last executing test programs:

5.446503617s ago: executing program 5 (id=5664):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x403, 0x6030, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x2}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000240)={0x0, 0x22, 0x2, {[@main=@item_012={0x1, 0x0, 0x0, '3'}]}}, 0x0}, 0x0)

3.422632075s ago: executing program 2 (id=5684):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000080)='tlb_flush\x00', r0}, 0x10)
syz_clone(0x62008000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.728769298s ago: executing program 2 (id=5691):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f00000000c0)='./file2\x00', 0x1c802, &(0x7f0000000ec0)=ANY=[], 0x1, 0x5ea7, &(0x7f00000085c0)="$eJzs3U9vHGcdB/Df/vH6T2kaVagKEYc0hdJSmv8JlH9NOXCAA0goZxK5bhVIASUB0SoirnJAXICXAJdeOPSN9DUgXgCRbE49UAaN/TzJeLzOOk28s+vn85Gcmd88O95n8vV4dj0z+wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/64c/O9iLi6u/SgqMRX4hBRD9iua5PRD1zOT9+GBHHYqs5XoiIwWJEvf7WP89FXIiIT45EbGzeWa0Xn9tnPy6euX3zsx//4J9//Mu9Y794++cftdt/+sXzH//pbsTRn7zx8Wd3n862AwAAQCmqqqp66W3+8fT+vt91pwCAqcjH/yrJy9VqtVr9VOs/92erP+pC66ZqvLvNIiLWm+vUrxmcjgeAObMen3bdBTok/6INI+KZrjsBzLRe1x3gQGxs3lntpXx7zePBie32/HfKHfmv9x7c37HXdJL2NSbT+vm6F4N4fo/+LE+pD7Mk599v5391u32UHnfQ+U/LXvn3tm99Kk7Of9DOv2VH/n+NiLnNvz82/1Ll/IePk//6YI73f/kDAAAAAHD45b//H+34/O/ik2/Kvjzq/O+JKfUBAAAAAAAAAJ62Jx3/7wHj/wEAAMDMqt+r1/525OGyvT6LrV5+pRfxbOvxQGHSzTIrXfcDAAAAAAAAAAAAAEoy3L6G90ovYiEinl1Zqaqq/mpq14/rSdefd6VvP5Ss61/yAACw7ZMjrXv5exFLEXElfdbfwsrKSlUtLa9UK9XyYn49O1pcqpYb72vztF62ONrHC+LhqKq/2VJjvaZJ75cntbe/X/1co2qwj45NR4eBA0BEbB+NNhyRDpmqei66fpXDfLD/Hz72f/aj659TAAAA4OBVVVX10sd5H0/n/PtddwoAmIalfPxvnxdQq9VqtVp9+Oqmary7zSIi1pvr1K8ZDMcPAHNmPT7tugt0SP5FG0bEsa47Acy0Xtcd4EBsbN5Z7aV8e83jQRrfPV8LsiP/9d7Wenn9cdNJ2teYTOvn614M4vk9+vPClPowS3L+/Xb+V7fbR+lxB53/tOyVf72dRzvoT9dy/oN2/i2HJ//+2PxLlfMfPlb+A/kDAAAAAMAMy3//P+r8b95kAAAAAAAAAJg7G5t3VvN9r/n8/5fHPK7XnHP/56GR8+/tO3/3/x4mOf9+O//WBTmDxvz9tx7m/5/NO6sf3f73l/J05vNfGIzq517o9QfDdM1PtfBOXI8bsRZndj1+uKP97K72hR3t5ya0n9/VPqrbl3P7qViNX8eNePtB++KEC6OWJrRXE9pz/gP7f5Fy/sPGV53/Smrvtaa1+x/2d+33zem457n8j/++vHvvmr57MXiwbU319p3soD9b/yfPjOK3t9Zunvr9tdu3b56NNNmx9FykyVOW819IXzn/V17abs+/95v76/0PR4+d/6y4F8M983+pMV9v76tT7lsXcv6j9JXzz0eg8fv/POe/9/7/Wgf9AQAAAAAAAAAAAAAAgEepqmrrFtHLEXEp3f/T1b2ZAMB05eN/leTlarVarVarD1/dVI33ZrOIpZ3r1K8Z/jDumwEAs+x/EfGvrjtBZ+RfsPx5f/X0K113BpiqW+9/8MtrN26s3bzVdU8AAAAAAAAAgM8rj/95ojH+89Z1QK1xo3eM//pWnJjb8T/7o8HWWOdpg16MR4//fTIePf73cMLzLUxoH01oX5zQvjShfeyNHg05/xdTxjn/42nDShr/9ZUO+tO1nP/JNNZzzv9rrcc186/+Ps/593fkf/r2e785fev9D16//t61d9feXfvV2TOXLpy/eOH8xYun37l+Y+3M9r8d9vhg5fzz2NeuAy1Lzj9nLv+y5Py/mmr5lyXn/3Kq5V+WnH9+vSf/suT883sf+Zcl5/9qquVflpz/11Mt/7Lk/F9LtfzLkvP/RqrlX5ac/+upln9Zcv6nUi3/suT8T6da/mXJ+eczXPIvS84/X9kg/7Lk/M+lWv5lyfmfT7X8y5Lzv5Bq+Zcl538x1fIvS87/UqrlX5ac/zdTLf+y5Py/lWr5lyXn/0aq5V+WnP+3Uy3/suT8v5Nq+Zcl5//dVMu/LDn/76Va/mXJ+X8/1fIvS87/zVTLvywPP//fjBkzZvJM17+ZAAAAAAAAAAAAAIC2aVxO3PU2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb27i5GrvM8AfvbLXhsS3EAIIU6wjSEGFnbXX+AQg0lCSkmbUhLSpiU1jr02TvxV75oAQmUptCUKUpHaC3rRNInSKFJbgaJITSUaITVSe1euEnETtRIXlgqVg5JKqQJbnTnv+3pmdnbO+mPsmXN+P4T/3pkzM++cOTO7z1rPDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBs/cdn/nwoy7L8/8Yfa7Ls0vzvq7Jd+Zfz2y/2CgEAAIBz9Xbjz3+4LJ2waxkXatrm3z70H99fWFhYyL741sl3/nJhIZ2xLstGVmZZ47zo33/5i4XmbYKns/Gh4aavh0tufqTk/NGS88dKzl9Rcv7KkvPHS85ftAMWWVX8PqZxZRsbf11T7NLsimyscd7GDpd6emjl8HD8XU7DUOMyC2P7s4PZoWwmm1p0maHGf1n28vr8tu7J4m0NN93W2izLTv3sib1xDUNhH2/MWm6sofmxe/OubN1bP3ti73fm3nh/p1m6GxatNMs2bcjX+UyWnf51VTaUrUz7JK5zuGmdazusc6RlnUONy+V/b1/nqWWuM97v8bDOV7usc2047dFrsyybz5bcpt3T2XC2uu1W0/4eL46I/Dryh/I92egZHSfrl3Gc5Jd5/drW46T9mIz7f33YJ6NLrKH54XjzqRWL9vvZHif5ve6HYzW/7vvyGx0fb/7Vasuxmm/zxHVLHwMdH7sOx0A6lpuOgQ1lx8DwipHGMTB8es0bWo6B6UWXGc6GGrd18rrux8Dk3OFjk7OPPX7zwcN7DswcmDkyPbV965ZtW7ds2za5/+ChmanizzPbpQNkdTacjsEN4bUmHoMfbtu2+ZBc+Ob5ex6M98nzIL/vn70+X9Clw9kSx3i+zTObzv15kL7vNz0PRpueBx1fUzs8D0aX8TzItzm1aXnfM0eb/u+0hl69Fq5pOgYu5vfD/DYfvGHp18K1YV3P3nim3w9HFh0D8W4Nhedefkr6eW/8trBfFh8XV+dnXLIiOzE7c/yWR/fMzR2fzsK4IC5veqzaj5fVTfcpW3S8DJ/x8bLr7391/dUdTl8T9tX4Td0fq3ybrRPdH6vGq3vr/lyRFfuz5dTNWRjn2YXen52+m+X7M2WJLvsz3+aZm8/9Z8GUS5pe/8bKXv9GxkaL17+RtDfGWl7/Fj80I42VZdmpm5f3+jcW/r/Qr39X9MnrX76vHryl+zGQb/Ps5JkeA6NdX/+uDXMorOeGkBjGm3L/O43z54vDtOmxLD1uRkfHwnEzGm+x9bjZsugy+bXlt71p6uyOm03Xtj5WLT+3VPC4yffVX011P27ybV6ZPvfXjlXxr02vHSvKjoGxkRX5esfSQVC83i2sisfALdne7Gh2KNuXLpM/yvltTWxe3jGwIvx/oV87ruqTYyDfVy9s7n4M5Nv8aMv5/dlpUzglbdP0s1P77xeWyvxXj56+vvbddr4zf77OT/z40+m0Thki3+aNrWeaM7rvp5vCKZd02E/tz5+ljul92YXZT1eFdR7a1v13U/k2V2xf5vG0K8uy16Zfa/y+K/x+93snfvz9lt/7dvqd8mvTr907ef9PzmT9AACcvXcaf86vKH7WbPoX6+X8+z8AAAAwEGLuHw4zkf8BAACgMmLuHwkzkf8BAACgMmLuHw0zqUn+f/i2HS++/WSW3g1wIYjnx91w3x3FdrHjPR++XrdwWn76x7499uJXn1zebQ9nWfarez/QcfuH74jrKhyL6/xI6+mLXHXNsm7/oQdOb9f8/gmndhTXH+/Pcg+D2FV+eXJz43rXPTbdmK/cmzXm/fPPPl1cf/F13P7klmL7vwlvWrJr/1DL5TeF9WwMc114T5n7dp3eD/mMl3tx7Yf+9fLPnb69eLmhDe9u3M0X/ri43vgeUc9fXmwf7/dS6/+Xr333xXz7R6/rvP4nhzuv/2S43tfD/OXOYvvmff7VpvX/aVh/vL14uVu+9cOO63/pfcX2L4Xj4hthtq//rr/44NudHq94O7tuLy4Xb3/qf7c2LhevL15/+/rHn5xu2R/t1//KW8X17Hzk5yPN28fT4+1ED93eenwPhce3pUeeZdl3/yxr2c/ZR4vL/XPb+uP1Hbu98/pvalvnsaFrGpc/fX/WtNyvr//d5o73N65n1z+uabk/z98d9t9bkz/Kr/fk/eF4DOf/36vF9bW/l+lLd7e+3sTtv7GmeN7G65tsW//zbeufvybfd+Xrv+etYv0v3bmyZf27PhmOp3uKWbb+A397Wcvlv/md4vE4/pWJI0dnTxzc17RXm5/HK8dXrb7k0ne9+7LwWtr+9e6jcw/PHF83tW4qy9YN4FsG9nr93wrzf4oxf/5vofCTnxfH3XOfKr5vffgXxdfPh9MfCo9n/P749b8eazle2x/3+TuLea7rvzGsY7ne97X/umZZG578wssn/ulP3mj/uSDen2PvHW/cvxfWX9k4b+iV4vz216sy//ne1uf1T0enGvMHYb8uhHdm3nBlcXvt1x/fm+S5zxTP3/iTXLx81vZ+ImtGWu/Hua7/p+HnmB9e1fr6F4+PHzzZ9m7Oa7KhfAnz4fUhmy/Oj1vF/f3cqSs73l58H55s/v1nsswlzT42O3no4JETj07OzczOTc4+9vjuw0dPHJnb3Xjv0t1fKrv86ef36sbze9/M9q1Z49l+tBg9drHXf+yBvftunbp+38z+PSf2zz1wbOb4gb2zs3tn9s1ev2f//pmvlF3+4L6d05t3bLl188SBg/t23rZjx5YdEwePHM2XUSyqxPapL08cOb67cZHZnVt3TG/btnVq4vDRfTM7b52amjhRdvnG96aJ/NKPTByfObRn7uDhmYnZg4/P7JzesX375tJ3fzx8bP/susnjJ45MnpidOT5Z3Jd1c42T8+99ZZenHmaPhte7NkPhp/PP37Q9vT9u7ttPLXlVxSatP55mb4b3gorf38q+jrl/LMykJvkfAAAA6iDm/vDG/6fPkP8BAACgMmLuXxlmIv8DAABAZcTcXyT/8fTx73XJ/+er//+U/n+D/r/+f6b/n+j/6/9n+v/6/yX0//X/B3n9+v/6/5Trt/5/yP3Zqizz7/8AAABQUTH3rw4zkf8BAACgMmLuvyTMRP4HAACAyoi5/9Iwk5rkf5//r/+v/9+t/x+31f/P9P/7of+/8b/1/xfR/9f/z/T/z9rF7s8P+vr7sP+/Sv+fftNv/f+Y+98VZlKT/A8AAAB1EHP/u8NM5H8AAACojJj7Lwszkf8BAACgMmLuXxNmUpP8r/+v/6//7/P/9f8Hpv/v8/870P/X/8/0/8/axe7PD/r6+7D/7/P/6Tv91v+Puf/Xwkxqkv8BAACgDmLuf0+YifwPAAAAlRFz/+VhJvI/AAAAVEbM/VeEmdQk/9ez//96lmX6/5n+v/5/2zr1//X/e0H/X/+/G/1//f9BXr/+v/4/5fqt/x9z/3vDTGqS/wEAAKAOYu6/MsxE/gcAAIDKiLn/fWEm8j8AAABURsz9V4WZ1CT/17P/7/P/9f8L+v+t69T/1//vBf1//f9u9P/1/wd5/fr/+v+U67f+f8z97w8zqUn+BwAAgDqIuf/qMBP5HwAAACoj5v4PhJnI/wAAAFAZMfevDTOpSf7X/9f/1//X/9f/1//vpcHq/w8veY7+f0H/v9X56//Pn16A/v/ArF//X/+fcv3W/4+5/4NhJjXJ/wAAAFAHMfd/KMxE/gcAAIDKiLn/mjAT+R8AAAAqI+b+dWEmNcn/+v/6//r/+v/6//r/vTRY/f+l6f8X9P9b+fx//X/9f/1/uuu3/n/M/evDTGqS/wEAAKAOYu7fEGYi/wMAAEBlxNx/bZiJ/A8AAACVEXP/xjCTmuR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PuX7r/8fcf12YSU3yPwAAANRBzP3Xh5nI/wAAAFAZMfd/OMxE/gcAAIDKiLl/U5hJTfK//r/+v/7/APf/R/T/M/3/vqf/r//fjf6//v8gr1//X/+fcv3W/4+5/4Ywk5rkfwAAAKiDmPtvDDOR/wEAAKAyYu6/KcxE/gcAAIDKiLl/IsykJvlf/1//X/9/gPv/Pv+/Zf36//1J/1//vxv9f/3/QV6//r/+P+X6rf8fc//NYSY1yf8AAABQBzH33xJmIv8DAABAZcTcPxlmIv8DAABAZcTcPxVmUpP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/Kddv/f+Y+6fDTGqS/wEAAKAOYu7fHGYi/wMAAEBlxNy/JcxE/gcAAIDKiLl/a5hJTfK//r/+v/6//r/+v/5/L+n/6/93o/+v/z/I69f/1/+n1XCH0/qt/x9z/7Ywk5rkfwAAAKiDmPu3h5nI/wAAAFAZMfffGmYi/wMAAEBlxNx/W5hJTfK//r/+v/6//r/+v/5/L+n/6/93o/+v/z/I69f/1/+nXL/1/2Pu3xFmUpP8DwAAAHUQc/9HwkzkfwAAAKiMmPtvDzOR/wEAAGCgdPocwijm/o+GmdQk/+v/V73/v7BS/1//X/+/+/r1/3tL/1//vxv9f/3/QV6//r/+P+X6rf8fc//OMJOa5H8AAACog5j77wgzkf8BAACgMmLuvzPMRP4HAACAyoi5f1eYSU3yv/5/1fv/Pv9f/1//v2z9+v+9pf+v/9+N/v9g9v/Djy36/33U/8+PIf1/+lG/9f9j7r8rzKQm+R8AAADqIOb+j4WZyP8AAABQGTH3fzzMRP4HAACAyoi5/xNhJjXJ//r/+v/6//r/+v/6/72k/9+z/n/jpVD/v6D/f3Yudn9+0NffT/1/n/9Pv+q3/n/M/XeHmdQk/wMAAEAdxNz/yTAT+R8AAAAqI+b+Xw8zkf8BAACgMmLuvyfMpCb5X/9f/1//X/9f/1//v5f0/33+fzf6//r/g7x+/X/9f8r1W/8/5v7fCDOpSf4HAACAOoi5/94wE/kfAAAAKiPm/k+Fmcj/AAAAMGBWLHlOzP2/GWZSk/yv/39h+v/D6fr1//X/9f/1//X/zyf9f/3/TP//rF3s/vygr1//X/+fcv3W/4+5/7fCTGqS/wEAAKAOYu7/dJiJ/A8AAACVEXP/b4eZyP8AAABQGTH33xdmUpP8f777/+2X76ZO/X+f/6//n+n/6/837VX9//NH/1//P9P/P2sXuz8/6OvX/9f/p1y/9f9j7v+dMJOa5H8AAACog5j77w8zkf8BAACgMmLu/0yYifwPAAAAlRFz/2fDTGqS/33+v/6//r/+v/6//n8v6f/r/3ej/6//P8jr1//X/6dcv/X/Y+5/IMykJvkfAAAA6iDm/s+Fmcj/AAAAUBkx9/9umIn8DwAAAJURc//vhZnUJP/r/+v/6//r/+v/6//3kv7/4v5//hqm/1/Q/9f/H+T16//r/1Ou3/r/Mfd/PsykJvkfAAAA6iDm/t8PM5H/AQAAoDJi7v+DMBP5HwAAACoj5v4Hw0xqkv/1//X/9f/1//X/9f97Sf/f5/93o/+v/z/I69f/1/+nXL/1/2Pu/0KYSU3yPwAAANRBzP1/GGYi/wMAAEBlxNy/O8xE/gcAAIDKiLn/oTCTmuR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PuX7r/8fcvyfMZFfrzQAAAACDK+b+L4aZ1OTf/wEAAKAOYu7fG2Yi/wMAAEBlxNy/L8ykJvlf/1//X/9f/1//X/+/l/T/9f+70f/X/x/k9ev/6/9Trt/6/zH3z4SZ1CT/AwAAQB3E3L8/zET+BwAAgMqIuf9AmIn8DwAAAJURc//DYSY1yf/6//r/+v+17f+/+r22der/6//3gv6//n83+v/6/4O8fv1//X/K9Vv/P+b+g2EmNcn/AAAAUAcx938pzET+BwAAgMqIuf/LYSbyPwAAAFRGzP2Hwkxqkv/1//X/9f9r2//3+f+B/n9v6f/r/3ej/6//P8jr1//X/6dcv/X/Y+4/HGZSk/wPAAAAdRBz/5EwE/kfAAAAKiPm/qNhJvI/AAAAVEbM/cfCTGqS//X/z6z/P7REN1D/v/P69f/1//X/9f/1//X/u9H/1/8f5PXr/+v/U67f+v8x9/9RmElN8j8AAADUQcz9x8NM5H8AAACojJj7Z8NM5H8AAACojJj758JMapL/9f99/r/+v/6//r/+fy/p/+v/d6P/r/8/yOvX/9f/p1y/9f9j7j8RZlKT/A8AAAB1EHP/I2Em8j8AAAD8P3v3lSvIWfRx+Hy2Rh8SYg9sgRWwBNaAxB7IYJNNBpNzMjmZDCbnnHPO2WBylEAwVWVhzeme1D7dVc9zU/IZS35H45u/Rj91G7n77xu32P8AAADQRu7++8UtQ/a//l//r//X/+v/9f9b0v/r/5fo//X/R36//l//z7q99f+5++8ftwzZ/wAAADBB7v4HxC32PwAAALSRu/+BcYv9DwAAAG3k7n9Q3DJk/+v/9f/6f/2//l//vyX9v/5/if5f/3/k9+v/9f+s21v/n7v/wXHLkP0PAAAAE+Tuf0jcYv8DAABAG7n7Hxq32P8AAADQRu7+6+KWIftf/6//1//r//X/+v8t6f/1/0v0//r/I79f/6//Z93e+v/c/dfHLUP2PwAAAEyQu/9hcYv9DwAAAG3k7n943GL/AwAAQBu5+x8RtwzZ//p//b/+X/+v/9f/b0n/r/9fov/X/x/5/fp//T/r9tb/5+5/ZNwyZP8DAADABLn7HxW32P8AAADQRu7+R8ct9j8AAAC0kbv/MXHLkP2v/9f/6//1//p//f+W9P/6/yX6f/3/kd+v/9f/s27z/v9eN/z3Xmz/n7v/hrhlyP4HAACACXL3PzZusf8BAACgjdz9j4tb7H8AAABoI3f/4+OWIftf/6//v73//9f/6f/1//r/23+u/7869P/6/yX6f/3/kd+v/9f/s27z/n+l97/jP+fuf0LcMmT/AwAAwAS5+58Yt9j/AAAA0Ebu/ifFLfY/AAAAtJG7/8lxy5D9r//X//v+v/5f/6//35L+X/+/RP+v/z/y+5f6/3texPv1/0ywt/4/d/9T4pYh+x8AAAAmyN3/1LjF/gcAAIA2cvffGLfY/wAAANBG7v6nxS1D9r/+X/+v/9f//2//f83I/v8/P9P/b0P/r/9fov/X/x/5/b7/r/9n3d76/9z9T49bhux/AAAAmCB3/zPiFvsfAAAA2sjd/8y4xf4HAACANnL3PytuGbL/9f/6f/2//v+Kvv9/bY/+3/f/t6P/1/8v0f/r/4/8fv2//p91e+v/c/c/O24Zsv8BAABggtz9z4lb7H8AAABoI3f/c+MW+x8AAADayN3/vLhlyP7X/+v/9f/6/yvq/5t8/1//vx39v/5/ycX2/yf6//q96P/38379v/6fdXvr/3P3Pz9uGbL/AQAAYILc/S+IW+x/AAAAaCN3/wvjFvsfAAAA2sjd/6K4Zcj+1//r//X/+n/9v/5/S/p//f8S3//X/x/5/fp//T/r9tb/5+5/cdwyZP8DAADABLn7XxK32P8AAADQRu7+l8Yt9j8AAAC0kbv/ZXHLkP2v/9f/6//1//p//f+W9P/6/yX6/wv3/3c55b+n/9/X+/X/+n/W7a3/z91/U9wyZP8DAADABLn7Xx632P8AAADQRu7+V8Qt9j8AAAC0kbv/lXHLkP1/Wv9/213P/7r+/+Lo/y/8fv2//l//r//X/+v/l+j/ff//yO/X/+v/Wbe3/j93/6viliH7HwAAACbI3f/quMX+BwAAgDZy978mbrH/AQAAoI3c/a+NW4bs/6v//f+76//1//r/uPp//b/+X/+v/1+m/9f/H/n9+n/9P+v21v/n7n9d3DJk/wMAAMAEuftfH7fY/wAAANBG7v43xC32PwAAALSRu/+NccuQ/X/1+3/f/9f/X2L/f43+P+n/489V/6//vwT6f/3/if7/sp11P3/09+v/9f+s21v/n7v/5rhlyP4HAACACXL3vylusf8BAACgjdz9b45b7H8AAABoI3f/W+KWIftf/6//P/P+3/f/i/4//lz1//r/S6D/1/+f6P8v21n380d/v/5f/8+6vfX/ufvfGrcM2f8AAAAwQe7+t8Ut9j8AAAC0kbv/7XGL/Q8AAABt5O5/R9wyZP/r//X/+v/d9/833/H/N/2//v9I9P/6/yX6f/3/kd+/n/4/fnCd/p/92Vv/n7v/nXHLkP0PAAAAE+Tuf1fcYv8DAABAG7n7b4lb7H8AAABoI3f/u+OWIftf/3/0/v/et8YL9P99+3/f/4+r/9f/X4j+X/9/ov+/bGfdzx/9/fvp/33/n/3aW/+fu/89ccuQ/Q8AAAAT5O5/b9xi/wMAAEAbufvfF7fY/wAAANBG7v73xy1D9r/+/+j9v+//6//1//r/fdP/6/+X6P/1/0d+v/5f/8+6vfX/ufs/ELcM2f8AAAAwQe7+D8Yt9j8AAAC0kbv/Q3GL/Q8AAABt5O7/cNwyZP/r//X/+n/9/xX3/9fr/0/0/6fS/+v/l+j/9f9Hfr/+X//Pur31/7n7PxK3DNn/AAAAMEHu/o/GLfY/AAAAtJG7/2Nxi/0PAAAAbeTu/3jccI+7nd2Trq5zp/w8enP9v/5f/6//9/1//f+W9P/6/yX6f/3/kd+v/9f/s25v/X/u/k/ELf7+HwAAANrI3f/JuMX+BwAAgDZy938qbrH/AQAAoI3c/Z+OW4bsf/2//l//r//X/+v/t6T/1/8v0f/r/4/8fv2//p91e+v/c/d/Jm4Zsv8BAABggtz9n41b7H8AAABoI3f/5+IW+x8AAADayN3/+bhlyP7X/+v/9f/6f/2//n9L+n/9/xL9v/7/yO/X/+v/Wbe3/j93/xfiliH7HwAAACbI3f/FuMX+BwAAgDZy938pbrH/AQAAoI3c/V+OW4bsf/2//l//r//X/+v/t6T/1/8v0f/r/4/8fv2//p91e+v/c/d/JW4Zsv8BAABggtz9X41b7H8AAABoI3f/1+IW+x8AAADayN3/9bhlyP7v3P8v/Wv6//P0//r/E/2//n9j+n/9/xL9v/7/yO/X/+v/Wbe3/j93/zfiliH7HwAAACbI3f/NuMX+BwAAgDZy938rbrH/AQAAoI3c/d+OW4bs/879/xL9/3n6f/3/if5f/78x/b/+f4n+X/9/5Pfr//X/rDuj/v/cySn9f+7+78QtQ/Y/AAAATJC7/7txi/0PAAAAbeTu/17cYv8DAABAG7n7vx+39Nn/97ll4Rf1//p//b/+X/+v/9+S/l//v0T/r/8/8vv1//p/1u3t+/+5+38Qt/TZ/wAAADBe7v4fxi32PwAAALSRu/9HcYv9DwAAAG3k7v9x3DJk/+v/9f/6/1H9/7Un+n/9/51M/6//X6L/1/8f+f36f/0/6/bW/+fu/0ncMmT/AwAAwAS5+38at9j/AAAA0Ebu/p/FLfY/AAAAtJG7/+dxy5D9r//X/+v/R/X/vv+v/7/T6f/1/0v0//r/I79f/6//Z93e+v/c/b+IW4bsfwAAAJggd/8v4xb7HwAAANrI3f+ruMX+BwAAgDZy9/86bhmy//X/+n/9v/5f/6//35L+X/+/RP+v/z/y+/X/+n/W7a3/z91/a9wyZP8DAADABLn7fxO32P8AAADQRu7+38Yt9j8AAAC0kbv/trhlyP7X/+v/W/b//6//1//r//dC/6//X6L/1/8f+f36f/0/6/bW/+fu/13cMmT/AwAAwAS5+38ft9j/AAAA0Ebu/j/ELfY/AAAAtJG7/49xy5D9r//X/196/3+uft+77f99/1//r//fDf2//n/J9P7/xpvO/1j/f8z36//1/6zbW/+fu/9PccuQ/Q8AAAAT5O7/c9xi/wMAAEAbufv/ErfY/wAAANBG7v6/xi1D9r/+X//f8vv/+n/9v/5/N/T/+v8l0/t/3/8/9vv1//p/1u2t/8/d/7e4Zcj+BwAAgAly9/89brH/AQAAoI3c/f+IW+x/AAAAaCN3/z/jliH7X/+v/9f/6//1//r/Len/9f9L9P/6/yO/X/+v/2fd3vr/3P3/DgAA//+70zwU")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)

