last executing test programs:

2m25.498590764s ago: executing program 3 (id=333):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = inotify_init()
r1 = inotify_add_watch(r0, &(0x7f0000000280)='.\x00', 0x25000001)
inotify_rm_watch(r0, r1)
sched_setscheduler(0x0, 0x2, 0x0)
shmat(0x0, &(0x7f0000d6f000/0x3000)=nil, 0x6000)
mount$tmpfs(0x0, 0x0, 0x0, 0x802, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$DVB_DEMUX_DMX_REQBUFS(0xffffffffffffffff, 0xc0086f3c, 0x0)

2m25.176322887s ago: executing program 3 (id=335):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x690}, 0x20048040)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000146000/0x4000)=nil)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ppoll(&(0x7f0000000140)=[{r1, 0x1040}], 0x1, 0x0, 0x0, 0x0)
write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8)
shmget$private(0x0, 0x1000, 0x54000000, &(0x7f0000147000/0x1000)=nil)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000d00), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000b80), 0xffffffffffffffff)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000001640), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000380)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x2007, r4, 0x0, 0x0, 0x800, 0x0, 0x6}])
ioctl$RTC_AIE_OFF(r3, 0x7002)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
sendto$packet(r2, 0x0, 0x0, 0x40008c1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0xcf}, 0x14)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x5, 0x4, 0x6, 0x7}, {0x1, 0x5}], 0x10, 0x7}, 0x94)
r5 = socket(0x22, 0x1, 0x8)
setsockopt$inet6_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r5, 0x0, 0x0)

2m23.930034349s ago: executing program 3 (id=339):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_timeval(r0, 0x1, 0x42, &(0x7f0000000000), 0x10)

2m23.656876282s ago: executing program 3 (id=342):
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x10012, &(0x7f00000004c0)=ANY=[@ANYBLOB='codepage=cp775,umask=00000000007777,iocharset=koi8-ru,\x00'/64, @ANYBLOB="7b467be6d2ffd5dbc39d475a3efbcc5666f07a12652e81e75be5e881b521fcda9e61566e2b548201f553091a16ad9bb6888f170e5d63f7a84c585f22f2397bf6c9fe0ad346d27e428fa6322e2a05eddacbf8af7162ea449789312db392743800000004002300"/111, @ANYRES8], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000340)='./file0\x00', 0x88bc56, 0x0, 0x0, 0x0, &(0x7f00000000c0))
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)

2m22.83274894s ago: executing program 3 (id=345):
unshare(0x8000600)
syz_mount_image$nilfs2(&(0x7f0000000180), &(0x7f0000000300)='./file3\x00', 0x0, &(0x7f0000001040)=ANY=[], 0x1, 0xadc, &(0x7f0000001900)="$eJzs3V2IXFcBAOBzd3c2u2lrpjW1axrbpNW2/nTTbNb4EzQpCYKhKeJLofgS0rQGYwQrqKXQJE++2VJS8MkffOpLqSJYEAl98qVgA0XoUxX0oSFiwYcaTUayc87MnZOZzMxmd+7O7vfB3TPnnnPnnDt75879O+cEYMOaWPq7uDhXhHDujZcPvf/AP2avzdnfylFf+jtVitVCCEWMT2Xv995kM7zywfPHuoVFWFj6m+Lh8UutZW8JIZwOO8L5UA/bzl146a2Fx46cOXx259uv7ru4OmsPAAAbyzfO71u8869/vvv2y6/dcyBsas1Px+f1NGOmedx/IB74p+P/idAZL0pT2XSWbypOE7Od+Sa75CuXU8vyTfUofzorv9Yj36Zw4/InS/O6rTeMs7Qd10MxMR9C2NyKT0zMzzfPycPSef10MX/qxMmnn62oosCK+/e9IYQdpeng2c74Wpv2r4E6LHNqrIE6jOV0YHRlXW40Vb7OI5oaW6reAwE05fcLr3M6v7Jwc1rvNjVY+Zcenei+PKyAUW//Q5U/XXH5Qfm/PmOPw8pZr1tTWq/0Pbo1xvP7CPnzS6/8oXO5tvxOR+fc/H5EbcB69rqPMC73F3rVc3LE9ViuXvXPt4v16isxTJ/DVztS7+34/uT/03H5HwPdfZhf/zeZTGt7Ch3x2s28V6Pi/Q+wduXPzTXS/dEof64vT9/UJ32mT/psn/TNfdJv6ZMOG9lvf/DT8GLRvt6Vn9MPez08XWe7LYYfGbI++fXIYcvPn/sd1s2Wnz9PDGvZ748+cfyLTz15ofn8f9Ha/q/G7T2dbtTjd+t8zJCuF+bX1VvP/tc7y5noke+OrD63dcm/9HprZ75ia/t9Qmk/c1095jqX29Ir3/bOfPUs32ycZrL65scnm7Pl0vFH2q+mz2sqW99ath7TWT3SfuX2GOb1gOVI22N6/r/dHqD5/H/aPudCrXj6xMnjj8R42k7/NFnbdG3+7hHXG1g5vb7/6fdrLnS2/7m1Nb82Ud4vbGnPL5r7hdfj+3XOX2iVU5pf+lFLv3Pfnpxdyj9/7Hsnn1qF9YaN7NkfP/edoydPHv++F8t+8bW1UY1hXqTTlrVSHy+GfbFjtYuoeMcErLpdLzQPAh4+8d2jzxx/5vipPXv37llY2PulPYu7lo7rd5WP7stOV1BbYCW1f/SrrgkAAAAAAAAAAAAwqB8ePnThnTe/8G6z/X+7/V9q/5+e/E3t/3+Stf/P28mndvCpHeDtXdKX8mQdrE5n+Wpx+mhW39QNQPFCM7wzW+5jMWyN4xfb/6fi8n5dU33uyubXekSz7gSu6y9lOuuDJB8v8L4Yno3hrwJUqJjtPjuGN+jfuviwtK2n/ilKTXgb+gceH+n/lvdflNp/d+3XqUt7bcbLKFosVr2OQHf/3FD9f/+rveKV18XUe5oabXk/27jbRKPnUfqgI9gArIyqx//8e2iWm65/nvrj12euTSnbpUc795d5/6UwjL+80xlf6+NPrnb5+bh9oy6/6vUf9fifrfHv4v4v7fd67/+yEfPqyyv3Pz+/+G6p2LBt0PLz9U/9QG8drvzLsfy0Ng+Gwcpv/DIrP78hNKD/ZuVvHrD869Z/+/LK/18sP31sD90/aPnNGhcTnfWYzdYj3f/LrxsnV7L1T3173qD8bz7Xbf2XOVDj1Vg+bGTjMs7ssLLjiNZBe7/xf4f9/b/Z8X9blc12a/lzGJ+P8bQjTs855OOdDFv/9HxF+h24M3v/os/vm/F/x9uXY9jv+5DG/03bYz3+5JfiS59lite6fLbrdV8D4+q9DXX/b1TTxeZp0PKWn6m+/qYhpsbkMpZrPWdVcf0bjcbqXtDqo9LCqfzzr/ruc9XnKfdVXH4/+fi/+TF8Pv5vnp6P/5un5+P/5umz8T/0fo/0fPzffHvOx//N0+/K3jcfH3iuT/rHu6QXoZ2+rfvyrdP2u/u8//Y+6Z/ok76zlb6/I0dKv+eGy7fz9Xr/O/qk398n/ZN90j/VJ/2BPukPldLLY0Cn9E9nyxdZ+nqX9j+9Pj9g/crb5/n+w8aR7v/0+v5vbadPl7OMtpbAanjltd0Hn/zNt+rN9v/Tresh6T7egRivxXOjH8V4ft87lOLX0t6M8b9l6VVfbwLa8v4z8t//B/ukA+MrPefl+w0bUDHTfXYM+/Vb1es4n/HymRh+Noafi+HDMZyP4a4Y7o7hwojqx+o4+Prv9r1YtM/3t2Tpgz5PnrcH6ugnKoSwZ8D65NcHhn2ePe/Hb1g3W/4ym4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABUZmLp7+LiXBHCuTdePvTEkRO7rs3Z38pRX/o7VYrVWsuF8EgMJ2P4i/jiygfPHyuHV2NYhIVQhKI1Pzx+qVXSLSGE02FHOB/qYdu5Cy+9tfDYkTOHz+58+9V9F1fvEwAAAID17/8BAAD//092Bzk=")
syz_mount_image$vfat(&(0x7f00000024c0), &(0x7f00000001c0)='./bus\x00', 0x204b82f, 0x0, 0x3, 0x0, &(0x7f0000000240))
r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x0)
fsync(r0)

2m22.364710025s ago: executing program 3 (id=348):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000280)='./file0\x00', 0x800, &(0x7f0000000500)=ANY=[@ANYBLOB='iocharset=cp850,dmask=00000000000000000000777,namecase=1,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c666d61736b3d30300000000000000040303030303030303030303031302c757466382c666d61736b3d30303030303030303030303030303030303030303030372c6572726f72733d72476d6f756e742d726f2c6e616d65636173653d312c706c6c6f775f7574696d653d30303030323030303030303030303015303134373037302c00904f5ef6c3660c06b4d7d3172ed33955a22d96c6b58d48d25609fc8fd957db7f4cfb97e98333158a7878aa16963be19155c4a0068007e41cc520b790c6292f5e20dbf5725a2a02670903b3d75dfbb2030d8cdef5210ed5485e27f1d33f67e2d90248d081d098053c"], 0x1, 0x1528, &(0x7f00000037c0)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==")
rename(&(0x7f0000000140)='./file0\x00', &(0x7f0000001900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

2m21.803447741s ago: executing program 32 (id=348):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000280)='./file0\x00', 0x800, &(0x7f0000000500)=ANY=[@ANYBLOB='iocharset=cp850,dmask=00000000000000000000777,namecase=1,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c666d61736b3d30300000000000000040303030303030303030303031302c757466382c666d61736b3d30303030303030303030303030303030303030303030372c6572726f72733d72476d6f756e742d726f2c6e616d65636173653d312c706c6c6f775f7574696d653d30303030323030303030303030303015303134373037302c00904f5ef6c3660c06b4d7d3172ed33955a22d96c6b58d48d25609fc8fd957db7f4cfb97e98333158a7878aa16963be19155c4a0068007e41cc520b790c6292f5e20dbf5725a2a02670903b3d75dfbb2030d8cdef5210ed5485e27f1d33f67e2d90248d081d098053c"], 0x1, 0x1528, &(0x7f00000037c0)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==")
rename(&(0x7f0000000140)='./file0\x00', &(0x7f0000001900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

1m49.843100751s ago: executing program 2 (id=431):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f00000002c0))
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={@fallback, 0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f00000010c0)=0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r4, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @empty}}, {0x14, 0x2, @in={0x2, 0xfffe, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x80)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x6)
r5 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f00000002c0)={0xf0f045, 0x800})
poll(&(0x7f00000000c0)=[{r5, 0xe7d4c009da6c3985}], 0x1, 0x6)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
pwritev2(0xffffffffffffffff, &(0x7f0000000cc0)=[{&(0x7f0000000240)=';', 0xffffffbc}], 0x1, 0xfff, 0xc, 0x4)

1m48.601567073s ago: executing program 2 (id=439):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cryptd(ecb-twofish-avx)\x00'}, 0x58)

1m47.580837784s ago: executing program 2 (id=443):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000f2303920422c021240850102030109022400010000100009040c0202c17f0c00090502020002020000090582020002"], 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f0000000280)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="2013040000002c"], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000840)={0x84, &(0x7f0000000340)={0x0, 0x30, 0x1, 'D'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$uac3(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000d80)={0x84, &(0x7f00000006c0)={0x40, 0x7, 0x1, "9c"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)

1m42.231532029s ago: executing program 2 (id=463):
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000380), 0x20842, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0xab402)
socket$nl_route(0x10, 0x3, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
socket$packet(0x11, 0x2, 0x300)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
dup(r0)
socket$inet6(0xa, 0x80002, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
socket(0x40000000015, 0x5, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r1], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x24018807)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)

1m40.592176585s ago: executing program 2 (id=458):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000001c0)=0x10)
ioctl$NILFS_IOCTL_CLEAN_SEGMENTS(r0, 0x40786e88, &(0x7f0000000640)={{0x0, 0x0, 0x40, 0xd, 0xe2}, {0x0, 0x0, 0x10, 0x20c, 0xfffffffffffffff8}, {0x0, 0x0, 0x8, 0x1, 0x10000000002}, {0x0, 0x0, 0x28, 0xfffe, 0x1000000000000101}, {0x0, 0x0, 0x8, 0x98f, 0xffff}})

1m40.347531458s ago: executing program 2 (id=462):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xff00000000000000, 0x5, 0xfffffffffffffffa, 0x8001, 0x400000000, 0x1000001000, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002}, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, 0x0)

1m24.730855658s ago: executing program 33 (id=462):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xff00000000000000, 0x5, 0xfffffffffffffffa, 0x8001, 0x400000000, 0x1000001000, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002}, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, 0x0)

13.114022875s ago: executing program 5 (id=725):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="280000001114"], 0x28}}, 0x40000000)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10)
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f0000000100), 0xdc, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat(0xffffffffffffff9c, 0x0, 0x2040, 0x8)
r2 = socket$kcm(0x2d, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000340)={r2})
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x26}}, @in6={0xa, 0x4e23, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x101}], 0x2c)
listen(r3, 0x7)
listen(r0, 0x5f)
close(0x3)
socket(0xa, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0)
msgctl$IPC_RMID(0x0, 0x0)

11.072810886s ago: executing program 5 (id=731):
syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x90, &(0x7f0000003280)=ANY=[@ANYBLOB="0001def4774774366f0b8a20db13db64e85fc9322c3fe018b91ff1291b4f4c56de7e4543f49818e1307d98d09daa1e2a7dbf88003e9401dc73aad0b7dbb5685565c7825ba8340621faeae92abed19c524ab06c4303258d253722e159642af447aeb096c6a26d345d82f2925163331b0e9157441a9c61dd1051d3b970f9ac12f5975cf1ad4e45acef1a54921c492a77bcb1858b68758ed339608b8e43c733219f1f9e0b867840f821e03bc0e8a497c4d5dde436000090a397637dedb2f3"], 0x1, 0xd99, &(0x7f0000006900)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==")
clock_adjtime(0x0, &(0x7f0000000380)={0xffffffffffff2b95, 0x81, 0x1, 0x94a, 0x100, 0x8001, 0x7e, 0x8000000000000000, 0x200000000000ffb, 0xffff, 0x3b9ac9ff, 0x9854, 0x845, 0x9, 0xfff, 0x9, 0x6, 0x9a000004, 0x1000, 0xc7, 0x3, 0x400, 0x7, 0xc, 0x8000000000000003, 0x8})
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$NILFS_IOCTL_CLEAN_SEGMENTS(r0, 0x40786e88, &(0x7f0000000640)={{0x0, 0x0, 0x40, 0xd, 0xe2}, {0x0, 0x0, 0x10, 0x20c, 0xfffffffffffffff8}, {0x0, 0x0, 0x8, 0x1, 0x10000000002}, {0x0, 0x0, 0x28, 0xfffe, 0x1000000000000101}, {0x0, 0x0, 0x8, 0x98f, 0xffff}})

10.308217154s ago: executing program 0 (id=732):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000280), 0x22000, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r0, 0x4610, &(0x7f00000002c0)={0x26, 0x2})

10.080106206s ago: executing program 5 (id=734):
sched_setscheduler(0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0x0, &(0x7f00000000c0)={0xfe, 0x2}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x0, 0x56}, 0x28)
bind$nfc_llcp(0xffffffffffffffff, &(0x7f0000001040)={0x27, 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x0, "d92984bd1ca44c226af5160e961711a077609475b78411e88509de050000000000f2170e65e3f50327e422000000000000000000000200000000001900", 0x8}, 0x60)
listen(0xffffffffffffffff, 0xf5f)
accept(0xffffffffffffffff, 0x0, 0x0)

10.079488857s ago: executing program 0 (id=735):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x33, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r3 = socket(0x40000000015, 0x5, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={0xffffffffffffffff, 0x2000012, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)
bind$inet(r3, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)
pipe(&(0x7f0000000080))
setfsgid(0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r4 = socket(0xa, 0x3, 0x3a)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000040)={'team0\x00', <r5=>0x0})
setsockopt$MRT6_ADD_MIF(r4, 0x29, 0xca, &(0x7f00000000c0)={0x0, 0x0, 0x3, r5, 0x230d}, 0xc)

8.928835258s ago: executing program 5 (id=736):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r1, &(0x7f0000000380)={0xa, 0x4e23, 0xfffffffc, @loopback}, 0x1c)
listen(r1, 0x4)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000080)={0x0, 0x4}, 0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x7}, 0x8)
sendmmsg$inet6(r0, &(0x7f0000000980)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)="89", 0x1}], 0x1}}], 0x1, 0x20000000)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000240)=ANY=[@ANYRES32=0x0, @ANYBLOB="1603040049"], 0x10)

8.596561162s ago: executing program 5 (id=737):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x4b301, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
kcmp(r2, r2, 0x4, r4, 0xffffffffffffffff)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x810}, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x3184fe1479f57e62, &(0x7f0000000040)={[{@uuid_off}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
pidfd_getfd(r0, r4, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000380)={0xa, 0x14e24}, 0x1c)
connect$inet6(r5, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @rand_addr, 0x1}, 0x1c)
splice(r5, 0x0, r1, 0x0, 0x7ffff000, 0x6)
sendto$inet6(r5, 0x0, 0x0, 0x24004041, 0x0, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x64, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0x3}, {0xffff, 0xffff}, {0xf, 0xfff1}}, [@TCA_RATE={0x6, 0x5, {0x2, 0x9}}, @qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x1d, 0x407, 0x2, 0x0, 0x3, 0x6}}, {0x4}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0xa1c5}, 0x8840)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)

7.372854044s ago: executing program 0 (id=740):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
socket(0x10, 0x3, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x800, 0x0, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8953, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x80c42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x42, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
close_range(r1, 0xffffffffffffffff, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r3, 0x0, 0x82, &(0x7f0000000500)={'filter\x00', 0x0, 0x0, 0x0, [0x8, 0x5, 0x4, 0x1, 0x7fff, 0x100000005]}, 0x0)

