last executing test programs:

9m45.936409945s ago: executing program 4 (id=255):
r0 = socket$netlink(0x10, 0x3, 0x4)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, 0x0)
syz_open_dev$sg(0x0, 0x2, 0x4ac00)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBSENT(r2, 0x5602, &(0x7f0000000000)={0x0, "96d3e9659db3f50cb3c4e683f4fae026a3b284dd56630882be4bc0f34042227a71f06b95d73e34c8ecf3325e43f75f16f13d8905d3bdce627dc6ae0b14840f4c8bebc40872293c61ddd293631a22c6d5c8c9b16b987f4326874ddc5e2610c5505cea115e51bf6feb3e93cf89b8f44394fa2ac7f6cf757a9416c7545c5e5caa34450f0397d179f2225b57f644ce8ad31b15547b9364daef8e784f2036a75c3c5cfd124cdd424a558ea90d054d36c0d1d0db92e5e7f668dadcbfaed92c7cf3204be0c4904d308feba3447d7f41a58bc2fd4682e306a592696e4de9427d87c008d3e172cf162cc35f00915fe9fc9ea84e28838940e4bb2fda4c55a34abdf6db63d547c91a17211a1ce43a2933f8227e8b6767ab70bc9223e62a2d3ad9b154fae2000961e62eaea005088d6d74a19eb0c56ce314323143fcfe27e410e10bd21a2140783385bdb1a7d33038427e336829ccfb63c04e537ca51ddae5fdf29505fca04fc4b2a13d6dad7db2eace60e9589712719a49a2d2d44587465037851b1fe93a0ed46822294671098fd53e79fe428bf6ae3846299ab1d238ad07be6cc01b5fcaacfce829c209e67d5548a38b637f3b44905b8be24dfba30e1b6d074b43e53fcded14a4190a585949baa43fef6c70ce7b1612299d734c07feed23252886a1317358cf5ecaf0186d2dbdb3eab8a9c3c21d4828ef8a9dd89207f2884a57679fcd495a"})
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
shmget$private(0x0, 0x1000, 0x78000a42, &(0x7f0000ff2000/0x1000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x840, 0x0, 0x0)
set_mempolicy(0x0, &(0x7f0000000280), 0xfffffffffffffffe)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}}, 0x0)

9m41.329429869s ago: executing program 4 (id=260):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6(0xa, 0x1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000280)={@fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x0, &(0x7f0000000440)=""/220, 0xdc, 0x1, 0x29}, @fda={0x66646185, 0x5, 0x1, 0x18}}, &(0x7f0000000240)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})

9m37.235186807s ago: executing program 4 (id=265):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioprio_get$pid(0x2, 0xffffffffffffffff)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000440)={0x8, 0x5, 0xfffffff7, 0x2}, 0x10)
bind$inet6(0xffffffffffffffff, &(0x7f0000000380)={0xa, 0x4e23, 0xd, @loopback}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00')
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6002, &(0x7f0000000040)=0x3, 0x4, 0x0)
read$FUSE(r1, &(0x7f000000ae80)={0x2020}, 0x2020)
r2 = gettid()
timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socket$kcm(0x29, 0x5, 0x0)
pipe(0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x6, 0x29, 0x0, 0x0)
syz_io_uring_setup(0x11da, &(0x7f0000000080)={0x0, 0x5731, 0x1, 0x1, 0x3e6}, 0x0, &(0x7f0000000140))
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)

9m33.648434428s ago: executing program 4 (id=269):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x60281, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x1)
ioctl$SIOCAX25NOUID(r3, 0x89e3, &(0x7f0000000100)=0xfffffffffffffffc)
socket$inet_tcp(0x2, 0x1, 0x0)
listen(0xffffffffffffffff, 0x7fff)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x15)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x37, 0xbb9}, 0x0, &(0x7f00000002c0)={0x3ff, 0x3, 0x0, 0x9, 0x9c7, 0x0, 0x7fffffff}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

9m30.66322698s ago: executing program 4 (id=274):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8f}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000003c0), &(0x7f0000000440)=0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
rename(0x0, 0x0)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
clock_gettime(0x9, 0x0)
getsockname$netlink(r2, &(0x7f00000000c0), &(0x7f0000000100)=0xc)
r3 = syz_io_uring_setup(0x1eb6, &(0x7f0000000200)={0x0, 0x69cd, 0x400}, &(0x7f0000000080), &(0x7f0000000040))
eventfd2(0x3, 0x1)
io_uring_register$IORING_REGISTER_EVENTFD(r3, 0x4, 0x0, 0x1)
socket(0x10, 0x3, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCSWINSZ(r4, 0x5414, &(0x7f0000000040)={0x9, 0x2, 0x1000, 0x5})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a40)=@newtfilter={0x24, 0x28, 0xd27, 0x1004001, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x8, 0x9}, {}, {0x2, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8810}, 0x404c0c0)

9m27.253334808s ago: executing program 4 (id=281):
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
listen(0xffffffffffffffff, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x360, 0x1c0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)

9m10.826706819s ago: executing program 32 (id=281):
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
listen(0xffffffffffffffff, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x360, 0x1c0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)

5.760903731s ago: executing program 5 (id=1339):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = syz_io_uring_setup(0x237, &(0x7f0000000380)={0x0, 0x80fd, 0x10, 0x4, 0x2cf}, &(0x7f0000000040)=<r2=>0x0, &(0x7f00000002c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f0000000080)=@l2tp={0x2, 0x0, @local, 0x5}})
io_uring_enter(r1, 0x1864, 0x6429, 0x1, 0x0, 0x0)

5.280772078s ago: executing program 5 (id=1341):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000cc0)={'batadv_slave_1\x00'})
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0xfeffffff, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001800efe000000000000000000a00000000000000000000000c00090008000000", @ANYRES32=0x0, @ANYBLOB="1400050000000000000000000000000000000002"], 0x3c}, 0x1, 0x11}, 0x0)

4.855542745s ago: executing program 5 (id=1342):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x2020}]}}}, @IFLA_IFNAME={0x14, 0x3, 'nicvf0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0xc845}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4.267779054s ago: executing program 5 (id=1345):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x1500c01, 0x0, 0x11, 0x0, &(0x7f0000000080))
sync()
rmdir(&(0x7f0000000000)='./bus\x00')

3.589433285s ago: executing program 3 (id=1346):
syz_mount_image$hfsplus(&(0x7f00000003c0), &(0x7f0000000640)='./file0\x00', 0x800000, &(0x7f00000002c0)={[{@creator={'creator', 0x3d, "33fefa37"}}, {@force}, {@gid}, {@creator={'creator', 0x3d, "d1a7bc99"}}, {@nobarrier}, {@nodecompose}, {@barrier}, {@uid}, {@nobarrier}, {@nobarrier}, {@nodecompose}, {@nls={'nls', 0x3d, 'macturkish'}}]}, 0x4, 0x5f0, &(0x7f0000001980)="$eJzs3cFvHFcdB/DvbGLHDlK6TZOmIARWOYAakdjeyAQJCSgFWahClbj0aiWb2somjewtcntApuLc/gvlYM4cOKEg5cCZf8GoRwR3X5DRzM7aW3u7cRInu1Y+H2n2vTdv5s1vfpkZz8wq2gAvreX3M/UoRZavvrtZtne2W52d7da9fj3JuSSNZCZJUc7+a5Ivk630pnyz3zFQHlF8vnxr9eFnV3qtmXqqli9GrXc8+7E0e7FW5UmNt/jM4x3s4VySi3UJY7fX96+h3c94XgIAk6xIzgyb30zO1zfr5XNA7664d499qm2NOwAAAAB4AV7ZzW42c2HccQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBpUv/+f1FPjX59LkX/9/+n63mp66fao3EHAAAAAAAAAADHNOpL+u/uZjebudBv7xXVd/5vVo1L1ec38lE20s56rmUzK+mmm/UsJGkObmRzpdtdXzjGmotD11w82X0GAAAAAAAAgJfMp1k++P4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmQZGc6RXVdKlfb6ZxNslMkulyua3kYb9+mj0adwAAAADwAryym91s5kK/vVdUz/yvV8/9M/ko99PNWrrppJ3b1buA3lN/Y2e71dnZbt0rp6Pj/vy/TxRGNWJ67x6Gb3m+WuLy/hrL+VV+m6tT/fbvspJu2pnLO1VtJUWa9duLZj/O4fH+7Cut9x4X6xtVJLO5k7Uqtmu5lQ/Tye00qn2olhm9xT+U2Sl+Wjtmjm7XZblHv67Lcfjf3uE5zSojU/sZma9zX2bj1dGZGHmcTB2Zc3hLC2nsv4O69Bxyfr4uy1y/85xz/ukTLX04E4sDR9/rozORzC/+58Fq5/7d1TsbV8d1GJ2Yw5loDWTiykuViek6G72r6JCrZebyXtazNuRq+Wa17oWs5Tf5MLfTzs3M52aWciOtLOXHWRrI6+W94rHnWuPJzrXv/aCulGf9L4ee/eNS5vXVgbwOXumaVd/gnIMsXTz5K9LZb9WV8mB9e4x/BY46nImFgUy8NjoTf6r+pGx07t9dX115cMztfb8uywz8YqIyUR4vF8t/rKr11aOj7HttaN9C1Xdpv69xpO/yft/jztTp+h7u6EiLVd+VoX2tqu+Ngb5hdzkATLzzb52fnv337D9nv5j94+zq7Lszb5+7ee7b05n6x9m/nflL48+NnxRv5Yv8/uD5HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHobH39yd6XTaa9PdOU7dbSTEo/K01WylUxAGCrHqIz5wgQ8d9e79x5c3/j4kx+u3Vv5oP1B+/6NhaXFGzfml3508/qdtU57vvc57jABgBM08GwGAAAAAAAAAAAAAABMqBfyv74BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeo+X3M/UoRRbmr82X7Z3tVqec+vUkRW/JmX7170m+TLbSm9IcGK74uu0Uny/fWn342ZWDsWb6yxej1jue/VjKj8ahmJ5lvHKcxWce72AP55JcrEsYu/8HAAD//4EQ/90=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x02\x00', r0, &(0x7f0000000180)='.\x02\x00')
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='.\x02\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2)

3.587861985s ago: executing program 1 (id=1347):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004"], 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[], 0xb8}}, 0x4004)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$inet_tcp_int(r2, 0x6, 0x11, &(0x7f0000000540)=0x8, 0x4)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008"], 0xa8}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000000", @ANYRES32, @ANYBLOB="08002700851600000a001800"], 0x4c}}, 0x4000804)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

3.395223878s ago: executing program 2 (id=1348):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, 0x0, 0x400c8c0)
sendmsg$key(r0, &(0x7f0000000440)={0x900, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x2, 0xa, 0xfc, 0x0, 0x7, 0x0, 0x70bd28, 0x25dfdbfe, [@sadb_x_filter={0x5, 0x1a, @in=@empty, @in=@rand_addr=0x64010100, 0x2c, 0x30}]}, 0x38}}, 0x40408c0)

3.091513092s ago: executing program 1 (id=1349):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./bus\x00', 0x2000006, &(0x7f0000000840)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c757466383d302c757466383d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c747a3d5554432c6e6f6e756d7461696c3d302c756e695f786c6174653d302c696f636861727365743d63703433372c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c696f636861727365743d69736f383835392d372c636865636b3d7374726963742c73686f72746e616d653d6d697865642c73686f72746e616d653d6d697865642c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030372c666c7573682c0069d234c5ee84759c82897a3a69f039fbdde63ad2c8a2176ffb4ca597e25f2f814cfd84db7ead930a17991f54d3f3c0bd2039e817b7c2d8e918cc370ba87546f8b1252e5faaa2896a3940527add0f7256f4565173b934539a537398ae12a4b25d55bb1c58df354e11e28669fc05515007ed3c9a89161f682b487991135748c1e32f7c585791f8786a59813ea9082cf82384cbbc9ddce65c30a7cbf6c1b3e75623aeac3b96ccb40528c76fc97c5947a4ce4e78e53bc875f19bcb7a77e21d26233bc9fd31df068009c52615a4c18ec9be9795de125ca7895a6c9c9103d461b2248cffdd7342bdd12232af3ae5ddd7c72671256c7cc3dec211c3c6c23869824887b593d778b913c7f4f302fe99d868672f9be5790a0462a38e47ab93a5fbaecd1d4bb119c714b97fee1964444c685355a75b28a12e5c445aa245a27976180ae12adb844ce7b73eda74"], 0x25, 0x34f, &(0x7f00000004c0)="$eJzs3T9sG2UUAPDnXhKnESUekCqYDBsSqpogBpgSVUWqyABFFv8WLJryJzaVYmEpDHG8gComEAsSTGwdYOyMGBBiY2ClSKiAWOhWqRGHbJ/tc+xQZ3Boxe83RE/v+9597y6n3CVKvrzeiq1L83H51q2bsbhYiLm1c2txuxClOBFJ9OzFRB8tTM4DAPe422kaf6U9d5/9yVI/8uwHgPtX9/n/5qlhoniE4qsPzKIlAGDGpvz+//mJ2SszawsAmKGx5/9jI8MHfsw/N/idAADg/vXiK68+t74RcbFcXoyof9isNCvxzHB8/XK8HbXYjLOxHPsRvReF3ttC5+OzFzbOny13/FaKSqeiWYmot5qV3pvCetKtL8ZKLEcpq08H9UmnfqVbX46IvVZ3/agXmpX5WMrW/3kpNmM1luOhsfqICxvnV8vZASr1fn0roh2L/ZPo9H8mluPHN+JK1OJSdGqH/e+ulMvn0o2R+ua1YnceAAAAAAAAAAAAAAAAAAAAAADMwpnyQGmw/01abzU/uHhwQmlkf5xKbzjbH6jd2x8oLfZ357maHNwfaHR/nmZlLk78p2cOAAAAAAAAAAAAAAAAAAAA947GzkJUa7XN7cbO+1v5oJXLvPv9V9+ejP7QXFb6TjKsiiw5cpz+xNyRkxgskQ7K02RkThYkEf3Je9Vr1wcd5+cUB2cxVt4JimNDhaynaq126tFfP59U9Xcn2Otmkhi7LKNBIVs/N1R/sJNYjIj9w6oOD1bvMudGmqaHle9+Nl4VhYi5OHIbUwTf3Xzr4Scbp5/qZr7JNn14/Inll258+uUfW9VatHtXplZb2G7sp1McudPr+FCSu38K2XUuTLgTJgftYaa93dipJj/9+fIjH/9wYHIy+f5J85n3Dl/r64OZhV5QiCj1L8K/tTo/4eafHLx2Z3D3Hv0Td/qLter13V9+n7Yq90XCRh0AAAAAAAAAAAAAAAAAAHAscn8rfgRPvzC7jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+A3//38uaI9lpgnutGJ8qLi53Th08ZPHeqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyP/RMAAP//rShzCQ==")
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x8, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x9)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)

3.022646274s ago: executing program 3 (id=1350):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000040)=0xffffffff)

2.971750224s ago: executing program 2 (id=1351):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001340)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004070000000000000500000000000e1ff95000000000000002ba76bb33123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00ba19ce670d25010000020000040000009fc404000000c788b277beee11bf9b0a4def23d410f6accd3641110bec4e90a6341965dac03d04683712a0b09edc9e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e3e8eea3fd8cf49827ca311f5b87e1ca6433a8acd715f5888b2007f0000000000000000010000000000fb00010000000000414027efc84222000000005335001db43a5c000000000000000024000000000000000000e75a812ded5297d531afbf405f1e846c1242000000000000cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617da7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cbc30891f7e5ff7fd6fce424c2200af6c3784a1975fa657de38a3a32a4fd67ce446ac5431d07db79240acaf091231b986e77d05d988d6edc71df48dca02113a3830007462b5543f2c1669557b3819d8c396d2c2361629d1022f722ec23812770d72cd0010000007889b8c7044f563a1f68d4eff895fdbc463f747c08f401058690350000000000000000000000000025902e4a196fb169780000000000000000000000080000003ddf4aa4b1c8baa0ae6feb6737c275dc2740f742b5425f1d581961471cdb0500000000000000d4123f955267fe4a75c114f874e086287547d4099aeec9f1538ee25a365ccf4a9b604e88e12ff25184d4e3c6f7f623559435b26b50fb7113000000f0bc440550ee91302f5a00000000000000000000000000000000e67ccc00148ac4c43021cce9f24f4b2f9492c32e7af05c648978d9980ba49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec2c3f4523110c0acef5383b5a2720caeb68f1e9c05b05d89467ded84da092dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad39e42a7097ddefe0671f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32881dfd15dc84e79d326337e21e041654f06bd7f000000000000000000000000000000282ffe0000000009350cfa3ab109ab4a7d95938c5334a0dd177f1a7389ee570d95e543a27546d3770740f354df6dd6b1bfe4104d2262f33f596d606ccce75a3c3d5f9ad94a7316b0c6ad14f1398a6b39b07121f636da418b34d48677cf8d2d99ee8ac50142bcdcc73dd73cc6ec46896ffb35ac82ac7a9309ea07396d2814dc630ad1a9913934849be25f7b81b59aaa9fa2e9d6ecafcfa1de81b2d3581ab1138537f98d2240b6c2bf40569da4e2bb77532ab9220347d78319617d17e14f7331486e80b95c88ae11b1c6b6ea6c2b2311d6ce6315cc451dd50ac746acd59d075b41f9a747894956b10453ccf6527d8f579256e9849bbaf6c7c84362209d3d2320101d575a83f33e75011ed8b48a2f52a03ec09c277b596d5eb491b6b380533be019894e7fc1a414ae38f1f448a7f6423bb12169d6f41665c5edfa3b47acd4d23b826d15361528d7c5a27e1120ca9537c8c8cccbb3ae86a91894372120488b82ecad3538899e53a36844aa515ebdbb1cd69a33b584f8e1c796827703f3894c93dd5a77607cb6c1191b89b303c1381f3e6016bf6c0e710750b43eb9a8fd0d7d71492ac43baec4994396f0fdfe7cecf248b88ba9406c7b8e5ec4882d52a0cd4b9b1c8327e811e6ba2572ff5a59dc8c5c90464aa3942b4a256e8a513155fae5b3ebcc47d2e1a8768c2da219f47595f83239688ef9f55937c9e3447fb532cabc44bd5b805356cf12b89514"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r0, 0xe0, &(0x7f00000005c0)={0x0, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000700)={r1}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x0, 0x703, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

2.767954748s ago: executing program 5 (id=1353):
r0 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x13c5, 0x0, 0x0, 0x1})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
socket(0x10, 0x3, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000003740)=""/4096, 0x1900}], 0x0, 0x11a}, 0x20)

2.694301229s ago: executing program 1 (id=1354):
syz_mount_image$hfs(&(0x7f0000001600), &(0x7f0000000000)='./bus\x00', 0x2000000, &(0x7f0000000500)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030303030312c706172743d3078303030303030303030303030303030322c747970653d6a168b4b2c66696c655f756d61736b3d30303030303030303030303030303030303030303237332c696f636861727365743d69736f383835392d392c0039c818b5066704d781c03d033eb9dceae7cf18fd9ac539fab2290f905f2126e4bcdf1cb8c0ef47c7e4b4abe3664a538f8f878f1a05a3788b304134e1ba8a9d61de7a0200000000000000e1266e50439eb5efe18be521ad99b8ff2bf4bfe5d08be5835f06"], 0x1, 0x30e, &(0x7f00000001c0)="$eJzs3b9u00AcB/DvnZ02pVExbRESC6hQCZaKAgNiCUJZ2ZkQkKRShFVEWyRgIVSMiAdgYuEVeAgWEC8ALExsLNmM7nx27PjiJGocp+X7kRo55/vzu/jP3VkCg4j+W3cbPz7d+K3+BODAAXAbkACqgAvgLM5Vn+8edA78diuvIkeXUH8CYUmRydPcbduKqnK6hOGpby5qyTQqRhAEd36WHQSVTl/9FhJYNNeh3l+dcVzTMti5LnChpFBKk/wNRA89vMBKieEQEdEcMOO/NMNETScJSAlsmmF/nsf/7FpjhF4xcZTlpp9JCnILJMZ/PbsLhDq+p/Wu/npP/6xqv4xWieMEUxn4voDwzErNwYR9VfkrCJlY5NJOx8VW8w1aEoeoG4kC6/qzFZ66kRHRbkx2vgyvrYJ7p8LeqBnl0uDuKKSdjt9eVBuW+Ncma/HoxBfxTTwQHj6gFc//3ECow6SPlDdwpGRFxX9teI3LupTKBXMp1ut1mcpyRjdy3rRgjOhl1b4iSdYZPSDoxhFY4jyMNnTbq0g/Vgh7t21rQPQrX7OV8uJv2bK6rfVUKcecCVvNp37uo5RiRF0U78V9sYE/+IxGYv4vVXybSFyZebd6oXOaMyPsz4I9p6tzepmRoxtvXYwjMBYn7hsBEz4te4fHuIWV/Zevnji+395TG48sG89qe8KkVN4C1jzFbzjIyYNuP0UPHq+DYNyag3TKx7/AUUJVQ18/5epUfwR1/4hT1OVjy6yusjhFFn10ohFvWhV6mP2plb/hwrar8RV5J2ShG9HUZSoVqonWkF1Tvz/RHNoX0UE3CZlJLJ1wat4lwvWfnsmbWZ2+z6gPL2eenr/IRKrG7XgFl54KrtrmLiPWBsvDV3CJFq8PWTPqNdelK8DlRKJAbouejvPEEA18x0M+/yciIiIiIiIiIiIiIiIiIiIiIiIiOm5m8S8Wyu4jEREREREREREREREREREREREREREREdFxN/77f5f6b2qy/R/x+v2/3sj3/6ZeAGxeFMX3/xKV418AAAD///k/d1Y=")
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x0, 0x109)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

