last executing test programs:

16.741782174s ago: executing program 3 (id=687):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x0, 0xa}, {0xffff, 0xffff}, {0x1, 0x8}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x1, 0x7, 0x0, 0x2}}]}}]}, 0x44}}, 0x0)

16.505254018s ago: executing program 3 (id=689):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000ac0), r0)
sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000b00)={0x14, r1, 0x1, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0xc800}, 0x20020000)

16.256883261s ago: executing program 3 (id=692):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./bus\x00', 0x300000a, &(0x7f0000000740)={[{@metadata_ratio={'metadata_ratio', 0x3d, 0x401}}, {@thread_pool={'thread_pool', 0x3d, 0x3}}, {@nodiscard}, {@datacow}, {@ref_verify}, {@clear_cache}, {@nobarrier}, {@nodatacow}, {@nodiscard}, {@enospc_debug}, {@ssd_spread}, {@nossd}]}, 0x3, 0x55a3, &(0x7f000000e0c0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(r0, 0x40089416, 0x0)

14.423759321s ago: executing program 3 (id=707):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x0, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
ioctl$FBIOGET_FSCREENINFO(r0, 0x4602, &(0x7f0000000100))

13.379808187s ago: executing program 3 (id=713):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9"], 0x1, 0x61d0, &(0x7f000000cb40)="$eJzs3c2OHFfZB/Cn+ms+8saxsojyWghNEgMJIf4MxhAgyQIWbFggb5GtySSycADZBjmRhSeaDQsuAoTEEhBLVlxAFmzZcQFYspGArFKoZs4Z1zTd7rGd6eqZ8/tJk6qnTtX0qfy7prtdVX0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjvffcHZ6uIuPzztOB4xP9FP6IXsdLUaxGxsnY8rz+IiOdjuzmei4jhUkSVG5+JeD0iPj4Wce/+7fVm0bl99uM7f/zbb3/41Pf/+vvh6X//6Wb/jWnr3br1q3/9+c7j7y8AAACUqK7rukof80+kz/e9rjsFAMxFfv2vk7xcvXD15oL1R61Wq9WHsG6rJ7vTLiJis71N857B6XgAOGQ245Ouu0CH5F+0QUQ81XUngIVWdd0BDsS9+7fXq5Rv1X49WNtpz9eC7Ml/s9q9v2PadJbxa0zm9fzain48O6U/K3PqwyLJ+ffG87+80z5K6x10/vMyLf/Rzq1Pxcn598fzH3N08u9NzL9UOf/BI+Xflz8AAAAAACyw/O//xzs+/7v05LuyLw87/7s2pz4AAAAAAAAAwGftScf/21UZ/w8AAAAWVfNZvfHrYw+WTfsutmb5pSri6bH1gcKkm2VWu+4HAAAAAAAAAAAAAJRksHMN76UqYhgRT6+u1nXd/LSN14/qSbc/7ErffyhZ13/kAQBgx8fHxu7lryKWI+JS+q6/4erqal0vr6zWq/XKUn4/O1parldan2vztFm2NNrHG+LBqG5+2XJru7ZZn5dntY//vuaxRnV/Hx2bjw4DB4CI2Hk1uucV6Yip62ei63c5HA6O/6PH8c9+dP08BQAAAA5eXdd1lb7O+0Q659/rulMAwFzk1//x8wJqtVqtVquPXt1WT3anXUTEZnub5j2D4fgB4JDZjE+67gIdkn/RBhHxfNedABZa1XUHOBD37t9er1K+Vfv1II3vnq8F2ZP/ZrW9Xd5+0nSW8WtM5vX82op+PDulP8/NqQ+LJOffG8//8k77KK130PnPy7T8m/083kF/upbz74/nP+bo5N+bmH+pcv6DR8q/L38AAAAAAFhg+d//jy/U+d/R4+7OTA87/7t2YI8KAAAAAAAAAAfr3v3b6/m+13z+/3MT1nP/59GU86/kX6Scf7r/f/fCm5fH1uu35u++/SD/f96/vf67m//4/zzdb/5LeaZKz6wqPSOq9EjVIE0fc8em2Br2R80jDatef5Cu+amH78bVuBYbcWbPur10PDxoP7unvenpcLu97u+0n9vTPthtz9uf39M+TFc61Su5/VSsx0/iWryz3d60Lc3Y/+UZ7fWM9px/3/FfpJz/oPXT5L+a2quxaePuR73/Oe7b00mP89bVz//yzMHvzkxb0d/dt7Zm/17soD/b/0+eGsXPbmxcP3Xrys2b189GmuxZei7S5DOW8x+mn5z/yy/ttOe/++3j9e5Ho0fOf1FsxWBq/i+15pv9fWXOfetCzn+UfnL+76T2ycf/Yc5/+vH/agf9AQAAAAAAAAAAAAAAgIep63r7FtG3IuJCuv+nq3szAYD5yq//dZKXz6vuP+72f9i7H131X62ec10tWH/mWn9aL1Z/1AtZ/2fB+rNwdVs92ZvtIiL+0t6mec/wi0m/DABYZJ9GxN+77gSdkX/B8vf9NdOTXXcGmKsbH3z4oyvXrm1cv9F1TwAAAAAAAACAx5XH/1xrjf98sq7rO2Pr7Rn/9e1Ye9LxPwd5ZneA0SkDVfcffZ8eZqs36vdaw42/ENPG/x7uzj1s/O/BjMcbzmgfzWhfmtG+PKN94o0eLTn/F1rjnZ+MiBNjw6+XMP7r+Jj3Jcj5v9h6Pjf5f2lsvXb+9W8Oc/69Pfmfvvn+T0/f+ODD166+f+W9jfc2fnz+7Nkz5y9cuHjx4ul3r17bOLPz3w57fLBy/nnsa9eBliXnnzOXf1ly/l9ItfzLkvP/YqrlX5acf36/J/+y5PzzZx/5lyXn/0qq5V+WnP+XUy3/suT8X021/MuS8/9KquVflpz/a6mWf1ly/qdSLf+y5PxPp3qf+a8cdL+Yj5x/PsPl+C9Lzj9f2SD/suT8z6Va/mXJ+Z9PtfzLkvN/PdXyL0vO/6upln9Zcv4XUi3/suT8v5Zq+Zcl538x1fIvS87/66mWf1ly/t9ItfzLkvN/I9XyL0vO/5upln9Zcv7fSrX8y5Lz/3aq5V+WnP+bqZZ/WR58/78ZM2bM5Jmu/zIBAAAAAAAAAAAAAOPmcTlx1/sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/2YEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUV9u4tRq67vgP4mb1540BiIKROasLGMcY4m+z6El9oXUy4NtxKQij0gu1612bBN7x2CTSqHQVKJIyKKtqGh7aAUJuXCqvigVaA8oBaVaoE7QN9QVSoPERVQAGpKq0gW82c//+/M7OzM7ve8ebMOZ+PlPyyM2fmnDnzn9n92vnuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM3ufMPsp2pZltVqtfyCTVn2ovq8YWJT45LXvrDHBwAAAKzdLxr/fu7mdMHhFdyoaZt/uuPbX11YWFjI3jf8p6OfW1hIV0xk2eiGLGtcF139wftrzdsEj2fjtaGmr4d67H64x/UjPa4f7XH9WI/rN/S4frzH9UtOwBI3ZLV0Z9sa/7kpP6XZLdlo47ptHW71eG3DUP3cpdtmtcZtFkZPZHPZqWw2m27ZPt+21tj+63fW9/XWLO5rqGlfW+or5CePHo/HUAvneFvLvhbvM/rR67OJn/7k0eN/feHZ2zrNnqeh5f7y49yxtX6cnwiX5MdayzakcxKPc6jpOLd0eE6GW46z1rhd/b/bj/O5FR7n8OJhrqv253w8G2r893ca52mklnU4T1vCZT+7K8uyy4uH3b7Nkn1lQ9nGlkuGFp+f8XxF1u+jvpRemo2sap3euYJ1Wp8z21rXaftrIj7/d4bbjSxzDM1P048eG2t63n++cC3rNKo/6uVeK+1rsN+vlaKswbguvtN40E90XIPbwuN/dPvya7Dj2umwBtPjblqDW3utwaGx4cYxpyeh1rjN4hrc1bL9cGNPtcZ8Znv3NTh14fS5qfmPffyeudPHTs6enD2zZ9eu6T379h04cGDqxNyp2en839d4totvYzaUXgNbw7mLr4FXt23bvFQXvji25P33Wl+H411eh5vatu3363Ck/cHV1ucFuXRN56+N99RP+viVoWyZ11jj+dm59tdhetxNr8ORptdhx+8pHV6HIyt4Hda3ObdzZT+zjDT90+kYlv9esLY1uKlpDbb/PNK+Bvv980hR1uB4WBff27n894It4XifmFztzyPDS9Zgerjhvad+Sfp5f/xAY3Ral7fXr7hxLLs4P3v+3keOXbhwflcWxrp4WdNaaV+vG5seU7ZkvQ6ter0enrvjids7XL4pnKvxe+r/Gl/2uapvs/fe7s9V47tb5/PZcunuLIw+W+/z2em7ef18jmXZ57/12IPfePTzb1j2fNbz5iem1v6zeMqlTe+/o8u8/8bc/3y+v3RXjw+PjuSv3+F0dkZb3o9bn6qRxntXrbHv56ZW9n48Gv5Z7/fjW7q8H29u27bf78ej7Q8uvh/Xev1px9q0P5/jYZ2cmu7+flzfZvPu1a7Jka7vx3eFWQvn/zUhKaRc1LR2llu3aV8jI6PhcY3EPbSu0z0t24+GbFbf11O7r22d7rgrv6/h9OgWrdc6nWjbtt/rNP3Z13LrtNbrT9+uTfvzOR7WxS17uq/T+jZP7137e+cN8T+b3jvHeq3B0eGx+jGPpkXYeL/PFm6Ia/De7Hh2NjuVzTSuHWusp1pjX5P3rWwNjoV/1vu9cnOXNbijbdt+r8H0fWy5tVcbWfrg+6D9+RwP6+LJ+7qvwfo2b9zf359dd4RL0jZNP7u2//nacn/mdXvbabpea2UkHOe39nf/s9n6NqcOrDZndj9Pd4dLbuxwntpfv8u9pmay9TlPm8NxPntg+fNUP576Np87uML1dDjLsksfub/x573h71f+7uJ3v9ry9y6d/k7n0kfu//GLT/zjao4fgMH3fD425t/rmv5maiV//w8AAAAMhJj7h8JM5H8AAAAojZj74/8Vnsj/AAAAUBox94+EmVQk/29+47Nzz1/KUjN/IYjXp9PwQL5d7LhOh68nFhbVL7//y7P//Q+XVrbvoSzLfv7AH3TcfvMD8bhyE+E4r76p9fIlvnrPivZ99OFLab/N/fUvhPuPj2ely6BTBXc6y7Kv3/yZxn4m3n+lMZ9+4GhjPnj5icfr2zx3MP863v6Zl+Xb/0Uo/x4+cazl9s+E8/DDMKff1vl8xNt95cprtux/7+L+4u1qW29qPOwnP5Dfb/w9OZ99PN8+nufljv8bn37qK/XtH3lV5+O/NNT5+J8K9/vlMP/3Ffn2zc9B/et4u0+G44/7i7e790vf7Hj8Vz+Vb3/uzfl2R8OM+98Rvt725mfnms/XI7VjLY8re0u+Xdz/9Hf/uHF9vL94/+3HP37kSsv5aF8fT/9bfj9TbdvHy+N+or9v23/9fprXZ9z/U390tOU899r/1QefeUX9ftv3f3fbduc+srOx/8X7a/2NTX/5yc903F88nsN/e67l8Rx+d3gdh/0/+YGwHsP1/3c1v7/2365w9N2t7z9x+y9sutTyeKK3/jTf/9XXnWzMDeM3bLzxRS++6fIr6+cuy76zIb+/Xvs/+VdnW47/i7fm5yNeHzv67ftfTtz/+Y9Onjk7f3FuJp3VR29u/O6ct+fHE4/35vDe2v71kbMXPjh7fmJ6YjrLJsr7K/Su2ZfC/HE+LnffemHJO+jOh8Pzefuff33j9n/9dLz839+TX37lbfn3rVeH7T4bLt8Unr/V7X+pJ++8tfH6rj0djnBh6e8LXost2/7rwIo2DI+//eeCuN7PvfyDjfNQv67xfSO+rtd4/N+fye/na+G8LoTfzLz11sX9NW8ffzfClYfy1/uaz194m4vP69+E5/sdP8zvPx5XfLzfDz/HfHNz6/tdXB9fuzTUfv+N3+JxObyfZJfz6+NW8Xxfee7WjocXfw9Jdvm2xtd/ku7ntlU9zOXMf2x+6tTcmYuPTF2Ynb8wNf+xjx85ffbimQtHGr/L88iHet1+8f1pY+P9aWZ2396s8W51Nh/X2Qt9/OcePj6zf3r7zOyJYxdPXHj43Oz5k8fn54/PzsxvP3bixOxHe91+bubQrt0H9+zfPXlybubQgYMH9xycnDtztn4Y+UH1sG/6w5Nnzh9p3GT+0N6Du+67b+/05OmzM7OH9k9PT17sdfvG96bJ+q1/f/L87KljF+ZOz07Oz3189tCug/v27e752wBPnzsxPzF1/uKZqYvzs+en8scycaFxcf17X6/bU07z/5H/PNuulv8ivuxdd+9Lv5+17suPLXtX+SZtv0D02fC7aP75JecOrOTrmPtHw0wqkv8BAACgCmLuHwszkf8BAACgNGLu3xBmIv8DAABAacTcPx5mUpH8X7r+/+ZLK9q//r/+f/P50v+vWP//oaL1//P3C/3//lhr/17/P9D/1//X/9f/1/+nD4rW/4+5/4Ysq2T+BwAAgCqIuX9jmIn8DwAAAKURc/+NYSbyPwAAAJRGzP0vCjOpSP7X/9f/1//X/9f/77x//f/BpP/fnf5/D/r/U1m1+v+X+3n8+v/6/yxVtP5/zP0vDjOpSP4HAACAKoi5/6YwE/kfAAAASiPm/pvDTOR/AAAAKI2Y+zeFmVQk/+v/6//r/+v/6/933r/+/2DS/+9O/78H/X+f/6//r/9PXxWt/x9z/0vCTCqS/wEAAKAKYu5/aZiJ/A8AAADFM3JtN4u5/2VhJkvy/zXuAAAAAHjBxdx/S9ZWBK/I3//r/+v/F7//vyFdp/+v/58Vsv8/nOn/F4f+f3f6/z3o/+v/6//r/9NXRev/N3J/Np69PMykIvkfAAAAqiDm/lvDTOR/AAAAKI2Y+38pzET+BwAAgNKIuX9zmElF8r/+v/5/8fv/Pv9f/7/o/X+f/18k+v/d6f/3oP+v/6//r/9PXxWt/x9z/21hJhXJ/wAAAFAFMfffHmYi/wMAAEBpxNz/y2Em8j8AAACURsz9W8JMKpL/9f8L3v+PzVH9f/1//X/9f/3/FdH/707/vwf9f/1//X/9f/qqaP3/mPtfEWZSkfwPAAAAVRBz/x1hJvI/AAAAlEbM/a8MM5H/AQAAoDRi7p8IM6lI/tf/L3j/P+/Bj/n8f/1//X/9f/3/ldH/707/vwf9f/3/vvT/Fy7p/+v/kyta/z/m/jvDTCqS/wEAAKAKYu7fGmYi/wMAAEBpxNx/V5iJ/A8AAAClEXP/tjCTiuR//f+B6P9n+v/6//r/+v/6/yuj/9+d/n8P+v/6/z7/X/+fvipa/z/m/leFmVQk/wMAAEAVxNy/PcxE/gcAAIDSiLn/1WEm8j8AAACURsz9O8JMKpL/9f/1//X/9f/1/zvvX/9/MOn/d6f/34P+v/6//r/+P31VtP5/zP2vCTOpSP4HAACAKoi5f2eYifwPAAAApRFz/91hJvI/AAAAlEbM/ZNhJhXJ//r/+v/6//r/+v+d96//P5j0/7vT/+9B/1//X/9f/5++Klr/P+b+e8JMKpL/AQAAoApi7r83zET+BwAAgNKIuX8qzET+BwAAgNKIuX86zKQi+V//X/9f/1//f1X9/1cu3q/+f07/v1j0/7vT/+9B/1///wXv/4/q/1MqRev/x9y/K8ykIvkfAAAAqiDm/t1hJvI/AAAAlEbM/XvCTOR/AAAAKI2Y+/eGmVQk/+v/6//r/+v/+/z/zvvX/x9M+v/d9b//Hx+i/r/+v/6/z//X/2epovX/Y+6/L8ykIvkfAAAAqiDm/n1hJvI/AAAAlEbM/fvDTOR/AAAAKI2Y+w+EmVQk/+v/6//r/+v/6/933r/+/2DS/+/O5//3oP+v/6//r//PGj30h81fFa3/H3P/wTCTiuR/AAAAqIKY+18bZiL/AwAAQGnE3P8rYSbyPwAAAJRGzP2/GmZSkfyv/9/SPa8/XP1//X/9f/3/Bv3/waT/353+fw/6//r/+v/6//TVsv3/EL3Xu/8fc/+hMJOK5H8AAACogpj7fy3MRP4HAACA0oi5/3VhJvI/AAAAlEbM/YfDTCqS//X/ff6//r/+v/5/5/2vd/9/LN6v/v+a6P93p//fg/6//r/+v/4/fVW0z/+Puf/1YSYVyf8AAABQBTH33x9mIv8DAABAacTc/4YwE/kfAAAASiPm/jeGmVQk/+v/6//r/+v/6/933r/P/x9M+v/d6f/3oP+v/6//r/9PXxWt/x9z/5vCTCqS/wEAAKAKYu5/c5iJ/A8AAAClEXP/W8JM5H8AAAAojZj73xpmUpH8r/+v/6//r/+v/995//r/g0n/vzv9/x70//X/9f/1/+mrovX/Y+7/9TCTiuR/AAAAqIKY+x8IM5H/AQAAoDRi7n9bmIn8DwAAAKURc//bw0wqkv/1//X/9f/1//X/O+9f/38w6f93N2D9/1/cFC7X/8/p/xf7+Ffb/x9p+/q69P9/sFz/f2FD++31/7keitb/j7n/HWEmFcn/AAAAUAUx978zzET+BwAAgNKIuf9dYSbyPwAAAJRGzP2/EWZSkfyv/18/jsX2sv5/Wfv/Q/r/+v/6/xWh/9/dgPX/ff5/G/3/Yh+/z//X/2epovX/Y+5/d5hJRfI/AAAAVEHM/Q+Gmcj/AAAAUBox9z8UZiL/AwAAQGnE3P+eMJOK5H/9f5//X43+v8//z/T/9f8rQv+/O/3/HvT/9f+L1v//T/1/BlvR+v8x9z8cZlKR/A8AAABVEHP/e8NM5H8AAAAojZj7fzPMRP4HAACA0oi5/31hJhXJ//r/g9L/nxjQ/v9j+v/Xsf9/x035dvr/+v8s0v/vTv+/B/1//f+i9f99/j8Drmj9/5j73x9msvL8P77iLQEAAIAXRMz9vxVmUpG//wcAAIAqiLn/t8NM5H8AAAAojZj7fyfMpCL5X/9/UPr/Pv8/0//3+f9tj0f/X/+/k/Xr/8d3Hv1//X/9/0j/X/9f/592Rev/x9z/u2EmFcn/AAAAUAUx938gzET+BwAAgIHQ6f/Jbhdz/5EwE/kfAAAASiPm/qNhJhXJ//r/+v/6/wXt///Z1n/53rffeXSX/r/+v/7/qqzr5//XX/w+/1//X/8/0f/X/9f/p13R+v8x9x8LM6lI/gcAAIAqiLn/98JM5H8AAAAojZj7j4eZyP8AAABQGjH3z4SZVCT/6//r/+v/F7T/P8Cf/x/Ph/5/q771/+Obrv5/R3n/Pq2i69v/f+9iT1z/f7X9/7GOl+r/6/8P8vHr/+v/s1TR+v8x98+GmVQk/wMAAEAVhNw/dCKfi1fI/wAAAFAaMfefDDOR/wEAAKA0Yu7/YJhJRfK//r/+v/6//r/P/++8/279/9qIz/8vqtS//1njhaL/36Y4/f/O9P/1/wf5+PX/9f9Zqmj9/5j758JMKpL/AQAAoApi7v9QmIn8DwAAAKURc/+Hw0zkfwAAACiNmPtPhZlUJP/r/+v/6//r/+v/d95/YT//X/+/q7X27/X/A/3/avf//0f/X/9f/5/+KFr/P+b+02EmFcn/AAAAUAUx958JM5H/AQD+n707abKzLvs4fvp5wpNO8SzcuXBjlUtfAgtd6wtw4caNVZYLJ1ScCc4jioqzIjgPOIAgooLzAE4ozqDiPA84IUrFonNdV9Ldd9+nOzndfd///+ezyCVtmnOkUgm/dL7eANCM3P2PjVvsfwAAAGhG7v7HxS2d7H/9/9n0/6cqZf3/5vc/if7/Qfr/nV5f/6//b5n+f5z+fwn9v+f/6//1/6zU1Pr/3P2Pj1s62f8AAADQg9z9T4hb7H8AAABoRu7+8+MW+x8AAACakbv/iXFLJ/t/S/+/tuiz/8+M1/P/W+r/Pf9/x9fX/+v/W3aw/f9F9/7Mp//X/+v/g/5/V/3/0Z0+X/9Pi6bW/+fuf1Lc0sn+BwAAgB7k7n9y3GL/AwAAQDNy918Qt9j/AAAA0Izc/U+JWzrZ/6t7/v+xjY/PtP8v+n/9/8YH9P/6f/3/bHn+/7ie+v/zbz33MXdee7/r9vL6+n/9v+f/6/9Zran1/7n7nxq3dLL/AQAAoAe5+58Wt9j/AAAA0Izc/U+PW+x/AAAAaEbu/mfELZ3s/9X1/7N+/n/R/+v/Nz6g/9f/6/9nS/8/rqf+/0xeX/+v/9f/6/9Zran1/7n7nxm3dLL/AQAAoAe5+58Vt9j/AAAA0Izc/RfGLfY/AAAANCN3//G4pZP9r//f//7/Hv2//j+u/l//r//ff/r/cfr/JfT/+n/9v/6flZpa/5+7/6K4pZP9DwAAAD3I3f/suMX+BwAAgGbk7n9O3GL/AwAAQDNy9z83bulk/+v/Pf9f/6//1/8Pv77+f570/+P0/0vo/8+2nz9H/6//1/9zuj32/3eP/LS9kv4/d//z4pZO9j8AAAD0IHf/8+MW+x8AAACakbv/BXGL/Q8AAADNyN3/wrilk/2v/9f/6//1/2fc/2//obdB/z9M/38w9P/jJtP/rx0Z/LD+f/b9v+f/6//1/2wytef/5+5/UdzSyf4HAACAHuTuf3HcMrL/9/yb+QAAAMChyt3/krjF1/8BAABg9rI6y93/0rilk/2v/9f/6//1/57/P/z6Y/3/dae9P/3/tOj/x02m/9+B/l//P+f3r//X/7Pd1Pr/3P0vi1s62f8AAADQg9z9F8ct9j8AAAA0I3f/y+MW+x8AAACakbv/FXFLJ/t/uP8/9d/r/3dH/7/5/ev/h398rKr/z7+j/n+0/3+w5//3Sf8/7uD7/6P6/81/f/3/Pjrs9994/39s2efr/xkytf4/d/8lcUsn+x8AAAB6kLv/lXGL/Q8AAADNyN3/qrjF/gcAAIBm5O5/ddzSyf73/H/9v/5/fv2/5/+fdJjP/18ceP9/RP+/S/r/cZ7/v4T+X/+v//f8f1Zqav1/7v5L45ZO9j8AAAD04NK7Fhu7/zWLhf0PAAAAc3T6nx3Y+gdKQ+7+18Yt9j8AAAA0I3f/6+KWTva//l//r//X/+v/h19/Wv2/5//vlv5/nP5/Cf3/fvTzRxrr/y/b6fOn0P9fqP9nYjb1/zec+vhh9f+5+18ft3Sy/wEAAKAHufvfELfY/wAAANCM3P1vjFvsfwAAAGhG7v43xS2d7P997/+P7fza+n/9v/5f/6//1/+vmv5/nP5/Cf2/5/97/r/+n5U61f9v/vnwsPr/3P1vjls62f8AAADQg9z9b4lb7H8AAABoRu7+y+IW+x8AAACakbv/rXFLJ/vf8//1//p//b/+f/j19f/zpP8fp/9fQv+v/9f/6/9ZqU3P/z/NYfX/ufsvj1s62f8AAADQg9z9V8Qt9j8AAAA0I3f/2+IW+x8AAACakbv/7XFLJ/tf/7+//X9+XP+v/1/o//X/+v8D0W3/vzb0K9F2O/T/Nz/q+EM3f0T/r//X/+v/9f+swCT6/xOn/u0yd/874pZO9j8AAAD0IHf/O+MW+x8AAACakbv/XXGL/Q8AAADNyN3/7rhlj/v/Pit9VwdH/+/5//p//b/+f/j19f/z1G3/v0ue/7+E/l//r//X/7NSk+j/T/vr3P3viVt8/R8AAACakbv/vXGL/Q8AAADNyN3/vrjF/gcAAIBm5O5/f9zSyf7X/+v/9f/6f/3/8Oufaf+/vhim/z8Y+v9x+v8l9P/6f/2//p+Vmlr/n7v/yrilk/0PAAAAPcjd/4G4xf4HAACAZuTu/2DcYv8DAABAM3L3fyhu6WT/6//1//p//b/+f/j1Pf9/nvT/4/T/i8XiqpE3MNT/nziq/9f/6//1/5yhqfX/ufs/HLd0sv8BAACgB7n7r4pb7H8AAABoRu7+q+MW+x8AAACakbv/I3FLJ/tf/6//1//r//X/w6+v/58n/f84/f8Snv+v/9f/6/9Zqan1/7n7r4lbOtn/AAAA0IPc/dfGLfY/AAAANCN3/0fjFvsfAAAAmpG7/7q4pZP9r//X/+v/9f/70v8f1/9vpf8/GPvX/y/0//p//f8S+n/9v/6frQ6q/787fr5f1v/n7v9Y3NLJ/gcAAIAe5O6/Pm6x/wEAAKAZufs/HrfY/wAAANCM3P2fiFs62f/6f/2//l//7/n/w6+v/58nz/8fp/9fQv+v/9f/6/9ZqYPq/3fq/bf+de7+T8Ytnex/AAAA6EHu/hviFvsfAAAAmpG7/8a4xf4HAACAZuTu/1Tc0sn+1//r/zf3/4uF/l//r/8/6QD6//WF/n/l9P/j9P9L6P/b7P//Z9FQ/39sx8/X/zNFU+v/c/d/Om7pZP8DAABAD3L3fyZusf8BAACgGbn7Pxu32P8AAADQjNz9n4tbWtr/9+ycvs2//z+65RP1/4vF4rYLPP9f/z/y+vr/yfT/9U9V/786+v9x+v8l9P9t9v+e/6//59BMrf/P3f/5uKWl/Q8AAACdy93/hbjF/gcAAIBm5O7/Ytxi/wMAAEAzcvd/KW7pZP/Pv//f+on6/8VZPf9f/7/xAf2//l//P1tn299fvh6/pun/9f/6/8F+fm2Hf+9Z6P/1//p/Bkyt/8/d/+W4pZP9DwAAAD3I3X9T3GL/AwAAQDNy998ct9j/AAAA0Izc/V+JWzrZ//p//b/+f579/7r+X/+v/x80lef/n3feQ27R/+v/W+z/x+j/9f/6f7aaWv+fu/+rcUsn+x8AAAB6kLv/a3GL/Q8AAADNyN3/9bjF/gcAAIBm5O7/RtzSyf7f3v+fszhZqJ401P9Ho6b/P43+f/P71/8P//jw/H/9v/5//02l//f8/zN7//p//f+c3/+e+v/7b/98/T8tmlr/n7v/lrilk/0PAAAAPcjd/824xf4HAACAZuTu/1bcYv8DAABAM3L33xq3dLL/Pf9f/6//1//r/4dfX/8/T/r/cfr/JfT/Z9/P58+q+v/5Pv//f/X/rM7U+v/c/d+OWzaG3wP+/wz/ZwIAAAATkrv/O3FLJ1//BwAAgB7k7v9u3GL/AwAAQDNy938vbulk/+v/9f/6f/2//n/49fX/86T/H6f/X6Kf/n996IOH3c+frcN+/830/57/zwpNrf/P3f/9uKWT/Q8AAABtu2vj29z9P4hb7H8AAABoRu7+H8Yt9j8AAAA0I3f/bXFLJ/tf/6//b7//f4T+f8vr6//1/y3T/+ev6MP0/0v00/8POux+fu7vX/+v/2e7qfX/uftvj1s62f8AAADQg9z9P4pb7H8AAABoRu7+H8ct9j8AAAA0I3f/T+KWTva//r+v/n9t0WP/7/n/+n/9f0/m0/9fcWToo57/r//X/8/3/ev/9f9sN7X+P3f/HWtHutz/AAAAMFcPe+Cjb9/t971j49v1xU/jFvsfAAAAmpG7/2dxi/0PAAAAzcjd//O4pZP9r//vq//v8/n/+n/9v/6/J/Pp/4fp//X/+v/5vn/9v/6f7abW/+fu/0XcctrwG/w/6AEAAAAOz//t7bvn7v9l3NLJ1/8BAACgB7n7fxW3bNv/J3b5p9oBAACAqcnd/+u4pZOv/+v/J97/L/ap/4/vp/8/Sf+v/x96ff3/POn/x51l/39iTf+v/x+h/9f/6//Zamr9f+7+669ZdLn/AQAAoFGbfkfhNxvfri9+G7fY/wAAANCM3P2/i1vsfwAAAGhG7v7fxy2d7H/9/8T7/zN6/v+x+k+e/995/3/x+uDr6//1/y3T/4/z/P8l9P/6f/2//p+V2kP/vzFI97v/z93/h7ilk/0PAAAAPcjd/8e4xf4HAACAZuTu/1PcYv8DAABAM3L3/zlu6WT/6/8Pof+/5Ohisa/9/y6e/6//76P/3+H12+n/73vu8Zse/sirr9T/c8pB9v/5Y0H/r//X/5+k/9f/6//ZamrP/8/d/5e4pZP9DwAAAD3I3X9n3GL/AwAAQDNy9/81brl3/994WO8KAAAAWKXc/X+LWzr5+r/+v8Xn/8+z/89/1ofQ/x+fX/+fTXHv/b/n/+v/t/P8/3H6/yX0//p//b/+n5WaWv+fu//vcUsn+x8AAAB6kLv/H3FL7v+1Pf/WPQAAADAxufv/Gbf4+j8AAAA0I3f/XXFLJ/tf/6//n0r/nzz//9Tnef7/Sfp//f9e6P/H6f+X0P/r//X/+n9Wamr9f+7+f8Utnex/AAAA6EHu/rvjFvsfAAAAmpG7/99xi/0PAAAAzcjd/5+4pZP9r//X/+v/9f/6/+HX1//Pk/5/nP5/Cf2//l//r/9npabW/+fu/28AAAD//xDQcaQ=")
unlink(&(0x7f0000000080)='./file1\x00')
setxattr$trusted_overlay_upper(&(0x7f00000003c0)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000000)=ANY=[], 0x835, 0x0)