6.444321684s ago: executing program 0 (id=742):
r0 = memfd_create(&(0x7f0000000000)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x8dy\xf3\xb2\xe6b \x00\x00\x00\x00\x00\x00\x01\x00\x00\xf7\xffg\xf5\x12oP\xfe\xe6\xd2SLR\xa1\x00\x00\x17\x1f$^\xe1\x00\x00\x00\x00\x00\x00\a\xff;\xeb\xf1\xd0\xce\xe5\x19\x12\b\x01\xd9\xae>/\x05\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xdcc\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x05\x00\xfd\xc7\x00\x00\x00\x00\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4h$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x16\x8e-k\x12\xdf\xb9\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x826`M\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?P\xac\x86\x13b\xa8D\x0f\x93\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba$v\x8e\x9e\xef\xbc\x86f)\x01\xba\xdb\x9em\xe9\"\x03\x933P\x9b\xcc\x9b\f\xa7\x8f9\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xd9\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5\xf4\x8b\x03Ca8\x1e\xe9\\#\xf8O\fw\xd9\xf5cF\xcc\x1a2ex\xb4\x0fi$\x97\x81.\x02\x04m\xfbT2\xd4\"\x1e\xf0\x16\x0f\x97\xe6j}J\xca\xb8)f\xd5\xfd>\x9bU\xb0\x03Zt0\xc0b\xad\xef@o\xc1\xd6\x17T\f\xc30\xe2\x89\xf6L\x1b1\x9c\t\xa7\x80\x1b:\xbb\x04\xd7\xd1\x06\xa0\xe9\xbah\xb6\xb2\xea/{Q\xca\x14\x13\x9ajWt\xc9\xecd\r\xd5)\x1d\xaf\n\xc0\xc1\x1d}DY\x95&\xe7\xf4U\xff\xcd&\a\x9f\x1bg\xe5|~\xc1\xc5n\x12%ur\xa1\x9e`\xc2\x01\b,\x18\xaf\xccD\xdeag\xc6\xf3\xd6\x94\x9d\xae\x8bl\xee\x7fu\xe5bu\x84\x04\xb3@\xa1\xf7\xc6\x13\xf9I\xfa\x12\xfc\x96\",aT\xfd\"\x01\x92\xb1\xbf\x8a\x15\x88\xfd\x8f\x88\x87\x82\x9c:L\xd2\xb8\xfa5\x066\x82\xf3_LUr\xfa\xd2\x99d \x97c9G\x99\xe3\xcc$\x96cu\x97\xe7\xc7a\tm\xe8F\xc7j\xf8\x98\x81\xe7\xf7\xab3F\xf4\x83Mav\xd21\v\x99HG\xdfx\x1cPl\t#\xc1\x8e\xddW\x00'/679, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x9, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
read$FUSE(0xffffffffffffffff, &(0x7f0000002140)={0x2020}, 0x2020)
ioctl$OCFS2_IOC_RESVSP(r0, 0x40305828, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
sendfile(r4, r4, 0x0, 0x3fffff)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x200000, 0x50)
renameat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', r5, &(0x7f00000003c0)='./file0\x00')
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x4e20, 0xeb, @remote, 0x4}, 0x1c)
r6 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r6, 0xc008561c, &(0x7f0000000400)={0xf0f071, 0x2})

5.414155485s ago: executing program 5 (id=744):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f00000002c0))
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={@fallback, 0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f00000010c0)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r5, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @empty}}, {0x14, 0x2, @in={0x2, 0xfffe, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x80)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x6)
r6 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_CTRL(r6, 0xc008561c, &(0x7f00000002c0)={0xf0f045, 0x800})
poll(&(0x7f00000000c0)=[{r6, 0xe7d4c009da6c3985}], 0x1, 0x6)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
pwritev2(0xffffffffffffffff, &(0x7f0000000cc0)=[{&(0x7f0000000240)=';', 0xffffffbc}], 0x1, 0xfff, 0xc, 0x4)

4.668851242s ago: executing program 0 (id=745):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000002280)={0x3, &(0x7f0000000280)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x8, 0xfffff00c}, {0x6, 0xb7, 0x2, 0xffff}]}, 0x10)
syz_emit_ethernet(0x7a, &(0x7f0000000a80)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd6092c01f0000fe80"], 0x0)

4.473740654s ago: executing program 4 (id=746):
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000280), 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40186f40, &(0x7f0000000440)=0xfffe)

4.439739814s ago: executing program 0 (id=747):
keyctl$clear(0x3, 0xfffffffffffffffd)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100001517ee40f00a057a00f6000203010902120001000000000904000000ff"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, &(0x7f0000000100)={0x20, 0x2b, 0xc3, {0xc3, 0x10, "2085c6843ac9eb314122337fa8b581dbb03bdd90e5c9f2e1badb010727f7d3b9e7ba855abbed3cd504c53eeb7b61393ee09a09be6daabd2e57e8e7ad8aa582213def1645bba07e859701af6a2749120afdf0c497cc628608024152b8ac4597615e911363dfe3d3f6dd1fbc7b20dcc84c1b55412e2c0dcbdbf11ec554003c7dcf44ab2a5847bcdad06501feeaec5d61663c60e200d7b7e0cef13d466d6f19e828779dd736f3999b34004719f33be9183427f510f0824024eab6416b2be92f93fa70"}}, &(0x7f0000000300)=ANY=[@ANYBLOB="000304000049827bbbc8a4f40004032008"], &(0x7f0000000900)=ANY=[@ANYBLOB="00220d0000007b7105c4b32b4b39fd8592b6569144bab4417f0800000000000000000e240decfdf79182"], &(0x7f0000000280)={0x0, 0x21, 0x9, {0x9, 0x21, 0x8, 0x6, 0x1, {0x22, 0xe2f}}}}, &(0x7f0000000640)={0x2c, &(0x7f00000003c0)={0x40, 0x14, 0xe3, "27ba49df83382b9b1d1bb1391eb3be534b8798690df33de7b5ef980a73cdfce7fe9e69cd3694abac519a790855123d2cdd72a7b12c1cc371871de8d17741bb3a3b763d91b40aa0fc623fbaaa9b17b98e586c652b1787750495df798efe737108fd041b21d2f463046fcdf24b1f45bef9566a7fde7b51786ac27bc159084cb30dfee1f80c74a3b3d7f984af74feba4f37eb461edc9f5419718fba5e94234dc1e08596437edd04439503e6da1e9e9affdccdcfc67bcd640388476e5644724c972767a693726bd8270f9c4e7ee64726a3c627722d4e5889f742a02d43af9ed84ffee12885"}, &(0x7f00000004c0)={0x0, 0xa, 0x1, 0x6}, 0x0, &(0x7f0000000540)={0x20, 0x1, 0xa3, "ac10b6d2f88de1702239704d81640c5e4f85563bbe0689b7e5155f2631d9d7c09ed19d3307a4c38612f3fbebc72171da0e6c7323f69bb4ab49c0c9eae244cde33c5550bdc8c0e8944f508fcfa3b5dfc47f479269e681895220b3a9b053bd77887270d59067819c08a5dcdc39ec0d0022e607c7c252947ba86b6fb84e721025fcefdab9afe95e2aba2e21240bfde5d1ccb81c5bec81282f267e8860359aba89877b2db1"}, &(0x7f0000000600)={0x20, 0x3, 0x1, 0xd6}})
syz_usb_control_io(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r1)
socket$l2tp6(0xa, 0x2, 0x73)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r3, 0x0, 0x0, 0x200047fd, &(0x7f0000000000)={0x2, 0x4e63, @local}, 0x10)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r4 = io_uring_setup(0xc, &(0x7f0000000040)={0x0, 0xc8a1, 0xdb00, 0x8, 0x29})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r4, 0x2219, 0x7721, 0x1f, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000000)={0x34, r2, 0x1, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x34}}, 0x10004000)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wg1\x00'})
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00'})
mknod(&(0x7f0000000180)='./bus\x00', 0x8000, 0xd01)
acct(&(0x7f00000000c0)='./bus\x00')
acct(&(0x7f0000000040)='./bus\x00')
socket(0x2b, 0x2, 0xc000000)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, 0x0, 0x0)

4.068560358s ago: executing program 1 (id=749):
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x200000087}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$btrfs(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000000)={[{@discard_async}, {@metadata_ratio}, {@nodatasum}]}, 0xfc, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = open(&(0x7f0000000440)='./file1\x00', 0x84242, 0x1df2a23c5997fa7f)
write$FUSE_CREATE_OPEN(r2, 0x0, 0x0)
sendfile(r2, r2, &(0x7f0000000080), 0x7f03)

4.011623499s ago: executing program 4 (id=750):
r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeee, 0x8031, 0xffffffffffffffff, 0xfffff000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket(0x2, 0x80805, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f00000003c0)={0x0})
r4 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$sock(r4, &(0x7f0000000000)={&(0x7f00000001c0)=@nl=@unspec={0x0, 0x0, 0x0, 0xd8ff}, 0x80, 0x0, 0x0, &(0x7f0000000380)=[@timestamping={{0x14, 0x1, 0x25, 0x3}}], 0x18}, 0x4)
recvmsg(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001880), 0x1}, 0x2102)

2.742802072s ago: executing program 4 (id=751):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket(0x15, 0x5, 0x0)
getsockopt(r4, 0x200000000114, 0x2713, &(0x7f0000000100)=""/10, &(0x7f0000000000)=0xa)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000feffffff73113100000200008510000004000000850000002a000000950000000000000095"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
read$FUSE(r0, 0x0, 0x0)
sendmsg$IPSET_CMD_DEL(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[@ANYRESHEX], 0x13a}, 0x1, 0x0, 0x0, 0x4800}, 0x240440d4)
lseek(0xffffffffffffffff, 0xffffeffffffffffe, 0x0)

2.736264712s ago: executing program 1 (id=752):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x13)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000040)={0xffffffb7, 0x200401, 0xfffffffb, 0x0, 0x2, '\x00', 0x3215e6f0, 0x1fd})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000280)=0x3)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)

1.879570461s ago: executing program 1 (id=753):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x10)
r0 = openat$apparmor_thread_current(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$apparmor_current(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB='permprofile && \r:'], 0xff)
r1 = socket(0x1f, 0x1, 0xfffffff)
timer_create(0x2, &(0x7f00000000c0)={0x0, 0x21, 0x2}, 0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0xc00})
r2 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r2, 0x0, 0x0, 0x2, 0x5)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000005580)=""/102392, 0x18ff8)
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup\x00', 0x8000, 0x0)
openat$cgroup_pressure(r4, 0x0, 0x2, 0x0)
getdents64(r4, &(0x7f0000000680)=""/4067, 0xfe3)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x800c4, 0xf7)
r5 = landlock_create_ruleset(&(0x7f00000001c0)={0x1005, 0x1}, 0x18, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
landlock_restrict_self(r5, 0x0)
creat(0x0, 0x122dfb579e447c7a)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x1000000, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xa, 0x3, 0x4, 0x8, 0x0, 0x1}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000001680)=ANY=[@ANYRES8=r1, @ANYRES32, @ANYBLOB="f53532f7255d3bcbfffa71f0834e9cb11825cd63381cf3cd5ec93b4c3b0b64c0b7a7c474dbef0445b99641792e72edd1", @ANYRES32=r1, @ANYBLOB='\x00'/10], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.210436288s ago: executing program 4 (id=754):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x50)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7f, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x0, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x5}, {}, {0x1, 0xffff}}}, 0x24}}, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

516.867355ms ago: executing program 4 (id=755):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000900)='./file1\x00', 0x200000, &(0x7f0000000180), 0x3, 0x566, &(0x7f0000002080)="$eJzs3V9rW+UfAPDvSdv9//3WwRjqhRR24WQuXVv/TBA2L0WHA72foc3KaLqMJh1rHWy7cDfeyBBEHIgvwHsvh2/AVyHoYMgoeuFN5aQnW9YkTZtlNvN8PnC25znnpN/z5DnPk+/JSUgAuTWR/lOIeDkivkoiDrdsG41s48TGfmuPbsymSxLr65/8kUSSrWvun2T/H8wqL0XEz19EnCy0x62trC6UKpXyUlafrC9enaytrJ66vFiaL8+Xr0zPzJx5a2b63XfeHlhbX7/w17cf3//gzJfH17758cGRu0mci0PZttZ2PINbrZWJmMiek7E4t2nHqQEEGyZJrx06nAPsvpFsnI9FOgccjpFs1AP/fTcjYh3IqcT4h5xq5gHNa/sBXQe/MB6+v3EB1N7+0Y33RmJf49rowFry1JVRer07PoD4aYyffr93N12ix/sQNwcQD6Dp1u2IOD062j7/Jdn817/T23jXb3OMvL3+wG66n+Y/b3TKfwqP85/okP8c7DB2+9F7/BceDCBMV2n+917H/Pfx1DU+ktX+18j5xpJLlyvl0xHx/4g4EWN703q/93Na8790SeM3c8HsOB6M7n36MXOleqnPcG0e3o545Un+m0Tb/L+vketu7v/0+biwzRjHyvde7batd/tbDT4DXv8h4rWO/f/kjlay9f3Jycb5MNk8K9r9eefYL93i76z9g5f2/4Gt2z+etN6vre08xvf7/i5329bv+b8n+bRR3pOtu16q15emIvYkH7Wvn37y2Ga9uX/a/hPHt57/Op3/+yPis222/87R7mnQMPT/3I76f+eFXz/8/Ltu8bfX/282SieyNduZ/7Z7gM/y3AEAAAAAAMCwKUTEoUgKxcflQqFY3Ph8x9E4UKhUa/WTl6rLV+ai8V3Z8RgrNO90H275PMRU9nnYZn16U30mIo5ExNcj+xv14my1MrfbjQcAAAAAAAAAAAAAAAAAAIAhcbDL9/9Tv43s9tEBz52f/Ib86jn+B/FLT8BQ8voP+WX8Q34Z/5Bfxj/kl/EP+WX8Q34Z/5Bfxj8AAAAAAAAAAAAAAAAAAAAAAAAAAAAM1IXz59Nlfe3Rjdm0PndtZXmheu3UXLm2UFxcni3OVpeuFuer1flKuThbXez19yrV6tWp6Vi+Plkv1+qTtZXVi4vV5Sv1i5cXS/Pli+Wxf6VVAAAAAAAAAAAAAAAAAAAA8GKprawulCqV8pJC18LZGIrD6LuQ9Orls9nJ0FeI0d1voMJzKOzyxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALf4JAAD//5CPL9Y=")
r0 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0x20)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x9000)
fallocate(r0, 0x0, 0x0, 0x8800000)
r1 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x5a00, 0x0, 0x3)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)

516.665335ms ago: executing program 1 (id=756):
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r0, 0xa)
r1 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, &(0x7f0000000140)={0x100, r2}, 0x0)
landlock_restrict_self(r1, 0x4)
r3 = landlock_create_ruleset(&(0x7f0000000240)={0x20}, 0x18, 0x0)
landlock_restrict_self(r3, 0xb)
unlinkat(0xffffffffffffff9c, &(0x7f0000000340)='./file0/file0/file0\x00', 0x0)

433.333116ms ago: executing program 1 (id=757):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)={0x28, r1, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0xc, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x4}, @NL80211_BAND_60GHZ={0x4}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0x24000)

273.115257ms ago: executing program 1 (id=758):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r1, &(0x7f00000058c0)=[{{&(0x7f0000000300)={0xa, 0x4e24, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, 0xae00000}, 0x1c, &(0x7f0000000640)=[{&(0x7f0000000880)='*', 0x1}], 0x1}}], 0x1, 0x5)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000040), 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'team_slave_1\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', <r5=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x60, r4, 0x1, 0x3, 0x25dfdc01, {}, [{{0x8, 0x1, r5}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8}}, {0x8, 0x6, r3}}}]}}]}, 0x60}, 0x1, 0x400000000000000}, 0x40010)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000080)={'ipvlan0\x00', {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x37}}})
r6 = socket(0x10, 0x803, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c0000001b0a05000001000000000000010000000900010073797a300000"], 0x74}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r6)
mknod(&(0x7f0000000000)='./file0\x00', 0x8000, 0x0)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@errors_remount}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T")
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000140)={'team_slave_0\x00', &(0x7f0000000080)=@ethtool_channels={0x3d, 0xffffffff, 0xfffffff9, 0x0, 0x4, 0x2}})
socket$inet6(0xa, 0x4, 0x4)

