last executing test programs:

4m59.568261173s ago: executing program 1 (id=111):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=@updpolicy={0xb4, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x7}}, 0xb4}}, 0x10)

4m59.452069398s ago: executing program 1 (id=112):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000200)=0x7, 0x4)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000280)=0x3, 0x4)

4m58.781774862s ago: executing program 4 (id=114):
r0 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x800334e, 0x10, 0x3, 0x800}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185500, 0x12345})
io_uring_enter(r0, 0x7277, 0x4000, 0x0, 0x0, 0x0)

4m58.466971192s ago: executing program 1 (id=116):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000080)={<r1=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x0, @rand_addr=0x64010100}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r1, @in={{0x2, 0x8, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xce03d4}, 0x9c)

4m58.010419041s ago: executing program 1 (id=119):
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f00000000c0)='./file1\x00', 0x4490, &(0x7f0000002cc0)=ANY=[], 0xfd, 0x2a2, &(0x7f0000000f40)="$eJzs3cFqE0Ecx/HfbLZNtKVubUWQnqoFT9LWi3gpSN7AiydRmwjFUMFWUE/Rs/gA3vsKPoBHT+JZ6M2TD5BbZGZnzSbZTWJM3CR+P5CwMfOfncnMOvPfEiIA/6171fOz2z/sw0gllSTdlQJJFSmUdEVXKy+PT49OG/XaoIpKLsI+jOJI01fm8LieFWrjXIQX2VehVtP/humofFdza6XoVqBo7urPEEhlf3W69yv/vGXT0Sy6AQUzLbX0SmtFtwMAUCy//gd+nV/1+/cgkHb8sh+v/8mufs4X0FbRDZiyz0PeT63/LstqGzu+l9xbnXzPDXaopb9ry7LimdW1wTTDskrXluDC06NG/dbh80Yt0DsdeKkGbbrnWjx1E+dnxuW09vhtf9XbPjcdMb9MMuTRSqe5xCpYsn3YT7c/VWRjsmccznwxX81DE+mjar/3f2Hb2GFyIxX1jFTc/t38Gl0vl+VK5fRy3Z3kmj+DN7CXJeVkJEpm1HrPAEY57Qy7omS6o+Le7eX3zkVtKCtqf0jUZm9UZzbnR06b+WAemG391CdVU/v/wH7aOxrlyrRlXEk/Mwb2J3QlI/fB+7WjuZVZMhi3RxjDez3RHa2dvH7z7HGjUX+xaAfJjYoTeyVOosIlzUS/JnKQTIJZaY8/KNvxmkA9ySJTfL9sKwo5e7LujF9P/n8d3JZfHJ1B/8NAJsGisPsuE+d/qXxl123W7FPUvU8vp2PbwypP1biXkxtcds8XezO4nNzAuFsPKxl/Xew/48Cc6/pN6cYoZ4xFvp2z52CcIFPVNz3i/j8AAAAAAAAAAAAAAAAAAMC8mdxXDiq5X7couo8AAAAAAAAAAAAAAAAAAAAAAMy7jN//LRf6+7/3Fb/i93+BqfsVAAD//ykfZ8s=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])

4m57.523676081s ago: executing program 4 (id=122):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/diskstats\x00', 0x0, 0x0)

4m57.468467464s ago: executing program 1 (id=123):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000480)="89000000120081ae08061cdc030ec080000000000000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0xc000)

4m57.149957791s ago: executing program 4 (id=125):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r1=>0x0})
connect$inet(r0, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd2b, 0xfffffffd, {0x0, 0x0, 0x0, r1, {0x0, 0x5}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x60, 0x2, {{0x7fff, 0x7f, 0x192, 0xf, 0x7fff, 0x205}, [@TCA_NETEM_LOSS={0x18, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0x9, 0x4, 0xffffffff, 0x40}}]}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x5, 0x1, 0x0, 0x0, 0x1bb, 0x4}}]}}}]}, 0x90}}, 0x0)

4m56.927960614s ago: executing program 1 (id=127):
r0 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000040), 0x3, 0x88c02)
syz_usb_disconnect(r0)
readv(r1, &(0x7f0000001200)=[{&(0x7f0000000100)=""/99, 0x63}], 0x1)

4m56.359085644s ago: executing program 32 (id=127):
r0 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000040), 0x3, 0x88c02)
syz_usb_disconnect(r0)
readv(r1, &(0x7f0000001200)=[{&(0x7f0000000100)=""/99, 0x63}], 0x1)

4m56.348784446s ago: executing program 4 (id=131):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x1000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

4m53.728071334s ago: executing program 4 (id=148):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x1f6, 0x4)
sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800)

4m50.667830333s ago: executing program 4 (id=161):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000080)={{@local, 0x2}, @local, 0x0, 0xf5, 0x5e, 0x200000000000, 0x100000000000006})

4m50.224343015s ago: executing program 33 (id=161):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000080)={{@local, 0x2}, @local, 0x0, 0xf5, 0x5e, 0x200000000000, 0x100000000000006})

45.126657927s ago: executing program 2 (id=2227):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000040)={[{@nobh}, {@abort}]}, 0xff, 0x258, &(0x7f0000000780)="$eJzs3T9oHmUcB/Df3fu+xiQvEnURxD8gIhoIcRNc4qIQkBBEBBUiIi5KIsQEt8TJxUFnLZm6hNKtaceSJXRpKXRK2wzpUmhDh4YO7XDlfS+BJG/6J33f3pXc5wPH3SV393uO3Pe5G3L3BFBZQxExFhG1iBiOiEZEJHs3eDefhnZWl/rXpiKy7Ks7SXu7fD23u99gRCxGxCcRsZom8Us9Yn7lu81761988Pdc4/2TK9/2F3qSO7Y2N77cPjHx15nxj+cvXbk1kcRYNPedV+8lh/ysnkS89jyKvSCSetkt4GlM/nH6aiv3r0fEe+38NyKN/I/3z+xLq4346P9H7fvv7ctvFtlWoPeyrNG6By5mQOWkEdGMJB2JiHw5TUdG8mf4a7WB9NeZ2d+Hf56Zm/6p7J4K6JVmxMbn5/rODh7I/81ann/g+Grl/+vJ5eut5e1a2a0BCvFWPmvlf/iHhQ9D/qFy5B+qS/6huo6Yf//RAceI+z9U12Py/3JZbQKK0Zn/RtlNAgri+R8qKcuyTP6hwuQfqmtv/gGAasn6yn4DGShL2f0PAAAAAAAAAAAAAAAAAADQaal/bWp3Kqrmhf8itj7LRxfprF9rj0e8+znygbvJvkFIkh4MSvL9O10eoEunSn77+pUb5da/+Ha59RemIxb/jIjRer3z+kt2rr9n9+oTft/4scsCR5QcWP/0m2LrH/Rgudz64+sR51v9z+hh/U8ab7Tnh/c/zR58Mf23+10eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMI8DAAA//84UXFU")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000100)=ANY=[])

44.63955665s ago: executing program 2 (id=2230):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000005c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@uuid_on}]})

44.20757208s ago: executing program 2 (id=2231):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r0, 0x0, 0x14, 0x0, &(0x7f0000000080)="f6f4e9a10000502468da5eb1c6b2feff8833c000", 0x0, 0x86, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

43.825393822s ago: executing program 2 (id=2236):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000001240)="$eJzs3MtvG1UXAPAzkzj98qUloZRXyyNQEBWPpGkLdMECEEgsioQEC1haSVqVpi1qjESrSKQsygohJPaIJf8CK9ggxAqJLexRpQp1Q8vKaOyZxHZsp2nsuMW/n+T23Hn43uOZa9+ZayeAoTWd/ZNE7I6I3yNisl5s3mC6/t+N6yvzN6+vzCdRrb77V1Lb7u/rK/PFpsV+E42FSOJAm3qXL146U15aWryQl2crZz+aXb546YXTZ8unFk8tnjty/Pixo3Mvv3TkxZ7kORFpHr31wVdvn/iiKf+WPHpkutvKp6vVHlc3WHsa4tEBtoOtGcmPV6nW/ydjpOHoTcabn60VPh1QA4G+qVar1YnOq1erwH9YEs1lXR6GRfFBX1z/trsOfrVvo4/Bu/Za/QIoy/tG/qivGV27Y1Bqub7tpemIeH/1n2+yR/TnPgQAQJMfsvHP89loZ2U+G3usjz/SeKBhu3vyuaGpiLg3IvZGxH1xLvZFxP0RtW0fjIiHtlh/6yTJxvFPevW2ErtF2fjvlXxuq3n8V4z+YmokL+2p5V9KTp5eWjycvyaHorQrK891qePHN377stO6xvFf9sjqL8aCeTuuju5q3mehXClvJ+dG1y5H7B9tl3+yNhOQRMTDEbG/3ROkm9dx+tnvHum0bvP8u+jBRFP124hn6sd/NVryLyTd5ydn/xdLi4dni7Nio19+vfJOp/q3lX8PZMf//23P/7X8p5LG+drlrddx5Y/PO17TTJfyYAvn/2q5Uh5L3qvFY/myT8qVyoW5iLHkRL3RjcuPrO9blIvts/wPHWzf//fG+itxICKyk/jRiHgsIh7Pj90TEfFkRBzskv/Prz/1Yeuy8SL/O+D4L2zp+K8HY9G6pH0wcuan75sqnVoP8/xvdn//O1aLDuVLbuX971badXtnMwAAANx90ojYHUk6sxan6cxM/Tv8+yLSpfPLledOnv/43EL9NwJTUUqLO12TDfdD5/LL+nr5ckTUv1pQrD8aae2+8dcj47XyzPz5pYVBJw9DbqJD/8/8OTLo1gF95wdbMLz0fxheXft/aefaAey8Df2/a5/f1de2ADurzef/+CDaAey8duN/f+8HhkNL/zftB0PE/X8YXvo/DC/9H4bS8nhs/iP5rkHxTLe5+2bBZMR2WziYIEp3RDP6FkTa9yrG+ntq9S1I7sI2bwgG954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQS/8GAAD//3hZ0MA=")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {0x4, 0x6}}, 0x24, 0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x80)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

43.07614029s ago: executing program 2 (id=2241):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x20, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

42.499924023s ago: executing program 2 (id=2245):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000540)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c044}, 0x40)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x2, 0x400, 0xe, 0xfffeffff, 0x6, 0xfffeffff, 0x9, 0x5}, &(0x7f0000000040)=0x20)

41.965899012s ago: executing program 34 (id=2245):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000540)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c044}, 0x40)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x2, 0x400, 0xe, 0xfffeffff, 0x6, 0xfffeffff, 0x9, 0x5}, &(0x7f0000000040)=0x20)

5.694527129s ago: executing program 5 (id=2583):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3M1rI2UYAPAn/djtfrgW8eBtBxahhU1o+rHoreoufmCXsurBk6ZJGrKbZEqTprUnDx7Fg/+JKHjy6N/gwbM38aB4E5TMTHXrBwhNm+3294PJM++bN888b1gWnpmSAC6s+eTXn0txI65ExHREXI/IzkvFkVnPwwsRcTMiph47SsX8nxOXIuJqRNwYJc9zloq3Pr89vLX201u/fPPd5ZlrX3z9/eR2DUzaixHR3cnP97t5TFt5fFjM14btLHZXh0XM3+g+KsZpHvebW1mG/drRuloWV1r5+nRnrz+K251afRRb7e1sfqeXX7A/bB3lyT7wsLabjRvNrSy2+2kWW4d5XQeH+f9th/1BnqdR5PsoSx+DwVHM55sHzXw/O4+yWO8Nivk8b9poHozisIjF5aKedhpZHVsn+aafbG+3e3sHybC522+nvWStUn2pUr1Tru6mjeaguVqudRt3VpOFVme0rDxo1rrrrTRtdZqVetpdTBZa9Xq5Wk0W7ja32rVeUq1WVipL5bXF4ux28vr995JOI1kYxVfbvb1Bu9NPttPdJP/EYrJcWXl5MblVTd7Z2Ew2H9y7t7H57gd337//ysabrxWL/lFWsrC8tLxcri6Vl6uLF2j/nxRFj3H/cCKlSRcAcP7o/4FJOL3+f/dBxOn3/6H/H4tz1f9e9P7/FPYPJ6L/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4sH6Y/fKN7GQ+H18r5p8ppp4rxqWImIqI3//FdFw6lnO6yDP7H+tn/1bDt6XIMoyucbk4rkbEenH89uxpfwsAAADw9Prq45uf5d16/jI/6YI4S/lNm6nrH44p31xEzM7/OKZsU6OX58eULPv3PRMHY8qW3cCaG1Oy/JbbzLiy/S/Tx8LcY6GUh6kzLQcAADgTxzuBs+1CAAAAOEufTroAJqMUR48yj54FZ395/9cDwSvHRgAAAMA5VJp0AQAAAMCpy/p/v/8HAAAAT7f89/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgD3bu5zZxIIoD8LPBC/tPi1Z731b2BmVsCXvcY0QBaYICciAtpAFqILeUEEGExyEQcYjksa1E3yc5k7HMjzcIDjMjDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KX7ar24vfp93TZnt28nz2gAAACAS7bVelH/M0v9r839782tn02/iIgyIi7N3Ufx6Sxz1ORUL8/fnD5fvarhLqJOOLzHpLm+RMSf5nr80fWnAAAAAB/XZrmap9l6+jMbuiD6lBZtym9/M+UVEVHNHjKllYe8X5nC6u/3OP5nSqsXsKaZwtKS2zhX2pvUP/fjqt30pClSU1582bHIbGMHAAB6NDpr+p2FAAAA0Kd/QxfAMIp43so8bgVOUtNs730+6wEAAADvUDF0AQAAAEDn6vl/T+f/7Z3/BwAAAMNI5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQpW21XmyWq3nbnN2+nTyjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCf25x0FQiAMwmDv+s5k7n9YadDU1KQKhI+/MRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjzu7/8n5gaZ5K518bS80iydmpsnRp758bRH8bXrwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNiflxQIgSCIgjnjfyd9/8NKgp5BhAhoeFRRiwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuh3v/yfmBpnkrnTxtLxSLJ21di6auw9aBw9GG//BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNi5n9c4qjgA4G9mdra2Kq5R9hARBQ96sdttbe1NPCjBg3+CENJtjd36o83BliLm4k1y7kX0KCIo8db/IecEcom3HPYQwbMyszPZyQ9w/TWzST4fePO+Owzzvm8WQr7zXgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBp9PYkTrJDZxzHxbnNvYdLWb91qM88Xtuez1oWR3UmfTK8WP0QdZtLBAAAgLMjKev7EMJOur6Q9XEnr//T8pqs5v/26XFc1vOH6/6yL2v/rP3y8+7z+wN1xuNkN725PBxcOppK6/+b5Wx75i+vaOVPPn/3kuRfSPze6nOjNH+e0dcbG++08/BcHdkCAP/ExbIvgvL3oazvN5kYAGdGq1J4l/V/0mk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6jFbDk2UchRDmW5M4s7X3cOm4/vHa9nzZrj16tBa+nNwzu0UaQri5PBxcqnU2s+3e/Qe3F4fDwd36g5dCCE2N/lYx/dsfTHFxCI08H8F/FMTFlz0r+ZyMoMEfSgAAnEpp0bK6fiddX8jORXMh/PHdwfr/1Uocpqz/dz+8tlkdq1r/92ub4ezrrdz5tHfv/oPXl+8s3hrcGnz8xuX+m/0r169evd7L35X0vDEBAADg32kXrVr/x3NH1/8vVOIwZf3/2Tf9L6pjJer/Y00W/ZrOBAAA4Gx79uXff4uOOR+12+HzxZWVu/3xcf/z5fGxgVT/tnNFq9b/yVzTWQEAAAB1GK1GB9b/b1TiMOX6/1Pfv/Bj9Z5JCOF8sf5/cemT4Y36pjPT6vhz4qbnCAAAQLPOF626/p/m+//j/S0PcQjhtVfGcfFvAKeq/5N3v/qhOlZ1//+V+qY4k+Lu+HnkfTeEVrfpjAAAADjNnihaVuz/mq4vfPTThffb9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O3PAAAA//9WwT6Z")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})

5.511968654s ago: executing program 0 (id=2585):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c80)=ANY=[@ANYBLOB="2c0000000a0a050000000000000000000a0000090900010073797a31"], 0x2c}, 0x1, 0x0, 0x0, 0x24048014}, 0x4000)

5.124174264s ago: executing program 0 (id=2587):
syz_mount_image$f2fs(&(0x7f000000e000), &(0x7f0000000080)='./file2\x00', 0x10, &(0x7f000000df00)={[{@nodiscard}, {@fault_injection={'fault_injection', 0x3d, 0x4ee}}, {@fault_type={'fault_type', 0x3d, 0x7fff}}, {@grpjquota}, {@noflush_merge}, {@nocheckpoint_merge}, {@acl}, {@gc_merge}, {@compress_cache}, {@alloc_mode_def}, {@noinline_xattr}, {@background_gc_off}, {@checkpoint_diasble}]}, 0x4, 0x550c, &(0x7f00000089c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DKJjT9WPRWdRc/sEtZ9eBJ0yQN2U0ypUnT2pMHj+LB/0QUPHn0b/Dg2Zt4ULwJSmYmuvUDhKaN3f5+MHnmffPmmecNy8IzUxLAuTWf/PJTKW7ElYiYjYjrEdl5qTgy63l4LiJuRsTMY0epmP9j4mJEXI2IG6Pkec5S8dZnt4e31n588+evv7104drnX303vV0D0/Z8RHR38vP9bh7TVh4fFvO1YTuL3dVhEfM3uo+KcZrH/eZWlmG/Nl5Xy+JKK1+f7uz1R3G7U6uPYqu9nc3v9PIL9oetcZ7sAw9ru9m40dzKYrufZrF1mNd1cJj/33bYH+R5GkW+D7P0MRiMYz7fPGjm+9l5lMV6b1DM53nTRvNgFIdFLC4X9bTTyOrYOs43/f/2Vru3d5AMm7v9dtpL1irVFyvVO+XqbtpoDpqr5Vq3cWc1WWh1RsvKg2atu95K01anWamn3cVkoVWvl6vVZOFuc6td6yXVamWlslReWyzObiev3X836TSShVF8pd3bG7Q7/WQ73U3yTywmy5WVlxaTW9Xk7Y3NZPPBvXsbm++8f/e9+y9vvPFqsehvZb0Qy0vLy+XqUnm5uniO9v9xUXSyMLH9w7GUpl0AwNmj/wem4eT6/90HESff/4f+fyLOVP87LmuC/e953z8ci/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODc+n7ui9ezk/l8fK2Yf6qYeqYYlyJiJiJ++wezcfFIztkiz9y/rJ/7Sw3flCLLMLrGpeK4GhHrxfHr0yf9LQAAAMCT68uPbn6ad+v5y/y0C+I05TdtZq5/MKF8pYiYm/9hQtlmRi/PTihZ9u/7QhxMKFt2A+vyhJLlt9wuTCrbfzJ7JFx+LJTyMHOq5QAAAKfiaCdwul0IAAAAp+mTaRfAdJRi/Chz/Cw4+8v7Px8IXjkyAgAAAM6g0rQLAAAAAE5c1v/7/T8AAAB4suW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3cJg5EcQB+Nnhh/2nRau/byt6gjC1hj3uMKCBNUEAOpIU0QA3klhIiiPA4BCIOkTy2lej7JGcylvnxBsFhZqQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALt1X68Xt1e/rtjm7fTt5RgMAAABcsq3Wi/qfWep/be5/b279bPpFRJQRcWnuPopPZ5mjJqd6ef7m9PnqVQ13EXXC4T0mzfUlIv401+OPrj8FAAAA+Lg2y9U8zdbTn9nQBdGntGhTfvubKa+IiGr2kCmtPOT9yhRWf7/H8T9TWr2ANc0UlpbcxrnS3qT+uR9X7aYnTZGa8uLLjkVmGzsAANCj0VnT7ywEAACAPv0bugCGUcTzVuZxK3CSmmZ77/NZDwAAAHiHiqELAAAAADpXz/97Ov9v7/w/AAAAGEY6/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAubav1YrNczdvm7Pbt5BkNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxP68o0AIhEEY7F3fmcz9DysNmpqaVIHw8TcGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fzGkcVBwD8zc7OxlbFNcoeIqLgQS92u62tvYkHJXjwTxBCuq2xW3+0OdhSxFy8Sc69iB5FBCXe+j/0nEAu8ZbDHiJ4jszszO7kB7j+6Mwm+XzgzfvuMMz7vlkI+c57CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBh+O4kjtNDexQ38nObew+W037rUJ96tL69kLY0jqpM+mR4ufwh6ozDvTqSAQAA4GyIi/o+hLCTbCymfaOd1f9JcU1a83//7Cgu6vnDdX/RF7V/2n77dffF8UDt0TjpTW+sDPoXj6bSfHKznG3P/e0VzezJZ+9e4uwLaXyw9sIwyZ5n9O3jx++1snCuimwBgH/jQtHnQfH7UNr36kwMgDOjWSq8i/o/btebEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAVhmvh6SKOQggLzUmc2tp7sHxc/2h9e6FoVx8+XA9fT+6Z3iIJIdxYGfQvVjqb2Xb33v1bS4NB/071wSshhLpGfyef/q2Pprg4hFqej+D/Cfbn8i97RvI5IUGNP5QAADiVkryldf1OsrGYnovmQ9j/4WD9/3opDlPW/7sfX90sj1Wu/3uVzXD2dVdvf969e+/+myu3l272b/Y/fetS7+3e5WtXrlzrZu9Kut6YAAAA8N+08lau/xvzR9f/z5fiMGX9/8V3va/KY8Xq/2NNFv3qzgQAAOBse/7VP/+IjjkftVrhy6XV1Tu90XH8+dLoWEOq/9hc3sr1fzxfd1YAAABAFYZr0YH1/+ulOEy5/v/Mjy/9XL5nHEI4l6//X1j+bHC9uunMtCr+nLjuOQIAAFCvc3krr/8n2f7/xnjLQyOE8MZrozj/N4BT1f/x+9/8VB6rvP//cnVTnEmNzuh5ZH0nhGan7owAAAA4zZ7KW1rs/55sLH7yy/kPW/b/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFTtrwAAAP//RAE/8A==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
fallocate(r0, 0x8, 0x4000, 0x4000)