2.651175072s ago: executing program 0 (id=5692):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, 0xffffffffffffffff)

2.43319622s ago: executing program 0 (id=5695):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)={0x2003})

2.18778598s ago: executing program 1 (id=5698):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000580)=0x6, 0x4)
sendmmsg$inet_sctp(r0, &(0x7f00000016c0)=[{&(0x7f0000000e00)=@in={0x2, 0x4e24, @remote}, 0x10, &(0x7f00000011c0)=[{&(0x7f0000000e40)="f481", 0x2}], 0x1, 0x0, 0x0, 0x4000000}], 0x1, 0x20000000)

2.049729606s ago: executing program 0 (id=5701):
r0 = fanotify_init(0x200, 0x0)
r1 = dup(r0)
write$FUSE_NOTIFY_INVAL_INODE(r1, 0x0, 0x0)

1.846586139s ago: executing program 0 (id=5703):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe)
ioctl$TIOCSSOFTCAR(r0, 0x5434, 0x0)

1.818478241s ago: executing program 1 (id=5705):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x5}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x19, &(0x7f0000000080)=""/25, 0x0, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x90)

1.769635235s ago: executing program 5 (id=5706):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x20, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0x10, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x4, 0xf}]}]}, 0x20}], 0x1, 0x0, 0x0, 0x24008015}, 0x0)

1.690461682s ago: executing program 0 (id=5707):
syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f0000000040)='./file1\x00', 0x1c005, &(0x7f00000002c0)={[{@nobarrier}, {@thread_pool={'thread_pool', 0x3d, 0x200006}}, {@autodefrag}, {@nossd}, {@nossd_spread}, {@noflushoncommit}, {@nodiscard}, {@compress_force}, {@thread_pool={'thread_pool', 0x3d, 0x3}}, {@datacow}, {@ssd_spread}]}, 0x9, 0x559d, &(0x7f000000ac40)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0xc400941b, &(0x7f0000000000)={0x1})

1.545625523s ago: executing program 3 (id=5709):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x18, 0x16, 0x1, 0x0, 0x0, {0xa}, [@nested={0x4}]}, 0x18}}, 0x0)

1.511388064s ago: executing program 2 (id=5710):
r0 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
mremap(&(0x7f000016c000/0x4000)=nil, 0x4000, 0x40000000, 0x3, &(0x7f000063c000/0x3000)=nil)
mmap(&(0x7f00008b2000/0x4000)=nil, 0x4000, 0x1, 0x13, r0, 0x0)

1.483111952s ago: executing program 5 (id=5711):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000b98bc2c900000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000340)={r0, 0x0, 0x0}, 0x10)

1.458672454s ago: executing program 3 (id=5712):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETSNDBUF(r0, 0x400454d4, 0x0)

1.409601049s ago: executing program 1 (id=5713):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DREG={0x8}, @NFTA_XFRM_SPNUM={0x8}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}]}], {0x14}}, 0x8c}}, 0x0)

1.211191303s ago: executing program 1 (id=5714):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newqdisc={0x24, 0x24, 0x1, 0x200, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x0, 0xa}, {}, {0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

1.117054102s ago: executing program 5 (id=5715):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002c00), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000002c40)={0x20, r1, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0x20}}, 0x0)

1.113375378s ago: executing program 2 (id=5716):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
flock(r0, 0xc)

937.596134ms ago: executing program 3 (id=5717):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}}, 0x0)

912.8114ms ago: executing program 5 (id=5718):
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040))
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, 0x0)

885.172453ms ago: executing program 4 (id=5719):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x3, {0x41}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

864.919413ms ago: executing program 1 (id=5720):
iopl(0x3)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0)
signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)

799.328998ms ago: executing program 2 (id=5721):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000005000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r1, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9}, 0x50)

729.789604ms ago: executing program 3 (id=5722):
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_PORT_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)={0x64, r0, 0x1, 0x0, 0x0, {0x39}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x73}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0xffffffff}}}]}, 0x64}}, 0x0)

703.794409ms ago: executing program 1 (id=5723):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file1\x00', 0x210008, &(0x7f0000001040)=ANY=[@ANYBLOB='uid=', @ANYRESDEC=0x0, @ANYBLOB="2c756e64656c6574652c6e6f7672732c6164696e6963622c766f6c756d653d30303030303030303030303030303030303030322c7569643d666f726765742c6769643d666f726765742c6e6f7374726963742c6e6f7672732c0085f95733019d784ca386da1fd41ffabd4b47acca2b8d488be702157dd8711c31732d"], 0xff, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
unlink(&(0x7f0000000000)='./file1\x00')
rename(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file1\x00')

609.650887ms ago: executing program 4 (id=5724):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe(&(0x7f0000000200)={<r0=>0xffffffffffffffff})
recvmmsg(r0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680})

559.83936ms ago: executing program 4 (id=5725):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000000040)=@fragment, 0x8)
getsockopt$inet6_opts(r0, 0x29, 0x36, 0xfffffffffffffffe, &(0x7f0000000840))

495.963308ms ago: executing program 4 (id=5726):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

421.510842ms ago: executing program 2 (id=5727):
unshare(0x2a020400)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cgroup.stat\x00', 0x275a, 0x0)
statx(r0, 0x0, 0x1000, 0x0, 0x0)

421.094195ms ago: executing program 4 (id=5728):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5, 0xc, 0x1}, @ETHTOOL_A_COALESCE_RX_USECS_IRQ={0x8, 0x4, 0x6}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_IRQ={0x8, 0x5, 0x8}, @ETHTOOL_A_COALESCE_TX_USECS={0x8, 0x6, 0x100}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2400c000}, 0x0)

394.156712ms ago: executing program 5 (id=5729):
syz_mount_image$ocfs2(&(0x7f0000004480), &(0x7f00000044c0)='./file1\x00', 0x2800400, &(0x7f00000000c0)=ANY=[@ANYBLOB="6c6f63616c616c6c6f633d31383434363734343037333730393535313630382c726573765f6c6576656c3d30303030303030303030303030303030303030322c6865617274626561743d6e6f6e652c636f686572656e63793d62756666657265642c6572726f72733d636f6e74696e75652c6e6f696e74722c636f686572656e63793d66756c6c2c6e6f61636c2c636f686572656e63793d66756c6c2c646174613d6f7264657265642c00a6bbbf4f1c4504306b696ca03fb375edc4c5f0f579bf2195c3cc88165b8c279abaa84a848971253cb6e898fee96fa6"], 0x28, 0x4470, &(0x7f0000008c00)="$eJzs281vFOcdB/DfrN1iU6B+4x2kVXuo1VbWmlNbDqXgtkKqSu2+qOoBa/0CuF17LXtdcahUqt6RIuUQ5ZwLKP8AnPgXcgjXHDmQHHKJkksc7e6svTPrDRvktYPz+UgwnmfmeZG/ntnn0WMXUrV7K5vFlc1iea1YXbyzeaX472pla3U5CgfksPunN/3ISfaH59aN3/35b1ci7n849oPt7e3tqBuJPU23ff3Zp/9ZbD+2FHJ16u3u3dp++UdETETEUOTHMxARfx+MSCJiNC0bS4/DEXEimtf+//6juaF9Gs3Ai8ezj2ZnHj55ufp8+MbtYtcbk4h3K+d/fnf14x8PXP3op/vUPQAAfK3fz936659K0/EsiVNPBzvn62fTY7f58TY9+XX/owQAAICudtf/I0kh6Vz/T6THLluCYWH7Zrv5x1szvy1Np/u/Scf1X6RFn/xmoLGHmt/3ze//jubq773/29nP62qNr9XvSCSFqcx5oTA1FTF9vXl+LjleqFQ3az+7U91aW9q3Ybyxsvk3d+8z6aQb+r3mP5Zrv//7/+MdP0318+L+/Ygdadn8B7re997/kp7yH8/VO4j8eX3Z/AcbZT9qv6HYfAHU839r8NX5T+Ta71f+p+rv9qQ+1qHMG6A+h6mXd5uvkJXN/3uNssyrM/1Gdnv+v8jlfzrX/mG9/yev97fXoyKb//cbZdlfWtt9/kcLr37+z+TaP4z86+Of9Pnfk2z+x5qF2Zdn4zvZ6/v/bK79PuX/IN1WjTiVxHjbb50+HWx+OLT2qxtLmvrl9T6M4gjI5t+5y7+7/iv0NP87l6t/UOu/Vr+t9V9rHTKZNNd/7C2b/3DX+3p9/s/n6vX9/Z8MpSuA7f/2tZ8jKpv/8WbhHhPAXvO/kGu/X/k33vhDrfx3B/zlsWZ5yfyvJ9n806gyHwMPGv835n9JZ+6f5/K/mGu/Lf/8n4bsk875X338k33q7ajJ5n+i6331/D/o4fP/Uq5e/+f/ESVz/deWzf9k1/saz//Qq/O/nKvX7/x/0s/GAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+A8bS40gkhanMeaEwNRUxnp6fi+PJQnlpfqFSXfzXZsREWl6MseRupbpQrsyvrFWXlufLlUp1MeJ0en0ihpLNSrU2v1peP7PT1nByb7m8UVtYLtci4mxafilOttpaWKmtltcb97au/bBQ3Vi/V16bX1rZ+FWpVCrF+Z0xjCbL92vLa7Vm782rERd26o4kbYNrXL64M5YTyT+rWxtr5Uqj/FJbnUp1sVxpq3M5vfZ2jCa1ja21xXJteb5SvdvqryXZp2y+iWvpcebm3F/m/jDdcb2YDmrsYIcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLfMs6u/fCciBptnhYi41voiSf9lDLx4PPtodubhk5erz4dv3C7udQ8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfMUOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVdulYpWEoCgPwuVdBwUUdfQKnkGyuiiIuRgSfwJfo0NfsY3To2KUU2hsISQNdWjp833JIfu49B+4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAux+dv+/dTNxEpbjc3EbPF410/fyq1fjt8/uoMM3I6X9/t+0fdlHdPo/yl/Fq+5l26Xs3/o9Tr3nenGezJcJ/2xn2GpvZtar6u732kXEXEQ8mfU85VddxdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCWvTk0ARAM4jh6J5hsFtfQKYyK4B5Gx3MJ59EkGAzCV99LB8ePPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP+MyrXM/xJFRXZmxn23z/nfPsX33WTZfl+UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwswMHMgAAAADC/K3zaD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBQAA//+c9MxP")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0x4020940d, &(0x7f0000000280)={0x4})

333.655269ms ago: executing program 3 (id=5730):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x8000000000000, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x24, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

251.093001ms ago: executing program 4 (id=5731):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000000), 0x10)
connect$can_bcm(r0, &(0x7f00000009c0), 0x10)

114.442629ms ago: executing program 3 (id=5732):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@ipv6_newnexthop={0x38, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x8}, @NHA_ENCAP={0x10, 0x8, 0x0, 0x1, @RPL_IPTUNNEL_SRH={0xc, 0x1, {0x0, 0x8}}}, @NHA_OIF={0x8, 0x5, r1}]}, 0x38}}, 0x0)