0s ago: executing program 4 (id=759):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = syz_mount_image$f2fs(&(0x7f00000000c0), &(0x7f0000000340)='./file1\x00', 0x2, &(0x7f0000000180)=ANY=[@ANYBLOB='active_logs=4,jqfmt=vfsv0,prjjquota=f2fs\x00,mode=adaptive,heap,norecovery,fsync_mode=posix,user_xattr,disable_roll_forward,\x00\x00\x00'], 0x1, 0x105da, &(0x7f0000010600)="$eJzs3E1vG1UXAODrpGk+3r4lQizYdSSElEi1FSdpBbsAqQCJVBEfC1bg2I7l1vZEsZOYIkRgjVj2j8CKPXv+BDvEAoldEchzJ1WTFhES4yTN80jjM/d65vhcK1J05koOwKU1m/z+WyFcD9MhhPEQwrUQsvNCfmRWYng5hHAjhDD2xFHI5x9PXA0hzIQQrg+Sx5yF/K0vHu6vPeqvzeRZb57NioHz4NUQQnsrnu+1Y0wbMd7L5yu7zSy2l3fzGN9o38/HaYx79Y0sw17l4LpKFpca8fp0a6c7iJutSnUQG83NbH6rEz+wu9s4yJPdcK+ynY1r9Y2Dcvez+x7EQT+PD7q9mKeW5/ssSx96vYMY5+v9ybierftZrHZ6+Xwa66vV+4O4m8dunA7VtFXL6tg44Zd8AbzX7Oz0k936dreZdpJbpfJrpfLtYnk7rdV79eVipV27vZzMNVqDy4q9eqW90kjTRqteqqbt+WSuUa0Wy+VkbrW+0ax0knK5tFRaKN6az89uJm/f/Shp1ZK5QXyz2dnpNVvdZDPdTuId88liaen1+eSVcvLB2nqy/v6dO2vrH36y+vHdN9befSu/6KmykrnFhcXFYnmhuFie/5cL/uNcrn/wL3o06z9i6nS3c9kVzroAgIsn6/+nwyj7/89/ePjr6teVn/T/cIldpP6/mTfkJ+//63E9+v+nnJP+d3T9/zHW/9UlWr/+n1PR/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXFo/T3z3TnYyG8f/y+f/n0+9mI8LIYSxEMKfzzAerh7KOZ7nmfib6yeO1PBjIWQZBp8xmR8zIYSV/Hj0wrNrvzLUbwIAAACeT9/v3/g2duvxZfasC2KU4kObsWufDilfIYQwMfvLkLKNDV5eGlKy7O/7Suif7OarRyeyB1hTp68qkz8U+3JI6Y5l/FCYeiIUYhgbZTUAAMBoHO4E7KgDAAA8v7456wIYvuPs3xXCwVbm4y3OyRjyDcHpQyMAAADgAiqcdQEAAADAfy7r/y/y7/8BAAAA/yz+/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sXM3uWkDURzAnw1u6ZeKqi4r9SrdwTF6hC67RBygl+AI9Aq5AGcguxwhwhEeo+CISFEYGwX9fpI/xoI/z4jNm0EGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADo0221nv9f/Px3bs6uPk+euwEAAABO2VbreXMyTeNP7fUv7aVv7biIiDIiTvXuo3jXyRy1OdUzr6+e1HAT0STsP+N9u32MiF/tdv+1728BAAAArtdmuZqlbj3tppcuiCGlSZvy8+9MeUVEVNO7TGnlfvc9U1jz+x7H30xpzQTWJFNYmnIb50p7kVHnMDk6FOlQDloOAAAwiG4nMGwXAgAAwJD+HJ0vLlgHAyvisJR5WAtu/nn/uCD4oTMCAAAA3qDi0gUAAAAAvWv6f8//AwAAgOuWnv8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAn7bVer5Zrmbn5uzqV/gxSW+u6zrDrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDA/ryjQAiEQRjsXd+ZzP0PKw0aG5pUgfDxNwYDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+N1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc785ICIRAEUTBn/O+k739YSdCVJxAioOFRRTUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBf97pf/E1PjTDJ32lg6HknWrhpbV429B42jB+P1NQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcz2scVRwA8Dc7O9sfIF2jBOrFipWKYpOtvxC89CAED4In8biku2V1q9LmYEsO5uJB8D/wotdehIAg9eBf0IMne6yXCrKHCh48KfOrTrtBJ2pmdtPPB968byYv875vAiHfeZMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAS2bnw6kyjtNDP487xbkf725vpv2tB/rUneH1k2lL46jZtJdON71Hq21nAQAAwGEXl/V9COF2sruR9p1+Vv8/U45Ja/7tR/K4rOcfrPvLvqz903bju6/evjdRP58nCSF805+O1htb4WI7XXPciRpjsmcJ+ROaOPu2dd7ceWyWZHc9+vzmzTd6WXjkv2UMAPwfzpZ9EYyjT7Lfj8aT6WjQZmIALK/uP3+6HFLW/3G/gbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWjbbCc+XcRRCeKL7V5y6dXd7c6/+zvD6ybKdePfxT6vXTC+RhBDGk+noaINrWWSna467cvXa+8PpdHR5X8GT/+qrBEsSxIuRhqDN4IB/QAEAcKgkRUvr+tvJ7kZ6LloJ4Y8v76//z1TiULP+/35y40x1rmr9P2hshYutbv2/tnXpo7UrV6+9MLk0vDi6OPrg3OClwavrr708eGUtvZ/r+fGAswUAAGBZ9YpWrf87K/P7/8crcahZ///w8zu/VOeK1f9z9r//f8AJAQAAPMQePfXbr9Ee56NeL3w83Nq6PMiP9z4+lx9bSPXvHZs/daRo1fo/XmkhNwAAAKBxs53ovv3/C5U41Nz///a537+oXjMuHkGMJ9PR2c0PpxeaW87Cmt//7+85rok/J25guQAAALTkWNGq+/9J9v5/56lyTCeE8OzTeVz8G8Ba9f/r3c/OV+eqvv//YnNLXEid1fx+1Hn/Pxu7GkJ3tYHEAAAAOJSOFi2t/39Kdjfe+/r4Wz3v/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/Mn+3NsmDIRxHH59SZS4TUZIb/ExAw0VghUACcmSZ2AAFqKhorVYBFYACc41naF4nub/K664FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODtXZ+++IiIIlKXKdJ0+3f+jIivSLu2nXzfs9hfTs3PIxeH4yznb8z/y4goo+jjHACA3lXd5lhv6tUg7zDvKO84b1U29fKVnwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG7swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMFYAAAD//4pSWOM=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0x208e24b)
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYRESHEX=r0, @ANYRESOCT=r0, @ANYRESHEX=r0, @ANYRES64=r1], 0xf6, 0xa1d, &(0x7f0000000d00)="$eJzs3ctvXGdfB/DvmdiJ41YhbUMJUdtMUqV12+CMHZoo6oIm9jhx8QXZjtQIUFM1CYpiUdSC1FYsUgmxoqJCCAnYoC5ZVSoLukHZwZIVCyTof4AqFhAWaF7NmXEytucSu46dN+/nMzo5t99zm3PmPJnxzHnCz7NGo1FO21y/+ve7WVmePJemf/jm26+a05d3sz/78nbxj8lIkmoy9P/luTI8Nb20OD8gozvJ9ST3kiLJgbTmPRxct3Y9xZ/n2Yfr91L8bY52STayxcYxUINfaHt9/gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBNparpWmygyN7tw9f1qb+UQ4H32r2X3fTnqd/H9oGKLpGhOGRlZG+r76JGHu19s/nMyL7XWXmqN/D2SL5558fA7LwxV1tL3qdCu+PTzL+58uLp685OHm4a7Bg6129VcPrBr1Xt0+7eX7HJ9YXZ5cXb+4uV6dXZ5sXrh3LnamSszy9WZ2dSXry2v1OerU0v1iyuLS9WxqTeqExcunK3Wx68tXl24PD0+V1/beP7XJmu1c9X3xn+rfnFpeXHhzHvjy1NXZufmZhculzHN3c2Y880T8TdnV6or9Yvz1eqt26s3zw6qZDNoouueYn3Q5KCcJmuTkxMTk5MT596+8Pb5Wm1o04baBtkUsfcnLXvnH3b02g0/UaXd/2cus1nI1byfatfHVKazlMXM99jfttb/nzpT71tuZ/+/1ssffbj7WMr+/5XW2iu9+v8edRn8aDRaOW83/drj03yeL3InH2Y1q7mZT35yjpse/7f1NMPdtlZ/ems3Py6nnoXMZjmLmc18LpZbqu0t1VzIuZxLLR/kSmaynGpmMpu51LOca1nOSurlGTWVpdRzMStZzFKqGctU3kg1E7mQCzmbauoZz7Us5moWcjnTuVjmciu3y+f9bJ86PgiaeJSgyT5Bk7VkB/v/xpP4P0Eetx2/hsN2Ndr9//6eAY21pbGpXasVAAAAsJN+9V9y6Mjz//wfyXBeLj+Xn5mdq9f2uloAAADADiq/rvdSczbcXHo5hff/AAAA8LQpyt/YFUlGc7y11Pol1L74EAAAAACeEuXf/19pzkabS8dTPLgTyvW9rhsAAACwMwbfY39gRHF67fa/1Rut+Y12RPs+v6Mzs3P18anFuXcm8lp5l4HylwabctuXFMPlzw/ezIlW1InR1nx0fY4jzaiJ8Xcm8mZOthsy9mpz9upYl8jJVuTrrcjX+0SebUYCwNPuZJ/+uF///z+Nlmb//2ZOtyJOHxvan2ToWJeetaZnBYAnxeAxdgZGFL/+8P3/cDvbdf3/87n1v62vFIzno3yc1dzI6fLXBuU3Dtbl+jtftz8zePA1hFqKAZ8GrMX+6/lKTg/4PGC0Y6CX0wM+EWjF5neTs4//QADALjrZox/eSv9/uuP9fza//38wtNBNPykEgCfCgxHsH+PCXrcRAFhPLw0AAAAAAAAAAAAAAAAAAAAAAAAAAAA7b0fv9j+yzeT/2R7X7/EOQ7Bp4WD7Odh+Pn+RZPfqXOxwWZUdyKeRZLeO1+4t5HCy7We162m8P8net2vgwlD7JXHnw9W9uiIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwm4pkX7ftleRAklqSM7tfq8fn7l5XYPf9RudKcT/381kO7V11AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeTu37/1fSmj/T2pShSnIqyfUkv73XddxJ9/e6Ajvk4DbTddz/v3nM0ygy1DrsKYanppcW55uHvxz7ofLDN99+1Zw6kh941HLKwMqGwSXaJWyM/btn15aeK1ONTt/89M4ffvwH1elLqWR/Lq3MzE3PX15692GSF4vvkmpa05q1+v7xqX/6ukvLv2u2tLuN5c6UT8705nJ/pVvq/uX2c3v15mSzpJX6+yt/9Pu3P+vY9XxOJK+OJWPrS/q95tSjpBMZ7lda8WPxp8Wh/FWul8e/+WwUjaJ5iH6pbP/BW7dXb45/9PHqjR51OpzjSW4kI/3r9GXH7uPl9aSr8qyrDDdLrZVBzX+ODGhjXx05TvRow3PlKTPabsP+nm3oVO3dhlLH817ptr9Vo7M9avRCXutypBsHkt41eq3/ke6u+LH49+JK/i1/0jH+R6V5/E+l96tzfRZlZMeZ0jOy0oosWz7ZueODjZH/9dePVPuuw9SwVX+27sVb6bj+t4/VDl2PGkXf61FHiVt7XWwoccNZ0ed1UfZIRzakaF99eqVp1/NIK6pHPX85byVDx/pdFTf11m8NuKI8SP9u993bff3/TTGW/85d4/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPviLZ1217JTmV5PDaejVpbCHbA712VEaLrVZxR9198M9TobLVBMX93M9nOfR4qgMAAAAAAADAbrs0/cM3337VnIqD7U3tv+9Xk6Ekh4u/PJjppcX5ARkNJ9eT3Gsuj3TZ3+fP/c10efbh+r3m2tGttgQAeFQ/CwAA//9Q62fs")
r2 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_int(r2, 0x29, 0x7, &(0x7f0000000000)=0xffffffc7, 0x4)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
write$UHID_INPUT(r1, &(0x7f0000001740)={0x8, {"fb59f8e87d3c26f640d435f7b49f7fa2afe2de75f41cc41413fed8faab7278a7fd15dda02d907829627f234ab981a74ef5fabd7b86b46c710c22ff5bae82dae52fd7bb73903223b08dc0018454d932c7c075e927cae3bd36e0ddf09ad5a01eda1baf1d3d6022aa592715ee16a629b1afa1894374cda47f0e23473cabf66c1657ab5509b004c599fd742f43d25c3ebfcbcab2efc7029aec24ca4cb8aea7f2a1e225e29657adc2f809727fde5444efdc07193f6f3e8af9c5d060ffb27abbcbc65bee3954766acc8b4de3255cc795c21b91784cbc99486a8b258b658ef04911ce0059ee2e7890f69d2ce2f44ec3ae4d1b86cc86efa03b6b99f4f580a7121c79002ad75d51a4fd2da6470fbc04b9482ee91b7cd7d2c243c99c4ca7b1d3ceee4bfbb3f544215c71ec33b06ae87f755da8edcd67ad254bb98022bfd1e1c76c8043a5eba2ce109f0c7e7f8e018869f47763218107e015f2be727333317261c9255120949c32ca66902125258ddcfab6e370bebb907fd143948a38876a64ad625e562647c3039b8162ced377491cf7e3cfd1f3a24f72a5bf6ae5b6572c42932fbb6c882297b8c94f0f825be6534b1b3244a205918889fda4444ad5910e465fa8fe15a5bda47c4ebc0cdeeb6d55a3221c457d78b422240372e966d5d6e376d22697f15cc8554287030def0824749b777dfcc21f127fcee6371953546f3f331df89930237b5cdc2f9a14576c5e455b1226227d9b498b1aa1179d3c00bd167bd06811f3727a4002ed38c0231e6079beee7bb4c0402ebfba52b0da1643385de6a0468b9da9225f86edd13689065f22c2df1f52a9311ad3cabad9be2dee174c810e926e38721cdb00c8932ee568b30866691569a4f3cf777aa8bf825535382466d6a5285b17bbd16e20fed40db49b068daf66e306a51c42817f2136cf40e0994878a565a9b722790ae536f28e9644182dc7e809ed34489880e09432ccb83cc343e6f1d2627d2141a5c75dc6efa3fda6fc5d06d1afc44646e7f11b608cec0eb4924f19895bd423092cd407378264490627492e6556bc267b440a8a9df914d2712d491f6f9da545f5152594f9125dc7ee1e8862e776383cbbcb1ab993da27cd5ef7d6cdf1e8d98a82df900ce32989e4e27342662a2c85eac6fd9b36a24c48a9c607af388c83c09a1cee33e2a67743252caca94f94a72375a84e26293ccf7dfbdfc9d4fb9852d30977256fb8066474fdd3503a56c05754eff4adc30c5ccb311065dc3558616458e81398d619abb505a020a3db334e15287f69f6b9d97ef6cd867ccdfa2faa89f147eb52208b9fb65d4168033def09872bbf038ffda4a866c1c8b679f7ec3a2982d07b63e770b657f14618bdfac961901e0da012e85ce8ff760e61535fbb5df7f78849e16953ea3403362aac751eea7cfe2395afec3fededda918c9a57049aed7953df4494190cf8df681e8d608dc2752f2dcef3ba6adfcfa36b0e4ec686788c33dcb9098827977e477d7181141c4b699cfcae86517a73b8006d5bb49ad95787f4da2d4e00a826ab70bd453e84abfaac953f6803254d36fae683594aa4437fb7237f52d8e93b80a82ec257f2eff679349c5e23193c0cf407228b79a3b84c4a33d294f1e2e5842f7a2baacf5357ea19a29217a36648b02feeee6386c0ea67d1f737870557c7ef628556f0485bed4dd8dba4c512a52cdeb88ecda9c37795ab287ca306bfcc232c89111aca2f1f8f60912ef8fa4b232269c6eb9015acef632225794cef7cc111bc699d9a7c9b10ba43c102143a09c8039f222b149d7fa351dbc8a19f782e7be5decd8331f3bf538360f2ce3612d4bfd8c6e5c434a3ab057e32f03f9670d29650815982cc49686b5597363dd37ac4aa25e8b3848cfc0fc19a9d781f8da629838e88fcd7020695a4e3ff3013ae6f1f37d89ea23a7de1eb8e5df449a0f18b558d971e5f93c2d5a1e1ad8bb9b7f4de4b6c927c15a8768db92dc0e1df53be1f3eb3261f367deb04ffbb0ae378d01d98918c1887d07724f2b27e8be46dda3caf05d748ef2873141a1030107f0ff46de0d62c8004bfe08136ba1d5786a0abe41cea815e32432c8ca0fafece56037c6b97b383d87ff7ba227fa66478f1c5ea170c92213cce1ecc8cb1b98823b1384df8b6e5369a90b33623174a963f64cdb34aff8d2954a255806c7ca0bc925a62f360a3072c1f8e448f4be76db640bd8a749fb175bb308e1ed70a4d61a6cedfc30e4d3783bbf23980d0912d9cc727b28f2ec51d5c2efe101cb7bab7a884e0841a7643235615c27b76d7698fa0eca97dedaa678db4b350e49782a29c6f4b1c206979cec07e0ff877ed02ffd02467682518ed94aee8d3942afb5d25e70ecd4a0b4b7c4f6da58f2d9ad836eb46b99995616a6dab4be692353e3241346930362a8691021aa4b22a247ee90ff66d65b4738f373273bfb9bf6701adeea2d828aa14d0ba3c0a0836268e533965b80544b34a1889d5115d7a980707fa2365f1d2fe4e91935801bb72dbd26cbc0c2f1272a3eff4a970d5fe0dad26fd1509266b7337e4174071785ca5b9080c30232a2ff43667bbd606f9206f2a58a8a05f597a07fd17d2ec826eead49725f67aafedb73cc4c8f35910fdc9f894775cd61b4c2c3e560be9b5a468cee65fce203b3054395afa60a826baee729e3cf48fffa7ca28e2244d9b4c24bc3c4d8d7a35a8cb254ea1ed7e0c5fffeaa057cf9051fab94b673b79fe9e63eb6858580ebb47af885935a8a96bc22bd92378f034182a71db3c80eb9c99c57418ddca82bf30d879b0231ff78e2b7426838e6f324a498312abe5984f12402d472c10be2c4b3c7daa237c5c06e98bf323795c48bb5c46c4d1256ab7c04e96c2e9a76ea3e99220d77f1e1517705de2bb6bcf070792bacafbdfd12740428222fee81651ac2a8db1e6dd973fe089cabd84c3258d62de04eb4c39bcc3242dc28d6b38429eaca348aa5063c2deffdf80eedcbc038f010c116543c30660a63f5f75014152c6e30093242a93f93397c37ebbd89cffa3f6f83a0223a1a8adf5f6ed55c39b875df69ebeca391e4b8f38de23e1d70febd531f77e1c990db21987f470cd411aad376d5c4a0811218be7e82f622c8ecc2809c487571fd8ff694002ba882e86386efc798eb2af8e02da6add6d941a866fdca6927ed2a3c75a1c4d926b14ae94eef4430c7f2ac13685117c09ffb838591bdcdaf991c07638dacf0b8b2a50f5d76f73e601d8e9f61efabc6b245055b0013094f255361fd15318b488454e9be474be8574b932b639b40ad63f8df4b61259315bd60a6b928f5fd4806f688a9d9b78c1ce2dc3896c5725b2f1c208d778db17404a9f1845ab50a473c9b4b0fd2e118134bebe01dddf7d2250f219d24a2f541f721750d39126913a34ba65a6cfa796fb49155c49af01463347cbd8a12c5ea92cc995a7cd20f7666a9877c69635f6f5cd5a7ed6aac91d759748fa69554bbd64265218762f02d3a6de2d6eb8263e3a4ce23235f7ef2455775a0853a39bfd1a30544027e19bb58242af36cd034d01ba2f66ab2b18f31ff8084c93806aef7fe9200e94d8959bdb107cbbf0d178b783fe579b45833433074d0825c13405b334961220b092ecd735f11468f9373c57c0ea1b241a0d5e751467f84a033cd480d47a0f0bf74df5a7047b394b60f06e8fa035e35985411a0256a80f398251dc75511690bff21d16e920cf31284a1ca882576e3ac4bfafee89aa6682cfc389e1240ee0ea7d503bc550bca8da5df478335c556c2e3c35c3c37b61430c6ed1739bee708d2c5920d7783b4d9b4d7ff00af00563b9c9e16e67424b15cb47ca2c7677a51623d2b1d1e97fe2bb2f60389ea9a0a9b5c1bfa57918fb77c327fe39d860067ba4fa13e8e2d62bf02926791903b6499a8952ddccdc9e1d80597fbb61fac505e270e3923f52805d10723c9215feac075f5f4c2a3abbcc46f1e5e3219e46d7b9a71ab08c24c44e48bb8a2625078f0237bf3c631c4b8fad0c7a89e58016436414a9ebdb718b01c0a0dd48b82f526751ce3f94820ffd003b5974d1c5b2bf5cdcf96e47d88eff35603aacc3cce0e9098ddc06c646ed0033d81fefd217ed2be4b640f9d8076f6b58b20424a97cb99b844ccf30c0f254a903c5f5f807f65de5333306281267c65f980bce2e0df1a2e1ef41dc268c0c05ed284e9b01a7a4c1ff71b213c87d3ed00a2b0e7f88f66570bb93e02774d428a4076f8feb5dc13951b12ab77bead809e031bcc9ec8d9e546232f43d06d5233af55cfe3f1fdbf17059c0e5db5875f8327fa662836b3e77c0ea53d9c05c3ad865b1edbd292b262de7d3da106802531dc3737d5331fb48c58cc24e0dfefef8e26692bf59bc3d6c1102812e5b329d34da6db85d727048c2fdcc94b7e346b116641b421cb719b4bfd65004c2d2d2404d28b490a3d695d635844e81a291d5947d6c9f74d4826a9342f9cbf2a21e0e41119cd9679e931faf55e1e67fe762210e01e3f42c8979b727198ba1c6bcd758cca3aad0fe4bf6f96cfa744041bdd5a2c3a65df6c04ca1b30e25d71c2a2533cbb72e3c1dcbf80a3e37bbd0d9cc0c1c19356a36b8038fb919972aee7935334474053555bea6f54235e0a7059c96462a5e13d057064616f580454dd0abc333a68f2c77624f941634767a6c763fef49cad5e1bc2ec213ee0ea4cf8009bf8a17ca5066725daa1782d73d0ce7558e1f7183b012b815dc69ec954fa9be6fc4c69aae137aa2f2f54f749585ad67938a1b84e5a4cd2787b73994fb90f1a241b82d8f7ce92822faf75a949c142926fb6866036fda319f9a53ef4b6f1c87bb19a6ecc87a4b7daf2df9c33922cb261e691fd381a455ce7d74b924f64ba09a393b61fdc24b77caf9dd547f2d4a19946fd1bbf32e0ea6976125b9cdfe86506d3ec026009e9acf100b7eecf5f6addc5fd1f2b80634b30fd27d752a1efed12a2e0ad2be04b1c35d120d72a5245b41bd3e41a6a715b98013a5c528a968a9ba382ee79d6281ca7a308626371e65df22c3ae523f738cb27583b5b883683cbc64cf772211383e60fcde9d5ffaffcc3ffc8d2cc5e6797b1ef8f1c53a9b02b18712c29ace20a73f4a29ff9beac2f50e26b682dc4712d1f7bad8b5e89ddde8524eb3b4609ed7ed4a01603d19c559075e9b1766ce69622c0c064fd9230088abe517bec83a570dcf43766b722d4f630ed0427d6b644d47dbf4f9c778445f16bfb81df560383721ea4e2eb44289a8ea2c16976794629706d018e109fc8d2f141f703647fed96ac0d57dc6004ef4c015b55da4945d86f28c41c992742f4c7daaf3c07761411e599de45a2443f5216e56dcc8b11e817f0ff152a567d2d15ef6029f2e9d1369d6c9e26d64ed124cb64f9526f55ea22732a228df20576c3dd6e31cf86b079231e8866f6a98c07d2cb1f1d64f6047fb9b8b48fbde445b7a3149d318fe8f865894b81a3e1badc093fe261af941f7f4bdf26aa06ab7ed6aa83dd0f3f1080c03a6fbd0acf2d5059e49042c4bec72fe86c42e21d7dec63715d641f948886df56d40e6e7d729ed43d657b54c81ab9f2ebc55caaf8fe52d40c6277e2a422bcdfb6691262ad4120d76a30c411b375566344ea2a2c7cbc13c6f33d28169116024c011275836a44f335f95ca311f87266eb40d4a7025d4d327d8eda131ee8f130501cdc01c189f98780a43ddf1de7a776e2ce343885f87797065ff79117295287bd31352b8baba71ee14f1de9dcb3c4a81cd78b7a7d8a785d69b7293aaaddc0863257caf1065f2c9297ebb267d4955d011ef19e3f102db", 0x1000}}, 0x1006)