2.514998971s ago: executing program 2 (id=1355):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e1f, @remote}, 0x10)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000080)={0x1}, 0x8)
sendmmsg$sock(r0, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[@txtime={{0x18, 0x1, 0x3d, 0x3}}], 0x18}}], 0x1, 0x0)

2.411812653s ago: executing program 1 (id=1357):
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000000180)={[{@clear_cache}, {@user_subvol_rm}, {@compress_force_algo={'compress-force', 0x3d, 'zlib'}}, {@noautodefrag}, {@autodefrag}, {@autodefrag}, {@max_inline={'max_inline', 0x3d, [0x7, 0x32, 0x37, 0x2d, 0x32, 0x36, 0x32, 0x2d, 0x2d, 0x37]}}, {@space_cache}]}, 0x0, 0x559e, &(0x7f00000103c0)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
chdir(&(0x7f0000000080)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x42, 0x1fe)
fallocate(r0, 0x10, 0x3, 0x7ffd)

2.339618634s ago: executing program 0 (id=1358):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r2=>0x0}, &(0x7f00000002c0)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000000c0)={r2, 0x3, 0x2, 'g\\'}, 0xa)

2.323423984s ago: executing program 2 (id=1359):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8c80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000380)={0xdf, 0x0, 0x8})

2.155826067s ago: executing program 5 (id=1360):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000100)={[{@nouser_xattr}, {@four_active_logs}, {@four_active_logs}, {@noquota}, {@gc_merge}, {@fastboot}, {@prjjquota={'prjjquota', 0x3d, '-{'}}, {@jqfmt_vfsv1}, {@extent_cache}, {@fastboot}]}, 0x1, 0x54f9, &(0x7f000000ab40)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYogbSQBqiB3FJCBBEeB4WIRJE8thX0fZIZxoIfMwgO80YaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS3fVenFz9fu6bc5u306e2QAAAADnbKv1on4yS/2vzf3vza2fTb+IiDIizq3dR/HpJHPU5FSvvL56MYbbiDrh8BmT5voSEX+a6+FH198CAAAAXK7NcjVPq/X0MBt6QPQpFW3Kb38z5RURUc3uM6WVh7xfmcLq3/c4/mdKqwtY00xhqeQ2zpX2LvXf/Vi1mz5ritSUb78/29wBAIAejU6aflchAAAA9Onf0ANgGEU8bWUetwInqWm29z6f9AAAAIAPqBh6AAAAAEDn6vW/8/8AAADgsqXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjStlovNsvVvG3Obt9OntkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/szzsKhEAYhMHe9Z3J3P+w0qCpqUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/LykQAkEQBXPG/076/oeVBD2DCBHQ8KiiFg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLFzP69xVHEAwN/M7GxtVVyj7CEiCh70Yrfb2tqbeFCCB/8EIaTbGrv1R5uDLUXIxZvknIvoUURQ4i3/Q84J5BJvOewhgmdlZmeSyQ9w/dGZTfL5wJv33WGY932zEPKd9xIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNLo3YM4yQ6dcRwX5zb3Hi9k/daRPrO+sj2btSyO6kz6dHi5+iHqNpcIAAAA50dS1vchhJ10bS7r405e/6flNVnN/92z47is54/W/WVf1v5Z+/WX3Rf3B+qMx8luentxOLhyPJXWk5vldHvub69o5U8+f/eS5F9I/MHyC6M0f57RNxsb77Xz8EId2QIA/8blsi+C8vehrO83mRgA50arUniX9X/SaTYnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDqMlsPTZRyFEGZbB3Fma+/xwkn9+sr2bNlurK6uVO+Z3SINIdxeHA6u1DiXaffg4aO788Ph4H79wSshhKZGf6eY/t2PJrg4hEaej+B/CuLiy56WfE5H0OAPJQAAzqS0aFldv5OuzWXnopkQ/vz+cP3/eiUOE9b/ux/f2KyOVa3/+7XNcPr1lu593nvw8NGbi/fm7wzuDD5962r/7f61m9ev3+zl70p63pgAAADw37SLVq3/45nj6/+XKnGYsP7/4tv+V9WxEvX/iQ4W/ZrOBAAA4Hx7/tU/fo9OOB+12+HL+aWl+/3xcf/z1fGxgVT/sQtFq9b/yUzTWQEAAAB1GC1Hh9b/b1XiMOH6/zM/vPRT9Z5JCOFisf5/eeGz4a36pjPV6vhz4qbnCAAAQLMuFq26/p/m+//j/S0PcQjhjdfGcfFvACeq/5P3v/6xOlZ1//+1+qY4leLu+HnkfTeEVrfpjAAAADjLnipaVuz/lq7NffLzpQ/b9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2vAAAA//+END5e")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x2)
pwrite64(r0, &(0x7f0000000040)='2', 0x1, 0x8000c61)
ioctl$F2FS_IOC_SEC_TRIM_FILE(r0, 0x4018f514, &(0x7f0000000000)={0x11, 0xffffffffffffffff, 0x1})

2.083027678s ago: executing program 0 (id=1361):
syz_mount_image$squashfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f0000000540)=ANY=[], 0x5, 0x1bd, &(0x7f0000000a00)="$eJzsVT9v2kAU/51tMO5Qda6QOpQBhmJj2qpbO1VIXfoJqiJwW1TTPzZDQQx04ntk4YvkO2RIlIVEiiJlIHt00d29uzhRkiEhQpHuJ5nf+3vPvDu/+5H/zX0AZ6tpDx8g4eIpdhmDB+AFU7aPvuLjsuIm6Uee4gbZt4j3iPPx5Gc3TZNMCBWQYCz3EFxVAFm+rhXXKISf1r/ylxtd3L/eFQB37jh1F8YSaKFqNjW4GpNkgdmVW0scflZhm9gdOtHY+CGxwkMLF+r7/w5O5M7vrKY9IXwFwDnnwtZXDyvGiPmyXYh57smHueAmRgw/oXA4CEfDP2E+nrwaDB0k35Nfcdx+G72Oojdx+G2QJpH6ZYUSDp1EwQ0AYqYGBX8JwD4N2CcwGOiPTL8a+Vkxt1wYzvWXuASHeSZXc4V8IpdmO6N06Qtm+rsRjanJt/Yg/1IHDC4pLZUTQEWLxlSko9n7nfbnYBD3CveBaAHPrNFaoqQVkWqUpP1upl97Tlwj7hAviJfE+s7Sd5EnVzggrT4DyvjXHY2yljApydhiY4ufmcoOVT2lNXQrqj4sLCwsLCwsLB4ZzgMAAP//vgZI9Q==")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
lseek(r0, 0x7ff, 0x0)
getdents64(r0, 0x0, 0x0)

