill_super: No partition found (1)
[  143.670579][ T5760] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  143.709326][ T5760] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  143.744977][ T5760] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  143.750226][ T7646] loop3: detected capacity change from 0 to 4096
[  143.752182][ T5760] usb 1-1: media controller created
[  143.761677][ T7646] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  143.825391][ T5760] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  143.873032][ T5760] az6027: usb out operation failed. (-71)
[  143.885421][   T12] ntfs3: loop3: ino=1e, failed to parse mft record
[  143.886426][ T5760] az6027: usb out operation failed. (-71)
[  143.903400][ T5760] stb0899_attach: Driver disabled by Kconfig
[  143.909996][ T5760] az6027: no front-end attached
[  143.909996][ T5760] 
[  143.918676][ T7646] ntfs3: loop3: ino=1e, "file1" failed to parse mft record
[  143.920694][ T5760] az6027: usb out operation failed. (-71)
[  143.932511][ T5760] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  143.941367][ T5760] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input11
[  143.952816][ T7646] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  143.969023][ T5760] dvb-usb: schedule remote query interval to 400 msecs.
[  143.984361][ T5760] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  144.004455][ T5760] usb 1-1: USB disconnect, device number 6
[  144.072948][ T5760] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  144.352092][ T7661] loop3: detected capacity change from 0 to 4096
[  144.360597][ T7661] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  144.400799][   T12] tipc: Subscription rejected, illegal request
[  144.868955][ T7682] syz.1.636 (7682) used greatest stack depth: 17776 bytes left
[  145.250239][ T7697] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  145.311295][ T7689] loop1: detected capacity change from 0 to 40427
[  145.328431][ T7689] F2FS-fs (loop1): invalid crc value
[  145.336523][ T7689] F2FS-fs (loop1): Found nat_bits in checkpoint
[  145.400103][ T7689] F2FS-fs (loop1): Start checkpoint disabled!
[  145.408823][ T7689] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  145.686691][ T5760] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  145.724897][ T5760] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  145.737383][ T6105] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  145.757686][ T6105] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  145.955471][ T7715] netlink: 'syz.3.651': attribute type 1 has an invalid length.
[  145.972988][ T7704] loop4: detected capacity change from 0 to 32768
[  145.974480][ T7715] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  145.987420][ T7715] IPv6: NLM_F_CREATE should be set when creating new route
[  145.994876][ T7715] IPv6: NLM_F_CREATE should be set when creating new route
[  146.017766][ T7717] loop0: detected capacity change from 0 to 64
[  146.049536][ T7718] netlink: 'syz.3.651': attribute type 1 has an invalid length.
[  146.071419][ T7704] MetaData crosses page boundary!!
[  146.076855][ T7704] lblock = 621d00, size  = 28672
[  146.081826][ T7704] CPU: 0 PID: 7704 Comm: syz.4.645 Not tainted 6.6.95-syzkaller #0
[  146.089748][ T7704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  146.099838][ T7704] Call Trace:
[  146.103139][ T7704]  <TASK>
[  146.106104][ T7704]  dump_stack_lvl+0x16c/0x230
[  146.110822][ T7704]  ? show_regs_print_info+0x20/0x20
[  146.116053][ T7704]  ? load_image+0x3b0/0x3b0
[  146.120589][ T7704]  ? mark_lock+0x94/0x320
[  146.124957][ T7704]  __get_metapage+0xaac/0xfa0
[  146.129665][ T7704]  dtReadFirst+0xd5/0x920
[  146.134026][ T7704]  jfs_readdir+0x6f6/0x3a90
[  146.138552][ T7704]  ? aa_file_perm+0x120/0xec0
[  146.143273][ T7704]  ? dtInitRoot+0x670/0x670
[  146.147820][ T7704]  ? __up_read+0x280/0x670
[  146.152287][ T7704]  ? down_write+0x162/0x1f0
[  146.156830][ T7704]  ? down_read_killable+0x340/0x340
[  146.162053][ T7704]  ? end_current_label_crit_section+0x149/0x170
[  146.168324][ T7704]  ? dtInitRoot+0x670/0x670
[  146.172856][ T7704]  wrap_directory_iterator+0x92/0xd0
[  146.178171][ T7704]  iterate_dir+0x1c2/0x580
[  146.182634][ T7704]  __se_sys_getdents+0xe9/0x260
[  146.187519][ T7704]  ? __x64_sys_getdents+0x80/0x80
[  146.192568][ T7704]  ? fillonedir+0x430/0x430
[  146.197107][ T7704]  ? lockdep_hardirqs_on+0x98/0x150
[  146.202336][ T7704]  do_syscall_64+0x55/0xb0
[  146.206782][ T7704]  ? clear_bhb_loop+0x40/0x90
[  146.211481][ T7704]  ? clear_bhb_loop+0x40/0x90
[  146.216208][ T7704]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  146.222130][ T7704] RIP: 0033:0x7f922bf8e929
[  146.226589][ T7704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.245415][ T7718] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  146.246191][ T7704] RSP: 002b:00007f922ce94038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  146.261830][ T7704] RAX: ffffffffffffffda RBX: 00007f922c1b5fa0 RCX: 00007f922bf8e929
[  146.269855][ T7704] RDX: 0000000000009005 RSI: 0000200000000280 RDI: 0000000000000005
[  146.277857][ T7704] RBP: 00007f922c010b39 R08: 0000000000000000 R09: 0000000000000000
[  146.285852][ T7704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  146.293849][ T7704] R13: 0000000000000000 R14: 00007f922c1b5fa0 R15: 00007ffc123b0f48
[  146.301863][ T7704]  </TASK>
[  146.307305][ T7704] bread failed!
