last executing test programs:

1m58.349776473s ago: executing program 0 (id=163):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x2, 0x4, 0x5c0, 0xffffffff, 0xc8, 0x4f8, 0xc8, 0xfeffffff, 0xffffffff, 0x4f8, 0x4f8, 0x4f8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @mcast1, [], [], 'macsec0\x00', 'rose0\x00'}, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24}}, {{@uncond, 0x0, 0x1fc, 0x220, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x4, 0x0, 0x40, 0x0, 0x0, 0xf8e74ba, 0xfe8c}}}]}, @common=@unspec=@CONNSECMARK={0x24}}, {{@uncond, 0x0, 0x1dc, 0x210, 0x0, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@local, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, @private1, @empty, @mcast1, @mcast1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @mcast2, @local, @remote, @private1, @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2]}}]}, @common=@inet=@SET3={0x34}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x61c)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40186f40, &(0x7f0000000440)=0x1f)

1m58.191150165s ago: executing program 0 (id=166):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f00000009c0)='./bus\x00', 0x2000002, &(0x7f0000000000)=ANY=[], 0x2, 0x6024, &(0x7f0000006b00)="$eJzs3U1vHVf9B/DfffD1Q/9No+qvKkQs0hRKS2meEyhPTVmwgAVIKGsSuW4VSAElAdEqIq68QGyAlwCbblj0jfQ1IF4AkWxWXVAGjX2OMx5f+zo0vuPr8/lIzsxvzh3fM/l6PPd6Zu4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACB+8P2fXOxFxM3fpAUnI/4vBhH9iMW6PhP1zPX8+GFEnIrN5nghIgbzEfX6m/88F3ElIj45EbG+8WC5XnzpgP24euH+3c9++L2///5Pa6d+9vZPP2q3//j/L3/8h4cRJ3/0xsefPXw62w4AAAClqKqq6qW3+afT+/t+150CAKYiH/+rJC9Xq9Vq9VOt/9g/Wv1RF1o3VeM9bBYRsdpcp37N4HQ8AMyY1fi06y7QIfkXbRgRz3TdCeBI63XdAQ7F+saD5V7Kt9c8HpzZas9/p9yR/2pv+/6OvaaTtK8xmdbP11oM4vk9+rO4/6rzh9WnLuX8++38b261j9LjDjv/adkr/9HWrU/FyfkP2vm37Mj/zxExs/n3x+Zfqpz/8EnyXx3M8P4vfwAAAAAAjr/89/+THZ//ndbJ1f3O/56ZUh8AAAAAAAAA4Gn7vOP/bTP+HwAAABxZ9Xv12l9OPF6212ex1ctv9CKebT0eKEy6WWap634AAAAAAAAAAAAAQEmGW9fw3uhFzEXEs0tLVVXVX03t+kl93vVnXenbDyXr+pc8AABs+eRE617+XsRCRNxI5dzS0lJVLSwuVUvV4nx+PTuaX6gWG+9r87ReNj86wAvi4aiqv9lCY72mSe+XJ7W3v1/9XKNqcICOTUdHYQNAsnU0WndEOmaq6rno+lUOs8H+f/zY/zmIrn9OAQAAgMNXVVXVSx/nfTqN79fvulMAwDQs5ON/+7yAWq1Wq9Xq41c3VeM9bBYRsdpcp37NYDh+AJgxq/Fp112gQ/Iv2jAiTnXdCeBI63XdAQ7F+saD5V7Kt9c8HqTx3fO1IDvyX+1trpfXHzedpH2NybR+vtZiEM/v0Z8XptSHoyTn32/nf3OrfZQed9j5T8te+dfbebKD/nQt5z9o599yfPLvj82/VDn/4RPlP5A/AAAAAAAcYfnv/yed/82bDAAAAAAAAAAzZ33jwXK+7zWf///imMf1mnPu/zw2cv69A+fv/t/jJOffb+ffuiBn0Jh/9Nbj/P+18WD5o/v//EKeHvn85waj+rnnev3BMF3zU829E7fjTqzEhV2PH+5ov7irfW5H+6UJ7Zd3tY/q9sXcfi6W45dxJ97ebp+fcGHUwoT2akJ7zn9g/y9Szn/Y+KrzX0rtvda09ujD/q79vjkd9zzX//bvl3fvXdO3FoPtbWuqt+9sB/3Z/D95ZhS/vrdy99xvb92/f/dipMmOpZciTZ6ynP9c+sr5v/LSVnv+vd/cXx99OHri/I+KtRjumf9Ljfl6e1+dct+6kPMfpa+cfz4Cjd//Zzn/vff/1zroDwAAAAAAAAAAAAAAAOynqqrNW0SvR8S1dP9PV/dmAgDTlY//VZKXq9VqtVqtPn51UzXem80iFnauU79m+N24bwYAHGX/iYh/dN0JOiP/guXP+6unX+q6M8BU3Xv/g5/funNn5e69rnsCAAAAAAAAAPyv8vifZxrjP29eB9QaN3rH+K9vxZmZHf+zPxpsjnWeNujF2H/877Ox//jfwwnPN7df42hyf+cntC9MaB97o0dDzv/FlHHO/3TasJLGf32lg/50Led/No31nPP/Sutxzfyrv85y/v0d+Z+//96vzt97/4PXb793692Vd1d+cfHCtSuXr165fPXq+Xdu31m5sPXv+G+27849G3L+eexr14GWJeefM5d/WXL+X061/MuS83851fIvS84/v96Tf1ly/vm9j/zLkvN/NdXyL0vO/6upln9Zcv6vpVr+Zcn5fy3V8i9Lzv/1VMu/LDn/c6mWf1ly/udTLf+y5PzzGS75lyXnn69skH9Zcv6XUi3/suT8L6da/mXJ+V9JtfzLkvO/mmr5lyXnfy3V8i9Lzv/rqZZ/WXL+30i1/MuS838j1fIvS87/m6mWf1ly/t9KtfzLkvP/dqrlX5ac/3dSvZ3/oNt+MR05/++m2v5flpz/m6mWf1kef/6/GTNmzOSZrn8zAQAAAAAAAAAAAABt07icuOttBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+yw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsHd3MXKd9f3An32z104g/pMQQjCJ7TjBkE1212+JCQbz+k9DS9NAaGmhjrHXjsFv9dqQINRsmrQNIlIjtRfpRSkgipDaKhFCKpVSFKlI7V1zBc0NaqVcWGpSmQgqUSXZauY8z7Mzs7Mzu+td78w5n08U/7wzZ2aeOXNmdr9rfWcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLT1w1N/OhBCqP1f/2NTCFfW/r4hHKh9ObN3rVcIAAAAXKrX63/+3VX5hAOLuFDDNv9yw7/9YHZ2djZ8/tULb/z57Gw+Y0sIQ+tDqJ+X/OuvfjnbuE30WBgdGGz4erDLzQ91OX+4y/kjXc5f1+X89V3OH+1y/rwdMM+G4vcx9SvbXv/rpmKXhmvCSP287W0u9djA+sHB9LucuoH6ZWZHjobj4USYChPzLjNQ/y+E57bWbuvukG5rsOG2NocQLv78q4fTGgbiPt4emm6srvGxe+WDYcurP//q4e+ee/nt7WbX3TBvpSHs2FZb5+MhzP26KgyE9XmfpHUONqxzc5t1DjWtc6B+udrfW9d5cZHrTPd7NK7zhQ7r3BxPe+imEMJMWHCbVo+FwbCx5Vbz/h4tjojaddQeyreE4SUdJ1sXcZzULvPSTc3HSesxmfb/1rhPhhdYQ+PD8cqj6+bt92UdJxuKa+6FY7V23ffWbnR0tPFXq03Ham2br9688DHQ9rFrcwzkY7nhGNjW7RgYXDdUPwYG59a8rekYmJx3mcEwUL+tCzd3PgbGz508Mz798FduO37y0LGpY1OnJif27t61Z/euPXvGjx4/MTVR/Lm0XdpHNobBfAxui6816Rh8V8u2jYfk7LdW6HkQX4d64XlQu++fuqW2oCsHwwLHeG2bx3dc+vMgf99veB4MNzwP2r6mtnkeDC/ieVDb5uKOxX3PHG74v90aVuW1sL6mgZ74fli7zc++e+HXws1xXU+8Z6nfD4fmHQPpbg3E517tlPzz3uidcb/MPy6ur51xxbpwfnrq7O0PHTp37uxkiOOyuLrhsWo9XjY23Kcw73gZXPLxcuBvX7vl+janb4r7avTWzo9VbZvdY50fq/qre/P+XBeK/dl06s4Qxwq73Puz3Xez2v7MWaLD/qxt8/htl/6zYM4lDa9/I91e/4ZGhovXv6G8N0aaXv/mPzRD9ZWFcPG2xb3+jcT/L/fr3zU98vpX21efvX2BY2CkWE9tmyfGl3oMDHd8/bspzoG4nnfHxDDakPvfqJ8/UxymDY9l1+NmeHgkHjfD6Rabj5td8y5Tu7babe+YWN5xs+Om5seq6eeWEh43tX31FxOdXztq2zw/eemvHRvSXxteO9Z1OwZGhtbV1juSD4Li9W52QzoGbg+Hw+lwIhzJl6k9yrXbGtu5uGNgXfz/cr92XNcjx0BtXz29s/MxUNvmx7tW9menHfGUvE3Dz06tv19YKPNfPzx3fa27bSUfq+G4zo/85BP5tHYZorbNy7uXmjM676db4ylXtNlPrc+fhY7pI+Hy7Kfr4jpP7On8u6naNtfsXeTxdCCE8OLki/Xfd8Xf737//E9+0PR733a/U35x8sV7xu/76VLWDwDA8r1R/3NmXfGzZsO/WC/m3/8BAACAvpBy/2CcmfwPAAAApZFy/1CcmfwPAAAApZFy/3CcWUXy/4N37nvm9UdCfjfA2Sidn3bDve8vtksd75n49ZbZObXTP/SdkWe+9sjibnswhPDaPe9ou/2D70/rKpxJ63xv8+nzXHfjom7/gfvntmt8/4SL+4rrT/dnsYdB6io/N76zfr1bHp6sz+fvCfV538wTjxXXX3ydtr+wq9j+r+Kblhw4OtB0+R1xPdvj3BLfU+beA3P7oTbT5Z7ZfMM/X/3pudtLlxvY9ub63Xz6D4vrTe8R9dTVxfbpfi+0/n/6+veeqW3/0M3t1//IYPv1X4jX+1Kcv9pfbN+4z7/WsP4/jutPt5cud/u3f9R2/c++rdj+2XhcfDPO1vV/8M/e+Xq7xyvdzoG7isul25/4n931y6XrS9ffuv7RRyab9kfr9T//anE9+7/0i6HG7dPp6XaSB+5qPr4H4uPb1CMPIXzvT0LTfg7vKy73jy3rT9d35q7267+1ZZ1nBm6sX37u/mxqul/f+Judbe9vWs+Bv9/UdH+e+mjcf6+O/7h2vRfui8djPP9/Xyiur/W9TJ/9aPPrTdr+m5uK5226vvGW9T/Vsv6ZG2v7rvv67361WP+zH1jftP4DH4vH093F7Lb+Y399VdPlv/Xd4vE4++WxU6enzx8/0rBXG5/H60c3bLziyje9+ar4Wtr69cHT5x6cOrtlYstECFv68C0DV3v9347zv4sxs/K3UPjpL4rj7smPF9+33vXL4uun4ukPxMczfX/8xl+ONB2vrY/7zAeKeanrf09cx2K97ev/eeOiNrzwuefO/8Mfvdz6c0G6P2feOlq/f09vvbZ+3sDzxfmtr1fd/Mdbm5/XPxueqM8fxv06G9+Zedu1xe21Xn96b5InP1k8f9NPcunyoeX9RDYNNd+PS13/z+LPMT+6rvn1Lx0fP3yk5d2cN4WB2hJm4utDmCnOT1ul/f3kxWvb3l56H54w8/alLHNB0w9Pj584fur8Q+PnpqbPjU8//JWDJ0+fP3XuYP29Sw9+odvl557fG+vP7yNTe3eH+rP9dDFWWX39b1q79Z+5//CROyZuOTJ19ND5o+fuPzN19tjh6enDU0embzl09OjUl7td/viR/ZM79+26Y+fYseNH9t+5b9+ufWPHT52uLaNYVBd7J744durswfpFpvfv3je5Z8/uibGTp49M7b9jYmLsfLfL1783jdUu/aWxs1MnDp07fnJqbPr4V6b2T+7bu3dn13d/PHnm6PSW8bPnT42fn546O17cly3n6ifXvvd1uzzVMH06vt61GIg/nX/m1r35/XFrvvPogldVbNL842l4Jb4XVPr+1u3rlPtH4swqkv8BAACgClLuj2/8P3eG/A8AAAClkXL/+jgz+R8AAABKI+X+IvmP5o9/r0r+X6n+/6P6/3X6//r/Qf8/0//X/w/6//r/Xej/6//38/r1//X/6a7X+v8x94cNIfj3fwAAACiplPs3xpnJ/wAAAFAaKfdfEWcm/wMAAEBppNx/ZZxZRfK/z//X/9f/79T/T9vq/wf9/17o/2//L/3/efT/9f+D/v+yrXV/vt/X34P9/w36//SaXuv/p9z/pjiziuR/AAAAqIKU+98cZyb/AwAAQGmk3H9VnJn8DwAAAKWRcv+mOLOK5H/9f/3/bv3/12ZnZ6vb//f5/430/9e8/+/z/9vQ/9f/D/r/y7bW/fl+X38P9v99/j89p9f6/yn3/784s4rkfwAAAKiClPvfEmcm/wMAAEBppNx/dZyZ/A8AAAClkXL/NXFmFcn/1ez/vxRC0P8PPv9f/79lnfr/a97/Hwr6/0um/6//H/T/l22t+/P9vn79f/1/uuu1/n/K/W+NM6tI/gcAAIAqSLn/2jgz+R8AAABKI+X+t8WZyf8AAABQGin3XxdnVpH8X83+v8//1/8v6P83r1P/f837/+X5/P8Nc3/V/9f/70T/X/+/n9dfgv7/gP4/q63X+v8p9789zqwi+R8AAACqIOX+6+PM5H8AAAAojZT73xFnJv8DAABAaaTcvznOrO/z/+CittL/1//X/9f/1//X/19N/dX/X/h7p/5/Qf+/2cr1/2fmFqD/3zfrL0H/3+f/s+p6rf+fcv8748z6Pv8DAAAAScr9N8SZyf8AAABQGin33xhnJv8DAABAaaTcvyXOrCL5X/9f/1//X/9f/1//fzX1V/9/Yfr/Bf3/Zj7/X/9f/1//n856rf+fcv/WOLOK5H8AAACogpT7t8WZyf8AAABQGin33xRnJv8DAABAaaTcvz3OrCL5X/9f/1//X/+/qf9/Q+Mt6f/r/186/X/9/070//X/+3n9+v/6/3TXa/3/lPtvjjOrSP4HAACAKki5/5Y4M/kfAAAASiPl/nfFmcn/AAAAUBop9++IM6tI/l90/38ghKD/vyD9//br1/9f5f7/kM//D/r/PU//X/+/E/1//f9+Xr/+v/4/3fVa/z/l/nfHmVUk/wMAAEAVpNz/njgz+R8AAABKI+X+W+PM5H8AAAAojZT7x+LMKpL/ff6//r/+fx/3/1fj8//1/zP9/5Wh/6//34n+v/5/P6+/cv3/dc1f6v+zGL3W/0+5/7Y4s4rkfwAAAKiClPtvjzOT/wEAAKA0Uu4fjzOT/wEAAKAvDbc5LeX+iTiziuT/y9r/b3kA9P/1/4P+v/6//r/+/yXS/9f/D/3a/x/S/+/39Veu/99C/5/F6LX+f8r9k3FmFcn/AAAAUAUp9++MM5P/AQAAoDRS7t8VZyb/AwAAQGmk3L87zqwi+d/n/+v/6//r/+v/6/+vJv1//f9OKt3/9/n/fb9+/X/9f5oNtjmt1/r/KffviTOrSP4HAACAKki5f2+cmfwPAAAApZFy/x1xZvI/AAAAlEbK/XfGmVUk/+v/6//r/+v/6//r/68m/f/q9f/b9T8Xov+v/9/P69f/1/+nu17r/6fcvy/OrCL5HwAAAKog5f73xpnJ/wAAAFAaKfffFWcm/wMAAEBf6dRDS7n/fXFmFcn/+v9l7//Prtf/1//X/++8fv3/lTT/BVj/v3r9/6WsX/9f/7+f16//r/9Pd73W/0+5f3+cWUXyPwAAAFRByv3vjzOT/wEAAKA0Uu7/QJyZ/A8AAAClkXL/gTiziuR//f+y9/99/r/+v/5/t/Xr/68u/X/9/070//uz/x9/bNH/76H+f+0Y0v+nF/Va/z/l/g/GmVUk/wMAAEAVpNz/oTgz+R8AAABKI+X+D8eZyf8AAABQGin3fyTOrCL5X/9f/1//v+L9/1Ti1P/X/18l+v+r1v+vvxTq/xf0/5dnrfvz/b7+Xur/+/x/elWv9f9T7v9onFlF8j8AAABUQcr9H4szk/8BAACgNFLu//9xZvI/AAAAlEbK/XfHmVUk/+v/6/+Xof//qP6/z//X/+9Z+v8+/78T/X/9/35ev/6//j/d9Vr/P+X+X4szq0j+BwAAgCpIuf+eODP5HwAAAEoj5f6Px5nJ/wAAANBn1i14Tsr9vx5nVpH8r/9/efr/g/n69f99/r/+v/6//v9K0v/X/w/6/8u21v35fl+//r/+P931Wv8/5f7fiDOrSP4HAACAKki5/xNxZvI/AAAAlEbK/b8ZZyb/AwAAQGmk3H9vnFkJ83+7UuFK9/9bL99Jlfr/Pv9f/z/o/+v/N+xV/f+Vo/+v/x/0/5dtrfvz/b5+/X/9f7rrtf5/yv2/FWdWwvwPAAAAVZVy/31xZvI/AAAAlEbK/Z+MM5P/AQAAoDRS7v9UnFlF8r/P/9f/1//X/9f/1/9fTfr/+v+d6P/r//fz+vX/9f/prtf6/yn33x9nVpH8DwAAAFWQcv+n48zkfwAAACiNlPt/O85M/gcAAIDSSLn/d+LMKpL/9f/1//X/9f/1//X/V5P+//z+f+01bCX7///++OK31/9vvh/6//r/+v/6/6yuXuv/p9z/mTiziuR/AAAAqIKU+383zkz+BwAAgNJIuf/34szkfwAAACiNlPs/G2dWkfyv/6//r/+v/6//r/+/mvT/ff5/J8vp/69vuLz+/6VZ6/58v69f/1//n+56rf+fcv/n4swqkv8BAACgClLu//04s6Xk/+GVXhUAAACwklLuPxhn5t//AQAAoDRS7n8gzqwi+X8F+v+DQf9f/1//v+3xoP+v/6//r/+v/9+Zz//X/+/n9ev/6//TXa/1/1PuPxRndqD5ZgAAAID+lXL/5+PMKvLv/wAAAFAFKfcfjjOT/wEAAKA0Uu4/EmdWkfzv8/97rv9/7+uzs/r/+v/5evT/9f/1/zvT/9f/D/r/y7bW/fl+X7/+v/4/3fVa/z/l/qk4s4rkfwAAAKiClPuPxpnJ/wAAAFAaKfcfizOT/wEAAKA0Uu5/MM6sIvlf/7/n+v8+/1//v+l6VrH//8L3W9ap/6//vxr0//X/O9H/1//v5/Xr/+v/012v9f9T7j8eZ1aR/A8AAABVkHL/F+LM5H8AAAAojZT7vxhnJv8DAABAaaTcfyLOrCL5X/9f/1//v7L9f5//H+n/ry79f/3/TvT/9f/7ef36//r/dNdr/f+U+0/GmVUk/wMAAEAVpNx/Ks5M/gcAAIDSSLn/dJyZ/A8AAAClkXL/mTiziuR//f+l9f8HFugGLq//v17/X/9f/1//X///Eun/X6b+fzy29f+b6f/r/+v/6//TWa/1/1Pu/4M4s4rkfwAAAKiClPvPxpnJ/wAAAFAaKfdPx5nJ/wD8H3v3laPZWe1x+HPo07YOiCkwBW64ZQiMAYkhkKNNNtHknHPGZDDB5GhyzjkbTI6SkbvXWkW1q/b+qlxf1d7vep6Ls3Ta2OwOQvrL+ukFAGAYufvvF7c02f+n1/9feYcfWWP/fxjv/x/8/fp//b/+X/+v/x+k/w/6//30//r/Qfr/8xv9PzuytP4/d//945Ym+x8AAAA6yN3/gLjF/gcAAIBh5O5/YNxi/wMAAMAwcvc/KG5psv8X9v5/1Rz6f/3/Rv+v/7/k11P/r/8/iP5f/7/R/x/bWffza//+gfp/7/+zM0vr/3P3PzhuabL/AQAAoIPc/Q+JW+x/AAAAGEbu/ofGLfY/AAAADCN3/8Pilib7f2H9/9536f/1//p//f8lv576f/3/QfT/+v+N/v/YzrqfX/v36//1/8xbWv+fu//hcUuT/Q8AAAAd5O5/RNxi/wMAAMAwcvc/Mm6x/wEAAGAYufuviVsO2v/nT+urTo/+X/+v/9f/6//1/7uk/9f/T9H/6//X/P36f/0/85bW/+fuvzZu8e//AQAAYBi5+x8Vt9j/AAAAMIzc/Y+OW+x/AAAAGEbu/sfELU32v/5f/6//1/+fXv9/Xv+v/z9x+n/9/0b/f2xn3c+v/fv1//p/5i2t/8/d/9i4pcn+BwAAgA5y9z8ubrH/AQAAYBi5+x8ft9j/AAAAMIzc/U+IW5rsf/2//l//r//3/r/+f5f0//r/Kfp//f+av1//r/