kernel console output (not intermixed with test programs):

ered promiscuous mode
[  130.675112][ T6656] syzkaller1: entered allmulticast mode
[  131.136986][ T6661] tipc: Started in network mode
[  131.142070][ T6661] tipc: Node identity , cluster identity 4711
[  131.148154][ T6661] tipc: Failed to set node id, please configure manually
[  131.155332][ T6661] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  131.364978][ T5767] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  131.472637][ T6667] loop3: detected capacity change from 0 to 256
[  131.516591][ T6667] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  131.882704][ T6660] loop0: detected capacity change from 0 to 32768
[  131.899446][ T6660] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  131.916411][ T6660] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  132.152492][ T6660] BTRFS info (device loop0): using free space tree
[  132.220552][ T6660] BTRFS info (device loop0): enabling ssd optimizations
[  132.251028][ T6660] BTRFS info (device loop0): auto enabling async discard
[  132.406338][ T5766] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  133.388981][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  133.395330][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  133.448109][ T5758] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop0 scanned by udevd (5758)
[  133.566467][ T6701] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  133.876166][ T6712] loop2: detected capacity change from 0 to 128
[  134.371543][ T6712] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  134.432173][ T6712] ext4 filesystem being mounted at /48/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  134.754532][ T6722] tipc: Started in network mode
[  134.759559][ T6722] tipc: Node identity , cluster identity 4711
[  134.765640][ T6722] tipc: Failed to set node id, please configure manually
[  134.772929][ T6722] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  135.013078][ T5777] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  135.024150][ T5777] CPU: 1 PID: 5777 Comm: kworker/u5:4 Not tainted syzkaller #0
[  135.031732][ T5777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  135.041801][ T5777] Workqueue: hci2 hci_rx_work
[  135.046538][ T5777] Call Trace:
[  135.049834][ T5777]  <TASK>
[  135.052777][ T5777]  dump_stack_lvl+0x18c/0x250
[  135.057480][ T5777]  ? show_regs_print_info+0x20/0x20
[  135.062699][ T5777]  ? load_image+0x420/0x420
[  135.067232][ T5777]  sysfs_create_dir_ns+0x26e/0x2a0
[  135.072359][ T5777]  ? sysfs_warn_dup+0xa0/0xa0
[  135.077048][ T5777]  ? do_raw_spin_unlock+0x121/0x230
[  135.082276][ T5777]  kobject_add_internal+0x61c/0xcc0
[  135.087503][ T5777]  kobject_add+0x164/0x240
[  135.091934][ T5777]  ? __rwlock_init+0x150/0x150
[  135.096726][ T5777]  ? kobject_init+0x1e0/0x1e0
[  135.101428][ T5777]  ? _raw_spin_unlock+0x28/0x40
[  135.106308][ T5777]  ? get_device_parent+0x366/0x390
[  135.111450][ T5777]  device_add+0x408/0xc20
[  135.115807][ T5777]  hci_conn_add_sysfs+0xd5/0x1e0
[  135.120768][ T5777]  le_conn_complete_evt+0xf5d/0x1540
[  135.126255][ T5777]  ? hci_event_packet+0x4cb/0x1270
[  135.131416][ T5777]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  135.137705][ T5777]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  135.143367][ T5777]  ? skb_pull_data+0xfb/0x200
[  135.148069][ T5777]  hci_le_conn_complete_evt+0x187/0x440
[  135.153639][ T5777]  ? hci_remote_host_features_evt+0x150/0x150
[  135.159728][ T5777]  hci_event_packet+0x7ba/0x1270
[  135.164696][ T5777]  ? bis_list+0x290/0x290
[  135.169050][ T5777]  ? lockdep_hardirqs_on+0x98/0x150
[  135.174272][ T5777]  ? hci_send_to_monitor+0xd7/0x4f0
[  135.179491][ T5777]  hci_rx_work+0x43a/0xd60
[  135.183942][ T5777]  ? process_scheduled_works+0x96f/0x15d0
[  135.189686][ T5777]  process_scheduled_works+0xa5d/0x15d0
[  135.195263][ T5777]  ? worker_attach_to_pool+0x380/0x380
[  135.200727][ T5777]  ? assign_work+0x3d2/0x5d0
[  135.205326][ T5777]  worker_thread+0xa55/0xfc0
[  135.209939][ T5777]  kthread+0x2fa/0x390
[  135.214005][ T5777]  ? pr_cont_work+0x560/0x560
[  135.218693][ T5777]  ? kthread_blkcg+0xd0/0xd0
[  135.223291][ T5777]  ret_from_fork+0x48/0x80
[  135.227711][ T5777]  ? kthread_blkcg+0xd0/0xd0
[  135.232304][ T5777]  ret_from_fork_asm+0x11/0x20
[  135.237082][ T5777]  </TASK>
[  135.246634][ T5777] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  135.264929][ T5768] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  135.270364][ T5772] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  135.274340][ T5777] Bluetooth: hci2: failed to register connection device
[  135.467942][ T6733] loop0: detected capacity change from 0 to 2048
[  135.512733][ T6733] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  135.558817][ T5772] usb 2-1: Using ep0 maxpacket: 32
[  135.575447][ T5772] usb 2-1: config 1 has an invalid interface number: 236 but max is 0
[  135.588939][ T6735] loop3: detected capacity change from 0 to 64
[  135.597252][ T5772] usb 2-1: config 1 has no interface number 0
[  135.607992][ T5772] usb 2-1: config 1 interface 236 altsetting 2 endpoint 0x5 has invalid wMaxPacketSize 0
[  135.623926][ T6735] hfs: inconsistency in B*Tree (1,0,1,0,3)
[  135.631559][ T6735] hfs: get root inode failed
[  135.637692][ T5772] usb 2-1: config 1 interface 236 altsetting 2 bulk endpoint 0x5 has invalid maxpacket 0
[  135.670421][ T5772] usb 2-1: config 1 interface 236 has no altsetting 0
[  135.698855][ T5772] usb 2-1: config 1 has an invalid interface number: 236 but max is 0
[  135.707070][ T5772] usb 2-1: config 1 has no interface number 0
[  135.738548][ T5772] usb 2-1: config 1 interface 236 altsetting 2 endpoint 0x5 has invalid wMaxPacketSize 0
[  135.765757][ T5772] usb 2-1: config 1 interface 236 altsetting 2 bulk endpoint 0x5 has invalid maxpacket 0
[  135.802813][ T5772] usb 2-1: config 1 interface 236 has no altsetting 0
[  135.817426][ T5772] usb 2-1: New USB device found, idVendor=0451, idProduct=5152, bcdDevice=aa.6a
[  135.826501][ T6739] loop0: detected capacity change from 0 to 1024
[  135.834777][ T6739] EXT4-fs: Ignoring removed orlov option
[  135.835873][ T5772] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.855683][ T6738] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  135.868738][ T5772] usb 2-1: Product: syz
[  135.878444][ T5772] usb 2-1: Manufacturer: syz
[  135.889223][ T5772] usb 2-1: SerialNumber: syz
[  135.909348][ T5772] ti_usb_3410_5052 2-1:1.236: TI USB 5052 2 port adapter converter detected
[  135.917541][ T6739] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.977603][   T28] audit: type=1800 audit(1777788722.429:14): pid=6739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.235" name="bus" dev="loop0" ino=18 res=0 errno=0
[  136.157087][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.178352][   T27] usb 2-1: USB disconnect, device number 2
[  137.481969][ T6751] loop3: detected capacity change from 0 to 128
[  137.544298][ T6751] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  137.564349][ T6751] ext4 filesystem being mounted at /57/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  137.976508][ T6768] tipc: Started in network mode
[  137.981572][ T6768] tipc: Node identity , cluster identity 4711
[  137.987652][ T6768] tipc: Failed to set node id, please configure manually
[  137.994870][ T6768] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  139.011608][ T5767] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  139.127488][ T6823] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  139.278865][ T5831] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  140.279878][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  140.378937][ T5831] usb 3-1: Using ep0 maxpacket: 16
[  140.403907][ T5831] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xF3, skipping
[  140.429097][ T5831] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  140.438540][ T5831] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.446667][ T5831] usb 3-1: Product: syz
[  140.451023][ T5831] usb 3-1: Manufacturer: syz
[  140.455706][ T5831] usb 3-1: SerialNumber: syz
[  140.483202][ T5831] usb 3-1: config 0 descriptor??
[  140.746604][ T5772] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  141.041174][ T5772] usb 2-1: Using ep0 maxpacket: 8
[  141.071578][ T5772] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  141.152950][ T5772] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  141.177431][ T6850] loop0: detected capacity change from 0 to 128
[  141.181009][ T5772] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  141.217552][ T5772] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  141.291229][  T966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  141.292367][ T6850] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  141.312242][ T5772] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  141.312276][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  141.334126][ T5772] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  141.379344][ T6850] ext4 filesystem being mounted at /81/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  141.411772][ T5772] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.476756][ T5777] Bluetooth: hci2: command 0x0406 tx timeout
[  141.708912][ T5772] usb 2-1: GET_CAPABILITIES returned 0
[  141.714409][ T5772] usbtmc 2-1:16.0: can't read capabilities
[  141.784573][ T6856] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  141.928932][  T786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.142018][ T2134] usb 3-1: USB disconnect, device number 5
[  142.144384][ T5766] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  142.179611][ T5772] usb 2-1: USB disconnect, device number 3
[  142.218695][ T6858] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  142.248723][  T966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.330568][ T5831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.449366][ T6867] loop2: detected capacity change from 0 to 256
[  142.473286][ T6867] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012c80, chksum : 0x8ff561f5, utbl_chksum : 0xe619d30d)
[  142.715094][ T6871] No source specified
[  143.509500][ T5806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  143.798798][ T5806] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  143.998586][ T5806] usb 2-1: Using ep0 maxpacket: 8
[  144.080116][ T5806] usb 2-1: config index 0 descriptor too short (expected 30, got 18)
[  144.113204][ T5806] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  144.140023][ T5806] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.153981][ T6878] loop3: detected capacity change from 0 to 128
[  144.160110][ T5806] usb 2-1: Product: syz
[  144.171073][ T5806] usb 2-1: Manufacturer: syz
[  144.175804][ T5806] usb 2-1: SerialNumber: syz
[  144.209602][ T5806] usb 2-1: config 0 descriptor??
[  144.224763][ T5806] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  144.235319][ T6878] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  144.273495][ T5806] usb 2-1: setting power ON
[  144.283686][ T5806] dvb-usb: bulk message failed: -22 (2/0)
[  144.303107][ T6878] ext4 filesystem being mounted at /64/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  144.372957][ T5806] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  144.442883][ T6874] dvb-usb: bulk message failed: -22 (3/0)
[  144.451562][ T5806] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  144.479539][ T6874] cxusb: i2c wr: len=80 is too big!
[  144.479539][ T6874] 
[  144.497092][ T5806] usb 2-1: media controller created
[  144.568688][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.600407][ T5806] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  144.687752][ T6886] tipc: Started in network mode
[  144.692794][ T6886] tipc: Node identity , cluster identity 4711
[  144.698921][ T6886] tipc: Failed to set node id, please configure manually
[  144.705988][ T6886] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  144.953729][ T5806] usb 2-1: selecting invalid altsetting 6
[  145.000729][ T5806] usb 2-1: digital interface selection failed (-22)
[  145.023579][ T5806] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  145.057033][ T5806] usb 2-1: setting power OFF
[  145.085247][ T5806] dvb-usb: bulk message failed: -22 (2/0)
[  145.110033][ T5806] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  145.154971][ T5806] (NULL device *): no alternate interface
[  145.204663][ T5767] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  145.286496][ T5806] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  145.299064][  T786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  145.314344][ T5806] usb 2-1: USB disconnect, device number 4
[  145.376107][ T6888] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  145.608958][ T5806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  145.744199][ T6884] loop2: detected capacity change from 0 to 40427
[  145.806422][ T6892] loop0: detected capacity change from 0 to 40427
[  145.833668][ T6892] F2FS-fs (loop0): invalid crc value
[  145.850781][ T6892] F2FS-fs (loop0): Found nat_bits in checkpoint
[  145.901967][ T6892] F2FS-fs (loop0): Start checkpoint disabled!
[  145.931229][ T6892] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  145.954694][ T6884] F2FS-fs (loop2): Found nat_bits in checkpoint
[  146.078755][ T6904] warning: `syz.3.271' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  146.128728][ T6884] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  146.300356][ T5768] syz-executor: attempt to access beyond end of device
[  146.300356][ T5768] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  146.328767][  T786] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  146.368008][ T5768] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  146.408818][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  146.538526][  T786] usb 1-1: Using ep0 maxpacket: 8
[  146.556474][  T786] usb 1-1: config 1 interface 0 altsetting 169 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  146.578991][ T5772] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  146.589949][  T786] usb 1-1: config 1 interface 0 has no altsetting 0
[  146.603785][  T786] usb 1-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.40
[  146.613671][  T786] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.622908][  T786] usb 1-1: Product: 䦗볿短⚶榖鄩ꔀ࣬蠷᧳✵疳픯÷嫜舎Ꜩ琼ꌦྑਇ题聫粮骚ᓏ燱鼣넰馈牷䄯공轢泊部ࠍ旪㙘礬梫焔鰐඙⾗㧐궊ꚷÀ匜髾㠖騯⻹囀歹孍㛣餈芄埦ꞧ㶂累拌瑰䷌붖䟒滶紥䟫猰෡୒䤡
[  146.650330][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  146.650891][  T786] usb 1-1: Manufacturer: ᠊
[  146.663546][  T786] usb 1-1: SerialNumber: ဉ
[  146.788563][ T5772] usb 2-1: Using ep0 maxpacket: 16
[  146.806275][ T5772] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  146.820102][ T5772] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  146.877487][ T5772] usb 2-1: New USB device found, idVendor=0d46, idProduct=2011, bcdDevice=82.8f
[  146.887294][ T6914] loop2: detected capacity change from 0 to 128
[  146.888536][ T5772] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.914611][ T5772] usb 2-1: Product: syz
[  146.922521][ T5772] usb 2-1: Manufacturer: syz
[  146.935570][  T786] usbhid 1-1:1.0: can't add hid device: -71
[  146.942652][  T786] usbhid: probe of 1-1:1.0 failed with error -71
[  146.946972][ T6914] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  146.978811][ T5772] usb 2-1: SerialNumber: syz
[  146.985084][  T786] usb 1-1: USB disconnect, device number 2
[  146.994120][ T5772] usb 2-1: config 0 descriptor??
[  147.004083][ T5772] kobil_sct 2-1:0.0: KOBIL USB smart card terminal converter detected
[  147.033175][ T5772] usb 2-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  147.034157][ T6914] ext4 filesystem being mounted at /56/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  147.227648][ T5772] usb 2-1: USB disconnect, device number 5
[  147.324166][ T5772] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  147.349112][ T5772] kobil_sct 2-1:0.0: device disconnected
[  147.415203][ T6918] tipc: Started in network mode
[  147.420220][ T6918] tipc: Node identity , cluster identity 4711
[  147.426297][ T6918] tipc: Failed to set node id, please configure manually
[  147.433491][ T6918] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  147.844311][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.868294][ T5768] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  147.975007][ T6924] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  148.105244][ T6926] loop2: detected capacity change from 0 to 4096
[  148.191439][ T6928] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  148.998551][ T5831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.091693][ T6800] kworker/u4:14: attempt to access beyond end of device
[  149.091693][ T6800] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  149.124995][ T6800] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  149.158190][ T6800] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  149.396400][ T6938] loop2: detected capacity change from 0 to 128
[  149.780978][ T6938] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  149.980470][  T786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  150.086591][ T6938] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  150.095877][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  150.125197][ T6941] loop3: detected capacity change from 0 to 4096
[  150.177970][ T6941] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  150.201996][ T5777] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  150.243531][ T6943] loop1: detected capacity change from 0 to 128
[  150.398516][ T6945] loop0: detected capacity change from 0 to 32768
[  150.413199][ T6945] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.279 (6945)
[  150.439578][ T6945] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  150.449788][ T6945] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  150.459105][ T6945] BTRFS info (device loop0): using free space tree
[  150.518837][ T6945] BTRFS info (device loop0): enabling ssd optimizations
[  150.525801][ T6945] BTRFS info (device loop0): auto enabling async discard
[  150.545682][ T6943] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  150.586901][ T6943] ext4 filesystem being mounted at /66/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  150.645767][   T28] audit: type=1800 audit(1777788737.099:15): pid=6941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.283" name="file1" dev="loop3" ino=30 res=0 errno=0
[  151.130835][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  151.711077][  T966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  151.736254][ T5765] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  151.780972][ T5766] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  151.920084][ T6972] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  152.255791][ T6980] kernel profiling enabled (shift: 15)
[  152.773707][ T5831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  153.069651][  T786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  153.427722][ T6984] loop1: detected capacity change from 0 to 64
[  153.678476][ T5831] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  153.777112][ T6991] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  153.890360][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  154.740989][ T5831] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.752277][ T5831] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  154.762335][ T5831] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.784244][ T5831] usb 1-1: config 0 descriptor??
[  154.970551][ T5806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.029489][ T7000] loop3: detected capacity change from 0 to 128
[  155.058627][ T5831] usbhid 1-1:0.0: can't add hid device: -71
[  155.067694][ T5831] usbhid: probe of 1-1:0.0 failed with error -71
[  155.090504][ T5831] usb 1-1: USB disconnect, device number 3
[  155.292797][ T7000] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  155.308275][ T7000] ext4 filesystem being mounted at /75/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  155.340116][    C0] vkms_vblank_simulate: vblank timer overrun
[  155.354419][ T7004] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  156.011094][ T5806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.041025][ T5767] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  156.128925][ T5831] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  156.138699][ T5772] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.328785][ T5831] usb 1-1: Using ep0 maxpacket: 32
[  156.493484][ T5831] usb 1-1: device descriptor read/all, error -71
[  156.838872][ T5806] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  157.059311][ T5806] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  157.151157][ T5806] usb 2-1: New USB device found, idVendor=06f8, idProduct=301b, bcdDevice=bb.39
[  157.160587][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.168898][ T5806] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.176991][ T5806] usb 2-1: Product: syz
[  157.181304][ T5806] usb 2-1: Manufacturer: syz
[  157.186048][ T5806] usb 2-1: SerialNumber: syz
[  157.208717][ T5806] usb 2-1: config 0 descriptor??
[  157.240016][ T5806] gspca_main: gspca_pac7302-2.14.0 probing 06f8:301b
[  157.550201][ T7029] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  157.980727][ T5806] gspca_pac7302: reg_w() failed i: ff v: 01 error -71
[  158.063097][ T5806] gspca_pac7302: probe of 2-1:0.0 failed with error -71
[  158.169457][ T5831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.198303][ T5806] usb 2-1: USB disconnect, device number 6
[  158.307021][ T7034] loop2: detected capacity change from 0 to 128
[  158.372130][ T7034] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  158.445032][ T7034] ext4 filesystem being mounted at /66/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  158.476875][    C0] vkms_vblank_simulate: vblank timer overrun
[  159.475576][ T5806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.523383][  T966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.714734][ T5768] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  160.256419][ T7058] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  160.694550][ T7066] loop2: detected capacity change from 0 to 512