0s ago: executing program 0 (id=5733):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@compress_algo={'compress', 0x3d, 'lzo'}}]}, 0x1, 0x559a, &(0x7f0000005680)="$eJzs3X2QVWUdB/Bzd1lYZGI3BMGBFShfQEIhpVRS7kBBuDJtkjU2GQtioaAwzBI1ii04WLgam1kz5QxCiwjDUmszGmXlygyQk9PWjIPIgjLThjG9SMXEFjU2e+99Lveey+5eyVxfPh9m99zn/s7znOeeOX/c72WfcyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIoujgjtr/rB1ZV75+06hFt199cPSq0RNWVDWdHHWg+rzdl/absWjovuntdw6b0bH6SPX65tsu6IyiRKpfItN/3vSPX/+FufPmlIcBaz+Z3lZWdnfIdNfD6Ub/vCe7+uX/zI+iqCw2QGlmu7s0p52IHyBaXjhgj8pmbVsycEGyduvmp+ouX7J1XOFLp0t5X0+gr2Suq45T11Iy9bsktke2nXPpJfIu0XT/+AX3prwIAOB1mVST2mTfjmbe4mbb9fF6rJ2MtRtj7fAOoTG3cSbS4/bvbp5j4vU+mmcyHRUGdDvPWD1z/rPtmnj/WDsWNV7HPPN3zUSa8u7muSxW76t5AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALyVvFa3Ys34z714sOyX549bvfLk4WvLL3zoq/8uWXrzS68dqlnzl7ah+6a33zlsRsfqI9Xrm2+7oDOKKlP9EunuiWknXr1kYvWcUeuf+N7ETc+OP16aGTds++XsHO0PD66siKIFOZWOMOzRwVFUk19INaPvFhZuTT2YHQoAAAC8k5yb+l2SbafjYFleO5FKk4nUvyAdFstmbVsycEGyduvmp+ouX7J13JmPV9PNeMnTjpdtV576SeQE4xB/4+OdqoddlxeM07P4iPE8P+X5l1+oGHHtT5+pOu+mlde/NPKax9tmfnP48UX7K+8YtGrc2CsK8n9lz/k/nDn5HwAAgP+F/B8fp2e95f/PzK+75Y5HvnJszD2HVw66+8H9G4eVH7nplsn7/jj8hosvvqz2xoL8PybvkAX5P8w45P+S6MzyPwAAALyV/b/zf7JgnJ71lv/bhzff/MB7Di2sbOt4evtlK/b0X3j1RUMOPHTR3In3XjdozPkNBfl/UnH5v1/utMOTz4UJL66IoknFn1QAAAAgT/h/91MfLYS8nv7kIJ7XW+dtGd3y6swvTxj78KH6P1Vtnvj5jUMe37lh5jd2PXf3/RPbzi7I/8ni8n/Zm/NyAQAAgCI0HTpnxNBPJ38e3X/01vnf/+yuR+9b+sWrLtnbOWvC2l9UP72jviD/1xSX/wf0zcsBAAAATuPE+GsW/mPnkd9e1/yJ+5qO/v5Lq0p/NaNp9/62hqZ/bh81e/XkgvxfW1z+Pyuzzax8SHfaE/4K4VsVUVTe9WBZurA3apyWLQAAAABvkJDT75ryfMm9A6edu2Xub06Me+KFPZ/aN3vxhnPWTGp69n2tiz9y4WMF+X9Zz/f/D3c6COv/8+7/V7D+P6eQvuvfVDcGAAAA4N2ocD1/uD1++psLuvv+/WLX///w6xv+mqiqf/ID8342q/P9zT/Z2zr1wZNVf5hz/OGW5MgnL32xIP/XF5f/S3O3b+T3/wEAAMAZeLt9/9+NBeP0rLf7/7c980j1o1d+6GtXza2buuN3H77iz68Mn9qwPXpl+UfbFx342K5fF+T/xuLyf9gOyn15reH83FMRRSO6HmTuJrgtTHdxrNBSllNIn/hYj7mhR6bQMiCnkLIs1uODFVE0tutBfazw3lBojBWODc4UNsYKbaGQuR6yhR/ECq3hSvvO4Mx044Ufh0JmgUVLWEExKLskItbj79316Cqctkd79uAAAADvKiE8Z7JsWX4zikfZlkRvO5zV2w4lve1Q2tsO/WI7xHfs7vmoNr8Qnv/Rt294ecBdD2yom7Jl04KqhrPX/euxyZNuX7Z2Z93SziF/W7euIP9vLC7/h1PRP73pbv1/FNb/Z77XMLv+vzYUKmOFllCoid8xoCYcIx12G8IxKmsyPY6NyBYAAADgHS18LlDax/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7J373FW1nXiwL8zzIUZhplRMS+RISaKwTCMKYaZID/TnwQOq6WFJgSDjgxCXEzQTUTd1VzB2+ZtE0jdtIwoNbVUeGnekspLsKl5SfHSK41lS5Js133NnPM9nPOcOc5BQBn3/f5jzvecz/f6nMuc7/M85/sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/N2z85GVfeHmfj/xg3cKBi1eP+krfI4cMn3DMNTceu/jhb0/e777f//8+aw575sydR60955XRi245de+3QmjuKFeSKl5y6F/XNQwePabvotuvGbz0kYF/qUjXm46HXu1/StN3zoutru0dwh0lIZQlA4NrUoHy9P2aWF/fmhB2CJsCmRIt1akSyYbDA1UhLAmbApmq7qoKoSYrcOwT9624uD1xRVUIe4cQKpNtPFuZaqMqGRhQkQpUJwPTy1KBv76TkgncWZoKwBaLb4bMi355c26G+s7LFXj9lW+1jn2wksPrERP1hfO9MXIbdypLRfKB5i162vKqY5vIe3us9G7rBu+2vO18iact+4tU+hvKO5tClaF0csuUiXPaZsdHSkNDQ49CNW2j5/np9WdN2px0t3kdxg7Ub5XX4aoLe49d/OhRw2+tG35Dn0ELN25pNwtt3m2tMqRfc93meYxG+DzpBm+/vG9J/XzpCiHsf9v42798wcs3L7h87K4HPbHTsDc+u/vdLT+75YTxxx++fsVXf//jvPl//bvP/+PLOd6W5uSOrb5dm5qbx0dqYmJdbWpuDgAAAN1Gd9hr+srq/5722X3HDX185OrqW2+659SL7/v8tT9r3a/t4bE77fj8vvN+lDf/71fc8f94yL8me7QrQxjRkTi3LoRdOx5PBW6O3flqXQh7dqSacwMjE4GVIezWkRiYqSpRomcs0S8ReLU2HRiRCDwYA82JwI0xcEkicF4MLE8EJsXAykTgsBgIrbnj2K82PY6iA1UxMCG1EZfHsxD+XBtbS2yrZzJVAQAAbCXp2WF57t2scx22NEOcXi6v6ipDPAO7YIbKRA3JGWxmWlWwhrKuaijtqobMuOe/+/Dzai7pqua80zBKcjNcWXXLpT8aNumNu2e8tOG0Iz7x2quP1S/96afXXfPGU9Mr79/j8ofz5v+N7z7/r+ykIyV5x/9DGNfxN+YuTUfaMvEJzTkZAAAAgC3w1sADvvydsq/NfeH3jwz75K+vfez1lQ9/dO8zb1v7/Bk/+NZ3au4fnTf/H1Hc+f9xn0iPrMxhVdwNMbUuhMbcQKrag/MDqaPevdIBAAAA6A4yx+Mzx8Jb07epU7ST8+n8/M2bmT8e+B/Raf7131p2/Y6feGT2Q7W3zXhqw+NfWTl64bEz3xh05dmP7HvoQU+N/Gze/L+5uPP/q3NvU514MPbi8roQemYFHoq9bA906BcDLxyaG0iP/8G4AS6KVaVPTMhUdVEsMSEGGhOBJYVKPJYpsWtuIP1kZRo/NzOO1nSJrAAAAAC87+LugHhcPp7/v2LBXZf9x41/umzVgUtnnzz98de+V1H5zknL7zyxzwX39li008hJefP/CZt3/n/HPDjv9P62XiEMKQuhR/KHAauqUwsDxkBNSTpxT3Wqrh7JqhZUh3Bw+8CSVb2YXv+/LLnG4JNVqapiYNf+N60f0J64oSqEIdmBNeOXHtCemJMIZBr/YlUIH28fbbLxn/RMNV6ebPyqniHskRXIVDWpZwjtjVUkq7q/Mn0dg2RVyytD2CkrkKlqWGUIcwMA3VX8Xzo5+8FZc+dNndjW1jJzGybiTvyqMKW1raVh0vS2yZUF+jQ50eecdYzOyR9TsZe++V16jaLVx0ytKyad+aFgY3Zb6R35eWcOpu/HL0PlHeNsKs+5u39yyPvuld9EyPoqVWjIpdt4yNXZlWx6EvPqj/krQq/Qc86slpkNZ0ycPXvm0NTfYrM3pf7G40ypbTU0ua2qO+tbES+PgstlJbzXbTUgu5Ihs6fNGDJr7rzBrdMmntxycstpwz7VNKxp6P5NjUPaB5X+28VIB3RWc2Kk7ywtclhbcaS7l2VV8n58aEhISHS3xE2Xj39m0UcXV3538UmXPHH++WefcvrOt1057ft9p48fdOXnlkz9et78f8a7z//jp0784E+vz1Do+H99PMyfenzTYf4JMbCk2OP/9YWO5mdODOiXCMyPgfkO8wMAAPDhEHdHxr2Zcad07SvfOP1/Tjii9NA/HP2LpqGDdrnw1qkDbnx94+kf23vekmvLKvKv/ze/uN//b6X1/zNL1x9VaJn/gbFEY6H1/5PL/GfW/59faP3/5DL/mfX/l3wA6//PyQQSm+TP1v8HAAA+DN6/9f+7XN4/eYGAvAxdLu+fvEBAXoYul/Ev9gIBm73+/89/XrbDx47YrW/ZF56YuNedB/7mpGkP7vKjUVev+3RT/TfPWPPzZXnz/0uKm/9buB8AAAC2Hyfs+6UBC14a8vVzpj/ww8Ezdn7purOfH3HPL4/75MYxfddVr+v76bz5/5Li5v/v//p/odD5//0KBZoLLQxo/T8AAAC6qULr//3t42d987p+O24Y1O/M29+6emrJ8L2fO/XXbRc9NOrwj435xyWTrs2b/y8vbv4fT7sozckde/N2bWpNu5Bc025dbeYnAwAAANA9lIaGhvIi8+YsjDryvbf5dHop0HdLZ9vtE6vWnHvvdX8fcvP5C9Ydf3rtQUf+oeyQOydf99KCU/boX/Pc2rz5/8ri5v85v8tYdWHvsYsfPWr427fWDb+hz6CFGzcd/wcAAAC2nWL3SwAAAAAAAAAAAAAAAB+8Y1b95Kz/+uWY4+4cNu/qR3d+/OT//PqsM1on/aLtiHUHPLv0hk/tk/f7/zCuo1yh3//H6/7F3xf0yckdW+16/b/0/WNHL5vbsWThqtoQ9soOTF0wdYeQvjb/PtmBFScO3KU9sSBZ4u7nDnu5PXFSMnDk4B03tCc+kwhMiIsk7pYMxKsqbuidCMTlFZ9MBuL2WJ4MVKQDF/ZOjaMkua3+UJPaViXJbfV0TQh1WYHMtrqjJtVGSXKAVyQCmQF+LRmIAxybDpQme7WsV6pXMVATiy7uleoVAADbrfgtsDxMaW1raYxf4ePt7mW5t1HOkmXn5FdbUmTzv0svTbb6mKl1xaR7JL+LbrrWeHmobB/C0Lyvq9lZSjpGuXVq6WLT9Skw5K5WeystUC5pczddReERVaVG1DBpetvk8i4Hvn/XWZrKuswyNG+yk52ltGOTFlFLEX0pYkRFbpsiuhzvl4aGhh6JXMNjsD7k6OoVUezv9bPX+Sv0KsjOs3zUQQOOW/bcgRMWPXnQtKnhI5e9M2Li5FmHXPHiU0vnjxw0oUfe/L++uPl/Zfa4NqQvBjA/Xlnv4LoQJhQ5IgAAAPjwO+W05y674P5LX32hecDL04dcuuK3c6+aV1Z783mHP3336W+OX3jSlsYHDHtj6Kl3/ebcjU2jHrqy99X3X7PTkXU//H/Vvea+tWLQmy/cvVfe/L9fcfP/uAcrfSg4tbdjZbz+/7l1IXRcWr8+Fbg5DverdSHs2ZFqjiVSF9Q/KpZoTAVujjtMBsYSE5pzq+oZA8sTgVdr04GVicCDMZDeS3FTSO/KubQ2hAM6UuNyS8yIJeoTgaNjoF8i0BADjYlA7xgYkQi83jsdaE4EHo2B0Jq7rW7tnd5WAAAAmyM9zyrPvRuS87zlZV1lKOkqQ3VXGUq7ylDZVYZCo4j3fxwzlCdOXinJylSerLUqUUtehngx/M3uV16G8FhuzmTBvKbj+QeZ8w1KcjNccWbF9Dc/33/R8UPGrB/ftPhzc38a/uHtOW9d8OYvz6977pqNJXnz/8bi5v/Vubep1h+M8/9N1/9LBR6K3bs8njreLwZeODQ3kN4x8GCc7F6Uqao5XSI9ab8olhgRA/0SgRkxMCIRmDAuHViyS24gPdPONH5upvHWdImsAAAAALzv4g6CuJsmzv+fXTv+iWnjf3vQZX1nLzx/+VFffvrXx736i3t73v3d/osebitZuzpv/j+iuPl/bK9XdmPnxd6s7R3CHSWbepMJDK5JBeJ+jJr48/i+NSHskLWDI1OipTpVoiLRcHigKvUL9YpkVXdVpdYYiPePfeK+FRe3J66oCmHvrL0vmTaerUy1UZUMDKhIBaqTgellqUDc85MJ3FmaCsAWy+wVjC+o9KkuGfWdlyvw+vuwXBM0Oby8faCd5OvsN1fbSmXygfQ+1YzNe9ryqmObyHt7rPRu647vtnrvtuwvUulvKO9sClWG0sktUybOaZsdH8n+JWuebfQ8Z/9KtZj0Vngdzn/vve1aZbIDjYmPj8bOy3X+OiyJ1a26sPfYxY8eNfzWuuE39Bm0cGPR3Sgg/lB45rCr6rM377ZWGdKvuW73edLs86Q7/hvo52kLIYy7d+xFjYfcuHDSiP7X73xH7fDLvzT4lkMbnx1XM2eXw8e89sV5efP/5uLm/2WJ2w4b48acVRfCvlkbd1Xc/KPqUp+DWYHUp+RO+YHUIfeXagt+cgIAAMDWltndkdlf0Jq+TZ0Qnpwn5+dv3sz8cX/FiE7zF9vv/lecsnL0hAN/23f8XoccvM9Zdy04er+/Tbz+tT9Wj5z0wPd+tfr6vPn/hHef//dMdNPxf8f/2UYc/+/U9r4rumfygflbtCs6rzq2Ccf/O7W9v9sc/++U4/+O/3fG8f8uOP7fqe39acv7ljTDl64Qwr9f/vm/vX3Pbv02LC393pQH5vU//rLvL1r2k52f+efH/mn69H33/FXe/H9GcfN/6/91vmhfZv2/CYXW/5tRaP2/+db/AwAAtqkCC80l53l5q/flZUiu3peXocsFArtcYtD6f5u9/t+L/3Lpgr2mjv3GiWc9dnDvR+tHrRkz6O8nvbrnmuuevHLoIyf8/dt58//5xc3/48uhV3br3WX9v37jClR1SQzMsDAgAAAA26NCOwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4YJ31xynnjVjw+J+ap39l/fLx32nd8fGHprzefMQPRy87es0pu5xyb581hz1z5s6j1p7zyuhFt5y691shtHaUK0kVLzn0r+saBo8e03fR7dcMXvrIwL9UpustT99+NCd3bPXt2hCWZD1SExPratvvbAocO3rZ3LL2xKraEPbKDkxdMHWH9sSNtSHskx1YceLAXdoTC5Il7n7usJfbEyclA0cO3nFDe+Iz6UBJsrv/1jvV3ZJkdy/uHUJdViDT3VN751aVaeOIdKA02cZ3a1JtxEBNLHpVTaqNGGiLJVp7hjCkLIQeyaoeqUxV1SNZ1U8rU1X1SFZ1dmUIB4cQypJVPV+RqqosOfLHKlJVxcCu/W9aP6A9sbQihCHZgTXjlx7QnpiZCGQaP6YihI+3v2SSjd9anmq8PNn4v5aHsEcIoSJZ4s2yVImKZIkXy0LYKSuwaSOWhTA38OEQP30mZz84a+68qRPb2lpmbsNERbqtqjClta2lYdL0tsmViT4VUpKVfuec9z72360/a1L77epjptYVky5Llyvv6HJTec7d/bf33sd+VWdXsun5yKs/5q8IvULPObNaZjacMXH27JlDU3+Lzd6U+tsjHU1tq6HdZVsNyK5kyOxpM4bMmjtvcOu0iSe3nNxy2rBPNQ1rGrp/U+OQ9kGl/26NkS59/0e6e1lWJe/H+19CQqK7JUpzPt0at/fP8bwv+ps6Wh4qOz6g86YV2VlKOka5NQY98j2O+L18TelyREPzJg55WZq6zrJ/3mRiU5aqVJaOr3V5k8Psmko7Nmm8XxoaGnoU2g71uXezN+8bW7B5n05vumLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwv+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAD//+GI8JI=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x17f)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000000)={0x7, 0x7, 0x1, 0x3, 0x2, [0x64, 0x400, 0x5, 0x40]})

kernel console output (not intermixed with test programs):