[  146.561804][ T7730] loop3: detected capacity change from 0 to 2048
[  146.572914][ T7730] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  146.588638][ T7730] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  146.704250][ T5760] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  146.897101][ T5760] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.908198][ T5760] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  146.921874][ T5760] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  146.931223][ T5760] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.939946][ T5760] usb 1-1: Product: syz
[  146.944181][ T5760] usb 1-1: Manufacturer: syz
[  146.948781][ T5760] usb 1-1: SerialNumber: syz
[  147.094474][    T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  147.294443][    T9] usb 5-1: Using ep0 maxpacket: 32
[  147.302048][    T9] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  147.310333][    T9] usb 5-1: config 0 has no interface number 0
[  147.319872][    T9] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  147.329046][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.337552][    T9] usb 5-1: Product: syz
[  147.341742][    T9] usb 5-1: Manufacturer: syz
[  147.346450][    T9] usb 5-1: SerialNumber: syz
[  147.352644][    T9] usb 5-1: config 0 descriptor??
[  147.361240][    T9] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  147.570773][    T9] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  147.583317][    T9] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  147.986653][ T5760] cdc_ncm 1-1:1.0: bind() failure
[  147.994942][ T5760] cdc_ncm: probe of 1-1:1.1 failed with error -71
[  148.002030][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  148.002326][   T55] usb 5-1: USB disconnect, device number 4
[  148.009667][ T5760] cdc_mbim: probe of 1-1:1.1 failed with error -71
[  148.011179][ T5760] usbtest: probe of 1-1:1.1 failed with error -71
[  148.029078][   T55] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  148.045484][ T5760] usb 1-1: USB disconnect, device number 7
[  148.047703][   T55] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  148.066685][   T55] quatech2 5-1:0.51: device disconnected
[  149.386003][ T7779] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  149.386059][ T7775] loop4: detected capacity change from 0 to 4096
[  149.411271][ T7775] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  149.648394][ T5834] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  149.666450][ T5834] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  149.899709][ T7801] loop3: detected capacity change from 0 to 2048
[  149.912443][ T7801] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  150.249030][   T55] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  150.261955][   T55] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  150.293986][ T7814] loop0: detected capacity change from 0 to 4096
[  150.308529][ T7814] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  150.882698][ T7827] loop0: detected capacity change from 0 to 40427
[  150.893609][ T7827] F2FS-fs (loop0): invalid crc value
[  150.901644][ T7827] F2FS-fs (loop0): Found nat_bits in checkpoint
[  150.950142][ T7827] F2FS-fs (loop0): Start checkpoint disabled!
[  150.958586][ T7827] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  151.179184][ T6105] bio_check_eod: 3 callbacks suppressed
[  151.179201][ T6105] kworker/u4:13: attempt to access beyond end of device
[  151.179201][ T6105] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  151.205227][ T6105] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  151.213657][ T6105] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  151.503893][ T7840] loop3: detected capacity change from 0 to 2048
[  151.532275][ T7840] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  151.878450][ T7856] loop3: detected capacity change from 0 to 512
[  151.886407][ T7856] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  151.902958][ T7856] EXT4-fs (loop3): 1 truncate cleaned up
[  151.910228][ T7856] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.944899][    T9] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  152.008439][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.140059][    T9] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  152.165361][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  152.188277][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  152.199603][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  152.217232][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  152.227165][    T9] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  152.235553][    T9] usb 1-1: Manufacturer: syz
[  152.246497][    T9] usb 1-1: config 0 descriptor??