2.027702119s ago: executing program 2 (id=1362):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x101801e, &(0x7f0000000100)={[{@quota}, {@discard_size={'discard', 0x3d, 0xaff9}}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@nointegrity}, {@discard}, {@nodiscard}, {@discard_size={'discard', 0x3d, 0x82}}, {@errors_continue}, {@nodiscard}, {@errors_remount}]}, 0x24, 0x6293, &(0x7f0000009000)="$eJzs3cuOHFcZB/Cvr3Mxsa0somAhNEnMJYT4GowhQJIFLNiwQN4iW5NJZOEAsg1yIgtPNBskeAgQEkuEWLLiAbJgy44HwJKNBMoCpaKaPmdcU+menvF4urpdv580rvr6VE2f8r+rL1NVfQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiB/+4MfnOxFx9VfphpMRn4teRDdipazXImJl7WR1nedjuzmei4jBUkS5/vY/JyJei4iPjkc8eHh3vbz5wj778f2//POPPzn2o3/8eXD2f3+93Xt90nJ37vzuv3+79/jbCwAAAG1UFEXRSR/zT0VEP322BwCefvn1v0jy7eq5qzfnrD9qtVqtXsC6qhjvXrWIiM3qOuV7BofjAWDBbMbHTXeBBsm/1foRcazpTgBzrdN0BzgSDx7eXe+kfDvV14O1UXs+F2RX/pudnes7Jk2nqZ9jMqvH11b04tkJ/VmZUR/mSc6/W8//6qh9mJY76vxnZVL+w9GlT62T8+/V8695evLvjs2/rXL+/QPl35M/AAAAAADMsfz3/5MNH/9dOvym7Mtex3/XZtQHAAAAAAAAAHjSDjr+X782/t8O4/8BAADA3Co/q5d+f/zRbZO+i628/Uon4pna8kDLpItlVpvuBwAAAAAAAAAAAAC0SX90Du+VTsQgIp5ZXS2KovypqtcHddj1F13btx/arOkneQAAGPnoeO1a/k7EckRcSd/1N1hdXS2K5ZXVYrVYWcrvZ4dLy8VK5XNtnpa3LQ338Ya4PyzKX7ZcWa9q2uflae3131fe17Do7aNjs9Fg4AAQEaNXoweTXpH+7/VqMRXFiWj4TQ4LYo/9nwVl/2c/mn6cAgAAAEevKIqik77O+1Q65t9tulMAwEzk1//6cQG1etHqmLP+qNVq9TzWVcV496pFRGxW1ynfMxiOHwAWzGZ83HQXaJD8W60fEc833QlgrnWa7gBH4sHDu+udlG+n+nqQxnfP54Lsyn+zs71eXn/cdJr6OSazenxtRS+endCf52bUh3mS8+/W8786ah+m5Q6ff7Hrz4RNnWM0Kf9yO0820J+m5fx79fxrjnr/n5Wt6I7Nv61y/v0D5d+TPwAAAAAAzLH89/+Tc3X8d/i4mzPVXsd/18aucXR9AQAAAAAAAIAn5cHDu+v5utd8/P8LY5Zz/efTKeffkX8r5fy7tfy/WluuV5m//9aj/P/z8O76n27/+/N5ut/8l/JMJz2yOukR0Un31Omn6WG27rO2Br1heU+DTrfXT+f8FIN34nrciI04t2vZbvr/eNR+fld72dPBdnvRG7Vf2NXe32nP61/c1T5IZxcVK7n9TKzHz+NGvL3dXrYtTdn+5SntxZT2nH/P/t9KOf9+5afMfzW1d2rT0v0Pu5/Z76vTcffz5vUv/ubc0W/OVFvR29m2qnL7XmygP9v/J8eG8ctbGzfP3Ll2+/bN85Emu269EGnyhOX8B+ln5/n/pVF7ft6v7q/3PxweOP95sRX9ifm/VJkvt/flGfetCTn/YfrJ+b+d2sfv/4uc/+T9/5UG+gMAAAAAAAAAAAAAAAB7KYpi+xLRNyPiUrr+p6lrMwGA2cqv/0WSb59V3Zvx/anVC1535qw/M60/KearP2r1ItZVxXhvVIuI+Ht1nfI9w6/H/TIAYJ59EhH/aroTNEb+LZa/76+cnm66M8BM3Xr/g59eu3Fj4+atpnsCAAAAAAAAADyuPP7nWmX859NFUdyrLbdr/Ne3Yu2w43/288zOAKMTBqruHXyb9rLVHfa6leHGX4hJ438Pdub2Gv+7P+X+BlPah1Pal6a0L09pH3uhR0XO/4XKeOenI+JUbfj1Noz/Wh/zvg1y/i9WHs9l/l+pLVfNv/jDIuff3ZX/2dvv/eLsrfc/ePX6e9fe3Xh342cXz58/d/HSpcuXL5995/qNjXOjfxvs8dHK+eexr50H2i45/5y5/Nsl5/+lVMu/XXL+X061/Nsl55/f78m/XXL++bOP/Nsl5/9yquXfLjn/r6Va/u2S838l1fJvl5z/11Mt/3bJ+b+aavm3S87/TKrl3y45/7Op3mf+K0fdL2Yj55+PcNn/2yXnn89skH+75PwvpFr+7ZLzv5hq+bdLzv+1VMu/XXL+30i1/Nsl538p1fJvl5z/N1Mt/3bJ+V9OtfzbJef/rVTLv11y/t9OtfzbJef/eqrl3y45/++kWv7tkvP/bqrl3y45/++lWv7tkvN/I9Xyb5dH3/9/uJnfnngyv8dMa2cG89ENM6OZpp+ZAAAAAAAAAAAAAIC6WZxO3PQ2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfMoOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrB3dzFynfX9wM/sm9dOSAyE/J38DWwcE0Kyya7txC+0KSa8NryVQCj0Bdv1rs2CYxuvXQKNZNNAiYRRUUXbcNEWEGpzU5ELLmgFKBeoFVIl0l7QG0SFykVUBRSQKtEKstWc8zzPzszOzsx6x7sz53w+kv3zzpw555kzz5yd34y/cwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABrd8ob5z9SyLKv/yf/anmXX1v+9dWp7ftlrN3uEAAAAwHr9Kv/7+evTBYd7uFHDMv/8iu99fWlpaSl7/+ifj39haSldMZVl41uyLL8ueupHH6g1LhM8lk3WRhp+Humy+dEu1491uX68y/UTXa7f0uX6yS7Xr9gBK2wt3o/JV7Y7/+f2YpdmN2Tj+XW729zqsdqWkZH4Xk6ult9mafxEtpCdyuaz2abli2Vr+fLfvKW+rbdmcVsjDdvaWZ8hP3v0eBxDLezj3U3bWl5n9JPXZ1M//9mjx//2/HM3tatdd0PT+opx3r6rPs5PhUuKsdayLWmfxHGONIxzZ5vHZLRpnLX8dvV/t47z+R7HObo8zA3V+phPZiP5v5/J99NY49t6aT/tDJf94tYsyy4tD7t1mRXbykaybU2XjCw/PpPFjKyvoz6VXpKNrWme3tLDPK3Xud3N87T1OREf/1vC7cZWGUPjw/STT040PO6/XLqSeRrV73UxhqXR5cuKMbTOwX4/VwZlDsZ58Ux+px9vOwd3h/v/6G2rz8G2c6fNHEz3u2EO7uo2B0cmRvMxpwehlt9meQ7uaVp+NN9SLa/P3tZ5Ds6cf/jszOLHP3HXwsPHTs6fnD+9b8+e2X379x88eHDmxMKp+dni7yvc24NvWzaSnoe7wr6Lz4FXtyzbOFWXvjyx4vh7pc/DyfQ8bP6d1e61Rb+fh2Otd662MU/IlXO6eG68t77TJy+PZKs8x/LH5471Pw/T/W54Ho41PA/b/k5p8zwc6+F5WF/m7B29vWYZa/jTbgyr/y5Y3xzc3jAHW1+PbG9Ztt+vRwZlDk6GefGDO1b/XbAzjPfx6bW+HhldMQfT3Q3Hnvol6fX+5MG8tJuXN9evuGYiu7A4f+7uR46dP39uTxbKhnhpw1xpna/bGu5TtmK+jqx5vh5eeMXjN7e5fHvYV5N31f+aXPWxqi9zz92dH6v8t1v7/dl06d4slD7b6P3Z7rd5fX9OZNkXv/PJB7/16BffsOr+rPebn5pZ/2vx1Jc2HH/HVzn+xr7/hWJ7aVWPjY6PFc/f0bR3xpuOx80P1Vh+7Krl235+prfj8Xj4s9HH4xs6HI93tCzb7+PxeOudi8fjWrd3O9an9fGcDPPk1Gzn43F9mR171zonxzoej28NtRb2/2tCp5D6ooa5s9q8TdsaGxsP92ssbqF5nu5rWn489Gb1bT25N7woTKPsbZ7efmux/GjD7aKNmqdTLcv2e56m975Wm6e1bu++XZnWx3MyzIsb9nWep/Vlnr5n/cfOrfGfDcfOiW5zcHx0oj7m8TQJ8+N9trQ1zsG7s+PZmexUNpdfO5HPp1q+rel7eztWToQ/G32s3NFhDt7esmy/52D6Pbba3KuNrbzzfdD6eE6GefHEvZ3nYH2ZNx7o72vX28MlaZmG166t76+t9p7XzS276WrNlbEwzu8c6PzebH2ZUwfX2md23k93hkuuabOfWp+/qz2n5rKN2U87wjifO7j6fqqPp77MFw71OJ8OZ1l28aP35+/3hs9XLl74/tebPndp95nOxY/e/9MXnfintYwfgOH3QlG2Fb/rGj6Z6uXzfwAAAGDzdfsP6uk97snwGab+HwAAAMoo9v3xf4Un+n8AAAAojdj3j4WalKH//+Pui+x443MLL1zMUjJ/KYjXp93wQLFczLjOhp+nlpbVL7//q/P//Y8XexveSJZlv3zgj9ouv+OBOK7CVBjnU29qvnyFr9/V07aPPnQxbbcxv/6lsP54f3qdBu0iuLNZln3z+s/l25n6wOW8Pv3A0bw+eOnxx+rLPH+o+Dne/tmXFsv/Vfi/K4dPHGu6/bNhP/w41Nm3td8f8XZfu/yanQfet7y9eLvaruvyu/3EB4v1xu/J+fxjxfJxP682/m999smv1Zd/5FXtx39xpP34nwzr/Wqo//PyYvnGx6D+c7zdp8P44/bi7e7+yrfbjv+pzxTLn31zsdzRUOP2bw8/737zcwuN++uR2rGm+5W9pVgubn/2+3+aXx/XF9ffOv7JI5eb9kfr/Hj634r1zLQsHy+P24n+oWX79fU0zs+4/Sf/5GjTfu62/acefPbl9fW2bv/OluXOfvSOfPvL62v+xqa//vTn2m4vjufw359tuj+H3x2ex2H7T3wwzMdw/f8+Vayv9dsVjr67+fgTl//S9otN9yd668+L7T/1upN53TK5dds1177oukvvqu+7LHtmS7G+bts/+Tdnmsb/5RuL/RGvj//FrHX7q7n0ymL75z42ffrM4oWFubRXH70+/+6ctxfjieO9PhxbW38+cub8h+bPTc1OzWbZVHm/Qu+KfSXUnxblUuell1YcQe94KDyeN//lN7fd9q+fjZf/+3uLyy+/rfi99eqw3OfD5dvD47e27a/0xC035s/v2tNhhEsrvy94PXbu/q+DPS0Y7n/r64I438++7EP5fqhfl//eiM/rdY7/h3PFer4R9utS+GbmXTcub69x+fjdCJffUzzf173/wmEuPq5/Fx7vd/y4WH8cV7y/PwyvY769o/l4F+fHNy6OtK4//xaPS+F4kl0qro9Lxf19+fkb2w4vfg9Jdumm/Oc/S+u5aU13czWLH1+cObVw+sIjM+fnF8/PLH78E0cePnPh9Pkj+Xd5Hvlwt9svH5+25cenufn992T50epMUa6yzR7/2YeOzx2YvW1u/sSxCyfOP3R2/tzJ44uLx+fnFm87duLE/Me63X5h7r49ew/tO7B3+uTC3H0HDx3ad2h64fSZ+jCKQXWxf/Yj06fPHclvsnjfPYf23HvvPbPTD5+Zm7/vwOzs9IVut89/N03Xb/2H0+fmTx07v/Dw/PTiwifm79tzaP/+vV2/DfDhsycWp2bOXTg9c2Fx/txMcV+mzucX13/3dbs95bT4H8Xr2Va14ov4snfduT99P2vdVz+56qqKRVq+QPS58F00333x2YO9/Bz7/vFQkzL0/wAAAEAu9v0ToSb6fwAAACiN2PdvCTXR/wMAAEBpxL5/MtT0XwIq0v+XLv+/42JP25f/38z8f372Z/l/+f+Nz/+H/P0z7xm0/H9xvJD/74/15u/l/wP5f/l/+X/5f/l/+mDQ8v+x79+aZT7/BwAAgJKKff+2UBP9PwAAAJRG7PuvCTXR/wMAAEBpxL7/2lCTivT/8v/y/87/L/8v/99++/L/w0n+vzP5/y7k/2eyauX/L/Vz/JuQ/9/a+IP8P4No0PL/se9/UahJRfp/AAAAqILY918XaqL/BwAAgNKIff/1oSb6fwAAACiN2PdvDzWpSP8v/7+u/H/KXMn/N49f/r+Z/H+YD/L/8v8bQP6/M/n/LuT/nf9/uPL/TeT/GUSDlv+Pff+LQ00q0v8DAABAFcS+/yWhJvp/AAAAGDxjV3az2Pe/NNRkRf9/hRsAAAAANl3s+2/IWoLgFfn8X/7f+f/l/+X/5f/bb7/3/P9oJv8/OOT/O5P/70L+X/5f/l/+n74atPx/3vdnk9nLQk0q0v8DAABAFcS+/8ZQkx76/y1XbVQAAABAP8W+//+Fmvj8HwAAAEoj9v07Qk0q0v/L/5cm//+LxodO/l/+v9P25f+d/7/M5P87k//vQv5f/l/+X/6fvhq0/H/s+28KNalI/w8AAABVEPv+m0NN9P8AAABQGrHv//+hJvp/AAAAKI3Y9+8MNalI/y//P+D5/5gcdf5/+X/5/4HM/0/K/w8c+f/O5P+76CX/f638/2rk/+X/5f9pNWj5/9j3vzzUpCL9PwAAAFRB7PtfEWqi/wcAAIDSiH3/K0NN9P8AAABQGrHvnwo1qUj/v5b8f+2S/P9qrvL5/yd6OP9/E/l/+f9O25f/d/7/MpP/70z+vwvn/5f/l/+X/6evBi3/H/v+W0JNKtL/AwAAQBXEvn9XqIn+HwAAAEoj9v23hpro/wEAAKA0Yt+/O9SkIv2/8/8PRf4/k/+X/5f/l/+X/++N/H9n8v9dyP/L/8v/y//TV4OW/499/6tCTSrS/wMAAEAVxL7/tlAT/T8AAACURuz7Xx1qov8HAACA0oh9/+2hJhXp/+X/5f/l/+X/5f/bb1/+fzjJ/3cm/9+F/L/8v/y//D99NWj5/9j3vybUpCL9PwAAAFRB7PvvCDXR/wMAAEBpxL7/zlAT/T8AAACURuz7p0NNKtL/y//L/8v/y//L/7ffvvz/cJL/70z+vwv5f/l/+X/5f/pq0PL/se+/K9SkIv0/AAAAVEHs++8ONdH/AwAAQGnEvn8m1ET/DwAAAKUR+/7ZUJOK9P/y//L/8v/y/2vK/79yeb3y/wX5/8Ei/9+Z/H8X8v/y/5ue/x+X/6dUBi3/H/v+PaEmFen/AQAAoApi37831ET/DwAAAKUR+/59oSb6fwAAACiN2PffE2pSkf5f/l/+X/6/r/n/Wrv5UKr8fwP5/4L8/2CR/++s//n/eBfl/+X/5f+d/1/+n5UGLf8f+/57Q00q0v8DAABAFcS+f3+oif4fAAAASiP2/QdCTfT/AAAAUBqx7z8YalKR/l/+X/5f/t/5/+X/229f/n84yf935vz/Xcj/y/8Pcf6/Prfk/xk0g5b/j33/oVCTivT/AAAAUAWx739tqIn+HwAAAEoj9v2/Fmqi/wcAAIDSiH3/r4eaVKT/l/+X/5f/l/8f9Pz/hPy//P8ayP93Jv/fhfy//P8Q5/+d/59BNGj5/9j33xdqUpH+HwAAAKog9v2/EWqi/wcAAIDSiH3/60JN9P8AAABQGrHvPxxqUpH+X/5/g/L/8UL5f/l/+X/n/5f/v6rk/zuT/+9C/l/+X/5f/p++GrT8f+z7Xx9qUpH+HwAAAKog9v33h5ro/wEAAKA0Yt//hlAT/T8AAACURuz73xhqUpH+X/7f+f83P/8/3jR2+f/l28n/F+T/5f/XQv6/M/n/LuT/5f/l/+X/6atBy//Hvv9NoSYV6f8BAACgCmLf/+ZQE/0/AAAAlEbs+98SaqL/BwAAgNKIff9bQ00q0v/L/8v/b37+3/n/5f8L8v/y//0g/9+Z/H8X/c//j7esX/7/Ktrs8cv/y/+z0qDl/2Pf/5uhJhXp/wEAAKAKYt//QKiJ/h8AAABKI/b9bws10f8DAABAacS+/+2hJhXp/+X/5f/l/+X/5f/bb1/+fzjJ/3c2ZPn/X10XLh/i/H/r+uX/r6LNHv9a8/9jLT9flfz/j1bL/y9tab29/D9Xw6Dl/2Pf/45Qk4r0/wAAAFAFse9/Z6iJ/h8AAABKI/b97wo10f8DAABAacS+/7dCTSrS/8v/18exnF6W/5f/zy+Q/5f/l/8fWvL/nQ1Z/r8M5/9vXb/8/1W02eN3/n/5f1YatPx/7PvfHWpSkf4fAAAAqiD2/Q+GmvTW/z/f33flAQAAgKsh9v3vCTXx+T8AAACURuz73xtqUpH+X/7f+f/l/+X/5f/bb1/+fzjJ/3cm/9+F/L/8/6Dl//9T/p/hNmj5/9j3PxRqUpH+HwAAAKog9v3vCzXR/wMAAEBpxL7/t0NN9P8AAABQGrHvf3+oSUX6f/n/Ycn/T8n/rzH/PxEuk/+X/5f/rxb5/87k/7uQ/5f/H7T8v/P/M+QGLf8f+/4PhJr03v9P9rwkAAAAsCli3/87oSYV+fwfAAAAqiD2/b8baqL/BwAAgNKIff/vhZpUpP+X/x+W/L/z/2fO/y//33J/Spn/H5H/X6+Ny//HI4/8v/y//H8k/y//L/9Pq0HL/8e+//dDTSrS/wMAAEAVxL7/g6Em+n8AAAAYCu3+T3ar2PcfCTXR/wMAAEBpxL7/aKhJRfp/+X/5f/n/K8r/54td1fz/X+z6lx98751H98j/Vyv/7/z/67ah5/+vP/md/1/+X/4/kf+X/5f/p9Wg5f9j338s1GS58Xu7E/wDAADAcIt9/x+EmlTk838AAACogtj3Hw810f8DAABAacS+fy7UpCL9v/y//L/8v/P/9zv/H/fHMOX/p7cMUf4/HnTl/9va0Pz/+5Zz4vL/a83/T7S9tDX/X5P/byL/v+bxfzfLMvl/+X820aDl/2PfPx9qUpH+HwAAAKog9P0jJ4q6fIX+HwAAAEoj9v0nQ030/wAAAFAase//UKhJRfp/+X/5f/l/+X/n/2+//YHN/zv/f0fy/50NTv6/Pef/l/8f5vHL/8v/s9Kg5f9j378QalKR/h8AAACqIPb9Hw410f8DAABAacS+/yOhJvp/AAAAKI3Y958KNalI/y//L/8v/y///3/s3ceTZeV5x/E70BO6qHJ554UXZu8/gYVZ2ztvvGDjjatcrjIOOCcGYysL5RxQFgooISGUUE6ghISykIRyDigjqUbF9PM83T19+tzumdt9z3nfz2ehh2lo7h0VxfCbnu8c/f/w6+v/50n/P07/v4T+X/+v/9f/s1JT6/9z9/9t3NLJ/gcAAIAe5O6/Nm6x/wEAAKAZufv/Lm6x/wEAAKAZufv/Pm7pZP/r//X/zfb/f6L/3+/19f/6/5bp/8fp/4ec3P5D/b/+X/+v/2elptb/5+7/h7ilk/0PAAAAPcjd/49xi/0PAAAAzcjdf13cYv8DAABAM3L3/1Pc0v7+P7XY2/+fWKyn/z914Z875v4/M179f0v9v+f/7/v6+n/9f8uOt/+/4aF/8+n/Z9//76D/1//r//X/rNTU+v/c/f8ct7S//wEAAKAbufv/JW6x/wEAAKAZufv/NW6x/wEAAKAZufv/LW7pZP97/r/n/+v/9f/6/+HX1//Pk+f/j+up/7/u3iuufeD2P7zjMK+v/9f/6//1/6zW1Pr/3P3/Hrd0sv8BAACgB7n7/yNusf8BAACgGbn7/zNusf8BAABghjYHP5q7/7/ilk72v/5f/6//j/7/jP5f/6//b4H+f1xP/f/FvL7+X/+v/9f/s1pT6/9z9/933NLJ/gcAAIAe5O7/n7jF/gcAAIDpGvqF2CNy918ft9j/AAAA0Izc/Wfjlk72v/7/6Pv/3+r/59H/e/6//l//3wT9/zj9/xL6f/2//l//z0pNrf/P3X9D3NLJ/gcAAIAe5O7/37jF/gcAAIBm5O6/MW6x/wEAAKAZufv/L27pZP/r/z3/X/+v/9f/D7++/n+ept3/byx9ff2//n/m/f9J/b/+X//PTofs/x8c+df2Svr/3P3/H7d0sv8BAACgB7n7Hxa32P8AAADQjNz9D49b7H8AAABoRu7+R8Qtnex//b/+X/+v/7/o/n/vP3rn6f+H6f+Px7T7/+W66f9PDP9eCPr/2ff/nv+v/9f/s8vUnv+fu/+RcUsn+x8AAAB6kLv/UXHLyP4/9E/mAwAAAGuVu//RcYuv/wMAAMDsZXWWu/8xcUsn+1//r//X/+v/Pf9/+PXH+v87drw//f+06P/HTab/34f+X/8/5/ev/9f/s9fU+v/c/Y+NWzrZ/wAAANCD3P03xS32PwAAADQjd//j4hb7HwAAAJqRu//xcUsn+3+4/9/+8/r/g9H/737/+v/hfz5W1f/n31H/P9r/X+35/33S/4/T/y+xq///843FQv+v/9f/R/+/uezz9f8MmVr/n7v/CXFLJ/sfAAAAepC7/4lxi/0PAAAAzcjd/6S4xf4HAACAZuTuf3Lc0sn+9/x//b/+f379v+f/b1nn8/8Xx97/b+j/D0j/P07/v4Tn/+v/9f/jz/8f+V0A9P8MmVr/n7v/KXFLJ/sfAAAAepC7/6lxi/0PAAAA87Dz1w5c+AtKQ+7+p8Ut9j8AAAA0I3f/0+OWdvb/6LM69f/6f/2//v9w/f9GfUv/v8Xz/6dF/z9O/7+E/v8o+vmNxvr/m/f7/Cn0/9cfdf8/Qv/PkF39/53bH19X/5+7/xlxSzv7HwAAALqXu/+ZcYv9DwAAAM3I3f+suMX+BwAAgGbk7n923NLJ/j/y/n/kdx/Q/+v/9f9z7P+36f+36P+nRf8/Tv+/hP7f8/89/1//z0rt6v93WFf/n7v/OXHL6PA7veR7CQAAAExJ7v7nxi2dfP0fAAAAepC7/+a4xf4HAACAZuTuf17c0sn+9/x//b/+X/+v/x9+ff3/PF1Sf3+Z/r/o//X/+n/9v/6fFZha/5+7//lxSyf7HwAAAHqQu/8FcYv9DwAAAHMy+pv15+5/Ydxi/wMAAEAzcve/KG7pZP/r/4+2/8+P6//1/wv9v/5f/38sun3+/4mhH4n22qf/v/uvz/7Z7o/o//X/+n/9v/6fA/r9kT83if7/3PZ/Xebuf3Hc0sn+BwAAgB7k7n9J3GL/AwAAQDNy9780brH/AQAAoBm5+2+JWw65/8eahynT/3v+v/5f/6//H359/f88ddv/H5Dn/y+h/9f/6//1/6zUJPr/Hd/O3f+yuMXX/wEAAKAZuftfHrfY/wAAANCM3P2viFvsfwAAAGhG7v5Xxi2d7H/9v/5f/6//1/8Pv77+f570/+P0/0vMqf+/5RL6/43hD6+7n79U637/+n/9P3tNrf/P3X9r3NLJ/gcAAIAe5O5/Vdxi/wMAAEAzcve/Om6x/wEAAKAZuftfE7d0sv/1//p//b/+X/8//Pr6/3nS/4/T/y8Wi9eNvIGh/v/c6Wn2/57/P7n3r//X/7PX1Pr/3P2vjVs62f8AAADQgSs3z58z8VPB9j8AAAC0KHf/bXGL/Q8AAADNyN3/+rilk/2v/9f/6/+3+//6nuj/9f/6/9nS/4/T/y8xp+f/6/8n9/71//p/9ppa/5+7/w1xSyf7HwAAAHqQu//2uMX+BwAAgGbk7n9j3GL/AwAAQDNy998Rt3Sy//X/+n/9v+f/6/+HX1//P09H1/8v9P/6f/3/Evp//b/+nwtNrf/P3f+muKWT/Q8AAAA9yN3/5rjF/gcAAIBm5O5/S9xi/wMAAEAzcve/NW7pZP/r//X/+n/9v/5/+PX1//Pk+f/j9P9L6P/1//p//T8rNdz/X7+2/j93/9vilk72PwAAAPQgd/+dcYv9DwAAAM3I3f/2uMX+BwAAgGbk7n9H3NLJ/tf/6/939/+Lhf5f/3/w/v8G/f+l9f9nFvr/ldP/j9P/L6H/b7P/v2zRUP+/ue/n6/+Zoqk9/z93/zvjlk72PwAAAPQgd/+74hb7HwAAAJqRu//dcYv9DwAAAM3I3f+euKWT/a//1/97/r/+3/P/h1/f8//nSf8/Tv+/hP7/kvr//PF4cv2/5//r/1mbqfX/ufvfG7d0sv8BAACgB7n73xe32P8AAADQjNz9749b7H8AAABoRu7+D8Qtnex//b/+X/+v/9f/D7++/n+e9P/j9P9L6P/bfP5/H/3/5kL/zwRNrf/P3f/BuKWT/Q8AAAA9yN1/V9xi/wMAAEAzcvffHbfY/wAAANCM3P0fils62f/6f/2//n+e/f8Z/b/+X/8/aCr9/1VX/ek9+n/9v/5f/+/5//r/3k2t/8/d/+G4pZP9DwAAAD3I3f+RuMX+BwAAgGbk7v9o3GL/AwAAQDNy938sbulk/+/t/08utgrVLUP9fzRqs+//T+94H0n/r/8//4EZ9P8L/b/+X/8/aCr9v+f/X9z71//r/+f8/g/V/1+59/P1/7Roav1/7v574pZO9j8AAAD0IHf/x+MW+x8AAACakbv/E3GL/Q8AAADNyN1/b9zSyf73/H/9v/5f/6//H359/f886f/H6f+XWFf/f9n2+9X/z/f9N/P8/8v1/6zO1Pr/3P2fjFs62f8AAADQg9z9n4pb7H8AAABoRu7+T8ct9j8AAADM1uYF387d/5m4pZP9r/8/nv7/9+Jj+n/9v/5f/6//P1r6/3H6/3Lhd21LP8//PzP0wXX385dq3e+/mf7f8/9Zoan1/7n7Pxu3dLL/AQAAoAe5+z8Xt9j/AAAA0Izc/Z+PW+x/AAAAaEbu/i/ELZ3sf/1/N8//v/9Ut/3/X+r/L3h9/b/+v2X6//wRfZj+f4l++v9B6+7n5/7+9f/6f/aaWv+fu/++uKWT/Q8AAAA9yN3/xbjF/gcAAIBm5O7/Utxi/wMAAEAzcvd/OW7pZP/r/7vp/2/cep899v+e/6//1//3RP8/Tv+/hP5f/99+/39qv8/X/3MUptb/5+6//8RGl/sfAAAA5uov/vhv7jvoX3v/+f89s/hK3HL14twBv4wNAAAATNxDu//ExmLx1fPf8vV/AAAAaFHu/q/FLZ3sf/1/X/1/n8//1//r//X/PdH/j9P/L6H/1/+33//vS//PUZha/5+7/+txy47ht3Ho7yUAAAAwJbn7vxG3dPL1fwAAAOhB7v5vxi179r/fDhAAAADmKnf/t+KWTr7+v87+/3L9//L+f3FE/X/8dfr/Lfp//f/Q6+v/50n/P+4S+/9zJ/T/+v8R+n/9v/6fC02t/8/d/+24pZP9DwAAAI3a9TMKufu/E7fY/wAAANCM3P3fjVvsfwAAAGhG7v7vxS2d7H/P/z/i/v+hv8Hufj5T9SN8/v9m/ZHn/3fe/990ZvD19f/6/5bp/8d5/v8S+/T/+V+I+v9xE+r/T+v/9f9Mw9T6/9z9349bOtn/AAAA0IPc/T+IW+x/AAAAaEbu/h/GLfY/AAAANCN3/4/ilk72v/5/4s//v6j+/wDP/9f/99H/7/P67fT/f3DF2buu+avbbtX/s+04+//8Z0H/337/7/n/s+v/Pf9f/89ErL7/39j1wcP2/7n7fxy3dLL/AQAAoAe5+x+IW+x/AAAAaEbu/p/ELfY/AAAANCN3/0/jlk72v/5f/z+V/j//v15D/3/2ovv/zcVisZb+P5vi3vt/z//X/+/l+f/j9P9L6P/1//p//T8rtfr+f/cHD9v/5+7/WdzSyf4HAACAHuTu/3nckvv/xKF/6h4AAACYmNz9v4hbfP0fAAAAmpG7/5dxSyf7X/+v/59K/588/3/789p6/v81Faf22f//Uf2R/v9o6f/H6f+X0P/r//X/+n9Wamr9f+7+X8Utnex/AAAA6EHu/gfjFvsfAAAAmpG7/9dxi/0PAAAAzcjd/5u4pZP9r/9vtf/PIl7/r/+fSv/v+f+e/388uuz/Tx7876//X0L/r//X/+v/Wamp9f+5+38XAAD//wBnYNM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0)
renameat2(r0, &(0x7f0000000380)='./file0\x00', r0, &(0x7f0000000200)='./bus/file0\x00', 0x0)

1.895911111s ago: executing program 3 (id=1363):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)=0x2)
ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000140)={0x1, &(0x7f0000001500)=[{0x48, 0x8, 0xe4, 0x2}]})

1.806144993s ago: executing program 0 (id=1364):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0xfffffffe}}, 0x80000, 0x0, 0x0, 0x0, 0xb3550aa4ba878396}, 0x9c)

1.668261624s ago: executing program 3 (id=1365):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
fdatasync(r0)

1.396325659s ago: executing program 3 (id=1366):
syz_mount_image$romfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0090e674fc3d16030000f7372fb90c4213280e2e2e4b0d56ee98f196307a99eda2eedf841612fe27e9ee2ea9a1a483d5c39f00000500000000f7ffffffffffffff000000000036930000", @ANYRES8], 0x0, 0x13a, &(0x7f0000000200)="$eJzs2r9Kw0AcB/DfIAgdHZ0ClSho/mtddRQ33yC0uTR4Z0oiSPsC4iQonIMvIfgEPkJGN10EfYnI2au2qWgnD+H7Wfqlv+RyuYPL8nOKXASsdIi2BldHLytFLqxOtNtlAYtp7ICILBWqur5xac7TZ72qyf3mArPW3sa/7Y1UHl6wjCeh6SkBAAAAAAAAAAAAAAAAAAAAAMCC7JYOrb4U5yzjSTBVLYej45jzpCgNTc8429I9XMQkv1XrE83UN1+J7D2VMrlfqLo/e/+1Dut9yZ+b6+udioFXDkdOJuI0SZOTMIw6/rbv74Tex1hec0T7Ts+Jqvren28ns6f6zR4X6TfT+7+0msnLs+bTvvYfAQEBYRJ+PVf+i8n3r7cctR/U+ed2c97Tf/7Fchp8dwD4wXsAAAD//7SlOms=")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