9n3s77/3tfd+Fu2//n7r8ubmmy/wEAAKCD3P1PjFvsfwAAABhG7v4nxS32PwAAAAwjd/+T45Ym+1//r//f6/9vu0z/r//X/+/9uP7/ZOj/9f9T9P/6/zV/v/5f/8+8nff/M73/pf9/7v6nxC1N9j8AAAB0kLv/qXGL/Q8AAADDyN3/tLjF/gcAAIBh5O6/Pm5psv/1//p/7//r//X/+v9d0v/r/6fo//X/a/7+qf7/Xlt8v/6fDpbW/+fuf3rc0mT/AwAAQAe5+58Rt9j/AAAAMIzc/c+MW+x/AAAAGEbu/mfFLU32v/5f/6//1//v7/8vb9n/3/5j+v/d0P/r/6fo//X/a/5+7//r/5m3tP4/d/+z45Ym+x8AAAA6yN3/nLjF/gcAAIBh5O5/btxi/wMAAMAwcvc/L25psv/1//p//b/+/069/3/FGP2/9/93R/+v/5+i/9f/r/n7d9b/X3/P2/8HU//PEJbW/+fuf37c0mT/AwAAQAe5+18Qt9j/AAAAMIzc/S+MW+x/AAAAWLN9IVbu/hfFLU32/x37//0lrv5/O4P2/7ddttH/6//3jPz+v/5/d/T/+v8p2/b/G/1//Vz0/8v5fu//6/+Zt7T+P3f/i+OWJvsfAAAAOsjd/5K4xf4HAACAYeTuf2ncYv8DAADAMHL3vyxuabL/vf+/iP6/KpaF9f/e/9f/7/t56f/1/8eh/9f/T/H+v/5/zd+v/9f/M29p/X/u/pfHLU32PwAAAHSQu/8VcYv9DwAAAMPI3f/KuMX+BwAAgGHk7n9V3NJk/59A/3+l/n/Y9//1//r/fT8v/b/+/zj0//r/Kfr/g/v/qw7579P/L+v79f/6f+Ytrf/P3f/quKXJ/gcAAIAOcve/Jm6x/wEAAGAYuftfG7fY/wAAADCM3P2vi1ua7P/D+v9b///iX/f+/3b0/wd/v/5f/6//1//r//X/U/T/3v9f8/fr//X/zFta/5+7//VxS5P9DwAAAB3k7n9D3GL/AwAAwDBy978xbrH/AQAAYBi5+98UtzTZ/yfw/v8l/f/d9f/6f/1/3IX2//+X/xz9/0X6/93S/+v/p+j/9f+r+/7L9v5E6f/1/8xbWv+fu//NcUuT/Q8AAAAd5O5/S9xi/wMAAMAwcve/NW6x/wEAAGAYufvfFrc02f8n3/97/1//f8T+/3L9f/L+f/y+6v/1/0eg/9f/b/T/x6b/9/6//p9dW1r/n7v/hrilyf4HAACADnL3vz1usf8BAABgGLn73xG32P8AAAAwjNz974xbmux//b/+/8z7f+//F/1//L7q//X/R6D/1/9v9P/HtpN+/mr9v/5f/8+epfX/ufvfFbc02f8AAADQQe7+d8ct9j8AAAAMI3f/e+IW+x8AAACGkbv/vXFLk/2v/9f/6/8X3//fcOmfN/2//n9N9P/6/yn6/6P3/xecff9/Q/zWeP9/Ef1//MA1+n+WZ2n9f+7+98UtTfY/AAAAdJC7//1xi/0PAAAAw8jdf2PcYv8DAADAMHL3fyBuabL/9f9r7//vc0t8gf5/3P7f+/9x9f/6/4Po//X/m2b9/+Lf/9f/e/9f/8//WFr/n7v/g3FLk/0PAAAAHeTu/1DcYv8DAADAMHL3fzhusf8BAABgGLn7b4pbmux//f/a+3/v/+v/9f/6/2XT/+v/p+j/9f9r/n79v/6feUvr/3P3fyRuabL/AQAAoIPc/R+NW+x/AAAAGEbu/o/FLfY/AAAADCN3/8fjlib7X/+v/9f/6//vdP9/rf5/o/8/lP5f/z9F/6//X/P36//1/8xbWv+fu/8TcUuT/Q8AAAAd5O7/ZNxi/wMAAMAwcvd/Km6x/wEAAGAYufs/HTfc465n90kn69whPx69uf5f/6//1/97/1//v0v6f/3/FP2//n/N36//1/8zb2n9f+7+z8Qt/v0/AAAADCN3/2fjFvsfAAAAhpG7/6a4xf4HAACAYXzuwv+9avP5uKXJ/tf/6//1//p//b/+f5f0//r/Kfp//f+av1//r/9n3tL6/9z9N8ctTfY/AAAAdJC7/wtxi/0PAAAAw8jd/8W4xf4HAACAYeTu/1Lc0mT/6//1/yfW/9/+g/r/ff98/b/+X/+v/9f/T9P/6//X/P36f/0/85bW/+fu/3Lc0mT/AwAAQAe5+78St9j/AAAAMIzc/V+NW+x/AAAAGEbu/q/FLU32v/5f/+/9f/2//l//v0v6f/3/FP2//n/N36//1/8zb2n9f+7+r8ctTfY/AAAAdJC7/xtxi/0PAAAAw8jd/824xf4HAACAYeTu/1bc0mT/j9z/T/3H9P8X6f/1/xv9v/5/x/T/+v8p+n/9/5q/X/+v/2fe0vr/3P3fjlua7H8AAADoIHf/d+IW+x8AAACGkbv/u3GL/Q8AAADDyN3/vbilyf4fuf+fctL9/7m4+v9t+/+b75K/dvr/vb9P/x+/r/p//f8R6P/1/xv9/7GddT+/9u/X/+v/mXdG/f+5zSH9f+7+78ctTfY/AAAAdJC7/wdxi/0PAAAAw8jd/8O4xf4HAACAYeTu/1HcMs7+v++NE39R/+/9f+//6//1//r/XdL/6/+n6P/1/2v+fv2//p95S3v/P3f/j+OWcfY/AAAAtJe7/ydxi/0PAAAAw8jd/9O4xf4HAACAYeTu/1nc0mT/6//1//r/Vv3/FRv9v/7/lOn/9f9T9P/6/zV/v/5f/8+8pfX/uft/Hrc02f8AAADQQe7+X8Qt9j8AAAAMI3f/L+MW+x8AAACGkbv/V3FLk/2v/9f/6/9b9f/e/9f/nzr9v/5/iv5f/7/m79f/6/+Zt7T+P3f/r+OWJvsfAAAAOsjd/5u4xf4HAACAYeTu/23cYv8DAADAMHL3/y5uabL/9f/6f/3/Uvv/i38G9f/6f/3/NP2//n+j/z+2s+7n1/79nfr/8wf8/fp/trG0/j93/y1xS5P9DwAAAB3k7v993GL/AwAAwDBy9/8hbrH/AQAAYBi5+2+NW5rsf/2//n/I/v/8CP2/9//1//r/bej/9f8b/f+xnXU/v/bvH7v/v3r256//ZxtL6/9z9/8xbmmy/wEAAKCD3P1/ilvsfwAAABhG7v4/xy32PwAAAAwjd/9f4pYm+1//r/8/ev9/rn7ei+3/h3j/X/+v/9f/b0P/r//frLP/39d26//X+f3T/f/dVt7/73///yD6f7axtP4/d/9f45Ym+x8AAAA6yN3/t7jF/gcAAIBh5O7/e9xi/wMAAMAwcvf/I25psv/1//r/Id//1//r//X/i9Gy/88/d/r/WY37f+//D/D9Y7//f4X+nxOxtP4/d/8/45Ym+x8AAAA6yN3/r7jF/gcAAIBh5O7/d9xi/wMAAMAwcvf/J25psv/1//p//b/+X/+v/9+llv2/9/+3pv/X/6/5+8fu/73/z8lYWv+fu/+/AQAA//+/bi01")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x4d)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)