[  152.504317][ T5760] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  152.591826][ T7860] loop1: detected capacity change from 0 to 65536
[  152.617888][ T7860] XFS (loop1): Mounting V5 Filesystem e4654a66-62e5-4963-a81e-012d9d4871af
[  152.663575][    T9] appleir 0003:05AC:8243.0009: unknown main item tag 0x0
[  152.669088][ T7860] XFS (loop1): Ending clean mount
[  152.671832][    T9] appleir 0003:05AC:8243.0009: No inputs registered, leaving
[  152.681812][ T7879] syzkaller1: entered promiscuous mode
[  152.690449][ T7879] syzkaller1: entered allmulticast mode
[  152.693750][    T9] appleir 0003:05AC:8243.0009: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  152.707381][ T5760] usb 4-1: Using ep0 maxpacket: 32
[  152.721347][ T5760] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  152.729694][ T5760] usb 4-1: config 0 has no interface number 0
[  152.739356][ T5760] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  152.748986][ T5760] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.757086][ T5760] usb 4-1: Product: syz
[  152.761450][ T5760] usb 4-1: Manufacturer: syz
[  152.766175][ T5760] usb 4-1: SerialNumber: syz
[  152.775734][ T5760] usb 4-1: config 0 descriptor??
[  152.783512][ T5760] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  152.795162][ T5771] XFS (loop1): Unmounting Filesystem e4654a66-62e5-4963-a81e-012d9d4871af
[  152.945538][ T5854] usb 1-1: USB disconnect, device number 8
[  152.994622][ T5760] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  153.029340][ T5760] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  153.414021][ T7893] loop1: detected capacity change from 0 to 1024
[  153.422908][    C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  153.432502][    T9] usb 4-1: USB disconnect, device number 7
[  153.442287][ T5760] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  153.455213][    T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  153.456361][ T7893] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.486104][    T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  153.499516][    T9] quatech2 4-1:0.51: device disconnected
[  153.507811][ T7893] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.542608][ T7897] loop0: detected capacity change from 0 to 16
[  153.564532][ T7897] erofs: (device loop0): mounted with root inode @ nid 36.
[  153.578450][ T7893] EXT4-fs (loop1): shut down requested (1)
[  153.618581][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.654175][ T5760] usb 5-1: Using ep0 maxpacket: 32
[  153.667311][ T5760] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[  153.684450][ T5760] usb 5-1: config 0 has no interface number 0
[  153.699676][ T5760] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  153.711813][ T5760] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.721073][ T5760] usb 5-1: Product: syz
[  153.725644][ T5760] usb 5-1: Manufacturer: syz
[  153.730413][ T5760] usb 5-1: SerialNumber: syz
[  153.737656][ T5760] usb 5-1: config 0 descriptor??
[  153.746313][ T5760] smsc95xx v2.0.0
[  153.998527][    T9] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  154.223243][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  154.244816][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  154.256587][    T9] usb 2-1: config 1 has no interface number 0
[  154.263578][    T9] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.275437][    T9] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  154.285246][    T9] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  154.305863][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  154.315690][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.324344][    T9] usb 2-1: Product: syz
[  154.327164][ T7908] loop0: detected capacity change from 0 to 32768
[  154.334165][    T9] usb 2-1: Manufacturer: syz
[  154.339039][ T7908] XFS: ikeep mount option is deprecated.
[  154.344202][    T9] usb 2-1: SerialNumber: syz
[  154.363966][ T7908] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  154.471326][ T7908] XFS (loop0): Ending clean mount
[  154.496644][ T7908] XFS (loop0): Quotacheck needed: Please wait.
[  154.542225][ T7908] XFS (loop0): Quotacheck: Done.