995.861505ms ago: executing program 3 (id=1367):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x15, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
r4 = epoll_create1(0x0)
r5 = fcntl$dupfd(r4, 0x2, 0xffffffffffffffff)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000140)={@cgroup=r5, r6, 0x11, 0x0, r5, @void, @value}, 0x11)

815.048278ms ago: executing program 0 (id=1368):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC(r2, 0x4068aea3, &(0x7f0000000140))

438.051894ms ago: executing program 0 (id=1369):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x13)
ptrace(0x4206, r0)
ptrace(0x1, r0)

336.586075ms ago: executing program 1 (id=1370):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @local, 0x6}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002540)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)='v', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000001c0)="f8", 0x1}], 0x11, &(0x7f00000026c0)=ANY=[], 0x318}}], 0x2, 0x400c404)

77.718779ms ago: executing program 0 (id=1371):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
io_destroy(0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
syz_emit_ethernet(0x26, &(0x7f00000002c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x89, 0x0, @empty, @broadcast}, "eaa2d7e2"}}}}, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x40600, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'macvlan0\x00'})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={0x0, 0x68}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x5, 0x4, 0x6, 0x3, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r3}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0x10, 0x400000002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

48.36268ms ago: executing program 1 (id=1372):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, 0x0)

0s ago: executing program 2 (id=1373):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000140)={0x9, 0x5, 0xd, 0xffff, 0x0, "4ae23ae17df2e98c69ba36c4095c911abad88f"})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000016c0)=0xff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x9)

kernel console output (not intermixed with test programs):