[  160.729990][ T5806] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  160.822485][ T7066] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  160.836075][ T7066] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  160.984126][ T5831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  160.992907][ T7066] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm syz.2.315: bg 0: block 104: invalid block bitmap
[  161.010328][ T7066] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6655: Corrupt filesystem
[  161.028604][ T7066] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.315: invalid indirect mapped block 1 (level 1)
[  161.049888][ T7066] EXT4-fs (loop2): 1 truncate cleaned up
[  161.060766][ T7066] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.121628][ T7062] netlink: 16 bytes leftover after parsing attributes in process `syz.2.315'.
[  161.131297][ T7062] netlink: get zone limit has 8 unknown bytes
[  161.140991][  T786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.210797][ T7074] loop0: detected capacity change from 0 to 1024
[  161.221127][ T5806] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  161.334996][ T5806] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  161.344921][ T5806] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.356548][ T5806] usb 2-1: config 0 descriptor??
[  161.366453][ T5806] pwc: Askey VC010 type 2 USB webcam detected.
[  161.434514][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.808187][ T5806] pwc: recv_control_msg error -32 req 02 val 2b00
[  161.949661][ T5806] pwc: recv_control_msg error -32 req 02 val 2700
[  162.009364][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  162.110265][ T5806] pwc: recv_control_msg error -32 req 02 val 2c00
[  162.226210][ T7082] loop2: detected capacity change from 0 to 128
[  162.259087][ T5806] pwc: recv_control_msg error -32 req 04 val 1000
[  162.288482][ T5806] pwc: recv_control_msg error -32 req 04 val 1300
[  162.317080][ T7082] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  162.338293][ T5806] pwc: recv_control_msg error -32 req 04 val 1400
[  162.347435][ T7082] ext4 filesystem being mounted at /68/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  162.393585][ T7084] loop0: detected capacity change from 0 to 256
[  162.485174][ T7087] loop3: detected capacity change from 0 to 1024
[  162.568671][  T966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  162.593927][ T7084] usb usb8: usbfs: process 7084 (syz.0.325) did not claim interface 0 before use
[  162.610752][ T5806] pwc: recv_control_msg error -32 req 02 val 2100
[  162.618846][ T5806] pwc: recv_control_msg error -71 req 04 val 1500
[  162.626558][ T7087] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.627979][ T5806] pwc: recv_control_msg error -71 req 02 val 2500
[  162.647272][ T5806] pwc: recv_control_msg error -71 req 02 val 2400
[  162.658624][ T5806] pwc: recv_control_msg error -71 req 02 val 2600
[  162.675082][ T5806] pwc: recv_control_msg error -71 req 02 val 2900
[  162.932171][ T7087] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  163.055592][ T7087] EXT4-fs (loop3): Remounting filesystem read-only
[  163.083575][ T7087] EXT4-fs (loop3): error restoring inline_data for inode -- potential data loss! (inode 12, error -5)
[  163.172937][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.177378][ T5768] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  163.181675][ T5806] pwc: recv_control_msg error -71 req 02 val 2800
[  163.197382][ T5806] pwc: recv_control_msg error -71 req 04 val 1100
[  163.204476][ T5806] pwc: recv_control_msg error -71 req 04 val 1200
[  163.216622][ T5806] pwc: Registered as video103.
[  163.225272][ T5806] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input6
[  163.243180][ T5806] usb 2-1: USB disconnect, device number 7
[  163.315990][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.646610][ T7102] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  164.896689][ T7106] loop0: detected capacity change from 0 to 1024
[  164.907677][ T5806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.960878][ T7106] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.996149][ T7098] loop2: detected capacity change from 0 to 32768
[  165.039785][ T7111] loop1: detected capacity change from 0 to 4096
[  165.067786][   T28] audit: type=1804 audit(1777788751.519:16): pid=7106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.331" name="/newroot/96/file1/bus" dev="loop0" ino=18 res=1 errno=0
[  165.133078][   T28] audit: type=1326 audit(1777788751.589:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7112 comm="syz.3.333" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf04b9cdd9 code=0x7ffc0000
[  165.166208][   T28] audit: type=1326 audit(1777788751.619:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7112 comm="syz.3.333" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7fdf04b9cdd9 code=0x7ffc0000
[  165.253932][   T28] audit: type=1326 audit(1777788751.619:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7112 comm="syz.3.333" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf04b9cdd9 code=0x7ffc0000
[  165.279041][   T28] audit: type=1326 audit(1777788751.619:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7112 comm="syz.3.333" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fdf04b9cdd9 code=0x7ffc0000
[  165.303492][   T28] audit: type=1326 audit(1777788751.619:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7112 comm="syz.3.333" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf04b9cdd9 code=0x7ffc0000
[  165.333016][   T28] audit: type=1326 audit(1777788751.619:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7112 comm="syz.3.333" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf04b9cdd9 code=0x7ffc0000
[  165.361497][   T28] audit: type=1326 audit(1777788751.619:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7112 comm="syz.3.333" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7fdf04b9cdd9 code=0x7ffc0000
[  165.361540][   T28] audit: type=1326 audit(1777788751.619:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7112 comm="syz.3.333" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf04b9cdd9 code=0x7ffc0000
[  165.361576][   T28] audit: type=1326 audit(1777788751.619:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7112 comm="syz.3.333" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fdf04b9cdd9 code=0x7ffc0000
[  165.620653][ T5771] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.656647][ T7119] loop1: detected capacity change from 0 to 128
[  165.697078][ T7119] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  165.701584][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.712335][ T7119] ext4 filesystem being mounted at /77/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  165.960639][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.686250][ T5765] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  166.771820][ T7133] loop0: detected capacity change from 0 to 2048
[  166.807522][ T7133] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.834644][ T7133] ext4 filesystem being mounted at /99/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  166.934443][ T7138] loop3: detected capacity change from 0 to 64
[  166.945356][ T7133] netlink: 60 bytes leftover after parsing attributes in process `syz.0.340'.
[  166.968832][ T5806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  167.001519][ T7139] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  167.071728][ T7140] fs-verity: sha512 using implementation "sha512-avx2"
[  167.630098][ T5767] hfs: request for non-existent node 131072 in B*Tree
[  167.637230][ T5767] hfs: request for non-existent node 131072 in B*Tree
[  167.698988][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.792852][ T7145] loop2: detected capacity change from 0 to 512
[  167.853975][ T7145] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.883044][ T7145] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.944813][ T7145] EXT4-fs error (device loop2): ext4_xattr_block_find:1879: inode #15: comm syz.2.346: corrupted xattr block 33: e_value out of bounds
[  167.969573][ T7145] EXT4-fs (loop2): Remounting filesystem read-only
[  168.008591][  T786] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  168.024148][ T5806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.045428][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.073165][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  168.124295][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  168.140820][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  168.211229][  T786] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  168.236137][ T6816] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.270494][  T786] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  168.301130][  T786] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  168.315764][  T786] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  168.325265][  T786] usb 2-1: Manufacturer: syz
[  168.357282][ T6816] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.372520][  T786] usb 2-1: config 0 descriptor??
[  168.505245][ T6816] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.643931][ T6816] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.655257][ T5771] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.985807][ T7143] loop1: detected capacity change from 0 to 40427
[  169.023588][ T7143] F2FS-fs (loop1): invalid crc value
[  169.033788][ T7143] F2FS-fs (loop1): Found nat_bits in checkpoint
[  169.057091][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  169.069030][ T7143] F2FS-fs (loop1): Start checkpoint disabled!
[  169.090493][ T7143] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  169.600430][ T7159] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.658906][ T7159] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  169.848110][  T786] usbhid 2-1:0.0: can't add hid device: -71
[  169.861943][  T786] usbhid: probe of 2-1:0.0 failed with error -71
[  169.870686][ T7162] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  169.918127][  T786] usb 2-1: USB disconnect, device number 8
[  170.090676][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.430121][ T7168] loop2: detected capacity change from 0 to 32768
[  170.535293][ T7168] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  170.585033][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  170.596097][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  170.605236][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  170.680736][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  170.688858][   T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  170.696225][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  170.772541][  T786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.843597][   T12] kworker/u4:1: attempt to access beyond end of device
[  170.843597][   T12] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  170.918187][   T12] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  170.940922][   T12] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  171.056349][ T5768] ocfs2: Unmounting device (7,2) on (node local)
[  171.348749][ T7176] loop0: detected capacity change from 0 to 32768
[  171.366968][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.434420][ T7176] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  171.595682][ T7176] XFS (loop0): Ending clean mount
[  171.688649][  T786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.801802][   T28] kauditd_printk_skb: 17 callbacks suppressed
[  171.801831][   T28] audit: type=1800 audit(1777788758.249:38): pid=7176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.355" name="file1" dev="loop0" ino=6150 res=0 errno=0
[  172.149579][ T5766] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  172.678556][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  173.959007][ T5806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.967504][ T5777] Bluetooth: hci2: command tx timeout
[  174.986444][  T786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  175.978839][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.014074][ T5777] Bluetooth: hci2: command tx timeout
[  176.295312][ T7210] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  177.049370][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.173094][ T7213] overlayfs: failed to resolve './file0': -2
[  177.473667][ T7170] chnl_net:caif_netlink_parms(): no params data found
[  177.723865][ T7224] loop2: detected capacity change from 0 to 4096
[  178.089283][ T5777] Bluetooth: hci2: command tx timeout
[  178.386702][ T5806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.400722][ T5771] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.543542][ T7235] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  178.727868][ T7238] loop0: detected capacity change from 0 to 256
[  178.897053][ T7170] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.960194][ T7170] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.995720][ T7170] bridge_slave_0: entered allmulticast mode
[  179.039006][ T7170] bridge_slave_0: entered promiscuous mode
[  179.073604][ T7170] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.110894][ T7170] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.127521][ T7170] bridge_slave_1: entered allmulticast mode
[  179.144912][ T7170] bridge_slave_1: entered promiscuous mode
[  179.541701][ T5806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.778423][ T7170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  179.800800][ T7170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  179.996044][ T7252] tipc: Started in network mode
[  180.001094][ T7252] tipc: Node identity 4, cluster identity 4711
[  180.007256][ T7252] tipc: Node number set to 4
[  180.212189][ T6816] hsr_slave_0: left promiscuous mode
[  180.218611][ T6816] hsr_slave_1: left promiscuous mode
[  180.224650][ T6816] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  180.232458][ T5777] Bluetooth: hci2: command tx timeout
[  180.267580][ T7261] mtd partition "" doesn't have enough space: 0x20003 < 0x2001f, disabled
[  180.448602][ T6816] batman_adv: batadv0: Removing interface: batadv_slave_0
[  180.478486][ T5771] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.494104][ T7261] ftl_cs: FTL header not found.
[  180.540759][ T6816] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  180.568781][ T5806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.578084][ T6816] batman_adv: batadv0: Removing interface: batadv_slave_1
[  180.588185][ T6816] bridge_slave_1: left allmulticast mode
[  180.608100][ T6816] bridge_slave_1: left promiscuous mode
[  180.628681][ T6816] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.645579][ T6816] bridge_slave_0: left allmulticast mode
[  180.652383][ T6816] bridge_slave_0: left promiscuous mode
[  180.658903][ T6816] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.733892][ T6816] veth1_macvtap: left promiscuous mode
[  180.740046][ T6816] veth0_macvtap: left promiscuous mode
[  180.747606][ T6816] veth1_vlan: left promiscuous mode
[  180.753999][ T6816] veth0_vlan: left promiscuous mode
[  180.833939][ T7266] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  181.387310][ T7272] loop0: detected capacity change from 0 to 32768
[  181.458670][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.482830][ T7272] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  181.718847][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.747563][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.837451][ T5766] ocfs2: Unmounting device (7,0) on (node local)
[  183.011766][ T7276] loop1: detected capacity change from 0 to 32768
[  183.082958][ T7276] (syz.1.373,7276,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  183.143958][ T7276] (syz.1.373,7276,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  183.328789][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  183.360914][ T7276] JBD2: Ignoring recovery information on journal
[  183.484307][ T7276] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  183.768825][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  183.870240][ T6816] team0 (unregistering): Port device team_slave_1 removed
[  183.910808][ T5765] ocfs2: Unmounting device (7,1) on (node local)
[  183.975223][ T6816] team0 (unregistering): Port device team_slave_0 removed
[  184.063312][ T7288] loop0: detected capacity change from 0 to 32768
[  184.107619][ T7288] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.376 (7288)
[  184.121295][ T6816] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  184.182641][  T786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  184.232389][ T7288] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  184.255444][ T7288] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  184.286667][ T7288] BTRFS info (device loop0): force zlib compression, level 3
[  184.298113][ T6816] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  184.325646][ T7288] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  184.356324][ T7288] BTRFS info (device loop0): use zstd compression, level 3
[  184.373353][ T7288] BTRFS info (device loop0): enabling ssd optimizations
[  184.393136][ T7288] BTRFS info (device loop0): using free space tree
[  184.488819][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  184.546552][ T7288] BTRFS info (device loop0): auto enabling async discard
[  184.654391][ T7308] loop1: detected capacity change from 0 to 4096
[  184.707866][ T7311] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  184.809283][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  184.898732][ T5766] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  185.083726][ T5758] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 10 /dev/loop0 scanned by udevd (5758)
[  185.462898][ T7318] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  185.610867][ T6816] bond0 (unregistering): Released all slaves
[  185.894190][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.290275][ T7170] team0: Port device team_slave_0 added
[  186.344839][ T7170] team0: Port device team_slave_1 added
[  186.463319][ T7170] batman_adv: batadv0: Adding interface: batadv_slave_0
[  186.490452][ T7170] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.532629][ T7170] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  186.565635][ T7170] batman_adv: batadv0: Adding interface: batadv_slave_1
[  186.575207][ T7170] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.608847][ T7170] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  186.754566][ T5771] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  186.892252][ T7170] hsr_slave_0: entered promiscuous mode
[  186.949059][ T7170] hsr_slave_1: entered promiscuous mode
[  186.963710][ T5771] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  187.006930][ T5771] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  187.036961][ T7170] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  187.063137][ T5771] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.072931][ T7170] Cannot create hsr debugfs directory
[  187.126995][ T5771] gspca_main: stv0680-2.14.0 probing 041e:4007
[  187.528640][  T786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.545820][ T7330] loop0: detected capacity change from 0 to 131072
[  187.555327][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.567464][ T7330] F2FS-fs (loop0): invalid crc value
[  187.592117][ T7330] F2FS-fs (loop0): Found nat_bits in checkpoint
[  187.609609][  T966] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  187.659082][ T7330] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  187.818581][  T966] usb 2-1: Using ep0 maxpacket: 8
[  187.831366][  T966] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  187.859350][  T966] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239
[  187.879994][ T7170] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  187.892398][  T966] usb 2-1: Product: syz
[  187.896599][  T966] usb 2-1: Manufacturer: syz
[  187.912728][ T7170] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  187.921883][  T966] usb 2-1: SerialNumber: syz
[  187.932687][  T966] usb 2-1: config 0 descriptor??
[  187.960997][ T7170] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  187.968727][  T966] gspca_main: sq905-2.14.0 probing 2770:9120
[  188.000631][ T7170] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  188.206362][  T966] gspca_sq905: sq905_command: usb_control_msg failed (-71)
[  188.230635][  T966] sq905: probe of 2-1:0.0 failed with error -71
[  188.255711][  T966] usb 2-1: USB disconnect, device number 9
[  188.275606][ T7170] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.328328][ T7359] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  188.344107][ T7170] 8021q: adding VLAN 0 to HW filter on device team0
[  188.386269][ T6816] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.393478][ T6816] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.433955][ T6816] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.441152][ T6816] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.467716][ T5771] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  188.494098][ T5771] stv0680 3-1:4.0: last error: 86,  command = 0x78
[  188.532732][ T5771] usb 3-1: USB disconnect, device number 6
[  188.569665][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.213967][ T7380] loop1: detected capacity change from 0 to 1024
[  189.235941][ T7170] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.289278][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.043366][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.579117][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.854941][ T7394] loop0: detected capacity change from 0 to 2048
[  190.896874][ T7390] input: syz1 as /devices/virtual/input/input8
[  190.946014][ T7400] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  191.004989][ T7399] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  191.049978][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  191.107514][ T7400] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  191.158454][ T7400] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  191.218934][ T7400] Remounting filesystem read-only
[  191.307497][ T5766] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  191.384505][ T5766] NILFS (loop0): discard dirty page: offset=0, ino=18