[  154.635454][ T5770] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  154.776169][ T5760] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000034: -71
[  154.799584][ T5760] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_DATA
[  154.815064][ T5834] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  154.835241][ T5760] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  154.847492][ T5760] smsc95xx: probe of 5-1:0.67 failed with error -71
[  154.864604][ T5760] usb 5-1: USB disconnect, device number 5
[  155.018761][ T5834] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  155.045427][ T5834] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  155.065090][ T5834] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  155.091946][ T5834] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.107851][ T7925] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  155.119840][ T5834] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[  155.192592][    T9] cdc_ncm 2-1:1.1: bind() failure
[  155.244331][ T5854] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  155.341543][    T9] usb 4-1: USB disconnect, device number 8
[  155.428216][ T5854] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  155.433143][ T5760] usb 2-1: USB disconnect, device number 9
[  155.453359][ T5854] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  155.471481][ T5854] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  155.483964][ T5854] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  155.497179][ T5854] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  155.512258][ T7933] loop4: detected capacity change from 0 to 2048
[  155.519371][ T5854] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  155.525933][ T7933] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  155.529219][ T5854] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  155.545944][ T5854] usb 1-1: Product: syz
[  155.550160][ T5854] usb 1-1: Manufacturer: syz
[  155.568627][ T5854] cdc_wdm 1-1:1.0: skipping garbage
[  155.573871][ T5854] cdc_wdm 1-1:1.0: skipping garbage
[  155.584578][ T5854] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  155.591894][ T5854] cdc_wdm 1-1:1.0: Unknown control protocol
[  155.816894][ T7935] loop4: detected capacity change from 0 to 32768
[  155.828369][ T7935] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  155.846353][ T7935] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  155.902604][ T6672] ocfs2: Unmounting device (7,4) on (node local)
[  156.046205][ T7941] netlink: 60 bytes leftover after parsing attributes in process `syz.1.741'.
[  156.055883][ T7941] netlink: 60 bytes leftover after parsing attributes in process `syz.1.741'.
[  156.154411][ T7947] loop8: detected capacity change from 0 to 8
[  156.184325][ T7947] Dev loop8: unable to read RDB block 8
[  156.190029][ T7947]  loop8: unable to read partition table
[  156.202942][ T7947] loop8: partition table beyond EOD, truncated
[  156.210629][ T7947] loop_reread_partitions: partition scan of loop8 (�被x�^>�� �) failed (rc=-5)
[  156.352271][ T7949] loop3: detected capacity change from 0 to 1024
[  156.518115][   T28] audit: type=1800 audit(1751387567.008:125): pid=7949 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.744" name="file1" dev="loop3" ino=20 res=0 errno=0
[  156.599758][ T1087] hfsplus: b-tree write err: -5, ino 4
[  156.606835][ T7945] loop1: detected capacity change from 0 to 32768
[  156.628287][ T7945] XFS (loop1): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  156.702558][ T7945] XFS (loop1): Starting recovery (logdev: internal)
[  156.726251][ T7945] XFS (loop1): Ending recovery (logdev: internal)
[  156.749209][ T7945] XFS (loop1): User initiated shutdown received.
[  156.756538][ T7945] XFS (loop1): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501).  Shutting down filesystem.
[  156.770290][ T7945] XFS (loop1): Please unmount the filesystem and rectify the problem(s)
[  156.797484][ T5771] XFS (loop1): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  156.944617][ T5760] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  156.976885][ T7968] netlink: 'syz.1.748': attribute type 39 has an invalid length.
[  157.144205][ T5760] usb 4-1: Using ep0 maxpacket: 8
[  157.151445][ T5760] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  157.161464][ T5760] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  157.174599][ T5760] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  157.184808][ T5760] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  157.199113][ T5760] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  157.209216][ T5760] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.430922][ T5760] usb 4-1: GET_CAPABILITIES returned 0
[  157.440167][ T5760] usbtmc 4-1:16.0: can't read capabilities
[  157.532347][ T7977] loop4: detected capacity change from 0 to 2048
[  157.575238][ T7977] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.587731][ T7977] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.623862][ T7977] fs-verity: sha512 using implementation "sha512-avx2"
[  157.661119][ T5760] usb 4-1: USB disconnect, device number 9
[  157.719355][ T6672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.943913][    T9] usb 1-1: USB disconnect, device number 9
[  158.012685][ T7996] loop0: detected capacity change from 0 to 512
[  158.027388][ T7996] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.759: casefold flag without casefold feature
[  158.047242][ T7996] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.759: couldn't read orphan inode 15 (err -117)
[  158.076575][ T7996] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.126726][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.505232][ T8008] batadv_slave_1: entered promiscuous mode
[  158.526116][ T8006] batadv_slave_1: left promiscuous mode
[  158.553085][ T7992] loop4: detected capacity change from 0 to 32768
[  158.567679][ T7992] XFS: ikeep mount option is deprecated.