op2): Directory bread(block 71) failed
[  536.541451][T17796] FAT-fs (loop2): Directory bread(block 72) failed
[  536.547994][T17796] FAT-fs (loop2): Directory bread(block 73) failed
[  536.615567][ T5225] ocfs2: Unmounting device (7,0) on (node local)
[  536.630061][T17228] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  537.398215][T17805] loop3: detected capacity change from 0 to 32768
[  537.405135][  T205] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  537.421811][T17805] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4533 (17805)
[  537.500448][T17805] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  537.540581][T17805] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  537.555366][T17805] BTRFS info (device loop3): disk space caching is enabled
[  537.620689][T17805] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  537.818174][T17837] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4547'.
[  538.059506][T17846] loop0: detected capacity change from 0 to 128
[  538.083522][T17805] BTRFS info (device loop3): rebuilding free space tree
[  538.126720][T17846] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  538.169899][T17805] BTRFS info (device loop3): disabling free space tree
[  538.229882][T17805] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  538.239709][T17805] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  538.296366][T17865] loop1: detected capacity change from 0 to 256
[  538.410705][T17867] loop5: detected capacity change from 0 to 512
[  538.414193][T17865] FAT-fs (loop1): Directory bread(block 64) failed
[  538.423118][T17867] EXT4-fs: Ignoring removed oldalloc option
[  538.489956][T17865] FAT-fs (loop1): Directory bread(block 65) failed
[  538.502415][T17865] FAT-fs (loop1): Directory bread(block 66) failed
[  538.508967][T17865] FAT-fs (loop1): Directory bread(block 67) failed
[  538.559094][T16024] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  538.586447][T17867] EXT4-fs error (device loop5): ext4_xattr_inode_iget:436: comm syz.5.4556: Parent and EA inode have the same ino 15
[  538.602580][T17867] EXT4-fs error (device loop5): ext4_xattr_inode_iget:436: comm syz.5.4556: Parent and EA inode have the same ino 15
[  538.618587][T17867] EXT4-fs (loop5): 1 orphan inode deleted
[  538.625655][T17867] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  538.687778][T17865] FAT-fs (loop1): Directory bread(block 68) failed
[  538.696660][T17865] FAT-fs (loop1): Directory bread(block 69) failed
[  538.704422][T17865] FAT-fs (loop1): Directory bread(block 70) failed
[  538.712294][T17865] FAT-fs (loop1): Directory bread(block 71) failed
[  538.719002][T17865] FAT-fs (loop1): Directory bread(block 72) failed
[  538.725732][T17865] FAT-fs (loop1): Directory bread(block 73) failed
[  538.758460][T17033] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  539.343229][   T64] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  539.361400][T17890] netlink: 110 bytes leftover after parsing attributes in process `syz.3.4558'.
[  539.634140][T17896] loop3: detected capacity change from 0 to 8
[  539.651281][T17896] squashfs: Unknown parameter 'dΐš'
[  539.916504][T17900] loop2: detected capacity change from 0 to 1024
[  540.036482][T17900] EXT4-fs: Ignoring removed nomblk_io_submit option
[  540.056594][T17882] loop4: detected capacity change from 0 to 40427
[  540.120656][T17882] F2FS-fs (loop4): heap/no_heap options were deprecated
[  540.218494][T17882] F2FS-fs (loop4): invalid crc value
[  540.373005][T17879] loop0: detected capacity change from 0 to 40427
[  540.385845][T17879] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  540.393541][T17879] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  540.403623][T17882] F2FS-fs (loop4): Found nat_bits in checkpoint
[  540.410541][T17879] F2FS-fs (loop0): heap/no_heap options were deprecated
[  540.505261][T17882] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  540.517428][   T29] audit: type=1326 audit(1728261724.488:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17912 comm="syz.5.4576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36dd7dff9 code=0x7ffc0000
[  540.535952][T17871] Bluetooth: hci8: command 0x0405 tx timeout
[  540.539819][    C1] vkms_vblank_simulate: vblank timer overrun
[  540.551985][   T29] audit: type=1326 audit(1728261724.488:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17912 comm="syz.5.4576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36dd7dff9 code=0x7ffc0000
[  540.574327][    C1] vkms_vblank_simulate: vblank timer overrun
[  540.581472][   T29] audit: type=1326 audit(1728261724.548:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17912 comm="syz.5.4576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc36dd7dff9 code=0x7ffc0000
[  540.603813][    C1] vkms_vblank_simulate: vblank timer overrun
[  540.611186][   T29] audit: type=1326 audit(1728261724.548:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17912 comm="syz.5.4576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36dd7dff9 code=0x7ffc0000
[  540.633916][   T29] audit: type=1326 audit(1728261724.548:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17912 comm="syz.5.4576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36dd7dff9 code=0x7ffc0000
[  540.656257][    C1] vkms_vblank_simulate: vblank timer overrun
[  540.700444][T17879] F2FS-fs (loop0): invalid crc value
[  540.705941][   T29] audit: type=1326 audit(1728261724.688:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17912 comm="syz.5.4576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7fc36dd7dff9 code=0x7ffc0000
[  540.728248][   T29] audit: type=1326 audit(1728261724.688:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17912 comm="syz.5.4576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36dd7dff9 code=0x7ffc0000
[  540.750874][   T29] audit: type=1326 audit(1728261724.688:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17912 comm="syz.5.4576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36dd7dff9 code=0x7ffc0000
[  540.773327][    C1] vkms_vblank_simulate: vblank timer overrun
[  540.857479][T17879] F2FS-fs (loop0): Found nat_bits in checkpoint
[  540.883323][T17927] loop1: detected capacity change from 0 to 64
[  540.891748][T17228] syz-executor: attempt to access beyond end of device
[  540.891748][T17228] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  540.905948][T17228] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  540.961230][T17929] loop5: detected capacity change from 0 to 1024
[  541.250896][T17879] F2FS-fs (loop0): Start checkpoint disabled!
[  541.275613][   T35] hfsplus: b-tree write err: -5, ino 4
[  541.304326][T17918] loop2: detected capacity change from 0 to 40427
[  541.337765][T17918] F2FS-fs (loop2): invalid crc value
[  541.351818][T17879] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  541.360311][T17879] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  541.401442][T17918] F2FS-fs (loop2): Found nat_bits in checkpoint
[  541.586292][T17879] F2FS-fs (loop0): disabling checkpoint not compatible with read-only
[  541.683028][T17918] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  541.702123][T17942] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4585'.
[  542.335851][T17957] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4593'.
[  542.365483][T17949] loop3: detected capacity change from 0 to 4096
[  542.400081][T17949] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  542.401944][T17957] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4593'.
[  542.662766][T17949] ntfs3: loop3: ino=1e, "file1" attr_set_size
[  542.669340][T17949] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  542.745067][T17949] ntfs3: loop3: ino=3, ntfs_set_state failed, -22.
[  542.753080][T17968] loop2: detected capacity change from 0 to 64
[  542.921996][  T205] ntfs3: loop3: ino=3, ntfs3_write_inode failed, -22.
[  543.173080][T17981] netlink: 'syz.5.4602': attribute type 27 has an invalid length.
[  543.183181][T14358] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  543.255595][T17983] loop5: detected capacity change from 0 to 1024
[  543.352454][T17986] loop0: detected capacity change from 0 to 164
[  543.434224][T17988] loop3: detected capacity change from 0 to 256
[  543.480200][T17986] iso9660: Corrupted directory entry in block 2 of inode 1920
[  543.511469][T17988] FAT-fs (loop3): Directory bread(block 64) failed
[  543.545547][T14358] hfsplus: b-tree write err: -5, ino 4
[  543.556113][T17988] FAT-fs (loop3): Directory bread(block 65) failed
[  543.617905][T17988] FAT-fs (loop3): Directory bread(block 66) failed
[  543.628243][T17988] FAT-fs (loop3): Directory bread(block 67) failed
[  543.662262][T17988] FAT-fs (loop3): Directory bread(block 68) failed
[  543.668882][T17988] FAT-fs (loop3): Directory bread(block 69) failed
[  543.681414][T17988] FAT-fs (loop3): Directory bread(block 70) failed
[  543.712014][T17988] FAT-fs (loop3): Directory bread(block 71) failed
[  543.718648][T17988] FAT-fs (loop3): Directory bread(block 72) failed
[  543.820631][T17988] FAT-fs (loop3): Directory bread(block 73) failed
[  544.111825][T18004] loop5: detected capacity change from 0 to 64
[  544.411703][T17985] loop1: detected capacity change from 0 to 40427
[  544.486332][T17985] F2FS-fs (loop1): invalid crc value
[  544.531165][T17985] F2FS-fs (loop1): Found nat_bits in checkpoint
[  544.816525][T18022] netlink: 'syz.3.4621': attribute type 3 has an invalid length.
[  544.829146][T18022] netlink: 'syz.3.4621': attribute type 1 has an invalid length.
[  544.839050][T18022] netlink: 191384 bytes leftover after parsing attributes in process `syz.3.4621'.
[  544.870810][T17985] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  545.081052][T14358] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  545.108099][T18010] loop0: detected capacity change from 0 to 32768
[  545.141765][T18027] loop3: detected capacity change from 0 to 256
[  545.188973][T18010] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4616 (18010)
[  545.214382][T18027] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[  545.236095][T18010] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  545.277330][T18010] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  545.305278][T18010] BTRFS info (device loop0): using free-space-tree
[  545.463832][ T5405] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  545.551772][ T5225] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  545.831353][ T5405] usb 3-1: Using ep0 maxpacket: 8
[  545.839353][ T5405] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 223, changing to 11
[  545.860454][ T5405] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  545.870303][ T5405] usb 3-1: New USB device found, idVendor=044e, idProduct=1215, bcdDevice= 0.00
[  545.879450][ T5405] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  545.901919][ T5405] usb 3-1: config 0 descriptor??
[  546.377493][ T5405] hid-alps 0003:044E:1215.0068: hidraw0: USB HID v40.00 Device [HID 044e:1215] on usb-dummy_hcd.2-1/input0
[  546.707805][ T5288] usb 3-1: USB disconnect, device number 45
[  546.890530][T18067] loop3: detected capacity change from 0 to 1024
[  546.942650][T18067] hfsplus: bad catalog entry type
[  547.162174][  T205] hfsplus: b-tree write err: -5, ino 4
[  547.425839][T18081] loop4: detected capacity change from 0 to 256
[  547.464661][T18085] loop1: detected capacity change from 0 to 128
[  547.489345][T18081] exfat: Deprecated parameter 'utf8'
[  547.581838][T18085] VFS: Found a Xenix FS (block size = 512) on device loop1
[  547.627475][T18081] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xba7df490, utbl_chksum : 0xe619d30d)
[  547.857447][ T5227] sysv_free_block: trying to free block not in datazone
[  547.877041][ T5227] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  548.131917][T18080] loop3: detected capacity change from 0 to 40427
[  548.345458][T18107] netlink: 'syz.4.4652': attribute type 3 has an invalid length.
[  548.346014][T18080] F2FS-fs (loop3): Found nat_bits in checkpoint
[  548.362224][ T2576] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  548.387584][T18109] loop2: detected capacity change from 0 to 512
[  548.543610][T18109] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  548.590230][T18080] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  548.621133][T18109] ext4 filesystem being mounted at /258/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  548.703938][T16024] syz-executor: attempt to access beyond end of device
[  548.703938][T16024] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  548.750501][T16024] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  548.785117][T13243] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  549.053337][    T9] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  549.220444][    T9] usb 2-1: Using ep0 maxpacket: 8
[  549.239427][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  549.286601][ T5288] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  549.302637][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  549.324329][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  549.333003][    T9] usb 2-1: SerialNumber: syz
[  549.341740][    T9] usb 2-1: config 0 descriptor??
[  549.358937][    T9] usb 2-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  549.366093][    T9] usb 2-1: No valid video chain found.
[  549.441401][T18134] openvswitch: netlink: Actions may not be safe on all matching packets
[  549.494635][ T5288] usb 3-1: Using ep0 maxpacket: 32
[  549.503910][ T5288] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  549.530645][ T5288] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  549.547035][ T5288] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  549.630849][    T9] usb 2-1: USB disconnect, device number 39
[  549.647349][ T5288] usb 3-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  549.657539][ T5288] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  549.666051][ T5288] usb 3-1: Product: syz
[  549.670225][ T5288] usb 3-1: Manufacturer: syz
[  549.674921][ T5288] usb 3-1: SerialNumber: syz
[  549.683308][T18126] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  549.698741][ T5288] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input48
[  549.981773][T18143] loop3: detected capacity change from 0 to 128
[  550.031196][    T9] usb 3-1: USB disconnect, device number 46
[  550.064342][T18148] loop0: detected capacity change from 0 to 256
[  550.073601][T18143] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  550.086180][T18143] ext4 filesystem being mounted at /147/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  550.104690][T18148] exfat: Deprecated parameter 'utf8'
[  550.157474][    T9] appletouch 3-1:1.0: input: appletouch disconnected
[  550.202025][T14358] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  550.226888][T16024] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  550.280835][T18148] exfat: Deprecated parameter 'namecase'
[  550.332506][T18148] exfat: Deprecated parameter 'namecase'
[  550.356855][T18148] exfat: Deprecated parameter 'utf8'
[  550.446727][T18148] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  550.537844][T18156] loop1: detected capacity change from 0 to 2048
[  550.574784][T18156] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  550.792828][T18167] loop2: detected capacity change from 0 to 16
[  550.870650][T18167] erofs: (device loop2): mounted with root inode @ nid 36.
[  550.900677][T18167] erofs: (device loop2): erofs_read_inode: bogus i_mode (0) @ nid 0
[  550.950655][   T29] audit: type=1800 audit(1728261734.928:168): pid=18171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4672" name="file1" dev="loop1" ino=1346 res=0 errno=0
[  550.988162][T18175] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  552.008240][T18202] netlink: 'syz.4.4692': attribute type 1 has an invalid length.
[  552.030695][T18202] netlink: 191384 bytes leftover after parsing attributes in process `syz.4.4692'.
[  552.348769][T18212] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4699'.
[  552.360166][T18212] openvswitch: netlink: Multiple metadata blocks provided
[  552.723427][T18228] loop4: detected capacity change from 0 to 1024
[  552.790826][T18228] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  552.833455][T18228] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  552.856508][T18228] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2793: inode #2: comm syz.4.4706: corrupted in-inode xattr: bad e_name length
[  552.880256][T18228] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #2: comm syz.4.4706: corrupted in-inode xattr: bad e_name length
[  553.008020][T18234] loop5: detected capacity change from 0 to 1024
[  553.015708][T17228] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  553.087503][T18234] EXT4-fs: Ignoring removed orlov option
[  553.188284][T18234] EXT4-fs: Ignoring removed nomblk_io_submit option
[  553.232874][T18215] loop2: detected capacity change from 0 to 32768
[  553.301688][T18234] EXT4-fs (loop5): Test dummy encryption mode enabled
[  553.434972][T18215] find_entry called with index >= next_index
[  553.446905][T18201] loop1: detected capacity change from 0 to 40427
[  553.455197][T18201] F2FS-fs (loop1): Corrupted extension count (64 + 1 > 64)
[  553.458424][T18234] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  553.480946][T18201] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  553.510247][T18215] find_entry called with index >= next_index
[  553.516849][T18215] find_entry called with index >= next_index
[  553.619769][T18201] F2FS-fs (loop1): Found nat_bits in checkpoint
[  553.917480][T18201] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  553.946130][T17033] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  553.972942][T18201] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  554.077721][ T2576] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  554.081848][T18245] f2fs_ckpt-7:1: attempt to access beyond end of device
[  554.081848][T18245] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  554.106159][T18245] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  554.259419][T18261] nbd: must specify an index to disconnect
[  554.451545][T18269] loop3: detected capacity change from 0 to 512
[  554.540532][T18269] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  554.591107][T18269] EXT4-fs (loop3): 1 truncate cleaned up
[  554.597772][T18269] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  554.772640][T16024] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  555.100538][T14690] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  555.175293][ T5292] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  555.246663][ T2576] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  555.317192][T14690] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  555.354057][T14690] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  555.364561][T14690] usb 3-1: New USB device found, idVendor=0543, idProduct=e621, bcdDevice= 0.00
[  555.374189][T14690] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  555.387488][T14690] usb 3-1: config 0 descriptor??
[  555.418495][ T5292] usb 4-1: config 0 has an invalid interface number: 117 but max is 0
[  555.433974][ T5292] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  555.445657][ T5292] usb 4-1: config 0 has no interface number 0
[  555.455229][ T5292] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  555.467242][ T5292] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  555.484700][ T5292] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  555.494085][ T5292] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.512989][ T5292] usb 4-1: Product: syz
[  555.517368][ T5292] usb 4-1: Manufacturer: syz
[  555.525391][ T5292] usb 4-1: SerialNumber: syz
[  555.549029][ T5292] usb 4-1: config 0 descriptor??
[  555.819770][T14690] viewsonic 0003:0543:E621.0069: hidraw0: USB HID v0.00 Device [HID 0543:e621] on usb-dummy_hcd.2-1/input0
[  556.013236][    T9] usb 3-1: USB disconnect, device number 47
[  556.184708][ T5292] usbtouchscreen 4-1:0.117: probe with driver usbtouchscreen failed with error -71
[  556.209843][ T5232] Bluetooth: hci8: command 0x0405 tx timeout
[  556.213558][ T5292] usb 4-1: USB disconnect, device number 38
[  556.361740][T18298] loop4: detected capacity change from 0 to 32768
[  556.373592][T18298] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4737 (18298)
[  556.393207][T18298] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  556.403548][T18298] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  556.412332][T18298] BTRFS info (device loop4): disk space caching is enabled
[  556.419732][T18298] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  556.477296][T18313] loop1: detected capacity change from 0 to 16
[  556.493139][T18313] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  556.538528][T18298] BTRFS info (device loop4): rebuilding free space tree
[  556.695633][T18298] BTRFS info (device loop4): disabling free space tree
[  556.716489][T18324] loop2: detected capacity change from 0 to 1024
[  556.718727][T18298] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  556.770566][T18298] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  556.897974][T18328] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4743'.
[  556.910982][T18328] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  556.920328][  T205] hfsplus: b-tree write err: -5, ino 4
[  556.950336][T18329] netlink: 'syz.1.4742': attribute type 29 has an invalid length.
[  556.974623][T18326] netlink: 'syz.1.4742': attribute type 29 has an invalid length.
[  557.174564][T17228] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  557.973850][T18338] loop2: detected capacity change from 0 to 32768
[  557.981950][T18338] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4749 (18338)
[  558.044839][T18338] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  558.059488][T18338] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  558.140543][T18338] BTRFS info (device loop2): using free-space-tree
[  558.197254][T18350] loop3: detected capacity change from 0 to 8192
[  558.333536][T18370] devtmpfs: Cannot retroactively limit inodes
[  558.647545][T13243] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  558.827119][T18382] netlink: 'syz.5.4761': attribute type 29 has an invalid length.
[  558.922771][T18382] netlink: 'syz.5.4761': attribute type 29 has an invalid length.
[  559.242762][   T52] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  559.510312][T18392] loop0: detected capacity change from 0 to 512
[  559.620952][T18392] EXT4-fs error (device loop0): __ext4_iget:4952: inode #11: block 16: comm syz.0.4766: invalid block
[  559.675819][T18392] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.4766: couldn't read orphan inode 11 (err -117)
[  559.688422][T18392] EXT4-fs (loop0): 1 truncate cleaned up
[  559.791647][T18392] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  559.826833][T18379] loop1: detected capacity change from 0 to 32768
[  559.964862][T18392] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.4766: bg 0: block 16: invalid block bitmap
[  560.044098][T18379] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  560.086471][T18416] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4771'.
[  560.101967][T18379] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  560.176944][T18379] XFS (loop1): Ending clean mount
[  560.211691][ T5225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  560.228542][T18379] XFS (loop1): Quotacheck needed: Please wait.
[  560.420478][T18379] XFS (loop1): Quotacheck: Done.
[  560.519783][ T5227] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  560.573836][T18429] loop5: detected capacity change from 0 to 2048
[  560.632015][T18429] NILFS (loop5): invalid segment: Checksum error in segment payload