11.825660642s ago: executing program 3 (id=730):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80, &(0x7f0000000900)=ANY=[@ANYBLOB="747970653d142606372c6e6c733d63703835302c626172726965722c6769643d", @ANYRESHEX=0x0, @ANYBLOB=',force,force,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c0028103ea6ac66d52cae56ca"], 0x1, 0x6e8, &(0x7f00000001c0)="$eJzs3U1sHGf9B/DvrNcbbyq57kva/v9CitWICBpI7JiSICERKoRyqFAkLr2axGmsOGlkuyiJEHGBwhFOKIceilA49IR6QCrigChnJCSuKPdI3CMOGM3srL1rx2tvEttJ+Hyk8Twz87z85ueZx7uziTbA/6yz72R0JUXOHnv7erl9987Mwt07M1e65SQHkjSSZmeV4mpSfJ6cSWfJ/5U76+6KrcZ5895nHx29/clMZ6tZL1X9xqB261YHjLBSL5lMMlKvh9Tcqr/zeWtTf7eG6rpYi7tM2JFu4mC/rW6yMkzzHdy3wJPuVjIy+oD9E8nBJGP164DUs0Njj8N77Iaa5QAAAODJNLJdhefv536uZ3xvwgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBnQ9H5zsCiXhrd8mSK7vf/t+p9pVZrn+Md7CvbHP/w4h4FAgAAAAAAAAC74tP6g/vD93M/1zPe3b9aVJ/5v15tvFz9fC7vZylzWczxXM9slrOcxUwno+M9Hbauzy4vL05vbvnrlC1XV1dv1S1PJpnY1PLkHpw0AAAAAAAAADy7fpKzGd/vIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoFeRjHRW1fJytzyRRjPJWJJWWW8l+VO3/DT7834HAAAAALuvXa/Hi/90CqtF9Z7/lep9/1jez9UsZz7LWchcLlTPAjrv+ht/X5lZuHtn5kq5bO742/8aKo6qxyQj+WCLkaeqGofWWpzNd/P9HMtkzmUx8/lhZrOcuUymXZ5EZlNkot15ejHRjfPB8Z7p2zq3MbbDG7ZfqyJp52Lmq9iO53wrnccm1TmUY77WM9ofWsmGET8os1N8q7bDHF3o+X39qn4uU1t9fod97I6J6sxH1zIyVea+zsYLg3M/5HWycaTpNNaeQb28Pkq5uXGkbs5/MEzOD9brMtc/78/54zbko7SNmTiZRn31Ja/05/zaF2+/2N/4y//4y7lLjauXL11cOraLp/QoJrerMNotbMzETE8mXh189dWZWCgzsbLzTIxu3DG205a7q1Vno5qKdjhbfqcqzeb1nkvwvVzIXE5lKtM5nal8Iycz03eFHerLa3PmSn9OqnutsXl+aw8I/siXeir9YpvKe6vMyws9ee2d6SaqY/WeM7/MVE+WXhx89Q39V6Ac///rcjnGT9f+4jwJ+jJRz83d6F4anInfrJY/lxauXl68NHtth+Mdrdflbfth/9z828dxPg+vvF7KGbdZbVU5aXevl/LYS2vR9uerVX/i0mnX2HTs0NqxiYxnPt/b8k5t1a/hNvfUOfZq77F/rs+crfr1TfdY36ucvJeF6lXIBttO1QDssYNvHGy177X/1v64/bP2pfbbY28dOH3gC62M/rX5x5HfN37X+GbxRj7OjzO+35ECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCzYOnGzcuzCwtzi2uFjG3c86iF1pZjDS6ksW2dO8/trMNMJIPHKupC6/Ge+9NYaGeXev40yYA6rUceohj6Ghu6UF7Ij6XD7henVXtWR4Zo3uy2enCdZpbGtvoNHli/CzJxeXbh36t9ddrpuWWAZ9yJ5SvXTizduPnV+Suz7869O3f15OlTp0/NfH36aycuzi/MTXV+7neUwG5YunFzZL9jAAAAAAAAAAAAAIZT/+v/5Yf+zwzNbeq0FpcePPLhvT5VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Cl19p2MrqTI9NTxqXL77p2ZhXLpltdrNpM0khQ/SorPkzPpLJno6a7Yapw373320dHbn8ys99Xs1m8MarczK/WSySQj9Xp7Bx7Qzeb+zvf0t/JQ4RVrZ1gm7Eg3cbDf/hsAAP//dKz58Q==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000140)=""/200, 0xc8)

4.878707312s ago: executing program 1 (id=807):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./bus\x00', 0x18418, &(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRES8], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
truncate(&(0x7f0000000080)='./file1\x00', 0x400000f000)

4.542007148s ago: executing program 1 (id=811):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x93, 0x1, 0x2, 0xd59f80, 0x19ef, 0x7, 0x19ef, 0x3, 0x7, 0x2800, 0x6, 0x2, 0xbb6, 0x0, 0x10, {0x8, 0xffffffff}, 0xd0, 0x9}})

4.290636681s ago: executing program 1 (id=814):
syz_usb_connect(0x5, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
preadv(r0, &(0x7f00000004c0)=[{&(0x7f00000002c0)=""/168, 0xa8}], 0x1, 0x8001, 0x7)