4.082104045s ago: executing program 5 (id=2592):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000480)='pids.max\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000080)=0x30000000, 0x12)

3.451977372s ago: executing program 3 (id=2595):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280)=0x1)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$TCSETS(r0, 0x89f0, &(0x7f0000000100)={0x3ff, 0x2, 0x0, 0x7ff, 0x0, "5dee0000005940000000000f00"})

3.055099639s ago: executing program 3 (id=2598):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)

2.966156624s ago: executing program 0 (id=2599):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = syz_io_uring_setup(0x23d, &(0x7f0000000200)={0x0, 0x0, 0x10100, 0x0, 0x11e}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0)

2.442577393s ago: executing program 3 (id=2601):
syz_mount_image$jfs(&(0x7f0000000040), &(0x7f0000000080)='./bus\x00', 0x4000, &(0x7f00000000c0)=ANY=[@ANYRES64=0x0], 0x1, 0x5faa, &(0x7f0000009080)="$eJzs3cuOHFcZB/CvL9NzceJYEYqMxWLiQEgI8d2GcIvDggUsQEJZY2syiQwOINsgEll4Ii8QG+ARYJMNi7wCD5BnQDwAluxsyIJQqGbOsWvKPe6Z2NPVPef3k8ZVX52u6VP+T011T1X1CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgfviDn57uRcSl36YFRyKeikFEP2K5rlejnrmYHz+MiKOx2RzPRcRgMaJef/OfZyLORcTHhyPu3ru5Vi8+s8t+nD9149pnP/r+P//w59tHf/7Wzz5st//kC2c/+uOtiCM/fu2jz249mW0HAACAUlRVVfXS2/xj6f19v+tOAQBTkY//VZKXq9VqtfqJ1n/q7+XxTx3qur/qA1o3VePdahYRsdFcp37N4HQ8AMyZjfi06y7QIfkXbRgRh7ruBDDTel13gH1x997NtV7Kt9c8Hqxutee/U27Lf6N3//6OnaaTtK8xmdbP1+0YxLM79Gd5Sn2YJTn/fjv/S1vto/S4/c5/WnbKf7R161Nxcv6Ddv4t2/L/S0TMbf79sfmXKuc/3Ev+G4M53v/lDwAAAADAwZf//n+k4/O/i4+/KbvyqPO/q1PqAwAAAAAAAAA8aY87/t99xv8DAACAmVW/V6/99fCDZTt9Flu9/M1exNOtxwOFWW18OCAAAAAAAAAAAAAAMB3DiJV0Xf9CRDy9slJVVf3V1K736nHXn3elbz+UrOtf8gAAsOXjw617+XsRSxHxZvqsv4WVlZWqWlpeqVaq5cX8ena0uFQtN97X5mm9bHG0ixfEw1FVf7OlxnpNk94vT2pvf7/6uUbVYBcdm44OAweAiNg6Gt11RDpgquqZ6PpVDvPB/n/w2P/Zja5/TgEAAID9V1VV1Usf530snfPvd90pAGAq8vG/fV5ArVari6k/2Vo4M/1Rq/exbqrGu9UsImKjuU79msFw/AAwZzbi0667QIfkX7RhRBztuhPATOt13QH2xd17N9d6Kd9e83iwutWerwXZlv9Gb3O9vP646STta0ym9fN1Owbx7A79eW5KfZglOf9+O/9LW+15iP/9zn9adsq/3s4jHfSnazn/QTv/loOTf39s/qXK+Q/3lP9A/gAAAAAAMMPy3/+POP+bNxkAAAAAAAAA5s7dezfX8n2v+fz/l8Y8rtecc//ngZHz7+06f/f/HiQ5/347/9YFOYPG/J03HuT/yb2bax/e+PcX83Tm818YjOrnXuj1B8N0zU+18HZciauxHqceevxwW/vph9oXtrWfmdB+9qH2Ud2+nNtPxFr8Kq7GW/fbFydcGLU0ob2a0J7zH9j/i5TzHza+6vxXUnuvNa3d+aD/0H7fnI57not//++LD+9d03c7Bve3ranevuMd9Gfz/+TQKH5zff3aid9dvnHj2ulIk21Lz0SaPGE5/4X0lfN/6YWt9vx7v7m/3vlgtOf8Z8XtGO6Y/wuN+Xp7X55y37qQ8x+lr5x/PgKN3//nOf+d9/9XOugPAAAAAAAAAAAAAAAAPEpVVZu3iF6MiAvp/p+u7s0EAKYrH/+rJC9Xq2ez/s+M9UetVqvnq26qxnu9WUTEP5rr1K8Zfj/umwEAs+x/EfGvrjtBZ+RfsPx5f/X0y113Bpiq6++9/4vLV6+uX7vedU8AAAAAAAAAgM8rj/+52hj/efM6oNa40dvGf30jVud2/M/+aLA51nnaoOfj0eN/H49Hj/89nPB8CxPaRxPaFye0L01oH3ujR0PO//mUcc7/WNqwksZ/famD/nQt5388jfWc8/9q63HN/Ku/zXP+/W35n7zx7q9PXn/v/VevvHv5nfV31n95+tSFc2fPnzt7/vzJt69cXT+19W+HPd5fOf889rXrQMuS88+Zy78sOf+vpFr+Zcn5v5hq+Zcl559f78m/LDn//N5H/mXJ+b+cavmXJef/tVTLvyw5/1dSLf+y5Py/nmr5lyXn/2qq5V+WnP+JVMu/LDn/k6mWf1ly/vkMl/zLkvPPVzbIvyw5/zOpln9Zcv5nUy3/suT8z6Va/mXJ+Z9PtfzLkvO/kGr5lyXn/41Uy78sOf9vplr+Zcn5v5Zq+Zcl5/+tVMu/LDn/b6da/mXJ+X8n1fIvS87/u6mWf1ly/t9LtfzLkvN/PdXyL8uDz/83s+eZldnohhkzT36m699MAAAAAAAAAAAAAEDbNC4n7nobAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzdXYxc5X0G8LNf9tqQ4AZCCHGCbT7iwMLu+gscYjBJSCnpByUhbVpS49hr48Rf9a4TQKhsCm2JglSk9oJeNE2iNIrUVqAqUlOJRqiN1N41V424iVopF64ElYOSSqkCW5057/t6ZnZ2Zrz2es+c8/sh++/dOTPzzpkzs/MsemYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotvkjM38ylGVZ/qfx14Ysuzz/97psb/7l/K7VXiEAAABwod5s/P23V6Rv7O3jTE3b/Ov7/v07CwsLC9ln3zjz1p8tLKQTNmXZyNosa5wW/dvPf7bQvE3wdDY+NNz09XCPqx/pcfpoj9PHepy+psfpa3ucPt7j9EU7YJF1xe9jGhd2Q+OfG4pdml2VjTVOu6HDuZ4eWjs8HH+X0zDUOM/C2KHsSHY0m8mmFp1nqPFflr28Ob+u+7J4XcNN17Uxy7KzP3nyQFzDUNjHN2QtV9bQfN+9fk+26Y2fPHngW3OvvbvT7LkbFq00y7Zuydf5TJad+3VVNpStTfskrnO4aZ0bO6xzpGWdQ43z5f9uX+fZPtcZb/d4WOcPuqxzY/jeY9dnWTafLblNu6ez4Wx927Wm/T1eHBH5ZeR35Tuy0fM6Tjb3cZzk5/nx9a3HSfsxGff/5rBPRpdYQ/Pd8fqX1iza78s9TvJbXYZjNb/sB/IrHR9v/tVqy7Gab/PkjUsfAx3vuw7HQDqWm46BLb2OgeE1I41jYPjcmre0HAPTi84znA01ruvMjd2Pgcm5YycnZx9/4tYjx/Yfnjk8c3x6ateO7Tt3bN+5c/LQkaMzU8Xf57dLB8j6bDgdg1vCc008Bt/ftm3zIbnw9Yv3OBgvyeMgv+2fvClf0OXD2RLHeL7NM1sv/HGQfu43PQ5Gmx4HHZ9TOzwORvt4HOTbnN3a38/M0aY/ndawUs+FG5qOgdX8eZhf58MfWPq5cGNY17M3n+/Pw5FFx0C8WUPhsZd/J73eG78j7JfFx8W1+QmXrclOz86cuu2x/XNzp6azMC6JK5vuq/bjZX3TbcoWHS/D53287P2bX9x0bYfvbwj7avyW7vdVvs2Oie73VePZvfP+bPnutiyMi+xS789OP83y/ZmyRJf9mW/zzK0X/low5ZKm57+xXs9/I2OjxfPfSNobYy3Pf4vvmpHGyrLs7K39Pf+NhT+X+vnvqpI8/+X76uHbuh8D+TbPTp7vMTDa9fnv+jCHwno+EBLDeFPuf6tx+nxxmDbdlz2Pm9HRsXDcjMZrbD1uti86T35p+XVvnVrecbP1+tb7quV1SwWPm3xf/flU9+Mm3+aV6Qt/7lgX/9n03LGm1zEwNrImX+9YOgiK57uFdfEYuC07kJ3IjmYH03nyezm/rolt/R0Da8KfS/3ccU1JjoF8X72wrfsxkG/z/e0X97XT1vCdtE3Ta6f23y8slfmvHT13ee277WJn/nydH93R/XdD+Tav7TjfnNF9P90SvnNZh/3U/vhZ6pg+mF2a/XRNWOfRnd1/N5Vvc9WuPo+nvVmWvTr9auP3XeH3u39/+j++0/J7306/U351+tX7Jx/84fmsHwCA5Xur8ff8muK1ZtP/se7n//8DAAAAAyHm/uEwE/kfAAAAKiPm/pEwE/kfAAAAKiPm/tEwk5rk/0fv2P3im09l6d0AF4J4etwND9xVbBc73vPh600L5+Tf//A3x1788lP9XfdwlmW/uP89Hbd/9K64rsLJuM4Ptn5/kWuu6+v6H3no3HbN759wdndx+fH29HsYxK7yy5PbGpe76fHpxnzl/qwxH5x/9uni8ouv4/Znthfb/2V405K9h4Zazr81rOeGMDeF95R5YO+5/ZDPeL4XN77vX6781Lnri+cb2vL2xs184Q+Ky43vEfX8lcX28XYvtf5/+sq3X8y3f+zGzut/arjz+s+Ey/1xmD/fU2zfvM+/3LT+Pwrrj9cXz3fbN77Xcf0vvavY/qVwXHwtzPb13/On732z0/0Vr2fvncX54vVP/e+Oxvni5cXLb1//+FPTLfuj/fJfeaO4nD1f+OlI8/bx+/F6okfubD2+h8L929Ijz7Ls23+ctezn7EPF+f6xbf3x8k7e2Xn9t7St8+TQdY3zn7s9G1pu11f/elvH2xvXs/fvNrTcnufvDfvvjcnv55d75sFwPIbT/+8HxeW1v5fpS/e2Pt/E7b+2oXjcxsubbFv/823rn78u33e913/fG8X6X7p7bcv6934sHE/3FbPX+g//1RUt5//6t4r749QXJ46fmD195GDTXm1+HK8dX7f+ssvf9vYrwnNp+9f7Tsw9OnNq09SmqSzbNIBvGbjS6/9GmP9TjPmLfw2FH/60OO6e+3jxc+v9Pyu+fj58/5Fwf8afj1/9i7GW47X9fp+/u5gXuv6bwzr69a6v/Nd1fW145jMvn/6HP3yt/XVBvD0n3zneuH0vbL66cdrQK8Xp7c9XvfznO1sf1z8anWrM74b9uhDemXnL1cX1tV9+fG+S5z5RPH7jK7l4/qzt/UQ2jLTejgtd/4/C65jvXdP6/BePj+8+1fZuzhuyoXwJ8+H5IZsvTo9bxf393NmrO15ffB+ebP7d57PMJc0+Pjt59Mjx049Nzs3Mzk3OPv7EvmMnTh+f29d479J9n+t1/nOP7/WNx/fBmV07ssaj/UQxVthqr//kQwcO3j5108GZQ/tPH5p76OTMqcMHZmcPzBycvWn/oUMzX+x1/iMH90xv27399m0Th48c3HPH7t3bd08cOX4iX0axqB52TX1+4vipfY2zzO7ZsXt6584dUxPHThyc2XP71NTE6V7nb/xsmsjP/YWJUzNH988dOTYzMXvkiZk907t37drW890fj508NLtp8tTp45OnZ2dOTRa3ZdNc49v5z75e56ceZk+E57s2Q+HV+adv2ZXeHzf3zS8teVHFJq0vT7PXw3tBxZ9vvb6OuX8szKQm+R8AAADqIOb+8Mb/506Q/wEAAKAyYu5fG2Yi/wMAAEBlxNw/HmZSk/yv/6//r/+v/6//r/+/kvT/9f+70f/X/x/k9ev/6//TW9n6/zH3r8uyWuZ/AAAAqIOY+9eHmcj/AAAAUBkx918WZiL/AwAAQGXE3H95mEk98v9Y+z/1//X/9f+b+/9xW/3/TP9f/3+Z9P/1/7vR/9f/H+T1l7D/v07/n7IpW/8/5v63hZnUI/8DAABALcTc//YwE/kfAAAAKiPm/ivCTOR/AAAAqIyY+zeEmdQk//v8f/1//X+f/6//r/+/kvT/9f+70f/X/x/k9Zew/+/z/ymdsvX/Y+7/pTCTmuR/AAAAqIOY+98RZiL/AwAAQGXE3H9lmIn8DwAAAJURc/9VYSY1yf/6//r/+v/6//r/+v8rSf9/APr/nbqW+v/N2p+mEv1//X/9f/1/uitb/z/m/neGmdQk/wMAAEAdxNx/dZiJ/A8AAACVEXP/u8JM5H8AAACojJj7rwkzqUn+1//X/9f/1//X/9f/X0n6/wPQ/+9E/78v+v/6//r/+v90V7b+f8z97w4zqUn+BwAAgDqIuf/aMBP5HwAAACoj5v73hJnI/wAAAFAZMfdvDDOpSf7X/9f/1/+vVv9/WP9f/79kBqv/P7zkKfr/hYHo/w/r//drtfvzg75+/X/9f3orW/8/5v73hpnUJP8DAABAHcTc/74wE/kfAAAAKiPm/uvCTOR/AAAAqIyY+zeFmdQk/+v/6//r/1er/+/z//X/y2aw+v9L0/8vDET/3+f/9221+/ODvn79f/1/eitb/z/m/s1hJjXJ/wAAAFAHMfdvCTOR/wEAAKAyYu6/PsxE/gcAAIDKiLn/hjCTmuR//X/9f/1//X/9f/3/laT/r//fjf6//v8gr1//v7/+/5peF0Slla3/H3P/jWEmNcn/AAAAUAcx998UZiL/AwAAQGXE3P/+MBP5HwAAACoj5v6tYSY1yf/6//r/+v/6//r/+v8rSf+/7/7/uuWsS/+/oP+/PKvdnx/09ev/+/x/eitb/z/m/g+EmdQk/wMAAEAdxNx/c5iJ/A8AAACVEXP/LWEm8j8AAABURsz9E2EmNcn/+v/6//r/+v/6//r/K6mq/f/0POrz//X/9f/1//X/9f9ZUtn6/zH33xpmUpP8DwAAAHUQc/9tYSbyPwAAAFRGzP2TYSbyPwAAAFRGzP1TYSY1yf+p///f+v+Z/r/+v/6//r/+/0VX1f7/Cnz+/7LWr/9f0P9fntXuzw/6+vX/9f/prWz9/5j7p8NMapL/AQAAoA5i7t8WZiL/AwAAQGXE3L89zET+BwAAgMqIuX9HmElN8r/P/9f/1//X/9f/1/9fSfr/+v/d6P/r/w/y+vX/9f9pNdzhe2Xr/8fcvzPMpCb5HwAAAOog5v5dYSbyPwAAAFRGzP23h5nI/wAAAFAZMfffEWZSk/yv/6//r/+v/1/e/n/r9ev/6/93ov+v/5/p/y/bavfnB339+v/6//R2cfv/V1xw/z/m/t1hJjXJ/wAAAFAHMfd/MMxE/gcAAIDKiLn/zjAT+R8AAAAGSqfPIYxi7v9QmElN8r/+f9X7/wtr9f/1/we3/9+6P/X/9f870f/X/8/0/5dttfvzg75+/X/9f3q7uP3/RS9Pz7v/H3P/njCTmuR/AAAAqIOY++8KM5H/AQAAoDJi7r87zET+BwAAgEG1qEcTc//eMJOa5H/9/6r3/8v3+f9Dmf6//n9B/1///2LQ/9f/z/T/l225/fnwskX/v0T9//wY0v+njMrW/4+5/54wk5rkfwAAAKiDmPs/HGYi/wMAAEBlxNz/kTAT+R8AAAAqI+b+j4aZ1CT/17T//8/6/wWf/6//n+n/6/+vMP1//f9u9P8Hs/8f6f+Xp//v8/8pq7L1/2PuvzfMpCb5HwAAAOog5v6PhZnI/wAAAFAZMff/cpiJ/A8AAACVEXP/fWEmNcn/Ne3/+/z/cP36//r/mf6//v8K0//X/+9G/1//f5DXr/+v/09vZev/x9z/K2EmNcn/AAAAUAcx998fZiL/AwAAQGXE3P/xMBP5HwAAACoj5v5fDTOpSf7X/780/f/hdPn6//r/+v/6//r/F5P+v/5/pv+/bKvdnx/09ev/6//TW9n6/zH3/1qYSU3yPwAAANRBzP2/HmYi/wMAAEBlxNz/G2Em8j8AAABURsz9D4SZ1CT/6//7/H/9f/3/0vb/R1v3p/6//n8n+v/6/5n+/7Ktdn9+0Nev/6//T29l6//H3P+bYSY1yf8AAABQBzH3PxhmIv8DAABAZcTc/4kwE/kfAAAAKiPm/k+GmdQk/+v/6//r/+v/l7b/37Y/9f/1/zvR/9f/z/T/l221+/ODvn79f/1/eitb/z/m/ofCTGqS/wEAAKAOYu7/VJiJ/A8AAACVEXP/b4WZyP8AAABQGTH3/3aYSU3yv/6//r/+v/6//r/+/0rS/1/c/8+fw1az/7+mnw31//ui/6//r/+v/093Zev/x9z/6TCTmuR/AAAAqIOY+38nzET+BwAAgMqIuf93w0zkfwAAAKiMmPsfDjOpSf7X/9f/1//X/9f/1/9fSfr/Pv+/G/1//f9Ltv7hi79+/X/9f3orW/8/5v7PhJnUJP8DAABAHcTc/3thJvI/AAAAVEbM/fvCTOR/AAAAqIyY+x8JM6lJ/tf/1//X/y9n/39Y/1//X/+/L/r/+v+Z/v+y1ar/vwLr1//X/6e3svX/Y+7fH2ZSk/wPAAAAdRBz/2fDTOR/AAAAqIyY+w+Emcj/AAAAUBkx9x8MM6lJ/tf/1//X/y9n/z/T/9f/1//vi/6//n+m/79sq92fH/T16//r/9Nb2fr/MffPhJnUJP8DAABAHcTcfyjMRP4HAACAyoi5/3CYifwPAAAAlRFz/6NhJjXJ//r/+v/6//r/+v/6/ytJ/1//vxv9f/3/QV6//r/+P72Vrf8fc/+RMJOa5H8AAACog5j7PxdmIv8DAABAZcTc//kwE/kfAAAAKiPm/qNhJjXJ//r/+v/6/xXs/4/q/2f6/6Wh/6//343+v/7/IK9f/1//n97K0f+fT1/H3H8szKQm+R8AAADqIOb+42Em8j8AAABURsz9J8JM5H8AAACojJj7T4aZ1CT/6//r/+v/V7D/7/P/G/T/y0H/X/+/m6r1/+MdqP+v/6//r/9PoRz9/3Nfx9z/+2EmNcn/AAAAUAcx958KM5H/AQAAoDJi7p8NM5H/AQAAoDJi7p8LM6lJ/tf/1//X/9f/1//X/19Jq9v/bz+6lk//v6D/38rn/+v/6//r/9Nd2fr/MfefDjOpSf4HgP9n77527TqrPg6v/UVfHCuKuAXuAHHCKZfANXCSG0CiQ+gQeu+d0BN677333nsJJRA6JEhGeI0xTOK959zeXit7znc8z8lQipNXtjD6K/ppAgB0kLv//nGL/Q8AAADDyN3/gLjF/gcAAIBh5O5/YNzSZP/r//X/+v/F9P/bzk//r//X/18S3//X/2/0/yd22v382t/fof+f+h+E/p/jWFr/n7v/QXFLk/0PAAAAHeTuf3DcYv8DAADAMHL3PyRusf8BAABgGLn7Hxq3NNn/+n/9v/5/Mf2/7//nr+uI/f/BhX+t/n+39P/6/43+/8ROu59f+/s79P9T9P8cx9L6/9z9D4tbmux/AAAA6CB3/8PjFvsfAAAAhpG7/7q4xf4HAACAYeTuf0Tc0mT/6//1//vo/2+OXlP/r//X//v+v/5f/z9F/6//X/P79f/6f+Ytrf/P3f/IuKXJ/gcAAIAOcvc/Km6x/wEAAGAYufsfHbfY/wAAADCM3P2PiVua7H/9v/7f9//1/137/wyt9f/7pf/X/0/R/+v/1/z+o/v/Gzf6f/0/W0vr/3P3PzZuabL/AQAAoIPc/Y+LW+x/AAAAGEbu/sfHLfY/AAAADCN3/xPilib7X/+v/9f/6/+79v9J/79f+n/9/xT9v/5/ze8f9/v/N+n/2Zm99//3uf78PW7/n7v/+rilyf4HAACADnL3PzFusf8BAABgGLn7nxS32P8AAAAwjNz9T45bmuz/Q/r/Kzb6/6b9/7kD/b/+f5n9/23xu4z+X/9/Mf2//n+j/z+xo/v54/1M6P9H7f99/5/d2Xv/P9P73/mPc/c/JW5psv8BAACgg9z9T41b7H8AAAAYRu7+p8Ut9j8AAAAMI3f/0+OWJvvf9//1/7v8/n/+c/X/W/p/3//X/+v/9f/T9tj/X5s/mcfo/6/c6P99/3/H/f+9j/F+/T8dLK3/z93/jLilyf4HAACADnL3PzNusf8BAABgGLn7nxW32P8AAAAwjNz9z45bmux//b/+f5f9f5vv/5/d/nj9/x3fo//X/x9G/6//n+L7//r/Nb/f9//1/8xbWv+fu/85cUuT/Q8AAAAd5O5/btxi/wMAAMAwcvc/L26x/wEAAGAYufufH7c02f/6f/2//t/3/y+r/79C/6//n6b/1/9P0f/r/9f8fv3/ifr/q+b+uYxlaf1/7v4XxC1N9j8AAAB0kLv/hXGL/Q8AAADDyN3/orjF/gcAAIBh5O5/cdzSZP/r//X/+n/9v+//6//3Sf8/XP9/oP+/QP+v/9f/+/4/05bW/+fuf0nc0mT/AwAAQAe5+18at9j/AAAAMIzc/S+LW+x/AAAAGEbu/pfHLU32v/5f/6//1//r//X/+6T/H67/9/3//6H/1//r//X/TFta/5+7/xVxS5P9DwAAAB3k7n9l3GL/AwAAwDBy978qbrH/AQAAYBi5+2+44/pvs//1//p//b/+X/+v/98n/b/+f8rQ/f+df3PbHL//v+qIf5/+f1nv303/n7/6+n/GtLT+/4bzP+qqzavjlib7HwAAADrI3f+auMX+BwAAgGHk7n9t3GL/AwAAwDBy978ubmmy/4/q/2+9evvX9f/Ho/8//P36/7u0/78y/7r+f0v/vwz6f/3/lKH7f9//38kbl/x+3//X/zNvaf1/7v7Xxy1N9j8AAAB0kLv/DXGL/Q8AAADDyN3/xrjF/gcAAIBh5O6/MW5psv99/1//r/8fpv/3/X/9/yLp//X/U1bU/5857E/q//X/+n/9P9OW1v/n7r8pbmmy/wEAAKCD3P1vilvsfwAAABhG7v43xy32PwAAAAwjd/9b4pYm+1//r/8/9f7///T/Sf8fv676f/3/JdD/6/83vv9/Yqfdz6/9/fp//T/zltb/5+5/a9zSZP8DAABAB7n73xa32P8AAAAwjNz9b49b7H8AAAAYRu7+d8QtTfa//l//f+r9v+//F/1//Lq26//vdY3+/+T0//r/Tcf+/+ylvPJop93Pr/39+n/9P/OW1v/n7n9n3NJk/wMAAEAHufvfFbfY/wAAADCM3P3vjlvsfwAAABhG7v73xC1N9r/+X/+v/9f/6/9Pu//3/f/Lof/X/2869v++/7+I9+v/9f/MW1r/n7v/vXFLk/0PAAAAHeTuf1/cYv8DAADAMHL3vz9usf8BAABgGLn7PxC3NNn/+v+19//3vSVeoP/X/+v/9f+LpP/X/0/R/+v/d/T+cwf6f/0/i7S0/j93/wfjlib7HwAAADrI3f+huMX+BwAAgGHk7v9w3GL/AwAAwDBy938kbmmy/3v0//9/0d82Tv/v+//6f/2//n/Z9P/6/yn6f/3/mt+v/7/2fne/x4H+n0lL6/9z9380bmmy/wEAAKCD3P0fi1vsfwAAABhG7v6Pxy32PwAAAAwjd/8n4pYm+79H/38x/f/Wzvv/c3fT/+v/i/5f/7/R/+v/Z+j/9f9rfv/Q/f/Bxvf/2Yml9f+5+z8ZtzTZ/wAAANBB7v5PxS32PwAAAIzg/NjP3f/pC39qy/4HAACAYeTu/0zccM9rTu9Jdyn9v/7f9//1//r/fff/8ZvkdRd+VvX/u6P/1/9v9P8ndtr9/NrfP3T/f+zv/+v/mba0/j93/2fjFv/9HwAAAIaRu/9zcYv9DwAAAMPI3f/5uMX+BwAAgGHk7v9C3NJk/+v/9f/6f/2//t/3//dJ/6//n6L/1/+v+f36f/0/85bW/+fu/2Lc0mT/AwAAQAe5+78Ut9j/AAAAMIzc/V+OW+x/AAAAGEbu/q/ELU32v/5f/6//1//r//X/+6T/1/9P0f/r/9f8fv2//p95S+v/c/d/NW5psv8BAACgg9z9X4tb7H8AAAAYRu7+r8ct9j8AAAAMI3f/N+KWJvtf/6//1//r//X/+v990v/r/6fo//X/a36//l//z7yl9f+5+78ZtzTZ/wAAANBB7v5vxS32PwAAAAwjd/+34xb7HwAAAIaRu/87cUuT/T9y/z/1t+n/t/T/+v+N/l//v2f6f/3/FP2//n/N79f/6/+Zt7T+P3f/d+OWJvsfAAAAOsjd/724xf4HAACAVbrykD+Xu//7cYv9DwAAAMPI3f+DuKXJ/r+U/v/2q9fV/0/R/2/p//X/G/2//n/P9P/6/yn6f/3/mt+v/9f/M29p/X/u/h/GLU32PwAAAHSQu/9HcYv9DwAAAMPI3f/juMX+BwAAgGHk7v9J3NJk/4/8/f8p+v8t/b/+f6P/32//n3+g/9f/6/8Ppf/X/6/5/fp//T/zltb/5+7/adzSZP8DAABAB7n7fxa3XMr+P7vrVwEAAAC7lLv/53GL//4PAAAAw8jd/4u4pcn+1//r//X/+n/9v+//75P+X/8/Rf+v/1/z+/X/+n/mLa3/z93/y7ilyf4HAACADnL3/ypusf8BAABgGLn7fx232P8AAAAwjNz9N8ctTfb/ZfX/Z/T/Sf9/+Pv1//p//b/+v23//9//W9X/z9L/6//X/H79v/6feUvr/3P3/yZuabL/AQAAoIPc/b+NW+x/AAAAGEbu/t/FLfY/AAAADCN3/+/jlib73/f/9f/6f/2//l//v09t+3/f/z8W/b/+f83v1//r/5m3tP4/d/8tcUuT/Q8AAAAd5O7/Q9xi/wMAAMAwcvf/MW6x/wEAAGAYuftvjVua7H/9v/5/yP7/jP5f/6//Xwr9v/5/iv5f/7/m9+v/9f/MW1r/n7v/T3FLk/0PAAAAHeTu/3PcYv8DAADAMHL3/yVusf8BAABgGLn7/xq3NNn/+n/9/5D9v+//6//1/4uh/9f/T9H/6//X/H79v/6feUvr/3P3/y1uabL/AQAAoIPc/X+PW+x/AAAAGEbu/n/ELfY/AAAADCN3/z/jlib7f/D+/8i/U/+/pf/X/2/0//r/PdP/6/+n6P/1/2t+/1z/f+7M9I/X/9PB0vr/3P3/ilua7H8AAADoIHf/bXGL/Q8AAADDyN1/e9xi/wMAAMAwcvf/O25psv8H7/+PpP/f0v/r/zf6f/3/nun/9f9T9P/6/zW/3/f/9f/MW1r/n7v/PwEAAP//VKkqHA==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)