[  560.660442][T18429] NILFS (loop5): trying rollback from an earlier position
[  560.668757][T18433] loop3: detected capacity change from 0 to 512
[  560.719082][T18433] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  560.768743][T18429] NILFS (loop5): recovery complete
[  560.769854][T18433] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  560.789223][T18433] ext4 filesystem being mounted at /169/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  560.811229][T18438] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  560.902281][T16024] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.080862][  T205] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  561.620067][T18464] loop5: detected capacity change from 0 to 256
[  561.769009][T18464] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  562.035018][   T29] audit: type=1800 audit(1728261746.018:169): pid=18464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4791" name="bus" dev="loop5" ino=1048916 res=0 errno=0
[  562.118987][T18473] loop3: detected capacity change from 0 to 1024
[  562.165101][T18477] loop2: detected capacity change from 0 to 64
[  562.208299][T18473] hfsplus: bad catalog entry type
[  562.370340][ T1262] ieee802154 phy0 wpan0: encryption failed: -22
[  562.495716][ T2576] hfsplus: b-tree write err: -5, ino 4
[  562.585237][T18488] pim6reg: entered allmulticast mode
[  562.646746][T18488] pim6reg: left allmulticast mode
[  563.082810][T18480] loop4: detected capacity change from 0 to 32768
[  563.117911][T18492] loop1: detected capacity change from 0 to 4096
[  563.205051][T18492] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  563.477295][T18501] UBIFS error (pid: 18501): cannot open "u?kfsσ", error -22
[  563.625018][T18492] ntfs3: loop1: ino=1b, "file0" attr_set_size
[  563.639173][T18492] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  563.778809][T18496] loop3: detected capacity change from 0 to 32768
[  563.891270][T18496] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  564.166760][T18526] loop2: detected capacity change from 0 to 128
[  564.363480][T18526] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  564.429409][T18526] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  564.448034][T18496] XFS (loop3): Ending clean mount
[  564.468142][T18496] XFS (loop3): Quotacheck needed: Please wait.
[  564.607118][T18496] XFS (loop3): Quotacheck: Done.
[  564.921151][ T2576] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  564.966447][T18547] loop1: detected capacity change from 0 to 1024
[  564.974285][T16024] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  564.998879][T18549] loop2: detected capacity change from 0 to 256
[  565.028127][T18547] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  565.415331][ T5227] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.005816][T18524] loop5: detected capacity change from 0 to 32768
[  566.434217][T18584] loop1: detected capacity change from 0 to 256
[  566.449068][T18585] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  566.455606][T18585] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  566.490505][T18584] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  566.516596][T18585] vhci_hcd vhci_hcd.0: Device attached
[  566.710525][  T935] vhci_hcd: vhci_device speed not set
[  566.841678][  T935] usb 9-1: new full-speed USB device number 2 using vhci_hcd
[  566.856125][   T64] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  567.203854][   T29] audit: type=1326 audit(1728261751.188:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18602 comm="syz.4.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e7137dff9 code=0x7ffc0000
[  567.250810][ T5292] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  567.271326][   T29] audit: type=1326 audit(1728261751.258:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18602 comm="syz.4.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e7137dff9 code=0x7ffc0000
[  567.312646][T18604] loop4: detected capacity change from 0 to 256
[  567.343789][T18604] exfat: Bad value for 'uid'
[  567.348451][T18604] exfat: Bad value for 'uid'
[  567.353565][   T29] audit: type=1326 audit(1728261751.278:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18602 comm="syz.4.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4e7137dff9 code=0x7ffc0000
[  567.378826][   T29] audit: type=1326 audit(1728261751.278:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18602 comm="syz.4.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4e7137e033 code=0x7ffc0000
[  567.402018][   T29] audit: type=1326 audit(1728261751.288:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18602 comm="syz.4.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4e7137cadf code=0x7ffc0000
[  567.425778][   T29] audit: type=1326 audit(1728261751.298:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18602 comm="syz.4.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f4e7137e087 code=0x7ffc0000
[  567.450729][   T29] audit: type=1326 audit(1728261751.298:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18602 comm="syz.4.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4e7137c990 code=0x7ffc0000
[  567.455842][ T5292] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  567.473796][   T29] audit: type=1326 audit(1728261751.298:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18602 comm="syz.4.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4e7137dbfb code=0x7ffc0000
[  567.508964][   T29] audit: type=1326 audit(1728261751.328:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18602 comm="syz.4.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f4e7137cc8a code=0x7ffc0000
[  567.532497][   T29] audit: type=1326 audit(1728261751.328:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18602 comm="syz.4.4850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f4e7137cc8a code=0x7ffc0000
[  567.645879][ T5292] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  567.723279][ T5292] usb 3-1: Product: syz
[  567.768109][ T5292] usb 3-1: Manufacturer: syz
[  567.802410][ T5292] usb 3-1: SerialNumber: syz
[  567.912644][ T5292] usb 3-1: config 0 descriptor??
[  568.306067][ T5405] usb 3-1: USB disconnect, device number 48
[  568.339966][ T5245] udevd[5245]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  569.053236][T18638] loop3: detected capacity change from 0 to 32768
[  569.080636][T18638] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4865 (18638)
[  569.123792][T18648] loop2: detected capacity change from 0 to 8
[  569.165356][T18638] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  569.210034][T18638] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  569.240546][T18638] BTRFS info (device loop3): using free-space-tree
[  569.483972][T18586] vhci_hcd: connection reset by peer
[  569.493080][ T2576] vhci_hcd: stop threads
[  569.517587][ T2576] vhci_hcd: release socket
[  569.540741][ T2576] vhci_hcd: disconnect device
[  569.696017][T18673] nbd: socks must be embedded in a SOCK_ITEM attr
[  569.921977][T18638] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  570.042054][   T52] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  570.123016][T18690] loop2: detected capacity change from 0 to 64
[  570.308174][T18692] netlink: 'syz.5.4881': attribute type 29 has an invalid length.
[  570.492293][T18692] netlink: 'syz.5.4881': attribute type 29 has an invalid length.
[  570.739641][T18700] loop2: detected capacity change from 0 to 2048
[  570.771059][T18702] loop1: detected capacity change from 0 to 8192
[  570.882079][T18708] loop5: detected capacity change from 0 to 512
[  570.890072][T18708] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  571.008875][T18708] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4887: invalid indirect mapped block 4294967295 (level 1)
[  571.009326][T18709] loop3: detected capacity change from 0 to 2048
[  571.033970][T18700] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  571.048354][T18700] ext4 filesystem being mounted at /302/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  571.060622][T18708] EXT4-fs (loop5): Remounting filesystem read-only
[  571.123027][T18709] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  571.131162][T18708] EXT4-fs (loop5): 2 truncates cleaned up
[  571.150253][T18708] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  571.208121][T18713] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  571.390592][T13243] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  571.485127][T18678] loop4: detected capacity change from 0 to 32768
[  571.529963][T18678] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4877 (18678)
[  571.626449][T17033] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  571.642616][T18678] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  571.654641][T18678] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  571.671755][T18678] BTRFS info (device loop4): using free-space-tree
[  571.950631][  T935] vhci_hcd: vhci_device speed not set
[  571.982212][   T64] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  572.153780][T18747] loop2: detected capacity change from 0 to 64
[  572.283525][T17228] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  572.295469][T18749] devtmpfs: Cannot retroactively limit inodes
[  572.407134][T18754] loop3: detected capacity change from 0 to 1024
[  572.432286][T18754] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  572.636580][T18754] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  572.723513][T18754] EXT4-fs (loop3): changing journal_checksum during remount not supported; ignoring
[  572.738388][T18754] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  573.074146][T16024] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  573.169956][T18772] loop5: detected capacity change from 0 to 256
[  573.199479][T18772] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  573.613412][T18787] loop3: detected capacity change from 0 to 1024
[  573.945346][  T205] hfsplus: b-tree write err: -5, ino 4
[  574.329893][T18801] loop3: detected capacity change from 0 to 1024
[  574.815208][T18782] loop2: detected capacity change from 0 to 32768
[  574.860679][T18782] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4913 (18782)
[  574.880502][ T5371] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  574.926952][T18782] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  574.960816][T18782] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  574.969954][T18782] BTRFS info (device loop2): using free-space-tree
[  575.139465][ T5371] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  575.151469][ T5371] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  575.161875][ T5371] usb 2-1: New USB device found, idVendor=28bd, idProduct=0935, bcdDevice= 0.00
[  575.171360][ T5371] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.185376][ T5371] usb 2-1: config 0 descriptor??
[  575.346573][T18782] BTRFS error (device loop2): balance: invalid convert metadata profile raid1
[  575.438538][T13243] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  575.454904][T18837] futex_wake_op: syz.0.4932 tries to shift op by 144; fix this program
[  575.629010][ T5371] input: HID 28bd:0935 Mouse as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:28BD:0935.006A/input/input50
[  575.677041][ T5371] uclogic 0003:28BD:0935.006A: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0935] on usb-dummy_hcd.1-1/input0
[  575.805394][  T205] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  575.895297][T14690] usb 2-1: USB disconnect, device number 40
[  576.398636][T18854] loop3: detected capacity change from 0 to 256
[  577.354556][T18878] loop1: detected capacity change from 0 to 2048
[  577.448247][T18880] loop2: detected capacity change from 0 to 512
[  577.457726][T18880] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  577.636561][T18880] EXT4-fs (loop2): failed to open journal device unknown-block(4,137) -6
[  577.722535][T14358] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  578.036255][T18868] loop3: detected capacity change from 0 to 32768
[  578.082915][T18868] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4947 (18868)
[  578.109370][T18878] hpfs: filesystem error: improperly stopped; already mounted read-only
[  578.198313][T18878] hpfs: filesystem error: sector(s) 'dir_band_bitmap' badly placed at 7b318cc4
[  578.248209][T18904] loop5: detected capacity change from 0 to 512
[  578.258533][T18904] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  578.258529][T18868] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  578.258597][T18868] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  578.371593][T18868] BTRFS info (device loop3): using free-space-tree
[  578.402500][ T4677] udevd[4677]: worker [5245] terminated by signal 33 (Unknown signal 33)
[  578.416514][T18904] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  578.462724][ T4677] udevd[4677]: worker [5245] failed while handling '/devices/virtual/block/loop3'
[  578.500982][T18904] ext4 filesystem being mounted at /109/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  578.719260][T17033] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  578.856883][T18940] loop0: detected capacity change from 0 to 256
[  578.955636][T18942] loop4: detected capacity change from 0 to 256
[  579.020821][ T5405] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  579.026226][   T35] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared)
[  579.180547][ T5405] usb 2-1: Using ep0 maxpacket: 16
[  579.181877][T16024] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  579.211546][ T5405] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  579.220319][ T5405] usb 2-1: config 0 has no interface number 0
[  579.228156][ T5405] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  579.239123][ T5405] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  579.249020][ T5405] usb 2-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  579.258881][ T5405] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.311728][ T5405] usb 2-1: config 0 descriptor??
[  579.481869][T18952] loop4: detected capacity change from 0 to 512
[  579.581380][T18952] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  579.661717][T18952] EXT4-fs (loop4): 1 truncate cleaned up
[  579.717718][T18952] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  579.881956][T18952] EXT4-fs error (device loop4): ext4_generic_delete_entry:2680: inode #2: block 13: comm syz.4.4979: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  579.981769][T18952] EXT4-fs (loop4): Remounting filesystem read-only
[  579.993640][ T5405] uclogic 0003:28BD:0071.006B: failed retrieving string descriptor #100: -71
[  580.007342][ T5405] uclogic 0003:28BD:0071.006B: failed retrieving pen parameters: -71
[  580.022457][ T5405] uclogic 0003:28BD:0071.006B: pen probing failed: -71
[  580.029529][ T5405] uclogic 0003:28BD:0071.006B: failed probing parameters: -71
[  580.037805][ T5405] uclogic 0003:28BD:0071.006B: probe with driver uclogic failed with error -71
[  580.076744][ T5405] usb 2-1: USB disconnect, device number 41
[  580.128213][T17228] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  580.315600][T18953] loop0: detected capacity change from 0 to 32768
[  580.338299][T18953] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4977 (18953)
[  580.382882][T18953] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  580.462981][T18953] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  580.548817][T18962] 9pnet_fd: Insufficient options for proto=fd
[  580.700987][T18953] BTRFS info (device loop0): rebuilding free space tree
[  580.809007][   T29] kauditd_printk_skb: 11 callbacks suppressed
[  580.809031][   T29] audit: type=1326 audit(1728261764.788:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18986 comm="syz.2.4985" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5889d7dff9 code=0x0
[  580.840069][T18953] BTRFS info (device loop0): disabling free space tree
[  580.871031][T18953] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  580.889273][T18953] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  580.927611][ T2536] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  581.035080][T18992] loop4: detected capacity change from 0 to 1024
[  581.093901][T18996] loop3: detected capacity change from 0 to 64
[  581.218340][T18992] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  581.235004][T18992] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  581.332046][ T2536] hfsplus: b-tree write err: -5, ino 4
[  581.920341][T19006] loop3: detected capacity change from 0 to 512
[  581.985458][T18994] loop1: detected capacity change from 0 to 32768
[  581.999546][T19006] EXT4-fs: Ignoring removed i_version option
[  582.075558][T19006] EXT4-fs error (device loop3): __ext4_iget:4952: inode #11: block 1: comm syz.3.4995: invalid block
[  582.130856][T19006] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.4995: couldn't read orphan inode 11 (err -117)
[  582.150864][T18994] XFS (loop1): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[  582.182097][T19006] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  582.242172][T18953] BTRFS info (device loop0 state M): setting nodatasum
[  582.249484][T18953] BTRFS info (device loop0 state M): allowing degraded mounts
[  582.258100][T18953] BTRFS info (device loop0 state M): setting nodatasum
[  582.266006][T18953] BTRFS info (device loop0 state M): turning on flush-on-commit
[  582.273744][T18953] BTRFS info (device loop0 state M): turning on sync discard
[  582.281596][T18953] BTRFS info (device loop0 state M): force clearing of disk cache
[  582.289505][T18953] BTRFS info (device loop0 state M): not using ssd optimizations
[  582.346756][T18994] XFS (loop1): Ending clean mount
[  582.374359][T19006] EXT4-fs error (device loop3): ext4_add_entry:2437: inode #2: comm syz.3.4995: Directory hole found for htree leaf block 0
[  582.401569][ T5225] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  582.574283][ T5227] XFS (loop1): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[  582.609436][T16024] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  582.657043][T19028] loop5: detected capacity change from 0 to 2048
[  582.701220][T19024] loop2: detected capacity change from 0 to 4096
[  582.719413][T19024] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  582.854679][T19034] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  583.375944][T19048] netlink: 165 bytes leftover after parsing attributes in process `syz.3.5011'.
[  583.590914][   T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  583.984874][T19068] loop4: detected capacity change from 0 to 2048
[  584.009454][T19070] loop0: detected capacity change from 0 to 1024
[  584.040695][T19070] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  584.096931][T19070] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  584.134934][T19072] loop1: detected capacity change from 0 to 256
[  584.157881][T19070] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  584.193156][T19075] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  584.246116][T19070] EXT4-fs error (device loop0): ext4_get_journal_inode:5762: inode #5: comm syz.0.5016: unexpected bad inode w/o EXT4_IGET_BAD
[  584.266550][T19072] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  584.301694][T19070] EXT4-fs (loop0): no journal found
[  584.308856][T19070] EXT4-fs (loop0): can't get journal size
[  584.322537][T19070] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  584.405967][T19081] netlink: 'syz.2.5024': attribute type 1 has an invalid length.
[  584.430555][T19070] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5016: bg 0: block 32: padding at end of block bitmap is not set
[  584.650697][ T5225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  584.720525][T19086] sp0: Synchronizing with TNC
[  585.020456][ T5292] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  585.201055][ T5292] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  585.264614][ T5292] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  585.290489][ T5292] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  585.304698][T19100] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5032'.
[  585.310526][ T5292] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  585.370686][T19100] netlink: 'syz.4.5032': attribute type 3 has an invalid length.
[  585.382506][ T5292] usb 3-1: config 0 descriptor??
[  585.820962][ T5292] hid-multitouch 0003:1FD2:6007.006C: bogus close delimiter
[  585.861603][ T5292] hid-multitouch 0003:1FD2:6007.006C: item 0 1 2 10 parsing failed
[  585.908300][ T5292] hid-multitouch 0003:1FD2:6007.006C: probe with driver hid-multitouch failed with error -22
[  586.110464][ T5292] usb 3-1: USB disconnect, device number 49
[  586.392965][T19082] loop5: detected capacity change from 0 to 40427
[  586.452058][T19082] F2FS-fs (loop5): build fault injection attr: rate: 0, type: 0x7
[  586.469448][T19112] loop3: detected capacity change from 0 to 40427
[  586.501679][T19112] F2FS-fs (loop3): invalid crc value
[  586.515201][T19112] F2FS-fs (loop3): Found nat_bits in checkpoint
[  586.537633][T19082] F2FS-fs (loop5): invalid crc value
[  586.553980][T19104] loop0: detected capacity change from 0 to 40427
[  586.587171][T19104] F2FS-fs (loop0): heap/no_heap options were deprecated
[  586.617868][T19082] F2FS-fs (loop5): Found nat_bits in checkpoint
[  586.629044][T19104] F2FS-fs (loop0): invalid crc value
[  586.648913][T19112] F2FS-fs (loop3): Start checkpoint disabled!
[  586.656676][T19104] F2FS-fs (loop0): Found nat_bits in checkpoint
[  586.656742][T19112] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  586.821988][T19104] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  586.873339][T19112] syz.3.5040: attempt to access beyond end of device
[  586.873339][T19112] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  586.904985][T19082] F2FS-fs (loop5): Start checkpoint disabled!
[  586.928250][   T29] audit: type=1326 audit(1728261770.908:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.2.5044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5889d74fa7 code=0x7ffc0000
[  587.006978][T19082] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  587.064776][ T5225] syz-executor: attempt to access beyond end of device
[  587.064776][ T5225] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  587.080871][   T29] audit: type=1326 audit(1728261770.948:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.2.5044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5889d19959 code=0x7ffc0000
[  587.107324][T19082] F2FS-fs (loop5): Checkpoint should be enabled.
[  587.138868][   T29] audit: type=1326 audit(1728261770.948:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.2.5044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5889d74fa7 code=0x7ffc0000
[  587.161646][ T5225] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  587.241769][   T29] audit: type=1326 audit(1728261770.948:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.2.5044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5889d19959 code=0x7ffc0000
[  587.328959][   T29] audit: type=1326 audit(1728261770.948:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.2.5044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5889d74fa7 code=0x7ffc0000
[  587.363911][ T2576] kworker/u8:7: attempt to access beyond end of device
[  587.363911][ T2576] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  587.381114][T14690] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  587.431132][ T2576] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  587.438371][ T2576] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  587.448382][   T29] audit: type=1326 audit(1728261770.948:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.2.5044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5889d19959 code=0x7ffc0000
[  587.470683][    C0] vkms_vblank_simulate: vblank timer overrun