1m57.086079443s ago: executing program 0 (id=182):
r0 = syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x8, &(0x7f0000000080)={[{@barrier}, {@autodefrag}, {@ref_verify}, {@compress_algo={'compress', 0x3d, 'no'}}, {@clear_cache}, {@noacl}, {@max_inline={'max_inline', 0x3d, [0x30, 0x37, 0x34, 0x74]}}, {@barrier}, {@nospace_cache}]}, 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r1, 0x50009417, &(0x7f0000002480)={{r0}, 0x0, 0x0, @inherit={0x0, 0x0}, @subvolid=0xad})

1m54.772884008s ago: executing program 0 (id=208):
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x13, 0x4, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000611879000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x94)

1m54.177663756s ago: executing program 0 (id=212):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
fstat(r0, &(0x7f00000007c0))

1m53.958088583s ago: executing program 0 (id=215):
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x21182, 0x0)
read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2084)
writev(r0, &(0x7f00000021c0)=[{&(0x7f0000002300)="08b5b2c0ca", 0x5}], 0x1)

1m38.871449127s ago: executing program 32 (id=215):
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x21182, 0x0)
read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2084)
writev(r0, &(0x7f00000021c0)=[{&(0x7f0000002300)="08b5b2c0ca", 0x5}], 0x1)

4.520967759s ago: executing program 5 (id=1360):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000012c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x34, 0x0, "0c9e089c1b4a04000bde79f04103c458187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e21, 0x0, @loopback, 0x80000000}}, 0x0, 0x0, 0xc, 0x0, "a1c1dd75a6803e10951cd4b347113e55eb289519becf7542da0bc21470e441225642855b5f2f4bb561dc9363aed4a18d67efd5f2fdf98328de9441031348589b763d46d14810acc5f700"}, 0xd8)

4.299813656s ago: executing program 5 (id=1363):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}}, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
syz_open_dev$usbmon(&(0x7f0000000300), 0x80, 0x4000)

4.086345654s ago: executing program 5 (id=1366):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0)
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
sendfile(r1, r0, 0x0, 0xc)

3.87961391s ago: executing program 5 (id=1368):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="1201000000000010961b080000000000000109022400010000000109040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="002207000000cb70e8e32ec1"], 0x0}, 0x0)