2.039161815s ago: executing program 7 (id=2603):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x181001, 0x0)
ioctl$SNAPSHOT_FREE(r0, 0x3305)

1.963014273s ago: executing program 5 (id=2604):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x4e23, 0x1, @empty, 0x3}, 0x1c)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/icmp6\x00')
read$FUSE(r1, &(0x7f0000000dc0)={0x2020}, 0x2020)

1.705112149s ago: executing program 5 (id=2605):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x6, 0x4, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7ff}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.554108791s ago: executing program 0 (id=2606):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0502000000000000efff0e00000008000300", @ANYRES32=r2], 0x68}}, 0x0)

1.39593691s ago: executing program 5 (id=2608):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file3\x00', 0xcc0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c636f686572656e63793d62756666657265642c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030362c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c00535d4e036013ec9e6e7ecdee3849b40884b95e94f35cec9600cd19beb0"], 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804071, 0x0, 0x0, 0x0, &(0x7f0000000140))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x4003, 0x10000)

1.346298232s ago: executing program 6 (id=2609):
rseq(&(0x7f00000002c0), 0x20, 0x0, 0x0)
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r0, &(0x7f00000017c0)=[{&(0x7f0000000240)="86", 0x1}], 0x1, 0x4)
vmsplice(r1, &(0x7f0000000380)=[{&(0x7f0000013580)='\r', 0x1}], 0x1, 0x0)

1.265158183s ago: executing program 8 (id=2610):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x68, r1, 0x11, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @key_params=[@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "f83365d30189f76a52e3491e25"}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x5}, @NL80211_ATTR_MAC={0xa}], @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x68}}, 0x4)

1.258361872s ago: executing program 0 (id=2611):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280)=0x1)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$TCSETS(r0, 0x89f0, &(0x7f0000000100)={0x3ff, 0x2, 0x0, 0x7ff, 0x0, "5dee0000005940000000000f00"})

1.155331065s ago: executing program 3 (id=2612):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0)
mremap(&(0x7f0000532000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000190000/0x1000)=nil)
mlock(&(0x7f0000626000/0x5000)=nil, 0x5000)

1.093282909s ago: executing program 6 (id=2613):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448ca, 0x0)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
write$bt_hci(r0, &(0x7f0000000200)=ANY=[], 0xb)

1.058852076s ago: executing program 7 (id=2614):
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
io_setup(0x6, &(0x7f0000000540)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f0000000880)=[&(0x7f00000000c0)={0x0, 0x300, 0x0, 0x5, 0x0, r1, 0x0}])

1.036423241s ago: executing program 8 (id=2615):
r0 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100))
epoll_ctl$EPOLL_CTL_ADD(r0, 0x7ffffffe, r1, &(0x7f0000000000)={0x20000008})

902.278766ms ago: executing program 6 (id=2616):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
setfsuid(0xee00)
setresuid(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')

882.537008ms ago: executing program 8 (id=2617):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee2, 0x10012, r1, 0xb3498000)
setsockopt$X25_QBITINCL(r0, 0x106, 0x1, &(0x7f0000000040), 0x4)

862.746779ms ago: executing program 0 (id=2618):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
recvmsg(r0, &(0x7f0000001a40)={0x0, 0x0, 0x0}, 0x2)
connect$packet(r0, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0x82}, 0x14)
shutdown(r0, 0x1)

778.071362ms ago: executing program 7 (id=2619):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = getpid()
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1, 0x0, r1}}, 0x40)

674.528316ms ago: executing program 6 (id=2620):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="05000000040000000400000009"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='sys_exit\x00', r1, 0x0, 0x4000000000000004}, 0x18)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0xf3a, 0x4)

625.648374ms ago: executing program 8 (id=2621):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x81)
ftruncate(r1, 0x8800000)
sendfile(r0, r1, 0x0, 0x100000000)

504.843926ms ago: executing program 7 (id=2622):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000002300)=@newqdisc={0x30, 0x24, 0x1, 0x8000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x0)

497.038801ms ago: executing program 8 (id=2623):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f00000004c0)='hugetlb.2MB.max_usage_in_bytes\x00', 0x2, 0x0)
sendfile(r1, r1, 0x0, 0x2000000000000002)

433.452943ms ago: executing program 6 (id=2624):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x80}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000)
syz_emit_ethernet(0x3a, &(0x7f0000000a80)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0xc, 0x6, "2d0100", 0x4, 0x84, 0x1, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, @local, {[], "a5ba94e3"}}}}}, 0x0)

274.357774ms ago: executing program 3 (id=2625):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000a40)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000a80)={0x30, r1, 0x1, 0x2070bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "ccf90776c32f30ba1f359976f081aa2b"}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000004}, 0x8800)

260.294181ms ago: executing program 8 (id=2626):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r2, @ANYBLOB="0000000003120100500012800b0001006272696467650000400002800800050001000000060027a1000000000800010015000800050025000000000008000400000000000c002e"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)

252.705263ms ago: executing program 7 (id=2627):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000440)=@framed={{0x18, 0x5, 0x0, 0x0, 0x63, 0x0, 0x0, 0x0, 0xfffffffe}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r1, 0xfffff000, 0xe, 0x0, &(0x7f0000001700)="61df7100c80400d5721ff59fe864", 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xf)

159.885353ms ago: executing program 3 (id=2628):
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f00000000c0)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x15, 0x3, 'wlc\x00', 0x1, 0x0, 0x4}, 0x2c)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_FLUSH(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x14, r1, 0x1, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x400c0)

127.888609ms ago: executing program 6 (id=2629):
pipe2$9p(&(0x7f0000000000), 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/4\x00')
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

76.37164ms ago: executing program 5 (id=2630):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000780)={0xfffffffe, 0x0, 0x0, 'queue0\x00', 0x48})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f0000000100)={0x80, 0x1, 'client1\x00', 0xffffffff80000004, "00000000ffffffe3", "71a19060009f0000000000005c4100a0200010040400", 0x800000, 0x40})
write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4)

0s ago: executing program 7 (id=2631):
pipe2$watch_queue(0x0, 0x80)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x0, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x2, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8})
clock_adjtime(0x0, &(0x7f0000000900)={0x6, 0x20000000e, 0xf, 0x0, 0xf, 0x8000000000000000, 0xa, 0x2, 0x9, 0x4, 0x5, 0x8000000000000000, 0xc, 0x9, 0x7, 0x9, 0x8, 0x3, 0xd24f, 0xfffffffffffffffa, 0x0, 0x5, 0x7, 0x7, 0x3, 0x6})

kernel console output (not intermixed with test programs):