[  191.403394][ T5083] Bluetooth: hci0: command 0x0406 tx timeout
[  191.407282][ T5776] Bluetooth: hci1: command 0x0406 tx timeout
[  191.415505][ T5776] Bluetooth: hci3: command 0x0406 tx timeout
[  191.468543][ T5766] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  191.475795][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  191.538584][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  191.578674][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  191.611562][ T5766] NILFS (loop0): discard dirty page: offset=0, ino=2
[  191.618290][ T5766] NILFS (loop0): discard dirty block: blocknr=18, size=1024
[  191.618791][ T7170] veth0_vlan: entered promiscuous mode
[  191.642010][ T7170] veth1_vlan: entered promiscuous mode
[  191.671539][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  191.697043][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  191.716387][ T7170] veth0_macvtap: entered promiscuous mode
[  191.738105][ T7170] veth1_macvtap: entered promiscuous mode
[  191.747850][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  191.777393][ T5766] NILFS (loop0): discard dirty page: offset=0, ino=6
[  191.786247][ T5766] NILFS (loop0): discard dirty block: blocknr=35, size=1024
[  191.811148][ T7170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.812375][ T5766] NILFS (loop0): discard dirty block: blocknr=36, size=1024
[  191.838538][ T7170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.859219][ T7170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.862274][ T5766] NILFS (loop0): discard dirty block: blocknr=37, size=1024
[  191.877820][ T5766] NILFS (loop0): discard dirty block: blocknr=38, size=1024
[  191.879176][ T7170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.895279][ T5766] NILFS (loop0): discard dirty page: offset=4096, ino=6
[  191.907748][ T5766] NILFS (loop0): discard dirty block: blocknr=39, size=1024
[  191.917552][ T7170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.921801][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  191.929777][ T7170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.958836][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  191.974302][ T7170] batman_adv: batadv0: Interface activated: batadv_slave_0
[  191.978711][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.013534][ T7170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.013624][ T5766] NILFS (loop0): discard dirty page: offset=0, ino=5
[  192.046241][ T7170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.066440][ T7170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.067506][ T5766] NILFS (loop0): discard dirty block: blocknr=41, size=1024
[  192.090177][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.099687][ T7170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.109653][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.119672][ T7170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.133058][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.144465][ T7170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.166154][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.170515][ T7170] batman_adv: batadv0: Interface activated: batadv_slave_1
[  192.189908][ T5766] NILFS (loop0): discard dirty page: offset=0, ino=4
[  192.197456][ T7425] netlink: 14 bytes leftover after parsing attributes in process `syz.2.401'.
[  192.197897][ T5766] NILFS (loop0): discard dirty block: blocknr=40, size=1024
[  192.214603][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.224150][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.233543][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.244051][ T5766] NILFS (loop0): discard dirty page: offset=0, ino=3
[  192.254220][ T5766] NILFS (loop0): discard dirty block: blocknr=42, size=1024
[  192.264308][ T5766] NILFS (loop0): discard dirty block: blocknr=43, size=1024
[  192.274311][ T5766] NILFS (loop0): discard dirty block: blocknr=44, size=1024
[  192.287362][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.310502][ T5766] NILFS (loop0): discard dirty page: offset=65536, ino=3
[  192.317644][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.327359][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.331480][ T7170] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  192.347404][ T5766] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  192.355876][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.364979][ T5766] NILFS (loop0): discard dirty page: offset=196608, ino=3
[  192.367056][ T7170] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  192.372345][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.391787][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.397225][ T7170] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.402510][ T5766] NILFS (loop0): discard dirty block: blocknr=49, size=1024
[  192.418262][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  192.470658][ T7170] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.760890][ T6401] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  192.797496][ T6401] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  192.856237][ T7439] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  192.884652][ T6401] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.025375][ T6401] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.130402][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.427145][ T7448] capability: warning: `syz.2.405' uses 32-bit capabilities (legacy support in use)
[  193.436788][ T7443] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  193.440690][ T7448] program syz.2.405 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  193.616489][  T966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.668631][ T7453] loop4: detected capacity change from 0 to 128
[  193.738530][ T7453] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  193.843605][ T7453] ext4 filesystem being mounted at /0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  193.917175][ T5771] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.064879][   T23] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  194.260830][   T23] usb 3-1: Using ep0 maxpacket: 32
[  194.330372][   T23] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  194.620310][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  194.626654][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  194.822852][  T966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.096520][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.156329][   T23] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  195.157954][ T7170] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  195.166590][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.182943][   T23] usb 3-1: Product: syz
[  195.187128][   T23] usb 3-1: Manufacturer: syz
[  195.226650][   T23] usb 3-1: SerialNumber: syz
[  195.285639][   T23] usb 3-1: config 0 descriptor??
[  195.315423][ T7455] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  195.359457][   T23] hub 3-1:0.0: bad descriptor, ignoring hub
[  195.365422][   T23] hub: probe of 3-1:0.0 failed with error -5
[  195.406960][ T7477] loop1: detected capacity change from 0 to 512
[  195.447287][ T7477] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  196.012959][ T7477] EXT4-fs (loop1): 1 truncate cleaned up
[  196.020135][ T7477] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.045900][ T7477] EXT4-fs error (device loop1): mb_free_blocks:1970: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  196.048727][   T28] audit: type=1800 audit(1777854318.499:39): pid=7477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.411" name="file2" dev="loop1" ino=16 res=0 errno=0
[  196.111016][  T786] usb 3-1: USB disconnect, device number 7
[  196.130349][ T7451] loop0: detected capacity change from 0 to 32768
[  196.161010][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.180857][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.243386][ T7451] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  196.418597][ T7451] XFS (loop0): Ending clean mount
[  196.436019][ T7451] XFS (loop0): Quotacheck needed: Please wait.
[  196.534129][ T7451] XFS (loop0): Quotacheck: Done.
[  196.633859][ T5766] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  196.660490][  T786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.920433][ T7509] loop1: detected capacity change from 0 to 128
[  197.029581][ T7509] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  197.307329][ T7509] ext4 filesystem being mounted at /102/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  197.769493][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.051699][ T7522] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  198.801247][ T5765] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  198.838736][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.689330][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.698110][ T7540] loop0: detected capacity change from 0 to 256
[  199.827441][ T7540] FAT-fs (loop0): Directory bread(block 64) failed
[  199.849656][ T5831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.865874][ T7540] FAT-fs (loop0): Directory bread(block 65) failed
[  199.882978][ T7540] FAT-fs (loop0): Directory bread(block 66) failed
[  199.903316][ T7540] FAT-fs (loop0): Directory bread(block 67) failed
[  199.915739][ T7540] FAT-fs (loop0): Directory bread(block 68) failed
[  199.950781][ T7540] FAT-fs (loop0): Directory bread(block 69) failed
[  199.976416][ T7540] FAT-fs (loop0): Directory bread(block 70) failed
[  199.999310][ T7540] FAT-fs (loop0): Directory bread(block 71) failed
[  200.031505][ T7540] FAT-fs (loop0): Directory bread(block 72) failed
[  200.048550][ T7540] FAT-fs (loop0): Directory bread(block 73) failed
[  200.799259][ T7571] loop2: detected capacity change from 0 to 128
[  200.805511][ T7573] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  200.886109][ T7571] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  200.900764][ T5831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.017753][ T7571] ext4 filesystem being mounted at /98/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  201.891965][    T9] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  201.941421][ T5768] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  201.955373][ T5831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  202.110248][    T9] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  202.128472][    T9] usb 1-1: config 0 has no interface number 0
[  202.151454][    T9] usb 1-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=93.d8
[  202.178942][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.197179][    T9] usb 1-1: Product: syz
[  202.217454][    T9] usb 1-1: Manufacturer: syz
[  202.227786][    T9] usb 1-1: SerialNumber: syz
[  202.243588][    T9] usb 1-1: config 0 descriptor??
[  202.282034][    T9] usb 1-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  202.301753][    T9] usb 1-1: selecting invalid altsetting 1
[  202.307521][    T9] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  202.344083][    T9] usb 1-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[  202.586645][ T7608] loop4: detected capacity change from 0 to 32768
[  202.594759][ T7608] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 12
[  202.729624][  T786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  202.854973][ T7617] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  202.861880][ T5758] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 12
[  202.905843][ T7593] loop1: detected capacity change from 0 to 32768
[  202.938754][ T7593] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  203.004264][ T5831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.128212][ T6322] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  203.269652][ T5771] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  203.839555][ T7579] usb 1-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  203.879220][ T5771] usb 3-1: Using ep0 maxpacket: 32
[  203.952755][ T5771] usb 3-1: config 0 has an invalid interface number: 12 but max is 0
[  204.034190][ T5771] usb 3-1: config 0 has no interface number 0
[  204.120925][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.354757][  T966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.367810][ T5771] usb 3-1: config 0 interface 12 has no altsetting 0
[  204.631961][ T5771] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  204.685948][    T9] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  204.709473][ T5771] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.717515][ T5771] usb 3-1: Product: syz
[  204.748714][    T9] usb 1-1: USB disconnect, device number 6
[  204.756578][ T5771] usb 3-1: Manufacturer: syz
[  204.761620][ T5771] usb 3-1: SerialNumber: syz
[  204.789506][ T5771] usb 3-1: config 0 descriptor??
[  204.884346][ T7639] loop0: detected capacity change from 0 to 128
[  204.972804][ T7641] /dev/loop0: Can't open blockdev
[  205.798985][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.898578][ T5831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.934326][   T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.946554][ T7639] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  205.980503][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.987318][ T7639] ext4 filesystem being mounted at /126/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  205.997495][  T966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  206.042935][ T7643] loop1: detected capacity change from 0 to 2048
[  206.061848][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  206.113415][ T7643] Alternate GPT is invalid, using primary GPT.
[  206.161671][ T7643]  loop1: p2 p3 p7
[  207.059786][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.138297][ T5766] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  207.224648][ T5759] udevd[5759]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  207.236690][ T5758] udevd[5758]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  207.237996][ T5756] udevd[5756]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory
[  207.374092][ T7660] loop0: detected capacity change from 0 to 512
[  207.457975][ T7660] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.552365][ T7660] ext4 filesystem being mounted at /127/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  207.621715][ T7666] netlink: 44 bytes leftover after parsing attributes in process `syz.1.451'.
[  207.657191][ T7666] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.666244][ T7666] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.734815][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.782115][ T5771] f81534 3-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71
[  207.811694][ T7668] netlink: 44 bytes leftover after parsing attributes in process `syz.1.451'.
[  207.821570][ T5771] f81534 3-1:0.12: f81534_find_config_idx: read failed: -71
[  207.864414][ T5771] f81534 3-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  207.884370][ T5771] f81534: probe of 3-1:0.12 failed with error -71
[  207.973487][ T5771] usb 3-1: USB disconnect, device number 8
[  208.088861][   T27] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.109431][ T7674] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  208.261752][ T7680] loop4: detected capacity change from 0 to 64
[  208.924112][ T7680] syz.4.454: attempt to access beyond end of device
[  208.924112][ T7680] loop4: rw=2049, sector=161, nr_sectors = 1 limit=64
[  208.949874][ T7683] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  209.008475][ T7680] Buffer I/O error on dev loop4, logical block 161, lost async page write
[  209.017095][ T7680] syz.4.454: attempt to access beyond end of device
[  209.017095][ T7680] loop4: rw=2049, sector=162, nr_sectors = 1 limit=64
[  209.056229][ T5771] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.110168][ T7680] Buffer I/O error on dev loop4, logical block 162, lost async page write
[  209.142104][ T7680] syz.4.454: attempt to access beyond end of device
[  209.142104][ T7680] loop4: rw=2049, sector=163, nr_sectors = 1 limit=64
[  209.165729][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.177080][ T7680] Buffer I/O error on dev loop4, logical block 163, lost async page write
[  209.185751][ T7680] syz.4.454: attempt to access beyond end of device
[  209.185751][ T7680] loop4: rw=2049, sector=167, nr_sectors = 1 limit=64
[  209.199114][ T7680] Buffer I/O error on dev loop4, logical block 167, lost async page write
[  209.208074][ T7680] syz.4.454: attempt to access beyond end of device
[  209.208074][ T7680] loop4: rw=2049, sector=169, nr_sectors = 1 limit=64
[  209.222288][ T7680] Buffer I/O error on dev loop4, logical block 169, lost async page write
[  209.231005][ T7680] syz.4.454: attempt to access beyond end of device
[  209.231005][ T7680] loop4: rw=2049, sector=171, nr_sectors = 1 limit=64
[  209.244943][ T7680] Buffer I/O error on dev loop4, logical block 171, lost async page write
[  209.253584][ T7680] syz.4.454: attempt to access beyond end of device
[  209.253584][ T7680] loop4: rw=2049, sector=172, nr_sectors = 1 limit=64
[  209.347540][ T7680] Buffer I/O error on dev loop4, logical block 172, lost async page write
[  209.812926][  T966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.194974][ T2134] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.926301][ T7718] netlink: 4 bytes leftover after parsing attributes in process `syz.1.464'.
[  212.174868][ T7718] team0 (unregistering): Port device team_slave_0 removed
[  212.230740][ T7718] team0 (unregistering): Port device team_slave_1 removed
[  213.192932][ T7757] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  213.265498][ T7738] loop1: detected capacity change from 0 to 32768
[  213.568196][ T7770] loop4: detected capacity change from 0 to 128
[  213.644068][ T7770] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  213.736536][ T7770] ext4 filesystem being mounted at /19/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  214.145625][ T7776] tipc: Started in network mode
[  214.150717][ T7776] tipc: Node identity , cluster identity 4711
[  214.156891][ T7776] tipc: Failed to set node id, please configure manually
[  214.164950][ T7776] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  214.544740][ T7170] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  214.651791][ T7782] loop0: detected capacity change from 0 to 128
[  214.724875][ T7782] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  214.779449][ T7782] ext4 filesystem being mounted at /133/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  215.065201][ T7792] loop1: detected capacity change from 0 to 64
[  215.187673][ T7795] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  215.205276][ T7792] syz.1.471: attempt to access beyond end of device
[  215.205276][ T7792] loop1: rw=2049, sector=161, nr_sectors = 1 limit=64
[  215.253035][ T7792] Buffer I/O error on dev loop1, logical block 161, lost async page write
[  215.278902][ T7792] syz.1.471: attempt to access beyond end of device
[  215.278902][ T7792] loop1: rw=2049, sector=162, nr_sectors = 1 limit=64
[  215.312835][ T7792] Buffer I/O error on dev loop1, logical block 162, lost async page write
[  215.338524][ T7792] syz.1.471: attempt to access beyond end of device
[  215.338524][ T7792] loop1: rw=2049, sector=163, nr_sectors = 1 limit=64
[  215.363401][ T7792] Buffer I/O error on dev loop1, logical block 163, lost async page write
[  215.394672][ T7792] syz.1.471: attempt to access beyond end of device
[  215.394672][ T7792] loop1: rw=2049, sector=167, nr_sectors = 1 limit=64
[  215.428327][ T7792] Buffer I/O error on dev loop1, logical block 167, lost async page write
[  215.450645][ T7792] syz.1.471: attempt to access beyond end of device
[  215.450645][ T7792] loop1: rw=2049, sector=169, nr_sectors = 1 limit=64
[  215.569696][ T7792] Buffer I/O error on dev loop1, logical block 169, lost async page write
[  215.578659][ T7792] syz.1.471: attempt to access beyond end of device
[  215.578659][ T7792] loop1: rw=2049, sector=171, nr_sectors = 1 limit=64
[  215.595916][ T5766] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  215.605139][ T7792] Buffer I/O error on dev loop1, logical block 171, lost async page write
[  215.607131][ T7787] loop4: detected capacity change from 0 to 32768
[  215.629864][ T7792] syz.1.471: attempt to access beyond end of device
[  215.629864][ T7792] loop1: rw=2049, sector=172, nr_sectors = 1 limit=64
[  215.670498][ T7787] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1281 transid 8 /dev/loop4 scanned by syz.4.472 (7787)
[  215.716370][ T7792] Buffer I/O error on dev loop1, logical block 172, lost async page write
[  215.911402][ T5758] udevd[5758]: incorrect btrfs checksum on /dev/loop4
[  217.228160][ T7822] loop0: detected capacity change from 0 to 64
[  217.309804][ T7819] loop4: detected capacity change from 0 to 32768
[  217.386720][ T7819] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  217.538751][ T7822] syz.0.485: attempt to access beyond end of device
[  217.538751][ T7822] loop0: rw=2049, sector=161, nr_sectors = 1 limit=64
[  217.608549][ T7822] Buffer I/O error on dev loop0, logical block 161, lost async page write
[  217.718582][ T7822] syz.0.485: attempt to access beyond end of device
[  217.718582][ T7822] loop0: rw=2049, sector=162, nr_sectors = 1 limit=64
[  217.815586][ T7822] Buffer I/O error on dev loop0, logical block 162, lost async page write
[  218.758485][ T7822] syz.0.485: attempt to access beyond end of device
[  218.758485][ T7822] loop0: rw=2049, sector=163, nr_sectors = 1 limit=64
[  218.798416][ T7822] Buffer I/O error on dev loop0, logical block 163, lost async page write
[  219.516015][ T7170] ocfs2: Unmounting device (7,4) on (node local)
[  219.706551][ T7844] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  220.847978][ T7855] loop0: detected capacity change from 0 to 128
[  220.879956][ T7855] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  220.953587][ T7855] ext4 filesystem being mounted at /137/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  221.279612][ T7859] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  221.360025][ T7861] loop4: detected capacity change from 0 to 1024
[  221.392848][ T7861] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.471216][   T28] audit: type=1804 audit(1777854343.929:40): pid=7861 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.483" name="/newroot/25/file1/bus" dev="loop4" ino=18 res=1 errno=0