[  587.488554][   T64] kworker/u8:4: attempt to access beyond end of device
[  587.488554][   T64] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  587.509665][ T2576] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  587.534305][   T64] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  587.543278][   T29] audit: type=1326 audit(1728261770.948:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.2.5044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5889d74fa7 code=0x7ffc0000
[  587.567016][   T64] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  587.570880][T14690] usb 2-1: Using ep0 maxpacket: 32
[  587.577305][   T29] audit: type=1326 audit(1728261770.948:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.2.5044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5889d19959 code=0x7ffc0000
[  587.605807][   T29] audit: type=1326 audit(1728261770.948:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.2.5044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5889d74fa7 code=0x7ffc0000
[  587.619611][T14690] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  587.630512][   T29] audit: type=1326 audit(1728261770.968:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.2.5044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5889d19959 code=0x7ffc0000
[  587.682909][T14690] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  587.696566][T14690] usb 2-1: New USB device found, idVendor=060b, idProduct=0001, bcdDevice= 0.00
[  587.705684][T14690] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  587.717908][T14690] usb 2-1: config 0 descriptor??
[  588.154183][T14690] macally 0003:060B:0001.006D: item fetching failed at offset 2/5
[  588.163106][T14690] macally 0003:060B:0001.006D: probe with driver macally failed with error -22
[  588.411527][  T935] usb 2-1: USB disconnect, device number 42
[  588.600997][    T9] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  588.770472][    T9] usb 3-1: Using ep0 maxpacket: 32
[  588.780913][    T9] usb 3-1: config 0 has an invalid interface number: 219 but max is 0
[  588.810116][    T9] usb 3-1: config 0 has no interface number 0
[  588.841166][    T9] usb 3-1: config 0 interface 219 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  588.872675][    T9] usb 3-1: config 0 interface 219 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  588.909515][    T9] usb 3-1: config 0 interface 219 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[  588.935083][    T9] usb 3-1: config 0 interface 219 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  588.967243][T19157] Dead loop on virtual device ip6_vti0, fix it urgently!
[  589.001767][    T9] usb 3-1: config 0 interface 219 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[  589.014246][    T9] usb 3-1: config 0 interface 219 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  589.042297][    T9] usb 3-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[  589.052445][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  589.060566][    T9] usb 3-1: Product: syz
[  589.069512][    T9] usb 3-1: Manufacturer: syz
[  589.075399][    T9] usb 3-1: SerialNumber: syz
[  589.087159][    T9] usb 3-1: config 0 descriptor??
[  589.098322][T19143] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  589.108653][T19143] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  589.218070][T19163] nbd: illegal input index 1966080
[  589.233894][T19161] sp0: Synchronizing with TNC
[  589.243490][ T2576] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  589.317778][T19160] [U] θ
[  589.334987][    T9] etas_es58x 3-1:0.219: Starting syz syz (Serial Number syz)
[  589.535383][    T9] etas_es58x 3-1:0.219: could not parse product info: 'δ‘Έ'
[  589.893066][    T9] usb 3-1: USB disconnect, device number 50
[  589.917366][    T9] etas_es58x 3-1:0.219: Disconnecting syz syz
[  590.097946][T19184] Bluetooth: hci6: command 0x0405 tx timeout
[  590.122168][T19168] loop3: detected capacity change from 0 to 32768
[  590.129421][T19168] XFS: noikeep mount option is deprecated.
[  590.237966][  T935] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  590.239296][T19168] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  590.344340][T19168] XFS (loop3): Ending clean mount
[  590.358574][T19168] XFS (loop3): Quotacheck needed: Please wait.
[  590.452023][  T935] usb 2-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  590.470474][  T935] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  590.493586][  T935] usb 2-1: config 0 descriptor??
[  590.503600][  T935] gspca_main: spca508-2.14.0 probing 8086:0110
[  590.527206][   T64] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  590.632854][T19168] XFS (loop3): Quotacheck: Done.
[  590.702616][T19168] XFS (loop3): syz.3.5063 should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported
[  590.716307][  T935] gspca_spca508: reg_read err -32
[  590.924612][  T935] gspca_spca508: reg_read err -71
[  590.930094][  T935] gspca_spca508: reg_read err -71
[  590.937417][  T935] gspca_spca508: reg_read err -71
[  590.943694][  T935] gspca_spca508: reg write: error -71
[  590.949610][  T935] spca508 2-1:0.0: probe with driver spca508 failed with error -71
[  591.027519][  T935] usb 2-1: USB disconnect, device number 43
[  591.108317][T16024] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  591.878342][T19223] loop4: detected capacity change from 0 to 32768
[  591.940291][T19223] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  592.182948][T19217] loop2: detected capacity change from 0 to 32768
[  592.235777][T19217] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.5077 (19217)
[  592.245836][T19223] XFS (loop4): Ending clean mount
[  592.372827][T17228] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  592.521713][T19217] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  592.525247][T19246] loop0: detected capacity change from 0 to 4096
[  592.547816][T19246] NILFS (loop0): invalid segment: Checksum error in segment payload
[  592.556062][T19246] NILFS (loop0): trying rollback from an earlier position
[  592.579652][T19246] NILFS (loop0): recovery complete
[  592.596791][T19252] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  592.609764][T19217] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  592.632528][T19217] BTRFS info (device loop2): using free-space-tree
[  592.908833][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  592.908865][   T29] audit: type=1326 audit(1728261776.778:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19230 comm="syz.5.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36dd7dff9 code=0x7fc00000
[  592.939532][   T29] audit: type=1326 audit(1728261776.778:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19230 comm="syz.5.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc36dd7dff9 code=0x7fc00000
[  592.971677][   T29] audit: type=1326 audit(1728261776.778:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19230 comm="syz.5.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36dd7dff9 code=0x7fc00000
[  593.020193][   T29] audit: type=1326 audit(1728261776.788:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19230 comm="syz.5.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36dd7dff9 code=0x7fc00000
[  593.471002][T13243] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  593.718405][T19293] loop5: detected capacity change from 0 to 1024
[  593.730063][T19293] EXT4-fs: Ignoring removed nomblk_io_submit option
[  593.867637][T19293] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  594.212935][T19309] loop2: detected capacity change from 0 to 1024
[  594.271348][T19309] hfsplus: bad catalog entry type
[  594.389748][T19313] loop3: detected capacity change from 0 to 1024
[  594.421648][T17033] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  594.521033][T19313] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  594.693116][   T29] audit: type=1326 audit(1728261778.678:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19316 comm="syz.0.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd8557dff9 code=0x7ffc0000
[  594.714131][   T52] hfsplus: b-tree write err: -5, ino 4
[  594.718797][T19313] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  594.818484][   T29] audit: type=1326 audit(1728261778.698:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19316 comm="syz.0.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7efd8557dff9 code=0x7ffc0000
[  594.969399][T19313] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2793: inode #2: comm syz.3.5101: corrupted in-inode xattr: bad e_name length
[  594.992425][   T29] audit: type=1326 audit(1728261778.698:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19316 comm="syz.0.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd8557dff9 code=0x7ffc0000
[  595.001072][T19313] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #2: comm syz.3.5101: corrupted in-inode xattr: bad e_name length
[  595.038949][T14358] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  595.130729][   T29] audit: type=1326 audit(1728261778.698:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19316 comm="syz.0.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd8557dff9 code=0x7ffc0000
[  595.182528][T19329] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5106'.
[  595.256320][T19335] loop2: detected capacity change from 0 to 256
[  595.277507][T16024] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  595.778573][T19349] loop1: detected capacity change from 0 to 1024
[  595.788512][T19348] loop2: detected capacity change from 0 to 2048
[  595.844674][T19348] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  595.957163][T19348] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  595.992438][T19349] hfsplus: bad catalog entry type
[  596.017915][T19348] udf: Unexpected value for 'utf8'
[  596.206827][T19357] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5120'.
[  596.236137][   T52] hfsplus: b-tree write err: -5, ino 4
[  596.294033][ T9125] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  596.353190][T19351] loop3: detected capacity change from 0 to 32768
[  596.360607][T19351] XFS: noikeep mount option is deprecated.
[  596.464197][T19351] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  596.638554][T19351] XFS (loop3): Ending clean mount
[  596.686973][T19351] XFS (loop3): Quotacheck needed: Please wait.
[  596.735261][T19377] loop4: detected capacity change from 0 to 256
[  596.838707][T19351] XFS (loop3): Quotacheck: Done.
[  596.976196][T19377] FAT-fs (loop4): Directory bread(block 64) failed
[  597.002028][T19377] FAT-fs (loop4): Directory bread(block 65) failed
[  597.055616][T19377] FAT-fs (loop4): Directory bread(block 66) failed
[  597.093152][T19377] FAT-fs (loop4): Directory bread(block 67) failed
[  597.125731][T16024] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  597.128044][T19377] FAT-fs (loop4): Directory bread(block 68) failed
[  597.144187][T19377] FAT-fs (loop4): Directory bread(block 69) failed
[  597.152140][T19377] FAT-fs (loop4): Directory bread(block 70) failed
[  597.158891][T19377] FAT-fs (loop4): Directory bread(block 71) failed
[  597.166293][T19377] FAT-fs (loop4): Directory bread(block 72) failed
[  597.176085][T19377] FAT-fs (loop4): Directory bread(block 73) failed
[  598.471201][    T9] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  598.714043][T19415] random: crng reseeded on system resumption
[  598.763408][    T9] usb 2-1: Using ep0 maxpacket: 16
[  598.772922][T19401] loop2: detected capacity change from 0 to 32768
[  598.825500][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  598.875241][T19401] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.5139 (19401)
[  598.886633][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  598.914495][T19401] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  598.920903][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  598.932773][T19401] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  598.946028][T19401] BTRFS info (device loop2): using free-space-tree
[  599.011828][    T9] usb 2-1: New USB device found, idVendor=046d, idProduct=c287, bcdDevice= 0.00
[  599.032425][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.068720][    T9] usb 2-1: config 0 descriptor??
[  599.079102][T19428] loop0: detected capacity change from 0 to 16
[  599.102007][T19428] erofs: (device loop0): erofs_read_inode: negative i_size @ nid 36
[  599.381054][T13243] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  599.521977][    T9] logitech 0003:046D:C287.006E: unknown main item tag 0x0
[  599.565476][    T9] logitech 0003:046D:C287.006E: hidraw0: USB HID v0.00 Device [HID 046d:c287] on usb-dummy_hcd.1-1/input0
[  599.635972][    T9] logitech 0003:046D:C287.006E: no inputs found
[  599.748890][    T9] usb 2-1: USB disconnect, device number 44
[  600.068248][T19450] loop5: detected capacity change from 0 to 1024
[  600.169311][ T2576] hfsplus: b-tree write err: -5, ino 4
[  600.260465][ T5371] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  600.450623][ T5371] usb 3-1: Using ep0 maxpacket: 16
[  600.468140][ T5371] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  600.480086][ T5371] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  600.492769][ T5371] usb 3-1: New USB device found, idVendor=0c70, idProduct=f0b6, bcdDevice= 0.00
[  600.504319][ T5371] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  600.516520][ T5371] usb 3-1: config 0 descriptor??
[  600.979277][T19446] loop0: detected capacity change from 0 to 32768
[  600.987787][T19446] XFS: ikeep mount option is deprecated.
[  600.995480][T19446] XFS: ikeep mount option is deprecated.
[  601.021289][ T5371] aquacomputer_d5next 0003:0C70:F0B6.006F: hidraw0: USB HID v0.00 Device [HID 0c70:f0b6] on usb-dummy_hcd.2-1/input0
[  601.049411][T19446] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  601.215292][ T5405] usb 3-1: USB disconnect, device number 51
[  601.354812][T19446] XFS (loop0): Ending clean mount
[  601.399949][T19446] XFS (loop0): Quotacheck needed: Please wait.
[  601.443591][T19460] loop3: detected capacity change from 0 to 40427
[  601.482565][T19460] F2FS-fs (loop3): Corrupted extension count (64 + 1 > 64)
[  601.500085][T19460] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  601.556075][T19446] XFS (loop0): Quotacheck: Done.
[  601.617396][T19460] F2FS-fs (loop3): Found nat_bits in checkpoint
[  601.634152][T19479] loop4: detected capacity change from 0 to 1024
[  601.761832][ T5225] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  601.835705][T19460] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  601.863465][T19460] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  601.883261][T19486] loop1: detected capacity change from 0 to 4096
[  601.900716][T19486] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  602.033985][T19489] loop4: detected capacity change from 0 to 256
[  602.053794][  T205] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  602.121678][T19489] FAT-fs (loop4): Directory bread(block 64) failed
[  602.153176][T19489] FAT-fs (loop4): Directory bread(block 65) failed
[  602.181306][T19489] FAT-fs (loop4): Directory bread(block 66) failed
[  602.202240][T19489] FAT-fs (loop4): Directory bread(block 67) failed
[  602.269248][T19489] FAT-fs (loop4): Directory bread(block 68) failed
[  602.330847][T19489] FAT-fs (loop4): Directory bread(block 69) failed
[  602.337852][T19489] FAT-fs (loop4): Directory bread(block 70) failed
[  602.361261][T19489] FAT-fs (loop4): Directory bread(block 71) failed
[  602.368183][T19489] FAT-fs (loop4): Directory bread(block 72) failed
[  602.375374][T19489] FAT-fs (loop4): Directory bread(block 73) failed
[  602.478157][T19486] ntfs3: loop1: ino=1b, "file0" failed to parse mft record
[  602.561385][T19486] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  602.627049][T19486] ntfs3: loop1: ino=1b, "file0" attr_set_size
[  602.640638][ T5405] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  602.830583][ T5405] usb 3-1: Using ep0 maxpacket: 16
[  602.850629][ T5405] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  602.916162][ T5405] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  602.944916][ T5405] usb 3-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00
[  602.954163][ T5405] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  602.985800][ T5405] usb 3-1: config 0 descriptor??
[  603.268144][T19498] IPVS: Unknown mcast interface: vlan0
[  603.461192][ T5405] megaworld 0003:07B5:0312.0070: hidraw0: USB HID v0.00 Device [HID 07b5:0312] on usb-dummy_hcd.2-1/input0
[  603.518493][T19500] loop4: detected capacity change from 0 to 40427
[  603.527486][T19500] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[  603.550750][ T5405] megaworld 0003:07B5:0312.0070: no inputs found
[  603.565758][T19500] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  603.636319][ T5405] usb 3-1: USB disconnect, device number 52
[  603.671215][T19500] F2FS-fs (loop4): Found nat_bits in checkpoint
[  603.809139][T19494] loop0: detected capacity change from 0 to 32768
[  604.121079][T19500] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  604.141465][T19500] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  604.283818][T19515] loop3: detected capacity change from 0 to 32768
[  604.291308][T19515] XFS: ikeep mount option is deprecated.
[  604.296984][T19515] XFS: ikeep mount option is deprecated.
[  604.551621][T19515] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  604.737513][T19515] XFS (loop3): Ending clean mount
[  604.842378][T19515] XFS (loop3): Quotacheck needed: Please wait.
[  605.035470][T19515] XFS (loop3): Quotacheck: Done.
[  605.043040][T19513] loop1: detected capacity change from 0 to 32768
[  605.460303][T16024] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  605.482672][T19541] loop2: detected capacity change from 0 to 2048
[  605.575432][T19541] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  606.125022][T19557] netlink: 60 bytes leftover after parsing attributes in process `syz.0.5194'.
[  606.204767][T19557] Κό: entered promiscuous mode
[  606.242416][T19559] kernel profiling enabled (shift: 41)
[  606.248474][T19559] profiling shift: 41 too large
[  606.304129][T19561] loop4: detected capacity change from 0 to 512
[  606.463750][T19561] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  606.560104][T19561] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  606.650754][T19561] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  606.683861][T19549] loop2: detected capacity change from 0 to 32768
[  606.787742][T19549] JBD2: Ignoring recovery information on journal
[  606.796244][T19574] program syz.3.5201 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  606.926668][T19549] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  606.950633][T14690] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  607.009364][T17228] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  607.129597][T14690] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  607.202922][T13243] ocfs2: Unmounting device (7,2) on (node local)
[  607.210941][T14690] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  607.238787][T19585] loop5: detected capacity change from 0 to 2048
[  607.247422][T14690] usb 2-1: New USB device found, idVendor=2179, idProduct=0053, bcdDevice= 0.00
[  607.277106][T14690] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  607.289433][T14690] usb 2-1: config 0 descriptor??
[  607.408628][T19589] team0: Port device syz_tun added
[  607.588361][T19585] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  607.757959][T14690] uclogic 0003:2179:0053.0071: interface is invalid, ignoring
[  607.828988][ T9125] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  607.944898][ T5288] usb 2-1: USB disconnect, device number 45
[  608.021013][T19606] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5214'.
[  608.040709][T19606] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5214'.
[  608.436582][T19618] loop5: detected capacity change from 0 to 256
[  608.593125][T19623] netlink: 184 bytes leftover after parsing attributes in process `syz.3.5225'.
[  608.609585][T19623] netlink: 'syz.3.5225': attribute type 1 has an invalid length.
[  608.690984][T19618] FAT-fs (loop5): Directory bread(block 64) failed
[  608.697604][T19618] FAT-fs (loop5): Directory bread(block 65) failed
[  608.729959][T19618] FAT-fs (loop5): Directory bread(block 66) failed
[  608.748648][T19618] FAT-fs (loop5): Directory bread(block 67) failed
[  608.761801][T19618] FAT-fs (loop5): Directory bread(block 68) failed
[  608.769646][T19618] FAT-fs (loop5): Directory bread(block 69) failed
[  608.777298][T19618] FAT-fs (loop5): Directory bread(block 70) failed
[  608.785474][T19618] FAT-fs (loop5): Directory bread(block 71) failed
[  608.794212][T19618] FAT-fs (loop5): Directory bread(block 72) failed
[  608.801222][T19618] FAT-fs (loop5): Directory bread(block 73) failed
[  609.230707][ T5405] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  609.325776][T19646] loop3: detected capacity change from 0 to 128
[  609.405301][ T5405] usb 2-1: Using ep0 maxpacket: 16
[  609.427334][ T5405] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  609.438470][ T5405] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  609.448526][ T5405] usb 2-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[  609.457811][ T5405] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  609.477972][ T5405] usb 2-1: config 0 descriptor??
[  609.640337][T19654] netlink: 'syz.3.5239': attribute type 1 has an invalid length.
[  609.680657][T19654] netlink: 130160 bytes leftover after parsing attributes in process `syz.3.5239'.
[  609.928966][T19660] netlink: 'syz.4.5242': attribute type 1 has an invalid length.
[  609.955135][ T5405] hid-rmi 0003:17EF:6085.0072: item 0 1 0 9 parsing failed
[  609.964545][ T5405] hid-rmi 0003:17EF:6085.0072: parse failed
[  609.967982][T19660] netlink: 9364 bytes leftover after parsing attributes in process `syz.4.5242'.
[  609.987259][ T5405] hid-rmi 0003:17EF:6085.0072: probe with driver hid-rmi failed with error -22
[  610.023664][T19660] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5242'.
[  610.050491][T14690] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  610.169778][  T935] usb 2-1: USB disconnect, device number 46
[  610.231734][T14690] usb 3-1: Using ep0 maxpacket: 32
[  610.266622][T14690] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  610.350777][T14690] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  610.430429][T14690] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[  610.439093][T19673] loop3: detected capacity change from 0 to 4096
[  610.470185][T14690] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  610.482559][T14690] usb 3-1: config 0 descriptor??
[  610.503082][T19681] loop4: detected capacity change from 0 to 256
[  610.510669][T19682] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  610.533843][T19681] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x2fab2b20, utbl_chksum : 0xe619d30d)
[  610.909409][T14690] lua 0003:1E7D:2C2E.0073: global environment stack underflow
[  610.918057][T19690] loop4: detected capacity change from 0 to 256
[  610.975952][T14690] lua 0003:1E7D:2C2E.0073: item 0 0 1 11 parsing failed
[  610.996757][T14690] lua 0003:1E7D:2C2E.0073: parse failed
[  611.004942][T14690] lua 0003:1E7D:2C2E.0073: probe with driver lua failed with error -22
[  611.021888][T19690] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  611.129454][ T5307] usb 3-1: USB disconnect, device number 53
[  611.177470][T19696] loop3: detected capacity change from 0 to 2048
[  611.193654][T19690] exFAT-fs (loop4): hint_cluster is invalid (1), rewind to the first cluster
[  611.266463][T19690] exFAT-fs (loop4): error, invalid access to exfat cache (entry 0x00000000)
[  611.327760][T19690] exFAT-fs (loop4): Filesystem has been set read-only