a5b65a09 r/w without journal. Quota mode: none.
[  364.213382][ T5988] CoreChips 4-1:0.41: probe with driver CoreChips failed with error -71
[  364.255902][T11594] ext4 filesystem being mounted at /283/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  364.257068][ T5988] usb 4-1: USB disconnect, device number 13
[  364.287953][    C0] vkms_vblank_simulate: vblank timer overrun
[  364.375543][   T30] audit: type=1326 audit(1761160384.293:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11598 comm="syz.2.2003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  364.376054][T11594] overlayfs: upper fs needs to support d_type.
[  364.422816][T11599] netlink: 'syz.2.2003': attribute type 4 has an invalid length.
[  364.467365][   T30] audit: type=1326 audit(1761160384.293:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11598 comm="syz.2.2003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  364.547244][   T30] audit: type=1326 audit(1761160384.333:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11598 comm="syz.2.2003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  364.578641][   T30] audit: type=1326 audit(1761160384.333:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11598 comm="syz.2.2003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  364.668081][ T6358] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  364.689103][T11601] loop5: detected capacity change from 0 to 1024
[  364.820372][T11603] batadv_slave_1: entered promiscuous mode
[  364.836664][   T30] audit: type=1326 audit(1761160384.343:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11598 comm="syz.2.2003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  364.862599][T11603] batman_adv: batadv0: Adding interface: macsec1
[  364.877351][T11603] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  364.932459][   T30] audit: type=1326 audit(1761160384.423:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11598 comm="syz.2.2003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  364.976884][T11603] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  364.988427][   T30] audit: type=1326 audit(1761160384.423:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11598 comm="syz.2.2003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  365.009091][T11607] loop6: detected capacity change from 0 to 512
[  365.012183][T11603] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  365.032170][T11603] batman_adv: batadv0: Interface activated: macsec1
[  365.079359][T11607] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  365.103999][T11607] EXT4-fs (loop6): 1 truncate cleaned up
[  365.167812][T11607] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  365.211738][T11612] loop7: detected capacity change from 0 to 256
[  365.256585][T11612] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  365.411139][ T6358] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.584436][T11627] netem: incorrect gi model size
[  365.599182][T11627] netem: change failed
[  365.810156][T11633] option changes via remount are deprecated (pid=11632 comm=syz.0.2021)
[  366.338545][T11643] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2026'.
[  366.399455][T11616] loop2: detected capacity change from 0 to 32768
[  366.462713][T11616] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  366.518622][T11616] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  366.536625][T11629] loop3: detected capacity change from 0 to 32768
[  366.557665][T11629] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2019 (11629)
[  366.566060][T10813] (kworker/u8:27,10813,0):ocfs2_check_dir_entry:321 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  366.613307][T11629] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  366.639856][T11629] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  366.807246][ T5833] ocfs2: Unmounting device (7,2) on (node local)
[  366.899164][T11629] BTRFS info (device loop3): enabling ssd optimizations
[  366.926168][T11629] BTRFS info (device loop3): turning on async discard
[  366.941023][T11629] BTRFS info (device loop3): enabling free space tree
[  366.990352][T11672] sp0: Synchronizing with TNC
[  367.099708][T11635] loop6: detected capacity change from 0 to 40427
[  367.122956][T11629] BTRFS warning (device loop3): this kernel does not support the compat:1 feature bit
[  367.144316][T11635] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  367.168488][T11635] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  367.202898][T11635] F2FS-fs (loop6): invalid crc value
[  367.237507][T11678] loop7: detected capacity change from 0 to 128
[  367.250144][T11678] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  367.256528][ T5836] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  367.312157][T11678] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  367.355820][ T5911] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  367.417309][T11635] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  367.457555][T11635] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  367.473337][T11635] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  367.487681][  T974] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  367.533353][T11688] loop0: detected capacity change from 0 to 512
[  367.555068][T11688] EXT4-fs: Ignoring removed oldalloc option
[  367.575712][ T5911] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  367.580399][T11688] EXT4-fs (loop0): 1 truncate cleaned up
[  367.594424][T11688] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.605823][ T5911] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  367.649250][  T974] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  367.655572][ T5911] usb 6-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00
[  367.679763][  T974] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  367.701511][  T974] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  367.716139][  T974] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  367.729223][  T974] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  367.737748][  T974] usb 3-1: Product: syz
[  367.742022][  T974] usb 3-1: Manufacturer: syz
[  367.760878][  T974] usb 3-1: SerialNumber: syz
[  367.762278][ T5911] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.774593][  T974] usb 3-1: config 0 descriptor??
[  367.783983][T11683] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  367.794728][T11683] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  367.817225][  T974] usb 3-1: ucan: probing device on interface #0
[  367.831309][ T5911] usb 6-1: config 0 descriptor??
[  368.061985][T11695] loop3: detected capacity change from 0 to 2048
[  368.093424][T11695] udf: Unknown parameter '0x0000000000000003Ôʯ‡‹§+Œkr‚÷aï[ƒôZ¼B?ÅØÞ¸²rQ¿¢.ÄÌpÈMŽAã夺ƒY
õp„ã¸�IÚêØÌ%j'
[  368.173598][ T5837] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.194488][T11695] binder: 11693:11695 ioctl c0306201 200000000440 returned -14
[  368.292680][ T5911] cypress 0003:04B4:DE61.000E: unknown main item tag 0x5
[  368.313437][ T5911] cypress 0003:04B4:DE61.000E: hidraw0: USB HID v0.00 Device [HID 04b4:de61] on usb-dummy_hcd.5-1/input0
[  368.414747][T11704] loop3: detected capacity change from 0 to 64
[  368.477494][   T30] audit: type=1800 audit(1761160388.405:138): pid=11704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2046" name="file1" dev="loop3" ino=5 res=0 errno=0
[  368.485121][  T974] ucan 3-1:0.0 can0: registered device
[  368.581702][ T5911] usb 6-1: USB disconnect, device number 14
[  368.653649][  T974] ucan 3-1:0.0 can0: firmware string: unknown
[  368.675279][  T974] usb 3-1: USB disconnect, device number 10
[  368.973009][T11708] loop7: detected capacity change from 0 to 32768
[  368.990354][T11708] ocfs2: Mounting device (7,7) on (node local, slot 0) with writeback data mode.
[  369.062333][ T6443] ocfs2: Unmounting device (7,7) on (node local)
[  369.633265][T11721] loop6: detected capacity change from 0 to 32768
[  369.650426][T11721] (syz.6.2053,11721,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  369.666103][T11721] (syz.6.2053,11721,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  369.876202][T11721] JBD2: Ignoring recovery information on journal
[  369.988354][T11750] loop3: detected capacity change from 0 to 256
[  369.996041][T11750] exfat: Deprecated parameter 'namecase'
[  370.012716][T11721] ocfs2: Mounting device (7,6) on (node local, slot 0) with writeback data mode.
[  370.049125][T11721] (syz.6.2053,11721,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xdf97dca5. Applying ECC.
[  370.105819][T11750] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  370.299325][T11721] (syz.6.2053,11721,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xc9ee627, computed 0x45d1f118. Applying ECC.
[  370.313132][T11721] (syz.6.2053,11721,1):ocfs2_block_check_validate:415 ERROR: Fixed CRC32 failed: stored: 0xc9ee627, computed 0x45d1f118
[  370.325714][T11721] (syz.6.2053,11721,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5
[  370.334560][T11721] (syz.6.2053,11721,1):ocfs2_quota_read:201 ERROR: status = -5
[  370.342117][T11721] Quota error (device loop6): find_tree_dqentry: Can't read quota tree block 3
[  370.351388][T11721] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[  370.360994][T11721] (syz.6.2053,11721,1):ocfs2_acquire_dquot:890 ERROR: status = -5
[  370.370849][T11721] (syz.6.2053,11721,1):ocfs2_symlink:1894 ERROR: status = -5
[  370.378296][T11721] (syz.6.2053,11721,1):ocfs2_symlink:2080 ERROR: status = -5
[  370.632484][T11762] loop7: detected capacity change from 0 to 512
[  370.647197][T11762] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  370.657815][ T6358] ocfs2: Unmounting device (7,6) on (node local)
[  370.713441][T11762] EXT4-fs (loop7): 1 truncate cleaned up
[  370.749124][T11762] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  370.886740][T11722] loop5: detected capacity change from 0 to 32768
[  370.934505][T11722] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  370.972596][ T6443] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.023501][T11722] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  371.270116][ T5831] ocfs2: Unmounting device (7,5) on (node local)
[  371.388239][T11760] loop2: detected capacity change from 0 to 32768
[  371.476521][T11780] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2065'.
[  371.721766][T11787] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2070'.
[  372.003948][T11795] loop3: detected capacity change from 0 to 256
[  372.098455][T11798] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2074'.
[  372.173246][   T30] audit: type=1800 audit(1761160392.097:139): pid=11795 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2072" name="file2" dev="loop3" ino=1048677 res=0 errno=0
[  372.174615][T11795] exFAT-fs (loop3): error, data size is invalid(34359738378)
[  372.223209][T11795] exFAT-fs (loop3): Filesystem has been set read-only
[  372.649012][T11807] option changes via remount are deprecated (pid=11806 comm=syz.7.2077)
[  372.667249][T11810] loop0: detected capacity change from 0 to 512
[  372.690684][T11810] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  372.734756][T11813] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2080'.
[  372.759178][T11810] EXT4-fs (loop0): 1 truncate cleaned up
[  372.822578][T11810] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  373.087788][ T5837] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.452900][T11832] loop7: detected capacity change from 0 to 4096
[  373.541674][T11832] ntfs3(loop7): ino=3, ntfs_set_state failed, -22.
[  373.561060][T11832] ntfs3(loop7): Failed to initialize $Extend/$ObjId.
[  373.655383][T11832] ntfs3(loop7): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" attr_set_size
[  373.749038][T11831] ntfs3(loop7): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" attr_set_size
[  373.888862][T11854] loop3: detected capacity change from 0 to 47
[  373.910906][T11731] ntfs3(loop7): ino=3, ntfs3_write_inode failed, -22.
[  373.927158][ T6443] ntfs3(loop7): ino=3, ntfs_set_state failed, -22.
[  373.955480][ T6443] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[  373.993788][ T6443] ntfs3(loop7): ino=3, ntfs_set_state failed, -22.
[  374.010611][T11731] ntfs3(loop7): ino=3, ntfs3_write_inode failed, -22.
[  374.183570][T11827] loop6: detected capacity change from 0 to 32768
[  374.223968][T11827] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  374.299856][   T30] audit: type=1326 audit(1761160394.228:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  374.380082][   T30] audit: type=1326 audit(1761160394.238:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  374.412355][   T30] audit: type=1326 audit(1761160394.238:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  374.445310][T11827] OCFS2: ERROR (device loop6): ocfs2_validate_gd_self: Group descriptor #2304 has bad signature 
[  374.470953][T11827] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  374.481947][T11870] Invalid logical block size (6)
[  374.502100][   T30] audit: type=1326 audit(1761160394.238:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  374.502180][   T30] audit: type=1326 audit(1761160394.238:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  374.502278][   T30] audit: type=1326 audit(1761160394.238:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  374.502354][   T30] audit: type=1326 audit(1761160394.238:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbd518efc9 code=0x7ffc0000
[  374.532104][T11827] OCFS2: File system is now read-only.
[  374.532274][T11827] (syz.6.2085,11827,1):ocfs2_search_chain:1852 ERROR: status = -30
[  374.532410][T11827] (syz.6.2085,11827,1):ocfs2_search_chain:1940 ERROR: status = -30
[  374.532454][T11827] (syz.6.2085,11827,1):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30
[  374.532505][T11827] (syz.6.2085,11827,1):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30
[  374.532549][T11827] (syz.6.2085,11827,1):__ocfs2_claim_clusters:2438 ERROR: status = -30
[  374.532591][T11827] (syz.6.2085,11827,1):__ocfs2_claim_clusters:2446 ERROR: status = -30
[  374.532634][T11827] (syz.6.2085,11827,1):ocfs2_local_alloc_new_window:1199 ERROR: status = -30
[  374.532678][T11827] (syz.6.2085,11827,1):ocfs2_local_alloc_new_window:1224 ERROR: status = -30
[  374.532721][T11827] (syz.6.2085,11827,1):ocfs2_local_alloc_slide_window:1298 ERROR: status = -30
[  374.533083][T11827] (syz.6.2085,11827,1):ocfs2_local_alloc_slide_window:1317 ERROR: status = -30
[  374.533204][T11827] (syz.6.2085,11827,1):ocfs2_reserve_local_alloc_bits:672 ERROR: status = -30
[  374.533250][T11827] (syz.6.2085,11827,1):ocfs2_reserve_local_alloc_bits:710 ERROR: status = -30
[  374.533340][T11827] (syz.6.2085,11827,1):ocfs2_reserve_clusters_with_limit:1172 ERROR: status = -30
[  374.533401][T11827] (syz.6.2085,11827,1):ocfs2_reserve_clusters_with_limit:1221 ERROR: status = -30
[  374.533445][T11827] (syz.6.2085,11827,1):ocfs2_lock_allocators:2775 ERROR: status = -30
[  374.533514][T11827] (syz.6.2085,11827,1):ocfs2_extend_allocation:592 ERROR: status = -30
[  374.533572][T11827] (syz.6.2085,11827,1):ocfs2_allocate_unwritten_extents:1499 ERROR: status = -30
[  374.533617][T11827] (syz.6.2085,11827,1):__ocfs2_change_file_space:2045 ERROR: status = -30
[  374.683986][ T6358] (syz-executor,6358,0):ocfs2_inode_is_valid_to_delete:947 ERROR: Skipping delete of system file 72
[  374.690697][ T6358] ocfs2: Unmounting device (7,6) on (node local)
[  374.728000][T11876] loop5: detected capacity change from 0 to 4096
[  375.002613][T11886] loop7: detected capacity change from 0 to 128
[  375.003753][T11886] EXT4-fs: Ignoring removed nobh option
[  375.026543][ T5911] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  375.030437][T11886] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  375.040682][T11886] ext4 filesystem being mounted at /280/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  375.127586][T11890] batadv_slave_1: entered promiscuous mode
[  375.128606][T11889] batadv_slave_1: left promiscuous mode
[  375.174270][ T5911] usb 4-1: Using ep0 maxpacket: 32
[  375.179633][ T5911] usb 4-1: config 0 has an invalid interface number: 209 but max is 0
[  375.179674][ T5911] usb 4-1: config 0 has no interface number 0
[  375.179720][ T5911] usb 4-1: config 0 interface 209 has no altsetting 0
[  375.184681][ T5911] usb 4-1: New USB device found, idVendor=1f71, idProduct=3306, bcdDevice=1b.23
[  375.184727][ T5911] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.184764][ T5911] usb 4-1: Product: syz
[  375.184793][ T5911] usb 4-1: Manufacturer: syz
[  375.184821][ T5911] usb 4-1: SerialNumber: syz
[  375.188079][ T5911] usb 4-1: config 0 descriptor??
[  375.344455][ T6443] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  375.543129][ T5911] usb 4-1: USB disconnect, device number 14
[  375.764700][T11878] loop2: detected capacity change from 0 to 32768
[  375.794712][T11878] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  375.864516][T11915] sp0: Synchronizing with TNC
[  375.872772][T11878] XFS (loop2): Ending clean mount
[  375.963624][ T5833] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  376.409956][T11925] loop7: detected capacity change from 0 to 1024
[  376.594768][T11731] hfsplus: b-tree write err: -5, ino 3
[  376.792159][T11905] loop5: detected capacity change from 0 to 32768
[  376.810547][T11905] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2120 (11905)
[  376.894767][T11905] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  376.920984][T11905] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  377.042144][T11953] loop6: detected capacity change from 0 to 512
[  377.113002][T11905] BTRFS info (device loop5): enabling ssd optimizations
[  377.120832][T11905] BTRFS info (device loop5): turning on async discard
[  377.125223][T11953] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.127630][T11905] BTRFS info (device loop5): enabling free space tree
[  377.151092][T11728] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  377.363183][T10557] BTRFS info (device loop5): qgroup scan completed (inconsistency flag cleared)
[  377.403494][ T6358] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.503221][ T5911] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  377.513878][ T5831] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  377.663888][ T5911] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  377.705027][ T5911] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  377.737431][T11930] loop3: detected capacity change from 0 to 32768
[  377.746687][ T5911] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  377.793447][ T5911] usb 8-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  377.816680][ T5911] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.841132][ T5911] usb 8-1: Product: syz
[  377.847865][ T5911] usb 8-1: Manufacturer: syz
[  377.858152][T11930] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  377.865841][ T5911] usb 8-1: SerialNumber: syz
[  377.881754][ T5911] usb 8-1: config 0 descriptor??
[  377.891256][T11965] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  377.927219][T11965] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  377.937179][ T5911] usb 8-1: ucan: probing device on interface #0
[  378.311822][ T5836] ocfs2: Unmounting device (7,3) on (node local)
[  378.576373][ T5911] ucan 8-1:0.0 can0: registered device
[  378.768744][ T5911] ucan 8-1:0.0 can0: firmware string: unknown
[  378.811211][ T5911] usb 8-1: USB disconnect, device number 10
[  378.869746][T12005] loop5: detected capacity change from 0 to 1024
[  378.908247][T12005] EXT4-fs: Ignoring removed orlov option
[  378.935062][T12005] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  378.978173][T12005] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.003491][T12008] loop3: detected capacity change from 0 to 4096
[  379.012269][T12008] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  379.122176][T12015] loop6: detected capacity change from 0 to 2048
[  379.138764][T12015] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  379.179026][T12016] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  379.212607][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.288949][T11991] loop0: detected capacity change from 0 to 32768
[  379.514523][T12022] batadv_slave_1: entered promiscuous mode
[  379.574426][T12022] batman_adv: batadv0: Adding interface: macvlan2
[  379.595229][T12022] batman_adv: batadv0: Interface activated: macvlan2
[  379.629016][T12027] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.637186][T12027] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.179389][  T974] usb 6-1: new full-speed USB device number 15 using dummy_hcd
[  380.371536][  T974] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  380.403406][  T974] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  380.436978][  T974] usb 6-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  380.485514][  T974] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.499514][  T974] usb 6-1: config 0 descriptor??
[  380.509962][T12043] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  380.535305][T12043] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  380.573906][ T5988] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  380.744143][ T5988] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  380.765725][ T5988] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[  380.800509][ T5988] usb 4-1: New USB device found, idVendor=057e, idProduct=2019, bcdDevice= 0.00
[  380.826646][ T5988] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.848611][ T5988] usb 4-1: config 0 descriptor??
[  380.940947][  T974] isku 0003:1E7D:319C.000F: unknown main item tag 0x0
[  380.947925][  T974] isku 0003:1E7D:319C.000F: unknown main item tag 0x0
[  380.975866][  T974] isku 0003:1E7D:319C.000F: unknown main item tag 0x0
[  380.984062][T12037] loop7: detected capacity change from 0 to 32768
[  380.998951][  T974] isku 0003:1E7D:319C.000F: unknown main item tag 0x0
[  381.007798][T12037] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.2169 (12037)
[  381.029223][  T974] isku 0003:1E7D:319C.000F: unknown main item tag 0x0
[  381.038115][  T974] isku 0003:1E7D:319C.000F: unknown main item tag 0x0
[  381.053393][  T974] isku 0003:1E7D:319C.000F: unknown main item tag 0x0
[  381.061126][T12037] BTRFS info (device loop7): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  381.082872][  T974] isku 0003:1E7D:319C.000F: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.5-1/input0
[  381.094542][T12037] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm
[  381.136410][T12051] kernel profiling enabled (shift: 7)
[  381.236424][T12037] BTRFS info (device loop7): enabling ssd optimizations
[  381.255869][T12037] BTRFS info (device loop7): turning on async discard
[  381.288743][T12037] BTRFS info (device loop7): enabling free space tree
[  381.328981][ T5988] nintendo 0003:057E:2019.0010: hidraw1: USB HID v88.07 Device [HID 057e:2019] on usb-dummy_hcd.3-1/input0
[  381.330569][T12032] loop2: detected capacity change from 0 to 40427
[  381.364415][T12032] F2FS-fs (loop2): invalid crc value
[  381.382247][  T974] usb 6-1: USB disconnect, device number 15
[  381.443466][ T5988] nintendo 0003:057E:2019.0010: Failed to get joycon info; ret=-38
[  381.458607][ T5988] nintendo 0003:057E:2019.0010: Failed to retrieve controller info; ret=-38
[  381.476591][ T5988] nintendo 0003:057E:2019.0010: Failed to initialize controller; ret=-38
[  381.497850][ T5988] nintendo 0003:057E:2019.0010: probe - fail = -38
[  381.512826][ T5988] nintendo 0003:057E:2019.0010: probe with driver nintendo failed with error -38
[  381.532061][ T5988] usb 4-1: USB disconnect, device number 15
[  381.596742][T12032] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  381.629500][T12032] F2FS-fs (loop2): Start checkpoint disabled!
[  381.636953][T12032] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[  381.651422][T12032] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  381.682283][T12037] BTRFS warning (device loop7): failed to trim 1 device(s), last error -512
[  381.771606][ T6443] BTRFS info (device loop7): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  382.060894][T12045] loop6: detected capacity change from 0 to 40427
[  382.102080][T12045] F2FS-fs (loop6): Fix alignment : internally, start(4096) end(16896) block(12288)
[  382.140096][T12045] F2FS-fs (loop6): invalid crc value
[  382.232672][T12079] loop7: detected capacity change from 0 to 256
[  382.317982][T11733] kworker/u8:51: attempt to access beyond end of device
[  382.317982][T11733] loop2: rw=1, sector=77824, nr_sectors = 2536 limit=40427
[  382.358857][T11733] kworker/u8:51: attempt to access beyond end of device
[  382.358857][T11733] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  382.369493][ T5903] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  382.384113][T11733] CPU: 0 UID: 0 PID: 11733 Comm: kworker/u8:51 Not tainted syzkaller #0 PREEMPT(full) 
[  382.384160][T11733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  382.384185][T11733] Workqueue: writeback wb_workfn (flush-7:2)
[  382.384243][T11733] Call Trace:
[  382.384255][T11733]  <TASK>
[  382.384269][T11733]  dump_stack_lvl+0x16c/0x1f0
[  382.384316][T11733]  f2fs_handle_critical_error+0x624/0x9f0
[  382.384361][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.384407][T11733]  ? f2fs_build_fault_attr+0x53/0x1f0
[  382.384488][T11733]  f2fs_write_end_io+0x958/0xcf0
[  382.384541][T11733]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  382.384593][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.384652][T11733]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  382.384694][T11733]  bio_endio+0x713/0x860