2.565707439s ago: executing program 0 (id=830):
syz_mount_image$jfs(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000006400)={[{@usrquota}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@quota}, {}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@discard_size={'discard', 0x3d, 0x6}}, {@usrquota, 0x0}, {}, {@resize_size}, {@umask={'umask', 0x3d, 0x100000bfe}}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@discard}, {@quota}, {@uid}], [{@audit}, {@fsmagic={'fsmagic', 0x3d, 0xb207}}, {@fsmagic}, {@permit_directio}]}, 0xfe, 0x612b, &(0x7f00000002c0)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0bER09FbG2vr9aLLx6yH9/9499/98Mn3vrbHwbn//unO73XJq139+6v/vPne0fbZgAAAChNVVVVJ33MP5M+33fb7hQAMBX59b9K8vJTX//6n2/9ZZb6o1ar1Wr1FOqmarx7zSIiNpq3qd8zOBwPACfMRnzcdhdokfyL1o+IJ9ruBDDTOm13gGOxtb2+2kn5dpqvB8u77flckH35b3QeXN8xaXqQ0XNMpvX42oxePDOhPwtT6sMsyfl3R/O/tts+TOsdd/7TMin/4e6lT8XJ+fdG8x9xevLvjs2/VDn//iPl35M/AAAAAADMsPz//0stH/+dO/qmHMonHf9dnlIfAAAAAAAAAOBxO+r4fw8Y/w8AAABmVv1Zvfabp/aWTfoutnr51U7EkyPrA4VJF8sstt0PAAAAAAAAAAAAAChJf/cc3qudiEFEPLm4WFVV/dM0Wj+qo97+pCt9+6FkbT/JAwDAro+eGrmWvxMxHxFX03f9DRYXF6tqfmGxWqwW5vL72eHcfLXQ+Fybp/WyueEh3hD3h1X9y+Ybt2s66PPyQe2jv6++r2HVO0THHpNB+mtOaG4pbABIdl+NtrwinTJV9fSkNx+wj/3/FFqKpbYfV8y+th+mAAAAwPGrqqrqpK/zPpOO+Xfb7hQAMBX59X/0uMCR6u6E9ojH8/vVarVarVZ/qrqpGu9es4iIjeZt6vcMhuMHgBNmIz5uuwu0SP5F60fEc213AphpnbY7wLHY2l5f7aR8O83XgzS+ez4XZF/+G52d2+Xbj5seZPQck2k9vjajF89M6M+zU+rDLMn5d0fzv7bbPkzrHXf+0zIp/+HOJXPlyfn3RvMfcXry747Nv1Q5//4j5d+TPwAAAAAAzLD8//9Ljv/mTQYAAAAAAACAE2dre301X/eaj/9/bsx6rv88nXL+nUfNfyHNy/9Ey/l3R/L/8sh6vcb8/Tf39v9/b6+v/v7Ovz6bp4fNfy7PdNIjq5MeEZ10T51+mh5l6x62OegN63sadLq9fjrnpxq8EzfiZqzFhX3rdtPfY699ZV973dPBvvaL+9r7D7Vf2tc+SN87UC3k9nOxGj+Jm/H2TnvdNnfA9s8f0F4d0J7z73n+L1LOv9/4qfNfTO2dkWnt/ofdh/b75nTc/bxx4/O/vHD8m3Ogzeg92LamevvOttCfnb/JE8P42e21W+fuXr9z59ZKpMm+pRcjTR6znP9g52du7/n/hd32/Lzf3F/vfzh85PxnxWb0J+b/QmO+3t6Xpty3NuT8h+kn5/92ah+//5/k/Cfv/y+30B8AAAAAAAAAAAAAAAD4JFVV7Vwi+kZEXE7X/7R1bSYAMF359b9K8nK1Wq1Wq9Wnr26qxnu9WUTEX5u3qd8z/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpi213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+cWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOPPx8743Ocmjf99Nh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5P98Y77zO/8zI8OsljP86OuZ9CXL+ZxuP5zr/L42s18y/+u3M5b9x2BU3o7sv//N33vvp+dvvf/DKjfeuv7v27tqPL62sXLh0+fKVK1fOv3Pj5tqF3X+Pp9czIOefx752HmhZcv45c/mXJef/hVTLvyw5/y+mWv5lyfnn93vyL0vOP3/2kX9Zcv4vpVr+Zcn5fyXV8i/L1vb6XJ3/y6mWf1ny/v/VVMu/LDn/V1It/7Lk/M+lWv5lyfmfT/Uh8vf18KdIzj8f4bL/lyXnv5Jq+Zcl538x1fIvS87/UqrlX5ac/6upln9Zcv5fS7X8y5Lzv5xq+Zcl5//1VMu/LDn/K6mWf1ly/t9ItfzLkvP/ZqrlX5ac/2upln9Zcv7fSrX8y5Lz/3aq5V+WnP93Ui3/suT8X0+1/Muy9/3/ZsyYMZNn2n5mAgAAAAAAAAAAAABGTeN04ra3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzda4xcZ30G8DN7sdcOIQZCcFIDa8cY4yzZ9SW+0LqYcG2AUiCh0Au2612bBd/w2iVQJJsGSiSMiiqqph/aAkJtpKrCqvhAK0rzoerlU9N+oF8qqkpIjaoQBVSktqLZaua87+uZ2dmZXe94PXve309K/t6dM3POnHlndp+1nx0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2dY3z3y+VhRF/b/G/zYVxYvqf94wvqnxuTfc6iMEAAAAVur/Gv9//o70iSNLuFLTNn/3qn/85vz8/HzxweHfHf3y/Hy6YLwoRtcXReOy6Nq/f6jWvE3wWDFWG2r6eKjH7od7XD7S4/LRHpev63H5+h6Xj/W4fMEJWGBD+fOYxo1tb/xxU3lKizuL0cZl2ztc67Ha+qGh+LOchlrjOvOjJ4vZ4nQxU0y1bF9uW2ts/+2t9X29o4j7Gmra15b6Cvnhp0/EY6iFc7y9ZV/XbzP6wZuK8R/98NMn/vjis3d3mj1PQ8vtlce5c1v9OD8bPlMea61Yn85JPM6hpuPc0uExGW45zlrjevU/tx/n80s8zuHrh7mq2h/zsWKo8eenG+dppPnHeuk8bQmf++97i6K4cv2w27dZsK9iqNjY8pmh64/PWLki67dRX0ovLUaWtU63LmGd1uf09tZ12v6ciI//1nC9kUWOoflh+sFn1i143Je7TqP6vV7sudK+Bvv9XBmUNRjXxdONO/14xzW4Pdz/T+9YfA12XDsd1mC6301rcFuvNTi0brhxzOlBqDWuc30N7m7Zfrixp1pjPrOj+xqcvHjm/OTcJz/1+tkzx0/NnJo5u3f37qm9+/cfPHhw8uTs6Zmp8v83eLYH38ZiKD0HtoVzF58Dr23btnmpzn+1f8/DsS7Pw01t2/b7eTjSfudqq/OEXLimy+fGw/WTPnZ1qFjkOdZ4fHat/HmY7nfT83Ck6XnY8WtKh+fhyBKeh/Vtzu9a2vcsI03/dTqGm/W1YFPTGmz/fqR9Dfb7+5FBWYNjYV38667FvxZsCcf7+MRyvx8ZXrAG090Nrz31z6Tv98cONkandXlP/YLb1hWX5mYu3P/o8YsXL+wuwlgVL2taK+3rdWPTfSoWrNehZa/XI7OvevyeDp/fFM7V2Ovr/xtb9LGqb7Pv/u6PVeOrW+fz2fLZPUUYfbba57PTV/P6+UxZssv5rG/z2cmVfy+ecmnT6+/oIq+/Mfe/UO4v3dRjw6Mj5fN3OJ2d0ZbX49aHaqTx2lVr7Pv5yaW9Ho+G/1b79fjOLq/Hm9u27ffr8Wj7nYuvx7VeP+1YmfbHcyysk9NT3V+P69ts3rPcNTnS9fX43jBr4fy/LiSFlIua1s5i6zbta2RkNNyvkbiH1nW6t2X70ZDN6vt6cs+NrdOd95a3NZzu3XWrtU7H27bt9zpNr1eLrdNar5++3Zj2x3MsrIs793Zfp/Vtntq38tfODfGPTa+d63qtwdHhdfVjHk2LsHy9n98Q1+D9xYniXHG6mG5cuq6xnmqNfU08sLQ1uC78t9qvlZu7rMGdbdv2ew2mr2OLrb3ayMI73wftj+dYWBdPPNB9Dda3ecuB/n7vujN8Jm3T9L1r+8/XFvuZ1z1tp+lm/syrfpx/c6D7z2br25w+uNyc2f083Rc+c1uH89T+/F3sOTVdrM552hyO89mDi5+n+vHUt/nyoSWupyNFUVz++IONn/eGv1/580vf/WbL37t0+judyx9/8LnbT/7tco4fgLXvhXJsLL/WNf3N1FL+/h8AAABYE2LuHwozkf8BAACgMmLuj/8qPJH/AQAAoDJi7h8JM8kk/29+y7OzL1wuUjN/PoiXp9PwULld7LhOhY/H56+rf/7Br8/8+C8vL23fQ0VR/OSh3+i4/eaH4nGVxsNxXntr6+cXXvHykvZ/7JHr2zX3178Sbj/en6Uug04V3KmiKL59xxcb+xn/0NXGfOqhY435viuPP1bf5vlD5cfx+s+8rNz+D0L598jJ4y3Xfyach++HOfXOzucjXu8bV1+35cAHru8vXq+27cWNu/3Eh8vbjb8n50uPldvH87zY8f/VF578Rn37R1/T+fgvD3U+/ifD7X49zP95Zbl982NQ/zhe73Ph+OP+4vXu/9p3Oh7/tc+X259/W7ndsTDj/neGj7e/7dnZ5vP1aO14y/0q3l5uF/c/9d3fblweby/efvvxjx292nI+2tfHU/9c3s5k2/bx83E/0V+07b9+O83rM+7/yd861nKee+3/2vueeWX9dtv3f1/bdsNt12//jU1/+LkvdtxfPJ4jf3a+5f4ceW94Hof9P/HhsB7D5f977Yst+42Ovbf19Sdu/5VNl1vuT/SOH5X7v/bGU435H+M//v3bXnT7i6+8un7uiuLp95e312v/p/7oXMvxf/WuXY3HI14eO/rt+19M3P+FT0ycPTd3aXa66aw2fnfOu8rjWT+2YWP9eO8Ir63tHx89d/EjMxfGp8animK8ur9C74Z9LcznynFludff9Uh4PO/5vW9v3PFPX4if/5eHy89ffWf5deu1Ybsvhc9vKh+/+doK9//E1rsaz+/aU+XHLT32Ptiy/T8PLmnDcP/bvy+I6/38yz/SOA/1yxpfN+LzeoXH/73p8na+Fc7rfPjNzNvuur6/5u3j70a4+v7y+b7i8xde5uLj+ifh8X7398vbj8cV7+/3wvcx39nc+noX18e3Lg+1337jt3hcCa8nxZXy8rhVPN9Xn7+r4+HF30NSXLm78fHvpNu5e1l3czFzn5ybPD179tKjkxdn5i5Ozn3yU0fPnLt09uLRxu/yPPrRXte//vq0sfH6ND2zf18xtaEoinPF1Cq8YN2c46//aWnHf/6RE9MHpnZMz5w8funkxUfOz1w4dWJu7sTM9NyO4ydPznyi1/Vnpw/v3nNo74E9E6dmpw8fPHRo76GJ2bPn6odRHlQP+6c+NnH2wtHGVeYO7zu0+4EH9k1NnDk3PXP4wNTUxKVe1298bZqoX/vXJy7MnD5+cfbMzMTc7KdmDu8+tH//np6/DfDM+ZNz45MXLp2dvDQ3c2GyvC/jFxufrn/t63V9qmnu38rvZ9vVyl/EV7znvv3p97PWff0zi95UuUnbLxB9Nvwumn94yfmDS/k45v7RMJNM8j8AAADkIOb+dWEm8j8AAABURsz968NM5H8AAACojJj7x8JMMsn/+v/6/0vr/5eX6//n1f8///GyV7rW+/+xP6//n4db3P9f8f71//X/q9f/X3p/fq0fv/6//j8LDVr/P+b+DUWRZf4HAACAHMTcvzHMRP4HAACAyoi5/7YwE/kfAAAAKiPm/heFmWSS//X/l9T/39OrcFX9/r/3/9f/L9Zm/z8+OPr/2Vh2//4DD7d8qP8f6P/r/+v/6//r/7Nio4tecqv6/zH33x5mkkn+BwAAgBzE3P/iMBP5HwAAACoj5v47wkzkfwAAAKiMmPs3hZlkkv/1/73/v/6//n+l+/8rff//poPR/18bvP9/d/r/Pdxw/39M/38t9v9H+3v8g93/73n4+v/cFIP2/v8x978kzCST/A8AAAA5iLn/pWEm8j8AAABURsz9Lwszkf8BAACgMmLuvzPMJJP8r/+v/6//r/+v/995/73f/7/8k/7/YNH/707/vwfv/59X/7/Pxz/Y/f9+v///6Fvbr6//TyeD1v+Puf/lYSaZ5H8AAADIQcz9d4WZyP8AAABQGTH3vyLMRP4HAACAyoi5f3OYSSb5X/9f/1//X/9f/7/z/nv3/0v6/4NF/787/f8e9P/1//X/l9b/7/DNr/4/nQxa/z/m/rvDTDLJ/wAAAJCDmPvvCTOR/wEAAKAyYu7/qTAT+R8AAAAqI+b+LWEmmeR//X/9f/3/vPr/963T/9f/rzb9/+70/3vQ/9f/1/9f4vv/L7Sc/v/6XjdGZQxa/z/m/leGmWSS/wEAACAHMfe/KsxE/gcAAIDKiLn/1WEm8j8AAABURsz942EmmeR//f9q9f//9K+feHWh/6//32P/Fe3/x2Wg/585/f/u9P970P/X/9f/X5X+P/kYtP5/zP1bw0wyyf8AAACQg5j7t4WZyP8AAABQGTH33xtmIv8DAABAZcTcvz3MJJP8r/9frf5/pP+v/99t/xXt/yf6/3nT/++g6Umq/9+D/r/+f/b9//jdr/4//TFo/f+Y+18TZpJJ/gcAAIAcxNy/I8xE/gcAAIDKiLn/tWEm8j8AAABURsz9O8NMMsn/+v/6//r/+v/6/533r/+/Nun/d7fc/v86/X/9f/3/zPr/3v+f/hq0/n/M/a8LM8kk/wMAAEAOYu7fFWYi/wMAAEBlxH+/Wf67V/kfAAAAqijm/okwk0zyv/6//n9O/f+a/r/+v/5/5en/d+f9/3vQ/9f/1//X/6evBq3/H3P/68NMMsn/AAAAkIOY++8PM5H/AQAAoDJi7p8MM5H/AQAAoDJi7p8KM8kk/+v/6//n1P/3/v/6//r/1af/353+fw/6//r/Vev/F4X+P7fUoPX/Y+7fHWaSSf4HAACAHMTcvyfMRP4HAACAyoi5f2+YifwPAAAAlRFz/74wk0zyv/6//r/+v/6//n/n/ev/r036/93p//eg/6//X7X+v/f/5xYbtP5/zP0PhJlkkv8BAAAgBzH37w8zkf8BAACgMmLuPxBmEvJ/p3/XDQAAAKwtMfcfDDPJ5O//9f8r0v//zb9v2bf+v/5/t/33p/+/Qf8/TP3/wVLR/n/70+KG6f/3oP+v/6//r/9PXw1a/z/m/kNhJpnkfwAAAMhBzP1vCDOR/wEAAKAyYu7/6TAT+R8AAAAqI+b+nwkzyST/6/9XpP/fRv9f/7/b/r3/v/5/lVW0/983ler/D+n/6/8P1vHr/+v/s9DN7//HPy2t/x9z/+Ewk0zyPwAAAOQg5v6fDTOR/wEAAKAyYu5/Y5iJ/A8AAACVEXP/kTCTTPK//r/+v/6//v/N6f+/sWg3iP3/+uLR/68W/f/uKtX/9/7/+v8Ddvz6//r/LDRo7/8fc/+bwkwyyf8AAACQg5j7Hwwzkf8BAACgMmLuf3OYifwPAAAAlRFz/1vCTDLJ//r/+v/6//r/3v+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/1vDTDLJ/wAAAJCDmPvfFmYi/wMAAEBlxNz/9jAT+R8AAAAqI+b+d4SZZJL/9f/1//X/9f/1/zvvX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/Mff/XJhJJvkfAAAAchBz/0NhJvI/AAAAVEbM/e8MM5H/AQAAoDJi7n9XmEkm+V//X/9f/1//X/+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/7vDTDLJ/wAAAJCDmPt/PsxE/gcAAIDKiLn/PWEm8j8AAABURsz9vxBmkkn+1//X/x+s/v/85ebr6f/r/xf96v/Xr6T/nwX9/+70/3vo0P9fr/+v/6//r//PDRu0/n/M/e8NM8kk/wMAAEAOYu5/X5iJ/A8AAACVEXP/+8NM5H8AAACojJj7Hw4zyST/6/9n2f9Pd3nw+v/e/1//3/v/6/+vjP5/d/r/PXj/f/1//X/9f/pq0Pr/Mfc/EmaSSf4HAACAHMTc/4EwE/kfAAAAKiPm/l8MM5H/AQAAoDJi7v9gmEkm+V//P8v+/wC//3/V+v8jLesjp/7/WNPjmdal/r/+/yrQ/+9O/78H/X/9/0Hu/4fVvGGR6+v/M4gGrf8fc/+Hwkwyyf8AAACQg5j7fynMRP4HAACAyoi5/5fDTOR/AAAAqIyY+38lzCST/K//r/+v/+/9/73/f+f96/+vTfr/3en/96D/r/8/yP3/HvT/GUSD1v+Puf9Xw0wWDX7P/dcS7iYAAAAwQGLu/3CYSSZ//w8AAAA5iLn/aJiJ/A8AAACVEXP/sTCTTPK//n97/z++o6r+v/6//r/+v/7/WtS//v8rbi8K/X/9f/1//X/9f/1/VmLQ+v8x9x8PM8kk/wMAAEAOYu7/tTAT+R8AAAAqI+b+E2Em8j8AAABURsz902EmmeT/W9j/Hx3M/r/3/7/R/v9P9P/1/wP9/870/1eH9//vTv+/B/1//X/9f/1/+mrQ+v8x98+EmWSS/wEAAKDC0o+DY+4/GWYi/wMAAEBlxNx/KsxE/gcAAIDKiLn/I2EmmeR/7/+v/+/9/29F/3+kZXv9/5L+v/5/P+j/d6f/34P+v/6//r/+P301aP3/mPtnw0wyyf8AAACQg5j7PxpmIv8DAABAZcTc/7EwE/kfAAAAKiPm/tNhJpnkf/1//f/c+/+1orji/f/1/zvtX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/MfefCTPJJP8DAABADmLuPxtmIv8DAABAZcTcfy7MRP4HgP9n7y6aJDuvPA7naKSG1cxHmPWsZjmz0nwEb71zhNeOMMgMksxsy8wgMzOTzMzMMjPKKDuiHao+53RXV/a9DdlV977neTbH3aFyZqlTcvxd8YsLADCM3P13j1ua7H/9v/6/e/+/OZLn/+//6/X/p+n/9f+7cKC/v3r7X3e+KPy8/f///O91d9H/6//1/5P0//p//T/nWlr/n7v/HnFLk/0PAAAAHeTuv2fcYv8DAADAMHL33ytusf8BAABgGLn7r4tbmux//b/+X/+v/9/X/9+i/9f/r5vn/0/T/8/Q/+v/9f/6f3Zqaf1/7v57xy1N9j8AAAB0kLv/PnGL/Q8AAADDyN1/37jF/gcAAIBh5O6/X9zSZP/r//X/+v+19P/HPP//nO9H/6//30b/P03/P0P/r//X/+v/2aml9f+5++8ftzTZ/wAAANBB7v4HxC32PwAAAAwjd/8D4xb7HwAAAIaRu/9BcUuT/a//1//r/9fS/x/S8//1//r/lbt5c+bfCfr/g/T/M2b6/81G/z/lgvv57d/eet7/eej/9f8ctLT+P3f/g+OW/99sjl3qNwkAAAAsSu7+h8QtTX7+DwAAAB3k7r8+brH/AQAAYBi5+2+IW5rsf/2//l//r//X/29/ff3/Onn+/7TL7///+z/vdte+/b/n/0/z/P9d9/93fDL0/6zb0vr/3P03xi1N9j8AAAB0kLv/oXGL/Q8AAADDyN3/sLjF/gcAAIBh5O5/eNzSZP/r/0fr//9939ed1f/v1S76f/2//l//Pzr9/zTP/5+x96+5k/VL/b/+3/P/9f9cnqX1/7n7HxG3NNn/AAAA0EHu/kfGLfY/AAAADCN3/6PiFvsfAAAAhpG7/9FxS5P9r/8frf/f/3We/6//3/b6+n/9/8j0/9P0/zNGef7/JX5qjrqfv1xH/f71//p/Dlpa/5+7/zFxS5P9DwAAAB3k7n9s3GL/AwAAwDBy9z8ubrH/AQAAYBi5+x8ftzTZ//p//f86+v98Bf2//v/K9/9J/79O+v9p+v8Zo/T/l+io+/m1v3/9v/6fg5bW/+fuf0Lc0mT/AwAAQAe5+58Yt9j/AAAAMIzc/U+KW+x/AAAAGEbu/ifHLU32v/5f/7+O/t/z//X/nv+v/78w+v9p+v8Z+n/9v/5f/89OLa3/z91/U9zSZP8DAABAB7n7nxK32P8AAAAwjNz9T41b7H8AAAAYRu7+p8UtTfa//l//r//X/+v/t7++/n+d9P/T9P8z9P/6f/2//p+dWlD/f9ZXndg8PW5psv8BAACgg9z9z4hb7H8AAAAYRu7+Z8Yt9j8AAAAMI3f/s+KWJvtf/7+Y/n8v5xur/z+52Wz0/5um/f/Js/4863Op/9f/HwL9/zT9/wz9v/5f/6//Z6cW1P/v/Tp3/7Pjlib7HwAAADrI3f+cuMX+BwAAgGHk7n9u3GL/AwAAwDBy9z8vbmmy//X/i+n/94zV/3v+/7mfj079v+f/H6T/Pxz6/2n6/xn6f/2//l//z04trf/P3f/8uOnYNZf8LQIAAAALk7v/BXFLk5//AwAAQAe5+18Yt9j/AAAAsFI3Hfid3P0vilua7H/9/277/2Nn/Z7+X/9/7udD/6//1/9fefr/afr/Gfp//b/+X//PTi2t/8/d/+K4pcn+BwAAgA5y998ct9j/AAAAMIzc/S+JW+x/AAAAGEbu/pfGLU32v/7f8//1//p//f/219f/r5P+f5r+f4b+X/9/tP3/8TP/Uf/PGC6i/z916tT1V7z/z93/srilyf4HAACADnL3vzxusf8BAABgGLn7XxG32P8AAAAwjNz9r4xbmux//X/T/j8/6uvq/2/YbPT/+n/9v/5/mv5/mv5/hv5f/+/5//p/dmppz//P3f+quKXJ/gcAAIAOcve/Om6x/wEAAGAYuftfE7fY/wAAADCM3P2vjVua7H/9f9P+3/P/9f/6/8Pu/2/f6P8PxSr6/5Pnf/2l9/836v/1/xPa9f93+r99v9T/6/85aGn9f+7+18UtTfY/AAAAdJC7//Vxi/0PAAAAw8jd/4a4xf4HAACAYeTuf2PcdHWT/a//1//r//X/+v/tr3/Iz/8/ttls9P87sIr+f8LS+//dPP//3H/Kz9D/6//X/P71//p/Dlpa/5+7/01xS5P9DwAAAB3k7n9z3GL/AwAAwDBy978lbrH/AQAAYBi5+98atzTZ//p//b/+X/8/fP9/4yr6f8//3xH9/7Rl9P/np//X/6/5/ev/9f9cuKPq/3P3vy1uabL/AQAAoIPc/W+PW+x/AAAAGEbu/nfELfY/AAAADCN3/zvjlib7X/+v/7+Y/j/fp/5/rP7/+OL6/xP7/vuaPP9f/78j+v9p+v8Z+n/9v/7/Jv0/u7S05//n7n9X3NJk/wMAAEAHufvfHbf+r1v7HwAAAIaRu/89cYv9DwAAAMPI3f/euKXJ/tf/6/89/1//P/zz//X/rej/p+n/Z+j/9f/6f8//Z6eW1v/n7n9f3NJk/wMAAEAHufvfH7fY/wAAADCM3P0fiFvsfwAAABhG7v5b4pYm+1//r//X/+v/9f+n/wz1/2PQ/087nP7/pP5f/1/9/L/FPwX6f/3/3NczpqX1/7n7Pxi3NNn/AAAA0EHu/g/FLfY/AAAADCN3/4fjFvsfAAAAVunqLb+Xu/8jcUuT/a//1//r//X/+v/tr6//X6cj6f/zQ6H/9/z/0Kf//699v1rb8//P/d8v/b/+n91bWv+fu/+jcUuT/Q8AAAAd5O7/WNxi/wMAAMAwcvd/PG6x/wEAAGAYufs/Ebc02f/6f/2//l//r//f/vr6/3Xy/P9p+v8Z+v8jfX7+2t+//l//z0FL6/9z938ybmmy/wEAAKCD3P2filvsfwAAABhG7v5Pxy32PwAAAAxjb/dnXNZw/+v/9f/6f/2//n/76+v/10n/P03/P0P/r//X/+v/2aml9f+f2fuqE5vPxi1N9j8AAAB0kLv/c3GL/Q8AAADDyN3/+bjF/gcAAIBh5O7/QtzSZP/r//X/6+j/T506db3+X/+///s50//fqv+n6P+n6f9n6P/1//p//T87tbT+P3f/F+OWJvsfAAAAOsjd/6W4xf4HAACAYeTu/3LcYv8DAADAMHL3fyVuabL/9f8L6P9P6P89/1//v/H8f/3/juj/p+n/Z4zY/5+48G//qPv5y3XU71//r//noKX1/7n7vxq3NNn/AAAA0EHu/q/FLfY/AAAADCN3/9fjFvsfAAAAhpG7/xtxS5P9r/8/vP7/jr93XZ7/f3Kz/f3r//X/+n/9/5Wm/5+m/58xYv9/EY66n1/7+9f/6/85aGn9f+7+b8Yt+4ffNRf3XQIAAABLkrv/W3FLk5//AwAAQAe5+78dt9j/AAAAMIzc/d+JW5rsf/3/Ap7/P2D/7/n/2z8f+v9F9/9X6f/HoP+fpv+fof/X/+v/d9T/56dZ/9/d0vr/3P3fjVua7H8AAADoIHf/9+IW+x8AAACGkbv/+3GL/Q8AAADDyN1/a9xy1v7f1naPQv+v/9f/6//1/9tfX/+/Tvr/aRfa/x/fXF7/n/T/+n/9f9f+3/P/OW1p/X/u/h/ELX7+DwAAAKtzzXl+P3f/D+MW+x8AAACGkbv/R3GL/Q8AAADDyN3/47jltquO6i0dKv2//l//r//X/29/ff3/Oun/p3n+/wz9/y76+Wv1/2P0/5uN/p/Lt7T+P3f/T+IWP/8HAACAYeTu/2ncYv8DAADAMHL3/yxusf8BAABgGLn7fx63NNn/+n/9/2X2/3tppv7/NP3/afr/7fT/h0P/P03/P0P/7/n/+n/P/2enltb/5+7/RdzSZP8DAABAB7n7fxm32P8AAAAwjNz9v4pb7H8AAAAYRu7+X8ctTfb/kfX/8bda/7/6/t/z//X/+n/9/6Lo/6fp/2fo//X/+n/9Pzu1tP4/d/9v4pYm+x8AAAA6yN3/27jF/gcAAIBh5O7/Xdxi/wMAAMAwcvf/Pm5psv89/1//r//X/+v/t7++/n+d9P/T9P/b1R+U/l//r//X/7NTS+v/c/f/IW5psv8BAACgg9z9f4xb7H8AAAAYRu7+2+IW+x8AAACGkbv/T3FLk/2v/9f/6//1//r/7a+v/18n/f+0o+z/7/wf8y/r+f9H3v/nW9D/6//1/+zE0vr/3P1/jlua7H8AAADoIHf/X+IW+x8AAACGkbv/r3GL/Q8AAADDyN3/t7ilyf6f6f+P11+o/5+k/9///vX/2z8f+n/9v/7/ytP/T/P8/xn6f8//1//r/9mppfX/ufv/Hrc02f8AAADQQe7+2+MW+x8AAACGkbv/H3GL/Q8AAADDyN3/z7ilyf73/P819f/X6v/1//p//b/+f4b+f5r+f4b+X/+v/9f/s1NL6/9z9/8rAAD//z66VbA=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000005c0)=""/239, 0xef)

2.126280766s ago: executing program 1 (id=834):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002380)=@newlink={0x54, 0x10, 0x401, 0x70bd29, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, 0x8003, 0x80}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x1}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x2}]}, 0x54}}, 0x0)

1.990828008s ago: executing program 1 (id=836):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000e80)={<r1=>0xffffffffffffffff}, 0x111, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, r1, 0x2000000}}, 0x18)

1.87577222s ago: executing program 1 (id=837):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc222, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x1000, 0x6, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xd, 0x3}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="002208000000ab0009000039"], 0x0}, 0x0)

1.87252789s ago: executing program 0 (id=838):
syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x8488, &(0x7f00000001c0), 0x1, 0x10fd, &(0x7f0000001140)="$eJzs2T9rFEEYBvBnds8/3cqmXwQtLCQknF8ghcK1ttqIpDJVrlL8OH4cTWUf0msRsF9Zb/dO5UTwTm1+PzjmvYd9Z2fKmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZsmnkhxUSTtlVZKSdN3F4ipJN+V33tdVSp6eLpaPz+dPlknqb4+XZ0kZuoa2tMf3brfzdt4et48OTu5/WL5+8+rF2dnp+ThNSZfL6/1vpYzrAQAAAH7U76z5z+8HAAAAfmdvFwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6hvNnU7FVWSknTdxeIqSbel78Y/Wh8AAACwu5Iqz5tt+eoaYONhPjZlnQ/jlzLUR3m3pR8AAAD4pf7WWHz/fb3c3JzHH2S2PpcP2d3Mcni4+j8O+XyS1EmOfpr88vrty+lX+vpv7wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAPYKAAD///F61s8=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, 0x0)

1.316164749s ago: executing program 0 (id=844):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCSNPMODE(r0, 0x4004743c, 0x0)

1.20913745s ago: executing program 2 (id=845):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000134000000020a03"], 0x98}}, 0x0)

1.190153701s ago: executing program 4 (id=846):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x1c}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="6000000010000100"/20, @ANYRES32=0x0, @ANYBLOB="0221000000000000140003006e657464657673696d300000000000001800168014000180100006"], 0x60}}, 0x88)

1.010827314s ago: executing program 4 (id=847):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000100)="240000005a001f001007f41108000400020100020800038005000000ffc8bbb86ec81f7d", 0x24)

1.003992864s ago: executing program 2 (id=848):
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
setns(r0, 0x0)

915.380815ms ago: executing program 0 (id=849):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x271e, 0x0, &(0x7f0000000000))

856.655216ms ago: executing program 4 (id=850):
io_setup(0x3, &(0x7f0000000180)=<r0=>0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x20a02, 0x0)
io_submit(r0, 0x1, &(0x7f0000000240)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x8, r1, 0x0, 0x0, 0x3}])

752.132408ms ago: executing program 2 (id=851):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
tkill(0x0, 0x7)