3.508392579s ago: executing program 3 (id=1371):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="00dea4a70c2da0431cfabbc0d4c969808f6566fbede5434fdea3ac658486eef1e7afebe7f368d7c950b39e"], 0x21, 0x5548, &(0x7f00000058c0)="$eJzs3E1vG1UXAOBjp2nffrwlQizYdVCFlEi1Vacfgl2BVny2qgosWIFju5Zb2xPFrhu66oIlYsE/QSCxYslvYMGaHWIBYocE8txJoS2VKsWOSfM80vjMvXPnzL2jJNKZiRzAgbWS/f5rJU7G0YhYiogTEcV+pdwKl1J4MSJORUT1H1ul7H/QcTgijkXEyWnylLNSHvryzOT0hV/e+e27H44cOv7Vtz8ubtXAor0cEYPNtH93kGLeTfFW2d+c9Io4OD8pYzowuF228xTvdjaKDHebO+OaRTzXTePzzTujabzZb7amsdu7WfRvDtMFR5PuTp7ihFvNraLd7mwUsTfKi9i9l+a1fS/9bbs3Gqc87TLfp0X6GI93YurvbHfSejZvF7E1HJf9KW/e7mxP46SM5eWilffbxTw2dnOn/9Neeq83vLOdTTpbo14+zC7UG6/UGxdrja283Rl3zteag/bF89lqtz8dVht3moNL3Tzv9jv1Vj5Yy1a7rVat0chWL3c2es3h/Uajfq5+tnZhLUt7Z7I3r32Y9dvZ6jS+3hveGff6o+xmvpWlM9ay9fq5V9ey043s/avXs+s3rly5ev2Djy9/dO21q2+/UQ56bFrZ6vrZ9fVa42xtvbG2uxsw0/Vnc17/Z+WkZ7h+2JXKoicAsP+o/4FFmF/9v3Uj4vH6vzrj+j/U/zOxr+rfg17/z2H9sCvqfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA+un5a/fKnZWUvt42f//suv5sl2JiGpE/PkvluLwQzmXyjzLTxi//Mgcvq9EkWF6jSPldiwiLpXbH8/N+y4AAADAs+ub+6e+SNV6+lh5qrOOznlW7JH00KZ64pMZ5atExPLKzzPKVp1+vDCjZMXP96HYnlG24gHW/2aULD1yOzSrbE+l+HV/N4UHKylCJYXqo2fMbLUAAMDCLD0U9rYKAQAAYC99/sQjt/d0HuyxSuy8ytx5F1z85/3fL/uOprZXfwAAALB/VRY9AQAAAGDuivrf9/8BAADAsy19/x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBf7NxNbtpAGAbgz8Yu9E9FVfe9SndwjB6hyy4rDtBLcAR6hV6AM5BdjhBBhMdBISIJxGNQoueR7MGWeT3mZzEz0gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECfrurF9N+f73+75qw33eR5GgAAAOCQVb2YNi/G6fhje/5ze+pre1xERBkRh8bug3i3lzloc+pHrq8f9OF/RJOwvcew3T5ExI+0beJL358CAAAAvEnVdreczSdptJ5240v3is5O+A7TpE356WemWxcRUY+vM6WV27xvmcKa33cVvzOlNRNYo0xhacqtypV2lObvvpu1G91ritSUT78/27MDAABnNNhrzjsKAQAA4Jx+XboD9OH9s1cUcbeUuVsKHKZmtBdhsQ8AAABer+LSHQAAAAB614z/T6n/F8fU/6uy1/+LG/X/AAAA4MVS/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6tKoX0+VsPumas950k+dpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhlf95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmf7Q8U1yh4iouBBL3a7ra29iQclePBPEEK6rbFbf7Q52FKEXLxJzr2IHkUEJd76D3jqTWihl3rrYQ8VRPCyMrMz2UkTcGPIzJp8PvDmfXcymfd9MxDynTcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURu9M4yTbdCZxXOy79/jWStbff6LP3Nl4sJi1LI7qTPr/4aXqh6jbXCIAAAAcHUlZ34cQHqabS1kfd/L6Py2PyWr+b5+ZxGU9/2TdX/Zl7Z+1X35+9MLWQJ3JONlJL60OB6d3ptI6uFnOt2f/9YhWfuXzZy9JfkPi99efH6X59Yy+vnv33XYeHqsjWwDgvzhV9kVQ/j6U9f0mEwPgyGhVCu+i/v8r6TScFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEANRuvhqTKOQgiLrWmcuf/41spu/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8HEJoavS3i+lf+XCGg0No5PocVPD3eDze03cdbz7nfQVxcbNnOLg9Lzk3HzT4QwkAgEMpLVpW1z9MN5eyfdFCCOPvttf/r1XiMGP9/+ij8/eqY1Xr/35tM5x/vbWrn/Wu37j5xurV5cuDy4NP3jzTf6t/9sK5cxd6+bOSnicmAAAA7E+7aNX6P17Yuf5/shKHGev/z7/pfzkd6bd8q/7fabro13QmAAAAR9tzr/z5R7TL/qjdDl8sr61d60+2W5/PTLYNpLpnx4pWrf+ThaazAgAAAOowWo+2rf9frMRhxvX/p79/8cfqOZMQwoli/f/UyqfDi/VNZ67V8efETc8RAACAZp0oWnX9P83f/4+3XnmIQwivvzqJi38DOFP9n7z31Q/VsZLK+/9n65viXIq7k+uR990QWt1tX/61scQAAAA4lI4XLSv2f083lz7+6eQHbe//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTtnwAAAP//gQBD5A==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
ioctl$F2FS_IOC_DEFRAGMENT(r0, 0xc010f508, 0x0)

2.325701724s ago: executing program 3 (id=1380):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0xfffffffffffffffd)

2.133228729s ago: executing program 4 (id=1385):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0)

1.936445995s ago: executing program 5 (id=1387):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000dc0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xbc, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0xf7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, &(0x7f0000000000)={0x40, 0x30, 0x5, {0x5, 0x3f, "dced88"}}, 0x0, 0x0, 0x0}, 0x0)

1.896176218s ago: executing program 4 (id=1389):
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
splice(r1, 0x0, r0, 0x0, 0x406f408, 0x0)

1.836694263s ago: executing program 2 (id=1390):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv6_newnexthop={0x34, 0x68, 0x1, 0x0, 0x0, {0x2}, [@NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @LWTUNNEL_IP6_TC={0x5}}, @NHA_OIF={0x8, 0x5, r1}, @NHA_ENCAP_TYPE={0x6, 0x7, 0x7}]}, 0x34}}, 0x0)