[  382.384750][T11733]  submit_bio_noacct+0x306/0x1f60
[  382.384804][T11733]  __submit_merged_bio+0x33c/0x770
[  382.384855][T11733]  __submit_merged_write_cond+0x319/0x3f0
[  382.384915][T11733]  f2fs_write_cache_pages+0x2067/0x2570
[  382.385001][T11733]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  382.385058][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.385105][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.385150][T11733]  ? find_held_lock+0x2b/0x80
[  382.385201][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.385252][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.385297][T11733]  ? do_raw_spin_unlock+0x172/0x230
[  382.385361][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.385407][T11733]  ? f2fs_available_free_memory+0x279/0xa30
[  382.385556][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.385601][T11733]  ? lock_acquire+0x179/0x350
[  382.385637][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.385693][T11733]  f2fs_write_data_pages+0x4ad/0xd90
[  382.385754][T11733]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  382.385822][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.385866][T11733]  ? __lock_acquire+0xb8a/0x1c90
[  382.385929][T11733]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  382.385984][T11733]  do_writepages+0x27a/0x600
[  382.386031][T11733]  ? __pfx_do_writepages+0x10/0x10
[  382.386067][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.386111][T11733]  ? reacquire_held_locks+0xcd/0x1f0
[  382.386173][T11733]  ? writeback_sb_inodes+0x3b0/0xfa0
[  382.386229][T11733]  __writeback_single_inode+0x160/0xfb0
[  382.386283][T11733]  ? __pfx___writeback_single_inode+0x10/0x10
[  382.386330][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.386375][T11733]  ? do_raw_spin_unlock+0x172/0x230
[  382.386419][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.386478][T11733]  writeback_sb_inodes+0x60d/0xfa0
[  382.386554][T11733]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  382.386600][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.386644][T11733]  ? find_held_lock+0x2b/0x80
[  382.386768][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.386813][T11733]  ? rcu_is_watching+0x12/0xc0
[  382.386861][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.386905][T11733]  ? queue_io+0x3f6/0x520
[  382.386952][T11733]  wb_writeback+0x419/0xb70
[  382.387013][T11733]  ? __pfx_wb_writeback+0x10/0x10
[  382.387057][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.387118][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.387162][T11733]  ? mark_held_locks+0x49/0x80
[  382.387232][T11733]  wb_workfn+0x14d/0xbe0
[  382.387287][T11733]  ? try_to_wake_up+0x160/0x1870
[  382.387342][T11733]  ? __pfx_wb_workfn+0x10/0x10
[  382.387396][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.387447][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.387505][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.387549][T11733]  ? rcu_is_watching+0x12/0xc0
[  382.387607][T11733]  process_one_work+0x9cf/0x1b70
[  382.387673][T11733]  ? __pfx_process_one_work+0x10/0x10
[  382.387716][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.387775][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.387819][T11733]  ? assign_work+0x1a0/0x250
[  382.387863][T11733]  worker_thread+0x6c8/0xf10
[  382.387932][T11733]  ? __pfx_worker_thread+0x10/0x10
[  382.387974][T11733]  kthread+0x3c5/0x780
[  382.388013][T11733]  ? __pfx_kthread+0x10/0x10
[  382.388054][T11733]  ? srso_alias_return_thunk+0x5/0xfbef5
[  382.388099][T11733]  ? rcu_is_watching+0x12/0xc0
[  382.388149][T11733]  ? __pfx_kthread+0x10/0x10
[  382.388190][T11733]  ret_from_fork+0x675/0x7d0
[  382.388249][T11733]  ? __pfx_kthread+0x10/0x10
[  382.388288][T11733]  ret_from_fork_asm+0x1a/0x30
[  382.388374][T11733]  </TASK>
[  382.395183][T12045] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  382.438216][T11733] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  382.504530][T12045] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  382.853364][ T5911] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  382.901746][T12073] loop0: detected capacity change from 0 to 40427
[  382.923841][T12073] F2FS-fs (loop0): build fault injection rate: 14
[  382.937458][T12045] F2FS-fs (loop6): Try to recover all the superblocks, ret: 0
[  382.942160][ T5903] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  382.945220][T12073] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  382.956012][ T5903] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  382.967535][T12073] F2FS-fs (loop0): invalid crc value
[  382.985662][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of bio_endio+0x713/0x860
[  383.005029][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of bio_endio+0x713/0x860
[  383.041119][ T5903] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  383.052745][ T5911] usb 8-1: config 0 has an invalid interface number: 64 but max is 0
[  383.068975][ T5911] usb 8-1: config 0 has an invalid descriptor of length 47, skipping remainder of the config
[  383.090769][ T5903] usb 6-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  383.100114][ T5903] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  383.108337][ T5911] usb 8-1: config 0 has no interface number 0
[  383.110145][T12073] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  383.117807][ T5903] usb 6-1: Product: syz
[  383.138028][ T5903] usb 6-1: Manufacturer: syz
[  383.142722][ T5903] usb 6-1: SerialNumber: syz
[  383.142901][T12073] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_recover_fsync_data+0x49d/0x98b0
[  383.168584][ T5903] usb 6-1: config 0 descriptor??
[  383.174805][T12076] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  383.175167][T12073] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  383.183600][T12076] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  383.197976][ T5911] usb 8-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  383.207059][ T5911] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  383.215494][ T5911] usb 8-1: Product: syz
[  383.219989][ T5911] usb 8-1: Manufacturer: syz
[  383.224806][ T5911] usb 8-1: SerialNumber: syz
[  383.230897][ T5903] usb 6-1: ucan: probing device on interface #0
[  383.241528][ T5911] usb 8-1: config 0 descriptor??
[  383.255368][ T5911] uvcvideo 8-1:0.64: probe with driver uvcvideo failed with error -22
[  383.491993][  T974] usb 8-1: USB disconnect, device number 11
[  383.888082][ T5903] ucan 6-1:0.0 can0: registered device
[  384.002652][T12096] netlink: 143 bytes leftover after parsing attributes in process `syz.6.2183'.
[  384.089077][ T5903] ucan 6-1:0.0 can0: firmware string: unknown
[  384.113791][ T5903] usb 6-1: USB disconnect, device number 16
[  384.225275][T12101] netlink: 'syz.3.2189': attribute type 2 has an invalid length.
[  384.343972][T12105] loop7: detected capacity change from 0 to 2048
[  384.423153][T12105] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.447510][T12105] ext4 filesystem being mounted at /291/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  384.551491][T12115] EXT4-fs error (device loop7): ext4_validate_block_bitmap:440: comm syz.7.2190: bg 0: block 345: padding at end of block bitmap is not set
[  384.567955][T12115] EXT4-fs (loop7): Remounting filesystem read-only
[  384.586328][T12112] bond1: entered promiscuous mode
[  384.593608][T12117] loop3: detected capacity change from 0 to 1024
[  384.656213][T12117] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.756725][ T6443] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.812269][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.012544][T12127] vivid-007: disconnect
[  385.035155][T12126] vivid-007: reconnect
[  385.053832][T12094] loop2: detected capacity change from 0 to 32768
[  385.481506][T12146] loop0: detected capacity change from 0 to 64
[  386.203809][T12162] loop2: detected capacity change from 0 to 2048
[  386.314530][T12162] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  386.394268][T12162] ext4 filesystem being mounted at /409/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  386.640010][T12171] EXT4-fs error (device loop2): ext4_validate_block_bitmap:440: comm syz.2.2209: bg 0: block 345: padding at end of block bitmap is not set
[  386.741076][T12171] EXT4-fs (loop2): Remounting filesystem read-only
[  387.157215][T12157] loop6: detected capacity change from 0 to 131072
[  387.189169][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.299098][T12157] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  387.326530][T12157] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  387.901066][T12193] loop2: detected capacity change from 0 to 128
[  387.913646][T12193] EXT4-fs: Ignoring removed nobh option
[  387.952217][T12193] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  387.978004][T12193] ext4 filesystem being mounted at /412/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  388.087717][T12175] loop5: detected capacity change from 0 to 32768
[  388.096591][T12175] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2219 (12175)
[  388.119134][T12175] BTRFS info (device loop5): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  388.144533][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  388.145397][T12175] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  388.150933][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  388.343919][ T5833] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  388.379442][T12175] BTRFS info (device loop5): enabling ssd optimizations
[  388.388076][T12175] BTRFS info (device loop5): turning on async discard
[  388.394859][T12175] BTRFS info (device loop5): enabling free space tree
[  388.442663][T12216] loop0: detected capacity change from 0 to 512
[  388.476269][T12216] EXT4-fs: Ignoring removed mblk_io_submit option
[  388.510375][T12216] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  388.527507][T12216] EXT4-fs error (device loop0): ext4_free_branches:1020: inode #13: comm syz.0.2229: invalid indirect mapped block 256 (level 1)
[  388.567357][T12216] EXT4-fs error (device loop0): ext4_free_branches:1020: inode #13: comm syz.0.2229: invalid indirect mapped block 2683928664 (level 1)
[  388.636066][T12216] EXT4-fs (loop0): 1 truncate cleaned up
[  388.647563][T12216] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.751912][T12216] EXT4-fs (loop0): shut down requested (1)
[  388.773003][T12175] BTRFS warning (device loop5): failed to trim 1 device(s), last error -512
[  388.887097][ T5837] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.946474][ T5831] BTRFS info (device loop5): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  389.274081][T12231] loop2: detected capacity change from 0 to 512
[  389.315008][T12231] EXT4-fs (loop2): Test dummy encryption mode enabled
[  389.335896][T12231] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  389.415605][T12231] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.2236: bad orphan inode 131083
[  389.454040][T12233] loop0: detected capacity change from 0 to 4096
[  389.476053][T12231] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  389.512117][T12233] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  389.544099][T12231] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  389.619334][T12237] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.626593][T12237] bridge0: port 2(bridge_slave_1) entered forwarding state
[  389.634157][T12237] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.639084][T12240] overlayfs: upper fs needs to support d_type.
[  389.641349][T12237] bridge0: port 1(bridge_slave_0) entered forwarding state
[  389.673184][T12233] ntfs3(loop0): ino=1a, mi_enum_attr
[  389.683083][T12233] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  389.771121][T12237] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  389.869026][ T5833] EXT4-fs error (device loop2): ext4_readdir:262: inode #2: block 13: comm syz-executor: path /415/bus: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  389.936042][T12239] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  389.986688][T12245] netlink: 180 bytes leftover after parsing attributes in process `syz.6.2225'.
[  390.239888][T12251] loop6: detected capacity change from 0 to 64
[  390.287512][T12251] hfs: request for non-existent node 237 in B*Tree
[  390.306785][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.315865][T12251] hfs: request for non-existent node 237 in B*Tree
[  390.359861][T12251] hfs: request for non-existent node 237 in B*Tree
[  390.396454][T12251] hfs: request for non-existent node 237 in B*Tree
[  390.423571][T12251] hfs: request for non-existent node 237 in B*Tree
[  390.423622][T12238] loop7: detected capacity change from 0 to 32768
[  390.432596][T12238] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.2238 (12238)
[  390.450585][ T5911] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  390.464894][T12251] hfs: request for non-existent node 237 in B*Tree
[  390.499910][T11731] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.516091][T12238] BTRFS info (device loop7): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  390.548076][T12238] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm
[  390.624994][ T5911] usb 6-1: Using ep0 maxpacket: 8
[  390.634471][ T5911] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  390.634531][ T5911] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  390.634572][ T5911] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  390.634639][ T5911] usb 6-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00
[  390.634681][ T5911] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  390.642336][ T5911] usb 6-1: config 0 descriptor??
[  390.705936][T11731] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.791997][T12238] BTRFS info (device loop7): enabling ssd optimizations
[  390.792063][T12238] BTRFS info (device loop7): turning on async discard
[  390.792094][T12238] BTRFS info (device loop7): enabling free space tree
[  390.861519][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  390.861544][   T30] audit: type=1800 audit(1761160410.796:151): pid=12238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2238" name="file1" dev="loop7" ino=260 res=0 errno=0
[  390.880674][   T30] audit: type=1800 audit(1761160410.816:152): pid=12238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2238" name="file1" dev="loop7" ino=260 res=0 errno=0
[  390.885662][T11731] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.044082][T11731] netdevsim netdevsim2 netdevsim0 (unregistering): left allmulticast mode
[  391.046045][T11731] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.078787][ T5911] logitech 0003:046D:C293.0011: bogus close delimiter
[  391.078819][ T5911] logitech 0003:046D:C293.0011: item 0 1 2 10 parsing failed
[  391.079622][ T5911] logitech 0003:046D:C293.0011: parse failed
[  391.079746][ T5911] logitech 0003:046D:C293.0011: probe with driver logitech failed with error -22
[  391.123316][T12277] loop6: detected capacity change from 0 to 512
[  391.124546][T12277] EXT4-fs: Ignoring removed nobh option
[  391.226708][T12277] EXT4-fs: inline encryption not supported
[  391.227560][T12277] EXT4-fs (loop6): Test dummy encryption mode enabled
[  391.274384][ T6443] BTRFS info (device loop7): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  391.292086][    T9] usb 6-1: USB disconnect, device number 17
[  391.303412][T12277] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  391.345568][T12277] EXT4-fs error (device loop6): ext4_free_branches:1020: inode #13: comm syz.6.2250: invalid indirect mapped block 2683928664 (level 1)
[  391.399696][T12277] EXT4-fs (loop6): Remounting filesystem read-only
[  391.407091][T12277] EXT4-fs (loop6): 1 truncate cleaned up
[  391.415124][T12277] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  391.578097][T11731] bridge_slave_1: left allmulticast mode
[  391.588992][T11731] bridge_slave_1: left promiscuous mode
[  391.615348][T11731] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.671739][ T6358] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.700599][T12284] usb usb8: usbfs: process 12284 (syz.0.2254) did not claim interface 0 before use
[  391.716678][T11731] bridge_slave_0: left allmulticast mode
[  391.722335][T11731] bridge_slave_0: left promiscuous mode
[  391.747304][T11731] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.085821][ T5847] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  392.102148][ T5847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  392.112612][ T5847] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  392.130830][ T5847] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  392.154244][ T5847] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  392.163748][T12298] input: syz0 as /devices/virtual/input/input31
[  392.508381][T11731] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  392.520839][T11731] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  392.531229][T11731] bond0 (unregistering): Released all slaves
[  393.710307][T11731] hsr_slave_0: left promiscuous mode
[  393.769486][T11731] hsr_slave_1: left promiscuous mode
[  393.783407][T11731] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  393.816272][T11731] batman_adv: batadv0: Removing interface: batadv_slave_0
[  393.845851][T11731] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  393.861215][T11731] batman_adv: batadv0: Removing interface: batadv_slave_1
[  393.910192][T12313] loop0: detected capacity change from 0 to 32768
[  393.942534][T12313] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2267 (12313)
[  393.975390][T12345] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  394.098430][T11731] veth1_macvtap: left promiscuous mode
[  394.126602][T11731] veth0_macvtap: left promiscuous mode
[  394.157492][T11731] veth1_vlan: left promiscuous mode
[  394.176773][T11731] veth0_vlan: left promiscuous mode
[  394.212241][ T5840] Bluetooth: hci3: command tx timeout
[  394.626570][T12350] loop6: detected capacity change from 0 to 128
[  394.664194][T12350] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  394.716438][T12350] hpfs: filesystem error: improperly stopped
[  394.734706][T12350] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  394.767167][T12350] hpfs: You really don't want any checks? You are crazy...
[  394.792325][T12350] hpfs: hpfs_map_sector(): read error
[  394.797729][T12350] hpfs: code page support is disabled
[  394.835764][T12350] hpfs: hpfs_map_4sectors(): unaligned read
[  394.853215][T12350] hpfs: hpfs_map_4sectors(): unaligned read
[  394.895517][T12313] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  394.912462][T12350] hpfs: filesystem error: unable to find root dir
[  394.935376][T12313] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  395.020970][T12350] hpfs: hpfs_map_4sectors(): unaligned read
[  395.120288][T12313] BTRFS info (device loop0): setting nodatasum
[  395.139643][T12313] BTRFS info (device loop0): setting nodatacow
[  395.153081][T12343] loop5: detected capacity change from 0 to 131072
[  395.161525][T12313] BTRFS info (device loop0): turning on async discard
[  395.168403][T12313] BTRFS info (device loop0): enabling free space tree
[  395.175437][T12313] BTRFS info (device loop0): max_inline set to 0
[  395.218473][T12343] F2FS-fs (loop5): invalid crc value
[  395.310557][T12343] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  395.331778][T12343] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  395.440299][ T5837] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  395.735017][T12377] netlink: 'syz.6.2286': attribute type 53 has an invalid length.
[  395.828633][T12352] loop3: detected capacity change from 0 to 32768
[  396.308653][ T5840] Bluetooth: hci3: command tx timeout
[  396.541962][T11731] team0 (unregistering): Port device team_slave_1 removed
[  396.672225][T11731] team0 (unregistering): Port device team_slave_0 removed
[  396.996964][T12397] loop3: detected capacity change from 0 to 512
[  397.036113][T12397] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  397.070022][T12386] loop0: detected capacity change from 0 to 32768
[  397.105708][T12386] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2289 (12386)
[  397.265753][T12386] BTRFS info (device loop0): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  397.293054][T12386] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  397.398997][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  397.466474][T12386] BTRFS info (device loop0): enabling ssd optimizations
[  397.486058][T12386] BTRFS info (device loop0): turning on async discard
[  397.508582][T12386] BTRFS info (device loop0): enabling free space tree
[  397.535221][T12401] loop5: detected capacity change from 0 to 40427
[  397.544106][T12401] F2FS-fs (loop5): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[  397.551935][T12401] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  397.569812][T12401] F2FS-fs (loop5): invalid crc value
[  397.671129][T12401] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=1000000, run fsck to fix.
[  397.695387][T12401] F2FS-fs (loop5): sanity_check_inode: inode (ino=3) has corrupted i_xattr_nid: 16777216, run fsck to fix.
[  397.707341][T12401] F2FS-fs (loop5): Failed to read root inode
[  397.804035][T12386] BTRFS warning (device loop0): failed to trim 1 device(s), last error -512
[  397.845049][T12293] chnl_net:caif_netlink_parms(): no params data found
[  397.921871][ T5837] BTRFS info (device loop0): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  398.388976][ T5840] Bluetooth: hci3: command tx timeout
[  398.563639][T12293] bridge0: port 1(bridge_slave_0) entered blocking state
[  398.580162][T12293] bridge0: port 1(bridge_slave_0) entered disabled state
[  398.587523][T12293] bridge_slave_0: entered allmulticast mode
[  398.619522][T12293] bridge_slave_0: entered promiscuous mode
[  398.654235][T12293] bridge0: port 2(bridge_slave_1) entered blocking state
[  398.677549][T12293] bridge0: port 2(bridge_slave_1) entered disabled state
[  398.711688][T12293] bridge_slave_1: entered allmulticast mode
[  398.740428][T12293] bridge_slave_1: entered promiscuous mode
[  398.985847][T12293] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  399.104106][T11731] IPVS: stop unused estimator thread 0...
[  399.104139][T12293] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  399.334693][T12293] team0: Port device team_slave_0 added
[  399.373936][T12293] team0: Port device team_slave_1 added
[  399.540360][T12293] batman_adv: batadv0: Adding interface: batadv_slave_0
[  399.557593][T12293] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  399.624298][T12293] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  399.647671][T12293] batman_adv: batadv0: Adding interface: batadv_slave_1
[  399.669572][T12293] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  399.729668][T12293] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  399.786430][T12448] loop3: detected capacity change from 0 to 32768
[  399.786994][T12437] loop5: detected capacity change from 0 to 40427
[  399.828143][T12437] F2FS-fs (loop5): invalid crc value
[  399.829810][T12450] loop7: detected capacity change from 0 to 32768
[  399.875547][T12450] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.2305 (12450)
[  399.946289][T12293] hsr_slave_0: entered promiscuous mode
[  399.956247][T12450] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  399.968689][T12293] hsr_slave_1: entered promiscuous mode
[  399.975247][T12293] debugfs: 'hsr0' already exists in 'hsr'
[  399.984823][T12450] BTRFS info (device loop7): using sha256 (sha256-lib) checksum algorithm
[  399.994163][T12293] Cannot create hsr debugfs directory
[  400.037431][T12454] loop6: detected capacity change from 0 to 32768
[  400.040701][T12437] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  400.057541][T12454] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2306 (12454)
[  400.058181][T12437] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  400.118467][T12454] BTRFS info (device loop6): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  400.129088][T12454] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  400.142847][T12450] BTRFS info (device loop7): enabling ssd optimizations
[  400.152737][T12450] BTRFS info (device loop7): turning on async discard
[  400.169936][T12450] BTRFS info (device loop7): enabling free space tree
[  400.237144][ T5831] syz-executor: attempt to access beyond end of device
[  400.237144][ T5831] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  400.253008][ T5831] CPU: 0 UID: 0 PID: 5831 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  400.253054][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  400.253076][ T5831] Call Trace:
[  400.253087][ T5831]  <TASK>
[  400.253101][ T5831]  dump_stack_lvl+0x16c/0x1f0
[  400.253150][ T5831]  f2fs_handle_critical_error+0x624/0x9f0
[  400.253194][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.253240][ T5831]  ? f2fs_build_fault_attr+0x53/0x1f0
[  400.253313][ T5831]  f2fs_write_end_io+0x958/0xcf0
[  400.253363][ T5831]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  400.253414][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.253472][ T5831]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  400.253516][ T5831]  bio_endio+0x713/0x860
[  400.253571][ T5831]  submit_bio_noacct+0x306/0x1f60
[  400.253624][ T5831]  __submit_merged_bio+0x33c/0x770
[  400.253674][ T5831]  __submit_merged_write_cond+0x319/0x3f0