751.988248ms ago: executing program 0 (id=852):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000001540)='./file1\x00', 0x2, &(0x7f0000000100)=ANY=[], 0x1, 0x1511, &(0x7f0000002ac0)="$eJzs3AvYTdX2MPAx5pyLl8ROcp9jjsVOLpMkySVJLkmSJEluCUmS5AjJLbckJCH3JLmF5BaS+/2We5IcSZKEhCTze946Hef8O//TOV99f//vvOP3POvZczxzjbnm3ON9915rPXvvrzoMrlKvasU6zAy/C/780B0AUgCgHwBkAYAIAEpmLZk1tT+Dxu6/7yDij3X/1Ms9A3E5Sf3TNql/2ib1T9uk/mmb1D9tk/qnbVL/tE3qL0RatnVarqtkS7vb77//n/Lzg9z///+QvP+nbVL//zSnM/w7e0v9/5NcDCH8exlS/7RN6v8fT/+zTql/2ib1T9uk/mmb1F+ItOxy33+W7fJul/vvTwghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE2nAuXGIA4Jf25Z6XEEIIIYQQQggh/jgh/eWegRBCCCGEEEIIIf7fQ1CgwUAE6SA9pEAGyAhXQCa4EjJDFkjAVZAVroZscA1khxyQE3JBbsgDecECgQOGGPJBfkjCtVAAroOCUAgKQxHwUBSKwfVQHG6AEnAjlISboBTcDKWhDJSFcnALlIdboQLcBhXhdqgElaEKVIU7oBrcCdXhLqgBd0NNuAdqwb1QG+6DOnA/1IUHoB48CPXhIWgADaERNIYmf5Of7l/Ofxa6wHPQFbpBd+gBPeF56AW9oQ/0hX7wAvSHF2EAvAQDYRAMhpdhCLwCQ+FVGAbDYQS8BiNhFIyGMTAWxsF4eB0mwBswEd6ESfAWTIYpMBWmwXR4G2bATJgF78BseBfmwFyYB/NhAbwHC2ERLIb3YQl8AEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+FD2AbbYQfshF2wG/bAR7AXPoZ98Ansh0//zfyz/yW/IwICKlRo0GA6TIcpmIIZMSNmwkyYGTNjAhOYFbNiNsyG2TE75sScmBtzY17Mi4SEjIz5MB8mMYkFsAAWxIJYGAujR4/FsBgWxxuwBJbAklgSS2EpLI1lsAyWw3JYHstjBayAFbEiVsJKWAWr4B14B96J1bE61sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYCBthE2yCTbEpNsNm2AJbYEtsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yEnfBZfBafw+ewG1ZSPbAn9sRe2Av7YF/siy9gf3wRX8SXcCAOwsH4Mr6Mr+BQPIPDcDiOwBFYXo3C0TgGWY3D8TgeJ+AEnIgTcRK+hW/hFJyK03A6TscZOBNn4js4G9/Fd3EuzsX5uAAX4EJchItxMS7Bs7gUl+FyXIErcRWuxDW4FtfgetyA63ETbsItuAU/xA9xO27HnbgTd+Nu/Ag/wo/xYxyI+3E/HsADeBAP4iE8hIfxMB7BI3gUj+IxPIbH8TiewJN4Ck/iaTyNZ/AsnsNzeB7P4wW8gBfxYuo/v0pllFHpVDqVolJURpVRZVKZVGaVWSVUQmVVWVU2lU1lV9lVTpVT5Va5VV6VV5EixSpW+VQ+lVRJVUAVUAVVQVVYFVZeeVVMFVPFVXFVQpVQJdVNqpS6WZVWZVRzX06VU+VVC19B3aYqqoqqkqqsqqiqqqqqpqqp6qq6qqFqqJqqpqql7lW1VQ/sg/er1MrUU4OwvhqMDVRD1Ug1Vq/gw6qpGorNVHPVQj2qhuMwbKWa+tbqCdVGjca26ik1Bp9W7dU47KCeUR1VJ9VZPau6qGa+q+qmJmEP1VNNwV6qt+qj+qoZWFmlVqyKekkNVIPUYPWymo+vqKHqVTVMDVcj1GtqpBqlRqsxaqwap8ar19UE9YaaqN5Uk9RbarKaoqaqaWq6elvNUDPVLPWOmq3eVXPUXDVPzVcL1HtqoVqkFqv31RL1gVqqlqnlaoVaqVap1WqNWqvWqfVqg9qoNqnNaovaqj5U29R2tUPtVLvUbrVHfaT2qo/VPvWJ2q8+VQfUn9VB9Zk6pD5Xh9UX6oj6Uh1VX6lj6mt1XH2jTqiT6pT6Vp1W36kz6qw6p75X59UP6oL6UV1UQYFGrbTWRkc6nU6vU3QGnVFfoTPpK3VmnUUn9FU6q75aZ9PX6Ow6h86pc+ncOo/Oq60m7TTrWOfT+XVSX6sL6Ot0QV1IF9ZFtNdFdTF9vS6ub9Al9I26pL5Jl9I369K6jC6ry+lbdHl9q66gb9MV9e26kq6sq+iq+g5dTd+pq+u7dA19t66p79G19L26tr5P19H367r6AV1PP6jr64d0A91QN9KNdRP9sG6qH9HNdHPdQj+qW+rHdCv9uG6tn9Bt9JO6rX5Kt9NP6/b6T7qDfkZ31J10Z/2jvqiD7qq76e66h+6pn9e9dG/dR/fV/fQLur9+UQ/QL+mBepAerF/WQ/Qreqh+VQ/Tw/UI/ZoeqUfp0XqMHqvH6fH6dT1Bv6En6jf1JP2Wnqyn6Kl6mu7zl5Fm/Qv5b/yD/AE/HX2L3qo/1Nv0dr1D79S79G69R+/Re/VevU/v0/v1fn1AH9AH9UF9SB/Sh/VhfUQf0Uf1UX1MH9PH9XF9Qp/U3+tv9Wn9nT6jz+qz+nt9Xp/XF/7yHIBBo4w2xkQmnUlvUkwGk9FcYTKZK01mk8UkzFUmq7naZDPXmOwmh8lpcpncJo/Ja6wh4wyb2OQz+U3SXGsKmOtMQVPIFDZFjDdFTTFz/e/O/635NTFNTFPT1DQzzUwL08K0NC1NK9PKtDatTRvTxrQ1bU070860N+1NB9PBdDQdTWfT2XQxXUwAgO6mu+lpnje9TG/Tx/Q1/cwLpr/pbwaYAWagGWgGm8FmiBlihpqhZpgZZkaYEWakGWlGm9FmrBlrxpvxZoKZYCaaiWaSmWQmm8lmqplqppvpZoaZYWaZWWa2mW3mmDlmnplnFpgFZqFZaBabxWaJWWKWmmVmmVlhVphVZpVZY9aYdWad2WA2mE1mk1lqfvmA5g6zw+wyu8wes8fsNXvNPrPP7Df7zQFzwBw0B80hc8gcNofNEXPEHDVHzTFzzBw3x80Jc8KcMqfMaXPanDFnzDlzzpw3580Fc8FcNBdTT/siFanIRCZKF6WLUqKUKGOUMcoUZYoyR5mjRJSIskZZo2zRNVH2KEeUM8oV5Y7yRHkjG1HkIo7iKF+UP0pG10YFouuiglGhqHBUJPJR0ahYdH1UPLohKhHdGJWMbopKRTdHpaMyUdmoXHRLVD66NaoQ3RZVjG6PKkWVoypR1eiOqFp0Z1Q9uiuqEd0d1YzuiWpF90a1o/uiOtH9Ud3ogahe9GBUP3ooahA1jBpFjaMmf+j4IZzJ8YjvarvZ7raH7Wmft71sb9vH9rX97Au2v33RDrAv2YF2kB1sX7ZD7Ct2qH3VDrPD7Qj7mh1pR9nRdowda8fZ8fZ1O8G+YSfaN+0k+5adbKfYqXaanW7ftjPsTDvLvmNn23ftHDvXzrPz7QL7nl1oF9nF9n27xH5gl9pldrldYVfaVXa1XWPX2nV2vd1gN9pNdrPdYrfaD+02u93usDvtLrvb7rEf2b32Y7vPfmL320/tAftne9B+Zg/Zz+1h+4U9Yr+0R+1X9pj92h6339gT9qQ9Zb+1p+139ow9a8/Z7+15+4O9YH+0F21IPblPfXsnQ4bSUTpKoRTKSBkpE2WizJSZEpSgrJSVslE2yk7ZKSflpNyUm/JSXkrFxJSP8lGSklSAClBBKkiFqTB58lSMilFxKk4lqASVpJJUikpRaSpNZSn1euQWupVupdvoNrqdbqfKVJmqUlWqRtWoOlWnGlSDalJNqkW1qDbVpjpUh+pSXapH9ag+1acG1IAaUSNqQk2oKTWlZtSMWlALakktqRW1otbUmtpQG2pLbakdtaP21J46UAfqSB2pM3WmLtSFulJX6k7dqSf1pF7Ui/pQH+pH/ag/9acBNIAG0kAaTINpCA2hoTSUhtFwGkGv0UgaRaNpDI2lcTSextMEmkATaSJNokk0mSbTVJpK02k6zaAZNItm0WyaTXNoDs2jebSAFtBCWkiLaTEtoSW0lJbSclpOK2klrabVtJbW0npaTxtpI22mzbSVttI22kY7aAftol20h/bQXtpL+2gf7af9dIAO0EE6SIfoEB2mw3SEjtBROkrH6Bgdp+N0gk7gKTpFp+k0naEzdI7O0Xn6gS7Qj3SRAqW4DC6ju8Jlcle6zC6LS3EZugHAX+OcLpfL7fK4vM667C7H38XknCvoCrnCrojzrqgr5q7/VVzalXFlXTl3iyvvbnUVfhVXc3e66u4uV8Pd7aq6O/4urunucbXcg662e8jVcQ1dXdfY1XMPuvruIdfANXSNXGPX0j3mWrnHXWv3hGvjnvxVvNAtcmvdOrfebXB73cfunPveHXVfufPuB9fVdXP93Auuv3vRDXAvuYFu0K/iEe41N9KNcqPdGDfWjftVPNlNcVPdNDfdve1muJm/ihe499xst9jNcXPdPDf/pzh1Tovd+26J+8AtdcvccrfCrXSr3Gq35q9zXeE2uc1ui9vjPnLb3Ha3w+10u9zun+LUdexzn7j97lN3xH3pDrrP3CF3zB12X/wUp67vmPvaHXffuBPupDvlvnWn3XfujDv70/pT1/6t+9FddMEBIyvWbDjidJyeUzgDZ+QrOBNfyZk5Cyf4Ks7KV3M2voazcw7Oybk4N+fhvGyZ2DFzzPk4Pyf5Wi7A13FBLsSFuQh7LsrF+HouzjdwCb6RS/JNXIpv5tJchstyOb6Fy/OtXIFv44p8O1fiylyFq/IdXI3v5Op8F9fgu7km38O1+F6uzfdxHb6f6/IDXI8f5Pr8EDfghtyIG3MTfpib8iPcjJtzC36UW/Jj3Iof59b8BLfhJ7ktP8Xt+GlOfcXpwM9wR+7EnflZ7sLPcVfuxt25B/fk57kX9+Y+3Jf78Qvcn1/kAfwSD+RBPJhf5iH8Cg/lV3kYD+cR/BqP5FE8msfwWB7H4/l1nsBv8ER+kyfxWzyZp/BUnsbT+W2ewTN5Fr/Ds/ldnsNzeR7P5wX8Hi/kRbyY3+cl/AEv5WW8nFfwSl7Fq3kNr+V1vJ438EbexJt5C2/lD3kbb+cdvJN38W7ewx/xXv6Y9/EnvJ8/5QP8Zz7In/Eh/pwP8xd8hL/ko/wVH+Ov+Th/wyf4JJ/ib/k0f8dn+Cyf4+/5PP/AF/hHvsiBIcZYxTo2cRSni9PHKXGGOGN8RZwpvjLOHGeJE/FVcdb46jhbfE2cPc4R54xzxbnjPHHe2MYUu5jjOM4X54+T8bVxgfi6uGBcKC4cF4l9XDQuFl8fF49viEvEN8Yl45viUvHNcem4TFw2LhffEpePb40rxLfFFePb40px5bhKXDW+I64W3xlXj++Ka8R3xyXie+Ja8b1x7fi+uE58f1w3fiCuFz8Y148fihvEDeNGceO4Sfxw3DR+JG4WN49bxI/GLePH4lbx43Hr+Im4Tfzkb/Z3j3vEPePn4+fjEO7S85LzkwuS7yUXJhclFyffTy5JfpBcmlyWXJ5ckVyZXJVcnVyTXJtcl1yf3JDcmNyU3Jzckgyhanrw6JXX3vjIp/PpfYrP4DP6K3wmf6XP7LP4hL/KZ/VX+2z+Gp/d5/A5fS6f2+fxeb315J1nH/t8Pr9P+mt9AX+dL+gL+cK+iPe+qC/mG/smvolv6h/xzXxz38I/6h/1j/nH/OP+cf+Eb+Of9G39U76df9q393/yf/LP+I6+k+/sn/Vd/HO+q+/mu/vuvqfv6Xv5Xr6P7+P7+X6+v+/vB/gBfqAf6Af7wX6IH+KH+qF+mB/mR/gRfqQf6Uf70X6sH+vH+/F+gp/gJ/qJfpKf5Cf7yX6qn+qn++l+hp/hZ/lZfraf7ef4OX6en+cX+AV+oV/oF/vFfolf4pf6pX65X+5X+pV+tV/t1/q1fr1f7zf6jX6z3+y3+q1+m9/md/gdfpff5ff4PX6v3+v3+X1+v9/vD/gD/qA/6A/5z/1h/4U/4r/0R/1X/pj/2h/33/gT/qQ/5b/1p/13/ow/68/57/15/4O/4H/0F33w4xOvJyYk3khMTLyZmJR4KzE5MSUxNTEtMT3xdmJGYmZiVuKdxOzEu4k5ibmJeYn5iQWJ9xILE4sSixPvJ5YkPkgsTSxLLE+sSKxMrEqEkGdbHPKF/CEZrg0FwnWhYCgUCociwYeioVi4PhQPN4QS4cZQMtwUSoWbQ+lQJpQND4UGoWFoFBqHJuHh0DQ8EpqF5qFFeDS0DI+FVuHx0Do8EdqEJ0Pb8FRoF54O7cOfQofwTOgYOoXO4dnQJTwXuoZuoXvoEXqG50Ov0Dv0CX1Dv/BC6B9eDAPCS2FgGBQGh5fDkPBKGBpeDcPC8DAivBZGhlFhdBgTxoZxYXx4PUwIb4SJ4c0waV6Gn28Ph2lheng7zAgzw6zwTpgd3g1zwtwwL8wPC8J7YWFYFBaH98OS8EFYGpaF5WFFWBlWhdVhTVgb1oX1YUPYGDaFzWFL2Bo+DNvC9rAj7Ay7wu6wJ3wU9oaPw77wSdgfPg0Hwp/DwfBZOBQ+D4fDF+FI+DIcDV+FY+HrcDx8E06Ek+FU+DacDt+FM+FsOBe+D+fDD+FC+DFclO+sCSGEEEL8S/Rv9Pf4b3LUX9o9AeDK7bkO/9f+jdl/bvdOn7tlAgCe6Nbh/l+2SpW6d+/+l32XaojyzwWAxKX8dHApXgYt4DFoDc2h+F/7U/7mWL1Vp/P8z8bvAVHyJoCMf5OTmv9LfGn8G/7h+nurUbP/6fgaouRcgIL5L+Wknjn/El8av8R/M36Opr8xfobPxgM0+5ucTHApvjR+MXgEnoTWf7enEEIIIYQQQgjxs96qbLvfur5NvT7PbS7lpIdL8T+6PhdCCCGEEEIIIcT/Lk936vz4w61bN28njV81Av4h44QsPz/Vl3s5/7MNAIT/BdOQxv9t43K/MgkhhBBCCCH+aJdO+n+Of+v7AEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhPjj/U/8nNgvx5LfFhBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJFW/Z8AAAD//x/sMrQ=")
truncate(&(0x7f0000000040)='./file1\x00', 0x1bfc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)

599.859821ms ago: executing program 4 (id=853):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f00000001c0)={[{@shortname_winnt}, {@numtail}, {@uni_xlateno}, {@shortname_winnt}, {@uni_xlateno}, {@fat=@codepage={'codepage', 0x3d, '863'}}, {@rodir}, {@shortname_mixed}, {@rodir}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-15'}}, {@uni_xlate}, {@utf8no}]}, 0x81, 0x2ae, &(0x7f0000001980)="$eJzs3c+KI0UYAPCvJ52ZjArJwZMINujB07CzT7BBRljMSemDXlTcLMgkLEwgsCrGPXkXPPkOvoMP4MU38OBR8OYexJakO3+nM2wkZmX297vM11X1VVdV18xAoCufvD68fPBo9PDJV79Gq5XE0b24F0+T6MRRzH0TAMBt8rQo4o+iFHF8Y9t0Vl+0q6ujw4wQANi39f//AMCL4IMPP3qv2+tdvJ9lrYjht+M8iYhhMs7L+u7D+DwG0Y870Y6/IoqFMn7lfu8i0iybfxgwPo08Yvjxz9V19/eIWf55tKNzPf/d+72L86wUbw0n43x65+nPZryURHSLpOzobrTj1YiiGVUny/y7NfmRH8fbb/5Qjf/vfpxFO375LB7FIB7Muljmf32eZe8U3//5ZTmDPCKZjPOTWbulonGwhwIAAAAAAAAAAAAAAAAAAAAAwK13li10Vs/PmZ8GeHZWXz87H6hRcz5QdcLPZOV8nTtZls2P8RnnzSjz03gtjfS5Th4AAAAAAAAAAAAAAAAAAAD+J0aPv7j8dDDoX60FPxWbJTVB9UZ/VCXpSlW6XnVzPzXB5Y8Ru2c9SxCNamiD5Not5hN65g7T7Y1PdhnYaV0/cbRtDdNBlIP/bvdFeGOnCU6D4l+s83x3TTfJDY0bMXrcqt8kKzvztOrsajR7QKfbNu16UNQsXWNr1vGe9tjxy/vdtNMZNxeLud6mNX2SKyXNPf+mbEj+iz8/AAAAAAAAAAAAAAAAAADAiuVLv/Hbtconz2VIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBwy+//XwTR2SzZDCZVcr8ufSM4uRrV3LZz4GkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwy/0TAAD//0dFVzc=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

485.074952ms ago: executing program 2 (id=854):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_DISABLE(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000700)={0x14, r1, 0x1, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000044)

276.126595ms ago: executing program 2 (id=855):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x9)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()

269.843645ms ago: executing program 4 (id=856):
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000040)='./file1\x00', 0x2810880, &(0x7f0000000000)=ANY=[], 0x8b, 0x2a7, &(0x7f0000000180)="$eJzs3U9P1EAYx/HftMuyCGIVjInxYFCiJwN4MV5IDPE1eNGo7JoQNxAVE/Ui8Wx8Ad69+AJ8EZ6MiWc9efIFcKuZ2Vl2yrZbWEIr8ftJFsp2/jzTdtt5miwVgP/WnbWfn27+ti8jxYol3ZYiu+qyGpLO60Lr5eb2xna30x7VUCy15F5GcjXNUJn1zU5eVVvP1fAS+1dDM+F7OB5pmqa/6g4CdWr533Heykia9J/OOCx8ku3E0k7dQdTM7GpXrzRbdxwAgHqZ3vU98tf5GT9/jyJp0V/2w+v/j9M1x3s017Rbdwg1C67/LstKjd2/Z9yqQb7nUji7PupniYftx04em+odWZkJpslmlcPJooslmnqy0e3cWN/qtiO906oXFJuXtKq2z1m9kmgXcrrLaurgrY0w7cYwYcewUhD/XF6n4/dYznw138wDk+ij2nvzv0ZqbPcugmRvT92dGMS/VNTc1rP7rlavVMEoz7pOLmY37MhRxkUZifyWSmNlbxAk2TibubWa2lerN7rlop58O3O5tVZKas3bWp+DWoOjubjmcTMfzD2zoD/6orVg/h/Zrb2o4U9mfiOupD8y+uPJzQ0brmQSvrVzKbfNaLzxYCzv9Vi3NPvi9Zunj7rdzvOqF2wMlXfKQm+hfxD8K/GMt2DPsftXNarpvXnkTdfSoQoPjzRc6J86D9Bg/yRd2mktZyVUbLDTi8u8rTIgVM2ePEwv/wvylSWXItkfyYh5elo2bQtaXM7JDSb3Cp4KWjL+/nxxBjRdnMEdNOe6cl26GrxZknMlOidNjRzrSWLW9F0Puf8PAAAAAAAAAAAAAAAAAABw0lTxbY2gO/6jDwAAAAAAAAAAAAAAAAAAAAAAYyh+/m9Lx/j838z3AHj+L1CPvwEAAP//pAVz+Q==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x0)
read$FUSE(r0, &(0x7f0000000f80)={0x2020}, 0x2020)

121.816028ms ago: executing program 2 (id=857):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x2, 0x0)
tkill(r0, 0x13)

95.763838ms ago: executing program 0 (id=858):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_SET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)={0x34, r1, 0x1, 0x0, 0x0, {0x2d}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)

0s ago: executing program 4 (id=859):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
connect$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0xb, 0xfffffffb}, 0x20)

kernel console output (not intermixed with test programs):