[  221.772541][ T5766] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  222.274937][ T7170] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.414491][ T7876] loop1: detected capacity change from 0 to 64
[  223.512999][ T7876] bio_check_eod: 4 callbacks suppressed
[  223.513015][ T7876] syz.1.489: attempt to access beyond end of device
[  223.513015][ T7876] loop1: rw=2049, sector=161, nr_sectors = 1 limit=64
[  223.559023][ T7880] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  223.588457][ T7876] buffer_io_error: 4 callbacks suppressed
[  223.588472][ T7876] Buffer I/O error on dev loop1, logical block 161, lost async page write
[  223.611230][ T7866] loop0: detected capacity change from 0 to 32768
[  223.637046][ T7876] syz.1.489: attempt to access beyond end of device
[  223.637046][ T7876] loop1: rw=2049, sector=162, nr_sectors = 1 limit=64
[  223.664078][ T7866] (syz.0.484,7866,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  223.703061][ T7866] (syz.0.484,7866,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  223.704176][ T7876] Buffer I/O error on dev loop1, logical block 162, lost async page write
[  223.767989][ T7866] JBD2: Ignoring recovery information on journal
[  223.768470][ T7876] syz.1.489: attempt to access beyond end of device
[  223.768470][ T7876] loop1: rw=2049, sector=163, nr_sectors = 1 limit=64
[  223.804554][ T7876] Buffer I/O error on dev loop1, logical block 163, lost async page write
[  223.818511][ T7876] syz.1.489: attempt to access beyond end of device
[  223.818511][ T7876] loop1: rw=2049, sector=167, nr_sectors = 1 limit=64
[  223.907340][ T7876] Buffer I/O error on dev loop1, logical block 167, lost async page write
[  223.947473][ T7876] syz.1.489: attempt to access beyond end of device
[  223.947473][ T7876] loop1: rw=2049, sector=169, nr_sectors = 1 limit=64
[  223.949652][ T7866] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  224.024055][ T7876] Buffer I/O error on dev loop1, logical block 169, lost async page write
[  224.071580][ T7876] syz.1.489: attempt to access beyond end of device
[  224.071580][ T7876] loop1: rw=2049, sector=171, nr_sectors = 1 limit=64
[  224.085038][ T7876] Buffer I/O error on dev loop1, logical block 171, lost async page write
[  224.121003][ T7876] syz.1.489: attempt to access beyond end of device
[  224.121003][ T7876] loop1: rw=2049, sector=172, nr_sectors = 1 limit=64
[  224.202142][ T7876] Buffer I/O error on dev loop1, logical block 172, lost async page write
[  225.178249][ T5766] ocfs2: Unmounting device (7,0) on (node local)
[  226.021594][ T7910] loop1: detected capacity change from 0 to 128
[  226.071901][ T7910] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  226.116611][ T7910] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  226.236351][ T7914] loop0: detected capacity change from 0 to 128
[  226.321389][ T7914] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  226.443539][ T7914] ext4 filesystem being mounted at /139/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  226.619179][ T7921] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  226.841734][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  226.852514][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  226.860955][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  226.868994][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  226.870736][ T7928] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  226.876632][   T51] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  226.894102][ T7927] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  226.916464][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  226.937782][ T5780] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  226.947243][ T5780] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  226.961991][ T5780] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  226.973787][ T5780] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  226.983973][ T5780] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  226.992447][ T5780] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  227.147421][ T5766] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  227.352076][ T7936] loop1: detected capacity change from 0 to 64
[  227.677938][ T7936] syz.1.502: attempt to access beyond end of device
[  227.677938][ T7936] loop1: rw=2049, sector=161, nr_sectors = 1 limit=64
[  227.706599][ T7941] loop0: detected capacity change from 0 to 64
[  227.740648][ T7936] Buffer I/O error on dev loop1, logical block 161, lost async page write
[  227.789420][ T7941] hfs: inconsistency in B*Tree (1,0,1,0,3)
[  227.795310][ T7941] hfs: get root inode failed
[  227.818061][ T7936] syz.1.502: attempt to access beyond end of device
[  227.818061][ T7936] loop1: rw=2049, sector=162, nr_sectors = 1 limit=64
[  227.840567][ T7936] Buffer I/O error on dev loop1, logical block 162, lost async page write
[  227.850702][ T7936] syz.1.502: attempt to access beyond end of device
[  227.850702][ T7936] loop1: rw=2049, sector=163, nr_sectors = 1 limit=64
[  227.864447][ T7936] Buffer I/O error on dev loop1, logical block 163, lost async page write
[  228.442760][ T7924] chnl_net:caif_netlink_parms(): no params data found
[  229.551541][ T5780] Bluetooth: hci3: command tx timeout
[  229.848155][ T7924] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.861956][ T7924] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.869709][ T7924] bridge_slave_0: entered allmulticast mode
[  229.876990][ T7924] bridge_slave_0: entered promiscuous mode
[  229.886425][ T7924] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.895319][ T7924] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.902799][ T7924] bridge_slave_1: entered allmulticast mode
[  229.914732][ T7924] bridge_slave_1: entered promiscuous mode
[  229.966889][ T7924] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  230.000869][ T7924] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  230.011086][ T7969] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  230.103114][ T7924] team0: Port device team_slave_0 added
[  230.122130][ T7924] team0: Port device team_slave_1 added
[  230.214495][ T7980] loop1: detected capacity change from 0 to 128
[  230.233566][ T7924] batman_adv: batadv0: Adding interface: batadv_slave_0
[  230.250656][ T7924] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.297600][ T7983] loop4: detected capacity change from 0 to 64
[  230.305458][ T7924] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  230.319083][ T7924] batman_adv: batadv0: Adding interface: batadv_slave_1
[  230.326556][ T7924] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.334338][ T7980] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  230.352916][ T7924] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  230.545150][ T7980] ext4 filesystem being mounted at /132/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  230.578223][ T7924] hsr_slave_0: entered promiscuous mode
[  230.638971][ T7924] hsr_slave_1: entered promiscuous mode
[  230.666773][ T7985] loop0: detected capacity change from 0 to 32768
[  230.677669][ T7924] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  230.695902][ T7985] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.513 (7985)
[  230.719999][ T7924] Cannot create hsr debugfs directory
[  230.736474][ T7985] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  230.746708][ T7985] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  230.757185][ T7985] BTRFS info (device loop0): turning on async discard
[  230.764025][ T7985] BTRFS info (device loop0): metadata ratio 0
[  230.770147][ T7985] BTRFS info (device loop0): setting nodatasum
[  230.776321][ T7985] BTRFS info (device loop0): using free space tree
[  231.068965][ T7985] BTRFS info (device loop0): enabling ssd optimizations
[  231.095675][ T8001] tipc: Started in network mode
[  231.100717][ T8001] tipc: Node identity , cluster identity 4711
[  231.106800][ T8001] tipc: Failed to set node id, please configure manually
[  231.113955][ T8001] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  231.123189][ T7998] loop4: detected capacity change from 0 to 4096
[  231.157211][ T7998] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  231.414090][ T5765] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  231.574260][   T28] audit: type=1800 audit(1777854353.979:41): pid=8012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.513" name="file1" dev="loop0" ino=260 res=0 errno=0
[  231.633296][ T5780] Bluetooth: hci3: command tx timeout
[  232.244035][ T5766] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  233.304816][ T7924] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  233.578764][ T7924] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  233.689691][ T5780] Bluetooth: hci3: command tx timeout
[  233.933528][ T7924] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  234.033966][ T7924] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  234.097833][ T8036] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  234.191964][ T7924] 8021q: adding VLAN 0 to HW filter on device bond0
[  234.294156][ T7924] 8021q: adding VLAN 0 to HW filter on device team0
[  234.352318][ T6816] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.359526][ T6816] bridge0: port 1(bridge_slave_0) entered forwarding state
[  234.406263][ T6816] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.413477][ T6816] bridge0: port 2(bridge_slave_1) entered forwarding state
[  234.511711][ T8043] loop1: detected capacity change from 0 to 64
[  234.578204][ T7924] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  234.797900][ T8048] loop1: detected capacity change from 0 to 128
[  234.861019][ T8048] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  234.922703][ T8048] ext4 filesystem being mounted at /137/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  235.136140][ T8032] loop4: detected capacity change from 0 to 32768
[  235.148611][ T8039] loop0: detected capacity change from 0 to 32768
[  235.185100][ T7924] 8021q: adding VLAN 0 to HW filter on device batadv0
[  235.321884][ T8032] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  235.395444][ T8068] tipc: Started in network mode
[  235.400463][ T8068] tipc: Node identity , cluster identity 4711
[  235.406538][ T8068] tipc: Failed to set node id, please configure manually
[  235.413767][ T8068] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  235.561969][ T8032] XFS (loop4): Ending clean mount
[  235.650216][ T8032] XFS (loop4): Quotacheck needed: Please wait.
[  235.781716][ T5780] Bluetooth: hci3: command tx timeout
[  235.804699][ T5765] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  235.816829][ T8074] overlayfs: missing 'lowerdir'
[  235.894013][ T8032] XFS (loop4): Quotacheck: Done.
[  237.150995][ T7170] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  237.265245][ T8089] loop1: detected capacity change from 0 to 128
[  237.268771][ T7924] veth0_vlan: entered promiscuous mode
[  237.311891][ T7924] veth1_vlan: entered promiscuous mode
[  237.313763][ T8089] EXT4-fs: Ignoring removed nomblk_io_submit option
[  237.375609][ T8089] EXT4-fs (loop1): Test dummy encryption mode enabled
[  237.426563][ T8089] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  237.439927][ T7924] veth0_macvtap: entered promiscuous mode
[  237.476297][ T8089] ext4 filesystem being mounted at /138/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  237.499050][ T7924] veth1_macvtap: entered promiscuous mode
[  237.583309][ T7924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  237.627199][ T7924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.647313][ T7924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  237.668456][ T7924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.688877][ T7924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  237.720285][ T7924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.758449][ T7924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  237.786244][ T7924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.797843][ T8095] loop4: detected capacity change from 0 to 4096
[  237.817247][ T7924] batman_adv: batadv0: Interface activated: batadv_slave_0
[  237.853346][ T7924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  237.878819][ T8098] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  237.891200][ T7924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.912824][ T7924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  237.936467][ T7924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.970316][ T7924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.001807][ T7924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.038425][ T7924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.075884][ T8095] NILFS (loop4): bad btree node (ino=288230376151711747, blocknr=3): level = 0, flags = 0x0, nchildren = 0
[  238.078374][ T7924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.095673][ T8095] NILFS (loop4): error -5 preparing GC: cannot read source blocks
[  238.169128][ T7924] batman_adv: batadv0: Interface activated: batadv_slave_1
[  238.183983][ T5765] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  238.197925][ T8087] loop0: detected capacity change from 0 to 32768
[  238.284044][ T7924] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  238.313922][ T7924] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  238.323587][ T7924] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  238.333906][ T7924] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  238.569826][ T6805] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.577701][ T6805] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.641825][ T6805] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.657036][ T6805] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  239.405968][ T8099] syz.4.524 (8099): drop_caches: 2
[  239.412225][ T8087] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  239.537854][ T8087] XFS (loop0): Ending clean mount
[  239.600761][ T8130] loop4: detected capacity change from 0 to 64
[  239.606504][ T8126] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  239.613716][ T8087] XFS (loop0): Quotacheck needed: Please wait.
[  239.758498][ T8087] XFS (loop0): Quotacheck: Done.
[  239.824836][ T8132] loop5: detected capacity change from 0 to 4096
[  240.120960][ T5766] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  241.064938][ T8145] loop5: detected capacity change from 0 to 4096
[  241.108032][ T8145] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512).
[  241.152546][ T8136] loop1: detected capacity change from 0 to 32768
[  241.255391][ T8136] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  241.389321][ T8136] JBD2: Ignoring recovery information on journal
[  241.461731][ T8158] loop4: detected capacity change from 0 to 128
[  241.499505][ T8158] EXT4-fs: Ignoring removed nomblk_io_submit option
[  241.553396][ T8158] EXT4-fs (loop4): Test dummy encryption mode enabled
[  241.559778][ T8136] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  241.681938][ T8158] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  241.738912][ T8158] ext4 filesystem being mounted at /42/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  242.562041][ T8150] loop0: detected capacity change from 0 to 32768
[  242.580775][ T5765] ocfs2: Unmounting device (7,1) on (node local)
[  242.592897][ T8150] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.541 (8150)
[  242.951076][ T8150] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  243.120542][ T7170] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  243.175847][ T8150] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  243.263962][ T8150] BTRFS info (device loop0): force zlib compression, level 3
[  243.346884][ T8150] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  243.423787][ T8150] BTRFS info (device loop0): use zstd compression, level 3
[  243.512423][ T8150] BTRFS info (device loop0): enabling ssd optimizations
[  243.742564][ T8150] BTRFS info (device loop0): using free space tree
[  243.963829][ T8150] BTRFS info (device loop0): auto enabling async discard
[  244.767046][ T5766] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  244.796697][ T8212] loop5: detected capacity change from 0 to 4096
[  244.938508][ T8223] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  245.013370][ T8212] NILFS (loop5): bad btree node (ino=288230376151711747, blocknr=3): level = 0, flags = 0x0, nchildren = 0
[  245.122990][ T8212] NILFS (loop5): error -5 preparing GC: cannot read source blocks
[  246.060837][ T8235] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  246.296296][ T8231] loop4: detected capacity change from 0 to 32768
[  246.975295][ T8238] loop0: detected capacity change from 0 to 32768
[  247.090507][ T8212] syz.5.538 (8212): drop_caches: 2
[  247.134305][ T8231] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  247.167893][ T8231] JBD2: Ignoring recovery information on journal
[  247.305590][ T8231] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  248.147894][ T8258] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  248.273264][ T7170] ocfs2: Unmounting device (7,4) on (node local)
[  248.663610][ T8254] loop1: detected capacity change from 0 to 32768
[  248.699589][ T8254] (syz.1.556,8254,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  248.741998][ T8254] (syz.1.556,8254,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  248.794219][ T8254] JBD2: Ignoring recovery information on journal
[  248.875185][ T8254] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  249.378248][ T5765] ocfs2: Unmounting device (7,1) on (node local)
[  249.405698][ T8262] loop0: detected capacity change from 0 to 32768
[  249.531225][ T8275] loop1: detected capacity change from 0 to 1024
[  249.565813][ T8275] EXT4-fs: Ignoring removed orlov option
[  249.619612][ T8275] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  249.675291][ T8282] netlink: 4 bytes leftover after parsing attributes in process `syz.5.566'.
[  249.732902][   T28] audit: type=1800 audit(1777854372.189:42): pid=8275 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.563" name="bus" dev="loop1" ino=18 res=0 errno=0
[  249.851764][ T8282] team0 (unregistering): Port device team_slave_0 removed
[  249.863777][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.916441][ T8282] team0 (unregistering): Port device team_slave_1 removed
[  250.031232][ T8286] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  250.301441][ T8292] loop1: detected capacity change from 0 to 64
[  250.535746][ T8297] loop0: detected capacity change from 0 to 4096
[  250.611911][ T8300] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  250.858646][ T8294] loop5: detected capacity change from 0 to 32768
[  251.317730][ T8302] loop0: detected capacity change from 0 to 32768
[  251.552496][ T8305] loop1: detected capacity change from 0 to 1024
[  251.560240][ T8305] EXT4-fs: Ignoring removed orlov option
[  251.606770][ T8305] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.808440][   T28] audit: type=1800 audit(1777919910.259:43): pid=8305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.575" name="bus" dev="loop1" ino=18 res=0 errno=0
[  251.883139][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.112701][ T8309] loop4: detected capacity change from 0 to 32768
[  252.122479][ T8309] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.577 (8309)
[  252.151702][ T8309] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  252.162054][ T8309] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  252.170840][ T8309] BTRFS info (device loop4): turning on async discard
[  252.177643][ T8309] BTRFS info (device loop4): metadata ratio 0
[  252.183855][ T8309] BTRFS info (device loop4): setting nodatasum
[  252.190124][ T8309] BTRFS info (device loop4): using free space tree
[  252.299584][ T8309] BTRFS info (device loop4): enabling ssd optimizations
[  252.354420][ T8333] loop0: detected capacity change from 0 to 64
[  252.395608][ T8327] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  252.738640][   T28] audit: type=1800 audit(1777919911.139:44): pid=8338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.577" name="file1" dev="loop4" ino=260 res=0 errno=0
[  253.167071][ T7170] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  253.270537][ T8344] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  253.546321][ T5759] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop4 scanned by udevd (5759)
[  253.713614][ T8352] set_capacity_and_notify: 1 callbacks suppressed
[  253.713629][ T8352] loop0: detected capacity change from 0 to 1024
[  253.779918][ T8352] EXT4-fs: Ignoring removed orlov option
[  254.096080][ T8352] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  254.588384][   T28] audit: type=1800 audit(1777985449.017:45): pid=8352 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.586" name="bus" dev="loop0" ino=18 res=0 errno=0
[  254.755876][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.826555][ T8339] loop5: detected capacity change from 0 to 32768
[  255.073637][ T8368] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  255.855285][ T8377] loop0: detected capacity change from 0 to 32768
[  255.878958][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  255.885286][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  255.921912][ T8377] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10
[  256.249664][ T8379] loop1: detected capacity change from 0 to 32768
[  256.315245][ T8379] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10
[  256.583658][ T8376] loop5: detected capacity change from 0 to 4096
[  256.788827][ T8385] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  257.036578][ T5758] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10
[  257.454494][ T5759] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10
[  258.418938][ T8399] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  261.834206][ T8418] loop5: detected capacity change from 0 to 4096
[  262.026532][ T8420] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  262.213206][ T8422] loop4: detected capacity change from 0 to 64
[  263.351420][ T8419] loop0: detected capacity change from 0 to 256
[  263.358099][ T8419] exfat: Unknown parameter 'zero_size_dir'