[  400.253732][ T5831]  f2fs_write_cache_pages+0x2067/0x2570
[  400.253824][ T5831]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  400.253873][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.253998][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.254043][ T5831]  ? cpufreq_update_util+0x1d4/0x2d0
[  400.254159][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.254212][ T5831]  f2fs_write_data_pages+0x4ad/0xd90
[  400.254275][ T5831]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  400.254322][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.254381][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.254433][ T5831]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  400.254487][ T5831]  do_writepages+0x27a/0x600
[  400.254534][ T5831]  ? __pfx_do_writepages+0x10/0x10
[  400.254570][ T5831]  ? do_raw_spin_unlock+0x172/0x230
[  400.254614][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.254658][ T5831]  ? _raw_spin_unlock+0x28/0x50
[  400.254701][ T5831]  filemap_fdatawrite_wbc+0x104/0x160
[  400.254747][ T5831]  __filemap_fdatawrite_range+0xb9/0x100
[  400.254800][ T5831]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  400.254920][ T5831]  ? find_held_lock+0x2b/0x80
[  400.254971][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.255017][ T5831]  ? do_raw_spin_unlock+0x172/0x230
[  400.255061][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.255114][ T5831]  f2fs_sync_dirty_inodes+0x2a2/0x980
[  400.255191][ T5831]  block_operations+0x2b0/0xfe0
[  400.255259][ T5831]  ? __pfx_block_operations+0x10/0x10
[  400.255378][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.255428][ T5831]  ? ktime_get+0x200/0x310
[  400.255482][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.255526][ T5831]  ? lockdep_hardirqs_on+0x7c/0x110
[  400.255569][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.255614][ T5831]  ? rcu_is_watching+0x12/0xc0
[  400.255671][ T5831]  f2fs_write_checkpoint+0x32b/0x5300
[  400.255745][ T5831]  ? kfree+0x2b8/0x6d0
[  400.255788][ T5831]  ? f2fs_stop_gc_thread+0x79/0xd0
[  400.255849][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.255894][ T5831]  ? rcu_is_watching+0x12/0xc0
[  400.255941][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.255985][ T5831]  ? kthread_stop+0x272/0x630
[  400.256026][ T5831]  kill_f2fs_super+0x3d6/0x490
[  400.256081][ T5831]  ? __pfx_kill_f2fs_super+0x10/0x10
[  400.256156][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.256220][ T5831]  deactivate_locked_super+0xc1/0x1a0
[  400.256276][ T5831]  deactivate_super+0xde/0x100
[  400.256331][ T5831]  cleanup_mnt+0x225/0x450
[  400.256391][ T5831]  task_work_run+0x150/0x240
[  400.256434][ T5831]  ? __pfx_task_work_run+0x10/0x10
[  400.256472][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.256520][ T5831]  ? __pfx___x64_sys_umount+0x10/0x10
[  400.256593][ T5831]  exit_to_user_mode_loop+0xec/0x130
[  400.256637][ T5831]  do_syscall_64+0x426/0xfa0
[  400.256685][ T5831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.256723][ T5831] RIP: 0033:0x7f84d0f902f7
[  400.256758][ T5831] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  400.256796][ T5831] RSP: 002b:00007ffec1f70228 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  400.256831][ T5831] RAX: 0000000000000000 RBX: 00007f84d1011d7d RCX: 00007f84d0f902f7
[  400.256855][ T5831] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffec1f702e0
[  400.256879][ T5831] RBP: 00007ffec1f702e0 R08: 0000000000000000 R09: 0000000000000000
[  400.256904][ T5831] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffec1f71370
[  400.256928][ T5831] R13: 00007f84d1011d7d R14: 0000000000061b3f R15: 00007ffec1f713b0
[  400.256986][ T5831]  </TASK>
[  400.256999][ T5831] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  400.441256][T12293] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  400.459112][ T5840] Bluetooth: hci3: command tx timeout
[  400.500809][T12454] BTRFS info (device loop6): enabling ssd optimizations
[  400.748961][T12454] BTRFS info (device loop6): turning on async discard
[  400.755870][T12454] BTRFS info (device loop6): enabling free space tree
[  400.760095][ T6443] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  400.814738][T12293] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  400.847414][T12293] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  400.897210][T12293] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  401.009863][T12494] loop3: detected capacity change from 0 to 4096
[  401.090178][T12504] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  401.197597][T12454] BTRFS warning (device loop6): failed to trim 1 device(s), last error -512
[  401.306044][T12293] 8021q: adding VLAN 0 to HW filter on device bond0
[  401.413091][ T6358] BTRFS info (device loop6): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  401.449253][T12293] 8021q: adding VLAN 0 to HW filter on device team0
[  401.487721][T10557] bridge0: port 1(bridge_slave_0) entered blocking state
[  401.494918][T10557] bridge0: port 1(bridge_slave_0) entered forwarding state
[  401.558433][T11731] bridge0: port 2(bridge_slave_1) entered blocking state
[  401.565681][T11731] bridge0: port 2(bridge_slave_1) entered forwarding state
[  401.699733][T12512] nbd0: detected capacity change from 0 to 127
[  401.724699][ T5840] block nbd0: Receive control failed (result -32)
[  402.364729][T12293] 8021q: adding VLAN 0 to HW filter on device batadv0
[  402.948084][ T5911] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  403.100029][T12563] loop5: detected capacity change from 0 to 2048
[  403.120848][ T5911] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  403.131316][ T5911] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  403.149839][T12563] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  403.163690][ T5911] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  403.179906][ T5911] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  403.198068][ T5911] usb 4-1: SerialNumber: syz
[  403.224552][T12566] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  403.225670][T12293] veth0_vlan: entered promiscuous mode
[  403.272692][T12563] NILFS error (device loop5): nilfs_lookup: deleted inode referenced: 12
[  403.294913][T12293] veth1_vlan: entered promiscuous mode
[  403.318007][T12563] Remounting filesystem read-only
[  403.392661][T12572] sctp: [Deprecated]: syz.7.2335 (pid 12572) Use of int in max_burst socket option deprecated.
[  403.392661][T12572] Use struct sctp_assoc_value instead
[  403.407121][T12293] veth0_macvtap: entered promiscuous mode
[  403.434335][ T5911] usb 4-1: 0:2 : does not exist
[  403.437456][T12293] veth1_macvtap: entered promiscuous mode
[  403.488771][T12293] batman_adv: batadv0: Interface activated: batadv_slave_0
[  403.496496][ T5911] usb 4-1: USB disconnect, device number 16
[  403.563763][T12293] batman_adv: batadv0: Interface activated: batadv_slave_1
[  403.607580][  T974] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  403.620202][T10817] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  403.647717][T10817] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  403.688705][T10817] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  403.746672][T11728] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  403.807732][  T974] usb 7-1: Using ep0 maxpacket: 32
[  403.823353][  T974] usb 7-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  403.838883][  T974] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.871482][  T974] usb 7-1: config 0 descriptor??
[  403.977852][T10817] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  404.009639][T10817] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  404.107355][  T974] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  404.152056][  T974] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  404.163488][T10817] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  404.180097][  T974] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  404.209225][T10817] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  404.210852][  T974] usb 7-1: media controller created
[  404.344527][  T974] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  404.430948][  T974] az6027: usb out operation failed. (-71)
[  404.461921][  T974] az6027: usb out operation failed. (-71)
[  404.487185][  T974] stb0899_attach: Driver disabled by Kconfig
[  404.507348][  T974] az6027: no front-end attached
[  404.507348][  T974] 
[  404.537172][  T974] az6027: usb out operation failed. (-71)
[  404.542926][  T974] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  404.583285][  T974] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.6/usb7/7-1/input/input32
[  404.637048][  T974] dvb-usb: schedule remote query interval to 400 msecs.
[  404.644045][  T974] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  404.671244][  T974] usb 7-1: USB disconnect, device number 9
[  404.788486][  T974] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  404.828893][ T5988] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  404.902600][T12576] loop5: detected capacity change from 0 to 32768
[  404.923360][T12576] 
[  404.923360][T12576]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  404.923360][T12576] 
[  404.985372][T12576] ERROR: (device loop5): diWrite: ixpxd invalid
[  404.985372][T12576] 
[  405.021843][T12576] ERROR: (device loop5): txAbort: 
[  405.021843][T12576] 
[  405.029163][ T5988] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  405.040037][ T5988] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  405.040622][T12576] ERROR: (device loop5): diFree: invalid inoext
[  405.040622][T12576] 
[  405.091620][ T5988] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  405.112892][ T5988] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.172661][T11731] JFS: metapage_get_blocks failed
[  405.180792][T11731] 
[  405.180792][T11731]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  405.180792][T11731] 
[  405.210277][T11731] 
[  405.210277][T11731]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  405.210277][T11731] 
[  405.234078][T11731] 
[  405.234078][T11731]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  405.234078][T11731] 
[  405.263141][  T111] 
[  405.263141][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  405.263141][  T111] 
[  405.276372][T11731] ERROR: (device loop5): diWrite: ixpxd invalid
[  405.276372][T11731] 
[  405.293937][T11731] ERROR: (device loop5): txAbort: 
[  405.293937][T11731] 
[  405.322175][T11731] jfs_write_inode: jfs_commit_inode failed!
[  405.349703][ T5831] 
[  405.349703][ T5831]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  405.349703][ T5831] 
[  405.362287][T12607] loop7: detected capacity change from 0 to 2048
[  405.376886][ T5988] usb 9-1: GET_CAPABILITIES returned 0
[  405.382408][ T5988] usbtmc 9-1:16.0: can't read capabilities
[  405.390401][ T5831] 
[  405.390401][ T5831]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  405.390401][ T5831] 
[  405.418348][T12607] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  405.568769][T12600] loop0: detected capacity change from 0 to 32768
[  405.594467][T12600] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2347 (12600)
[  405.609887][ T5988] usb 9-1: USB disconnect, device number 2
[  405.661303][T12600] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  405.679871][ T6443] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.690032][T12600] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  405.834566][T12600] BTRFS info (device loop0): enabling ssd optimizations
[  405.854756][T12600] BTRFS info (device loop0): turning on async discard
[  405.877629][T12600] BTRFS info (device loop0): enabling free space tree
[  406.090624][ T5837] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  406.226275][   T44] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  406.442928][   T44] usb 7-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  406.466257][   T44] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.494695][   T44] usb 7-1: Product: syz
[  406.503459][   T44] usb 7-1: Manufacturer: syz
[  406.524843][   T44] usb 7-1: SerialNumber: syz
[  406.551414][   T44] usb 7-1: config 0 descriptor??
[  406.569768][T12648] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2362'.
[  406.663745][T12631] loop7: detected capacity change from 0 to 32768
[  406.940742][   T30] audit: type=1800 audit(1761160426.884:153): pid=12631 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2355" name="file1" dev="loop7" ino=4 res=0 errno=0
[  407.122666][T12631] read_mapping_page failed!
[  407.408626][T12631] read_mapping_page failed!
[  407.435747][T12631] ERROR: (device loop7): txAbort: 
[  407.435747][T12631] 
[  407.452971][   T44] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  407.479410][   T44] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9
[  407.502554][   T44] asix 7-1:0.0: probe with driver asix failed with error -71
[  407.538580][   T44] usb 7-1: USB disconnect, device number 10
[  407.848849][T12664] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2365'.
[  407.922897][T12652] loop0: detected capacity change from 0 to 131072
[  407.967979][T12652] F2FS-fs (loop0): Test dummy encryption mode enabled
[  407.979888][T12652] F2FS-fs (loop0): invalid crc value
[  408.000977][T12666] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2371'.
[  408.036565][T12670] loop8: detected capacity change from 0 to 128
[  408.086576][T12652] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  408.099863][T12652] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  408.119731][T12670] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  408.165387][T10557] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  408.195459][T12670] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  408.234677][T12675] loop5: detected capacity change from 0 to 512
[  408.343450][T12675] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  408.396871][T12675] ext4 filesystem being mounted at /378/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  408.477263][T12293] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  408.488712][T12675] Quota error (device loop5): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  408.572687][T12675] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  408.593937][T12675] EXT4-fs error (device loop5): ext4_acquire_dquot:6943: comm syz.5.2372: Failed to acquire dquot type 0
[  408.789824][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  409.136657][T12703] loop7: detected capacity change from 0 to 2048
[  409.155251][T12703] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024)
[  409.207664][T12697] loop3: detected capacity change from 0 to 4096
[  409.216099][T12706] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  409.489560][T12697] ntfs3(loop3): failed to convert "0080" to cp775
[  409.519501][T12697] ntfs3(loop3): failed to convert name for inode 1e.
[  409.554617][T12697] ntfs3(loop3): ino=1f, mi_enum_attr
[  409.564632][T12697] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  409.604311][T12691] loop6: detected capacity change from 0 to 32768
[  409.648718][T12691] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2378 (12691)
[  409.694509][T12691] BTRFS info (device loop6): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  409.734557][T12691] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[  409.751423][T12716] loop8: detected capacity change from 0 to 128
[  409.798169][T12716] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  409.841141][T12691] BTRFS info (device loop6): enabling ssd optimizations
[  409.880304][T12716] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  409.880850][T12736] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2393'.
[  409.893074][T12691] BTRFS info (device loop6): turning on async discard
[  409.907065][T12691] BTRFS info (device loop6): enabling free space tree
[  409.913849][T12691] BTRFS info (device loop6): use lzo compression, level 1
[  409.922545][T12736] netlink: 116 bytes leftover after parsing attributes in process `syz.3.2393'.
[  410.017100][   T30] audit: type=1800 audit(1761160429.956:154): pid=12691 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2378" name="file1" dev="loop6" ino=260 res=0 errno=0
[  410.144864][T12293] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  410.342148][ T6358] BTRFS info (device loop6): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  411.028782][T12754] input: syz0 as /devices/virtual/input/input33
[  411.294123][   T44] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  411.463736][   T44] usb 7-1: Using ep0 maxpacket: 16
[  411.482391][   T44] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  411.514154][   T44] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  411.542954][   T44] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  411.575836][   T44] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.605784][   T44] usb 7-1: Product: syz
[  411.609985][   T44] usb 7-1: Manufacturer: syz
[  411.633579][   T44] usb 7-1: SerialNumber: syz
[  411.641544][   T44] usb 7-1: config 0 descriptor??
[  411.671586][   T44] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  411.701188][   T44] em28xx 7-1:0.0: Audio interface 0 found (Vendor Class)
[  411.770979][T12776] loop8: detected capacity change from 0 to 512
[  411.799036][T12776] EXT4-fs: Ignoring removed orlov option
[  411.829925][T12776] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  411.854228][T12776] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  411.870262][T12776] EXT4-fs error (device loop8): ext4_iget_extra_inode:5074: inode #15: comm syz.8.2409: corrupted in-inode xattr: e_value size too large
[  411.889727][T12776] EXT4-fs error (device loop8): ext4_orphan_get:1395: comm syz.8.2409: couldn't read orphan inode 15 (err -117)
[  411.905026][T12776] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  411.984874][T12293] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.083304][ T5911] usb 8-1: new full-speed USB device number 12 using dummy_hcd
[  412.245770][ T5911] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  412.266754][ T5911] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  412.279334][   T44] em28xx 7-1:0.0: chip ID is em28174
[  412.302218][ T5911] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  412.317162][ T5911] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  412.325403][ T5911] usb 8-1: Product: syz
[  412.330148][ T5911] usb 8-1: Manufacturer: syz
[  412.335143][ T5911] usb 8-1: SerialNumber: syz
[  412.401772][T12798] loop8: detected capacity change from 0 to 1024
[  412.409801][T12798] EXT4-fs: Ignoring removed nobh option
[  412.415642][T12798] EXT4-fs: Ignoring removed bh option
[  412.459591][T12798] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.487406][   T44] usb 7-1: USB disconnect, device number 11
[  412.499272][   T44] em28xx 7-1:0.0: Disconnecting em28xx
[  412.539915][   T44] em28xx 7-1:0.0: Freeing device
[  412.556000][T12798] EXT4-fs (loop8): shut down requested (2)
[  412.657819][T12293] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.791662][ T5911] usb 8-1: cannot find UAC_HEADER
[  412.857355][ T5911] snd-usb-audio 8-1:1.0: probe with driver snd-usb-audio failed with error -22
[  412.998118][ T5911] usb 8-1: USB disconnect, device number 12
[  413.044014][T12819] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2426'.
[  413.374889][T12834] loop3: detected capacity change from 0 to 1024
[  413.433385][T12834] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  413.749697][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.821757][T12853] loop7: detected capacity change from 0 to 128
[  413.861550][T12854] loop6: detected capacity change from 0 to 127
[  413.906813][T12853] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  413.943533][T12853] ext4 filesystem being mounted at /321/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  414.095708][T12853] fscrypt (loop7, inode 12): Direct key flag not allowed with different contents and filenames modes
[  414.168764][T12846] loop6: detected capacity change from 0 to 32768
[  414.208341][T12859] loop0: detected capacity change from 0 to 4096
[  414.240412][T12859] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  414.284419][ T6443] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  414.290292][T12867] loop8: detected capacity change from 0 to 256
[  414.327255][T12859] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  414.344105][T12859] ntfs3(loop0): Failed to initialize $Extend/$Reparse.
[  414.594176][T12875] ntfs3(loop0): ino=1b, mi_enum_attr
[  414.835601][T12880] loop3: detected capacity change from 0 to 128
[  414.867497][T12880] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  415.119338][T12886] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2457'.
[  415.203964][T12864] loop5: detected capacity change from 0 to 32768
[  415.252520][T12864] ERROR: (device loop5): dbAlloc: the hint is outside the map
[  415.252520][T12864] 
[  415.269984][T12864] ERROR: (device loop5): remounting filesystem as read-only
[  415.278458][  T111] blkno = 5002c, nblocks = 1
[  415.285254][  T111] ERROR: (device loop5): dbUpdatePMap: blocks are outside the map
[  415.285254][  T111] 
[  415.297891][T12864] syz.5.2447: attempt to access beyond end of device
[  415.297891][T12864] loop5: rw=2049, sector=2621800, nr_sectors = 8 limit=32768
[  415.314621][  T111] blkno = 5002c, nblocks = 1
[  415.319781][  T111] ERROR: (device loop5): dbFree: block to be freed is outside the map
[  415.319781][  T111] 
[  415.345419][  T111] blkno = 5002d, nblocks = 1
[  415.355313][  T111] ERROR: (device loop5): dbUpdatePMap: blocks are outside the map
[  415.355313][  T111] 
[  415.736920][T12904] input: syz0 as /devices/virtual/input/input34
[  415.849645][T12908] loop5: detected capacity change from 0 to 128
[  415.879063][   T30] audit: type=1800 audit(1761160435.829:155): pid=12908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2462" name="file2" dev="loop5" ino=1048684 res=0 errno=0
[  415.951065][T12911] netlink: 272 bytes leftover after parsing attributes in process `syz.0.2469'.
[  416.140092][T12916] loop3: detected capacity change from 0 to 4096
[  416.196466][T12917] loop7: detected capacity change from 0 to 4096
[  416.210696][T12918] 8021q: adding VLAN 0 to HW filter on device bond1
[  416.216149][T12916] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  416.222796][T12918] bond0: (slave bond1): Enslaving as an active interface with an up link
[  416.242333][T12923] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2473'.
[  416.515317][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  416.713192][   T30] audit: type=1326 audit(1761160436.659:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12935 comm="syz.7.2479" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2abc78efc9 code=0x0
[  416.792246][T12942] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2480'.
[  416.830568][T12939] loop8: detected capacity change from 0 to 2048
[  416.854060][T12939] NILFS (loop8): broken superblock, retrying with spare superblock (blocksize = 1024)
[  416.920319][T12946] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  416.964410][T12945] macvlan2: entered allmulticast mode
[  416.980819][T12945] veth1_vlan: entered allmulticast mode
[  417.018898][T12945] veth1_vlan: left allmulticast mode
[  417.515042][T12952] loop6: detected capacity change from 0 to 4096
[  417.705580][T12952] ntfs3(loop6): failed to convert "0080" to cp775
[  417.724307][T12943] loop3: detected capacity change from 0 to 32768
[  417.750052][T12943] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2491 (12943)
[  417.754350][T12952] ntfs3(loop6): failed to convert name for inode 1e.
[  417.795524][T12962] IPVS: fo: FWM 3 0x00000003 - no destination available
[  417.808642][ T5988] IPVS: starting estimator thread 0...
[  417.816655][T12952] ntfs3(loop6): ino=1f, mi_enum_attr
[  417.835706][T12952] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  417.853846][T12943] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  417.910410][T12963] IPVS: using max 21 ests per chain, 50400 per kthread
[  417.910470][T12943] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  418.252068][T12943] BTRFS info (device loop3): enabling ssd optimizations
[  418.304850][T12943] BTRFS info (device loop3): turning on async discard
[  418.333158][T12943] BTRFS info (device loop3): enabling free space tree
[  418.613161][T12994] loop6: detected capacity change from 0 to 128
[  418.643677][ T5836] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  418.646168][T12994] EXT4-fs: Ignoring removed nobh option
[  418.717811][T12994] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  418.810000][T12994] ext4 filesystem being mounted at /363/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  419.024879][T12975] loop0: detected capacity change from 0 to 32768
[  419.042582][T12975] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2494 (12975)
[  419.135951][T12975] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  419.173144][T12975] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  419.188887][T12966] loop5: detected capacity change from 0 to 32768
[  419.232047][T12966] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2492 (12966)
[  419.291020][T12966] BTRFS info (device loop5): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  419.328404][T12966] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  419.344216][T13012] loop7: detected capacity change from 0 to 1024