1.729759812s ago: executing program 4 (id=1391):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x2a08000, &(0x7f0000000840)={[{@noblock_validity}, {@resuid={'resuid', 0x3d, 0xee00}}]}, 0x0, 0x488, &(0x7f0000000b40)="$eJzs3MtrXFUcAODf3Lz7jI+qfajxhcVH06QPu3CjKLhQEHRRXQgxTUttaqWJYEsxVaQupeBeXAr+Ba50I+pKcKt7KRTJpvEBXrl37m1eM0kmmcy0zvfBhHPuPXfuec6ce+6dBNCxhrI/lYhtEfFrFk7y6E1pkShLNzd7afzP2UvjlUjT1/6o5PtuzF4aL9OWx20rIvuTiOSTSuytcd6pCxfPjE1OTpwv4sPTZ98bnrpw8enTZ8dOTZyaeHf02LHDh0aeOTp6pCnl3J7ldc+H5/btfumNq6+MH7/69o9fd5d5XVKOZhmKoUV1udBjzT5Zm21fEK50tzEjNKQrIrLm6snH/87oivnG2xkvftzWzAGbKk3TdEf93ZdT4H+sEu3OAdAe5Rf9jdmB6N+k6+Bb2fXnqhdAWbnnild1T3ckRZqeJde3zdRfrJscv/zXF5HXf19H1T8A0HrfZvOfp6rzn/JV3TMY9yxItyNfD862RtwREXdGxF0RcXdE7IrI094bEfc1eP6hJfHl88/k2roKtkbZ/O/Z4t7W4vlfMfv7Nx3sKmLbYyAGo6dy8vTkxMGiTvZHT18WH1nhHN+98Mtn9fYNFXO/8pWdv5wLFvm41t23+JgTY9NjGyv1vOsf5WuAM8vLP3/nKgvtjog963j/bN58+omv9tXbv3r5V9CE+0zplxGPV9v/cqxQ/qX3JweKfUdHjwz3x+TEweGyVyz3089XXq13/g2Vvwmy9t9Ss//fLP9gZeH92qnGz3Hlt0/rXtM00P/fLLdk/b+38noe7i22fTA2PX1+JKK38vLy7aPz71bGy/TXt+2KeKT2+M8+47I+lpV/b0Rknfj+iHggIh4s8v5QRDwc+VvUMjMXET88/+g76yl/slrFNkHW/icWtX+s0v6NB7rOfP/NespflbX/4Ty0v9hS+/Ovf1FsrRncaP0BAADA7SDJn4GvJAeK8EAkyYEDEVvztd0tyeS5qeknT557/+8T1WflB6MnKVe6quvB1fXQkWJtuIyPLokfKtaNP+8ayONbll2xA622deH4zxccq+M/83tX7WPq/aYFuA35vRZ0LuMfOpfxD51rbeO/b9PzAbTeWr//003OB9B6tcb/TL3Eb7XisWSgVVz/Q+cy/qFzGf/QuYx/6Egb+V2/wCqBmYartz9WStPb/Kym6XoPjyQPpDNtrOd/in/DsrbEm5ef8pn41RP3FOPuVumi9QPt+0wCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABopv8CAAD//8d33dM=")
syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000380)='./file0\x00', 0x10e, &(0x7f0000000140)={[{@inlinecrypt}, {@nodelalloc}, {@jqfmt_vfsold}, {@bh}, {@block_validity}, {@quota}]}, 0x3, 0x460, &(0x7f0000001380)="$eJzs289vFFUcAPDvzLZg+WEr4g9+qFU0Nv5oaUHl4EGNJh40MfGCx9oWgizU0JoIIYrG4NGQeDceTfwLPOnFqCcTr3o3JMRwEU1M1szuDLs77C4U2i5lP59k4L2d17733Tdv9715nQAG1nj2TxKxLSJ+j4jRRra9wHjjvyuXz879c/nsXBK12tt/JfVyf18+O1cULX5ua56ZSCPSz5LY06HepdNnjs9Wqwun8vzU8on3p5ZOn3n22InZowtHF07OHDp08MD0C8/PPHeDkfxX63X2nqytuz9a3Lvr9XcuvDl3+MK7P3+bFPGX4lgl471OPlHr2dwNZ3tLOhnqY0NYkUpEZN01XB//o1GJZueNxmuf9rVxwJqq5bqcPlcD7mBJ9LsFQH8UX/TZ+rc41m/20X+XXm4sgLK4r+RH48xQpNFYGA2X1reraTwiDp/796vsiLW5DwEA0Ob7bP7zTKf5Xxr3t5S7O98bGsv3UnZExL0RsTMi7ouol30gIh5cYf3lTZJr5z/pxZsK7AZl878X872t9vlfWhQZq+S57fXMcHLkWHVhf/6eTMTw5iw/3aOOH1797Ytu51rnf9mR1V/MBfN2XBza3P4z87PLs7cSc6tLn0TsHuoUf3J1JyCJiF0Rsfsm6zj21Dd7u50rxT/SvvlY9lJ7dhX2mWpfRzzZ6P9zUYq/kPTen5y6K6oL+6eKq+Jav/x6/q1u9V+//9dW1v9bOl7/V+MfS1r3a5dWXsf5Pz7vuqaZXPH1vyk65T6cXV4+NR2xKXmj0ejW12ea5Yt8UT6Lf2Jf5/G/I5rvxJ6IyC7ihyLi4Yh4JO+7RyPisYjYVw4sbSZ/euXx95q59gv8duj/+VL/j7UXKfV/M7Epyq90TlSO//hd+29sJm/s8+9gPTWRv5J9/l1v97y1FUmPBt7auwcAAAAbQxoR2yJJJ6+m03RysvE3/DtjS1pdXFp++sjiByfnG88IjMVwWtzpatwPbtwPnc6X9UV+ppQ/kN83/rIyUs9Pzi1W5/sdPAy4rV3Gf+bPSr9bB6w5z2vB4DL+YXAZ/zC4jH8YXB3G/0g/2gGsv07f/x83k7XR9WwMsK5K49+2HwwQ638YXMY/DK7W8d/z+XvgTrI0Er0f3h+ARHp7NGODJSLtW+3pqv/mZI1Hwbb+99dKE/3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgd/wcAAP//nHbk3g==")
mount(0x0, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x21100e0, &(0x7f0000000140)='usrjquota=')

1.682190005s ago: executing program 2 (id=1392):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4000, &(0x7f0000000e40)=ANY=[@ANYBLOB='mode=00000000000000000000177,mode=00000000000000000000005,shortad,utf8,shortad,shortad,session=00000000000016777223,umask=00000000000000000000250,uid=ignore,shortad,dmode=00000000000000000170430,gid=ignore,adinicb,gid=forget,mode=00000000000000000002000,lastblock=00000000000000001024,shortad,euid>', @ANYBLOB=',fsmagic=0x0000000000000002,smackfsf^oor=smackfstrans-ute,fowner>', @ANYBLOB="d4199c3f003c5c8d6d222e24bfdda0389fe9ebc4333e5d9521a6cc631f653d174fb504401934b83a72449268d54cd62dbbb66d7ba1b35073e60bf699ea6cb1b5923e3a3d5e51423a7c1a13920aea8e6d3c7d53f4aa34acbe0b78df03569d0b620d54f96b33fd4895161524abc937b9d619a3add1c3b57ad5124502de88fe8f0e436f04aded9c4f7b60876d2ac9caa8502b7faa4fe85e7819540dabf8e44ccdd382e5292164879e30f5b039e5f2314adff12c154c627fabadc824eb6d2fc48d1bc75a9dd2589e2c3324cd33f0a8508f6d4a899b6e8b45fec164", @ANYRESDEC, @ANYBLOB="2c736d61636b6673747261736d7574653d001c0b235ffdce27803854a81c498e5bc58fdfc2e25738bee597df2c00"/55], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r0, &(0x7f0000000c40)={0x2020}, 0x2020)

1.394993499s ago: executing program 1 (id=1396):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x44, r1, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1d}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040800}, 0x40000)

1.292357947s ago: executing program 2 (id=1397):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x4, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r0}, 0xc)

1.288939777s ago: executing program 1 (id=1398):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x3}})
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, 0x0)

1.158513347s ago: executing program 1 (id=1399):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
ioctl$SIOCRSGCAUSE(r0, 0x89e0, &(0x7f0000000080))

1.157943848s ago: executing program 2 (id=1400):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000080)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7c, r1})

1.044437996s ago: executing program 2 (id=1401):
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)