[  158.601252][ T7992] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.824519][ T7992] XFS (loop4): Ending clean mount
[  158.866955][ T7992] XFS (loop4): Quotacheck needed: Please wait.
[  158.988638][ T7992] XFS (loop4): Quotacheck: Done.
[  159.085828][ T8026] loop3: detected capacity change from 0 to 512
[  159.095894][ T8026] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  159.165351][ T8026] EXT4-fs (loop3): 1 truncate cleaned up
[  159.173917][ T8026] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.198438][ T8016] loop0: detected capacity change from 0 to 32768
[  159.220511][ T6672] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  159.267779][ T8016] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.766 (8016)
[  159.320312][ T8016] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  159.355933][ T8016] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  159.374427][ T8016] BTRFS info (device loop0): enabling disk space caching
[  159.382303][ T8016] BTRFS info (device loop0): doing ref verification
[  159.389282][ T8016] BTRFS info (device loop0): use zlib compression, level 3
[  159.396671][ T8016] BTRFS info (device loop0): force clearing of disk cache
[  159.403970][ T8016] BTRFS info (device loop0): setting nodatacow, compression disabled
[  159.412180][ T8016] BTRFS info (device loop0): doing ref verification
[  159.420297][ T8016] BTRFS info (device loop0): disk space caching is enabled
[  159.458238][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.630099][ T8016] BTRFS info (device loop0): enabling ssd optimizations
[  159.654184][ T8016] BTRFS info (device loop0): auto enabling async discard
[  159.696909][ T8016] BTRFS info (device loop0): rebuilding free space tree
[  159.761327][ T8016] BTRFS info (device loop0): disabling free space tree
[  159.774448][ T8016] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  159.795165][ T8016] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  159.806197][ T8029] loop1: detected capacity change from 0 to 32768
[  159.823208][ T8029] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.771 (8029)
[  159.882042][ T8029] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  159.905096][ T8029] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  159.924642][ T8029] BTRFS info (device loop1): force clearing of disk cache
[  159.937867][ T8029] BTRFS info (device loop1): enabling auto defrag
[  159.952633][ T8029] BTRFS info (device loop1): max_inline at 0
[  159.962696][ T8029] BTRFS info (device loop1): enabling disk space caching
[  159.971261][ T8058] loop4: detected capacity change from 0 to 512
[  159.977904][ T8029] BTRFS info (device loop1): disk space caching is enabled
[  159.996596][ T8058] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.776: corrupted in-inode xattr: invalid ea_ino
[  160.010761][ T8058] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.776: couldn't read orphan inode 15 (err -117)
[  160.025824][ T8058] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.089767][ T8029] BTRFS info (device loop1): enabling ssd optimizations
[  160.104047][ T8029] BTRFS info (device loop1): rebuilding free space tree
[  160.110412][ T6672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.120247][ T8029] BTRFS info (device loop1): disabling free space tree
[  160.128193][ T8029] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  160.138793][ T8029] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  160.141355][ T5770] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  160.289137][ T5771] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  161.002955][ T8105] general protection fault, probably for non-canonical address 0xdffffc0000000021: 0000 [#1] PREEMPT SMP KASAN
[  161.014707][ T8105] KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f]
[  161.023113][ T8105] CPU: 1 PID: 8105 Comm: syz.1.788 Not tainted 6.6.95-syzkaller #0
[  161.030994][ T8105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  161.041049][ T8105] RIP: 0010:bcsp_recv+0x13e/0x1730