[  611.368265][T19696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  611.388322][T19690] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880604aa188 iblock : 0, err : -5)
[  611.728603][T16024] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  611.785882][T19716] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5266'.
[  612.077877][T19687] loop5: detected capacity change from 0 to 32768
[  612.086186][T19687] XFS: ikeep mount option is deprecated.
[  612.092306][T19687] XFS: attr2 mount option is deprecated.
[  612.098012][T19687] XFS: ikeep mount option is deprecated.
[  612.103828][T19687] XFS: noikeep mount option is deprecated.
[  612.249451][T19687] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  612.518925][T19687] XFS (loop5): Ending clean mount
[  612.541145][T19687] XFS (loop5): Quotacheck needed: Please wait.
[  612.677339][T19687] XFS (loop5): Quotacheck: Done.
[  612.737320][T19755] loop1: detected capacity change from 0 to 256
[  612.952134][   T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  613.013779][T19755] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[  613.048743][T19763] loop3: detected capacity change from 0 to 4096
[  613.120611][T17033] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  613.409442][T19775] loop1: detected capacity change from 0 to 1024
[  613.497093][T19781] loop4: detected capacity change from 0 to 64
[  613.555540][T19783] loop2: detected capacity change from 0 to 128
[  613.944805][T19790] loop1: detected capacity change from 0 to 512
[  614.058756][T19794] loop2: detected capacity change from 0 to 1024
[  614.072795][T19790] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  614.107028][T19790] ext4 filesystem being mounted at /927/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  614.169329][T19800] loop4: detected capacity change from 0 to 8
[  614.203823][ T2536] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  614.204949][T19794] hfsplus: bad catalog entry type
[  614.358842][T19805] loop3: detected capacity change from 0 to 128
[  614.383322][ T5227] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  614.445960][ T2536] hfsplus: b-tree write err: -5, ino 4
[  614.462533][T19808] FAT-fs (loop3): FAT read failed (blocknr 234)
[  614.592790][T19807] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5303'.
[  614.612356][T19807] tipc: Invalid UDP bearer configuration
[  614.612402][T19807] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  614.880324][T19810] loop4: detected capacity change from 0 to 32768
[  614.891030][T19810] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.5302 (19810)
[  614.911659][T19810] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  614.936909][T19810] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm
[  614.961697][T19810] BTRFS info (device loop4): using free-space-tree
[  615.533813][T14358] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  615.544813][T17228] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  615.712400][ T5371] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  615.930721][T19846] loop2: detected capacity change from 0 to 4096
[  615.974196][ T5371] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  615.985222][T19846] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  615.985372][ T5371] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  616.004282][ T5371] usb 2-1: New USB device found, idVendor=056a, idProduct=0016, bcdDevice= 0.00
[  616.014510][ T5371] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  616.025216][ T5371] usb 2-1: config 0 descriptor??
[  616.122387][T19814] loop5: detected capacity change from 0 to 32768
[  616.170601][T19814] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.5308 (19814)
[  616.329626][T19814] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  616.390604][T19814] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  616.400174][T19814] BTRFS info (device loop5): using free-space-tree
[  616.613786][ T5371] wacom 0003:056A:0016.0074: Unknown device_type for 'HID 056a:0016'. Assuming pen.
[  616.689473][ T5371] wacom 0003:056A:0016.0074: hidraw0: USB HID v0.00 Device [HID 056a:0016] on usb-dummy_hcd.1-1/input0
[  616.702607][ T5371] input: Wacom Graphire4 6x8 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0016.0074/input/input51
[  616.851427][   T29] audit: type=1800 audit(1728261800.808:216): pid=19814 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.5308" name="file1" dev="loop5" ino=260 res=0 errno=0
[  616.873693][ T5405] usb 2-1: USB disconnect, device number 47
[  617.145315][T17033] BTRFS info (device loop5): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  617.172635][T19835] loop3: detected capacity change from 0 to 32768
[  617.303040][T19835] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  617.314445][T19835] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  617.353868][T19835] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  617.392875][ T5405] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  617.402578][ T5405] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  617.477429][ T5292] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  617.654535][ T5405] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 251ms
[  617.662246][ T5405] gfs2: fsid=syz:syz.0: jid=0: Done
[  617.670918][T19835] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  617.672726][ T5292] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  617.765231][ T5292] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  617.776947][ T5292] usb 3-1: New USB device found, idVendor=28bd, idProduct=0074, bcdDevice= 0.00
[  617.786568][ T5292] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  617.808510][ T5292] usb 3-1: config 0 descriptor??
[  618.281867][ T5292] uclogic 0003:28BD:0074.0075: interface is invalid, ignoring
[  618.297310][T19894] loop3: detected capacity change from 0 to 1024
[  618.478236][ T5292] usb 3-1: USB disconnect, device number 54
[  618.581552][   T35] hfsplus: b-tree write err: -5, ino 4
[  618.685589][   T52] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  619.240918][   T35] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  619.421165][T19911] loop2: detected capacity change from 0 to 4096
[  619.475171][T19911] NILFS (loop2): invalid segment: Checksum error in segment payload
[  619.483407][T19911] NILFS (loop2): trying rollback from an earlier position
[  619.563680][T19911] NILFS (loop2): recovery complete
[  619.610437][T19919] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  619.949581][T19905] loop3: detected capacity change from 0 to 40427
[  620.000680][T19905] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  620.030753][T19905] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  620.061012][T19928] loop2: detected capacity change from 0 to 256
[  620.074050][T19905] F2FS-fs (loop3): inline encryption not supported
[  620.081925][T19905] F2FS-fs (loop3): invalid crc value
[  620.090413][T19905] F2FS-fs (loop3): Found nat_bits in checkpoint
[  620.115420][T19928] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x72684843, utbl_chksum : 0xe619d30d)
[  620.513110][T19905] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  620.513147][T19905] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  620.685219][T19947] netlink: 76 bytes leftover after parsing attributes in process `syz.0.5347'.
[  620.748649][T19952] loop2: detected capacity change from 0 to 128
[  620.986733][T19952] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  621.007338][T19958] loop5: detected capacity change from 0 to 64
[  621.029936][T16024] syz-executor: attempt to access beyond end of device
[  621.029936][T16024] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  621.049626][T19951] loop4: detected capacity change from 0 to 32768
[  621.080570][T19952] ext4 filesystem being mounted at /380/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  621.092999][T16024] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  621.111417][T19954] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5354'.
[  621.129525][T19954] netlink: 44 bytes leftover after parsing attributes in process `syz.0.5354'.
[  621.202258][T19951] JBD2: Ignoring recovery information on journal
[  621.310307][T19951] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  621.432121][T17228] ocfs2: Unmounting device (7,4) on (node local)
[  621.449759][T13243] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  621.653431][T19970] loop2: detected capacity change from 0 to 64
[  621.687291][T19968] loop5: detected capacity change from 0 to 512
[  621.842885][T19968] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  621.903870][T19968] ext4 filesystem being mounted at /162/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  622.302464][T19985] loop4: detected capacity change from 0 to 512
[  622.318669][T19985] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  622.376801][T19985] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  622.600585][T19985] EXT4-fs (loop4): 1 truncate cleaned up
[  622.608724][T19985] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  622.722158][T19987] loop3: detected capacity change from 0 to 32768
[  622.729607][T19987] XFS: ikeep mount option is deprecated.
[  622.757061][T17033] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  622.906752][T17228] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  622.971005][T19987] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  623.246421][T19987] XFS (loop3): Ending clean mount
[  623.299293][T19987] XFS (loop3): Quotacheck needed: Please wait.
[  623.378408][T20023] netlink: 'syz.2.5378': attribute type 1 has an invalid length.
[  623.386698][T20023] netlink: 'syz.2.5378': attribute type 2 has an invalid length.
[  623.440588][ T5288] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  623.501209][T19987] XFS (loop3): Quotacheck: Done.
[  623.586513][T16024] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  623.714564][ T5288] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  623.770585][ T5288] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  623.790689][ T5288] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  623.799790][ T5288] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.821988][ T1262] ieee802154 phy0 wpan0: encryption failed: -22
[  623.828781][ T5288] usb 2-1: config 0 descriptor??
[  624.336219][ T5288] cp2112 0003:10C4:EA90.0076: unknown main item tag 0x0
[  624.348649][ T5288] cp2112 0003:10C4:EA90.0076: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0
[  624.374929][T20048] mkiss: ax0: crc mode is auto.
[  624.447613][ T2576] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  624.462164][ T2576] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  624.476814][T20050] loop3: detected capacity change from 0 to 512
[  624.489562][T20050] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  624.537814][ T5288] cp2112 0003:10C4:EA90.0076: error requesting version
[  624.547269][ T5288] cp2112 0003:10C4:EA90.0076: probe with driver cp2112 failed with error -71
[  624.562532][ T5288] usb 2-1: USB disconnect, device number 48
[  624.569565][T20050] EXT4-fs (loop3): 1 truncate cleaned up
[  624.611644][T20050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  624.728954][T16024] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 16: block 35:freeing already freed block (bit 34); block bitmap corrupt.
[  624.757448][T16024] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  624.898381][T20060] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5394'.
[  624.940029][T20064] loop5: detected capacity change from 0 to 256
[  625.110754][T20064] FAT-fs (loop5): Directory bread(block 64) failed
[  625.117328][T20064] FAT-fs (loop5): Directory bread(block 65) failed
[  625.179735][T20070] smb3: Bad value for 'gid'
[  625.193517][T20064] FAT-fs (loop5): Directory bread(block 66) failed
[  625.200068][T20064] FAT-fs (loop5): Directory bread(block 67) failed
[  625.230927][T20070] smb3: Bad value for 'gid'
[  625.261734][T20064] FAT-fs (loop5): Directory bread(block 68) failed
[  625.272945][T20064] FAT-fs (loop5): Directory bread(block 69) failed
[  625.279647][T20064] FAT-fs (loop5): Directory bread(block 70) failed
[  625.286538][T20064] FAT-fs (loop5): Directory bread(block 71) failed
[  625.347243][T20064] FAT-fs (loop5): Directory bread(block 72) failed
[  625.396879][T20064] FAT-fs (loop5): Directory bread(block 73) failed
[  625.885946][T17871] Bluetooth: hci7: command 0x0406 tx timeout
[  625.920471][ T5292] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  625.929889][T20101] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5416'.
[  626.099231][ T5292] usb 3-1: config 0 has an invalid interface number: 117 but max is 0
[  626.108542][ T5292] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  626.122147][ T5292] usb 3-1: config 0 has no interface number 0
[  626.128351][ T5292] usb 3-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  626.139291][ T5292] usb 3-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  626.167859][ T5292] usb 3-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  626.231225][ T5292] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  626.250641][ T5292] usb 3-1: Product: syz
[  626.254896][ T5292] usb 3-1: Manufacturer: syz
[  626.259503][ T5292] usb 3-1: SerialNumber: syz
[  626.269263][ T5292] usb 3-1: config 0 descriptor??
[  626.486115][T20116] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5423'.
[  626.900608][ T5292] usb 3-1: USB disconnect, device number 55
[  627.273891][T20112] loop5: detected capacity change from 0 to 32768
[  627.335979][T20112] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  627.371282][T20135] loop4: detected capacity change from 0 to 512
[  627.442628][T20135] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  627.456940][T20135] ext4 filesystem being mounted at /167/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  627.483234][T20135] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 3: comm syz.4.5431: path /167/file0: bad entry in directory: rec_len % 4 != 0 - offset=12, inode=2197815810, rec_len=21, size=2048 fake=0
[  627.551242][T20135] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 12: comm syz.4.5431: path /167/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  627.682393][T20135] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 13: comm syz.4.5431: path /167/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  627.729194][T17033] ocfs2: Unmounting device (7,5) on (node local)
[  627.754271][T20135] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 14: comm syz.4.5431: path /167/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  627.895856][T20135] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 15: comm syz.4.5431: path /167/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  627.934360][T20135] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 16: comm syz.4.5431: path /167/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  628.079861][T20135] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 17: comm syz.4.5431: path /167/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  628.102754][T20135] EXT4-fs error (device loop4): ext4_map_blocks:671: inode #2: block 18: comm syz.4.5431: lblock 23 mapped to illegal pblock 18 (length 1)
[  628.117626][T20135] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 19: comm syz.4.5431: path /167/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  628.158452][T20135] EXT4-fs error (device loop4): ext4_readdir:261: inode #2: block 20: comm syz.4.5431: path /167/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  628.313266][T20148] mkiss: ax0: crc mode is auto.
[  628.332230][T17228] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  628.608421][T20155] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5441'.
[  628.985902][T20162] loop5: detected capacity change from 0 to 1024
[  629.079858][T20167] openvswitch: netlink: Unknown nsh attribute 0
[  629.283167][T20162] hfsplus: bad catalog entry type
[  629.561013][  T205] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  629.578410][ T2576] hfsplus: b-tree write err: -5, ino 4
[  629.659137][T20181] netlink: 'syz.5.5451': attribute type 10 has an invalid length.
[  629.714126][T20180] macvlan2: entered promiscuous mode
[  629.820512][T20180] macvlan2: entered allmulticast mode
[  629.919910][T20185] netlink: 'syz.2.5456': attribute type 1 has an invalid length.
[  630.227458][ T2576] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  630.230810][T20166] loop3: detected capacity change from 0 to 32768
[  630.250769][T20166] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.5446 (20166)
[  630.303225][T20166] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  630.340732][T20166] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  630.352428][T20166] BTRFS info (device loop3): using free-space-tree
[  630.667754][T20207] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5460'.
[  630.745557][T20166] BTRFS info (device loop3): checking UUID tree
[  630.748089][T20207] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5460'.
[  630.887133][T20230] tipc: Started in network mode
[  630.920782][T20230] tipc: Node identity 00000000000000000000000000004001, cluster identity 4711
[  630.997821][T20230] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  631.090678][T16024] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  631.657695][T20234] loop1: detected capacity change from 0 to 32768
[  631.666888][T20234] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.5470 (20234)
[  631.684345][T20234] BTRFS info (device loop1 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  631.696153][T20234] BTRFS info (device loop1 state S): using blake2b (blake2b-256-generic) checksum algorithm
[  631.707408][T20234] BTRFS info (device loop1 state S): using free-space-tree
[  631.840994][T20232] loop4: detected capacity change from 0 to 32768
[  631.920968][T20232] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.5469 (20232)
[  631.956129][T20261] loop3: detected capacity change from 0 to 128
[  631.978333][T20261] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  631.993928][T20261] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  632.008651][T20232] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  632.078216][T20232] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  632.120886][T20232] BTRFS info (device loop4): using free-space-tree
[  632.190826][    T9] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  632.454550][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  632.469218][    T9] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 3
[  632.515179][    T9] usb 3-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  632.582871][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  632.603012][    T9] usb 3-1: config 0 descriptor??
[  632.615382][   T29] audit: type=1800 audit(1728261816.598:217): pid=20232 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5469" name="bus" dev="loop4" ino=263 res=0 errno=0
[  632.629767][ T5227] BTRFS info (device loop1 state CS): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  633.174973][T20297] loop1: detected capacity change from 0 to 4096
[  633.184483][T17228] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  633.395893][    T9] Bluetooth: Can't get version to change to load ram patch err
[  633.410498][    T9] Bluetooth: Loading sysconfig file failed
[  633.430023][    T9] ath3k 3-1:0.0: probe with driver ath3k failed with error -71
[  633.479244][    T9] usb 3-1: USB disconnect, device number 56
[  633.621836][T20297] ntfs3: loop1: failed to convert "0080" to cp1255
[  633.691430][T20297] ntfs3: loop1: failed to convert name for inode 1e.
[  633.902476][T20294] loop3: detected capacity change from 0 to 32768
[  633.928217][T20294] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.5481 (20294)
[  634.109812][T20303] loop5: detected capacity change from 0 to 32768
[  634.125033][T20294] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  634.136496][T20303] (syz.5.5487,20303,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  634.162570][T20294] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  634.179592][T20303] (syz.5.5487,20303,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  634.261891][T20294] BTRFS info (device loop3): using free-space-tree
[  634.402395][T20303] JBD2: Ignoring recovery information on journal
[  634.624116][ T5288] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  634.635022][T20339] loop1: detected capacity change from 0 to 1024
[  634.807096][ T5288] usb 3-1: Using ep0 maxpacket: 16
[  634.816480][T20303] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  634.867650][ T2576] hfsplus: b-tree write err: -5, ino 4
[  634.875302][T16024] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  634.888560][ T5288] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  634.980492][ T5288] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  635.030504][ T5288] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  635.040339][ T5288] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  635.069130][ T5288] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  635.112025][ T5288] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  635.121233][ T5288] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  635.129236][ T5288] usb 3-1: Manufacturer: syz
[  635.141142][ T5288] usb 3-1: config 0 descriptor??
[  635.149881][ T5288] usbhid 3-1:0.0: can't add hid device: -22
[  635.156922][ T5288] usbhid 3-1:0.0: probe with driver usbhid failed with error -22
[  635.254129][T20334] loop4: detected capacity change from 0 to 40427
[  635.273741][T20334] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  635.281980][T20334] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  635.326552][ T2576] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  635.368641][T20334] F2FS-fs (loop4): invalid crc value
[  635.387459][ T5292] usb 3-1: USB disconnect, device number 57
[  635.402256][ T2576] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  635.445020][T20334] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  635.530479][T20334] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  635.724840][T20352] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5501'.
[  635.799998][T20334] F2FS-fs (loop4): Try to recover 1th superblock, ret: -30
[  635.807705][T20334] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  635.993401][T17033] ocfs2: Unmounting device (7,5) on (node local)
[  636.284280][T20365] support for cryptoloop has been removed.  Use dm-crypt instead.
[  636.846604][T20386] loop2: detected capacity change from 0 to 512
[  636.890129][T20386] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  636.966959][T20386] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  636.977529][T20386] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.5516: Corrupt directory, running e2fsck is recommended
[  637.050747][T20386] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  637.210451][T20386] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.5516: corrupted in-inode xattr: invalid ea_ino
[  637.257100][T20394] xt_CT: No such helper "netbios-ns"
[  637.330591][T20386] EXT4-fs (loop2): Remounting filesystem read-only
[  637.351912][T20386] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  637.401118][   T29] audit: type=1326 audit(1728261821.338:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20408 comm="syz.3.5523" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fec5d77dff9 code=0x0
[  637.933935][T13243] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  638.057368][T20413] loop4: detected capacity change from 0 to 32768
[  638.517129][T20447] netlink: 'syz.2.5537': attribute type 1 has an invalid length.
[  638.530569][T20447] netlink: 9352 bytes leftover after parsing attributes in process `syz.2.5537'.