ted capacity change from 0 to 64
[   88.768824][ T4538] netlink: 8 bytes leftover after parsing attributes in process `syz.3.84'.
[   88.786259][ T4537] loop4: detected capacity change from 0 to 1024
[   88.921806][ T4540] loop2: detected capacity change from 0 to 512
[   88.932778][ T4537] hfsplus: bad catalog entry type
[   88.947058][ T4540] EXT4-fs: Ignoring removed mblk_io_submit option
[   89.018289][ T4540] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   89.101649][ T4547] tmpfs: Bad value for 'mpol'
[   89.167101][ T4549] netlink: 'syz.1.88': attribute type 3 has an invalid length.
[   89.185405][ T4257] EXT4-fs (loop2): unmounting filesystem.
[   89.478928][ T4561] Bluetooth: MGMT ver 1.22
[   89.706962][ T4571] netlink: 4 bytes leftover after parsing attributes in process `syz.0.101'.
[   89.871416][ T4575] loop1: detected capacity change from 0 to 256
[   89.900632][ T4576] vivid-004: =================  START STATUS  =================
[   89.920783][ T4576] vivid-004: Radio HW Seek Mode: Bounded
[   89.928018][ T4576] vivid-004: Radio Programmable HW Seek: false
[   89.935251][ T4576] vivid-004: RDS Rx I/O Mode: Block I/O
[   89.940879][ T4576] vivid-004: Generate RBDS Instead of RDS: false
[   89.954003][ T4576] vivid-004: RDS Reception: true
[   89.959025][ T4576] vivid-004: RDS Program Type: 0 inactive
[   89.971512][ T4580] loop0: detected capacity change from 0 to 1024
[   90.006790][ T4576] vivid-004: RDS PS Name:  inactive
[   90.042669][ T4576] vivid-004: RDS Radio Text:  inactive
[   90.083404][ T4576] vivid-004: RDS Traffic Announcement: false inactive
[   90.133709][ T4576] vivid-004: RDS Traffic Program: false inactive
[   90.180880][ T4576] vivid-004: RDS Music: false inactive
[   90.213743][ T4576] vivid-004: ==================  END STATUS  ==================
[   90.319276][ T4586] netlink: 'syz.1.108': attribute type 3 has an invalid length.
[   90.393583][ T4586] netlink: 666 bytes leftover after parsing attributes in process `syz.1.108'.
[   90.765978][ T4601] loop0: detected capacity change from 0 to 128
[   90.833302][ T4601] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   90.855617][ T4601] ext4 filesystem being mounted at mnt:[4026533374] supports timestamps until 2038-01-19 (0x7fffffff)
[   90.870027][ T4602] loop4: detected capacity change from 0 to 4096
[   90.920825][ T4601] EXT4-fs (loop0): unmounting filesystem.
[   91.015858][ T4602] ntfs: volume version 3.1.
[   91.324362][ T4611] loop2: detected capacity change from 0 to 4096
[   91.362071][ T4611] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512)
[   91.553641][ T4264] Bluetooth: hci0: command 0x0401 tx timeout
[   91.561646][ T4252] Bluetooth: hci0: Opcode 0x0401 failed: -110
[   91.652248][ T4609] loop1: detected capacity change from 0 to 40427
[   91.745281][ T4609] F2FS-fs (loop1): Found nat_bits in checkpoint
[   91.837617][ T4628] loop3: detected capacity change from 0 to 512
[   91.852498][ T4621] loop4: detected capacity change from 0 to 4096
[   91.866618][ T4621] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[   91.888319][ T4628] EXT4-fs: Ignoring removed i_version option
[   91.907590][ T4621] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[   91.948762][ T4621] ntfs: (device loop4): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[   91.971858][ T4621] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute.  deltaxcn = 0x1, max_cluster = 0x0
[   91.984177][ T4621] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt mapping pairs array in non-resident attribute.
[   92.009012][ T4628] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   92.017842][ T4621] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0x1, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[   92.023918][ T4609] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   92.046316][ T4628] ext4 filesystem being mounted at /22/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.143652][ T4621] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute.  deltaxcn = 0x1, max_cluster = 0x0
[   92.167839][ T4628] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #4: comm syz.3.125: corrupted inode contents
[   92.180009][ T4621] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt mapping pairs array in non-resident attribute.
[   92.226190][ T4628] EXT4-fs (loop3): Remounting filesystem read-only
[   92.242331][ T4628] EXT4-fs error (device loop3): ext4_dirty_inode:6089: inode #4: comm syz.3.125: mark_inode_dirty error
[   92.244723][ T4621] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0x1, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5).
[   92.273852][ T4628] EXT4-fs (loop3): Remounting filesystem read-only
[   92.281114][ T4628] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #4: comm syz.3.125: corrupted inode contents
[   92.296692][ T4638] loop2: detected capacity change from 0 to 64
[   92.344997][ T4628] EXT4-fs (loop3): Remounting filesystem read-only
[   92.351588][ T4628] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #4: comm syz.3.125: mark_inode_dirty error
[   92.377205][ T4249] syz-executor: attempt to access beyond end of device
[   92.377205][ T4249] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   92.380291][ T4621] ntfs: (device loop4): check_mft_mirror(): Failed to read $MFTMirr.
[   92.469429][ T4621] ntfs: volume version 3.1.
[   92.475146][ T4628] EXT4-fs (loop3): Remounting filesystem read-only
[   92.482320][ T4628] EXT4-fs error (device loop3): ext4_acquire_dquot:6802: comm syz.3.125: Failed to acquire dquot type 1
[   92.500875][ T4628] EXT4-fs (loop3): Remounting filesystem read-only
[   92.602497][ T4257] hfs: node 4:3 still has 1 user(s)!
[   92.694777][ T4255] EXT4-fs (loop3): unmounting filesystem.
[   92.862533][ T4647] netlink: 64 bytes leftover after parsing attributes in process `syz.3.133'.
[   92.897445][ T4647] netlink: 40 bytes leftover after parsing attributes in process `syz.3.133'.
[   93.268709][ T4660] tipc: Started in network mode
[   93.293607][ T4660] tipc: Node identity aaaaaaaaaa3, cluster identity 4711
[   93.334112][ T4660] tipc: Enabled bearer <eth:ipvlan0>, priority 12
[   93.450405][ T4666] loop0: detected capacity change from 0 to 16
[   93.503148][ T4666] erofs: (device loop0): mounted with root inode @ nid 36.
[   94.126853][ T4681] loop2: detected capacity change from 0 to 512
[   94.194193][ T4681] EXT4-fs: Ignoring removed mblk_io_submit option
[   94.200790][ T4683] loop3: detected capacity change from 0 to 256
[   94.257082][ T4683] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[   94.322640][ T4681] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.149: invalid indirect mapped block 10 (level 1)
[   94.345133][ T4251] tipc: Node number set to 10136234
[   94.350907][ T4661] loop1: detected capacity change from 0 to 40427
[   94.388872][ T4690] loop0: detected capacity change from 0 to 512
[   94.429718][ T4690] EXT4-fs (loop0): orphan cleanup on readonly fs
[   94.433962][ T4681] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.149: invalid indirect mapped block 8 (level 1)
[   94.438029][ T4690] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #3: comm syz.0.153: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   94.470948][ T4661] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x3ffff
[   94.473695][ T4681] EXT4-fs (loop2): 1 truncate cleaned up
[   94.506459][ T4661] F2FS-fs (loop1): invalid crc value
[   94.520353][ T4681] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   94.570764][ T4690] EXT4-fs error (device loop0): ext4_quota_enable:6996: comm syz.0.153: Bad quota inode: 3, type: 0
[   94.583024][ T4661] F2FS-fs (loop1): Found nat_bits in checkpoint
[   94.612883][ T4690] EXT4-fs warning (device loop0): ext4_enable_quotas:7037: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   94.662658][ T4698] loop3: detected capacity change from 0 to 64
[   94.680331][ T4690] EXT4-fs (loop0): Cannot turn on quotas: error -117
[   94.710279][ T4690] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   94.771476][ T4257] EXT4-fs (loop2): unmounting filesystem.
[   94.852116][ T4661] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   94.938281][ T4266] EXT4-fs (loop0): unmounting filesystem.
[   95.327870][ T4715] loop0: detected capacity change from 0 to 128
[   95.492181][ T4715] process 'syz.0.172' launched './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   95.499663][ T4715] ERROR: Domain '<kernel> /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /usr/sbin/sshd /usr/sbin/sshd /bin/sh /root/syz-executor /root/syz-executor /newroot/36/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   95.726328][ T4723] loop1: detected capacity change from 0 to 16
[   96.070313][ T4723] erofs: (device loop1): mounted with root inode @ nid 36.
[   96.212256][ T4730] loop2: detected capacity change from 0 to 32768
[   96.223687][ T4733] loop0: detected capacity change from 0 to 1024
[   96.231112][ T4734] loop4: detected capacity change from 0 to 1024
[   96.257647][ T4730] Dev loop2 Sun disklabel: Csum bad, label corrupted
[   96.286496][ T4733] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   96.298083][ T4730]  loop2: unable to read partition table
[   96.304141][ T4730] loop_reread_partitions: partition scan of loop2 () failed (rc=-5)
[   96.358938][ T3623] Dev loop2 Sun disklabel: Csum bad, label corrupted
[   96.374293][ T3623]  loop2: unable to read partition table
[   96.386720][ T4733] EXT4-fs error (device loop0): ext4_lookup:1850: inode #2: comm syz.0.170: bad inode number: 6
[   96.491540][ T4733] EXT4-fs (loop0): Remounting filesystem read-only
[   96.518345][ T4741] program syz.3.174 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   96.690706][ T4266] EXT4-fs (loop0): unmounting filesystem.
[   96.962715][ T4753] loop2: detected capacity change from 0 to 128
[   97.006100][ T4753] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   97.041805][ T4753] ext4 filesystem being mounted at /31/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   97.073728][    C1] vkms_vblank_simulate: vblank timer overrun
[   97.299518][ T4257] EXT4-fs (loop2): unmounting filesystem.
[   97.512741][ T4745] loop3: detected capacity change from 0 to 32768
[   97.569399][ T4752] loop1: detected capacity change from 0 to 40427
[   97.581344][ T4745] XFS (loop3): Mounting V5 Filesystem
[   97.593303][ T4752] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x3ffff
[   97.615429][ T4752] F2FS-fs (loop1): invalid crc value
[   97.633031][ T4752] F2FS-fs (loop1): Found nat_bits in checkpoint
[   97.635255][ T4770] loop2: detected capacity change from 0 to 256
[   97.697266][ T4745] XFS (loop3): Ending clean mount
[   97.721504][ T4770] FAT-fs (loop2): Directory bread(block 64) failed
[   97.732506][ T4770] FAT-fs (loop2): Directory bread(block 65) failed
[   97.739240][ T4745] XFS (loop3): Quotacheck needed: Please wait.
[   97.742423][ T4752] F2FS-fs (loop1): Start checkpoint disabled!
[   97.765669][ T4770] FAT-fs (loop2): Directory bread(block 66) failed
[   97.780461][ T4770] FAT-fs (loop2): Directory bread(block 67) failed
[   97.787719][ T4770] FAT-fs (loop2): Directory bread(block 68) failed
[   97.801101][ T4770] FAT-fs (loop2): Directory bread(block 69) failed
[   97.801632][ T4745] XFS (loop3): Quotacheck: Done.
[   97.803759][ T4752] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   97.836713][ T4770] FAT-fs (loop2): Directory bread(block 70) failed
[   97.852368][ T4770] FAT-fs (loop2): Directory bread(block 71) failed
[   97.854297][   T26] kauditd_printk_skb: 19 callbacks suppressed
[   97.854316][   T26] audit: type=1800 audit(1744351109.886:7): pid=4745 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.177" name="file2" dev="loop3" ino=1063 res=0 errno=0
[   97.868394][ T4770] FAT-fs (loop2): Directory bread(block 72) failed
[   97.924417][ T4770] FAT-fs (loop2): Directory bread(block 73) failed
[   97.989021][ T4255] XFS (loop3): Unmounting Filesystem
[   98.066143][ T4774] syz.0.184 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   98.443926][ T4780] netlink: 12 bytes leftover after parsing attributes in process `syz.4.188'.
[   98.610712][ T4786] loop3: detected capacity change from 0 to 512
[   98.665456][ T4786] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   98.771500][ T4786] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   98.782509][ T4786] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.911416][ T4800] tipc: Started in network mode
[   98.917190][ T4800] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711
[   98.940784][ T4797] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[   98.978914][ T4800] tipc: Enabled bearer <udp:syz0>, priority 10
[   99.156972][ T4255] EXT4-fs (loop3): unmounting filesystem.
[   99.206580][ T4811] capability: warning: `syz.4.201' uses deprecated v2 capabilities in a way that may be insecure
[   99.332740][ T4815] loop3: detected capacity change from 0 to 512
[   99.423057][ T4815] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   99.440344][ T4815] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.570321][ T4255] EXT4-fs (loop3): unmounting filesystem.
[   99.844113][ T4836] loop3: detected capacity change from 0 to 1024
[   99.891742][ T4836] EXT4-fs: Ignoring removed i_version option
[   99.939960][ T4836] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  100.043635][ T4256] tipc: Node number set to 4269801491
[  100.062148][ T4844] loop1: detected capacity change from 0 to 1024
[  100.082242][   T26] audit: type=1800 audit(1744351112.116:8): pid=4836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.208" name="bus" dev="loop3" ino=18 res=0 errno=0
[  100.109540][ T4844] EXT4-fs: Ignoring removed mblk_io_submit option
[  100.116396][ T4836] EXT4-fs error (device loop3): ext4_get_first_dir_block:3605: inode #11: comm syz.3.208: directory missing '..'
[  100.163572][ T4844] EXT4-fs: Ignoring removed nomblk_io_submit option
[  100.227010][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  100.251827][ T4844] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  100.629054][ T4857] loop3: detected capacity change from 0 to 4096
[  100.688189][ T4857] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  100.709646][ T4249] EXT4-fs (loop1): unmounting filesystem.
[  100.834191][ T4857] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  101.050476][ T4852] loop0: detected capacity change from 0 to 32768
[  101.094411][ T4867] loop1: detected capacity change from 0 to 4096
[  101.110002][ T4852] XFS: ikeep mount option is deprecated.
[  101.159479][ T4349] ntfs3: loop3: ntfs3_write_inode r=5 failed, -22.
[  101.187598][ T4255] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22.
[  101.277154][ T4879] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  101.296861][ T4852] XFS (loop0): Mounting V5 Filesystem
[  101.384636][ T4886] loop4: detected capacity change from 0 to 64
[  101.423686][ T4887] loop3: detected capacity change from 0 to 1024
[  101.484895][ T4852] XFS (loop0): Ending clean mount
[  101.511633][   T26] audit: type=1800 audit(1744351113.546:9): pid=4887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.225" name="file2" dev="loop3" ino=22 res=0 errno=0
[  101.526056][ T4251] XFS (loop0): Metadata CRC error detected at xfs_inobt_read_verify+0x39/0xc0, xfs_finobt block 0x20 
[  101.575996][ T4251] XFS (loop0): Unmount and run xfs_repair
[  101.618643][ T4251] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  101.638892][ T4251] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  101.673317][    T9] hfsplus: b-tree write err: -5, ino 4
[  101.690744][ T4251] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40  ....... .......@
[  101.726054][ T4251] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a  ...B..N....xv...
[  101.753545][ T4251] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37  .......F......@7
[  101.765335][ T4251] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  101.774831][ T4251] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00  ................
[  101.803497][ T4251] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  101.817798][ T4251] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  101.825220][ T4896] netlink: 320 bytes leftover after parsing attributes in process `syz.3.231'.
[  101.833863][ T4852] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x20 len 8 error 74
[  101.835898][ T4256] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  101.877873][ T4852] XFS (loop0): Failed to initialize disk quotas.
[  101.941090][  T954] XFS (loop0): Metadata CRC error detected at xfs_inobt_read_verify+0x39/0xc0, xfs_finobt block 0x20 
[  101.975145][  T954] XFS (loop0): Unmount and run xfs_repair
[  101.981268][  T954] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  102.013209][  T954] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  102.042912][  T954] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40  ....... .......@
[  102.081361][  T954] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a  ...B..N....xv...
[  102.092406][ T4901] program syz.3.233 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  102.093862][ T4256] usb 3-1: Using ep0 maxpacket: 16
[  102.113669][  T954] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37  .......F......@7
[  102.131437][ T4256] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  102.144224][  T954] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  102.164828][  T954] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00  ................
[  102.173885][ T4256] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  102.185458][ T4903] sctp: [Deprecated]: syz.1.234 (pid 4903) Use of int in max_burst socket option.
[  102.185458][ T4903] Use struct sctp_assoc_value instead
[  102.201494][  T954] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  102.210504][ T4256] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  102.223660][  T954] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  102.232618][ T4852] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x20 len 8 error 74
[  102.242800][ T4256] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  102.271156][ T4256] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.314144][ T4256] usb 3-1: config 0 descriptor??
[  102.342358][  T954] XFS (loop0): Metadata CRC error detected at xfs_inobt_read_verify+0x39/0xc0, xfs_finobt block 0x20 
[  102.365337][  T954] XFS (loop0): Unmount and run xfs_repair
[  102.371275][  T954] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  102.381884][  T954] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  102.391602][  T954] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40  ....... .......@
[  102.401824][  T954] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a  ...B..N....xv...
[  102.411010][  T954] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37  .......F......@7
[  102.420183][  T954] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  102.430133][  T954] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00  ................
[  102.474216][  T954] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  102.487789][  T954] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  102.497105][ T4899] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x20 len 8 error 74
[  102.564606][ T4894] loop4: detected capacity change from 0 to 32768
[  102.587196][ T4266] XFS (loop0): Unmounting Filesystem
[  102.598806][ T4894] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop4 scanned by syz.4.230 (4894)
[  102.667885][ T4894] BTRFS info (device loop4): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  102.680354][ T4894] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  102.696376][ T4894] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8)
[  102.712864][ T4894] BTRFS info (device loop4): use lzo compression, level 0
[  102.721101][ T4894] BTRFS info (device loop4): using free space tree
[  102.791914][ T4256] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0
[  102.799963][ T4256] microsoft 0003:045E:07DA.0002: ignoring exceeding usage max
[  102.817668][ T4256] microsoft 0003:045E:07DA.0002: No inputs registered, leaving
[  102.833357][ T4256] microsoft 0003:045E:07DA.0002: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  102.845414][ T4256] microsoft 0003:045E:07DA.0002: no inputs found
[  102.851811][ T4256] microsoft 0003:045E:07DA.0002: could not initialize ff, continuing anyway
[  102.972450][ T4251] usb 3-1: USB disconnect, device number 2
[  103.200507][ T4262] BTRFS info (device loop4): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  103.246676][ T4931] loop3: detected capacity change from 0 to 4096
[  103.751877][ T4942] loop1: detected capacity change from 0 to 512
[  103.770122][ T4944] loop2: detected capacity change from 0 to 1024
[  103.839856][ T4942] EXT4-fs: Ignoring removed mblk_io_submit option
[  103.856428][ T4948] loop4: detected capacity change from 0 to 16
[  103.874487][ T4948] erofs: (device loop4): mounted with root inode @ nid 36.
[  103.907851][ T4944] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  103.939522][ T4942] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 2: comm syz.1.244: invalid block
[  104.035648][ T4942] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.244: invalid indirect mapped block 10 (level 1)
[  104.056637][ T4942] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.244: invalid indirect mapped block 8 (level 1)
[  104.086714][ T4942] EXT4-fs (loop1): 1 truncate cleaned up
[  104.092457][ T4942] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  104.163857][ T4930] loop0: detected capacity change from 0 to 32768
[  104.166240][ T4257] EXT4-fs (loop2): unmounting filesystem.
[  104.184385][ T4930] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.247 (4930)
[  104.230550][ T4930] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  104.259108][ T4249] EXT4-fs (loop1): unmounting filesystem.
[  104.269962][ T4930] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  104.323843][ T4930] BTRFS info (device loop0): doing ref verification
[  104.335723][ T4930] BTRFS info (device loop0): turning off barriers
[  104.399675][ T4930] BTRFS info (device loop0): max_inline at 0
[  104.414771][ T4256] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  104.429527][ T4930] BTRFS info (device loop0): turning on sync discard
[  104.483608][ T4930] BTRFS info (device loop0): force clearing of disk cache
[  104.490857][ T4930] BTRFS info (device loop0): using free space tree
[  104.606311][ T4256] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.623528][ T4256] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.643541][ T4256] usb 4-1: New USB device found, idVendor=0079, idProduct=1846, bcdDevice= 0.00
[  104.663604][ T4256] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.694452][ T4256] usb 4-1: config 0 descriptor??
[  104.898473][ T4930] BTRFS info (device loop0): enabling ssd optimizations
[  104.930912][ T4930] BTRFS info (device loop0): rebuilding free space tree
[  105.135613][ T4256] hid_mf 0003:0079:1846.0003: unknown main item tag 0x0
[  105.142650][ T4256] hid_mf 0003:0079:1846.0003: unknown main item tag 0x0
[  105.180417][ T4256] hid_mf 0003:0079:1846.0003: unknown main item tag 0x0
[  105.208997][ T4256] hid_mf 0003:0079:1846.0003: hidraw0: USB HID v0.00 Device [HID 0079:1846] on usb-dummy_hcd.3-1/input0
[  105.230650][ T4256] hid_mf 0003:0079:1846.0003: Invalid report, this should never happen!
[  105.251753][ T4256] hid_mf 0003:0079:1846.0003: Force feedback init failed.
[  105.385790][ T4256] usb 4-1: USB disconnect, device number 2
[  105.463831][ T4266] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  105.500638][ T4965] loop2: detected capacity change from 0 to 32768
[  105.603231][ T4965] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop2 scanned by syz.2.249 (4965)
[  105.755930][ T4965] BTRFS info (device loop2): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  105.839100][ T4965] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  105.923567][ T4965] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[  105.943397][ T4965] BTRFS info (device loop2): use lzo compression, level 0
[  105.950628][ T4965] BTRFS info (device loop2): using free space tree
[  105.959678][ T4979] loop4: detected capacity change from 0 to 32768
[  105.990580][ T4979] XFS: ikeep mount option is deprecated.
[  106.123108][ T4979] XFS (loop4): Mounting V5 Filesystem
[  106.298682][ T4979] XFS (loop4): Ending clean mount
[  106.328387][ T4996] loop1: detected capacity change from 0 to 32768
[  106.328980][ T4979] XFS (loop4): Quotacheck needed: Please wait.
[  106.351926][ T4996] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.255 (4996)
[  106.382893][ T4996] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  106.438076][ T4979] XFS (loop4): Quotacheck: Done.
[  106.453799][ T4996] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  106.503386][ T4996] BTRFS info (device loop1): enabling disk space caching
[  106.535284][ T4996] BTRFS info (device loop1): enabling auto defrag
[  106.557761][ T4996] BTRFS info (device loop1): doing ref verification
[  106.604455][ T4996] BTRFS info (device loop1): use no compression
[  106.643674][ T4996] BTRFS info (device loop1): force clearing of disk cache
[  106.656747][ T5026] loop0: detected capacity change from 0 to 4096
[  106.663248][ T4996] BTRFS info (device loop1): disabling disk space caching
[  106.694930][ T4257] BTRFS info (device loop2): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  106.701631][ T5026] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  106.732430][ T5026] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  106.771653][ T5026] ntfs: (device loop0): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  106.833159][ T5026] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  106.901114][ T5026] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  106.937540][ T4262] XFS (loop4): Unmounting Filesystem
[  106.941623][ T5026] ntfs: volume version 3.1.
[  106.978209][ T5026] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  107.006950][ T5026] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  107.054571][ T5026] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  107.093834][ T5026] ntfs: (device loop0): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute is missing.
[  107.117915][ T4996] BTRFS info (device loop1): enabling ssd optimizations
[  107.124138][ T5026] ntfs: (device loop0): ntfs_read_locked_index_inode(): Failed with error code -2 while reading index inode (mft_no 0x9, name_len 2.
[  107.158052][ T4996] BTRFS info (device loop1): rebuilding free space tree
[  107.212772][ T5053] netlink: 4 bytes leftover after parsing attributes in process `syz.2.258'.
[  107.267502][ T4996] BTRFS info (device loop1): disabling free space tree
[  107.308762][ T4996] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  107.351991][ T4996] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  107.640771][ T5060] loop3: detected capacity change from 0 to 16
[  107.655403][ T5059] loop0: detected capacity change from 0 to 512
[  107.669823][ T5060] erofs: (device loop3): mounted with root inode @ nid 36.
[  107.678314][ T4249] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  107.739841][ T5059] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  108.137109][ T4266] EXT4-fs (loop0): unmounting filesystem.
[  108.271240][ T5069] tipc: Started in network mode
[  108.300679][ T5069] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711
[  108.321846][ T5069] tipc: Enabled bearer <udp:syz0>, priority 10
[  108.363947][   T14] usb 5-1: new low-speed USB device number 2 using dummy_hcd
[  108.581466][ T5079] loop0: detected capacity change from 0 to 64
[  108.589670][   T14] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  108.611605][   T14] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 32, setting to 8
[  108.639216][   T14] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  108.660608][   T14] usb 5-1: New USB device found, idVendor=056a, idProduct=0326, bcdDevice= 0.00
[  108.670305][   T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.694237][   T14] usb 5-1: config 0 descriptor??
[  108.701801][ T5063] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  108.763585][ T4295] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  108.981016][ T4295] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  108.994384][ T4295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.026617][ T4295] usb 3-1: config 0 descriptor??
[  109.171202][   T14] wacom 0003:056A:0326.0004: ignoring exceeding usage max
[  109.193922][ T5097] loop0: detected capacity change from 0 to 4096
[  109.268519][ T5099] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  109.290113][   T14] wacom 0003:056A:0326.0004: Unknown device_type for 'HID 056a:0326'. Ignoring.
[  109.328335][   T14] tipc: Node number set to 4269801491