[  161.046161][ T8105] Code: 89 4c 24 40 48 89 54 24 28 48 c1 ea 03 48 89 54 24 68 48 89 5c 24 20 48 c1 eb 03 48 89 5c 24 60 4c 89 7c 24 38 48 8b 44 24 58 <42> 80 3c 30 00 74 08 4c 89 ff e8 93 fa 59 fa 49 8b 1f 31 ff 48 89
[  161.065776][ T8105] RSP: 0018:ffffc90010837c20 EFLAGS: 00010206
[  161.072442][ T8105] RAX: 0000000000000021 RBX: 0000000000000030 RCX: 000000000000002f
[  161.080397][ T8105] RDX: 000000000000002f RSI: 0000000000000001 RDI: 0000000000000000
[  161.088351][ T8105] RBP: ffffc90010837d80 R08: ffff88802a6af41f R09: 1ffff110054d5e83
[  161.096312][ T8105] R10: dffffc0000000000 R11: ffffed10054d5e84 R12: 0000000000000001
[  161.104269][ T8105] R13: ffffc90010837e20 R14: dffffc0000000000 R15: 0000000000000108
[  161.112224][ T8105] FS:  00007fc5571696c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  161.121230][ T8105] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  161.127801][ T8105] CR2: 00007fc557168f98 CR3: 000000005b5ed000 CR4: 00000000003506e0
[  161.135766][ T8105] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  161.143719][ T8105] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  161.151679][ T8105] Call Trace:
[  161.154946][ T8105]  <TASK>
[  161.157865][ T8105]  ? bcsp_flush+0x40/0x40
[  161.162177][ T8105]  ? rcu_read_lock_any_held+0xb4/0x120
[  161.167617][ T8105]  ? rcu_read_lock_bh_held+0xe0/0xe0
[  161.172977][ T8105]  ? mutex_lock_nested+0x20/0x20
[  161.177904][ T8105]  hci_uart_tty_receive+0x188/0x210
[  161.183092][ T8105]  ? hci_uart_tty_ioctl+0x9f0/0x9f0
[  161.188279][ T8105]  tiocsti+0x23e/0x2c0
[  161.192371][ T8105]  ? signal_pending+0xa0/0xa0
[  161.197047][ T8105]  tty_ioctl+0x62e/0xdd0
[  161.201295][ T8105]  ? tty_get_icount+0xb0/0xb0
[  161.205963][ T8105]  __se_sys_ioctl+0xfd/0x170
[  161.210543][ T8105]  do_syscall_64+0x55/0xb0
[  161.214949][ T8105]  ? clear_bhb_loop+0x40/0x90
[  161.219616][ T8105]  ? clear_bhb_loop+0x40/0x90
[  161.224284][ T8105]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  161.230180][ T8105] RIP: 0033:0x7fc55638e929
[  161.234595][ T8105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.254197][ T8105] RSP: 002b:00007fc557169038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  161.262637][ T8105] RAX: ffffffffffffffda RBX: 00007fc5565b6080 RCX: 00007fc55638e929
[  161.270603][ T8105] RDX: 0000200000000500 RSI: 0000000000005412 RDI: 0000000000000003
[  161.278561][ T8105] RBP: 00007fc556410b39 R08: 0000000000000000 R09: 0000000000000000
[  161.286520][ T8105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  161.294498][ T8105] R13: 0000000000000001 R14: 00007fc5565b6080 R15: 00007ffc1e714518
[  161.302569][ T8105]  </TASK>
[  161.305587][ T8105] Modules linked in:
[  161.314266][ T5813] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  161.318483][ T8105] ---[ end trace 0000000000000000 ]---
[  161.328508][ T8105] RIP: 0010:bcsp_recv+0x13e/0x1730
[  161.333749][ T8105] Code: 89 4c 24 40 48 89 54 24 28 48 c1 ea 03 48 89 54 24 68 48 89 5c 24 20 48 c1 eb 03 48 89 5c 24 60 4c 89 7c 24 38 48 8b 44 24 58 <42> 80 3c 30 00 74 08 4c 89 ff e8 93 fa 59 fa 49 8b 1f 31 ff 48 89
[  161.353642][ T8105] RSP: 0018:ffffc90010837c20 EFLAGS: 00010206
[  161.359970][ T8105] RAX: 0000000000000021 RBX: 0000000000000030 RCX: 000000000000002f
[  161.370724][ T8105] RDX: 000000000000002f RSI: 0000000000000001 RDI: 0000000000000000
[  161.379219][ T8105] RBP: ffffc90010837d80 R08: ffff88802a6af41f R09: 1ffff110054d5e83
[  161.387380][ T8105] R10: dffffc0000000000 R11: ffffed10054d5e84 R12: 0000000000000001
[  161.395863][ T8105] R13: ffffc90010837e20 R14: dffffc0000000000 R15: 0000000000000108
[  161.404437][ T8105] FS:  00007fc5571696c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  161.413636][ T8105] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  161.420300][ T8105] CR2: 000000110c370005 CR3: 000000005b5ed000 CR4: 00000000003506e0
[  161.430542][ T8105] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  161.438654][ T8105] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  161.446691][ T8105] Kernel panic - not syncing: Fatal exception
[  161.453015][ T8105] Kernel Offset: disabled
[  161.457327][ T8105] Rebooting in 86400 seconds..