[  419.369024][T13019] loop3: detected capacity change from 0 to 2048
[  419.379055][T13012] EXT4-fs: Ignoring removed nobh option
[  419.388499][T13012] EXT4-fs: Ignoring removed bh option
[  419.396121][T13019] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  419.401349][ T6358] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  419.419146][T12975] BTRFS info (device loop0): enabling ssd optimizations
[  419.426553][T12975] BTRFS info (device loop0): turning on async discard
[  419.437692][T13012] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  419.443609][T12975] BTRFS info (device loop0): enabling free space tree
[  419.472029][T13035] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  419.482024][T13012] EXT4-fs (loop7): shut down requested (2)
[  419.568864][T12966] BTRFS info (device loop5): enabling ssd optimizations
[  419.599789][T12966] BTRFS info (device loop5): turning on async discard
[  419.606608][T12966] BTRFS info (device loop5): enabling free space tree
[  419.656355][T12966] BTRFS info (device loop5): use lzo compression, level 1
[  419.660836][T13042] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2501'.
[  419.676270][ T6443] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  419.695018][ T5837] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  419.778424][   T30] audit: type=1800 audit(1761160439.731:157): pid=12966 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2492" name="file1" dev="loop5" ino=260 res=0 errno=0
[  419.907672][  T974] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  419.967345][T13048] bpf: Bad value for 'gid'
[  420.098475][  T974] usb 9-1: Using ep0 maxpacket: 8
[  420.143129][  T974] usb 9-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  420.159221][  T974] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.195225][  T974] pvrusb2: Hardware description: Terratec Grabster AV400
[  420.223758][  T974] pvrusb2: **********
[  420.227785][  T974] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  420.269195][  T974] pvrusb2: Important functionality might not be entirely working.
[  420.287250][  T974] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  420.308962][  T974] pvrusb2: **********
[  420.315290][ T5831] BTRFS info (device loop5): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  420.349704][T13052] loop7: detected capacity change from 0 to 4096
[  420.420402][ T2341] pvrusb2: Invalid write control endpoint
[  420.588632][ T2341] pvrusb2: Invalid write control endpoint
[  420.631469][ T5911] usb 9-1: USB disconnect, device number 3
[  420.665456][T13052] ntfs3(loop7): failed to convert "0080" to cp775
[  420.699201][T13052] ntfs3(loop7): failed to convert name for inode 1e.
[  420.722336][T13059] loop6: detected capacity change from 0 to 4096
[  420.739996][T13052] ntfs3(loop7): ino=1f, mi_enum_attr
[  420.769827][T13052] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[  421.053208][T13061] loop3: detected capacity change from 0 to 32768
[  421.062425][ T2341] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  421.071852][ T2341] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  421.079905][ T2341] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  421.089955][ T2341] pvrusb2: Device being rendered inoperable
[  421.095923][ T2341] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  421.104551][ T2341] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  421.109028][T13059] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  421.114807][T13061] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  421.127293][T13061] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  421.152552][ T2341] pvrusb2: Attached sub-driver cx25840
[  421.241834][ T2341] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  421.253987][T13061] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms
[  421.264223][ T5988] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  421.271701][ T5988] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  421.306321][ T2341] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  421.344545][T13069] 8021q: VLANs not supported on lo
[  421.442443][ T5988] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 170ms
[  421.460139][T10815] ntfs3(loop6): ino=5, mi_enum_attr
[  421.466026][ T5988] gfs2: fsid=syz:syz.0: jid=0: Done
[  421.474028][T13061] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  421.603928][T13073] loop5: detected capacity change from 0 to 128
[  421.627899][T13056] loop0: detected capacity change from 0 to 32768
[  421.635650][T13073] EXT4-fs: Ignoring removed nobh option
[  421.750792][T13073] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  421.781490][T13073] ext4 filesystem being mounted at /404/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  422.165252][T13088] loop6: detected capacity change from 0 to 2048
[  422.187487][T13088] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  422.232440][ T5831] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  422.255757][T13089] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  422.505111][T13096] loop5: detected capacity change from 0 to 256
[  423.208209][T13115] loop3: detected capacity change from 0 to 4096
[  423.228652][T13117] loop0: detected capacity change from 0 to 4096
[  423.246177][T13115] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  423.398801][T13115] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  423.437869][T13115] ntfs3(loop3): Failed to initialize $Extend/$Reparse.
[  423.465875][T13129] loop7: detected capacity change from 0 to 512
[  423.504620][T13129] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  423.590019][T13129] EXT4-fs (loop7): 1 truncate cleaned up
[  423.599758][T13129] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  423.868236][T13137] ntfs3(loop3): ino=1b, mi_enum_attr
[  423.925904][ T6443] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.096499][T13136] loop6: detected capacity change from 0 to 40427
[  424.105107][T13136] F2FS-fs (loop6): Invalid log blocks per segment (83886089)
[  424.112592][T13136] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  424.141784][T13136] F2FS-fs (loop6): invalid crc value
[  424.231666][T13136] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  424.235473][T13146] loop0: detected capacity change from 0 to 64
[  424.269001][T13136] F2FS-fs (loop6): Start checkpoint disabled!
[  424.276635][T13136] F2FS-fs (loop6): f2fs_disable_checkpoint() finish, err:0
[  424.291832][T13136] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[  424.292763][T13146] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[  424.299341][T13136] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  424.332002][T13149] loop3: detected capacity change from 0 to 128
[  424.365053][T13149] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  424.466057][T13149] ext4 filesystem being mounted at /442/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  424.511069][T13126] loop8: detected capacity change from 0 to 32768
[  424.626133][ T5836] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  424.739237][T13157] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2551'.
[  424.782604][T13157] netlink: 43 bytes leftover after parsing attributes in process `syz.0.2551'.
[  424.796960][T13157] netlink: 'syz.0.2551': attribute type 5 has an invalid length.
[  424.805775][T13157] netlink: 43 bytes leftover after parsing attributes in process `syz.0.2551'.
[  425.015978][T13167] input: syz1 as /devices/virtual/input/input35
[  425.472108][T13172] loop5: detected capacity change from 0 to 4096
[  425.564555][T13182] block nbd1: Unsupported socket: should be TCP or UNIX.
[  425.580256][T13180] loop8: detected capacity change from 0 to 1024
[  425.595089][T13183] loop6: detected capacity change from 0 to 512
[  425.650385][T13180] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  425.666796][T13183] EXT4-fs error (device loop6): ext4_validate_block_bitmap:440: comm syz.6.2548: bg 0: block 393: padding at end of block bitmap is not set
[  425.699480][T13183] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  425.744123][T13183] EXT4-fs (loop6): 2 truncates cleaned up
[  425.754781][T13183] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  425.856572][ T6358] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.992077][T13191] loop0: detected capacity change from 0 to 4096
[  426.079670][T13200] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  426.092087][T13191] NILFS error (device loop0): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  426.120018][T13191] NILFS (loop0): mounting fs with errors
[  426.658983][T13216] macvtap1: entered promiscuous mode
[  426.697246][T13216] macvtap1: entered allmulticast mode
[  426.727167][T13216] dummy0: entered promiscuous mode
[  426.733779][T13216] dummy0: entered allmulticast mode
[  426.759287][T13216] team0: Device macvtap1 failed to register rx_handler
[  426.793506][T13216] dummy0: left allmulticast mode
[  426.806364][T13216] dummy0: left promiscuous mode
[  427.005574][T13224] batman_adv: batadv0: Adding interface: vlan2
[  427.031025][T13224] batman_adv: batadv0: The MTU of interface vlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  427.145725][T13224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  427.158571][T13224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.199670][T13224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: macsec1
[  427.210911][T13224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.222231][T13224] batman_adv: batadv0: Not using interface vlan2 (retrying later): interface not active
[  427.288561][T13199] loop6: detected capacity change from 0 to 32768
[  427.322583][T13199] XFS (loop6): DAX unsupported by block device. Turning off DAX.
[  427.364256][T13199] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  427.366539][T13204] loop7: detected capacity change from 0 to 32768
[  427.435611][ T5911] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  427.439939][T13204] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  427.498681][T13199] XFS (loop6): Ending clean mount
[  427.515678][T13199] XFS (loop6): Quotacheck needed: Please wait.
[  427.575307][T13204] XFS (loop7): Ending clean mount
[  427.585503][ T5911] usb 4-1: Using ep0 maxpacket: 16
[  427.608916][T13252] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2585'.
[  427.616599][T13204] XFS (loop7): Quotacheck needed: Please wait.
[  427.618348][ T5911] usb 4-1: config 0 has an invalid interface number: 214 but max is 0
[  427.642778][T13199] XFS (loop6): Quotacheck: Done.
[  427.668756][T13204] XFS (loop7): Quotacheck: Done.
[  427.682504][ T5911] usb 4-1: config 0 has no interface number 0
[  427.715573][ T5911] usb 4-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  427.739606][ T5911] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  427.748939][ T5911] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  427.752963][T13254] loop8: detected capacity change from 0 to 512
[  427.769028][ T5911] usb 4-1: Product: syz
[  427.773210][ T5911] usb 4-1: Manufacturer: syz
[  427.786689][ T5911] usb 4-1: SerialNumber: syz
[  427.820186][ T5911] usb 4-1: config 0 descriptor??
[  427.825982][T13254] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  427.875192][ T6443] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  427.898375][ T6358] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  427.957671][T13254] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1134: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  428.008998][T13254] EXT4-fs error (device loop8): ext4_validate_block_bitmap:440: comm syz.8.2586: bg 0: block 248: padding at end of block bitmap is not set
[  428.056972][T13254] Quota error (device loop8): write_blk: dquota write failed
[  428.064478][T13254] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  428.082840][T13232] loop5: detected capacity change from 0 to 40427
[  428.127245][T13254] EXT4-fs error (device loop8): ext4_acquire_dquot:6943: comm syz.8.2586: Failed to acquire dquot type 1
[  428.156546][T13232] F2FS-fs (loop5): invalid crc value
[  428.187173][T13254] EXT4-fs (loop8): 1 truncate cleaned up
[  428.207773][T13254] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  428.294363][   T30] audit: type=1800 audit(1761160448.255:158): pid=13254 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2586" name="file1" dev="loop8" ino=15 res=0 errno=0
[  428.450852][T13232] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  428.460343][ T5911] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.214/input/input36
[  428.470672][T13232] F2FS-fs (loop5): Start checkpoint disabled!
[  428.480787][T12293] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  428.498545][T13232] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[  428.499137][T10883] Quota error (device loop8): do_check_range: Getting block 0 out of range 1-5
[  428.516265][T10883] EXT4-fs error (device loop8): ext4_release_dquot:6979: comm kworker/u8:37: Failed to release dquot type 1
[  428.546244][T13232] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  428.664472][ T5911] usb 4-1: USB disconnect, device number 17
[  428.715358][T13232] F2FS-fs (loop5): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  428.730835][T13266] loop8: detected capacity change from 0 to 128
[  428.753979][T13266] EXT4-fs: Ignoring removed nobh option
[  428.803933][T13266] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  428.872693][T10883] kworker/u8:37: attempt to access beyond end of device
[  428.872693][T10883] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  428.891522][T13266] ext4 filesystem being mounted at /48/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  428.945348][T10883] CPU: 0 UID: 0 PID: 10883 Comm: kworker/u8:37 Not tainted syzkaller #0 PREEMPT(full) 
[  428.945398][T10883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  428.945424][T10883] Workqueue: writeback wb_workfn (flush-7:5)
[  428.945488][T10883] Call Trace:
[  428.945500][T10883]  <TASK>
[  428.945513][T10883]  dump_stack_lvl+0x16c/0x1f0
[  428.945559][T10883]  f2fs_handle_critical_error+0x624/0x9f0
[  428.945605][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.945652][T10883]  ? f2fs_build_fault_attr+0x53/0x1f0
[  428.945723][T10883]  f2fs_write_end_io+0x958/0xcf0
[  428.945780][T10883]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  428.945830][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.945887][T10883]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  428.945930][T10883]  bio_endio+0x713/0x860
[  428.945986][T10883]  submit_bio_noacct+0x306/0x1f60
[  428.946037][T10883]  __submit_merged_bio+0x33c/0x770
[  428.946086][T10883]  __submit_merged_write_cond+0x319/0x3f0
[  428.946142][T10883]  f2fs_write_cache_pages+0x2067/0x2570
[  428.946233][T10883]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  428.946290][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.946344][T10883]  ? __pfx_f2fs_sync_meta_pages+0x10/0x10
[  428.946398][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.946444][T10883]  ? do_raw_spin_unlock+0x172/0x230
[  428.946585][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.946641][T10883]  f2fs_write_data_pages+0x4ad/0xd90
[  428.946700][T10883]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  428.946771][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.946817][T10883]  ? __lock_acquire+0xb8a/0x1c90
[  428.946882][T10883]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  428.946937][T10883]  do_writepages+0x27a/0x600
[  428.946983][T10883]  ? __pfx_do_writepages+0x10/0x10
[  428.947019][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.947064][T10883]  ? reacquire_held_locks+0xcd/0x1f0
[  428.947125][T10883]  ? writeback_sb_inodes+0x3b0/0xfa0
[  428.947181][T10883]  __writeback_single_inode+0x160/0xfb0
[  428.947235][T10883]  ? __pfx___writeback_single_inode+0x10/0x10
[  428.947282][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.947327][T10883]  ? do_raw_spin_unlock+0x172/0x230
[  428.947371][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.947424][T10883]  writeback_sb_inodes+0x60d/0xfa0
[  428.947494][T10883]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  428.947542][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.947587][T10883]  ? find_held_lock+0x2b/0x80
[  428.947699][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.947745][T10883]  ? rcu_is_watching+0x12/0xc0
[  428.947802][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.947848][T10883]  ? queue_io+0x3f6/0x520
[  428.947894][T10883]  wb_writeback+0x419/0xb70
[  428.947952][T10883]  ? __pfx_wb_writeback+0x10/0x10
[  428.947997][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.948055][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.948100][T10883]  ? mark_held_locks+0x49/0x80
[  428.948170][T10883]  wb_workfn+0x14d/0xbe0
[  428.948225][T10883]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  428.948269][T10883]  ? __pfx_wb_workfn+0x10/0x10
[  428.948323][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.948373][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.948424][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.948471][T10883]  ? rcu_is_watching+0x12/0xc0
[  428.948527][T10883]  process_one_work+0x9cf/0x1b70
[  428.948589][T10883]  ? __pfx_process_one_work+0x10/0x10
[  428.948632][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.948689][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.948734][T10883]  ? assign_work+0x1a0/0x250
[  428.948783][T10883]  worker_thread+0x6c8/0xf10
[  428.948848][T10883]  ? __pfx_worker_thread+0x10/0x10
[  428.948890][T10883]  kthread+0x3c5/0x780
[  428.948928][T10883]  ? __pfx_kthread+0x10/0x10
[  428.948968][T10883]  ? srso_alias_return_thunk+0x5/0xfbef5
[  428.949013][T10883]  ? rcu_is_watching+0x12/0xc0
[  428.949063][T10883]  ? __pfx_kthread+0x10/0x10
[  428.949104][T10883]  ret_from_fork+0x675/0x7d0
[  428.949164][T10883]  ? __pfx_kthread+0x10/0x10
[  428.949203][T10883]  ret_from_fork_asm+0x1a/0x30
[  428.949284][T10883]  </TASK>
[  429.014877][T10883] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  429.409798][T13258] loop0: detected capacity change from 0 to 40427
[  429.434296][T13273] bridge0: port 2(bridge_slave_1) entered disabled state
[  429.446608][T13258] F2FS-fs (loop0): Image doesn't support compression
[  429.466556][T13258] F2FS-fs (loop0): build fault injection rate: 690
[  429.474427][T13258] F2FS-fs (loop0): build fault injection type: 0x35f7
[  429.547956][T13258] F2FS-fs (loop0): invalid crc value
[  429.650245][T13258] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  429.671428][T13258] F2FS-fs (loop0): Start checkpoint disabled!
[  429.676308][T13261] loop7: detected capacity change from 0 to 32768
[  429.685691][T13258] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  429.698019][T13261] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.2588 (13261)
[  429.713276][T13258] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  429.740258][T13261] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  429.761195][T13261] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm
[  429.796738][T12293] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  429.919759][T13261] BTRFS info (device loop7): rebuilding free space tree
[  429.964616][T13261] BTRFS info (device loop7): allowing degraded mounts
[  429.988431][T13261] BTRFS info (device loop7): enabling ssd optimizations
[  429.999625][T10817] kworker/u8:31: attempt to access beyond end of device
[  429.999625][T10817] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  430.005811][T13261] BTRFS info (device loop7): enabling free space tree
[  430.034532][T10817] CPU: 1 UID: 0 PID: 10817 Comm: kworker/u8:31 Not tainted syzkaller #0 PREEMPT(full) 
[  430.034580][T10817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  430.034605][T10817] Workqueue: writeback wb_workfn (flush-7:0)
[  430.034665][T10817] Call Trace:
[  430.034677][T10817]  <TASK>
[  430.034691][T10817]  dump_stack_lvl+0x16c/0x1f0
[  430.034737][T10817]  f2fs_handle_critical_error+0x624/0x9f0
[  430.034788][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.034835][T10817]  ? f2fs_build_fault_attr+0x53/0x1f0
[  430.034908][T10817]  f2fs_write_end_io+0x958/0xcf0
[  430.034958][T10817]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  430.035009][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.035067][T10817]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  430.035109][T10817]  bio_endio+0x713/0x860
[  430.035166][T10817]  submit_bio_noacct+0x306/0x1f60
[  430.035219][T10817]  __submit_merged_bio+0x33c/0x770
[  430.035269][T10817]  __submit_merged_write_cond+0x319/0x3f0
[  430.035328][T10817]  f2fs_write_cache_pages+0x2067/0x2570
[  430.035415][T10817]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  430.035473][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.035527][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.035572][T10817]  ? find_held_lock+0x2b/0x80
[  430.035623][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.035674][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.035718][T10817]  ? do_raw_spin_unlock+0x172/0x230
[  430.035787][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.035832][T10817]  ? f2fs_available_free_memory+0x279/0xa30
[  430.035973][T10817]  ? __lock_acquire+0xb8a/0x1c90
[  430.036038][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.036093][T10817]  f2fs_write_data_pages+0x4ad/0xd90
[  430.036156][T10817]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  430.036223][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.036268][T10817]  ? __lock_acquire+0xb8a/0x1c90
[  430.036330][T10817]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  430.036386][T10817]  do_writepages+0x27a/0x600
[  430.036432][T10817]  ? __pfx_do_writepages+0x10/0x10
[  430.036467][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.036512][T10817]  ? reacquire_held_locks+0xcd/0x1f0
[  430.036574][T10817]  ? writeback_sb_inodes+0x3b0/0xfa0
[  430.036630][T10817]  __writeback_single_inode+0x160/0xfb0
[  430.036684][T10817]  ? __pfx___writeback_single_inode+0x10/0x10
[  430.036731][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.036782][T10817]  ? do_raw_spin_unlock+0x172/0x230
[  430.036826][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.036880][T10817]  writeback_sb_inodes+0x60d/0xfa0
[  430.036954][T10817]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  430.037000][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.037046][T10817]  ? find_held_lock+0x2b/0x80
[  430.037169][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.037214][T10817]  ? rcu_is_watching+0x12/0xc0
[  430.037264][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.037309][T10817]  ? queue_io+0x3f6/0x520
[  430.037356][T10817]  wb_writeback+0x419/0xb70
[  430.037416][T10817]  ? __pfx_wb_writeback+0x10/0x10
[  430.037460][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.037521][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.037566][T10817]  ? mark_held_locks+0x49/0x80
[  430.037636][T10817]  wb_workfn+0x14d/0xbe0
[  430.037691][T10817]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  430.037736][T10817]  ? __pfx_wb_workfn+0x10/0x10
[  430.037795][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.037846][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.037897][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.037942][T10817]  ? rcu_is_watching+0x12/0xc0
[  430.038000][T10817]  process_one_work+0x9cf/0x1b70
[  430.038066][T10817]  ? __pfx_process_one_work+0x10/0x10
[  430.038108][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.038167][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.038212][T10817]  ? assign_work+0x1a0/0x250
[  430.038256][T10817]  worker_thread+0x6c8/0xf10
[  430.038311][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.038358][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.038404][T10817]  ? __kthread_parkme+0x19e/0x250
[  430.038458][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.038507][T10817]  ? __pfx_worker_thread+0x10/0x10
[  430.038550][T10817]  kthread+0x3c5/0x780
[  430.038588][T10817]  ? __pfx_kthread+0x10/0x10
[  430.038629][T10817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  430.038674][T10817]  ? rcu_is_watching+0x12/0xc0
[  430.038725][T10817]  ? __pfx_kthread+0x10/0x10
[  430.038769][T10817]  ret_from_fork+0x675/0x7d0
[  430.038830][T10817]  ? __pfx_kthread+0x10/0x10
[  430.038868][T10817]  ret_from_fork_asm+0x1a/0x30
[  430.038954][T10817]  </TASK>
[  430.038969][T10817] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  430.050021][T13261] BTRFS info (device loop7): force clearing of disk cache
[  430.346995][T13301] netlink: 'syz.8.2600': attribute type 4 has an invalid length.
[  430.394104][T13261] BTRFS info (device loop7): use zstd compression, level 3
[  430.394148][T13261] BTRFS info (device loop7): max_inline set to 0
[  430.955891][ T6443] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  431.009882][T13309] sp0: Synchronizing with TNC
[  431.524659][T13318] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2606'.
[  431.588725][T13303] loop3: detected capacity change from 0 to 32768
[  431.751074][T13325] random: crng reseeded on system resumption
[  431.772346][T13325] Restarting kernel threads ...
[  431.778472][T13325] Done restarting kernel threads.
[  432.644006][T13321] loop5: detected capacity change from 0 to 32768
[  432.706897][T13321] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  432.880198][T13367] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2626'.