[  263.449852][ T8432] Bluetooth: hci0: invalid length 0, exp 2 for type 22
[  264.783134][ T8451] loop0: detected capacity change from 0 to 64
[  266.325545][ T8461] loop4: detected capacity change from 0 to 256
[  266.336462][ T8461] exfat: Unknown parameter 'zero_size_dir'
[  266.509018][ T8440] loop5: detected capacity change from 0 to 32768
[  266.558470][ T5758] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  266.781543][ T8466] Bluetooth: hci0: invalid length 0, exp 2 for type 22
[  267.017080][ T8472] loop0: detected capacity change from 0 to 64
[  268.348566][ T2134] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  268.538508][ T2134] usb 6-1: Using ep0 maxpacket: 8
[  268.550783][ T2134] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  268.566619][ T2134] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  268.576694][ T2134] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.594196][ T2134] usb 6-1: config 0 descriptor??
[  268.873531][ T2134] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  269.132291][    C1] iowarrior 6-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19
[  269.257052][ T8490] Bluetooth: hci0: invalid length 0, exp 2 for type 22
[  269.264072][ T2134] usb 6-1: USB disconnect, device number 2
[  271.263976][ T8496] loop1: detected capacity change from 0 to 256
[  271.349107][ T8496] exfat: Unknown parameter 'zero_size_dir'
[  271.678237][ T8503] loop5: detected capacity change from 0 to 64
[  271.896390][ T8507] loop0: detected capacity change from 0 to 2048
[  271.936559][ T8507] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  271.957220][ T8509] loop4: detected capacity change from 0 to 2048
[  272.098223][ T8509] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  272.110872][   T28] audit: type=1800 audit(1778116538.552:46): pid=8507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.644" name="file1" dev="loop0" ino=1367 res=0 errno=0
[  272.229552][ T8517] netlink: 32 bytes leftover after parsing attributes in process `syz.1.649'.
[  273.075532][ T7170] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.080983][ T8526] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  273.238956][ T5828] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  273.433849][ T5828] usb 2-1: Using ep0 maxpacket: 16
[  273.461567][ T5828] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xF3, skipping
[  273.502286][ T5828] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  273.540955][ T5828] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.565714][ T5828] usb 2-1: Product: syz
[  273.570312][ T5828] usb 2-1: Manufacturer: syz
[  273.575025][ T5828] usb 2-1: SerialNumber: syz
[  273.582344][ T5828] usb 2-1: config 0 descriptor??
[  274.806288][ T8552] loop5: detected capacity change from 0 to 1024
[  275.663313][ T8552] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  275.695486][ T8552] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.767502][   T28] audit: type=1800 audit(1778116542.222:47): pid=8552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.661" name="file1" dev="loop5" ino=15 res=0 errno=0
[  275.814916][ T8561] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  275.870956][ T7924] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.999822][ T5771] usb 2-1: USB disconnect, device number 10
[  276.086277][ T8564] loop0: detected capacity change from 0 to 1024
[  276.146613][ T8564] EXT4-fs: Ignoring removed orlov option
[  276.254678][ T8565] loop5: detected capacity change from 0 to 32768
[  276.323556][ T8565] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 10
[  277.684072][ T8564] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  278.811629][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.868038][ T8599] netlink: 20 bytes leftover after parsing attributes in process `syz.1.672'.
[  280.433646][ T8602] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  280.738859][ T8608] loop1: detected capacity change from 0 to 32768
[  280.747090][ T8608] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10
[  280.869120][   T27] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  280.960313][   T27] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  280.996623][ T5758] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10
[  281.008469][ T5771] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  281.398464][ T5771] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  281.448043][ T5771] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  281.497825][ T5771] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  281.516195][ T8604] loop0: detected capacity change from 0 to 32768
[  281.546177][ T5771] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.604192][ T5771] usb 5-1: config 0 descriptor??
[  281.630595][ T8604] (syz.0.674,8604,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  281.667618][ T5771] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  281.685811][ T8604] (syz.0.674,8604,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  281.688856][ T5771] dvb-usb: bulk message failed: -22 (3/0)
[  281.720533][ T5771] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  281.758474][ T2134] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  281.871020][ T8604] JBD2: Ignoring recovery information on journal
[  281.899682][ T8606] dvb-usb: bulk message failed: -22 (2/0)
[  281.907060][ T5771] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  281.914861][ T5771] usb 5-1: media controller created
[  281.921709][ T5771] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  281.937727][ T5771] dvb-usb: bulk message failed: -22 (6/0)
[  281.945713][ T5771] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  281.967561][ T5771] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input11
[  281.969098][ T2134] usb 6-1: config 0 has no interfaces?
[  282.239694][ T5771] dvb-usb: schedule remote query interval to 150 msecs.
[  282.390765][ T5771] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  282.533432][ T8604] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  282.630930][ T2134] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  282.694976][ T5772] dvb-usb: bulk message failed: -22 (1/0)
[  282.698377][ T2134] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  282.706166][ T5771] usb 5-1: USB disconnect, device number 2
[  282.715007][ T5772] dvb-usb: error while querying for an remote control event.
[  282.758470][ T2134] usb 6-1: SerialNumber: syz
[  282.792113][ T2134] usb 6-1: config 0 descriptor??
[  282.862902][ T5771] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  282.908555][ T8625] loop4: detected capacity change from 0 to 4096
[  283.002110][ T5766] ocfs2: Unmounting device (7,0) on (node local)
[  283.070753][ T8627] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  284.127078][ T8634] loop4: detected capacity change from 0 to 4096
[  284.195125][ T8642] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  284.874646][ T2134] usb 6-1: USB disconnect, device number 3
[  284.983554][ T8648] loop1: detected capacity change from 0 to 256
[  285.312331][   T28] audit: type=1800 audit(1778116551.772:48): pid=8656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.685" name="file1" dev="loop4" ino=15 res=0 errno=0
[  285.459103][ T8658] loop1: detected capacity change from 0 to 4096
[  285.978586][ T8659] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  287.296778][ T8653] loop0: detected capacity change from 0 to 32768
[  287.338364][ T8653] (syz.0.690,8653,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  287.476892][ T8653] (syz.0.690,8653,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  288.316356][ T8653] workqueue: Failed to create a rescuer kthread for wq "ocfs2_wq": -EINTR
[  288.316692][ T8653] (syz.0.690,8653,1):ocfs2_initialize_super:2285 ERROR: status = -12
[  288.399134][ T8653] (syz.0.690,8653,0):ocfs2_fill_super:1178 ERROR: status = -12
[  289.209494][ T8684] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  289.274465][ T8670] loop1: detected capacity change from 0 to 32768
[  289.327083][ T8670] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  289.442434][ T8670] XFS (loop1): Ending clean mount
[  289.459190][ T8698] loop5: detected capacity change from 0 to 4096
[  289.549378][ T8699] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  289.569029][ T5765] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  292.108118][ T8724] loop9: detected capacity change from 0 to 524287936
[  292.202037][ T8728] loop1: detected capacity change from 0 to 4096
[  292.250572][ T8730] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  292.350619][ T7645] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  292.606407][ T7645] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00
[  292.626973][ T7645] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  292.639611][ T7645] usb 5-1: Product: syz
[  293.630912][ T7645] usb 5-1: SerialNumber: syz
[  293.825539][ T8717] loop5: detected capacity change from 0 to 32768
[  293.845933][ T8717] (syz.5.706,8717,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  293.867277][ T7645] usb 5-1: config 0 descriptor??
[  293.889897][ T8717] (syz.5.706,8717,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  294.165980][ T8717] JBD2: Ignoring recovery information on journal
[  294.456004][ T8717] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  294.594573][ T7924] ocfs2: Unmounting device (7,5) on (node local)
[  295.050665][ T5772] Process accounting resumed
[  295.323719][ T8755] loop0: detected capacity change from 0 to 512
[  295.390478][ T8755] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.411606][ T8755] ext4 filesystem being mounted at /199/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  295.529298][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.145776][ T8751] Process accounting resumed
[  296.178586][   T27] usb 5-1: USB disconnect, device number 3
[  296.296746][ T8754] loop5: detected capacity change from 0 to 131072
[  296.362592][ T8761] loop4: detected capacity change from 0 to 4096
[  296.373323][ T8754] F2FS-fs (loop5): Found nat_bits in checkpoint
[  296.427367][ T8767] loop0: detected capacity change from 0 to 1024
[  296.533069][ T8770] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  296.600429][ T8754] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  297.504968][ T8774] netlink: 44 bytes leftover after parsing attributes in process `syz.4.723'.
[  297.566109][ T8774] netlink: 12 bytes leftover after parsing attributes in process `syz.4.723'.
[  297.990318][ T8782] loop0: detected capacity change from 0 to 32768
[  298.005275][ T8782] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10
[  299.908844][   T27] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  300.120736][ T8800] loop5: detected capacity change from 0 to 4096
[  300.149024][   T27] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00
[  300.200900][   T27] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  300.232763][   T27] usb 5-1: Product: syz
[  300.241463][   T27] usb 5-1: SerialNumber: syz
[  300.246909][ T8805] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  300.279043][   T27] usb 5-1: config 0 descriptor??
[  301.470515][ T5771] Process accounting resumed
[  301.571197][ T8816] team0: entered allmulticast mode
[  301.576367][ T8816] team_slave_0: entered allmulticast mode
[  301.594187][ T8816] team_slave_1: entered allmulticast mode
[  301.760779][ T8807] loop1: detected capacity change from 0 to 32768
[  301.783772][ T8807] OCFS2: ERROR (device loop1): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #69: i_blkno is 0
[  301.812732][ T8807] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  301.827175][ T8807] OCFS2: File system is now read-only.
[  301.833994][ T8807] (syz.1.733,8807,0):ocfs2_read_locked_inode:521 ERROR: status = -30
[  301.846910][ T8807] (syz.1.733,8807,0):_ocfs2_get_system_file_inode:144 ERROR: status = -30
[  301.857013][ T8807] (syz.1.733,8807,0):ocfs2_init_global_system_inodes:461 ERROR: status = -30
[  301.867273][ T8807] (syz.1.733,8807,0):ocfs2_init_global_system_inodes:463 ERROR: Unable to load system inode 2, possibly corrupt fs?
[  301.867304][ T8807] (syz.1.733,8807,0):ocfs2_init_global_system_inodes:472 ERROR: status = -30
[  301.895945][ T8807] (syz.1.733,8807,0):ocfs2_initialize_super:2254 ERROR: status = -30
[  301.916274][ T8807] (syz.1.733,8807,0):ocfs2_fill_super:1178 ERROR: status = -30
[  302.529362][ T8815] Process accounting resumed
[  302.546956][ T5771] usb 5-1: USB disconnect, device number 4
[  302.745675][ T8826] loop1: detected capacity change from 0 to 32768
[  302.754204][ T8826] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10
[  303.006433][ T5758] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10
[  303.869504][ T8828] loop4: detected capacity change from 0 to 32768
[  304.026232][ T8828] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  304.825237][ T8828] XFS (loop4): Ending clean mount
[  305.700743][ T8854] loop5: detected capacity change from 0 to 128
[  305.751298][ T8853] loop1: detected capacity change from 0 to 128
[  305.813143][ T8854] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  305.823660][ T8853] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  305.853117][ T8853] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  305.898569][ T8854] ext4 filesystem being mounted at /49/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  306.037913][ T7170] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  306.488517][ T5831] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  306.763099][ T8870] loop1: detected capacity change from 0 to 32768
[  306.794857][ T8870] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10
[  307.081568][ T8874] tipc: Started in network mode
[  307.306164][ T8874] tipc: Node identity , cluster identity 4711
[  307.758873][ T5831] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00
[  307.763491][ T8874] tipc: Failed to set node id, please configure manually
[  307.778279][ T5831] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  307.786383][ T5831] usb 1-1: Product: syz
[  307.787290][ T5758] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10
[  307.790636][ T5831] usb 1-1: SerialNumber: syz
[  307.808824][ T8874] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  307.872334][ T5831] usb 1-1: config 0 descriptor??
[  308.616896][ T6816] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.695109][ T7645] Process accounting resumed
[  309.969604][ T6816] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.047203][ T8898] loop4: detected capacity change from 0 to 1024
[  310.113951][ T6816] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.168075][ T8898] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  310.295732][ T6816] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.345318][ T8908] netlink: 12 bytes leftover after parsing attributes in process `syz.1.758'.
[  310.385322][ T8908] loop1: detected capacity change from 0 to 512
[  310.399999][ T8908] EXT4-fs: Ignoring removed nobh option
[  310.459952][ T7170] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.475803][ T8908] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #3: comm syz.1.758: corrupted inode contents
[  310.501275][ T8908] EXT4-fs (loop1): Remounting filesystem read-only
[  310.522410][ T8908] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  310.534166][ T8908] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  310.542589][ T8908] CPU: 1 PID: 8908 Comm: syz.1.758 Not tainted syzkaller #0
[  310.549882][ T8908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  310.559950][ T8908] RIP: 0010:ext4_ext_map_blocks+0x2d04/0x6800
[  310.566045][ T8908] Code: 8b 04 24 89 18 89 9c 24 38 01 00 00 4c 8b 7c 24 10 4d 85 ff 0f 84 bd 00 00 00 e8 f7 e0 58 ff 49 8d 7f 08 48 89 f8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 3d 1e 00 00 41 0f b7 47 08 c1 e0 04 48
[  310.585666][ T8908] RSP: 0018:ffffc9000c69eae0 EFLAGS: 00010246
[  310.591747][ T8908] RAX: 0000000000000000 RBX: fffffffffffffffb RCX: 0000000000080000
[  310.599728][ T8908] RDX: ffffc9000dfae000 RSI: 000000000003b927 RDI: 0000000000000003
[  310.607713][ T8908] RBP: ffffc9000c69ed90 R08: ffff8880317e3c00 R09: 0000000000000002
[  310.615697][ T8908] R10: 00000000ffffffe4 R11: 0000000000000002 R12: 0000000000000001
[  310.623683][ T8908] R13: 1ffff920018d3d88 R14: dffffc0000000000 R15: fffffffffffffffb
[  310.631670][ T8908] FS:  00007fe3c44ab6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  310.640608][ T8908] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  310.647201][ T8908] CR2: 00007fe3b3c3f000 CR3: 00000000297fa000 CR4: 00000000003506e0
[  310.655191][ T8908] Call Trace:
[  310.658496][ T8908]  <TASK>
[  310.661450][ T8908]  ? __might_sleep+0xe0/0xe0
[  310.666064][ T8908]  ? ext4_ext_release+0x10/0x10
[  310.670947][ T8908]  ext4_map_blocks+0x9e2/0x1b80
[  310.675828][ T8908]  ? ext4_issue_zeroout+0x250/0x250
[  310.681053][ T8908]  ? kasan_set_track+0x5f/0x70
[  310.685834][ T8908]  ? kasan_set_track+0x4e/0x70
[  310.690612][ T8908]  ? __kasan_kmalloc+0x8f/0xa0
[  310.695397][ T8908]  ext4_getblk+0x1d0/0x6f0
[  310.699829][ T8908]  ? ext4_process_orphan+0x54/0x300
[  310.705036][ T8908]  ? ext4_orphan_cleanup+0xbec/0x1420
[  310.710417][ T8908]  ? ext4_get_block_unwritten+0x100/0x100
[  310.716177][ T8908]  ext4_bread+0x2a/0x170
[  310.720447][ T8908]  ext4_quota_write+0x23a/0x580
[  310.725322][ T8908]  ? ext4_quota_read+0x380/0x380
[  310.730283][ T8908]  ? get_free_dqblk+0x49/0x710
[  310.735064][ T8908]  ? rcu_is_watching+0x15/0xb0
[  310.739849][ T8908]  get_free_dqblk+0x35a/0x710
[  310.744550][ T8908]  ? ext4_quota_read+0x380/0x380
[  310.749503][ T8908]  do_insert_tree+0x253/0x10a0
[  310.754286][ T8908]  ? get_free_dqblk+0x4a2/0x710
[  310.759159][ T8908]  do_insert_tree+0xa1a/0x10a0
[  310.763962][ T8908]  do_insert_tree+0xa1a/0x10a0
[  310.768754][ T8908]  do_insert_tree+0xa1a/0x10a0
[  310.773540][ T8908]  qtree_write_dquot+0x4a1/0x5d0
[  310.778498][ T8908]  ? qtree_entry_unused+0xe0/0xe0
[  310.783540][ T8908]  ? down_write+0x16e/0x200
[  310.788099][ T8908]  ? rcu_is_watching+0x15/0xb0
[  310.792895][ T8908]  v2_write_dquot+0x10c/0x1a0
[  310.797687][ T8908]  dquot_acquire+0x320/0x610
[  310.802317][ T8908]  ext4_acquire_dquot+0x2e3/0x4b0
[  310.807382][ T8908]  dqget+0x77c/0xeb0
[  310.811303][ T8908]  __dquot_initialize+0x3c7/0xcd0
[  310.816360][ T8908]  ? dquot_initialize+0x20/0x20
[  310.821233][ T8908]  ? ext4_get_projid+0x140/0x140
[  310.826203][ T8908]  ext4_process_orphan+0x54/0x300
[  310.831245][ T8908]  ext4_orphan_cleanup+0xbec/0x1420
[  310.836460][ T8908]  ? ext4_orphan_del+0xbf0/0xbf0
[  310.841407][ T8908]  ? ext4_register_li_request+0x183/0x940
[  310.847158][ T8908]  ? errseq_check_and_advance+0x66/0x120
[  310.852816][ T8908]  ext4_fill_super+0x5eea/0x67b0
[  310.857779][ T8908]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  310.864039][ T8908]  ? __might_sleep+0xe0/0xe0
[  310.868648][ T8908]  ? read_lock_is_recursive+0x20/0x20
[  310.874043][ T8908]  ? snprintf+0xe9/0x140
[  310.878303][ T8908]  ? down_read_killable+0x340/0x340
[  310.883518][ T8908]  ? setup_bdev_super+0x56b/0x660
[  310.888557][ T8908]  get_tree_bdev+0x3f3/0x520
[  310.893156][ T8908]  ? vfs_parse_fs_string+0x170/0x170
[  310.898452][ T8908]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  310.904704][ T8908]  ? setup_bdev_super+0x660/0x660
[  310.909737][ T8908]  ? apparmor_capable+0x137/0x1a0
[  310.914771][ T8908]  ? bpf_lsm_capable+0x9/0x10
[  310.919467][ T8908]  ? security_capable+0x89/0xb0
[  310.924334][ T8908]  vfs_get_tree+0x8c/0x280
[  310.928760][ T8908]  do_new_mount+0x24b/0xa40
[  310.933285][ T8908]  __se_sys_mount+0x2e7/0x3d0
[  310.938002][ T8908]  ? __x64_sys_mount+0xc0/0xc0
[  310.942783][ T8908]  ? lockdep_hardirqs_on+0x98/0x150
[  310.947992][ T8908]  ? __x64_sys_mount+0x20/0xc0
[  310.952815][ T8908]  do_syscall_64+0x55/0xa0
[  310.957235][ T8908]  ? clear_bhb_loop+0x40/0x90
[  310.961926][ T8908]  ? clear_bhb_loop+0x40/0x90
[  310.966614][ T8908]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  310.972521][ T8908] RIP: 0033:0x7fe3c359e04a
[  310.976958][ T8908] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  310.996576][ T8908] RSP: 002b:00007fe3c44aae58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  311.005013][ T8908] RAX: ffffffffffffffda RBX: 00007fe3c44aaee0 RCX: 00007fe3c359e04a
[  311.013007][ T8908] RDX: 0000200000000340 RSI: 0000200000000980 RDI: 00007fe3c44aaea0
[  311.021009][ T8908] RBP: 0000200000000340 R08: 00007fe3c44aaee0 R09: 0000000003000010
[  311.026765][ T8863] Process accounting resumed
[  311.028977][ T8908] R10: 0000000003000010 R11: 0000000000000246 R12: 0000200000000980
[  311.028992][ T8908] R13: 00007fe3c44aaea0 R14: 0000000000000519 R15: 000000000000002c
[  311.029014][ T8908]  </TASK>
[  311.029020][ T8908] Modules linked in:
[  311.029095][    C1] vkms_vblank_simulate: vblank timer overrun
[  311.056197][ T8908] ---[ end trace 0000000000000000 ]---
[  311.078702][ T8908] RIP: 0010:ext4_ext_map_blocks+0x2d04/0x6800
[  311.085099][ T8908] Code: 8b 04 24 89 18 89 9c 24 38 01 00 00 4c 8b 7c 24 10 4d 85 ff 0f 84 bd 00 00 00 e8 f7 e0 58 ff 49 8d 7f 08 48 89 f8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 3d 1e 00 00 41 0f b7 47 08 c1 e0 04 48
[  311.087054][ T7924] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  311.108680][ T2134] usb 1-1: USB disconnect, device number 7
[  311.128901][ T6816] tipc: Left network mode
[  311.143701][ T8908] RSP: 0018:ffffc9000c69eae0 EFLAGS: 00010246
[  311.149872][ T8908] RAX: 0000000000000000 RBX: fffffffffffffffb RCX: 0000000000080000
[  311.170581][ T8908] RDX: ffffc9000dfae000 RSI: 000000000003b927 RDI: 0000000000000003
[  311.207836][ T8908] RBP: ffffc9000c69ed90 R08: ffff8880317e3c00 R09: 0000000000000002
[  311.233381][ T8908] R10: 00000000ffffffe4 R11: 0000000000000002 R12: 0000000000000001
[  311.266205][ T8908] R13: 1ffff920018d3d88 R14: dffffc0000000000 R15: fffffffffffffffb
[  311.285611][ T8908] FS:  00007fe3c44ab6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  311.306518][ T8908] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  311.321398][ T8908] CR2: 00007f170677f000 CR3: 00000000297fa000 CR4: 00000000003506e0
[  311.335296][ T8908] Kernel panic - not syncing: Fatal exception
[  311.341725][ T8908] Kernel Offset: disabled
[  311.346049][ T8908] Rebooting in 86400 seconds..