[  540.679546][   T93] I/O error, dev nbd1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  540.692472][   T93] block nbd1: Attempted send on invalid socket
[  540.698933][   T93] I/O error, dev nbd1, sector 120 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  540.713033][ T7587] Mount JFS Failure: -5
[  540.757863][ T7587] jfs_mount failed w/return code = -5
[  542.807154][ T7515] bridge0: port 1(bridge_slave_0) entered blocking state
[  542.839948][ T7515] bridge0: port 1(bridge_slave_0) entered disabled state
[  543.657386][ T7515] device bridge_slave_0 entered promiscuous mode
[  543.734881][ T7515] bridge0: port 2(bridge_slave_1) entered blocking state
[  543.794973][ T7515] bridge0: port 2(bridge_slave_1) entered disabled state
[  543.841592][ T7515] device bridge_slave_1 entered promiscuous mode
[  544.046464][ T7622] netlink: 8 bytes leftover after parsing attributes in process `syz.1.635'.
[  545.855476][ T7515] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  548.017471][ T7515] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  548.714532][ T7641] overlayfs: failed to resolve './file0': -2
[  548.879833][ T7515] team0: Port device team_slave_0 added
[  549.146720][ T7515] team0: Port device team_slave_1 added
[  549.221155][ T7515] batman_adv: batadv0: Adding interface: batadv_slave_0
[  549.335668][ T7648] use of bytesused == 0 is deprecated and will be removed in the future,
[  549.344276][ T7648] use the actual size instead.
[  549.604441][ T7515] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  549.945707][ T7515] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  550.077435][ T7515] batman_adv: batadv0: Adding interface: batadv_slave_1
[  550.147922][ T7515] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  550.240678][ T7657] loop2: detected capacity change from 0 to 512
[  550.257367][ T7515] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  550.354606][ T7657] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.642: inode #1: comm syz.2.642: iget: illegal inode #
[  550.439384][ T7657] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.642: error while reading EA inode 1 err=-117
[  550.554890][ T7657] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.642: inode #1: comm syz.2.642: iget: illegal inode #
[  551.164546][ T7666] I/O error, dev loop0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  551.174554][ T7666] qnx4: unable to read the superblock
[  553.740519][ T7657] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.642: error while reading EA inode 1 err=-117
[  553.824095][ T7657] EXT4-fs (loop2): 1 orphan inode deleted
[  553.830006][ T7657] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  554.030769][ T4255] EXT4-fs (loop2): unmounting filesystem.
[  554.131908][ T7673] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  555.555140][ T7515] device hsr_slave_0 entered promiscuous mode
[  557.862686][ T7515] device hsr_slave_1 entered promiscuous mode
[  557.950908][ T7686] slcan: can't register candev
[  558.008929][ T7686] Falling back ldisc for ptm0.
[  558.662243][ T4280] device hsr_slave_0 left promiscuous mode
[  558.700480][ T4280] device hsr_slave_1 left promiscuous mode
[  558.717971][ T4280] batman_adv: batadv0: Removing interface: batadv_slave_0
[  559.061752][ T7695] overlayfs: failed to resolve './file0': -2
[  559.193753][ T4280] batman_adv: batadv0: Removing interface: batadv_slave_1
[  559.275255][ T4280] device bridge_slave_1 left promiscuous mode
[  559.288334][ T4280] bridge0: port 2(bridge_slave_1) entered disabled state
[  559.314391][ T4280] device bridge_slave_0 left promiscuous mode
[  559.326812][ T4280] bridge0: port 1(bridge_slave_0) entered disabled state
[  561.236737][ T7709] overlayfs: failed to resolve './file1': -2
[  561.508840][ T7720] loop3: detected capacity change from 0 to 1764
[  561.757015][ T5917] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  562.926665][ T7720] loop3: detected capacity change from 0 to 2048
[  562.932124][ T5917] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  562.933677][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  562.954386][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  562.981282][ T4323] Bluetooth: hci5: Frame reassembly failed (-84)
[  562.992078][ T7720] UDF-fs: bad mount option "" or missing value
[  562.993307][ T4280] team0 (unregistering): Port device team_slave_1 removed
[  563.065982][ T7731] UBIFS error (pid: 7731): cannot open "./file0", error -22
[  563.073461][ T7731] syz.1.659 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  563.311128][ T4280] team0 (unregistering): Port device team_slave_0 removed
[  564.380513][ T4280] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  564.405265][ T7739] loop3: detected capacity change from 0 to 1024
[  564.467662][ T4280] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  564.476317][ T7739] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  565.105015][ T4258] Bluetooth: hci5: command 0x1003 tx timeout
[  565.105199][ T4254] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  566.052358][    C0] vkms_vblank_simulate: vblank timer overrun
[  566.083407][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  566.486900][ T7753] xt_hashlimit: overflow, try lower: 35184372088832/511
[  569.245218][ T7755] block nbd1: shutting down sockets
[  570.926837][ T7768] overlayfs: failed to resolve './file1': -2
[  571.276501][ T4280] bond0 (unregistering): Released all slaves
[  576.112123][ T7811] loop2: detected capacity change from 0 to 1024
[  577.404830][ T7821] netlink: 8 bytes leftover after parsing attributes in process `syz.2.676'.
[  577.413826][ T7821] netlink: 4 bytes leftover after parsing attributes in process `syz.2.676'.
[  578.001295][ T7824] overlayfs: failed to resolve './file1': -2
[  578.794729][ T7830] Invalid ELF header type: 3 != 1
[  578.811778][ T7830] kernel read not supported for file / 
œ7³ÏüâW)ës“§Ç!Q�öì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|�Õ²DvcŽ“ØÖ Å6Òxãc: (pid: 7830 comm: syz.1.680)
[  578.829300][   T27] audit: type=1800 audit(2000000003.820:106): pid=7830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.680" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=45594 res=0 errno=0
[  579.792570][ T6056] hfsplus: b-tree write err: -5, ino 4
[  579.797540][ T7515] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  579.853915][ T7515] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  579.903420][ T7515] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  580.006421][ T7515] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  581.530652][ T7515] 8021q: adding VLAN 0 to HW filter on device bond0
[  581.561702][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  581.618337][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  581.814097][ T7515] 8021q: adding VLAN 0 to HW filter on device team0
[  582.782845][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  582.827349][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  582.864037][ T4362] bridge0: port 1(bridge_slave_0) entered blocking state
[  582.871185][ T4362] bridge0: port 1(bridge_slave_0) entered forwarding state
[  582.904561][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  583.008759][ T4301] libceph: connect (1)[c::]:6789 error -101
[  584.690176][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  584.904946][ T4301] libceph: mon0 (1)[c::]:6789 connect error
[  585.264690][ T7860] ceph: No mds server is up or the cluster is laggy
[  585.446998][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  585.456418][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  585.463722][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  585.480209][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  585.679500][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  585.782465][   T14] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  585.824565][ T4297] libceph: connect (1)[c::]:6789 error -101
[  585.830587][ T4297] libceph: mon0 (1)[c::]:6789 connect error
[  586.002393][   T14] usb 4-1: Using ep0 maxpacket: 32
[  586.009613][   T14] usb 4-1: config 0 has an invalid interface number: 12 but max is 0
[  586.107896][   T14] usb 4-1: config 0 has no interface number 0
[  586.114358][   T14] usb 4-1: config 0 interface 12 has no altsetting 0
[  586.136661][   T14] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  586.152874][   T14] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  586.169691][   T14] usb 4-1: Product: syz
[  586.174509][   T14] usb 4-1: Manufacturer: syz
[  586.179165][   T14] usb 4-1: SerialNumber: syz
[  586.185661][   T14] usb 4-1: config 0 descriptor??
[  586.205764][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  586.253835][ T7853] Invalid ELF header magic: != ELF
[  586.259116][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  586.324983][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  586.336138][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  586.346620][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  586.357078][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  586.367050][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  586.377503][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  586.387028][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  586.396132][ T4337] libceph: connect (1)[c::]:6789 error -101
[  586.415835][ T4337] libceph: mon0 (1)[c::]:6789 connect error
[  586.420465][ T7515] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  586.753086][ T7876] deleting an unspecified loop device is not supported.
[  587.477798][   T14] f81534 4-1:0.12: f81534_set_register: reg: 1003 data: 20 failed: -71
[  587.523850][   T14] f81534 4-1:0.12: f81534_find_config_idx: read failed: -71
[  587.979227][   T14] f81534 4-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  588.020772][   T14] f81534: probe of 4-1:0.12 failed with error -71
[  588.134039][   T14] usb 4-1: USB disconnect, device number 5
[  589.994777][ T7895] overlayfs: failed to resolve './file0': -2
[  590.541764][ T7909] loop3: detected capacity change from 0 to 4096
[  591.215562][ T4254] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  591.248884][ T4254] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  591.258304][ T4254] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  591.267605][ T4254] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  591.275489][ T4254] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  592.009541][ T4258] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  592.454842][ T7919] lo speed is unknown, defaulting to 1000
[  592.635142][ T7929] overlayfs: failed to resolve './file0': -2
[  592.992977][ T4261] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22.
[  593.043087][ T7930] input: syz1 as /devices/virtual/input/input14
[  593.102414][ T4261] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  593.392665][ T4267] Bluetooth: hci4: command 0x0405 tx timeout
[  593.817421][ T7941] Invalid ELF header type: 3 != 1
[  593.827386][ T7941] kernel read not supported for file / 
œ7³ÏüâW)ës“§Ç!Q�öì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|�Õ²DvcŽ“ØÖ Å6Òxãc: (pid: 7941 comm: syz.2.701)
[  593.850763][   T27] audit: type=1800 audit(2000000018.840:107): pid=7941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.701" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=46282 res=0 errno=0
[  594.034947][ T4267] Bluetooth: hci3: command 0x0409 tx timeout
[  595.768239][ T7919] chnl_net:caif_netlink_parms(): no params data found
[  596.112552][ T4267] Bluetooth: hci3: command 0x041b tx timeout
[  596.146174][ T4298] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  596.323937][ T7962] netlink: 36 bytes leftover after parsing attributes in process `syz.0.704'.
[  597.045368][   T27] audit: type=1326 audit(2000000022.040:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7956 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8f98e929 code=0x7fc00000
[  597.724026][   T27] audit: type=1326 audit(2000000022.040:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7956 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fae8f98e929 code=0x7fc00000
[  597.746686][   T27] audit: type=1326 audit(2000000022.060:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7956 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8f98e929 code=0x7fc00000
[  597.922414][   T27] audit: type=1326 audit(2000000022.060:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7956 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8f98e929 code=0x7fc00000
[  597.951801][   T27] audit: type=1326 audit(2000000022.060:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7956 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8f98e929 code=0x7fc00000
[  597.974835][   T27] audit: type=1326 audit(2000000022.060:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7956 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8f98e929 code=0x7fc00000
[  597.997696][   T27] audit: type=1326 audit(2000000022.060:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7956 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8f98e929 code=0x7fc00000
[  598.021892][   T27] audit: type=1326 audit(2000000022.060:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7956 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8f98e929 code=0x7fc00000
[  598.222627][ T4267] Bluetooth: hci3: command 0x040f tx timeout
[  598.233185][   T27] audit: type=1326 audit(2000000022.060:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7956 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae8f98e929 code=0x7fc00000
[  598.258355][ T7919] bridge0: port 1(bridge_slave_0) entered blocking state
[  598.275353][ T7919] bridge0: port 1(bridge_slave_0) entered disabled state
[  598.321363][ T7919] device bridge_slave_0 entered promiscuous mode
[  598.330195][ T7919] bridge0: port 2(bridge_slave_1) entered blocking state
[  598.337450][ T7919] bridge0: port 2(bridge_slave_1) entered disabled state
[  598.353662][ T7919] device bridge_slave_1 entered promiscuous mode
[  598.544455][ T7985] loop2: detected capacity change from 0 to 16
[  598.573435][ T7985] erofs: (device loop2): mounted with root inode @ nid 36.
[  599.021485][ T7991] syz.2.707: attempt to access beyond end of device
[  599.021485][ T7991] loop2: rw=0, sector=8, nr_sectors = 16 limit=16
[  599.067998][ T7991] syz.2.707: attempt to access beyond end of device
[  599.067998][ T7991] loop2: rw=0, sector=296, nr_sectors = 16 limit=16
[  599.081464][ T7991] erofs: (device loop2): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  600.244278][ T7919] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  600.282457][ T4254] Bluetooth: hci3: command 0x0419 tx timeout
[  600.288730][ T7919] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  600.761889][ T7999] xt_hashlimit: overflow, try lower: 35184372088832/511
[  601.510958][ T7992] overlayfs: failed to resolve './file0': -2
[  601.588577][ T7919] team0: Port device team_slave_0 added
[  602.667129][ T7919] team0: Port device team_slave_1 added
[  602.709202][ T8006] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  602.717426][ T8007] netlink: 'syz.2.712': attribute type 10 has an invalid length.
[  603.467893][ T8007] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  604.915922][ T8031] binder: BINDER_SET_CONTEXT_MGR already set
[  604.921982][ T8031] binder: 8029:8031 ioctl 4018620d 200000000040 returned -16
[  605.204038][ T7919] batman_adv: batadv0: Adding interface: batadv_slave_0
[  605.232864][ T7919] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  605.259243][ T7919] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  605.323472][ T7919] batman_adv: batadv0: Adding interface: batadv_slave_1
[  605.333960][ T7919] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  605.773036][ T8039] loop2: detected capacity change from 0 to 512
[  605.787607][ T8039] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  605.828864][ T8039] EXT4-fs (loop2): invalid journal inode
[  605.846766][ T7919] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  605.869283][ T8039] EXT4-fs (loop2): can't get journal size
[  605.889408][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  605.991362][ T8039] EXT4-fs (loop2): 1 truncate cleaned up
[  606.002713][ T8039] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  606.116257][ T4323] device hsr_slave_0 left promiscuous mode
[  606.127231][ T4323] device hsr_slave_1 left promiscuous mode
[  606.133951][ T4323] batman_adv: batadv0: Removing interface: batadv_slave_0
[  606.142227][ T4323] batman_adv: batadv0: Removing interface: batadv_slave_1
[  606.150141][ T4323] device bridge_slave_1 left promiscuous mode
[  606.157177][ T4323] bridge0: port 2(bridge_slave_1) entered disabled state
[  606.166194][ T4323] device bridge_slave_0 left promiscuous mode
[  606.172811][ T4323] bridge0: port 1(bridge_slave_0) entered disabled state
[  607.124991][ T8052] netlink: 16 bytes leftover after parsing attributes in process `syz.1.720'.
[  608.621046][ T8064] overlayfs: failed to resolve './file0': -2
[  608.786629][ T4255] EXT4-fs (loop2): unmounting filesystem.
[  609.224004][ T8069] overlayfs: failed to resolve './file0': -2
[  610.125135][ T4323] team0 (unregistering): Port device team_slave_1 removed
[  610.829382][ T4323] team0 (unregistering): Port device team_slave_0 removed
[  610.908436][ T4323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  610.979858][ T8077] input: syz1 as /devices/virtual/input/input15
[  611.179508][ T4323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  613.187513][ T8089] binder: BINDER_SET_CONTEXT_MGR already set
[  613.194356][ T8089] binder: 8087:8089 ioctl 4018620d 200000000040 returned -16
[  613.216842][ T4323] bond0 (unregistering): Released all slaves
[  613.873865][ T8105] binder: BINDER_SET_CONTEXT_MGR already set
[  613.879923][ T8105] binder: 8097:8105 ioctl 4018620d 200000000040 returned -16
[  613.996153][ T7919] device hsr_slave_0 entered promiscuous mode
[  614.301674][ T8111] binder: BINDER_SET_CONTEXT_MGR already set
[  614.307824][ T8111] binder: 8102:8111 ioctl 4018620d 200000000040 returned -16
[  614.555082][ T7919] device hsr_slave_1 entered promiscuous mode
[  619.922481][ T8146] binder: BINDER_SET_CONTEXT_MGR already set
[  619.928580][ T8146] binder: 8145:8146 ioctl 4018620d 200000000040 returned -16
[  620.611296][ T8153] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  620.660249][ T8153] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  620.725498][ T8158] binder: BINDER_SET_CONTEXT_MGR already set
[  620.731553][ T8158] binder: 8154:8158 ioctl 4018620d 200000000040 returned -16
[  622.401426][ T8166] binder: BINDER_SET_CONTEXT_MGR already set
[  622.407551][ T8166] binder: 8163:8166 ioctl 4018620d 200000000040 returned -16
[  622.847096][ T8169] netlink: 4 bytes leftover after parsing attributes in process `syz.1.743'.
[  622.968169][ T8171] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  622.981107][ T8171] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  622.995842][ T8171] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  623.014175][ T8171] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  623.044899][ T8171] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  623.056146][ T8171] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  623.065292][ T8171] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  623.789551][ T8188] dccp_invalid_packet: P.Data Offset(4) too small
[  625.462479][ T4254] Bluetooth: hci2: command 0x0c1a tx timeout
[  625.467795][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  625.468540][ T4254] Bluetooth: hci3: command 0x0c1a tx timeout
[  625.474855][ T4267] Bluetooth: hci4: command 0x0c1a tx timeout
[  625.489397][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  625.795018][ T7919] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  626.220013][ T7919] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  626.314551][    T7] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  626.557712][    T7] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  626.627665][ T7919] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  626.673438][    T7] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  627.690648][ T4254] Bluetooth: hci2: command 0x0406 tx timeout
[  627.690657][ T4267] Bluetooth: hci3: command 0x0406 tx timeout
[  627.899667][    T7] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  627.909071][    T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  627.947779][ T7919] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  628.219506][ T8214] binder: BINDER_SET_CONTEXT_MGR already set
[  628.225618][ T8214] binder: 8212:8214 ioctl 4018620d 200000000040 returned -16
[  628.629657][    T7] usb 2-1: can't set config #27, error -71
[  628.675201][    T7] usb 2-1: USB disconnect, device number 3
[  628.966998][ T8222] binder: BINDER_SET_CONTEXT_MGR already set
[  628.973133][ T8222] binder: 8217:8222 ioctl 4018620d 200000000040 returned -16
[  630.019896][ T8232] netlink: 16 bytes leftover after parsing attributes in process `syz.3.755'.
[  630.224762][ T7919] 8021q: adding VLAN 0 to HW filter on device bond0
[  630.444963][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  630.445104][ T8229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  630.453774][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  630.474761][ T7919] 8021q: adding VLAN 0 to HW filter on device team0
[  630.617438][ T8230] loop0: detected capacity change from 0 to 4096
[  630.801169][ T7919] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  631.004116][ T7919] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  631.199682][ T8241] loop2: detected capacity change from 0 to 4096
[  631.487039][ T8243] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  631.535507][   T27] kauditd_printk_skb: 58 callbacks suppressed
[  631.535523][   T27] audit: type=1800 audit(2000000056.530:175): pid=8241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.758" name="file1" dev="loop2" ino=15 res=0 errno=0
[  631.596859][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  632.758606][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  633.197284][ T4280] bridge0: port 1(bridge_slave_0) entered blocking state
[  633.204550][ T4280] bridge0: port 1(bridge_slave_0) entered forwarding state
[  633.353307][ T4259] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22.
[  633.867013][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  633.877865][ T4259] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  634.027962][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  634.224943][ T4280] bridge0: port 2(bridge_slave_1) entered blocking state
[  634.232281][ T4280] bridge0: port 2(bridge_slave_1) entered forwarding state
[  634.850676][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  634.873849][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  634.943541][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  634.956946][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  634.966607][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  634.986558][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  635.014454][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  635.042695][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  635.063381][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  635.127867][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  635.375576][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  635.384309][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  635.393044][ T4280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  635.554585][ T8260] input: syz1 as /devices/virtual/input/input16
[  635.685358][ T8265] loop0: detected capacity change from 0 to 512
[  635.725369][ T8265] EXT4-fs: Ignoring removed mblk_io_submit option
[  635.802941][ T8268] binder: BINDER_SET_CONTEXT_MGR already set
[  635.809057][ T8268] binder: 8266:8268 ioctl 4018620d 200000000040 returned -16
[  636.215944][ T8265] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  636.277776][ T8265] EXT4-fs (loop0): orphan cleanup on readonly fs
[  636.363758][ T8265] Quota error (device loop0): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  636.394384][ T8265] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  636.855578][ T8265] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  636.911378][ T8265] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.762: bg 0: block 40: padding at end of block bitmap is not set
[  636.995048][ T8265] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  637.140500][ T8265] EXT4-fs (loop0): 1 truncate cleaned up
[  637.166580][ T8265] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  638.266870][ T8287] lo speed is unknown, defaulting to 1000
[  638.277950][ T8287] lo speed is unknown, defaulting to 1000
[  638.284562][ T8287] lo speed is unknown, defaulting to 1000
[  638.389454][ T8287] infiniband s
z1: set active
[  638.394761][ T8287] infiniband s
z1: added lo
[  638.501237][    T7] lo speed is unknown, defaulting to 1000
[  638.550365][ T8287] RDS/IB: s
z1: added
[  638.556251][ T8287] smc: adding ib device s
z1 with port count 1
[  638.562806][ T8287] smc:    ib device s
z1 port 1 has pnetid 
[  638.614511][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  638.622083][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  638.696826][ T8287] lo speed is unknown, defaulting to 1000
[  638.806765][ T8287] lo speed is unknown, defaulting to 1000
[  639.101846][ T8287] lo speed is unknown, defaulting to 1000
[  639.878017][ T4259] EXT4-fs (loop0): unmounting filesystem.
[  640.078883][ T7919] 8021q: adding VLAN 0 to HW filter on device batadv0
[  640.105547][ T4302] lo speed is unknown, defaulting to 1000
[  640.113907][ T8287] lo speed is unknown, defaulting to 1000
[  640.226113][ T8302] NILFS (nullb0): couldn't find nilfs on the device
[  640.512576][ T8287] lo speed is unknown, defaulting to 1000
[  641.108927][   T27] audit: type=1800 audit(2000000066.100:176): pid=8293 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.767" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  641.824604][ T8316] overlayfs: failed to resolve './file0': -2
[  642.249681][ T8312] overlayfs: failed to resolve './file0': -2
[  643.557802][ T8328] binder: BINDER_SET_CONTEXT_MGR already set
[  643.564307][ T8328] binder: 8324:8328 ioctl 4018620d 200000000040 returned -16
[  644.919570][ T8345] loop3: detected capacity change from 0 to 24
[  644.926572][ T8345] romfs: Unknown parameter 'pcr'
[  645.097267][ T8349] loop2: detected capacity change from 0 to 4096
[  645.154856][ T8344] ceph: No mds server is up or the cluster is laggy
[  645.206560][ T8349] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  645.755582][ T8349] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  645.769322][ T8349] ntfs3: loop2: Failed to load $Extend.
[  646.199883][ T8361] loop3: detected capacity change from 0 to 8
[  646.286859][ T8361] SQUASHFS error: zlib decompression failed, data probably corrupt
[  646.296203][ T8361] SQUASHFS error: Failed to read block 0x13e: -5
[  646.303116][ T8361] SQUASHFS error: Unable to read metadata cache entry [13c]
[  646.310509][ T8361] SQUASHFS error: Unable to read directory block [13c:26]
[  646.328191][ T8361] SQUASHFS error: Unable to read metadata cache entry [13c]
[  646.335691][ T8361] SQUASHFS error: Unable to read directory block [13c:26]
[  646.350066][ T8361] SQUASHFS error: Unable to read metadata cache entry [13c]
[  646.358070][ T8361] SQUASHFS error: Unable to read directory block [13c:26]
[  646.370953][ T8361] SQUASHFS error: Unable to read metadata cache entry [13c]
[  646.378470][ T8361] SQUASHFS error: Unable to read directory block [13c:26]
[  648.282455][ T8381] netlink: 68 bytes leftover after parsing attributes in process `syz.2.784'.
[  648.376270][ T8384] loop0: detected capacity change from 0 to 512
[  648.487641][ T8384] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  648.556260][ T8385] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  648.566490][ T8385] device batadv_slave_0 entered promiscuous mode
[  648.579113][ T8384] EXT4-fs (loop0): invalid journal inode
[  648.590620][ T8384] EXT4-fs (loop0): can't get journal size
[  648.648969][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  648.688569][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  648.714149][ T8384] EXT4-fs (loop0): 1 truncate cleaned up
[  648.733386][ T8384] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  649.210256][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  649.273116][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  649.353913][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  649.381892][ T8386] Process accounting resumed
[  649.412985][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  650.378892][ T8411] binder: BINDER_SET_CONTEXT_MGR already set
[  650.385047][ T8411] binder: 8406:8411 ioctl 4018620d 200000000040 returned -16
[  651.919384][   T27] audit: type=1326 audit(2000000076.840:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8413 comm="syz.2.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26d838e929 code=0x7fc00000
[  651.929010][ T8407] overlayfs: failed to resolve './file0': -2
[  652.288676][ T4259] EXT4-fs (loop0): unmounting filesystem.
[  652.676799][ T8428] UBIFS error (pid: 8428): cannot open "/dev/sg0", error -22
[  652.951419][ T8432] vxfs: WRONG superblock magic 00000000 at 1
[  652.966997][ T8432] vxfs: WRONG superblock magic 00000000 at 8