[  109.445713][   T14] usb 5-1: USB disconnect, device number 2
[  109.457386][ T4295] ath6kl: Unsupported hardware version: 0x0
[  109.499209][ T4295] ath6kl: Failed to init ath6kl core: -22
[  109.566247][ T5103] loop1: detected capacity change from 0 to 164
[  109.604867][ T4295] ath6kl_usb: probe of 3-1:0.0 failed with error -22
[  109.708604][ T5064] usb 3-1: USB disconnect, device number 3
[  109.729785][ T5111] loop0: detected capacity change from 0 to 64
[  109.935010][ T5114] loop3: detected capacity change from 0 to 1024
[  109.998934][ T4327] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  110.020829][ T5114] netlink: 24 bytes leftover after parsing attributes in process `syz.3.284'.
[  110.064766][ T5114] netlink: 16 bytes leftover after parsing attributes in process `syz.3.284'.
[  110.090594][ T5114] netlink: 8 bytes leftover after parsing attributes in process `syz.3.284'.
[  110.117140][ T5114] netlink: 8 bytes leftover after parsing attributes in process `syz.3.284'.
[  110.439040][ T5133] sp0: Synchronizing with TNC
[  110.621217][ T5140] loop4: detected capacity change from 0 to 512
[  110.771128][ T5140] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  110.793717][ T5140] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.041443][ T4262] EXT4-fs (loop4): unmounting filesystem.
[  111.196984][ T5158] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  111.255055][ T5158] batman_adv: batadv0: Adding interface: gretap1
[  111.279162][ T5158] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.329933][ T5064] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  111.373784][ T5158] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  111.384788][ T5127] loop3: detected capacity change from 0 to 32768
[  111.404762][ T5127] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.291 (5127)
[  111.424185][ T5149] loop0: detected capacity change from 0 to 32768
[  111.439946][ T5149] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.299 (5149)
[  111.466222][ T5127] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  111.503676][ T5127] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  111.517103][ T5149] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  111.520561][ T5064] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  111.553844][ T5127] BTRFS info (device loop3): using free space tree
[  111.562964][ T5149] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  111.603656][ T5149] BTRFS info (device loop0): turning on sync discard
[  111.610621][ T5149] BTRFS info (device loop0): setting nodatacow, compression disabled
[  111.621533][ T5064] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  111.673183][ T5149] BTRFS error (device loop0): unrecognized commit_interval value 0x0000000080000001
[  111.697614][ T5064] usb 3-1: New USB device found, idVendor=056a, idProduct=0317, bcdDevice= 0.00
[  111.738881][ T5064] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.785365][ T5064] usb 3-1: config 0 descriptor??
[  111.804694][ T5149] BTRFS error (device loop0): open_ctree failed: -22
[  111.863752][ T5127] BTRFS info (device loop3): enabling ssd optimizations
[  111.943784][ T5186] netlink: 'syz.1.306': attribute type 1 has an invalid length.
[  112.178352][ T4255] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  112.213320][ T5064] wacom 0003:056A:0317.0005: unknown main item tag 0x0
[  112.242694][ T5064] wacom 0003:056A:0317.0005: Unknown device_type for 'HID 056a:0317'. Assuming pen.
[  112.352578][ T5064] wacom 0003:056A:0317.0005: hidraw0: USB HID v0.00 Device [HID 056a:0317] on usb-dummy_hcd.2-1/input0
[  112.405477][ T5064] input: Wacom Intuos Pro L Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0317.0005/input/input9
[  112.550199][ T5064] usb 3-1: USB disconnect, device number 4
[  112.650648][ T5178] loop4: detected capacity change from 0 to 40427
[  112.701261][ T5178] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  112.732894][ T5178] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  112.801942][ T5201] loop1: detected capacity change from 0 to 256
[  112.809361][ T5201] exfat: Deprecated parameter 'namecase'
[  112.815270][ T5201] exfat: Deprecated parameter 'utf8'
[  112.820687][ T5201] exfat: Deprecated parameter 'utf8'
[  112.832731][ T5201] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  112.982352][ T5178] F2FS-fs (loop4): Found nat_bits in checkpoint
[  113.277595][ T5178] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  113.323609][ T5178] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  113.689973][ T5225] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  113.979606][ T5234] loop3: detected capacity change from 0 to 1024
[  114.040845][ T5234] EXT4-fs: Ignoring removed bh option
[  114.064482][ T5234] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  114.141579][ T5237] loop0: detected capacity change from 0 to 1024
[  114.159950][ T5234] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c800e018, mo2=0000]
[  114.194682][ T5237] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  114.288330][ T5237] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  114.310775][ T5234] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 2: comm syz.3.325: lblock 2 mapped to illegal pblock 2 (length 1)
[  114.364006][ T5237] EXT4-fs error (device loop0): ext4_get_journal_inode:5723: inode #5: comm syz.0.327: unexpected bad inode w/o EXT4_IGET_BAD
[  114.386960][ T5234] __quota_error: 4 callbacks suppressed
[  114.386980][ T5234] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  114.409970][ T5237] EXT4-fs (loop0): no journal found
[  114.419947][ T5237] EXT4-fs (loop0): can't get journal size
[  114.445797][ T5234] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 48: comm syz.3.325: lblock 0 mapped to illegal pblock 48 (length 1)
[  114.512257][ T5234] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  114.533596][ T5237] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  114.553667][ T5234] EXT4-fs error (device loop3): ext4_acquire_dquot:6802: comm syz.3.325: Failed to acquire dquot type 0
[  114.608835][ T5234] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5885: Corrupt filesystem
[  114.640134][ T5234] EXT4-fs error (device loop3): ext4_evict_inode:279: inode #11: comm syz.3.325: mark_inode_dirty error
[  114.659402][ T5234] EXT4-fs warning (device loop3): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  114.687029][ T5239] loop2: detected capacity change from 0 to 40427
[  114.693890][ T5234] EXT4-fs (loop3): 1 orphan inode deleted
[  114.699759][ T5234] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  114.711844][ T5239] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  114.720377][ T2969] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 1: comm kworker/u4:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  114.723714][ T5239] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  114.754151][ T5239] F2FS-fs (loop2): build fault injection attr: rate: 17008, type: 0x3ffff
[  114.762770][ T5239] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x1f8
[  114.794016][ T2969] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  114.806791][ T5239] F2FS-fs (loop2): invalid crc value
[  114.832500][ T2969] EXT4-fs error (device loop3): ext4_release_dquot:6825: comm kworker/u4:5: Failed to release dquot type 0
[  114.874791][ T4266] EXT4-fs (loop0): unmounting filesystem.
[  114.893290][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  114.902538][ T5239] F2FS-fs (loop2): Found nat_bits in checkpoint
[  114.954431][ T4255] EXT4-fs error (device loop3): __ext4_get_inode_loc:4506: comm syz-executor: Invalid inode table block 1 in block_group 0
[  115.003237][ T4255] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5885: Corrupt filesystem
[  115.054635][ T4255] EXT4-fs error (device loop3): ext4_quota_off:7091: inode #3: comm syz-executor: mark_inode_dirty error
[  115.093290][ T5239] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  115.113713][ T5239] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  115.380402][ T4257] syz-executor: attempt to access beyond end of device
[  115.380402][ T4257] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  115.485329][ T5272] loop3: detected capacity change from 0 to 764
[  115.598308][ T5274] loop4: detected capacity change from 0 to 24
[  115.626487][ T5274] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  115.640603][ T5274] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  115.719971][ T4296] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  115.923865][ T4296] usb 1-1: Using ep0 maxpacket: 8
[  115.940990][ T4296] usb 1-1: config 0 has an invalid interface number: 31 but max is 0
[  115.973480][ T4296] usb 1-1: config 0 has no interface number 0
[  116.013057][ T4296] usb 1-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  116.043468][ T4296] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.052475][ T4296] usb 1-1: Product: syz
[  116.057405][ T4296] usb 1-1: Manufacturer: syz
[  116.062041][ T4296] usb 1-1: SerialNumber: syz
[  116.081256][ T4296] usb 1-1: config 0 descriptor??
[  116.347312][ T5293] loop4: detected capacity change from 0 to 1024
[  116.512282][ T4296] usb 1-1: Found UVC 0.04 device syz (046d:08c3)
[  116.522047][ T4296] uvcvideo 1-1:0.31: Entity type for entity Б was not initialized!
[  116.532523][ T4296] usb 1-1: Failed to create links for entity 5
[  116.539128][ T4296] usb 1-1: Failed to register entities (-22).
[  116.648794][ T5299] xt_TCPMSS: Only works on TCP SYN packets
[  116.736174][ T5064] usb 1-1: USB disconnect, device number 2
[  117.030544][ T5311] loop4: detected capacity change from 0 to 256
[  117.069298][ T5311] FAT-fs (loop4): Directory bread(block 64) failed
[  117.103935][ T5311] FAT-fs (loop4): Directory bread(block 65) failed
[  117.113599][ T5311] FAT-fs (loop4): Directory bread(block 66) failed
[  117.140610][ T5311] FAT-fs (loop4): Directory bread(block 67) failed
[  117.159775][ T5311] FAT-fs (loop4): Directory bread(block 68) failed
[  117.174463][ T5311] FAT-fs (loop4): Directory bread(block 69) failed
[  117.185554][ T5311] FAT-fs (loop4): Directory bread(block 70) failed
[  117.219613][ T5311] FAT-fs (loop4): Directory bread(block 71) failed
[  117.240301][ T5311] FAT-fs (loop4): Directory bread(block 72) failed
[  117.281467][ T5311] FAT-fs (loop4): Directory bread(block 73) failed
[  117.523019][ T5325] loop2: detected capacity change from 0 to 1024
[  117.794261][   T46] hfsplus: b-tree write err: -5, ino 4
[  118.190138][ T5321] loop1: detected capacity change from 0 to 32768
[  118.224933][ T5321] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.361 (5321)
[  118.324478][ T5321] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  118.362665][ T5321] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  118.409415][ T5321] BTRFS info (device loop1): using free space tree
[  118.503244][ T5354] netlink: 844 bytes leftover after parsing attributes in process `syz.3.376'.
[  118.552452][ T5354] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check.
[  118.603893][ T5323] loop0: detected capacity change from 0 to 32768
[  118.638773][ T5323] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.363 (5323)
[  118.668874][ T5323] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  118.765627][ T5323] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  118.774534][ T5321] BTRFS info (device loop1): enabling ssd optimizations
[  118.843629][ T5323] BTRFS info (device loop0): setting nodatacow, compression disabled
[  118.893697][ T5323] BTRFS info (device loop0): enabling ssd optimizations
[  118.964768][ T5323] BTRFS info (device loop0): using spread ssd allocation scheme
[  118.984277][ T5323] BTRFS info (device loop0): enabling auto defrag
[  119.045436][ T5323] BTRFS info (device loop0): max_inline at 0
[  119.051505][ T5323] BTRFS info (device loop0): using free space tree
[  119.109172][ T4249] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  119.136478][ T5376] loop3: detected capacity change from 0 to 4096
[  119.225878][ T5376] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  119.344863][ T5369] loop4: detected capacity change from 0 to 32768
[  119.380354][ T5376] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  119.399481][ T5376] ntfs: (device loop3): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  119.411618][ T5376] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  119.439005][ T5376] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  119.467178][ T5376] ntfs: volume version 3.1.
[  119.539911][ T5376] ntfs: (device loop3): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  119.651928][ T5376] ntfs: (device loop3): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  119.723625][ T5376] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  119.785846][ T4266] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  119.793585][ T5376] ntfs: (device loop3): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  119.825473][ T5400] loop1: detected capacity change from 0 to 256
[  119.883487][ T5376] ntfs: (device loop3): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  119.993873][ T5376] ntfs: (device loop3): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute name is placed after the attribute value.
[  120.036047][ T5376] ntfs: (device loop3): ntfs_read_locked_index_inode(): Failed with error code -5 while reading index inode (mft_no 0x18, name_len 2.
[  120.200666][ T5404] loop4: detected capacity change from 0 to 256
[  120.294874][ T5404] FAT-fs (loop4): Directory bread(block 64) failed
[  120.304991][ T5404] FAT-fs (loop4): Directory bread(block 65) failed
[  120.328121][ T5404] FAT-fs (loop4): Directory bread(block 66) failed
[  120.354149][ T5404] FAT-fs (loop4): Directory bread(block 67) failed
[  120.361237][ T5404] FAT-fs (loop4): Directory bread(block 68) failed
[  120.373603][ T5404] FAT-fs (loop4): Directory bread(block 69) failed
[  120.403820][ T5404] FAT-fs (loop4): Directory bread(block 70) failed
[  120.410644][ T5404] FAT-fs (loop4): Directory bread(block 71) failed
[  120.442856][ T5404] FAT-fs (loop4): Directory bread(block 72) failed
[  120.493659][ T5404] FAT-fs (loop4): Directory bread(block 73) failed
[  120.777924][ T5418] loop3: detected capacity change from 0 to 256
[  120.884089][ T5418] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 196)
[  120.906311][ T5420] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  120.930348][ T5420] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 196)
[  120.984578][ T5420] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 196)
[  121.125612][ T4255] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 196)
[  121.543559][ T4939] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  121.763689][ T4939] usb 4-1: Using ep0 maxpacket: 32
[  121.772117][ T4939] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  121.787311][ T5451] loop0: detected capacity change from 0 to 256
[  121.804635][ T4939] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  121.819153][ T4939] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[  121.831164][ T4939] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.865013][ T4341] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  121.880612][ T4939] usb 4-1: config 0 descriptor??
[  122.065550][ T4341] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[  122.078733][ T4341] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.102447][ T4341] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  122.126377][ T4341] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  122.178810][ T4341] usb 2-1: Manufacturer: syz
[  122.204481][ T4341] usb 2-1: config 0 descriptor??
[  122.328346][ T4939] koneplus 0003:1E7D:2D51.0006: unknown main item tag 0x0
[  122.335996][ T4341] rc_core: IR keymap rc-hauppauge not found
[  122.343143][ T4341] Registered IR keymap rc-empty
[  122.354866][ T4939] koneplus 0003:1E7D:2D51.0006: unknown main item tag 0x0
[  122.380210][ T4341] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  122.391848][ T4939] koneplus 0003:1E7D:2D51.0006: unknown main item tag 0x0
[  122.417798][ T4939] koneplus 0003:1E7D:2D51.0006: unknown main item tag 0x0
[  122.443920][ T4341] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input12
[  122.457219][ T4939] koneplus 0003:1E7D:2D51.0006: unknown main item tag 0x0
[  122.477981][ T4939] koneplus 0003:1E7D:2D51.0006: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.3-1/input0
[  122.527699][ T4939] koneplus 0003:1E7D:2D51.0006: couldn't init struct koneplus_device
[  122.538860][ T4939] koneplus 0003:1E7D:2D51.0006: couldn't install mouse
[  122.563953][ T4939] koneplus: probe of 0003:1E7D:2D51.0006 failed with error -71
[  122.586783][ T4939] usb 4-1: USB disconnect, device number 3
[  122.751243][ T5465] rc rc0: two consecutive events of type space
[  122.763500][ T4295] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  122.958331][ T4295] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  122.960939][ T4939] usb 2-1: USB disconnect, device number 2
[  122.977254][ T4295] usb 1-1: config 0 interface 0 has no altsetting 0
[  122.996449][ T4295] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  123.016414][ T4295] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  123.033608][ T4295] usb 1-1: Product: syz
[  123.046270][ T4295] usb 1-1: Manufacturer: syz
[  123.065765][ T4295] usb 1-1: SerialNumber: syz
[  123.092518][ T4295] usb 1-1: config 0 descriptor??
[  123.134129][ T4295] usb 1-1: selecting invalid altsetting 0
[  123.335426][ T4295] usb 1-1: USB disconnect, device number 3
[  123.453652][   T14] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  123.645368][   T14] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  123.663874][   T14] usb 4-1: config 0 has no interface number 0
[  123.688070][   T14] usb 4-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  123.713829][   T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.726470][   T14] usb 4-1: config 0 descriptor??
[  123.739072][   T14] usb 4-1: selecting invalid altsetting 1
[  123.758000][   T14] dvb_ttusb_budget: ttusb_init_controller: error
[  123.773691][   T14] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  123.979555][   T14] DVB: Unable to find symbol cx22700_attach()
[  124.049806][ T5482] loop2: detected capacity change from 0 to 32768
[  124.095285][   T14] DVB: Unable to find symbol tda10046_attach()
[  124.101881][   T14] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  124.119398][   T14] usb 4-1: USB disconnect, device number 4
[  124.231873][ T5482] XFS (loop2): Mounting V5 Filesystem
[  124.239595][ T5508] loop4: detected capacity change from 0 to 64
[  124.344858][ T5482] XFS (loop2): Ending clean mount
[  124.367758][ T5482] XFS (loop2): Quotacheck needed: Please wait.
[  124.436235][ T5482] XFS (loop2): Quotacheck: Done.
[  124.637015][ T4257] XFS (loop2): Unmounting Filesystem
[  124.646788][ T5064] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  124.697294][ T5523] loop3: detected capacity change from 0 to 1024
[  124.845561][ T5064] usb 2-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00
[  124.863533][ T5064] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.874814][ T5064] usb 2-1: config 0 descriptor??
[  125.305411][ T5064] input: HID 28bd:0933 Mouse as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:28BD:0933.0007/input/input13
[  125.429478][ T5064] uclogic 0003:28BD:0933.0007: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0933] on usb-dummy_hcd.1-1/input0
[  125.501821][ T5544] netlink: 'syz.3.444': attribute type 2 has an invalid length.
[  125.520696][ T4295] usb 2-1: USB disconnect, device number 3
[  125.666022][ T5547] loop2: detected capacity change from 0 to 512
[  125.720163][ T5547] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=856c01c, mo2=0002]
[  125.746732][ T5547] EXT4-fs (loop2): orphan cleanup on readonly fs
[  125.764305][ T5547] EXT4-fs warning (device loop2): ext4_enable_quotas:7037: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  125.779933][ T5547] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  125.799772][ T5547] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.446: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  125.836810][ T5547] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.446: couldn't read orphan inode 13 (err -117)
[  125.864388][ T5547] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  125.920068][ T5547] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  125.944122][ T5547] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  125.964034][ T5547] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=2816e11c, mo2=0002]
[  126.001053][ T5547] System zones: 0-2, 18-18, 34-34
[  126.011069][ T5547] EXT4-fs warning (device loop2): ext4_enable_quotas:7037: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  126.146016][ T4257] EXT4-fs (loop2): unmounting filesystem.
[  126.403079][ T5552] loop4: detected capacity change from 0 to 32768
[  126.477233][ T5552] JBD2: Ignoring recovery information on journal
[  126.560516][ T5572] loop0: detected capacity change from 0 to 256
[  126.583002][ T5573] loop2: detected capacity change from 0 to 256
[  126.596253][ T5572] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  126.606464][ T5572] FAT-fs (loop0): Filesystem has been set read-only
[  126.613213][ T5572] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  126.622135][ T5572] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  126.641398][ T5572] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  126.663634][ T5572] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  126.685874][ T5572] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  126.724415][ T5552] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  126.740028][ T5572] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  126.764926][ T5572] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  126.787506][ T5576] loop3: detected capacity change from 0 to 512
[  126.821445][ T5572] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  126.843612][ T5576] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  126.868214][ T5572] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  126.891686][   T26] kauditd_printk_skb: 2 callbacks suppressed
[  126.891703][   T26] audit: type=1800 audit(1744351138.926:10): pid=5572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.457" name="file1" dev="loop0" ino=1048671 res=0 errno=0
[  126.896405][ T5572] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[  126.937527][ T4262] ocfs2: Unmounting device (7,4) on (node local)
[  126.959281][ T5576] EXT4-fs (loop3): 1 truncate cleaned up
[  126.977235][ T5576] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  127.160497][ T5572] syz.0.457 (5572) used greatest stack depth: 18592 bytes left
[  127.247019][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  127.606386][ T5595] binder: 5593:5595 ioctl 4018620d 0 returned -22
[  127.616722][ T5595] binder: 5593:5595 ioctl c0306201 200000000680 returned -11
[  127.753751][ T4939] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  127.823601][ T4295] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  127.849736][ T5605] loop1: detected capacity change from 0 to 64
[  127.951904][ T4939] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.974058][ T4939] usb 5-1: New USB device found, idVendor=046d, idProduct=c287, bcdDevice= 0.00
[  127.983162][ T4939] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.007269][ T5605] hfs: unable to load iocharset "macromn"
[  128.016325][ T4939] usb 5-1: config 0 descriptor??
[  128.020611][ T5605] hfs: unable to parse mount options
[  128.032411][ T4295] usb 1-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00
[  128.051726][ T4295] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.095901][ T4295] usb 1-1: config 0 descriptor??
[  128.193863][ T5064] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  128.298953][ T5603] loop2: detected capacity change from 0 to 32768
[  128.323743][ T5603] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.470 (5603)
[  128.359997][ T5603] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  128.386515][ T5603] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  128.396999][ T5064] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.430828][ T5064] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  128.450376][ T4939] logitech 0003:046D:C287.0008: hidraw0: USB HID v0.00 Device [HID 046d:c287] on usb-dummy_hcd.4-1/input0
[  128.465226][ T5603] BTRFS info (device loop2): using free space tree
[  128.474683][ T5064] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  128.493800][ T4939] logitech 0003:046D:C287.0008: no inputs found
[  128.512609][ T5064] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.543976][ T4295] input: HID 28bd:0933 Mouse as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28BD:0933.0009/input/input14
[  128.544866][ T5064] usb 4-1: config 0 descriptor??
[  128.663909][ T4939] usb 5-1: USB disconnect, device number 3
[  128.669915][ T5603] BTRFS info (device loop2): enabling ssd optimizations
[  128.706573][ T4295] uclogic 0003:28BD:0933.0009: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0933] on usb-dummy_hcd.0-1/input0
[  128.808836][ T4295] usb 1-1: USB disconnect, device number 4
[  128.879963][ T4257] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  129.191731][ T5064] usb 4-1: string descriptor 0 read error: -71
[  129.204997][ T5064] uclogic 0003:256C:006D.000A: failed retrieving string descriptor #200: -71
[  129.230422][ T5064] uclogic 0003:256C:006D.000A: failed retrieving pen parameters: -71
[  129.256869][ T5064] uclogic 0003:256C:006D.000A: failed probing pen v2 parameters: -71
[  129.285888][ T5064] uclogic 0003:256C:006D.000A: failed probing parameters: -71
[  129.316351][ T5064] uclogic: probe of 0003:256C:006D.000A failed with error -71
[  129.383062][ T5064] usb 4-1: USB disconnect, device number 5
[  129.476158][   T26] audit: type=1326 audit(1744351141.516:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5649 comm="syz.0.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40b558d169 code=0x7ffc0000
[  129.537300][   T26] audit: type=1326 audit(1744351141.556:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5649 comm="syz.0.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f40b558d169 code=0x7ffc0000
[  129.628985][   T26] audit: type=1326 audit(1744351141.556:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5649 comm="syz.0.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40b558d169 code=0x7ffc0000
[  129.713537][   T26] audit: type=1326 audit(1744351141.556:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5649 comm="syz.0.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f40b558d169 code=0x7ffc0000
[  129.744612][   T26] audit: type=1326 audit(1744351141.556:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5649 comm="syz.0.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40b558d169 code=0x7ffc0000
[  129.782303][ T5658] loop1: detected capacity change from 0 to 64
[  129.948435][ T5663] loop3: detected capacity change from 0 to 256
[  129.970282][ T5663] exfat: Deprecated parameter 'utf8'
[  130.003696][ T5663] exfat: Deprecated parameter 'utf8'
[  130.101203][ T5663] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d)
[  130.449197][ T5677] loop3: detected capacity change from 0 to 1024
[  130.459468][ T5677] EXT4-fs: Ignoring removed nobh option
[  130.469983][ T5677] EXT4-fs: inline encryption not supported
[  130.477029][ T5677] EXT4-fs: Ignoring removed bh option
[  130.499716][ T5677] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  130.562381][ T5677] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  130.575747][ T5682] loop4: detected capacity change from 0 to 4096
[  130.602638][ T5682] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512)
[  130.726932][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  130.742501][ T5689] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  130.757576][ T5689] IPv6: ADDRCONF(NETDEV_CHANGE): ipvlan2: link becomes ready
[  131.158247][   T26] audit: type=1326 audit(1744351143.196:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5674 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafbb8d169 code=0x7fc00000
[  131.213329][   T26] audit: type=1326 audit(1744351143.226:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5674 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faafbb8d169 code=0x7fc00000
[  131.260599][   T26] audit: type=1326 audit(1744351143.226:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5674 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafbb8d169 code=0x7fc00000
[  131.354495][   T26] audit: type=1326 audit(1744351143.226:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5674 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafbb8d169 code=0x7fc00000
[  132.083207][ T5731] loop4: detected capacity change from 0 to 22