[  432.930203][T13367] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.938086][T13367] bridge0: port 1(bridge_slave_0) entered disabled state
[  537.972718][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  537.979733][    C1] rcu: 	0-...!: (1 GPs behind) idle=be04/1/0x4000000000000000 softirq=57234/57235 fqs=0
[  537.991939][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=56565, q=332 ncpus=2)
[  537.999674][    C1] Sending NMI from CPU 1 to CPUs 0:
[  537.999715][    C0] NMI backtrace for cpu 0
[  537.999734][    C0] CPU: 0 UID: 0 PID: 13371 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  537.999777][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  537.999797][    C0] RIP: 0010:lock_acquire+0x2cf/0x350
[  537.999832][    C0] Code: c0 0f 85 b6 fd ff ff b9 0a 00 00 00 ba 08 00 00 00 48 8d 74 24 08 48 89 df e8 fd cb ff ff e9 9a fd ff ff e8 93 ea 08 00 84 c0 <0f> 85 7f fd ff ff 80 3d 1c cf d1 0e 00 0f 85 72 fd ff ff c6 05 0f
[  537.999864][    C0] RSP: 0018:ffffc90000007d08 EFLAGS: 00000002
[  537.999889][    C0] RAX: 0000000000000001 RBX: ffff8880346d4300 RCX: 0000000000000000
[  537.999909][    C0] RDX: 0000000000000000 RSI: ffffffff8bf07240 RDI: ffffffff8dcd0ee0
[  537.999930][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  537.999950][    C0] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001
[  537.999969][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  537.999991][    C0] FS:  00005555843cd500(0000) GS:ffff888124a0c000(0000) knlGS:0000000000000000
[  538.000019][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  538.000041][    C0] CR2: 00007fc08ec6605a CR3: 000000002237c000 CR4: 0000000000350ef0
[  538.000062][    C0] Call Trace:
[  538.000072][    C0]  <IRQ>
[  538.000083][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.000123][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  538.000161][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.000199][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  538.000237][    C0]  ? __pfx_advance_sched+0x10/0x10
[  538.000279][    C0]  _raw_spin_lock+0x2e/0x40
[  538.000308][    C0]  ? advance_sched+0xd9/0xc80
[  538.000349][    C0]  advance_sched+0xd9/0xc80
[  538.000392][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.000431][    C0]  ? find_held_lock+0x2b/0x80
[  538.000476][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.000514][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  538.000552][    C0]  ? __pfx_advance_sched+0x10/0x10
[  538.000594][    C0]  __hrtimer_run_queues+0x202/0xad0
[  538.000642][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  538.000682][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.000731][    C0]  hrtimer_interrupt+0x397/0x8e0
[  538.000804][    C0]  __sysvec_apic_timer_interrupt+0x10b/0x3f0
[  538.000842][    C0]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  538.000880][    C0]  </IRQ>
[  538.000891][    C0]  <TASK>
[  538.000903][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  538.000940][    C0] RIP: 0010:rcu_is_watching+0x19/0xc0
[  538.000984][    C0] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 53 65 ff 05 73 78 ff 11 e8 5e a3 bc 09 48 c7 c3 a8 72 a2 93 <89> c5 83 f8 07 0f 87 82 00 00 00 48 8d 3c ed e0 0e cd 8d 48 b8 00
[  538.001016][    C0] RSP: 0018:ffffc9000ae07918 EFLAGS: 00000282
[  538.001041][    C0] RAX: 0000000000000000 RBX: ffffffff93a272a8 RCX: ffffffff911adc01
[  538.001064][    C0] RDX: 0000000000000000 RSI: ffffffff8bf07240 RDI: ffffffff8bf07280
[  538.001085][    C0] RBP: 0000000000000001 R08: ffffffff911adc8a R09: 0000000000000000
[  538.001106][    C0] R10: 0000000000000000 R11: 000000000000a7f5 R12: ffffffff816c0914
[  538.001128][    C0] R13: ffffc9000ae079e8 R14: ffffc9000ae07b18 R15: ffffc9000ae07a1c
[  538.001153][    C0]  ? unwind_next_frame+0x3f4/0x20a0
[  538.001201][    C0]  ? rcu_is_watching+0x12/0xc0
[  538.001244][    C0]  lock_release+0x201/0x2f0
[  538.001300][    C0]  unwind_next_frame+0x3f9/0x20a0
[  538.001337][    C0]  ? stack_trace_save+0x8e/0xc0
[  538.001384][    C0]  ? find_held_lock+0x2b/0x80
[  538.001424][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  538.001494][    C0]  arch_stack_walk+0x94/0x100
[  538.001535][    C0]  ? kasan_save_stack+0x33/0x60
[  538.001590][    C0]  stack_trace_save+0x8e/0xc0
[  538.001637][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  538.001690][    C0]  kasan_save_stack+0x33/0x60
[  538.001785][    C0]  kasan_save_track+0x14/0x30
[  538.001833][    C0]  __kasan_slab_alloc+0x89/0x90
[  538.001888][    C0]  kmem_cache_alloc_noprof+0x250/0x6e0
[  538.001935][    C0]  ? getname_flags.part.0+0x4c/0x550
[  538.002007][    C0]  ? getname_flags.part.0+0x4c/0x550
[  538.002047][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.002087][    C0]  getname_flags.part.0+0x4c/0x550
[  538.002129][    C0]  getname_flags+0x93/0xf0
[  538.002191][    C0]  user_path_at+0x24/0x60
[  538.002239][    C0]  __x64_sys_chdir+0xbe/0x270
[  538.002270][    C0]  ? __pfx___x64_sys_chdir+0x10/0x10
[  538.002322][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.002370][    C0]  do_syscall_64+0xcd/0xfa0
[  538.002409][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.002443][    C0] RIP: 0033:0x7fc08ed8dd17
[  538.002469][    C0] Code: ff ff 77 07 c3 66 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 50 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  538.002501][    C0] RSP: 002b:00007fff1b5b98b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
[  538.002532][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc08ed8dd17
[  538.002554][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00007fff1b5b9910
[  538.002575][    C0] RBP: 00007fff1b5b98fc R08: 0000000000000000 R09: 00007fc08fb1d6c0
[  538.002597][    C0] R10: 00005555843cd500 R11: 0000000000000246 R12: 0000000000000182
[  538.002617][    C0] R13: 00000000000927c0 R14: 0000000000069a53 R15: 00007fff1b5b9950
[  538.002653][    C0]  </TASK>
[  538.002708][    C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g56565 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  538.531561][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  538.541538][    C1] rcu: RCU grace-period kthread stack dump:
[  538.547425][    C1] task:rcu_preempt     state:R  running task     stack:27816 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[  538.561079][    C1] Call Trace:
[  538.564366][    C1]  <TASK>
[  538.567304][    C1]  __schedule+0x1190/0x5de0
[  538.571847][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.577511][    C1]  ? __lock_acquire+0x622/0x1c90
[  538.582498][    C1]  ? __pfx___schedule+0x10/0x10
[  538.587382][    C1]  ? find_held_lock+0x2b/0x80
[  538.592179][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.597848][    C1]  schedule+0xe7/0x3a0
[  538.601937][    C1]  schedule_timeout+0x123/0x290
[  538.606830][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  538.612255][    C1]  ? __pfx_process_timeout+0x10/0x10
[  538.617597][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.623260][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  538.629093][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.634838][    C1]  ? prepare_to_swait_event+0xf5/0x480
[  538.640434][    C1]  rcu_gp_fqs_loop+0x1ea/0xaf0
[  538.645332][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.651007][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  538.656340][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  538.661579][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  538.666531][    C1]  ? rcu_gp_cleanup+0x7c1/0xd90
[  538.671403][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  538.677348][    C1]  rcu_gp_kthread+0x26d/0x380
[  538.682041][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  538.687293][    C1]  ? rcu_is_watching+0x12/0xc0
[  538.692096][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  538.697311][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.702983][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.708641][    C1]  ? __kthread_parkme+0x19e/0x250
[  538.713703][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  538.719005][    C1]  kthread+0x3c5/0x780
[  538.723092][    C1]  ? __pfx_kthread+0x10/0x10
[  538.727703][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.733362][    C1]  ? rcu_is_watching+0x12/0xc0
[  538.738155][    C1]  ? __pfx_kthread+0x10/0x10
[  538.742763][    C1]  ret_from_fork+0x675/0x7d0
[  538.747392][    C1]  ? __pfx_kthread+0x10/0x10
[  538.752005][    C1]  ret_from_fork_asm+0x1a/0x30
[  538.756841][    C1]  </TASK>
[  538.759860][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  538.766191][    C1] CPU: 1 UID: 0 PID: 13363 Comm: syz.3.2628 Not tainted syzkaller #0 PREEMPT(full) 
[  538.775587][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  538.785645][    C1] RIP: 0010:smp_call_function_many_cond+0xe02/0x1600
[  538.792528][    C1] Code: 10 4c 89 74 24 10 49 89 d5 48 89 d5 48 89 54 24 18 49 c1 ed 03 83 e5 07 4d 01 e5 83 c5 03 e8 a5 0d 0c 00 f3 90 41 0f b6 45 00 <40> 38 c5 7c 08 84 c0 0f 85 e0 05 00 00 8b 43 08 31 ff 83 e0 01 41
[  538.812144][    C1] RSP: 0018:ffffc900038ef920 EFLAGS: 00000293
[  538.818230][    C1] RAX: 0000000000000000 RBX: ffff8880b8442680 RCX: ffffffff81b0ec81
[  538.826212][    C1] RDX: ffff8880299d8000 RSI: ffffffff81b0ec5b RDI: 0000000000000005
[  538.834192][    C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  538.842191][    C1] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000
[  538.850164][    C1] R13: ffffed10170884d1 R14: 0000000000000001 R15: 0000000000000000
[  538.858150][    C1] FS:  0000000000000000(0000) GS:ffff888124b0c000(0000) knlGS:0000000000000000
[  538.867181][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  538.873784][    C1] CR2: 00005555843cd808 CR3: 00000000684bd000 CR4: 0000000000350ef0
[  538.881768][    C1] Call Trace:
[  538.885096][    C1]  <TASK>
[  538.888039][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  538.893288][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  538.899758][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  538.904996][    C1]  on_each_cpu_cond_mask+0x40/0x90
[  538.910227][    C1]  flush_tlb_mm_range+0x4a0/0x17a0
[  538.915388][    C1]  ? __pfx_free_pgtables+0x10/0x10
[  538.920538][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.926195][    C1]  ? __pfx_flush_tlb_mm_range+0x10/0x10
[  538.931792][    C1]  tlb_finish_mmu+0x3c9/0x7c0
[  538.936502][    C1]  exit_mmap+0x3fc/0xb90
[  538.940765][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  538.945559][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.951235][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.956894][    C1]  ? arch_uprobe_clear_state+0x16/0x150
[  538.962465][    C1]  __mmput+0x12a/0x410
[  538.966560][    C1]  mmput+0x62/0x70
[  538.970397][    C1]  do_exit+0x7c7/0x2bf0
[  538.974602][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.980270][    C1]  ? __pfx_do_exit+0x10/0x10
[  538.984894][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.990548][    C1]  ? preempt_schedule_thunk+0x16/0x30
[  538.996073][    C1]  do_group_exit+0xd3/0x2a0
[  539.000659][    C1]  __x64_sys_exit_group+0x3e/0x50
[  539.006173][    C1]  x64_sys_call+0x150b/0x1730
[  539.010882][    C1]  do_syscall_64+0xcd/0xfa0
[  539.015409][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.021322][    C1] RIP: 0033:0x7f657598efc9
[  539.025749][    C1] Code: Unable to access opcode bytes at 0x7f657598ef9f.
[  539.033135][    C1] RSP: 002b:00007ffea2d5a228 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  539.041563][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f657598efc9
[  539.049539][    C1] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[  539.057523][    C1] RBP: 00007ffea2d5a28c R08: 00000004a2d5a31f R09: 00000000000927c0
[  539.065518][    C1] R10: 0000000000000001 R11: 0000000000000246 R12: 00000000000001c8
[  539.073514][    C1] R13: 00000000000927c0 R14: 0000000000069aa2 R15: 00007ffea2d5a2e0
[  539.081616][    C1]  </TASK>
[  683.734664][    C1] watchdog: BUG: soft lockup - CPU#1 stuck for 246s! [syz.3.2628:13363]
[  683.734700][    C1] Modules linked in:
[  683.734718][    C1] irq event stamp: 1206376
[  683.734731][    C1] hardirqs last  enabled at (1206375): [<ffffffff8b5e5d6b>] irqentry_exit+0x3b/0x90
[  683.734785][    C1] hardirqs last disabled at (1206376): [<ffffffff8b5e47ce>] sysvec_apic_timer_interrupt+0xe/0xc0
[  683.734830][    C1] softirqs last  enabled at (1206374): [<ffffffff817d358e>] handle_softirqs+0x5be/0x8e0
[  683.734883][    C1] softirqs last disabled at (1206255): [<ffffffff817d3a49>] __irq_exit_rcu+0x109/0x170
[  683.734944][    C1] CPU: 1 UID: 0 PID: 13363 Comm: syz.3.2628 Not tainted syzkaller #0 PREEMPT(full) 
[  683.734987][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  683.735008][    C1] RIP: 0010:smp_call_function_many_cond+0xdfd/0x1600
[  683.735064][    C1] Code: 57 48 8b 54 24 10 4c 89 74 24 10 49 89 d5 48 89 d5 48 89 54 24 18 49 c1 ed 03 83 e5 07 4d 01 e5 83 c5 03 e8 a5 0d 0c 00 f3 90 <41> 0f b6 45 00 40 38 c5 7c 08 84 c0 0f 85 e0 05 00 00 8b 43 08 31
[  683.735099][    C1] RSP: 0018:ffffc900038ef920 EFLAGS: 00000293
[  683.735127][    C1] RAX: 0000000000000000 RBX: ffff8880b8442680 RCX: ffffffff81b0ec81
[  683.735150][    C1] RDX: ffff8880299d8000 RSI: ffffffff81b0ec5b RDI: 0000000000000005
[  683.735174][    C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  683.735197][    C1] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000
[  683.735219][    C1] R13: ffffed10170884d1 R14: 0000000000000001 R15: 0000000000000000
[  683.735245][    C1] FS:  0000000000000000(0000) GS:ffff888124b0c000(0000) knlGS:0000000000000000
[  683.735276][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  683.735300][    C1] CR2: 00005555843cd808 CR3: 00000000684bd000 CR4: 0000000000350ef0
[  683.735325][    C1] Call Trace:
[  683.735336][    C1]  <TASK>
[  683.735357][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  683.735425][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  683.735497][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  683.735552][    C1]  on_each_cpu_cond_mask+0x40/0x90
[  683.735611][    C1]  flush_tlb_mm_range+0x4a0/0x17a0
[  683.735673][    C1]  ? __pfx_free_pgtables+0x10/0x10
[  683.735729][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  683.735775][    C1]  ? __pfx_flush_tlb_mm_range+0x10/0x10
[  683.735841][    C1]  tlb_finish_mmu+0x3c9/0x7c0
[  683.735889][    C1]  exit_mmap+0x3fc/0xb90
[  683.735931][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  683.735978][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  683.736042][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  683.736084][    C1]  ? arch_uprobe_clear_state+0x16/0x150
[  683.736130][    C1]  __mmput+0x12a/0x410
[  683.736177][    C1]  mmput+0x62/0x70
[  683.736218][    C1]  do_exit+0x7c7/0x2bf0
[  683.736278][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  683.736322][    C1]  ? __pfx_do_exit+0x10/0x10
[  683.736373][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  683.736415][    C1]  ? preempt_schedule_thunk+0x16/0x30
[  683.736485][    C1]  do_group_exit+0xd3/0x2a0
[  683.736543][    C1]  __x64_sys_exit_group+0x3e/0x50
[  683.736602][    C1]  x64_sys_call+0x150b/0x1730
[  683.736651][    C1]  do_syscall_64+0xcd/0xfa0
[  683.736695][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  683.736731][    C1] RIP: 0033:0x7f657598efc9
[  683.736758][    C1] Code: Unable to access opcode bytes at 0x7f657598ef9f.
[  683.736775][    C1] RSP: 002b:00007ffea2d5a228 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  683.736808][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f657598efc9
[  683.736831][    C1] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[  683.736853][    C1] RBP: 00007ffea2d5a28c R08: 00000004a2d5a31f R09: 00000000000927c0
[  683.736877][    C1] R10: 0000000000000001 R11: 0000000000000246 R12: 00000000000001c8
[  683.736899][    C1] R13: 00000000000927c0 R14: 0000000000069aa2 R15: 00007ffea2d5a2e0
[  683.736948][    C1]  </TASK>
[  683.736961][    C1] Sending NMI from CPU 1 to CPUs 0:
[  684.113278][    C0] NMI backtrace for cpu 0
[  684.113304][    C0] CPU: 0 UID: 0 PID: 13371 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  684.113343][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  684.113363][    C0] RIP: 0010:enqueue_hrtimer+0x14a/0x3b0
[  684.113410][    C0] Code: 03 0f 8e 34 02 00 00 44 8b 6b 08 bf 1f 00 00 00 44 89 ee e8 d8 98 13 00 41 83 fd 1f 0f 87 b6 15 77 ff e8 89 9d 13 00 44 89 e9 <49> 8d 7c 24 44 b8 01 00 00 00 d3 e0 48 89 fa 41 89 c5 48 c1 ea 03
[  684.113442][    C0] RSP: 0018:ffffc90000007e18 EFLAGS: 00000046
[  684.113469][    C0] RAX: 0000000080010002 RBX: ffff8880b8427e80 RCX: 0000000000000003
[  684.113490][    C0] RDX: ffff88802acc9e40 RSI: ffffffff81a95c77 RDI: 0000000000000005
[  684.113512][    C0] RBP: ffff8880346d4340 R08: 0000000000000005 R09: 000000000000001f
[  684.113533][    C0] R10: 0000000000000003 R11: ffffffff9aca5b80 R12: ffff8880b8427c80
[  684.113555][    C0] R13: 0000000000000003 R14: ffff8880346d4340 R15: 0000000000000001
[  684.113579][    C0] FS:  00005555843cd500(0000) GS:ffff888124a0c000(0000) knlGS:0000000000000000
[  684.113608][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  684.113631][    C0] CR2: 00007fc08ec6605a CR3: 000000002237c000 CR4: 0000000000350ef0
[  684.113652][    C0] Call Trace:
[  684.113665][    C0]  <IRQ>
[  684.113680][    C0]  __hrtimer_run_queues+0x8ff/0xad0
[  684.113729][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  684.113769][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  684.113818][    C0]  hrtimer_interrupt+0x397/0x8e0
[  684.113870][    C0]  __sysvec_apic_timer_interrupt+0x10b/0x3f0
[  684.113913][    C0]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  684.113951][    C0]  </IRQ>
[  684.113961][    C0]  <TASK>
[  684.113974][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  684.114010][    C0] RIP: 0010:rcu_is_watching+0x19/0xc0
[  684.114055][    C0] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 53 65 ff 05 73 78 ff 11 e8 5e a3 bc 09 48 c7 c3 a8 72 a2 93 <89> c5 83 f8 07 0f 87 82 00 00 00 48 8d 3c ed e0 0e cd 8d 48 b8 00
[  684.114087][    C0] RSP: 0018:ffffc9000ae07918 EFLAGS: 00000282
[  684.114112][    C0] RAX: 0000000000000000 RBX: ffffffff93a272a8 RCX: ffffffff911adc01
[  684.114134][    C0] RDX: 0000000000000000 RSI: ffffffff8bf07240 RDI: ffffffff8bf07280
[  684.114155][    C0] RBP: 0000000000000001 R08: ffffffff911adc8a R09: 0000000000000000
[  684.114176][    C0] R10: 0000000000000000 R11: 000000000000a7f5 R12: ffffffff816c0914
[  684.114197][    C0] R13: ffffc9000ae079e8 R14: ffffc9000ae07b18 R15: ffffc9000ae07a1c
[  684.114221][    C0]  ? unwind_next_frame+0x3f4/0x20a0
[  684.114269][    C0]  ? rcu_is_watching+0x12/0xc0
[  684.114311][    C0]  lock_release+0x201/0x2f0
[  684.114367][    C0]  unwind_next_frame+0x3f9/0x20a0
[  684.114403][    C0]  ? stack_trace_save+0x8e/0xc0
[  684.114450][    C0]  ? find_held_lock+0x2b/0x80
[  684.114491][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  684.114540][    C0]  arch_stack_walk+0x94/0x100
[  684.114582][    C0]  ? kasan_save_stack+0x33/0x60
[  684.114636][    C0]  stack_trace_save+0x8e/0xc0
[  684.114682][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  684.114736][    C0]  kasan_save_stack+0x33/0x60
[  684.114824][    C0]  kasan_save_track+0x14/0x30
[  684.114879][    C0]  __kasan_slab_alloc+0x89/0x90
[  684.114932][    C0]  kmem_cache_alloc_noprof+0x250/0x6e0
[  684.114978][    C0]  ? getname_flags.part.0+0x4c/0x550
[  684.115023][    C0]  ? getname_flags.part.0+0x4c/0x550
[  684.115060][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  684.115100][    C0]  getname_flags.part.0+0x4c/0x550
[  684.115143][    C0]  getname_flags+0x93/0xf0
[  684.115189][    C0]  user_path_at+0x24/0x60
[  684.115239][    C0]  __x64_sys_chdir+0xbe/0x270
[  684.115269][    C0]  ? __pfx___x64_sys_chdir+0x10/0x10
[  684.115322][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  684.115370][    C0]  do_syscall_64+0xcd/0xfa0
[  684.115409][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  684.115443][    C0] RIP: 0033:0x7fc08ed8dd17
[  684.115468][    C0] Code: ff ff 77 07 c3 66 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 50 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  684.115500][    C0] RSP: 002b:00007fff1b5b98b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
[  684.115529][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc08ed8dd17
[  684.115550][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00007fff1b5b9910
[  684.115571][    C0] RBP: 00007fff1b5b98fc R08: 0000000000000000 R09: 00007fc08fb1d6c0
[  684.115592][    C0] R10: 00005555843cd500 R11: 0000000000000246 R12: 0000000000000182
[  684.115613][    C0] R13: 00000000000927c0 R14: 0000000000069a53 R15: 00007fff1b5b9950
[  684.115649][    C0]  </TASK>
[  684.116270][    C1] Kernel panic - not syncing: softlockup: hung tasks
[  684.568453][    C1] CPU: 1 UID: 0 PID: 13363 Comm: syz.3.2628 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  684.579414][    C1] Tainted: [L]=SOFTLOCKUP
[  684.583744][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  684.593810][    C1] Call Trace:
[  684.597098][    C1]  <IRQ>
[  684.599951][    C1]  dump_stack_lvl+0x3d/0x1f0
[  684.604574][    C1]  vpanic+0x640/0x6f0
[  684.608594][    C1]  panic+0xca/0xd0
[  684.612342][    C1]  ? __pfx_panic+0x10/0x10
[  684.616788][    C1]  ? nmi_backtrace_stall_check+0x6e/0x540
[  684.622521][    C1]  ? irq_work_queue+0xce/0x100
[  684.627369][    C1]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  684.633385][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  684.639041][    C1]  ? __wake_up_klogd.part.0+0x99/0xf0
[  684.644433][    C1]  ? watchdog_timer_fn+0x5ee/0x780
[  684.649579][    C1]  ? watchdog_timer_fn+0x5e1/0x780
[  684.654723][    C1]  watchdog_timer_fn+0x5ff/0x780
[  684.659696][    C1]  ? __pfx_watchdog_timer_fn+0x10/0x10
[  684.665186][    C1]  __hrtimer_run_queues+0x5ed/0xad0
[  684.670420][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  684.676173][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  684.681935][    C1]  hrtimer_interrupt+0x397/0x8e0
[  684.686921][    C1]  __sysvec_apic_timer_interrupt+0x10b/0x3f0
[  684.692922][    C1]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  684.698578][    C1]  </IRQ>
[  684.701506][    C1]  <TASK>
[  684.704452][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  684.710451][    C1] RIP: 0010:smp_call_function_many_cond+0xdfd/0x1600
[  684.717154][    C1] Code: 57 48 8b 54 24 10 4c 89 74 24 10 49 89 d5 48 89 d5 48 89 54 24 18 49 c1 ed 03 83 e5 07 4d 01 e5 83 c5 03 e8 a5 0d 0c 00 f3 90 <41> 0f b6 45 00 40 38 c5 7c 08 84 c0 0f 85 e0 05 00 00 8b 43 08 31
[  684.736777][    C1] RSP: 0018:ffffc900038ef920 EFLAGS: 00000293
[  684.742894][    C1] RAX: 0000000000000000 RBX: ffff8880b8442680 RCX: ffffffff81b0ec81
[  684.750876][    C1] RDX: ffff8880299d8000 RSI: ffffffff81b0ec5b RDI: 0000000000000005
[  684.758855][    C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  684.766837][    C1] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000
[  684.774821][    C1] R13: ffffed10170884d1 R14: 0000000000000001 R15: 0000000000000000
[  684.782817][    C1]  ? smp_call_function_many_cond+0xe21/0x1600
[  684.788919][    C1]  ? smp_call_function_many_cond+0xdfb/0x1600
[  684.795032][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  684.800273][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  684.806645][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  684.811875][    C1]  on_each_cpu_cond_mask+0x40/0x90
[  684.817015][    C1]  flush_tlb_mm_range+0x4a0/0x17a0
[  684.822163][    C1]  ? __pfx_free_pgtables+0x10/0x10
[  684.827305][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  684.832965][    C1]  ? __pfx_flush_tlb_mm_range+0x10/0x10
[  684.838555][    C1]  tlb_finish_mmu+0x3c9/0x7c0
[  684.843349][    C1]  exit_mmap+0x3fc/0xb90
[  684.847610][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  684.852398][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  684.858069][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  684.863726][    C1]  ? arch_uprobe_clear_state+0x16/0x150
[  684.869301][    C1]  __mmput+0x12a/0x410
[  684.873390][    C1]  mmput+0x62/0x70
[  684.877130][    C1]  do_exit+0x7c7/0x2bf0
[  684.881318][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  684.886971][    C1]  ? __pfx_do_exit+0x10/0x10
[  684.891610][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  684.897263][    C1]  ? preempt_schedule_thunk+0x16/0x30
[  684.902685][    C1]  do_group_exit+0xd3/0x2a0
[  684.907230][    C1]  __x64_sys_exit_group+0x3e/0x50
[  684.912284][    C1]  x64_sys_call+0x150b/0x1730
[  684.916988][    C1]  do_syscall_64+0xcd/0xfa0
[  684.921514][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  684.927448][    C1] RIP: 0033:0x7f657598efc9
[  684.931868][    C1] Code: Unable to access opcode bytes at 0x7f657598ef9f.
[  684.938883][    C1] RSP: 002b:00007ffea2d5a228 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  684.947312][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f657598efc9
[  684.955296][    C1] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[  684.963269][    C1] RBP: 00007ffea2d5a28c R08: 00000004a2d5a31f R09: 00000000000927c0
[  684.971243][    C1] R10: 0000000000000001 R11: 0000000000000246 R12: 00000000000001c8
[  684.979218][    C1] R13: 00000000000927c0 R14: 0000000000069aa2 R15: 00007ffea2d5a2e0
[  684.987308][    C1]  </TASK>
[  686.161273][    C1] Shutting down cpus with NMI
[  686.166249][    C1] Kernel Offset: disabled
[  686.170571][    C1] Rebooting in 86400 seconds..