[  638.549451][T20447] netlink: 'syz.2.5537': attribute type 1 has an invalid length.
[  638.557582][T20447] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5537'.
[  639.150748][T20464] dvmrp5: entered allmulticast mode
[  639.158823][T20464] dvmrp5: left allmulticast mode
[  639.721348][T20494] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5551'.
[  639.881732][T20499] loop2: detected capacity change from 0 to 1024
[  639.890768][T20498] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5553'.
[  639.984940][T20498] Κό: entered promiscuous mode
[  640.104815][T20499] hfsplus: bad catalog entry type
[  640.179718][T20508] loop1: detected capacity change from 0 to 512
[  640.202276][ T2536] hfsplus: b-tree write err: -5, ino 4
[  640.296559][T20508] EXT4-fs: Ignoring removed orlov option
[  640.343921][T20508] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  640.372419][T14358] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  640.400710][ T5292] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  640.486732][T20508] EXT4-fs (loop1): 1 truncate cleaned up
[  640.493652][T20508] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  640.614133][ T5292] usb 4-1: Using ep0 maxpacket: 8
[  640.622988][ T5292] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  640.635546][ T5292] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  640.645400][ T5292] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  640.655153][ T5292] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 30
[  640.665612][ T5292] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  640.675969][ T5292] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  640.688187][ T5292] usb 4-1: config 0 descriptor??
[  640.694367][T20505] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  640.778611][ T5227] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  640.995676][ T5307] usb 4-1: USB disconnect, device number 39
[  641.038446][ T5232] Bluetooth: hci9: Opcode 0x0c03 failed: -71
[  641.081149][   T52] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  641.230704][ T5292] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  641.440741][ T5292] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  641.455220][ T5292] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  641.455274][ T5292] usb 3-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[  641.455307][ T5292] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  641.459065][ T5292] usb 3-1: config 0 descriptor??
[  641.643353][T20535] loop1: detected capacity change from 0 to 32768
[  641.838016][T20529] loop5: detected capacity change from 0 to 32768
[  641.883686][T20535] XFS (loop1): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  641.891618][T20529] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  641.903467][ T5292] logitech 0003:046D:C294.0077: unbalanced collection at end of report description
[  641.921671][ T5292] logitech 0003:046D:C294.0077: parse failed
[  641.927736][ T5292] logitech 0003:046D:C294.0077: probe with driver logitech failed with error -22
[  641.953610][T20529] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  642.017729][T20535] XFS (loop1): Ending clean mount
[  642.051505][T20529] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  642.117115][T14690] usb 3-1: USB disconnect, device number 58
[  642.140923][ T5227] XFS (loop1): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  642.180788][ T5288] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  642.197849][ T5288] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  642.315736][ T5288] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 117ms
[  642.363540][ T5288] gfs2: fsid=syz:syz.0: jid=0: Done
[  642.407743][T20529] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  643.180684][T14690] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  643.380630][T14690] usb 2-1: Using ep0 maxpacket: 16
[  643.407536][T14690] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  643.481263][T14690] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  643.528872][T14690] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  643.538628][T14690] usb 2-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0
[  643.557821][T14690] usb 2-1: Product: syz
[  643.562766][T14690] usb 2-1: Manufacturer: syz
[  643.573603][T14690] usb 2-1: config 0 descriptor??
[  644.023367][T14690] kovaplus 0003:1E7D:2D50.0078: unknown main item tag 0xd
[  644.032331][T14690] kovaplus 0003:1E7D:2D50.0078: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.1-1/input0
[  644.343371][T14690] kovaplus 0003:1E7D:2D50.0078: couldn't init struct kovaplus_device
[  644.352526][T14690] kovaplus 0003:1E7D:2D50.0078: couldn't install mouse
[  644.371828][T14690] kovaplus 0003:1E7D:2D50.0078: probe with driver kovaplus failed with error -71
[  644.388075][T14690] usb 2-1: USB disconnect, device number 49
[  644.479567][T20600] loop2: detected capacity change from 0 to 32768
[  644.529207][T20600] JBD2: Ignoring recovery information on journal
[  644.774819][T20600] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  645.164150][T13243] ocfs2: Unmounting device (7,2) on (node local)
[  645.268686][T20630] loop4: detected capacity change from 0 to 32768
[  645.385135][T20630] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.5605 (20630)
[  645.458073][T20645] loop1: detected capacity change from 0 to 8
[  645.490998][ T2576] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  645.594533][T20630] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  645.608956][T20630] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  645.655998][T20630] BTRFS info (device loop4): using free-space-tree
[  646.201460][   T52] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  646.248045][T20666] loop1: detected capacity change from 0 to 4096
[  646.932631][T20671] loop5: detected capacity change from 0 to 32768
[  646.944612][T20671] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.5620 (20671)
[  647.013802][T17228] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  647.109625][T20671] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  647.119928][T20671] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm
[  647.128470][T20671] BTRFS info (device loop5): using free-space-tree
[  647.197728][T20693] loop3: detected capacity change from 0 to 4096
[  647.225555][T20693] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  647.270459][ T5405] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  647.531169][ T5405] usb 3-1: Using ep0 maxpacket: 32
[  647.553319][ T5405] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  647.580609][ T5405] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  647.595275][ T5405] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  647.605389][ T5405] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  647.617021][ T5405] usb 3-1: config 0 descriptor??
[  647.624431][ T5405] hub 3-1:0.0: USB hub found
[  647.808336][T20717] IPVS: sh: UDP 0.0.0.0:0 - no destination available
[  647.815288][ T5307] IPVS: starting estimator thread 0...
[  647.840640][ T5405] hub 3-1:0.0: 1 port detected
[  647.911719][T20718] IPVS: using max 16 ests per chain, 38400 per kthread
[  648.045393][ T5405] hub 3-1:0.0: hub_hub_status failed (err = -71)
[  648.073800][ T5405] hub 3-1:0.0: config failed, can't get hub status (err -71)
[  648.092496][ T5405] usbhid 3-1:0.0: can't add hid device: -71
[  648.105486][ T5405] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  648.135048][ T5405] usb 3-1: USB disconnect, device number 59
[  648.314539][T17033] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  648.531024][ T5307] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  648.535097][T20706] loop1: detected capacity change from 0 to 32768
[  648.652638][T20706] XFS (loop1): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  648.753302][ T5307] usb 4-1: Using ep0 maxpacket: 16
[  648.863299][T20706] XFS (loop1): Ending clean mount
[  648.868539][ T5307] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  648.900559][ T5307] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  648.940483][ T5307] usb 4-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[  648.949706][ T5307] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  648.982508][ T5307] usb 4-1: config 0 descriptor??
[  649.038187][T20747] loop2: detected capacity change from 0 to 2048
[  649.060326][T20749] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5643'.
[  649.158237][T20747] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  649.192901][  T935] kernel write not supported for file 418/task/419/clear_refs (pid: 935 comm: kworker/1:2)
[  649.225360][ T5227] XFS (loop1): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  649.481521][ T5307] samsung 0003:0419:0001.0079: unknown main item tag 0x0
[  649.488634][ T5307] samsung 0003:0419:0001.0079: unknown main item tag 0x0
[  649.495904][ T5307] samsung 0003:0419:0001.0079: unknown main item tag 0x0
[  649.503088][ T5307] samsung 0003:0419:0001.0079: unknown main item tag 0x0
[  649.524639][ T5307] samsung 0003:0419:0001.0079: unknown main item tag 0x0
[  649.537910][ T5307] samsung 0003:0419:0001.0079: hidraw0: USB HID v0.00 Device [HID 0419:0001] on usb-dummy_hcd.3-1/input0
[  649.713596][ T5405] usb 4-1: USB disconnect, device number 40
[  649.779693][T20761] loop5: detected capacity change from 0 to 1024
[  649.866016][T20761] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  649.925938][T20761] EXT4-fs error (device loop5): ext4_ext_check_inode:524: inode #11: comm syz.5.5649: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  650.011868][T20761] EXT4-fs error (device loop5): ext4_orphan_get:1393: comm syz.5.5649: couldn't read orphan inode 11 (err -117)
[  650.029143][T20761] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  650.117070][T20761] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.5649: Invalid block bitmap block 0 in block_group 0
[  650.166697][T20761] Quota error (device loop5): write_blk: dquota write failed
[  650.176184][T20761] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  650.186689][T20761] EXT4-fs error (device loop5): ext4_acquire_dquot:6879: comm syz.5.5649: Failed to acquire dquot type 0
[  650.190580][    T9] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  650.289928][T17033] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  650.325991][ T9125] Quota error (device loop5): do_check_range: Getting block 0 out of range 1-8
[  650.380624][ T9125] EXT4-fs error (device loop5): ext4_release_dquot:6902: comm kworker/u8:8: Failed to release dquot type 0
[  650.460002][    T9] usb 3-1: Using ep0 maxpacket: 16
[  650.506012][    T9] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  650.506054][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  650.506085][    T9] usb 3-1: Product: syz
[  650.506107][    T9] usb 3-1: Manufacturer: syz
[  650.506130][    T9] usb 3-1: SerialNumber: syz
[  650.564175][T20787] netlink: 'syz.5.5656': attribute type 27 has an invalid length.
[  650.835821][    T9] r8152-cfgselector 3-1: Unknown version 0x0000
[  650.835865][    T9] r8152-cfgselector 3-1: config 0 descriptor??
[  651.317691][ T5405] r8152-cfgselector 3-1: USB disconnect, device number 60
[  651.325798][T14358] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  651.658633][T20802] loop3: detected capacity change from 0 to 128
[  651.721190][T20802] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  651.836162][T20802] ext4 filesystem being mounted at /320/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  651.913781][T20802] EXT4-fs warning (device loop3): verify_group_input:137: Cannot add at group 3 (only 1 groups)
[  651.970801][  T205] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  651.998738][T20799] loop4: detected capacity change from 0 to 32768
[  652.009908][T20799] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.5666 (20799)
[  652.028728][T20812] loop1: detected capacity change from 0 to 512
[  652.047443][T20812] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  652.053624][T16024] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  652.138306][T20799] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  652.159375][T20812] EXT4-fs (loop1): 1 truncate cleaned up
[  652.166540][T20812] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  652.207544][T20812] EXT4-fs: can't change dax mount option while remounting
[  652.232160][ T5227] EXT4-fs error (device loop1): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=16, rec_len=0, size=1024 fake=0
[  652.259601][ T5227] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  652.267060][T20799] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  652.267105][T20799] BTRFS info (device loop4): using free-space-tree
[  652.394070][ T5227] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  652.497910][T20836] "syz.2.5676" (20836) uses obsolete ecb(arc4) skcipher
[  652.559332][ T5292] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  652.705802][T17228] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  652.788145][ T5292] usb 4-1: Using ep0 maxpacket: 32
[  652.864252][ T5292] usb 4-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  652.915991][ T5292] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 27, changing to 8
[  653.020467][ T5292] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 16698, setting to 1024
[  653.060435][ T5292] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  653.069573][ T5292] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  653.138491][ T5292] hub 4-1:4.0: USB hub found
[  653.347237][T20864] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_bridge, syncid = 0, id = 0
[  653.347397][ T5292] hub 4-1:4.0: 2 ports detected
[  653.387026][ T5292] usb 4-1: selecting invalid altsetting 1
[  653.387056][ T5292] hub 4-1:4.0: Using single TT (err -22)
[  653.564135][ T5292] hub 4-1:4.0: hub_hub_status failed (err = -71)
[  653.564220][ T5292] hub 4-1:4.0: config failed, can't get hub status (err -71)
[  653.591333][T20871] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd
[  653.594597][ T5292] usb 4-1: USB disconnect, device number 41
[  654.582002][T20878] loop2: detected capacity change from 0 to 32768
[  654.806808][T20878] read_mapping_page failed!
[  654.830532][T20878] jfs_create: dtInsert returned -EIO
[  654.854335][T20878] ERROR: (device loop2): jfs_create: 
[  654.854335][T20878] 
[  654.895542][T20878] ERROR: (device loop2): remounting filesystem as read-only
[  654.924347][T20913] netlink: 'syz.5.5706': attribute type 15 has an invalid length.
[  656.094734][T20949] loop1: detected capacity change from 0 to 2048
[  656.521656][ T9125] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  656.545969][   T30] INFO: task syz.4.4249:17002 blocked for more than 143 seconds.
[  656.558751][T20949] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  656.571045][   T30]       Not tainted 6.12.0-rc2-syzkaller #0
[  656.597152][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  656.840663][   T30] task:syz.4.4249      state:D stack:24864 pid:17002 tgid:17000 ppid:14176  flags:0x00000004
[  656.851484][   T30] Call Trace:
[  656.854785][   T30]  <TASK>
[  656.857732][   T30]  __schedule+0x1895/0x4b30
[  656.862403][   T30]  ? __pfx___schedule+0x10/0x10
[  656.867294][   T30]  ? __pfx_lock_release+0x10/0x10
[  656.872417][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  656.878442][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  656.884891][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  656.890046][   T30]  ? schedule+0x90/0x320
[  656.894508][   T30]  schedule+0x14b/0x320
[  656.898714][   T30]  schedule_preempt_disabled+0x13/0x30
[  656.904390][   T30]  rwsem_down_write_slowpath+0xeee/0x13b0
[  656.911136][   T30]  ? rwsem_down_write_slowpath+0xa09/0x13b0
[  656.917086][   T30]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  656.924164][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  656.929250][   T30]  ? __might_fault+0xaa/0x120
[  656.934169][   T30]  ? __pfx_lock_release+0x10/0x10
[  656.939244][   T30]  down_write+0x1d7/0x220
[  656.943692][   T30]  ? __pfx_down_write+0x10/0x10
[  656.948574][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  656.954322][   T30]  ? __might_fault+0xc6/0x120
[  656.959034][   T30]  blkdev_common_ioctl+0x150b/0x2480
[  656.964499][   T30]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  656.970179][   T30]  ? tomoyo_path_number_perm+0x208/0x880
[  656.975899][   T30]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  656.982191][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  656.987890][   T30]  ? file_to_blk_mode+0xcc/0x140
[  656.992962][   T30]  blkdev_ioctl+0x4ca/0x6a0
[  656.997514][   T30]  ? __pfx_blkdev_ioctl+0x10/0x10
[  657.010448][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  657.016121][   T30]  ? __pfx_blkdev_ioctl+0x10/0x10
[  657.016391][T20962] loop5: detected capacity change from 0 to 32768
[  657.021418][   T30]  __se_sys_ioctl+0xfb/0x170
[  657.032384][   T30]  do_syscall_64+0xf3/0x230
[  657.036924][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  657.045051][   T30] RIP: 0033:0x7f7955f7dff9
[  657.049499][   T30] RSP: 002b:00007f7956d92038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  657.058032][   T30] RAX: ffffffffffffffda RBX: 00007f7956135f80 RCX: 00007f7955f7dff9
[  657.066142][   T30] RDX: 0000000020000100 RSI: 000000000000127f RDI: 0000000000000003
[  657.074230][   T30] RBP: 00007f7955ff0296 R08: 0000000000000000 R09: 0000000000000000
[  657.081242][T20962] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  657.084486][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  657.098830][   T30] R13: 0000000000000000 R14: 00007f7956135f80 R15: 00007ffcbd49a708
[  657.106958][   T30]  </TASK>
[  657.110938][   T30] 
[  657.110938][   T30] Showing all locks held in the system:
[  657.124430][   T30] 1 lock held by khungtaskd/30:
[  657.131746][   T30]  #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  657.141779][   T30] 4 locks held by kworker/u8:3/52:
[  657.146960][   T30] 2 locks held by kworker/u8:6/2536:
[  657.152305][   T30]  #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  657.164355][   T30]  #1: ffffc90008ff7d00 ((reaper_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  657.175242][   T30] 2 locks held by getty/4980:
[  657.179962][   T30]  #0: ffff8880327920a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  657.190167][   T30]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  657.200629][   T30] 1 lock held by syz-executor/5227:
[  657.207440][   T30] 1 lock held by udevd/9010:
[  657.212295][   T30] 2 locks held by kworker/u8:8/9125:
[  657.220567][   T30] 1 lock held by syz.5.4160/16786:
[  657.225698][   T30]  #0: ffff888148c942c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x20e/0x490
[  657.236676][   T30] 1 lock held by syz.4.4249/17002:
[  657.237179][T20962] JBD2: Ignoring recovery information on journal
[  657.242138][   T30]  #0: ffff888148c942c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_common_ioctl+0x150b/0x2480
[  657.259606][   T30] 1 lock held by syz.5.5729/20962:
[  657.264840][   T30] 
[  657.267191][   T30] =============================================
[  657.267191][   T30] 
[  657.275694][   T30] NMI backtrace for cpu 1
[  657.280041][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller #0
[  657.288826][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  657.298994][   T30] Call Trace:
[  657.302286][   T30]  <TASK>
[  657.305320][   T30]  dump_stack_lvl+0x241/0x360
[  657.310030][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  657.315260][   T30]  ? __pfx__printk+0x10/0x10
[  657.319910][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  657.324895][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  657.330385][   T30]  ? _printk+0xd5/0x120
[  657.334582][   T30]  ? __pfx__printk+0x10/0x10
[  657.339214][   T30]  ? __wake_up_klogd+0xcc/0x110
[  657.344100][   T30]  ? __pfx__printk+0x10/0x10
[  657.348820][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  657.354479][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  657.354793][T20962] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  657.359520][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  657.374449][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  657.380463][   T30]  watchdog+0xff4/0x1040
[  657.384744][   T30]  ? watchdog+0x1ea/0x1040
[  657.389200][   T30]  ? __pfx_watchdog+0x10/0x10
[  657.393899][   T30]  kthread+0x2f2/0x390
[  657.397975][   T30]  ? __pfx_watchdog+0x10/0x10
[  657.402671][   T30]  ? __pfx_kthread+0x10/0x10
[  657.407268][   T30]  ret_from_fork+0x4d/0x80
[  657.411704][   T30]  ? __pfx_kthread+0x10/0x10
[  657.416301][   T30]  ret_from_fork_asm+0x1a/0x30
[  657.421100][   T30]  </TASK>
[  657.424144][    C1] vkms_vblank_simulate: vblank timer overrun
[  657.431336][   T30] Sending NMI from CPU 1 to CPUs 0:
[  657.436564][    C0] NMI backtrace for cpu 0
[  657.436579][    C0] CPU: 0 UID: 0 PID: 20961 Comm: syz.5.5729 Not tainted 6.12.0-rc2-syzkaller #0
[  657.436605][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  657.436624][    C0] RIP: 0033:0x7fc36dc55784
[  657.436645][    C0] Code: 0f 82 b9 00 00 00 48 39 f2 72 6e 41 0f 11 0c 24 48 8b 77 f8 48 89 f8 48 89 eb eb 12 66 2e 0f 1f 84 00 00 00 00 00 48 8b 4b 08 <48> 83 c3 08 48 39 d1 72 f3 48 83 e8 08 48 39 f2 73 17 66 2e 0f 1f
[  657.436666][    C0] RSP: 002b:00007ffe7969ed30 EFLAGS: 00000287
[  657.436687][    C0] RAX: 00007fc36d5b5208 RBX: 00007fc36d5b4a80 RCX: ffffffff849bc201
[  657.436706][    C0] RDX: ffffffff849bc04a RSI: ffffffff849bbfef RDI: 00007fc36d5b5880
[  657.436724][    C0] RBP: 00007fc36d5b4300 R08: 00007fc36d5b4db8 R09: 00007fc36df22000
[  657.436742][    C0] R10: 0000000084a4e0ab R11: 0000000000000000 R12: 00007fc36d5b42f8
[  657.436759][    C0] R13: 0000000000000019 R14: 00007fc36d401008 R15: 00000000000a03a4
[  657.436775][    C0] FS:  0000555561827500 GS:  0000000000000000
[  657.437569][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  657.543740][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller #0
[  657.552508][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  657.562566][   T30] Call Trace:
[  657.565842][   T30]  <TASK>
[  657.568775][   T30]  dump_stack_lvl+0x241/0x360
[  657.573473][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  657.578683][   T30]  ? __pfx__printk+0x10/0x10
[  657.583290][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  657.589297][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  657.594935][   T30]  ? vscnprintf+0x5d/0x90
[  657.599272][   T30]  panic+0x349/0x880
[  657.603184][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  657.608826][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  657.614992][   T30]  ? __pfx_panic+0x10/0x10
[  657.619426][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  657.625246][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  657.631148][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  657.636541][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  657.642708][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  657.648876][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  657.654515][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  657.660686][   T30]  watchdog+0x1033/0x1040
[  657.665039][   T30]  ? watchdog+0x1ea/0x1040
[  657.669477][   T30]  ? __pfx_watchdog+0x10/0x10
[  657.674170][   T30]  kthread+0x2f2/0x390
[  657.678244][   T30]  ? __pfx_watchdog+0x10/0x10
[  657.682935][   T30]  ? __pfx_kthread+0x10/0x10
[  657.687537][   T30]  ret_from_fork+0x4d/0x80
[  657.691970][   T30]  ? __pfx_kthread+0x10/0x10
[  657.696565][   T30]  ret_from_fork_asm+0x1a/0x30
[  657.701365][   T30]  </TASK>
[  657.704684][   T30] Kernel Offset: disabled
[  657.709000][   T30] Rebooting in 86400 seconds..