[  132.102587][ T5732] loop0: detected capacity change from 0 to 512
[  132.104868][ T5731] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  132.154575][ T5731] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  132.210595][ T5732] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.519: inode #1: comm syz.0.519: iget: illegal inode #
[  132.321926][ T5732] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.519: error while reading EA inode 1 err=-117
[  132.382019][ T5732] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  132.438739][ T5732] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.519: inode #1: comm syz.0.519: iget: illegal inode #
[  132.502845][ T5732] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.519: error while reading EA inode 1 err=-117
[  132.520460][ T5732] EXT4-fs (loop0): 1 orphan inode deleted
[  132.527071][ T5732] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  132.658286][ T4266] EXT4-fs (loop0): unmounting filesystem.
[  132.664910][ T5741] loop1: detected capacity change from 0 to 8192
[  132.716465][ T5741] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  132.766795][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  132.773192][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  132.802342][ T5741] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  132.843274][ T5750] loop4: detected capacity change from 0 to 512
[  132.849383][ T5741] REISERFS (device loop1): using ordered data mode
[  132.863768][ T5741] reiserfs: using flush barriers
[  132.890769][ T5750] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=856c01c, mo2=0002]
[  132.892974][ T5741] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  132.945390][ T5750] EXT4-fs (loop4): orphan cleanup on readonly fs
[  132.970483][ T5750] EXT4-fs warning (device loop4): ext4_enable_quotas:7037: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  133.015357][ T5741] REISERFS (device loop1): checking transaction log (loop1)
[  133.015640][ T5750] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  133.073606][ T5741] REISERFS (device loop1): Using r5 hash to sort names
[  133.074245][ T5750] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz.4.528: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  133.106009][ T5741] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  133.195604][ T5750] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.528: couldn't read orphan inode 13 (err -117)
[  133.279483][ T5750] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  133.434771][ T5769] netlink: 12 bytes leftover after parsing attributes in process `syz.2.536'.
[  133.450442][ T5750] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  133.491584][ T5750] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  133.530134][ T5750] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=2816e11c, mo2=0002]
[  133.590274][ T5750] System zones: 0-2, 18-18, 34-34
[  133.626729][ T5750] EXT4-fs warning (device loop4): ext4_enable_quotas:7037: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  133.751120][ T4262] EXT4-fs (loop4): unmounting filesystem.
[  133.752969][ T5778] loop1: detected capacity change from 0 to 4096
[  133.779789][ T5778] __ntfs_error: 63 callbacks suppressed
[  133.779808][ T5778] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  133.916328][ T5778] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  133.978182][ T5778] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  134.010234][ T5778] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  134.060188][ T5778] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  134.093799][ T5778] ntfs: volume version 3.1.
[  134.110403][ T5778] ntfs: (device loop1): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  134.138346][ T5780] loop2: detected capacity change from 0 to 40427
[  134.151919][ T4297] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  134.154700][ T5778] ntfs: (device loop1): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  134.159554][ T5780] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  134.180045][ T5780] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  134.190199][ T5780] F2FS-fs (loop2): build fault injection attr: rate: 17008, type: 0x3ffff
[  134.199236][ T5780] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x1f8
[  134.209377][ T5780] F2FS-fs (loop2): invalid crc value
[  134.215721][ T5778] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  134.228154][ T5778] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  134.239810][ T5778] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  134.244072][ T4298] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  134.274090][ T5780] F2FS-fs (loop2): Current segment's next free block offset is inconsistent with bitmap, logtype:5, segno:2, type:0, next_blkoff:0, blkofs:1
[  134.312323][ T5780] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-117)
[  134.363774][ T5771] loop0: detected capacity change from 0 to 32768
[  134.434073][ T5771] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.537 (5771)
[  134.476658][ T4298] usb 5-1: config 0 interface 0 altsetting 14 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.525802][ T4297] usb 4-1: config 0 has an invalid interface number: 117 but max is 0
[  134.526293][ T4298] usb 5-1: config 0 interface 0 altsetting 14 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.550728][ T4297] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  134.570545][ T4298] usb 5-1: config 0 interface 0 altsetting 14 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  134.589348][ T4298] usb 5-1: config 0 interface 0 has no altsetting 0
[  134.591477][ T4297] usb 4-1: config 0 has no interface number 0
[  134.601932][ T4298] usb 5-1: New USB device found, idVendor=056a, idProduct=030c, bcdDevice= 0.00
[  134.619320][ T4297] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  134.642426][ T4298] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.649758][ T4297] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  134.662391][ T4298] usb 5-1: config 0 descriptor??
[  134.694400][ T4297] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  134.723518][ T4297] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.757513][ T4297] usb 4-1: Product: syz
[  134.771983][ T4297] usb 4-1: Manufacturer: syz
[  134.776751][ T4297] usb 4-1: SerialNumber: syz
[  134.813690][ T5771] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  134.836458][ T4297] usb 4-1: config 0 descriptor??
[  134.848756][ T5771] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  134.868429][ T5771] BTRFS info (device loop0): enabling disk space caching
[  134.896047][ T5771] BTRFS info (device loop0): enabling auto defrag
[  134.916206][ T5792] loop2: detected capacity change from 0 to 4096
[  134.932946][ T5771] BTRFS info (device loop0): doing ref verification
[  134.943536][ T5771] BTRFS info (device loop0): use no compression
[  134.960201][ T5771] BTRFS info (device loop0): force clearing of disk cache
[  134.994513][ T5771] BTRFS info (device loop0): disabling disk space caching
[  135.012531][ T5792] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  135.118199][ T4298] wacom 0003:056A:030C.000B: hidraw0: USB HID vff.fe Device [HID 056a:030c] on usb-dummy_hcd.4-1/input0
[  135.291107][ T5771] BTRFS info (device loop0): enabling ssd optimizations
[  135.322744][ T5771] BTRFS info (device loop0): rebuilding free space tree
[  135.353211][ T5771] BTRFS info (device loop0): disabling free space tree
[  135.362977][ T5771] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  135.373776][ T5771] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  135.393600][ T4297] usb 5-1: USB disconnect, device number 4
[  135.468270][ T4296] usb 4-1: USB disconnect, device number 6
[  135.611607][ T4266] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  136.507342][ T5844] loop0: detected capacity change from 0 to 1024
[  136.520522][ T5845] loop3: detected capacity change from 0 to 1764
[  136.535900][ T5844] ext4: Bad value for 'max_batch_time'
[  136.703516][ T5845] iso9660: Corrupted directory entry in block 2 of inode 1920
[  136.825502][ T5825] loop2: detected capacity change from 0 to 32768
[  136.836958][ T5825] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.553 (5825)
[  136.866074][ T5825] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  136.913725][ T5825] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  136.983143][ T5825] BTRFS info (device loop2): metadata ratio 1025
[  136.999670][ T5825] BTRFS info (device loop2): doing ref verification
[  137.026843][ T5825] BTRFS info (device loop2): force clearing of disk cache
[  137.038836][ T5853] loop4: detected capacity change from 0 to 8
[  137.069783][ T5854] netlink: 28 bytes leftover after parsing attributes in process `syz.3.564'.
[  137.074460][ T5853] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  137.085305][ T5825] BTRFS info (device loop2): turning off barriers
[  137.102079][ T5825] BTRFS info (device loop2): setting nodatacow, compression disabled
[  137.148960][ T5825] BTRFS info (device loop2): enabling ssd optimizations
[  137.177848][ T5825] BTRFS info (device loop2): using spread ssd allocation scheme
[  137.232565][ T5825] BTRFS info (device loop2): not using ssd optimizations
[  137.262694][ T5825] BTRFS info (device loop2): not using spread ssd allocation scheme
[  137.302352][ T5825] BTRFS info (device loop2): using free space tree
[  137.345678][ T5858] loop3: detected capacity change from 0 to 64
[  137.520711][ T5839] loop1: detected capacity change from 0 to 40427
[  137.540733][ T5839] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x3ffff
[  137.613286][ T5839] F2FS-fs (loop1): invalid crc value
[  137.664966][ T5825] BTRFS info (device loop2): rebuilding free space tree
[  137.741474][ T5885] loop4: detected capacity change from 0 to 512
[  137.750165][ T5885] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  137.762255][ T5887] loop3: detected capacity change from 0 to 256
[  137.768784][ T5839] F2FS-fs (loop1): Found nat_bits in checkpoint
[  137.808302][ T5885] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  137.823952][ T5885] System zones: 1-12
[  137.853730][ T5885] EXT4-fs (loop4): 1 truncate cleaned up
[  137.861983][ T5887] FAT-fs (loop3): Directory bread(block 64) failed
[  137.869423][ T5839] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  137.879271][ T5885] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  137.904159][ T5887] FAT-fs (loop3): Directory bread(block 65) failed
[  137.911264][ T5887] FAT-fs (loop3): Directory bread(block 66) failed
[  137.918184][ T5887] FAT-fs (loop3): Directory bread(block 67) failed
[  137.934382][ T5887] FAT-fs (loop3): Directory bread(block 68) failed
[  137.973575][ T5887] FAT-fs (loop3): Directory bread(block 69) failed
[  137.993723][ T5887] FAT-fs (loop3): Directory bread(block 70) failed
[  138.000320][ T5887] FAT-fs (loop3): Directory bread(block 71) failed
[  138.032658][ T5887] FAT-fs (loop3): Directory bread(block 72) failed
[  138.059932][ T5887] FAT-fs (loop3): Directory bread(block 73) failed
[  138.079605][ T4257] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  138.091906][ T4262] EXT4-fs (loop4): unmounting filesystem.
[  138.164941][ T4249] syz-executor: attempt to access beyond end of device
[  138.164941][ T4249] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  138.790702][ T5907] loop0: detected capacity change from 0 to 256
[  138.869901][ T5907] FAT-fs (loop0): Directory bread(block 64) failed
[  138.900760][ T5907] FAT-fs (loop0): Directory bread(block 65) failed
[  138.928881][ T5907] FAT-fs (loop0): Directory bread(block 66) failed
[  138.939918][ T5912] device gretap0 entered promiscuous mode
[  138.963647][ T5907] FAT-fs (loop0): Directory bread(block 67) failed
[  138.970762][ T5907] FAT-fs (loop0): Directory bread(block 68) failed
[  138.986066][ T5912] device macsec1 entered promiscuous mode
[  139.009267][ T5912] device gretap0 left promiscuous mode
[  139.028890][ T5907] FAT-fs (loop0): Directory bread(block 69) failed
[  139.049836][ T5907] FAT-fs (loop0): Directory bread(block 70) failed
[  139.079855][ T5914] loop2: detected capacity change from 0 to 512
[  139.087039][ T5907] FAT-fs (loop0): Directory bread(block 71) failed
[  139.110183][ T5907] FAT-fs (loop0): Directory bread(block 72) failed
[  139.127154][ T5907] FAT-fs (loop0): Directory bread(block 73) failed
[  139.187539][ T5914] EXT4-fs error (device loop2): ext4_do_update_inode:5224: inode #3: comm syz.2.584: corrupted inode contents
[  139.217044][ T5914] EXT4-fs error (device loop2): ext4_dirty_inode:6089: inode #3: comm syz.2.584: mark_inode_dirty error
[  139.280656][ T5914] EXT4-fs error (device loop2): ext4_do_update_inode:5224: inode #3: comm syz.2.584: corrupted inode contents
[  139.315039][ T5914] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #3: comm syz.2.584: mark_inode_dirty error
[  139.385115][ T5914] __quota_error: 6 callbacks suppressed
[  139.385132][ T5914] Quota error (device loop2): write_blk: dquota write failed
[  139.449528][ T5914] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  139.513752][ T5914] EXT4-fs error (device loop2): ext4_acquire_dquot:6802: comm syz.2.584: Failed to acquire dquot type 0
[  139.593152][ T5929] netlink: 'syz.0.589': attribute type 1 has an invalid length.
[  139.602394][ T5914] EXT4-fs error (device loop2): ext4_do_update_inode:5224: inode #16: comm syz.2.584: corrupted inode contents
[  139.633243][ T5914] EXT4-fs error (device loop2): ext4_dirty_inode:6089: inode #16: comm syz.2.584: mark_inode_dirty error
[  139.674414][ T5914] EXT4-fs error (device loop2): ext4_do_update_inode:5224: inode #16: comm syz.2.584: corrupted inode contents
[  139.717162][ T5914] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.584: mark_inode_dirty error
[  139.744020][ T5914] EXT4-fs error (device loop2): ext4_do_update_inode:5224: inode #16: comm syz.2.584: corrupted inode contents
[  139.787218][ T5914] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  139.843689][ T5914] EXT4-fs error (device loop2): ext4_do_update_inode:5224: inode #16: comm syz.2.584: corrupted inode contents
[  139.898776][ T5914] EXT4-fs error (device loop2): ext4_truncate:4311: inode #16: comm syz.2.584: mark_inode_dirty error
[  139.940071][ T5914] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  139.969455][ T5914] EXT4-fs (loop2): 1 truncate cleaned up
[  139.993579][ T5914] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  140.002622][ T5914] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.191261][ T5951] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  140.373142][ T4257] EXT4-fs (loop2): unmounting filesystem.
[  140.398245][   T57] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  140.420950][   T57] EXT4-fs error (device loop2): ext4_release_dquot:6825: comm kworker/u4:4: Failed to release dquot type 1
[  140.578789][ T5964] loop0: detected capacity change from 0 to 1024
[  140.673675][   T22] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  140.868921][   T22] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  140.886991][   T22] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  140.921897][   T22] usb 4-1: config 220 has no interface number 2
[  140.940854][   T22] usb 4-1: config 220 interface 1 altsetting 5 bulk endpoint 0x4 has invalid maxpacket 779
[  140.964958][   T22] usb 4-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12
[  140.985551][   T22] usb 4-1: config 220 interface 0 has no altsetting 0
[  140.992765][   T22] usb 4-1: config 220 interface 76 has no altsetting 0
[  141.013013][   T22] usb 4-1: config 220 interface 1 has no altsetting 0
[  141.025257][   T22] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  141.035747][   T22] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.045094][   T22] usb 4-1: Product: syz
[  141.049302][   T22] usb 4-1: Manufacturer: syz
[  141.060592][   T22] usb 4-1: SerialNumber: syz
[  141.134982][ T5980] loop2: detected capacity change from 0 to 64
[  141.313980][   T22] usb 4-1: selecting invalid altsetting 0
[  141.320226][   T22] usb 4-1: Found UVC 7.01 device syz (8086:0b07)
[  141.337874][   T22] usb 4-1: No valid video chain found.
[  141.361571][   T22] usb 4-1: selecting invalid altsetting 0
[  141.385598][   T22] usbtest: probe of 4-1:220.1 failed with error -22
[  141.402368][ T5985] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  141.416012][   T22] usb 4-1: USB disconnect, device number 7
[  141.612012][ T5992] netlink: 8 bytes leftover after parsing attributes in process `syz.1.619'.
[  141.829376][ T6000] netlink: 16 bytes leftover after parsing attributes in process `syz.1.623'.
[  141.967767][ T6004] netlink: 'syz.0.624': attribute type 2 has an invalid length.
[  141.994241][ T6004] netlink: 'syz.0.624': attribute type 3 has an invalid length.
[  142.033665][ T6004] netlink: 650 bytes leftover after parsing attributes in process `syz.0.624'.
[  142.112281][ T6011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.628'.
[  142.317453][ T6017] loop1: detected capacity change from 0 to 64
[  142.760491][ T6022] loop0: detected capacity change from 0 to 8192
[  142.824270][ T6022] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  142.892905][ T6022] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  142.902725][ T6022] REISERFS (device loop0): using ordered data mode
[  142.909776][ T6022] reiserfs: using flush barriers
[  142.930139][ T6022] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  142.949424][ T6022] REISERFS (device loop0): checking transaction log (loop0)
[  142.989445][ T6022] REISERFS (device loop0): Using r5 hash to sort names
[  143.066647][ T6042] vivid-000: =================  START STATUS  =================
[  143.085308][ T6042] vivid-000: Generate PTS: true
[  143.090730][ T6042] vivid-000: Generate SCR: true
[  143.123705][ T6042] tpg source WxH: 640x360 (Y'CbCr)
[  143.133544][ T6042] tpg field: 1
[  143.148937][ T6044] loop1: detected capacity change from 0 to 1024
[  143.171971][ T6042] tpg crop: 640x360@0x0
[  143.182117][ T6042] tpg compose: 640x360@0x0
[  143.214083][ T6042] tpg colorspace: 8
[  143.218027][ T6042] tpg transfer function: 0/0
[  143.265025][ T6042] tpg Y'CbCr encoding: 0/0
[  143.277390][ T6042] tpg quantization: 0/0
[  143.297280][ T6042] tpg RGB range: 0/2
[  143.307438][ T6042] vivid-000: ==================  END STATUS  ==================
[  143.351269][ T6046] loop3: detected capacity change from 0 to 512
[  143.429929][ T6046] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  143.471149][ T6031] loop4: detected capacity change from 0 to 32768
[  143.480984][ T6046] ext4 filesystem being mounted at /122/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  143.492022][ T6031] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.638 (6031)
[  143.566369][ T6031] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  143.630951][ T6031] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  143.653615][ T6031] BTRFS info (device loop4): metadata ratio 1025
[  143.660049][ T6031] BTRFS info (device loop4): doing ref verification
[  143.708856][ T6031] BTRFS info (device loop4): force clearing of disk cache
[  143.727877][ T6054] loop1: detected capacity change from 0 to 256
[  143.743533][ T6031] BTRFS info (device loop4): turning off barriers
[  143.760249][ T6031] BTRFS info (device loop4): setting nodatacow, compression disabled
[  143.776759][ T4255] EXT4-fs (loop3): unmounting filesystem.
[  143.803665][ T6031] BTRFS info (device loop4): enabling ssd optimizations
[  143.844809][ T6031] BTRFS info (device loop4): using spread ssd allocation scheme
[  143.852532][ T6031] BTRFS info (device loop4): not using ssd optimizations
[  143.931646][ T6031] BTRFS info (device loop4): not using spread ssd allocation scheme
[  143.979130][ T6031] BTRFS info (device loop4): using free space tree
[  144.232883][ T6031] BTRFS info (device loop4): rebuilding free space tree
[  144.423624][ T4256] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  144.574133][ T6088] loop3: detected capacity change from 0 to 256
[  144.615435][ T4256] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.640609][ T4262] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  144.653476][ T4256] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.658713][ T6088] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  144.698946][ T4256] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  144.727526][ T4256] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.782881][ T4256] usb 1-1: config 0 descriptor??
[  144.821219][ T6090] loop1: detected capacity change from 0 to 256
[  144.854838][ T6090] exfat: Deprecated parameter 'utf8'
[  144.870652][ T6090] exfat: Deprecated parameter 'namecase'
[  144.912033][ T6090] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  144.999070][ T6053] loop2: detected capacity change from 0 to 32768
[  145.024804][ T6053] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.647 (6053)
[  145.169754][ T6053] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  145.263608][ T6053] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  145.312943][ T6053] BTRFS info (device loop2): using free space tree
[  145.422118][ T4256] usb 1-1: string descriptor 0 read error: -71
[  145.451780][ T4256] uclogic 0003:256C:006D.000C: failed retrieving string descriptor #200: -71
[  145.530978][ T4256] uclogic 0003:256C:006D.000C: failed retrieving pen parameters: -71
[  145.580852][ T6114] netlink: 92 bytes leftover after parsing attributes in process `syz.4.662'.
[  145.601756][ T4256] uclogic 0003:256C:006D.000C: failed probing pen v2 parameters: -71
[  145.621284][ T4256] uclogic 0003:256C:006D.000C: failed probing parameters: -71
[  145.635218][ T4256] uclogic: probe of 0003:256C:006D.000C failed with error -71
[  145.646530][ T4256] usb 1-1: USB disconnect, device number 5
[  145.723122][ T6053] BTRFS info (device loop2): enabling ssd optimizations
[  145.797265][ T6053] BTRFS info (device loop2): device stats zeroed by syz.2.647 (6053)
[  145.866420][ T6129] loop4: detected capacity change from 0 to 128
[  145.930473][ T6132] loop1: detected capacity change from 0 to 256
[  145.954149][ T6129] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  145.965859][ T4257] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  146.012563][ T6129] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  146.026681][ T6132] FAT-fs (loop1): Directory bread(block 64) failed
[  146.039598][ T6132] FAT-fs (loop1): Directory bread(block 65) failed
[  146.088407][ T6132] FAT-fs (loop1): Directory bread(block 66) failed
[  146.129906][ T6132] FAT-fs (loop1): Directory bread(block 67) failed
[  146.173786][ T6132] FAT-fs (loop1): Directory bread(block 68) failed
[  146.180389][ T6132] FAT-fs (loop1): Directory bread(block 69) failed
[  146.213481][ T6132] FAT-fs (loop1): Directory bread(block 70) failed
[  146.232134][ T6132] FAT-fs (loop1): Directory bread(block 71) failed
[  146.261785][ T6132] FAT-fs (loop1): Directory bread(block 72) failed
[  146.305709][ T6132] FAT-fs (loop1): Directory bread(block 73) failed
[  146.469795][ T6136] loop3: detected capacity change from 0 to 4096
[  146.525854][ T6136] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  147.063687][ T6092] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  147.142167][ T6152] loop3: detected capacity change from 0 to 128
[  147.178243][ T6152] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  147.211054][ T6152] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  147.263630][ T6092] usb 3-1: Using ep0 maxpacket: 8
[  147.279720][ T6092] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.320614][ T6092] usb 3-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00
[  147.346918][ T6092] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.379684][ T6092] usb 3-1: config 0 descriptor??
[  147.438925][ T6140] loop0: detected capacity change from 0 to 32768
[  147.609465][ T6157] loop1: detected capacity change from 0 to 512
[  147.639209][ T6142] loop4: detected capacity change from 0 to 40427
[  147.652535][ T6157] EXT4-fs: Ignoring removed nobh option
[  147.674098][ T6142] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  147.715494][ T6142] F2FS-fs (loop4): invalid crc value
[  147.752271][ T6157] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  147.817541][ T6092] hid-multitouch 0003:0EEF:72C4.000D: unknown main item tag 0x0
[  147.827683][ T6142] F2FS-fs (loop4): Found nat_bits in checkpoint
[  147.835865][ T6092] hid-multitouch 0003:0EEF:72C4.000D: hidraw0: USB HID v0.03 Device [HID 0eef:72c4] on usb-dummy_hcd.2-1/input0
[  147.860561][ T6157] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.679: attempt to clear invalid blocks 2 len 1
[  147.926145][ T6157] EXT4-fs (loop1): Remounting filesystem read-only
[  147.950296][ T6157] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  148.001622][ T6157] EXT4-fs (loop1): Remounting filesystem read-only
[  148.019775][ T6157] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.679: invalid indirect mapped block 1819239214 (level 0)
[  148.021360][ T6092] usb 3-1: USB disconnect, device number 5
[  148.059641][ T6157] EXT4-fs (loop1): Remounting filesystem read-only
[  148.075166][ T6142] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  148.100683][ T6157] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.679: invalid indirect mapped block 1819239214 (level 1)
[  148.158557][ T6157] EXT4-fs (loop1): Remounting filesystem read-only
[  148.171057][ T6157] EXT4-fs (loop1): 1 truncate cleaned up
[  148.187155][ T6157] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  148.259289][ T4262] syz-executor: attempt to access beyond end of device
[  148.259289][ T4262] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  148.350709][ T4249] EXT4-fs (loop1): unmounting filesystem.
[  149.231567][ T6169] loop0: detected capacity change from 0 to 32768
[  149.300741][ T6197] 9pnet_virtio: no channels available for device 
[  149.309026][ T6169] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  149.334756][ T6169] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  149.470898][ T6169] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  149.495370][  T127] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  149.504359][  T127] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  149.563527][  T127] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 59ms
[  149.571472][ T6203] device macvlan2 entered promiscuous mode
[  149.583223][  T127] gfs2: fsid=syz:syz.0: jid=0: Done
[  149.608487][ T6169] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  149.723614][   T22] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  149.752210][ T6186] loop3: detected capacity change from 0 to 32768
[  149.784054][ T6186] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.692 (6186)
[  149.841814][ T6186] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  149.916412][   T22] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  149.943489][   T22] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.959926][ T6186] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  149.963609][   T22] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  150.003856][   T22] usb 3-1: New USB device found, idVendor=172f, idProduct=0032, bcdDevice= 0.00
[  150.014092][   T22] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.020936][ T6186] BTRFS info (device loop3): metadata ratio 1025
[  150.031281][ T6186] BTRFS info (device loop3): doing ref verification
[  150.053528][ T6186] BTRFS info (device loop3): force clearing of disk cache
[  150.064619][   T22] usb 3-1: config 0 descriptor??
[  150.081566][ T6186] BTRFS info (device loop3): turning off barriers
[  150.106636][ T6210] loop4: detected capacity change from 0 to 64
[  150.109349][ T6186] BTRFS info (device loop3): setting nodatacow, compression disabled
[  150.152429][ T6186] BTRFS info (device loop3): enabling ssd optimizations
[  150.177886][  T127] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  150.182916][ T6186] BTRFS info (device loop3): using spread ssd allocation scheme
[  150.212224][ T6210] hfs: small file entry
[  150.214148][ T6186] BTRFS info (device loop3): not using ssd optimizations
[  150.244012][ T6186] BTRFS info (device loop3): not using spread ssd allocation scheme
[  150.264066][ T6186] BTRFS info (device loop3): using free space tree
[  150.373532][  T127] usb 2-1: Using ep0 maxpacket: 32
[  150.384127][  T127] usb 2-1: config 0 interface 0 has no altsetting 0
[  150.399720][  T127] usb 2-1: New USB device found, idVendor=056a, idProduct=033c, bcdDevice= 0.00
[  150.410009][  T127] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.428314][  T127] usb 2-1: config 0 descriptor??
[  150.489972][   T22] waltop 0003:172F:0032.000E: hidraw0: USB HID vff.fd Device [HID 172f:0032] on usb-dummy_hcd.2-1/input0
[  150.510707][ T6186] BTRFS info (device loop3): rebuilding free space tree