[  652.973174][ T8432] vxfs: can't find superblock.
[  655.900564][ T8422] loop2: detected capacity change from 0 to 8192
[  656.378960][ T4258] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  656.392511][ T4267] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  656.407484][ T4267] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  656.416107][ T4267] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  656.595269][ T4267] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  656.603053][ T4267] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  656.614914][ T8448] overlayfs: missing 'lowerdir'
[  657.433406][ T8444] lo speed is unknown, defaulting to 1000
[  658.672437][ T4254] Bluetooth: hci3: command 0x0409 tx timeout
[  660.755108][ T4254] Bluetooth: hci3: command 0x041b tx timeout
[  660.907199][ T8470] fuse: Bad value for 'fd'
[  661.014581][ T8444] lo speed is unknown, defaulting to 1000
[  661.063437][ T4266] Process accounting resumed
[  661.135213][ T8480] netlink: 8 bytes leftover after parsing attributes in process `syz.1.796'.
[  661.704608][ T8471] Process accounting resumed
[  663.169159][ T4254] Bluetooth: hci3: command 0x040f tx timeout
[  663.177788][   T27] audit: type=1326 audit(2000000088.110:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8486 comm="syz.1.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9a98e929 code=0x7fc00000
[  663.256497][ T8495] loop3: detected capacity change from 0 to 512
[  663.312457][ T8495] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  663.353958][ T8495] EXT4-fs (loop3): invalid journal inode
[  663.359722][ T8495] EXT4-fs (loop3): can't get journal size
[  663.543463][ T8495] EXT4-fs (loop3): 1 truncate cleaned up
[  663.549219][ T8495] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  665.760872][ T8512] loop2: detected capacity change from 0 to 40427
[  665.825122][ T4254] Bluetooth: hci3: command 0x0419 tx timeout
[  666.451656][ T8512] F2FS-fs (loop2): Corrupted extension count (64 + 1 > 64)
[  666.458979][ T8512] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  666.534529][ T8512] F2FS-fs (loop2): Found nat_bits in checkpoint
[  666.713676][ T8512] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  666.720784][ T8512] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  666.865242][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  668.199113][ T8444] chnl_net:caif_netlink_parms(): no params data found
[  668.536184][ T8535] sctp: [Deprecated]: syz.3.806 (pid 8535) Use of struct sctp_assoc_value in delayed_ack socket option.
[  668.536184][ T8535] Use struct sctp_sack_info instead
[  671.660097][ T8436] udevd[8436]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[  673.913794][ T8444] bridge0: port 1(bridge_slave_0) entered blocking state
[  673.921023][ T8444] bridge0: port 1(bridge_slave_0) entered disabled state
[  673.931877][ T8444] device bridge_slave_0 entered promiscuous mode
[  674.148211][ T8565] device wg2 entered promiscuous mode
[  674.157418][ T8444] bridge0: port 2(bridge_slave_1) entered blocking state
[  674.175203][ T8444] bridge0: port 2(bridge_slave_1) entered disabled state
[  674.229854][ T8444] device bridge_slave_1 entered promiscuous mode
[  674.654456][ T8556] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  674.826649][ T8585] Invalid ELF header type: 0 != 1
[  675.407197][ T8574] overlayfs: failed to resolve './file0': -2
[  675.626035][ T8444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  676.003234][ T8589] overlayfs: failed to resolve './file0': -2
[  676.269333][ T8444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  676.345629][ T8591] netlink: 'syz.1.816': attribute type 1 has an invalid length.
[  677.522376][ T4298] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  677.549721][ T8591] 8021q: adding VLAN 0 to HW filter on device bond1
[  677.795050][ T4298] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  678.147914][ T4298] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  678.476362][ T4298] usb 3-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00
[  678.493282][ T4298] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  678.527871][ T4298] usb 3-1: config 0 descriptor??
[  678.533844][ T8602] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  680.084722][ T8444] team0: Port device team_slave_0 added
[  680.592592][ T8629] 9pnet: Unknown protocol version 9
[  682.082689][ T8444] team0: Port device team_slave_1 added
[  682.129689][ T8626] raw_sendmsg: syz.1.822 forgot to set AF_INET. Fix it!
[  682.225526][ T4298] usbhid 3-1:0.0: can't add hid device: -71
[  682.241521][ T4298] usbhid: probe of 3-1:0.0 failed with error -71
[  682.290838][ T4298] usb 3-1: USB disconnect, device number 4
[  683.238767][ T8444] batman_adv: batadv0: Adding interface: batadv_slave_0
[  683.365045][ T8444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  683.394650][ T8444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  683.412851][ T8444] batman_adv: batadv0: Adding interface: batadv_slave_1
[  683.420055][ T8444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  683.446727][ T8444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  684.605396][ T8444] device hsr_slave_0 entered promiscuous mode
[  685.022783][ T8660] overlayfs: failed to resolve './file0': -2
[  685.191959][ T8444] device hsr_slave_1 entered promiscuous mode
[  686.879226][ T8674] NILFS (nullb0): couldn't find nilfs on the device
[  686.890396][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  686.908868][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  687.201937][ T8444] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  687.229014][ T8444] Cannot create hsr debugfs directory
[  688.374878][   T27] audit: type=1800 audit(2000000113.370:179): pid=8686 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.831" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  691.497857][ T8688] overlayfs: failed to resolve './file0': -2
[  692.054214][ T8697] overlayfs: failed to resolve './file0': -2
[  693.517191][ T6051] device hsr_slave_0 left promiscuous mode
[  694.591325][ T6051] device hsr_slave_1 left promiscuous mode
[  694.652152][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_0
[  694.693136][ T6051] batman_adv: batadv0: Removing interface: batadv_slave_1
[  694.719215][ T6051] device bridge_slave_1 left promiscuous mode
[  694.744817][ T6051] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.796610][ T6051] device bridge_slave_0 left promiscuous mode
[  694.810093][ T6051] bridge0: port 1(bridge_slave_0) entered disabled state
[  699.453824][ T6051] team0 (unregistering): Port device team_slave_1 removed
[  699.679159][ T6051] team0 (unregistering): Port device team_slave_0 removed
[  700.184331][ T6051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  700.272402][ T6051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  700.904542][ T6051] bond0 (unregistering): Released all slaves
[  701.072963][ T8779] loop3: detected capacity change from 0 to 8
[  701.073798][ T8730] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  701.081116][ T8779] squashfs image failed sanity check
[  701.088614][ T8730] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  701.095963][   T27] audit: type=1800 audit(2000000126.070:180): pid=8730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.840" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  701.104204][ T8730] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  701.175375][ T8768] netlink: 12 bytes leftover after parsing attributes in process `syz.1.845'.
[  701.203181][ T8768] tipc: Started in network mode
[  701.209073][ T8768] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  701.228163][ T8768] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:0000
[  701.250630][ T8768] tipc: Enabled bearer <udp:syz1>, priority 10
[  701.259975][ T8772] netlink: 36 bytes leftover after parsing attributes in process `syz.1.845'.
[  701.301040][ T8435] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  702.248184][  T126] tipc: Node number set to 1
[  703.010785][ T8802] NILFS (nullb0): couldn't find nilfs on the device
[  703.890122][ T4254] Bluetooth: hci4: unexpected event for opcode 0x0c0d
[  706.738558][ T8817] loop3: detected capacity change from 0 to 1764
[  708.025406][ T8824] input: syz0 as /devices/virtual/input/input18
[  708.753987][ T8444] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  708.843080][ T8444] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  708.861408][ T8444] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  708.871511][ T8444] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  709.084266][   T27] audit: type=1800 audit(2000000134.080:181): pid=8832 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.858" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  710.750217][ T8838] netlink: 12 bytes leftover after parsing attributes in process `syz.3.859'.
[  710.786349][ T8838] tipc: Started in network mode
[  711.018428][ T8838] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  711.052761][ T8838] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:0000
[  711.959583][ T8838] tipc: Enabled bearer <udp:syz1>, priority 10
[  712.242500][ T8841] netlink: 36 bytes leftover after parsing attributes in process `syz.3.859'.
[  714.039673][  T126] tipc: Node number set to 1
[  714.547446][ T8857] netlink: 16 bytes leftover after parsing attributes in process `syz.0.863'.
[  716.483089][ T4267] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  716.502642][ T4267] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  716.529016][ T4267] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  716.547805][ T4267] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  716.593438][ T4267] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  716.601170][ T4267] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  717.564350][ T8874] lo speed is unknown, defaulting to 1000
[  717.718782][ T8883] loop2: detected capacity change from 0 to 4096
[  717.762093][ T8887] loop3: detected capacity change from 0 to 128
[  717.787873][ T8435] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  718.031139][ T8874] lo speed is unknown, defaulting to 1000
[  718.696741][ T4254] Bluetooth: hci5: command 0x0409 tx timeout
[  720.752408][ T4254] Bluetooth: hci5: command 0x041b tx timeout
[  721.284700][ T8913] loop3: detected capacity change from 0 to 4096
[  721.403337][ T8913] ntfs: volume version 3.1.
[  721.521305][   T27] audit: type=1800 audit(2000000146.510:182): pid=8912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.872" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  723.263565][ T8935] loop2: detected capacity change from 0 to 8
[  723.392384][ T4254] Bluetooth: hci5: command 0x040f tx timeout
[  725.080828][ T8935] SQUASHFS error: zlib decompression failed, data probably corrupt
[  725.089316][ T8935] SQUASHFS error: Failed to read block 0x13e: -5
[  725.095844][ T8935] SQUASHFS error: Unable to read metadata cache entry [13c]
[  725.103344][ T8935] SQUASHFS error: Unable to read directory block [13c:26]
[  725.122601][ T8935] SQUASHFS error: Unable to read metadata cache entry [13c]
[  725.130535][ T8935] SQUASHFS error: Unable to read directory block [13c:26]
[  725.144341][ T8935] SQUASHFS error: Unable to read metadata cache entry [13c]
[  725.151854][ T8935] SQUASHFS error: Unable to read directory block [13c:26]
[  725.169581][ T8935] SQUASHFS error: Unable to read metadata cache entry [13c]
[  725.177124][ T8935] SQUASHFS error: Unable to read directory block [13c:26]
[  725.472591][ T4254] Bluetooth: hci5: command 0x0419 tx timeout
[  726.108468][ T8874] chnl_net:caif_netlink_parms(): no params data found
[  726.119074][ T8939] loop3: detected capacity change from 0 to 1024
[  726.165322][ T8939] hfsplus: type requires a 4 character value
[  726.207902][ T8939] hfsplus: unable to parse mount options
[  726.268643][ T8934] overlayfs: failed to resolve './file0': -2
[  727.434620][ T8874] bridge0: port 1(bridge_slave_0) entered blocking state
[  727.470910][ T8874] bridge0: port 1(bridge_slave_0) entered disabled state
[  727.530157][ T8874] device bridge_slave_0 entered promiscuous mode
[  728.005570][ T8966] sctp: [Deprecated]: syz.1.889 (pid 8966) Use of struct sctp_assoc_value in delayed_ack socket option.
[  728.005570][ T8966] Use struct sctp_sack_info instead
[  728.402427][ T8874] bridge0: port 2(bridge_slave_1) entered blocking state
[  728.410350][ T8874] bridge0: port 2(bridge_slave_1) entered disabled state
[  728.460046][ T8874] device bridge_slave_1 entered promiscuous mode
[  728.490436][ T8974] loop2: detected capacity change from 0 to 512
[  728.494923][ T8977] ICMPv6: NA: aa:aa:aa:aa:aa:00 advertised our address fe80::aa on syz_tun!
[  728.497139][ T4301] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  728.577300][ T8974] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.891: inode #1: comm syz.2.891: iget: illegal inode #
[  728.628539][ T8974] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.891: error while reading EA inode 1 err=-117
[  728.714110][ T4301] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  728.743958][ T8974] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.891: inode #1: comm syz.2.891: iget: illegal inode #
[  728.752293][ T4301] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  728.792807][ T4301] usb 4-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00
[  728.817789][ T4301] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  728.826131][ T8974] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.891: error while reading EA inode 1 err=-117
[  728.923360][ T8974] EXT4-fs (loop2): 1 orphan inode deleted
[  728.929186][ T8974] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  729.039372][ T4301] usb 4-1: config 0 descriptor??
[  729.041188][ T8874] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  729.057688][ T8969] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  729.199581][ T8874] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  729.226383][ T4255] EXT4-fs (loop2): unmounting filesystem.
[  730.372023][ T8874] team0: Port device team_slave_0 added
[  730.745709][ T8997] device wg2 entered promiscuous mode
[  731.132432][ T4301] usbhid 4-1:0.0: can't add hid device: -71
[  731.187018][ T4301] usbhid: probe of 4-1:0.0 failed with error -71
[  731.215253][ T4301] usb 4-1: USB disconnect, device number 7
[  731.215413][ T8874] team0: Port device team_slave_1 added
[  731.734566][ T9005] loop2: detected capacity change from 0 to 128
[  732.490931][ T8874] batman_adv: batadv0: Adding interface: batadv_slave_0
[  732.512879][ T8874] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  733.116938][ T9007] overlayfs: failed to resolve './file0': -2
[  733.302899][ T8874] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  733.367670][ T8874] batman_adv: batadv0: Adding interface: batadv_slave_1
[  733.385458][ T8874] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  733.507115][ T8874] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  734.366694][ T9026] netlink: 16 bytes leftover after parsing attributes in process `syz.3.904'.
[  734.474066][ T4542] device hsr_slave_0 left promiscuous mode
[  734.541967][ T4542] device hsr_slave_1 left promiscuous mode
[  734.548844][ T9031] loop3: detected capacity change from 0 to 512
[  734.566771][ T4542] batman_adv: batadv0: Removing interface: batadv_slave_0
[  734.610261][ T9031] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.907: inode #1: comm syz.3.907: iget: illegal inode #
[  734.703993][ T4542] batman_adv: batadv0: Removing interface: batadv_slave_1
[  734.772330][ T9031] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.907: error while reading EA inode 1 err=-117
[  734.773223][ T4542] device bridge_slave_1 left promiscuous mode
[  734.818947][ T9031] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.907: inode #1: comm syz.3.907: iget: illegal inode #
[  734.819250][ T9038] loop2: detected capacity change from 0 to 512
[  734.842769][ T4542] bridge0: port 2(bridge_slave_1) entered disabled state
[  734.893083][ T9031] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.907: error while reading EA inode 1 err=-117
[  734.933681][ T9038] EXT4-fs (loop2): fragment/cluster size (2048) != block size (1024)
[  734.959478][ T9031] EXT4-fs (loop3): 1 orphan inode deleted
[  734.975974][ T4542] device bridge_slave_0 left promiscuous mode
[  734.986281][ T4542] bridge0: port 1(bridge_slave_0) entered disabled state
[  734.996860][ T9031] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  735.366177][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  735.866935][ T9052] overlayfs: failed to resolve './file0': -2
[  737.475344][ T9059] loop3: detected capacity change from 0 to 4096
[  737.494136][ T9059] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  737.544443][ T9059] ntfs3: loop3: RAW NTFS volume: Filesystem size 8192.00 Gb > volume size 0.00 Gb. Mount in read-only
[  737.564347][ T9059] ntfs3: loop3: NTFS 8192.00 Gb is too big to use 32 bits per cluster
[  737.782160][ T4542] team0 (unregistering): Port device team_slave_1 removed
[  737.943171][ T4542] team0 (unregistering): Port device team_slave_0 removed
[  738.021507][ T9068] overlayfs: failed to resolve './file0': -2
[  738.275123][ T4542] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  738.663515][ T9079] overlayfs: failed to resolve './file0': -2
[  738.753088][ T4542] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  738.784304][ T9081] loop2: detected capacity change from 0 to 4096
[  738.894909][ T9081] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  739.138016][ T9091] loop3: detected capacity change from 0 to 128
[  739.159031][ T9091] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  739.200507][ T9091] FAT-fs (loop3): FAT read failed (blocknr 255)
[  739.428689][ T4542] bond0 (unregistering): Released all slaves
[  739.537797][ T9100] loop3: detected capacity change from 0 to 8
[  739.643148][ T9100] SQUASHFS error: zlib decompression failed, data probably corrupt
[  739.651716][ T9100] SQUASHFS error: Failed to read block 0x13e: -5
[  739.658242][ T9100] SQUASHFS error: Unable to read metadata cache entry [13c]
[  739.665832][ T9100] SQUASHFS error: Unable to read directory block [13c:26]
[  739.685847][ T9100] SQUASHFS error: Unable to read metadata cache entry [13c]
[  739.693405][ T9100] SQUASHFS error: Unable to read directory block [13c:26]
[  739.713147][ T9100] SQUASHFS error: Unable to read metadata cache entry [13c]
[  739.720554][ T9100] SQUASHFS error: Unable to read directory block [13c:26]
[  739.737728][ T9100] SQUASHFS error: Unable to read metadata cache entry [13c]
[  739.745315][ T9100] SQUASHFS error: Unable to read directory block [13c:26]
[  740.526365][ T8874] device hsr_slave_0 entered promiscuous mode
[  740.627853][ T8874] device hsr_slave_1 entered promiscuous mode
[  740.650812][ T9064] device batadv0 entered promiscuous mode
[  740.663028][ T9065] 8021q: adding VLAN 0 to HW filter on device batadv0
[  743.961236][ T9116] overlayfs: failed to resolve './file0': -2
[  745.286695][ T9121] loop3: detected capacity change from 0 to 4096
[  746.143465][ T4254] Bluetooth: hci2: unexpected event for opcode 0x0407
[  746.644270][ T4254] Bluetooth: hci2: Malformed LE Event: 0x1d
[  746.732555][ T4339] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  746.797741][ T9157] loop2: detected capacity change from 0 to 190
[  746.888908][ T9157] ntfs: (device loop2): read_ntfs_boot_sector(): Primary boot sector is invalid.
[  746.990444][ T9157] ntfs: (device loop2): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover.
[  747.005311][ T9157] ntfs: (device loop2): ntfs_fill_super(): Not an NTFS volume.
[  747.016385][ T8874] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  747.234810][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  747.255492][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  747.663367][ T8874] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  747.764879][ T8874] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  747.815105][ T4339] usb 4-1: not running at top speed; connect to a high speed hub
[  747.835735][ T4339] usb 4-1: New USB device found, idVendor=24b8, idProduct=0040, bcdDevice= 0.40
[  747.849575][ T4339] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  747.883797][ T4339] usb 4-1: Product: syz
[  747.897572][ T4339] usb 4-1: Manufacturer: syz
[  747.899143][ T8874] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  747.926905][ T4339] usb 4-1: SerialNumber: syz
[  747.959022][ T9167] netlink: 'syz.2.950': attribute type 4 has an invalid length.
[  747.982627][ T9167] infiniband s
z1: set active
[  748.065748][ T4297] lo speed is unknown, defaulting to 1000
[  748.214594][ T4339] usbhid 4-1:1.0: can't add hid device: -71
[  748.220651][ T4339] usbhid: probe of 4-1:1.0 failed with error -71
[  748.299639][ T4339] usb 4-1: USB disconnect, device number 8
[  748.443536][ T9178] loop2: detected capacity change from 0 to 256
[  748.537595][ T8874] 8021q: adding VLAN 0 to HW filter on device bond0
[  748.577087][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  748.872572][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  748.885133][ T9178] FAT-fs (loop2): Directory bread(block 64) failed
[  748.891731][ T9178] FAT-fs (loop2): Directory bread(block 65) failed
[  748.936811][ T8874] 8021q: adding VLAN 0 to HW filter on device team0
[  748.977983][ T9178] FAT-fs (loop2): Directory bread(block 66) failed
[  748.993339][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  749.061474][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  749.080062][ T9178] FAT-fs (loop2): Directory bread(block 67) failed
[  749.110212][ T9178] FAT-fs (loop2): Directory bread(block 68) failed
[  749.192623][ T6051] bridge0: port 1(bridge_slave_0) entered blocking state
[  749.199821][ T6051] bridge0: port 1(bridge_slave_0) entered forwarding state
[  749.213671][ T9178] FAT-fs (loop2): Directory bread(block 69) failed
[  749.220417][ T9178] FAT-fs (loop2): Directory bread(block 70) failed
[  749.245950][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  749.283651][ T4254] Bluetooth: hci2: unexpected event for opcode 0x2011
[  749.293158][ T9178] FAT-fs (loop2): Directory bread(block 71) failed
[  749.305436][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  749.362428][ T9178] FAT-fs (loop2): Directory bread(block 72) failed
[  749.371698][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  749.400344][ T9178] FAT-fs (loop2): Directory bread(block 73) failed
[  749.425869][ T6051] bridge0: port 2(bridge_slave_1) entered blocking state
[  749.433091][ T6051] bridge0: port 2(bridge_slave_1) entered forwarding state
[  749.477891][ T6051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  749.610467][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  749.880765][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  750.302296][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  750.333074][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  750.373426][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  750.413762][ T9192] netlink: 16 bytes leftover after parsing attributes in process `syz.1.955'.
[  750.430209][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  750.480360][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  750.515523][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  750.543224][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  750.551940][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  750.560195][ T8874] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  750.731091][ T9204] binder: 9201:9204 ioctl c00c6211 0 returned -14
[  751.166337][ T9205] overlayfs: failed to resolve './file0': -2
[  751.470054][ T9210] loop2: detected capacity change from 0 to 64
[  752.091138][ T9199] loop3: detected capacity change from 0 to 32768
[  752.281539][ T9199] (syz.3.960,9199,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xc2d589a7, computed 0x7af5e8d3. Applying ECC.
[  752.294906][ T9199] (syz.3.960,9199,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xc2d589a7, computed 0x7af5e8d3
[  752.329342][ T9199] (syz.3.960,9199,0):ocfs2_validate_inode_block:1379 ERROR: Checksum failed for dinode 17
[  752.353645][ T9231] loop2: detected capacity change from 0 to 64
[  752.366100][ T9199] (syz.3.960,9199,0):ocfs2_read_locked_inode:521 ERROR: status = -5
[  752.675558][ T6056] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  752.713662][ T6056] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  752.735747][ T9199] (syz.3.960,9199,1):ocfs2_init_global_system_inodes:440 ERROR: status = -5
[  752.808925][ T8874] 8021q: adding VLAN 0 to HW filter on device batadv0
[  752.840371][ T9199] (syz.3.960,9199,1):ocfs2_init_global_system_inodes:472 ERROR: status = -5
[  752.907117][ T9199] (syz.3.960,9199,0):ocfs2_initialize_super:2255 ERROR: status = -5
[  752.916281][ T9199] (syz.3.960,9199,0):ocfs2_fill_super:1176 ERROR: status = -5
[  753.172459][ T9230] nvme_fabrics: missing parameter 'transport=%s'
[  753.188555][ T9230] nvme_fabrics: missing parameter 'nqn=%s'
[  753.436662][ T4297] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  753.693875][ T4297] usb 3-1: Using ep0 maxpacket: 8
[  753.868340][ T4297] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  754.028290][ T4297] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  754.103648][ T4297] usb 3-1: Product: syz
[  754.124015][ T4297] usb 3-1: Manufacturer: syz
[  754.149094][ T4297] usb 3-1: SerialNumber: syz
[  754.180421][ T4297] usb 3-1: config 0 descriptor??
[  754.228237][ T4297] gspca_main: sq930x-2.14.0 probing 2770:930c
[  754.621573][ T9263] netlink: 8 bytes leftover after parsing attributes in process `syz.0.980'.
[  754.631729][ T4297] gspca_sq930x: ucbus_write failed -71
[  754.639245][ T4297] sq930x: probe of 3-1:0.0 failed with error -71
[  754.680894][ T4297] usb 3-1: USB disconnect, device number 5
[  755.071895][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  755.101507][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  755.166012][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  755.194299][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  755.209170][ T9258] loop3: detected capacity change from 0 to 32768
[  755.226717][ T8874] device veth0_vlan entered promiscuous mode
[  755.260409][ T9258] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.979 (9258)
[  755.276575][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  755.292919][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  755.323490][ T8874] device veth1_vlan entered promiscuous mode
[  755.339690][ T9258] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  755.366719][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  755.384414][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  755.387824][ T9258] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  755.408556][ T9258] BTRFS info (device loop3): force clearing of disk cache
[  755.408957][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  755.419250][ T9258] BTRFS info (device loop3): metadata ratio 0
[  755.430231][ T9258] BTRFS info (device loop3): enabling ssd optimizations
[  755.441422][ T9258] BTRFS info (device loop3): using spread ssd allocation scheme
[  755.454791][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  755.463747][ T9258] BTRFS info (device loop3): using free space tree
[  755.479593][ T8874] device veth0_macvtap entered promiscuous mode
[  755.509153][ T8874] device veth1_macvtap entered promiscuous mode
[  755.569968][ T8874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  755.598405][ T8874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  755.612092][ T8874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  755.632523][ T8874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  755.643239][ T8874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  755.662345][ T8874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  755.673908][ T8874] batman_adv: batadv0: Interface activated: batadv_slave_0
[  755.683386][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  755.717557][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  755.742057][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  755.752124][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  755.763069][ T8874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  755.786581][ T9258] BTRFS info (device loop3): rebuilding free space tree
[  755.792343][ T8874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  755.833372][ T8874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  755.870222][ T8874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  755.888964][ T8874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  755.907333][ T8874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  755.937762][ T8874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  755.958583][ T8874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  755.980468][ T8874] batman_adv: batadv0: Interface activated: batadv_slave_1