[  150.633892][ T4326] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  150.692346][ T4251] usb 3-1: USB disconnect, device number 6
[  150.728153][ T4255] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  150.808244][ T6239] netlink: 'syz.0.708': attribute type 10 has an invalid length.
[  150.844286][ T4326] usb 5-1: Using ep0 maxpacket: 32
[  150.866177][  T127] wacom 0003:056A:033C.000F: unknown main item tag 0x0
[  150.873124][  T127] wacom 0003:056A:033C.000F: unknown main item tag 0x0
[  150.883497][ T4326] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  150.891818][ T4326] usb 5-1: config 0 has no interface number 0
[  150.925665][  T127] wacom 0003:056A:033C.000F: unknown main item tag 0x0
[  150.933363][  T127] wacom 0003:056A:033C.000F: Unknown device_type for 'HID 056a:033c'. Assuming pen.
[  150.947382][ T4326] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  150.963478][ T4326] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.971612][ T4326] usb 5-1: Product: syz
[  150.981173][  T127] wacom 0003:056A:033C.000F: hidraw0: USB HID v0.07 Device [HID 056a:033c] on usb-dummy_hcd.1-1/input0
[  151.001167][ T4326] usb 5-1: Manufacturer: syz
[  151.006665][ T4326] usb 5-1: SerialNumber: syz
[  151.008379][ T6239] batman_adv: batadv0: Adding interface: team0
[  151.019873][ T4326] usb 5-1: config 0 descriptor??
[  151.033924][  T127] input: Wacom Intuos PT S 2 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:033C.000F/input/input19
[  151.048412][ T6239] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  151.068926][ T4326] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  151.099991][ T6239] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  151.100960][ T6240] netlink: 'syz.0.708': attribute type 10 has an invalid length.
[  151.100982][ T6240] netlink: 2 bytes leftover after parsing attributes in process `syz.0.708'.
[  151.110217][ T6240] device team0 entered promiscuous mode
[  151.110238][ T6240] device team_slave_0 entered promiscuous mode
[  151.110471][ T6240] device team_slave_1 entered promiscuous mode
[  151.117233][ T6240] 8021q: adding VLAN 0 to HW filter on device team0
[  151.117517][ T6240] batman_adv: batadv0: Interface activated: team0
[  151.117577][ T6240] batman_adv: batadv0: Interface deactivated: team0
[  151.117605][ T6240] batman_adv: batadv0: Removing interface: team0
[  151.119360][ T6240] bridge0: port 3(team0) entered blocking state
[  151.119508][ T6240] bridge0: port 3(team0) entered disabled state
[  151.122089][ T6240] bridge0: port 3(team0) entered blocking state
[  151.122227][ T6240] bridge0: port 3(team0) entered forwarding state
[  151.176261][  T127] usb 2-1: USB disconnect, device number 4
[  151.304996][ T4326] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  151.408151][ T4326] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  151.707925][ T6252] netlink: 'syz.2.712': attribute type 5 has an invalid length.
[  151.851028][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  151.877241][ T4989] usb 5-1: USB disconnect, device number 5
[  151.916744][ T4989] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  151.970359][ T4989] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  152.003040][ T6260] Zero length message leads to an empty skb
[  152.015404][ T4989] quatech2 5-1:0.51: device disconnected
[  152.620232][ T6254] loop3: detected capacity change from 0 to 32768
[  152.690852][ T6254] 
[  152.690852][ T6254]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  152.690852][ T6254] 
[  152.743981][ T6277] netlink: 'syz.4.724': attribute type 1 has an invalid length.
[  152.763141][ T6254] ERROR: (device loop3): diWrite: ixpxd invalid
[  152.763141][ T6254] 
[  152.799691][ T6254] ERROR: (device loop3): txCommit: 
[  152.799691][ T6254] 
[  152.817496][   T26] audit: type=1326 audit(1744351164.856:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6278 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafbb8d169 code=0x7ffc0000
[  152.872329][ T6280] 
[  152.872329][ T6280]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  152.872329][ T6280] 
[  152.893692][   T26] audit: type=1326 audit(1744351164.886:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6278 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafbb8d169 code=0x7ffc0000
[  152.915882][    C1] vkms_vblank_simulate: vblank timer overrun
[  152.916722][ T6280] 
[  152.916722][ T6280]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  152.916722][ T6280] 
[  152.969343][ T6280] 
[  152.969343][ T6280]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  152.969343][ T6280] 
[  152.991155][   T26] audit: type=1326 audit(1744351164.886:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6278 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7faafbb8d169 code=0x7ffc0000
[  153.030861][ T6262] loop1: detected capacity change from 0 to 32768
[  153.076111][  T108] 
[  153.076111][  T108]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  153.076111][  T108] 
[  153.079497][   T26] audit: type=1326 audit(1744351164.886:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6278 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafbb8d169 code=0x7ffc0000
[  153.175093][ T6262] JBD2: Ignoring recovery information on journal
[  153.234989][   T26] audit: type=1326 audit(1744351164.886:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6278 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafbb8d169 code=0x7ffc0000
[  153.287855][ T4255] 
[  153.287855][ T4255]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  153.287855][ T4255] 
[  153.343533][ T4255] 
[  153.343533][ T4255]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  153.343533][ T4255] 
[  153.354434][ T6262] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  153.372239][ T6290] netlink: 16 bytes leftover after parsing attributes in process `syz.2.729'.
[  153.429210][ T6290] netlink: 16 bytes leftover after parsing attributes in process `syz.2.729'.
[  153.445233][ T6262] OCFS2: ERROR (device loop1): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #32 has an invalid bg_blkno of 0
[  153.472183][ T6262] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  153.494238][ T6262] OCFS2: File system is now read-only.
[  153.504582][ T6262] (syz.1.717,6262,1):ocfs2_group_extend:318 ERROR: status = -30
[  153.631487][ T4249] ocfs2: Unmounting device (7,1) on (node local)
[  153.874308][ T6287] loop4: detected capacity change from 0 to 32768
[  153.889591][ T6287] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.728 (6287)
[  153.932747][ T6287] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  153.970507][ T6287] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  154.013598][ T6287] BTRFS info (device loop4): using free space tree
[  154.027984][ T6303] ptrace attach of "./syz-executor exec"[4249] was attempted by " Àÿ      Ðÿ      ð¥      Àÿ      Àÿ      Ðÿ      àÿ              ðÿ      °ÿ      Àÿ                 ÿÿÿÿ                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
[  154.115763][ T6308] loop2: detected capacity change from 0 to 16
[  154.349192][ T6287] BTRFS info (device loop4): enabling ssd optimizations
[  154.378425][ T6308] erofs: (device loop2): erofs_superblock_csum_verify: invalid checksum 0xe62de0bb, 0xc6d5fae7 expected
[  154.450014][ T6308] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  154.511839][ T6308] CIFS mount error: No usable UNC path provided in device string!
[  154.511839][ T6308] 
[  154.536184][ T6308] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  154.541757][ T4262] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  155.421880][ T6347] loop4: detected capacity change from 0 to 512
[  155.454099][ T6347] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  155.476306][ T6330] loop0: detected capacity change from 0 to 32768
[  155.502700][ T6347] EXT4-fs (loop4): 1 truncate cleaned up
[  155.512101][ T6347] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  155.543374][ T6347] EXT4-fs error (device loop4): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.4.749: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  155.587460][ T6347] EXT4-fs error (device loop4) in ext4_delete_entry:2800: Corrupt filesystem
[  155.655619][ T6351] loop2: detected capacity change from 0 to 1024
[  155.700269][ T6337] loop1: detected capacity change from 0 to 32768
[  155.748839][ T4262] EXT4-fs (loop4): unmounting filesystem.
[  155.753748][ T6351] hfsplus: bad catalog entry type
[  155.924407][   T11] hfsplus: b-tree write err: -5, ino 4
[  156.152069][ T6357] netlink: 52 bytes leftover after parsing attributes in process `syz.0.751'.
[  156.152098][ T6357] netlink: 8 bytes leftover after parsing attributes in process `syz.0.751'.
[  156.152111][ T6357] tipc: MTU too low for tipc bearer
[  156.823617][ T6378] netlink: 48 bytes leftover after parsing attributes in process `syz.4.762'.
[  157.459028][ T6402] netlink: 8 bytes leftover after parsing attributes in process `syz.0.772'.
[  157.657361][ T6410] loop4: detected capacity change from 0 to 512
[  157.744180][ T6410] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.775: inode #1: comm syz.4.775: iget: illegal inode #
[  157.838858][ T6410] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.775: error while reading EA inode 1 err=-117
[  157.939387][ T6410] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.775: inode #1: comm syz.4.775: iget: illegal inode #
[  157.985633][ T6410] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.775: error while reading EA inode 1 err=-117
[  158.013224][ T6410] EXT4-fs (loop4): 1 orphan inode deleted
[  158.033604][ T6410] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  158.053713][   T22] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  158.141132][ T6410] EXT4-fs error (device loop4): ext4_lookup:1858: inode #15: comm syz.4.775: unexpected EA_INODE flag
[  158.218238][   T26] audit: type=1326 audit(1744351170.256:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6432 comm="syz.0.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40b558d169 code=0x7ffc0000
[  158.245245][   T22] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  158.261238][   T26] audit: type=1326 audit(1744351170.286:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6432 comm="syz.0.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f40b558d169 code=0x7ffc0000
[  158.265869][   T22] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.347620][   T22] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.353930][   T26] audit: type=1326 audit(1744351170.286:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6432 comm="syz.0.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40b558d169 code=0x7ffc0000
[  158.378805][   T22] usb 2-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  158.399138][   T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.407677][   T26] audit: type=1326 audit(1744351170.286:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6432 comm="syz.0.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f40b558d169 code=0x7ffc0000
[  158.436931][   T22] usb 2-1: config 0 descriptor??
[  158.447280][ T4262] EXT4-fs (loop4): unmounting filesystem.
[  158.447591][   T26] audit: type=1326 audit(1744351170.286:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6432 comm="syz.0.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40b558d169 code=0x7ffc0000
[  158.576948][ T4991] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  158.773521][ T4991] usb 3-1: Using ep0 maxpacket: 8
[  158.781249][ T4991] usb 3-1: config 0 interface 0 altsetting 13 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.813029][ T4991] usb 3-1: config 0 interface 0 altsetting 13 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.833711][ T4991] usb 3-1: config 0 interface 0 has no altsetting 0
[  158.852178][ T4991] usb 3-1: New USB device found, idVendor=05ac, idProduct=029f, bcdDevice= 0.00
[  158.865344][   T22] holtek 0003:1241:5015.0010: item fetching failed at offset 0/3
[  158.880132][   T22] holtek 0003:1241:5015.0010: parse failed
[  158.893604][ T4991] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.902128][   T22] holtek: probe of 0003:1241:5015.0010 failed with error -22
[  158.924490][ T4991] usb 3-1: config 0 descriptor??
[  159.149070][ T5064] usb 2-1: USB disconnect, device number 5
[  159.181805][ T6459] netlink: 44 bytes leftover after parsing attributes in process `syz.4.790'.
[  159.345391][ T4991] apple 0003:05AC:029F.0011: hidraw0: USB HID v0.00 Device [HID 05ac:029f] on usb-dummy_hcd.2-1/input0
[  159.491986][ T6468] [U] 	
[  159.558237][  T127] usb 3-1: USB disconnect, device number 7
[  160.022701][ T6490] loop1: detected capacity change from 0 to 1024
[  160.319143][ T5064] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  160.331835][ T6502] loop1: detected capacity change from 0 to 128
[  160.387537][ T6502] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  160.431274][ T6504] loop0: detected capacity change from 0 to 16
[  160.461204][ T6504] erofs: (device loop0): mounted with root inode @ nid 36.
[  160.478020][ T6502] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  160.523468][ T5064] usb 5-1: Using ep0 maxpacket: 16
[  160.530488][ T5064] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  160.569936][ T5064] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  160.583493][ T5064] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 59152, setting to 1024
[  160.595106][ T5064] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  160.621345][ T5064] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  160.673583][ T5064] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  160.681650][ T5064] usb 5-1: Manufacturer: syz
[  160.697313][ T6508] loop2: detected capacity change from 0 to 64
[  160.719739][ T6510] loop0: detected capacity change from 0 to 256
[  160.741885][ T5064] usb 5-1: config 0 descriptor??
[  161.073958][ T5064] rc_core: IR keymap rc-hauppauge not found
[  161.080059][ T5064] Registered IR keymap rc-empty
[  161.085681][ T5064] mceusb 5-1:0.0: Error: mce write urb status = -71
[  161.115654][ T5064] mceusb 5-1:0.0: Error: mce write urb status = -71
[  161.144385][ T5064] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  161.172873][ T5064] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input22
[  161.194101][   T22] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  161.218519][ T5064] mceusb 5-1:0.0: Error: mce write urb status = -71
[  161.253813][ T5064] mceusb 5-1:0.0: Error: mce write urb status = -71
[  161.263850][ T4326] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  161.283797][ T5064] mceusb 5-1:0.0: Error: mce write urb status = -71
[  161.314130][ T5064] mceusb 5-1:0.0: Error: mce write urb status = -71
[  161.343847][ T5064] mceusb 5-1:0.0: Error: mce write urb status = -71
[  161.374193][ T5064] mceusb 5-1:0.0: Error: mce write urb status = -71
[  161.381922][   T22] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  161.400651][   T22] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  161.410128][   T22] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  161.421588][   T22] usb 2-1: config 0 interface 0 has no altsetting 0
[  161.433548][ T5064] mceusb 5-1:0.0: Error: mce write urb status = -71
[  161.443138][   T22] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  161.464095][ T5064] mceusb 5-1:0.0: Error: mce write urb status = -71
[  161.483475][   T22] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  161.484686][ T4326] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.495357][ T5064] mceusb 5-1:0.0: Error: mce write urb status = -71
[  161.515323][ T4326] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.516427][   T22] usb 2-1: config 0 interface 0 has no altsetting 0
[  161.531474][ T4326] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  161.541222][ T4326] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.544952][   T22] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  161.558797][   T22] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  161.570265][   T22] usb 2-1: config 0 interface 0 has no altsetting 0
[  161.577289][ T4326] usb 3-1: config 0 descriptor??
[  161.580673][ T5064] mceusb 5-1:0.0: Error: mce write urb status = -71
[  161.601583][   T22] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  161.611149][   T22] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  161.622550][   T22] usb 2-1: config 0 interface 0 has no altsetting 0
[  161.630986][ T5064] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  161.640468][ T5064] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  161.651048][   T22] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  161.663218][ T5064] usb 5-1: USB disconnect, device number 6
[  161.669883][   T22] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  161.717947][   T22] usb 2-1: config 0 interface 0 has no altsetting 0
[  161.739228][   T22] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  161.751499][   T22] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  161.764896][   T22] usb 2-1: config 0 interface 0 has no altsetting 0
[  161.791445][   T22] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  161.811083][   T22] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  161.824008][   T22] usb 2-1: config 0 interface 0 has no altsetting 0
[  161.832111][   T22] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  161.859970][   T22] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  161.871729][   T22] usb 2-1: config 0 interface 0 has no altsetting 0
[  161.890264][   T22] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  161.901327][   T22] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  161.911632][   T22] usb 2-1: Product: syz
[  161.932522][   T22] usb 2-1: Manufacturer: syz
[  161.948201][   T22] usb 2-1: SerialNumber: syz
[  161.979981][   T22] usb 2-1: config 0 descriptor??
[  162.021641][   T22] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[  162.064821][ T4326] hid-steam 0003:28DE:1142.0012: unknown main item tag 0x0
[  162.067722][ T6537] sp0: Synchronizing with TNC
[  162.082973][ T4326] hid-steam 0003:28DE:1142.0012: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  162.117652][ T4326] hid-steam 0003:28DE:1142.0013: unknown main item tag 0x0
[  162.136021][ T4326] hid-steam 0003:28DE:1142.0013: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  162.223604][ T4326] hid-steam 0003:28DE:1142.0012: Steam wireless receiver connected
[  162.243586][ T4326] hid-steam 0003:28DE:1142.0012: No HID_FEATURE_REPORT submitted -  nothing to read
[  162.288360][ T4326] usb 3-1: USB disconnect, device number 8
[  162.328652][ T4326] hid-steam 0003:28DE:1142.0012: Steam wireless receiver disconnected
[  162.372939][   T22] usb 2-1: USB disconnect, device number 6
[  162.411046][   T22] yurex 2-1:0.0: USB YUREX #0 now disconnected
[  162.636020][ T6552] loop4: detected capacity change from 0 to 128
[  162.673156][ T6552] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  162.690443][ T6552] ext4 filesystem being mounted at /166/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  162.776607][ T4262] EXT4-fs (loop4): unmounting filesystem.
[  162.935032][ T6556] netlink: 16 bytes leftover after parsing attributes in process `syz.4.832'.
[  163.108884][ T6550] loop0: detected capacity change from 0 to 32768
[  163.573530][ T6092] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  163.596146][ T6573] loop0: detected capacity change from 0 to 8192
[  163.609271][ T6573] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  163.622727][ T6573] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  163.633047][ T6573] REISERFS (device loop0): using ordered data mode
[  163.639980][ T6573] reiserfs: using flush barriers
[  163.647407][ T6573] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  163.664681][ T6573] REISERFS (device loop0): checking transaction log (loop0)
[  163.673294][ T6573] REISERFS (device loop0): Using r5 hash to sort names
[  163.680998][ T6573] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  163.766012][ T6092] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.777760][ T6092] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  163.797583][ T6092] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.814826][ T6092] usb 2-1: config 0 descriptor??
[  163.988243][ T6583] netlink: 20 bytes leftover after parsing attributes in process `syz.4.846'.
[  163.999504][ T6583] device netdevsim0 entered promiscuous mode
[  164.003753][ T6585] netlink: 4 bytes leftover after parsing attributes in process `syz.2.845'.
[  164.020685][ T6585] netlink: 32 bytes leftover after parsing attributes in process `syz.2.845'.
[  164.032341][ T6586] syz.0.844 (6586) used obsolete PPPIOCDETACH ioctl
[  164.145245][ T6588] netlink: 8 bytes leftover after parsing attributes in process `syz.4.847'.
[  164.269943][ T6092] lg-g15 0003:046D:C222.0014: unbalanced delimiter at end of report description
[  164.294157][ T6092] lg-g15: probe of 0003:046D:C222.0014 failed with error -22
[  164.405671][ T6596] loop0: detected capacity change from 0 to 256
[  164.421119][   T26] audit: type=1326 audit(1744351176.456:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6597 comm="syz.2.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafbb8d169 code=0x7ffc0000
[  164.443279][    C1] vkms_vblank_simulate: vblank timer overrun
[  164.470214][   T26] audit: type=1326 audit(1744351176.496:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6597 comm="syz.2.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7faafbb8d169 code=0x7ffc0000
[  164.492407][    C1] vkms_vblank_simulate: vblank timer overrun
[  164.507130][   T26] audit: type=1326 audit(1744351176.496:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6597 comm="syz.2.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafbb8d169 code=0x7ffc0000
[  164.528300][ T5045] usb 2-1: USB disconnect, device number 7
[  164.529490][    C1] vkms_vblank_simulate: vblank timer overrun
[  164.539532][ T6596] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d16cac, utbl_chksum : 0xe619d30d)
[  164.543586][   T26] audit: type=1326 audit(1744351176.496:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6597 comm="syz.2.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafbb8d169 code=0x7ffc0000
[  164.575792][    C1] vkms_vblank_simulate: vblank timer overrun
[  164.589198][   T26] audit: type=1326 audit(1744351176.496:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6597 comm="syz.2.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=200 compat=0 ip=0x7faafbb8d169 code=0x7ffc0000
[  164.611329][    C1] vkms_vblank_simulate: vblank timer overrun
[  164.627615][   T26] audit: type=1326 audit(1744351176.496:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6597 comm="syz.2.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafbb8d169 code=0x7ffc0000
[  164.688836][ T6600] loop4: detected capacity change from 0 to 256
[  164.689219][ T6596] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008)
[  164.701382][   T26] audit: type=1326 audit(1744351176.496:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6597 comm="syz.2.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafbb8d169 code=0x7ffc0000
[  164.725346][ T6596] exFAT-fs (loop0): Filesystem has been set read-only
[  164.726987][    C1] vkms_vblank_simulate: vblank timer overrun
[  164.773655][ T6596] exFAT-fs (loop0): error, failed to bmap (inode : ffff888056f60160 iblock : 8, err : -5)
[  164.791198][ T6596] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008)
[  164.800648][ T6596] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008)
[  164.923968][ T6607] loop4: detected capacity change from 0 to 64
[  164.986378][   T26] audit: type=1800 audit(1744351177.026:100): pid=6607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.856" name="file1" dev="loop4" ino=0 res=0 errno=0
[  165.074307][ T4303] ------------[ cut here ]------------
[  165.079865][ T4303] kernel BUG at fs/hfs/inode.c:449!
[  165.117090][ T4303] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  165.123226][ T4303] CPU: 0 PID: 4303 Comm: kworker/u4:6 Not tainted 6.1.134-syzkaller #0
[  165.131521][ T4303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  165.141604][ T4303] Workqueue: writeback wb_workfn (flush-7:4)
[  165.147727][ T4303] RIP: 0010:hfs_write_inode+0xb3f/0xb50
[  165.153313][ T4303] Code: 4c 24 08 80 e1 07 80 c1 03 38 c1 0f 8c fb fc ff ff 48 8b 7c 24 08 e8 90 11 7f ff e9 ec fc ff ff e8 b6 b9 4e 08 e8 b1 af 27 ff <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 57 41 56 41
[  165.172958][ T4303] RSP: 0018:ffffc90003f57340 EFLAGS: 00010293
[  165.179052][ T4303] RAX: ffffffff8262fa9f RBX: 0000000000000000 RCX: ffff8880276ed940
[  165.187051][ T4303] RDX: 0000000000000000 RSI: ffffffff8d52ab40 RDI: 0000000000000000
[  165.195048][ T4303] RBP: ffffc90003f574d0 R08: 0000000000000007 R09: ffffffff8262f0b9
[  165.203044][ T4303] R10: 0000000000000003 R11: ffff8880276ed940 R12: dffffc0000000000
[  165.211050][ T4303] R13: ffff888051887658 R14: 0000000000000000 R15: 1ffff920007eae6c
[  165.219055][ T4303] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  165.227991][ T4303] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  165.234578][ T4303] CR2: 0000555585b80808 CR3: 000000005bbab000 CR4: 00000000003506f0
[  165.242555][ T4303] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  165.250524][ T4303] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  165.258514][ T4303] Call Trace:
[  165.261799][ T4303]  <TASK>
[  165.264737][ T4303]  ? hfs_inode_write_fork+0x1a0/0x1a0
[  165.270154][ T4303]  ? __writeback_single_inode+0x4c6/0x11e0
[  165.276003][ T4303]  ? do_raw_spin_unlock+0x137/0x8a0
[  165.281254][ T4303]  __writeback_single_inode+0x67d/0x11e0
[  165.286918][ T4303]  writeback_sb_inodes+0xc2b/0x1b20
[  165.292132][ T4303]  ? move_expired_inodes+0x375/0x810
[  165.297425][ T4303]  ? mark_lock+0x9a/0x340
[  165.301755][ T4303]  ? do_raw_spin_lock+0x14a/0x370
[  165.306792][ T4303]  ? queue_io+0x630/0x630
[  165.311127][ T4303]  ? __writeback_inodes_wb+0x400/0x400
[  165.316593][ T4303]  ? queue_io+0x42a/0x630
[  165.320928][ T4303]  wb_writeback+0x49d/0xe10
[  165.325444][ T4303]  ? percpu_ref_tryget+0x260/0x260
[  165.330578][ T4303]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  165.336571][ T4303]  ? do_raw_spin_unlock+0x137/0x8a0
[  165.341774][ T4303]  wb_workfn+0x427/0x1020
[  165.346114][ T4303]  ? inode_wait_for_writeback+0x280/0x280
[  165.351837][ T4303]  ? read_lock_is_recursive+0x10/0x10
[  165.357219][ T4303]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  165.363209][ T4303]  ? print_irqtrace_events+0x210/0x210
[  165.368692][ T4303]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  165.374590][ T4303]  ? do_raw_spin_unlock+0x137/0x8a0
[  165.379792][ T4303]  ? process_one_work+0x806/0x1260
[  165.384905][ T4303]  process_one_work+0x917/0x1260
[  165.389856][ T4303]  ? worker_detach_from_pool+0x260/0x260
[  165.395494][ T4303]  ? _raw_spin_lock_irqsave+0x120/0x120
[  165.401039][ T4303]  ? kthread_data+0x4e/0xc0
[  165.405555][ T4303]  ? wq_worker_running+0x97/0x190
[  165.410579][ T4303]  worker_thread+0xa47/0x1200
[  165.415268][ T4303]  ? _raw_spin_unlock+0x40/0x40
[  165.420153][ T4303]  kthread+0x28d/0x320
[  165.424223][ T4303]  ? worker_clr_flags+0x190/0x190
[  165.429253][ T4303]  ? kthread_blkcg+0xd0/0xd0
[  165.433843][ T4303]  ret_from_fork+0x1f/0x30
[  165.438270][ T4303]  </TASK>
[  165.441283][ T4303] Modules linked in:
[  165.448258][ T4303] ---[ end trace 0000000000000000 ]---
[  165.453888][ T4303] RIP: 0010:hfs_write_inode+0xb3f/0xb50
[  165.459523][ T4303] Code: 4c 24 08 80 e1 07 80 c1 03 38 c1 0f 8c fb fc ff ff 48 8b 7c 24 08 e8 90 11 7f ff e9 ec fc ff ff e8 b6 b9 4e 08 e8 b1 af 27 ff <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 57 41 56 41
[  165.482210][ T4303] RSP: 0018:ffffc90003f57340 EFLAGS: 00010293
[  165.488435][ T4303] RAX: ffffffff8262fa9f RBX: 0000000000000000 RCX: ffff8880276ed940
[  165.496489][ T4303] RDX: 0000000000000000 RSI: ffffffff8d52ab40 RDI: 0000000000000000
[  165.504527][ T4303] RBP: ffffc90003f574d0 R08: 0000000000000007 R09: ffffffff8262f0b9
[  165.512530][ T4303] R10: 0000000000000003 R11: ffff8880276ed940 R12: dffffc0000000000
[  165.520542][ T4303] R13: ffff888051887658 R14: 0000000000000000 R15: 1ffff920007eae6c
[  165.528567][ T4303] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  165.537615][ T4303] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  165.544264][ T4303] CR2: 00007faafbd772d8 CR3: 000000007e2bf000 CR4: 00000000003506e0
[  165.552243][ T4303] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  165.560412][ T4303] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  165.568505][ T4303] Kernel panic - not syncing: Fatal exception
[  165.574864][ T4303] Kernel Offset: disabled
[  165.579185][ T4303] Rebooting in 86400 seconds..