[  755.994892][ T8874] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  756.014163][ T8874] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  756.044594][ T8874] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  756.075146][ T8874] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  756.097696][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  756.114719][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  756.271223][ T4261] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  756.313819][ T4323] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  756.371144][ T4323] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  756.448441][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  756.484894][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  756.509479][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  756.545211][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  758.335791][ T9313] netlink: 12 bytes leftover after parsing attributes in process `syz.3.994'.
[  758.662517][ T9311] loop5: detected capacity change from 0 to 40427
[  758.721036][ T9311] F2FS-fs (loop5): invalid crc value
[  758.843035][ T9311] F2FS-fs (loop5): Found nat_bits in checkpoint
[  758.970329][ T9311] F2FS-fs (loop5): Start checkpoint disabled!
[  759.000715][ T9311] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  760.588435][   T33] kworker/u4:2: attempt to access beyond end of device
[  760.588435][   T33] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  760.753819][ T9331] loop3: detected capacity change from 0 to 256
[  761.223740][ T9333] overlayfs: failed to resolve './file0': -2
[  761.878786][ T9348] usb usb8: usbfs: process 9348 (syz.2.997) did not claim interface 0 before use
[  762.621564][ T9366] overlayfs: failed to resolve './file0': -2
[  762.625375][ T9359] loop5: detected capacity change from 0 to 4096
[  763.791651][ T9379] loop2: detected capacity change from 0 to 512
[  763.932519][ T9379] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  764.312239][ T9383] overlayfs: failed to resolve './file0': -2
[  764.487171][ T9379] EXT4-fs (loop2): orphan cleanup on readonly fs
[  764.499079][ T9379] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:511: comm syz.2.1007: Block bitmap for bg 0 marked uninitialized
[  764.515509][ T9379] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  764.533079][ T9379] EXT4-fs (loop2): 1 orphan inode deleted
[  764.539045][ T9379] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  764.689903][ T4255] EXT4-fs (loop2): unmounting filesystem.
[  764.824956][ T9393] loop5: detected capacity change from 0 to 64
[  765.087583][ T9403] loop2: detected capacity change from 0 to 16
[  765.123112][ T9403] erofs: (device loop2): mounted with root inode @ nid 36.
[  765.174742][ T9403] erofs: (device loop2): z_erofs_extent_lookback: invalid lookback distance 0 @ nid 36
[  765.258711][ T9403] erofs: (device loop2): z_erofs_extent_lookback: invalid lookback distance 0 @ nid 36
[  765.359208][   T27] audit: type=1800 audit(2000000190.350:183): pid=9411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1016" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  765.397555][ T9403] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  767.942636][ T9423] overlayfs: failed to resolve './file0': -2
[  768.345752][ T9416] DRBG: could not allocate digest TFM handle: hmac(sha512)
[  768.597885][ T9434] loop5: detected capacity change from 0 to 512
[  768.675253][ T9434] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  769.109866][ T9434] EXT4-fs (loop5): orphan cleanup on readonly fs
[  769.284046][ T9434] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:511: comm syz.5.1024: Block bitmap for bg 0 marked uninitialized
[  769.529058][ T9434] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  769.688615][ T9434] EXT4-fs (loop5): 1 orphan inode deleted
[  769.759451][ T9434] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  769.987618][ T9447] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1030'.
[  770.041049][ T9447] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1030'.
[  770.797690][ T9442] loop2: detected capacity change from 0 to 32768
[  770.834605][ T9440] overlayfs: failed to resolve './file0': -2
[  770.998879][ T9442] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  771.620008][ T8874] EXT4-fs (loop5): unmounting filesystem.
[  771.755512][ T4255] ocfs2: Unmounting device (7,2) on (node local)
[  772.098117][ T9459] overlayfs: failed to resolve './file0': -2
[  772.424771][ T9458] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1033'.
[  772.752294][   T27] audit: type=1800 audit(2000000197.740:184): pid=9469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1036" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  772.950183][ T9456] loop5: detected capacity change from 0 to 32768
[  772.992377][ T9456] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.1032 (9456)
[  773.431413][ T9456] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  773.516580][ T9456] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  773.596384][ T9456] BTRFS info (device loop5): force clearing of disk cache
[  773.634471][ T9456] BTRFS info (device loop5): metadata ratio 0
[  773.640639][ T9456] BTRFS info (device loop5): enabling ssd optimizations
[  773.712497][ T9456] BTRFS info (device loop5): using spread ssd allocation scheme
[  773.782834][ T9456] BTRFS info (device loop5): using free space tree
[  774.557637][ T9482] nvme_fabrics: missing parameter 'transport=%s'
[  774.571359][ T9482] nvme_fabrics: missing parameter 'nqn=%s'
[  774.652381][ T9456] BTRFS info (device loop5): rebuilding free space tree
[  775.798280][ T9508] loop3: detected capacity change from 0 to 32768
[  775.941077][ T9508] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  776.515032][ T8874] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  776.584849][ T4261] ocfs2: Unmounting device (7,3) on (node local)
[  776.815420][ T9524] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1052'.
[  777.101132][ T9529] netlink: 'syz.0.1054': attribute type 10 has an invalid length.
[  777.136810][ T9529] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1054'.
[  777.198815][ T9529] bridge0: port 3(dummy0) entered blocking state
[  777.230939][ T9529] bridge0: port 3(dummy0) entered disabled state
[  777.269541][ T9529] device dummy0 entered promiscuous mode
[  777.277319][ T9529] bridge0: port 3(dummy0) entered blocking state
[  777.295526][ T9529] bridge0: port 3(dummy0) entered forwarding state
[  777.878098][   T27] audit: type=1800 audit(2000000202.870:185): pid=9559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1059" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  778.088864][ T8435] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop5 scanned by udevd (8435)
[  778.168444][ T9550] loop2: detected capacity change from 0 to 32768
[  778.196371][ T9550] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10
[  778.422702][ T9546] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  780.057432][ T9546] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  780.160711][ T9546] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  780.277416][ T9546] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  780.383940][ T9546] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  780.566639][ T9546] usb 4-1: config 0 descriptor??
[  780.750586][ T9546] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  780.871541][ T9546] dvb-usb: bulk message failed: -22 (3/0)
[  781.359042][ T9546] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  781.531836][ T9546] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  781.636525][ T9546] usb 4-1: media controller created
[  781.707123][ T9546] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  781.793414][ T8436] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10
[  781.874820][ T9546] dvb-usb: bulk message failed: -22 (6/0)
[  781.908692][ T9546] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  782.186184][ T9546] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input21
[  782.429461][ T9584] overlayfs: failed to resolve './file0': -2
[  783.033609][ T9546] dvb-usb: schedule remote query interval to 150 msecs.
[  783.143567][ T9546] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  783.148134][ T9581] overlayfs: failed to resolve './file0': -2
[  783.442946][ T9546] usb 4-1: USB disconnect, device number 9
[  783.750486][ T9546] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  783.876140][ T4339] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  784.064588][ T4339] usb 2-1: Using ep0 maxpacket: 32
[  784.072060][ T4339] usb 2-1: New USB device found, idVendor=256c, idProduct=006e, bcdDevice= 0.00
[  784.098061][ T4339] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  784.112542][ T4297] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  784.135589][ T4339] usb 2-1: config 0 descriptor??
[  784.302280][ T4297] usb 6-1: Using ep0 maxpacket: 16
[  784.310030][ T4297] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  784.337846][ T4297] usb 6-1: config 0 has no interface number 0
[  784.360483][ T4297] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  784.402457][ T4266] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  784.419879][ T4297] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  784.466086][ T4297] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  784.500924][ T4297] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  784.541200][ T4297] usb 6-1: Product: syz
[  784.577310][ T4297] usb 6-1: SerialNumber: syz
[  784.592673][ T4266] usb 4-1: Using ep0 maxpacket: 16
[  784.602543][ T4266] usb 4-1: config 0 has no interfaces?
[  784.626567][ T4266] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  784.655495][ T4297] usb 6-1: config 0 descriptor??
[  784.678892][ T4266] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  784.695767][ T4297] cm109 6-1:0.8: invalid payload size 0, expected 4
[  784.720504][ T4266] usb 4-1: Manufacturer: syz
[  784.729014][ T4297] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.8/input/input22
[  784.766069][ T4339] usb 2-1: string descriptor 0 read error: -71
[  784.789348][ T4266] usb 4-1: config 0 descriptor??
[  784.810030][ T4339] uclogic 0003:256C:006E.0002: failed retrieving string descriptor #200: -71
[  784.811495][ T9622] loop2: detected capacity change from 0 to 512
[  784.862552][ T9622] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  784.871648][ T4339] uclogic 0003:256C:006E.0002: failed retrieving pen parameters: -71
[  784.871762][ T9622] ext4 filesystem being mounted at /240/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  784.934254][ T4339] uclogic 0003:256C:006E.0002: failed probing pen v2 parameters: -71
[  784.947594][ T9626] overlayfs: failed to resolve './file0': -2
[  784.962633][ T4339] uclogic 0003:256C:006E.0002: failed probing parameters: -71
[  784.987572][ T4339] uclogic: probe of 0003:256C:006E.0002 failed with error -71
[  785.015173][ T4339] usb 2-1: USB disconnect, device number 4
[  785.040828][ T9611] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  785.047416][ T9611] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  785.062661][ T9611] vhci_hcd vhci_hcd.0: Device attached
[  785.071159][ T9627] vhci_hcd: connection closed
[  785.073483][ T9546] usb 4-1: USB disconnect, device number 10
[  785.092269][   T46] vhci_hcd: stop threads
[  785.097676][   T46] vhci_hcd: release socket
[  785.102376][   T46] vhci_hcd: disconnect device
[  785.115165][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  785.125270][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  785.132528][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  785.139786][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  785.147242][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  785.174056][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  785.183214][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  785.190457][ T9301] usb 6-1: USB disconnect, device number 2
[  785.203104][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  785.210118][    C1] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  785.223945][ T4255] EXT4-fs (loop2): unmounting filesystem.
[  785.236432][ T9301] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  785.875011][ T9636] overlayfs: failed to resolve './file0': -2
[  786.430865][ T9643] overlayfs: failed to resolve './file0': -2
[  787.019554][ T9653] loop5: detected capacity change from 0 to 256
[  787.172560][ T9653] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  787.489361][ T9664] loop2: detected capacity change from 0 to 256
[  787.512332][ T9543] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  787.579934][ T9664] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x03493fd8, utbl_chksum : 0xe619d30d)
[  787.601326][ T9668] loop3: detected capacity change from 0 to 1024
[  787.714197][ T9543] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  787.737922][ T9543] usb 2-1: config 0 interface 0 has no altsetting 0
[  787.748087][ T4323] hfsplus: b-tree write err: -5, ino 4
[  787.763779][ T9543] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  787.866975][ T9543] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  788.158711][ T9543] usb 2-1: Product: syz
[  788.184808][ T9673] overlayfs: failed to resolve './file0': -2
[  788.326707][ T9543] usb 2-1: Manufacturer: syz
[  788.422405][ T9543] usb 2-1: SerialNumber: syz
[  788.442026][ T9543] usb 2-1: config 0 descriptor??
[  788.487964][ T9679] overlayfs: failed to resolve './file0': -2
[  788.530987][ T9543] usb 2-1: selecting invalid altsetting 0
[  788.729184][ T9685] loop3: detected capacity change from 0 to 256
[  789.137169][ T9685] FAT-fs (loop3): Directory bread(block 64) failed
[  789.161959][ T9685] FAT-fs (loop3): Directory bread(block 65) failed
[  789.173272][ T9543] usb 2-1: USB disconnect, device number 5
[  789.406229][ T9688] overlayfs: failed to resolve './file0': -2
[  789.409143][ T9685] FAT-fs (loop3): Directory bread(block 66) failed
[  789.422519][ T9685] FAT-fs (loop3): Directory bread(block 67) failed
[  789.450001][ T9685] FAT-fs (loop3): Directory bread(block 68) failed
[  789.462876][ T9685] FAT-fs (loop3): Directory bread(block 69) failed
[  789.495040][ T9685] FAT-fs (loop3): Directory bread(block 70) failed
[  789.504895][ T9685] FAT-fs (loop3): Directory bread(block 71) failed
[  789.518454][ T9685] FAT-fs (loop3): Directory bread(block 72) failed
[  789.602288][ T9685] FAT-fs (loop3): Directory bread(block 73) failed
[  789.840949][ T9691] loop2: detected capacity change from 0 to 8192
[  790.085745][ T8441] udevd[8441]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  790.089754][ T9691] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  790.244726][ T9691] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  790.296220][ T9691] REISERFS (device loop2): using ordered data mode
[  790.312391][ T4339] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  790.340844][ T9691] reiserfs: using flush barriers
[  790.417521][ T9691] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  790.449949][ T9691] REISERFS (device loop2): checking transaction log (loop2)
[  790.505640][ T9715] overlayfs: failed to resolve './file0': -2
[  790.529679][ T4339] usb 4-1: Using ep0 maxpacket: 32
[  790.550549][ T4339] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  790.572526][ T4339] usb 4-1: config 0 has no interface number 0
[  790.581241][ T4339] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  790.590654][ T4339] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  790.599027][ T4339] usb 4-1: Product: syz
[  790.603585][ T4339] usb 4-1: Manufacturer: syz
[  790.608228][ T4339] usb 4-1: SerialNumber: syz
[  790.613082][ T4297] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  790.630790][ T4339] usb 4-1: config 0 descriptor??
[  790.668120][ T4339] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  790.777925][ T9691] REISERFS (device loop2): Using tea hash to sort names
[  790.806731][ T9691] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  790.818553][ T4297] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  790.831898][ T4297] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  790.851924][ T9723] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.1123'.
[  790.869741][ T9723] netlink: zone id is out of range
[  790.875857][ T9723] netlink: zone id is out of range
[  790.881012][ T9723] netlink: zone id is out of range
[  790.893768][ T4339] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  790.898228][ T9723] netlink: del zone limit has 4 unknown bytes
[  790.922277][ T4297] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  790.932119][ T4297] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  790.988010][ T4339] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  791.007831][ T4297] usb 2-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  791.071364][ T4297] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  791.113500][ T4297] usb 2-1: config 0 descriptor??
[  791.246230][ T9728] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491
[  791.298594][    C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  791.310017][ T4339] usb 4-1: USB disconnect, device number 11
[  791.342787][ T4339] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  791.373737][ T4339] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  791.407150][ T4339] quatech2 4-1:0.51: device disconnected
[  791.619550][ T4297] hid-picolcd 0003:04D8:C002.0003: No report with id 0x11 found
[  792.232544][   T14] usb 2-1: USB disconnect, device number 6
[  792.309849][ T9737] loop2: detected capacity change from 0 to 256
[  792.372397][ T9737] FAT-fs (loop2): Directory bread(block 64) failed
[  792.386556][ T9737] FAT-fs (loop2): Directory bread(block 65) failed
[  792.403090][ T9737] FAT-fs (loop2): Directory bread(block 66) failed
[  792.420734][ T9737] FAT-fs (loop2): Directory bread(block 67) failed
[  792.497952][ T9737] FAT-fs (loop2): Directory bread(block 68) failed
[  792.514430][ T9737] FAT-fs (loop2): Directory bread(block 69) failed
[  792.553547][ T9743] overlayfs: failed to resolve './file0': -2
[  792.572018][ T9737] FAT-fs (loop2): Directory bread(block 70) failed
[  792.616808][ T9737] FAT-fs (loop2): Directory bread(block 71) failed
[  792.855386][ T9746] loop3: detected capacity change from 0 to 32768
[  792.890951][ T9746] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  792.899855][ T9746] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  792.942726][ T9746] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  792.957551][ T4297] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  792.968602][ T4297] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  792.971033][ T9737] FAT-fs (loop2): Directory bread(block 72) failed
[  793.059098][ T9737] FAT-fs (loop2): Directory bread(block 73) failed
[  793.103561][ T4297] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 134ms
[  793.175593][ T4297] gfs2: fsid=syz:syz.0: jid=0: Done
[  793.183975][ T9746] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  793.202707][ T9746] gfs2: fsid=syz:syz.0: can't find local "qc" file: -2
[  793.324600][ T9750] overlayfs: failed to resolve './file0': -2
[  793.350850][ T9754] loop5: detected capacity change from 0 to 128
[  793.574610][ T9758] binder: 9755:9758 ioctl c0306201 0 returned -14
[  793.938762][ T9760] loop3: detected capacity change from 0 to 32768
[  793.983965][ T9760] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  793.992302][ T9760] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  794.022356][ T9760] syz.3.1139: attempt to access beyond end of device
[  794.022356][ T9760] loop3: rw=12288, sector=549755814040, nr_sectors = 8 limit=32768
[  794.037330][ T9760] gfs2: fsid=syz:syz.0: can't acquire journal inode glock: -5
[  794.866081][ T9778] loop5: detected capacity change from 0 to 4096
[  794.884727][ T9778] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  794.920949][ T9778] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  794.969962][ T9778] ntfs: (device loop5): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  795.013223][ T9778] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  795.059454][ T9778] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  795.087141][ T9788] overlayfs: failed to resolve './file0': -2
[  795.144435][ T9778] ntfs: volume version 3.1.
[  795.192086][ T9778] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  795.222480][ T9778] ntfs: (device loop5): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  795.258500][ T9778] ntfs: (device loop5): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  795.318191][ T9792] binder: 9789:9792 ioctl c0306201 0 returned -14
[  795.335971][ T9778] ntfs: (device loop5): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute is corrupt.
[  795.546123][ T9778] ntfs: (device loop5): ntfs_read_locked_index_inode(): Failed with error code -5 while reading index inode (mft_no 0x18, name_len 2.
[  795.826051][ T9774] loop2: detected capacity change from 0 to 32768
[  795.872731][ T9774] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1144 (9774)
[  795.957768][ T9774] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  795.997032][ T9799] loop3: detected capacity change from 0 to 8
[  796.017150][ T9774] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  796.072615][ T9774] BTRFS info (device loop2): setting nodatasum
[  796.131068][ T9774] BTRFS info (device loop2): metadata ratio 776
[  796.172937][ T9774] BTRFS info (device loop2): setting nodatacow, compression disabled
[  796.211814][ T9774] BTRFS info (device loop2): turning on flush-on-commit
[  796.242359][ T9774] BTRFS info (device loop2): allowing degraded mounts
[  796.269988][ T9774] BTRFS info (device loop2): setting datasum, datacow enabled
[  796.318604][ T9774] BTRFS info (device loop2): using free space tree
[  796.482101][ T9820] loop5: detected capacity change from 0 to 256
[  796.499262][ T9820] exfat: Deprecated parameter 'namecase'
[  796.577274][ T9774] BTRFS info (device loop2): enabling ssd optimizations
[  796.617783][ T9820] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  796.701979][ T9815] loop3: detected capacity change from 0 to 4096
[  796.734197][ T9815] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
[  796.892962][ T9815] ntfs3: loop3: ino=5, "/" directory corrupted
[  797.102897][ T4255] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  797.134950][ T4261] ntfs3: loop3: ntfs_sync_fs r=1a failed, -22.
[  797.141217][ T4261] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  797.160541][ T9831] overlayfs: failed to resolve './file0': -2
[  797.203743][ T9833] overlayfs: failed to resolve './file0': -2
[  797.276574][ T4261] ntfs3: loop3: ntfs_evict_inode r=1a failed, -22.
[  797.521427][ T9839] loop5: detected capacity change from 0 to 512
[  797.575487][ T9839] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  797.630752][ T9839] EXT4-fs (loop5): can't mount with data_err=abort, fs mounted w/o journal
[  797.911122][ T9844] tipc: Started in network mode
[  797.936121][ T9844] tipc: Node identity , cluster identity 4711
[  797.982335][ T9301] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  797.990081][ T4339] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  798.192511][ T9301] usb 4-1: Using ep0 maxpacket: 16
[  798.197828][ T4339] usb 2-1: Using ep0 maxpacket: 32
[  798.231147][ T9301] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[  798.249933][ T4339] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  798.259531][ T9301] usb 4-1: config 0 has no interface number 0
[  798.267214][ T4339] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  798.285822][ T9301] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  798.305563][ T4339] usb 2-1: config 0 descriptor??
[  798.310796][ T9301] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  798.333004][ T4339] gspca_main: sq930x-2.14.0 probing 041e:403c
[  798.352814][ T9301] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  798.370221][ T9301] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  798.379705][ T9301] usb 4-1: Product: syz
[  798.398922][ T9301] usb 4-1: SerialNumber: syz
[  798.419454][ T9301] usb 4-1: config 0 descriptor??
[  798.440781][ T9301] cm109 4-1:0.8: invalid payload size 0, expected 4
[  798.469184][ T9301] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input23
[  798.482440][ T4297] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  798.659870][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  798.667508][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  798.675642][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  798.685455][ T9842] usb 4-1: USB disconnect, device number 12
[  798.699066][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  798.706090][    C1] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  798.715295][ T4297] usb 6-1: Using ep0 maxpacket: 16
[  798.730272][ T9842] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  798.759913][ T4297] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  798.771268][ T4297] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  798.790446][ T4297] usb 6-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  798.810663][ T4297] usb 6-1: config 0 interface 0 has no altsetting 0
[  798.819046][ T4297] usb 6-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  798.838455][ T4297] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  798.883584][ T4297] usb 6-1: config 0 descriptor??
[  799.009727][ T4339] gspca_sq930x: reg_w 0305 fd00 failed -71
[  799.016110][ T4339] sq930x: probe of 2-1:0.0 failed with error -71
[  799.039314][ T4339] usb 2-1: USB disconnect, device number 7
[  799.109859][ T9856] loop2: detected capacity change from 0 to 32768
[  799.181461][ T9856] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  799.314714][ T4297] hid-generic 0003:045E:05DA.0004: unbalanced collection at end of report description
[  799.378758][ T4297] hid-generic: probe of 0003:045E:05DA.0004 failed with error -22
[  799.532276][ T4255] (syz-executor,4255,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 76
[  799.547605][ T4339] usb 6-1: USB disconnect, device number 3
[  799.636976][ T4255] ocfs2: Unmounting device (7,2) on (node local)
[  799.756673][ T4297] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  799.886279][ T9867] overlayfs: failed to resolve './file0': -2
[  799.912434][ T4266] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  799.961947][ T4297] usb 4-1: config 0 has an invalid interface number: 64 but max is 0
[  799.978607][ T4297] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  799.995615][ T4297] usb 4-1: config 0 has no interface number 0
[  800.024138][ T4297] usb 4-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  800.049044][ T4297] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  800.068564][ T4297] usb 4-1: Product: syz
[  800.076730][ T4297] usb 4-1: Manufacturer: syz
[  800.081926][ T4297] usb 4-1: SerialNumber: syz
[  800.097775][ T4297] usb 4-1: config 0 descriptor??
[  800.124822][ T4266] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  800.143200][ T4297] usb 4-1: Found UVC 0.00 device syz (046d:0823)
[  800.149729][ T4297] usb 4-1: No valid video chain found.
[  800.164906][ T4266] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  800.206394][ T4266] usb 2-1: New USB device found, idVendor=17ef, idProduct=60b5, bcdDevice= 0.00
[  800.228811][ T4266] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  800.228818][ T9876] overlayfs: failed to resolve './file0': -2
[  800.242116][ T4266] usb 2-1: config 0 descriptor??
[  800.333145][ T9545] usb 4-1: USB disconnect, device number 13
[  800.401588][ T9880] loop2: detected capacity change from 0 to 128
[  800.658513][ T9885] devtmpfs: Too few inodes for current use
[  800.676209][ T4266] lenovo 0003:17EF:60B5.0005: hidraw0: USB HID v0.09 Device [HID 17ef:60b5] on usb-dummy_hcd.1-1/input0
[  800.866677][ T4266] usb 2-1: USB disconnect, device number 8
[  800.940459][ T9887] fido_id[9887]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  801.093826][ T9893] overlayfs: failed to resolve './file0': -2
[  801.494616][ T9906] loop2: detected capacity change from 0 to 4096
[  801.573348][ T9906] ntfs: volume version 3.1.
[  801.644449][ T9906] __ntfs_error: 2 callbacks suppressed
[  801.644468][ T9906] ntfs: (device loop2): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set koi8-r.  You might want to try to use the mount option nls=utf8.
[  801.771158][ T9906] ntfs: (device loop2): ntfs_filldir(): Skipping unrepresentable inode 0x4.
[  801.993032][ T9917] loop5: detected capacity change from 0 to 164
[  802.242353][ T9301] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  802.267514][ T9923] overlayfs: failed to resolve './file0': -2
[  802.332348][ T4266] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  802.432461][ T9301] usb 2-1: Using ep0 maxpacket: 16
[  802.441857][ T9301] usb 2-1: config 0 has no interfaces?
[  802.448674][ T9301] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  802.457978][ T9301] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  802.467821][ T9301] usb 2-1: Manufacturer: syz
[  802.475254][ T9301] usb 2-1: config 0 descriptor??
[  802.532278][ T4266] usb 3-1: Using ep0 maxpacket: 32
[  802.539638][ T4266] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  802.556876][ T4266] usb 3-1: config 0 has no interface number 0
[  802.571032][ T4266] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  802.594974][ T4266] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  802.606281][ T4266] usb 3-1: Product: syz
[  802.610526][ T4266] usb 3-1: Manufacturer: syz
[  802.640704][ T4266] usb 3-1: SerialNumber: syz
[  802.667659][ T4266] usb 3-1: config 0 descriptor??
[  802.699627][ T4266] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  802.709329][ T9916] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  802.715904][ T9916] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  802.732072][ T9916] vhci_hcd vhci_hcd.0: Device attached
[  802.741134][ T9931] vhci_hcd: connection closed
[  802.741866][ T4339] usb 2-1: USB disconnect, device number 9
[  802.768425][ T4508] vhci_hcd: stop threads
[  802.773525][ T4508] vhci_hcd: release socket
[  802.784677][ T4508] vhci_hcd: disconnect device
[  802.842654][ T9545] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  802.902617][ T4266] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  802.941226][ T4266] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  802.971478][ T9937] loop3: detected capacity change from 0 to 1024
[  803.062342][ T9545] usb 6-1: Using ep0 maxpacket: 32
[  803.071497][ T9545] usb 6-1: New USB device found, idVendor=13d8, idProduct=0020, bcdDevice=f7.31
[  803.108076][ T4508] hfsplus: b-tree write err: -5, ino 4
[  803.112596][ T9545] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  803.124051][ T9545] usb 6-1: config 0 descriptor??
[  803.207406][ T9545] usb 6-1: selecting invalid altsetting 3
[  803.214345][ T9545] comedi comedi0: could not set alternate setting 3 in high speed
[  803.222729][ T9545] usbduxsigma 6-1:0.0: driver 'usbduxsigma' failed to auto-configure device.
[  803.246467][ T9545] usbduxsigma: probe of 6-1:0.0 failed with error -22
[  803.327522][    C1] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[  803.338390][ T9301] usb 3-1: USB disconnect, device number 6
[  803.524110][ T9301] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  803.588435][ T9301] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  803.639999][ T9301] quatech2 3-1:0.51: device disconnected
[  803.791023][ T9545] usb 6-1: USB disconnect, device number 4
[  804.043180][ T9944] overlayfs: failed to resolve './file0': -2
[  804.537738][ T4339] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  804.552344][ T9301] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  804.709642][ T9954] overlayfs: failed to resolve './file0': -2
[  804.743078][ T9301] usb 4-1: Using ep0 maxpacket: 16
[  804.833906][ T4339] usb 3-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  804.870097][ T9301] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[  804.972665][ T9301] usb 4-1: config 0 has no interface number 0
[  804.988957][ T4339] usb 3-1: config 0 interface 0 has no altsetting 0
[  805.019391][ T9301] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  805.038580][ T4339] usb 3-1: New USB device found, idVendor=5543, idProduct=0081, bcdDevice= 0.00
[  805.109705][ T9301] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  805.123073][ T4339] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  805.164372][ T4339] usb 3-1: config 0 descriptor??
[  805.182769][ T9947] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  805.194998][ T9301] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  805.232297][ T9301] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  805.250679][ T9301] usb 4-1: Product: syz
[  805.260837][ T9301] usb 4-1: SerialNumber: syz
[  805.283628][ T9301] usb 4-1: config 0 descriptor??
[  805.320684][ T9301] cm109 4-1:0.8: invalid payload size 0, expected 4
[  805.330120][ T9301] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input24
[  805.536885][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  805.544398][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  805.552260][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  805.559460][ T9301] usb 4-1: USB disconnect, device number 14
[  805.575086][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -2
[  805.582306][ T4297] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  805.591646][ T9301] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  805.772301][ T4297] usb 2-1: Using ep0 maxpacket: 32
[  805.780350][ T4297] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  805.803117][ T4297] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  805.809642][ T9962] loop5: detected capacity change from 0 to 32768
[  805.821972][ T4297] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  805.834702][ T4297] usb 2-1: Product: syz
[  805.839063][ T4339] usb 3-1: string descriptor 0 read error: -71
[  805.845908][ T4297] usb 2-1: Manufacturer: syz
[  805.850543][ T4297] usb 2-1: SerialNumber: syz
[  805.856861][ T4339] uclogic 0003:5543:0081.0006: failed retrieving string descriptor #200: -71
[  805.869737][ T4297] usb 2-1: config 0 descriptor??
[  805.877171][ T4339] uclogic 0003:5543:0081.0006: failed retrieving pen parameters: -71
[  805.891188][ T9962] XFS (loop5): Mounting V5 Filesystem
[  805.897378][ T9958] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  805.905625][ T4339] uclogic 0003:5543:0081.0006: failed probing pen v2 parameters: -71
[  805.924975][ T4339] uclogic 0003:5543:0081.0006: failed probing parameters: -71
[  805.943908][ T4339] uclogic: probe of 0003:5543:0081.0006 failed with error -71
[  805.969537][ T4339] usb 3-1: USB disconnect, device number 7
[  806.061404][ T9962] XFS (loop5): Ending clean mount
[  806.074009][ T9962] XFS (loop5): Quotacheck needed: Please wait.
[  806.162721][ T4297] usb 2-1: USB disconnect, device number 10
[  806.182147][ T9962] XFS (loop5): Quotacheck: Done.
[  806.333776][ T8874] XFS (loop5): Unmounting Filesystem
[  806.981277][ T9977] overlayfs: failed to resolve './file0': -2
[  807.325317][ T9980] loop3: detected capacity change from 0 to 512
[  807.375015][ T9980] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.1222: inode #1: comm syz.3.1222: iget: illegal inode #
[  807.399301][ T9980] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1222: error while reading EA inode 1 err=-117
[  807.458567][ T9980] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.1222: inode #1: comm syz.3.1222: iget: illegal inode #
[  807.473335][ T9980] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1222: error while reading EA inode 1 err=-117
[  807.487228][ T9980] EXT4-fs (loop3): 1 orphan inode deleted
[  807.493263][ T9980] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  807.622266][ T9545] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  808.463470][ T9545] usb 2-1: Using ep0 maxpacket: 32
[  808.685302][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  808.710762][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  808.892641][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  808.983437][ T9545] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  809.041710][ T9992] overlayfs: failed to resolve './file0': -2
[  809.172339][ T9545] usb 2-1: config 0 has no interface number 0
[  809.246687][ T9545] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  809.322975][ T9545] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  809.330571][ T9998] overlayfs: failed to resolve './file0': -2
[  809.417569][ T9545] usb 2-1: Product: syz
[  809.421886][ T9545] usb 2-1: Manufacturer: syz
[  809.716168][ T9545] usb 2-1: SerialNumber: syz
[  809.771376][ T9545] usb 2-1: config 0 descriptor??
[  809.834625][ T9545] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  810.023590][ T9545] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  810.074233][ T9545] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  810.080676][T10004] loop3: detected capacity change from 0 to 1024
[  810.234592][T10004] syz.3.1229: attempt to access beyond end of device
[  810.234592][T10004] loop3: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  810.309663][T10004] Buffer I/O error on dev loop3, logical block 100663296, async page read
[  810.358945][T10004] hfsplus: unable to mark blocks free: error -5
[  810.386545][T10008] syz.3.1229: attempt to access beyond end of device
[  810.386545][T10008] loop3: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  810.402402][   T14] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  810.415642][T10004] hfsplus: can't free extent
[  810.430027][T10008] Buffer I/O error on dev loop3, logical block 100663296, async page read
[  810.460415][T10008] syz.3.1229: attempt to access beyond end of device
[  810.460415][T10008] loop3: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  810.481217][T10008] Buffer I/O error on dev loop3, logical block 100663296, async page read
[  810.482023][    C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  810.515090][ T9545] usb 2-1: USB disconnect, device number 11
[  810.521101][T10012] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  810.527657][T10012] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  810.555470][T10012] vhci_hcd vhci_hcd.0: Device attached
[  810.594601][ T9545] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  810.612248][   T14] usb 3-1: Using ep0 maxpacket: 16
[  810.619743][   T14] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  810.639061][   T14] usb 3-1: config 0 has no interface number 0
[  810.651786][ T9545] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  810.663155][   T14] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  810.682931][ T9545] quatech2 2-1:0.51: device disconnected
[  810.688722][   T14] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  810.732590][   T14] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  810.742511][   T14] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  810.750639][   T14] usb 3-1: Product: syz
[  810.756616][   T14] usb 3-1: SerialNumber: syz
[  810.773603][   T14] usb 3-1: config 0 descriptor??
[  810.800318][   T14] cm109 3-1:0.8: invalid payload size 0, expected 4
[  810.814325][   T14] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input25
[  810.832592][ T9301] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  810.840703][ T4266] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  811.032579][ T4266] usb 6-1: Using ep0 maxpacket: 16
[  811.042248][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  811.042689][ T4266] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  811.050584][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  811.072442][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  811.082280][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  811.089418][ T9545] usb 3-1: USB disconnect, device number 8
[  811.112332][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  811.119347][    C0] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  811.172409][ T4266] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  811.204968][ T9545] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  811.212345][ T4266] usb 6-1: Product: syz
[  811.220738][ T4266] usb 6-1: Manufacturer: syz
[  811.243222][ T4266] usb 6-1: SerialNumber: syz
[  811.273016][ T4266] usb 6-1: config 0 descriptor??
[  811.303775][ T4266] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[  811.345780][ T4266] usb 6-1: Detected FT232H
[  811.485158][T10013] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 1
[  811.493173][ T4266] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  811.512323][ T4266] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  811.519681][ T5563] vhci_hcd: stop threads
[  811.524549][ T5563] vhci_hcd: release socket
[  811.532435][ T4266] ftdi_sio 6-1:0.0: GPIO initialisation failed: -71
[  811.546975][ T4266] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  811.551131][ T5563] vhci_hcd: disconnect device
[  811.592487][ T4266] usb 6-1: USB disconnect, device number 5
[  811.628704][ T4266] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  811.682762][ T4266] ftdi_sio 6-1:0.0: device disconnected
[  812.010868][T10031] loop2: detected capacity change from 0 to 512
[  812.022389][ T9545] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  812.058157][T10031] EXT4-fs: Ignoring removed mblk_io_submit option
[  812.082353][T10023] loop3: detected capacity change from 0 to 32768
[  812.100630][T10023] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  812.214332][ T9545] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  812.231038][ T9545] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  812.250802][T10031] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 2: comm syz.2.1238: invalid block
[  812.257462][ T9545] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  812.275217][ T4261] ocfs2: Unmounting device (7,3) on (node local)
[  812.281746][ T9545] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  812.299130][ T9545] usb 2-1: Product: syz
[  812.308155][ T9545] usb 2-1: Manufacturer: syz
[  812.318805][ T9545] usb 2-1: SerialNumber: syz
[  812.381813][T10031] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1238: invalid indirect mapped block 10 (level 1)
[  812.482852][T10040] overlayfs: failed to resolve './file0': -2
[  812.490804][T10031] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1238: invalid indirect mapped block 8 (level 1)
[  812.518256][T10031] EXT4-fs (loop2): 1 truncate cleaned up
[  812.529827][T10031] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  812.570189][ T9545] usb 2-1: 0:2 : does not exist
[  812.591746][ T9545] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[  812.640000][ T9545] usb 2-1: USB disconnect, device number 12
[  812.777360][ T4255] EXT4-fs (loop2): unmounting filesystem.
[  812.933318][ T8435] udevd[8435]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  812.999752][T10045] loop2: detected capacity change from 0 to 128
[  813.099569][   T27] audit: type=1800 audit(2000000238.090:186): pid=10045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1242" name="file1" dev="loop2" ino=1048662 res=0 errno=0
[  813.122892][T10045] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 548, start 0000fb00)
[  813.162707][T10045] FAT-fs (loop2): Filesystem has been set read-only
[  813.722251][ T4266] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  814.022708][ T4266] usb 2-1: Using ep0 maxpacket: 16
[  814.052520][ T4266] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  814.087207][ T4266] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  814.109064][ T4266] usb 2-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  814.131028][ T4266] usb 2-1: config 0 interface 0 has no altsetting 0
[  814.141911][ T4266] usb 2-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  814.172304][ T4266] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  814.217419][ T4266] usb 2-1: config 0 descriptor??
[  814.273262][T10057] overlayfs: failed to resolve './file0': -2
[  814.687400][T10048] loop3: detected capacity change from 0 to 32768
[  814.702644][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  814.722725][T10048] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  814.730591][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  814.766753][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  814.842983][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  814.860038][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  814.896812][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  814.941973][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x2
[  815.018017][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  815.021407][T10067] overlayfs: failed to resolve './file0': -2
[  815.072005][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  815.144510][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  815.153551][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  815.206900][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  815.233099][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  815.238324][ T4261] ocfs2: Unmounting device (7,3) on (node local)
[  815.256781][ T4266] hid-generic 0003:045E:05DA.0007: unknown main item tag 0x0
[  815.276716][T10052] loop2: detected capacity change from 0 to 40427
[  815.284261][ T4266] hid-generic 0003:045E:05DA.0007: unbalanced collection at end of report description
[  815.349720][ T4266] hid-generic: probe of 0003:045E:05DA.0007 failed with error -22
[  815.376483][T10052] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  815.446186][T10052] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  815.567157][ T4266] usb 2-1: USB disconnect, device number 13
[  815.582683][T10052] F2FS-fs (loop2): invalid crc value
[  815.664324][T10052] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  815.717552][T10052] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  815.962628][ T9301] vhci_hcd: vhci_device speed not set
[  815.996075][T10052] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  816.003665][T10052] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  816.551197][T10093] loop3: detected capacity change from 0 to 2048
[  816.583852][T10093] EXT4-fs: Ignoring removed mblk_io_submit option
[  816.667780][T10093] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  816.814729][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  817.041958][T10101] lo speed is unknown, defaulting to 1000
[  817.057414][T10101] lo speed is unknown, defaulting to 1000
[  817.818372][T10105] overlayfs: failed to resolve './file0': -2
[  818.399862][T10117] overlayfs: failed to resolve './file0': -2
[  818.764759][T10113] loop2: detected capacity change from 0 to 2048
[  818.916833][T10113] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  818.933793][T10113] ext4 filesystem being mounted at /275/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  818.971346][T10113] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1267: bg 0: block 345: padding at end of block bitmap is not set
[  818.999344][T10113] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1 with error 117
[  819.019477][T10113] EXT4-fs (loop2): This should not happen!! Data will be lost
[  819.019477][T10113] 
[  819.151058][ T4255] EXT4-fs (loop2): unmounting filesystem.
[  819.253637][T10128] loop5: detected capacity change from 0 to 4096
[  819.319961][T10138] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  819.351408][T10139] loop2: detected capacity change from 0 to 1024
[  819.377629][T10139] EXT4-fs: Ignoring removed nomblk_io_submit option
[  819.398389][   T14] usb 2-1: new full-speed USB device number 14 using dummy_hcd
[  819.472394][T10139] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  819.573879][ T4255] EXT4-fs (loop2): unmounting filesystem.
[  819.614052][   T14] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  819.622126][   T14] usb 2-1: config 0 has no interface number 0
[  819.629945][   T14] usb 2-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  819.649885][   T14] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  819.784742][   T14] usb 2-1: config 0 descriptor??
[  820.119113][T10150] overlayfs: failed to resolve './file0': -2
[  820.254368][T10149] binder_alloc: 10145: binder_alloc_buf, no vma
[  820.344590][   T14] usb 2-1: selecting invalid altsetting 1
[  820.450458][   T14] dvb_ttusb_budget: ttusb_init_controller: error
[  820.491502][   T14] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  820.905218][   T14] DVB: Unable to find symbol cx22700_attach()
[  821.212971][   T14] DVB: Unable to find symbol tda10046_attach()
[  821.222289][   T14] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  821.278739][   T14] usb 2-1: USB disconnect, device number 14
[  821.743205][T10180] overlayfs: failed to resolve './file0': -2
[  821.873342][T10184] overlayfs: failed to resolve './file0': -2
[  821.952637][ T4301] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  822.162493][ T4301] usb 2-1: Using ep0 maxpacket: 32
[  822.174693][ T4301] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  822.213370][ T4301] usb 2-1: New USB device found, idVendor=3823, idProduct=0001, bcdDevice= 3.eb
[  822.259182][ T4301] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  822.299973][ T4301] usb 2-1: Product: syz
[  822.316591][ T4301] usb 2-1: Manufacturer: syz
[  822.401153][ T4301] usb 2-1: SerialNumber: syz
[  822.448537][ T4301] usb 2-1: config 0 descriptor??
[  822.492456][ T4301] usbtouchscreen: probe of 2-1:0.0 failed with error -12
[  822.767779][ T4301] usb 2-1: USB disconnect, device number 15
[  822.805585][T10194] loop5: detected capacity change from 0 to 1024
[  822.979977][ T6056] hfsplus: b-tree write err: -5, ino 4
[  823.992306][   T14] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  824.222335][   T14] usb 6-1: Using ep0 maxpacket: 16
[  824.230443][   T14] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 65, using maximum allowed: 30
[  824.264150][T10222] loop3: detected capacity change from 0 to 512
[  824.330550][   T14] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  824.342054][T10222] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  824.400755][   T14] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[  824.452703][T10222] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.1309: bad orphan inode 131083
[  824.468353][   T14] usb 6-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[  824.488128][T10222] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  824.497233][   T14] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  824.565367][   T27] audit: type=1800 audit(2000000249.560:187): pid=10222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1309" name="file1" dev="loop3" ino=15 res=0 errno=0
[  824.595053][   T14] usb 6-1: config 0 descriptor??
[  824.855911][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  825.016881][   T14] samsung 0003:0419:0001.0008: item fetching failed at offset 8/11
[  825.058244][   T14] samsung 0003:0419:0001.0008: parse failed
[  825.072687][ T4301] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  825.085279][   T14] samsung: probe of 0003:0419:0001.0008 failed with error -22
[  825.261557][ T4297] usb 6-1: USB disconnect, device number 6
[  825.274818][ T4301] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  825.285380][ T4301] usb 3-1: config 0 interface 0 has no altsetting 0
[  825.315753][ T4301] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  825.335460][ T4301] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  825.359765][ T4301] usb 3-1: Product: syz
[  825.374346][ T4301] usb 3-1: Manufacturer: syz
[  825.386003][ T4301] usb 3-1: SerialNumber: syz
[  825.403116][ T4301] usb 3-1: config 0 descriptor??
[  825.416193][ T4301] usb 3-1: selecting invalid altsetting 0
[  825.663896][ T4301] usb 3-1: USB disconnect, device number 9
[  825.840110][T10259] loop3: detected capacity change from 0 to 512
[  826.051315][T10259] EXT4-fs (loop3): 1 orphan inode deleted
[  826.066788][ T5319] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  826.119098][T10259] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  826.142622][ T5319] EXT4-fs error (device loop3): ext4_release_dquot:6850: comm kworker/u4:19: Failed to release dquot type 1
[  826.187899][T10259] ext4 filesystem being mounted at /301/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  827.138694][T10279] loop5: detected capacity change from 0 to 256
[  827.162001][T10279] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  827.558494][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  827.631587][T10287] overlayfs: failed to resolve './file0': -2
[  827.696444][T10289] overlayfs: failed to resolve './file0': -2
[  828.632249][ T9545] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  828.741342][T10308] loop2: detected capacity change from 0 to 512
[  828.765091][T10308] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  828.803954][T10308] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  828.824014][ T9545] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  828.834401][ T9545] usb 4-1: config 0 has no interface number 0
[  828.841506][ T9545] usb 4-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  828.851004][ T9545] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  828.863588][ T9545] usb 4-1: config 0 descriptor??
[  828.893636][ T9545] usb 4-1: selecting invalid altsetting 1
[  828.903588][ T9545] dvb_ttusb_budget: ttusb_init_controller: error
[  828.919907][ T9545] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  828.929655][T10308] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.1340: corrupted in-inode xattr
[  829.034167][T10308] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1340: couldn't read orphan inode 15 (err -117)
[  829.098954][T10312] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  829.107348][T10312] IPv6: NLM_F_CREATE should be set when creating new route
[  829.127925][T10308] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  829.161280][ T9545] DVB: Unable to find symbol cx22700_attach()
[  829.367805][ T4255] EXT4-fs (loop2): unmounting filesystem.
[  829.507819][ T9545] DVB: Unable to find symbol tda10046_attach()
[  829.519082][ T9545] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  829.592540][ T9545] usb 4-1: USB disconnect, device number 15
[  830.690857][T10323] loop5: detected capacity change from 0 to 2048
[  830.714351][T10325] loop3: detected capacity change from 0 to 1024
[  830.849886][T10323] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  832.826499][T10374] loop3: detected capacity change from 0 to 24
[  832.869058][T10374] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  832.960433][T10374] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  833.607571][T10365] loop2: detected capacity change from 0 to 32768
[  833.628778][T10361] loop5: detected capacity change from 0 to 40427
[  833.797997][T10361] F2FS-fs (loop5): Found nat_bits in checkpoint
[  833.839601][T10365] read_mapping_page failed!
[  833.874891][T10365] ERROR: (device loop2): txCommit: 
[  833.874891][T10365] 
[  833.928902][T10365] ERROR: (device loop2): remounting filesystem as read-only
[  834.009283][T10361] F2FS-fs (loop5): Cannot turn on quotas: -2 on 2
[  834.075155][T10361] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  834.165837][  T107] BUG at fs/jfs/jfs_txnmgr.c:931 assert(mp->nohomeok > 0)
[  834.182666][  T107] ------------[ cut here ]------------
[  834.188777][  T107] kernel BUG at fs/jfs/jfs_txnmgr.c:931!
[  834.244439][  T107] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  834.250578][  T107] CPU: 1 PID: 107 Comm: jfsCommit Not tainted 6.1.141-syzkaller #0
[  834.258505][  T107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  834.268603][  T107] RIP: 0010:txUnlock+0xc87/0xcb0
[  834.273577][  T107] Code: bf 29 15 07 0f 0b e8 88 7a 91 fe 48 c7 c7 80 5a a6 8a 48 c7 c6 79 56 a6 8a ba a3 03 00 00 48 c7 c1 60 67 a6 8a e8 99 29 15 07 <0f> 0b e8 62 7a 91 fe 48 c7 c7 80 5a a6 8a 48 c7 c6 79 56 a6 8a ba
[  834.293222][  T107] RSP: 0018:ffffc90002637d28 EFLAGS: 00010246
[  834.299316][  T107] RAX: 0000000000000037 RBX: 0000000000001000 RCX: 7563808152cda000
[  834.307313][  T107] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  834.315302][  T107] RBP: ffffc9000286a048 R08: dffffc0000000000 R09: fffff520004c6f45
[  834.323307][  T107] R10: fffff520004c6f45 R11: 1ffff920004c6f44 R12: ffff88805fa319b0
[  834.331297][  T107] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888023411294
[  834.339280][  T107] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  834.348220][  T107] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  834.354826][  T107] CR2: 000000110c309def CR3: 000000007c495000 CR4: 00000000003506e0
[  834.362813][  T107] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  834.370797][  T107] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  834.378779][  T107] Call Trace:
[  834.382067][  T107]  <TASK>
[  834.385022][  T107]  ? lockdep_hardirqs_on+0x94/0x140
[  834.390249][  T107]  jfs_lazycommit+0x56c/0xa50
[  834.394945][  T107]  ? txFreelock+0x5a0/0x5a0
[  834.399463][  T107]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  834.405400][  T107]  ? do_task_dead+0xd0/0xd0
[  834.409921][  T107]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  834.415832][  T107]  ? __kthread_parkme+0x162/0x1c0
[  834.420879][  T107]  kthread+0x29d/0x330
[  834.424980][  T107]  ? txFreelock+0x5a0/0x5a0
[  834.429588][  T107]  ? kthread_blkcg+0xd0/0xd0
[  834.434199][  T107]  ret_from_fork+0x1f/0x30
[  834.438656][  T107]  </TASK>
[  834.441705][  T107] Modules linked in:
[  834.457428][T10392] overlayfs: failed to resolve './file0': -2
[  834.511113][ T8874] syz-executor: attempt to access beyond end of device
[  834.511113][ T8874] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  834.763644][  T107] ---[ end trace 0000000000000000 ]---
[  834.769168][  T107] RIP: 0010:txUnlock+0xc87/0xcb0
[  834.774427][  T107] Code: bf 29 15 07 0f 0b e8 88 7a 91 fe 48 c7 c7 80 5a a6 8a 48 c7 c6 79 56 a6 8a ba a3 03 00 00 48 c7 c1 60 67 a6 8a e8 99 29 15 07 <0f> 0b e8 62 7a 91 fe 48 c7 c7 80 5a a6 8a 48 c7 c6 79 56 a6 8a ba
[  834.799070][  T107] RSP: 0018:ffffc90002637d28 EFLAGS: 00010246
[  834.805916][  T107] RAX: 0000000000000037 RBX: 0000000000001000 RCX: 7563808152cda000
[  834.814384][  T107] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  834.848565][  T107] RBP: ffffc9000286a048 R08: dffffc0000000000 R09: fffff520004c6f45
[  834.873095][  T107] R10: fffff520004c6f45 R11: 1ffff920004c6f44 R12: ffff88805fa319b0
[  834.881148][  T107] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888023411294
[  834.922423][  T107] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  834.931427][  T107] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  834.961852][  T107] CR2: 00007ff562ba8000 CR3: 00000000286a0000 CR4: 00000000003506e0
[  834.970465][  T107] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  834.978824][  T107] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  834.987697][  T107] Kernel panic - not syncing: Fatal exception
[  834.994025][  T107] Kernel Offset: disabled
[  834.998359][  T107] Rebooting in 86400 seconds..