1.043946266s ago: executing program 1 (id=1402):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0xfffffffc, 0x0, 0xffffffff})
ioctl$sock_bt_hci(r0, 0x400448cc, 0x0)

931.164425ms ago: executing program 1 (id=1403):
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000100ffff000000000500000885000000c800000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, 0x0, 0x4000002, 0x0, 0x0, 0x0, 0x4c}, 0x94)

884.893669ms ago: executing program 2 (id=1404):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x1c802, &(0x7f0000002740)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5fd0cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb6d658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d967206115b492d825751fcc00000000000000e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bebb749daef202e0412a73d545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177de97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b8f8451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f50520f91fbf7201fc9621d0aee9735d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fbad8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c40000005e538c77b2b14f63d253705363846bc4e9cd3284ff329330812d2211ae34106e0306376a2b1cfe60a09becae2b05ec9adcac47612af85f598a880fa97891a7a290b6e730800542aea761aeb463f5ff5bdf5099ae8ad4afe99db9e9c4e703cb900e9ae272742fe2ff81d1a4f15668392cdafd2e1757706f47f9f84e532f25e2737cb6f6e89378f8d79ab8507b109c7f1f3653a5bc9d54ccc633de6263526eac10519274"], 0x1, 0x5f55, &(0x7f000000efc0)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAFIICGvsTWZRAYHkG0QiSw8kReIBZdHgE02LPIi4RUQD4AlD6tIEArVzDl2TU2Pexx7urrn/H7SuOrr0zV9yv+pqe6pywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIL733R+f7kXE5V+nBw5HfCYGEf2I5bo+FvXMxfz8YUQcic3meC4iBosR9fKb/zwTcS4iPjoUcW/j1mr98Jk99uP8qZvXP/n+d/7xuz/dOfLTN3/yQbv9R589++Hvb0cc/uFrH35y+8msOwAAAJSiqqqqlz7mH02f7/tddwoAmIq8/6+S/LharVarn2j9x/5s9UddaN1UjXe7WUTEenOZ+j2Dw/EAMGfW4+Ouu0CH5F+0YUQ81XUngJnW67oD7It7G7dWeynfXnN/cGyrPf+dclv+673713fsNp2kfY7JtH6+7sQgnt2lP8tT6sMsyfn32/lf3mofpeftd/7Tslv+o61Ln4qT8x+082/Zlv+fI2Ju8++Pzb9UOf/ho+S/Ppjj7V/+AAAAAAAcfPnv/4c7Pv67+PirsicPO/57bEp9AAAAAAAAAIAn7XHH/7vP+H8AAAAws+rP6rW/HHrw2G73Yqsfv9SLeLr1fKAw6WKZla77AQAAAAAAAAAAAAAlGW6dw3upF7EQEU+vrFRVVX81tetH9bjLz7vS1x9K1vUveQAA2PLRoda1/L2IpYi4lO71t7CyslJVS8sr1Uq1vJjfz44Wl6rlxufaPK0fWxzt4Q3xcFTV32ypsVzTpM/Lk9rb369+rVE12EPHpqPDwAEgIrb2RvfskQ6Yqnomun6Xw3yw/R88tn/2ouufUwAAAGD/VVVV9dLtvI+mY/79rjsFAEzDUt7/t48LqNVqtVqtPnh1UzXe7WYREevNZer3DIbjB4A5sx4fd90FOiT/og0j4kjXnQBmWq/rDrAv7m3cWu2lfHvN/UEa3z2fC7It//Xe5nJ5+XHTSdrnmEzr5+tODOLZXfrz3JT6MEty/v12/pe32kfpefud/7Tsln+9noc76E/Xcv6Ddv4tByf//tj8S5XzHz5S/gP5AwAAAADADMt//z9c/PFfdz0AAAAAAAAAYH7d27i1mq97zcf/Pz/meb3mnOs/D4ycf2/P+bv+9yDJ+ffb+bdOyBk05u++8SD/f2/cWv3g5r8+l6czn//CYFS/9kKvPxim05yqhbfialyLtTi14/nDbe2nd7QvbGs/M6H97I72Ud2+nNtPxGr8Iq7Fm/fbFyecGLU0ob2a0J7zH9j+i5TzHza+6vxXUnuvNa3dfb+/Y7tvTse9zsW//ffFnVvX9N2Jwf11a6rX73gH/dn8P3lqFL+6sXb9xG+u3Lx5/XSkybZHz0SaPGE5/4X0lfN/6YWt9vx7v7m93n1/9Mj5z4o7Mdw1/xca8/X6vjzlvnUh5z9KXzn/vAcav/3Pc/67b/+vdNAfAAAAAAAAAAAAAAAAeJiqqjYvEb0YERfS9T/uhA8ARfjDD9JMlYRarVar1eoDWzdV473eLGJp+zIXIuK3474ZADDL/hcR/+y6E3RG/gXL9/urp1/oujPAVN14972fXbl2be36ja57AgAAAAAAAAB8Wnn8z2ON8Z83zwNqjRu9bfzXN+LY3I7/2R8NNsc6Tyv0fDx8/O/j8fDxv4cTXm9hQvtoQvvihPalCe1jL/RoyPk/nzLO+R9NK1bS+K8vddCfruX8j6exnnP+X2o9r5l/9dd5zr+/Lf+TN9/55ckb77736tV3rry99vbaz0+funDu7PlzZ8+fP/nW1Wtrp7b+7bDH+yvnn8e+dh5oWXL+OXP5lyXn/8VUy78sOf8XUy3/suT88/s9+Zcl558/+8i/LDn/l1Mt/7Lk/L+cavmXJef/SqrlX5ac/1dSLf+y5PxfTbX8y5LzP5Fq+Zcl538y1fIvS84/H+GSf1ly/vnMBvmXJed/JtXyL0vO/2yq5V+WnP+5VMu/LDn/86mWf1ly/hdSLf+y5Py/mmr5lyXn/7VUy78sOf/XUi3/suT8v55q+Zcl5/+NVMu/LDn/b6Za/mXJ+X8r1fIvS87/26mWf1ly/q+nWv5leXD/fzNTnvnP3yNmoBtmzIyb6fo3EwAAAAAAAAAAAADQNo3TibteRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7PDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1Eaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwd3cxcpX3GcDPftlrQ4IbCCHECWtjiAOLd9df4BCDSUJKSZtSEtKmJTWOvTZO/FXvOgGEylJoSxSkIrUX9KJpEqVRpLYCRZGaSjRCaqT2rlwl4iZqJS4sFSoHJZVSBbY6M+/77szs7Mz6Y+3z8fsh/PfOnJl558yZ2X3WemYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBWGz42/ecDWZbl/zf+WJdll+d/X5Ptyb+c23mpVwgAAACcr7caf/7DFemEPcu4UMs2//aB//j+/Pz8fPaFN0+//Zfz8+mMsSwbWp1ljfOif//lL+ZbtwmeykYHBlu+Huxz80N9zh/uc/5In/NX9Tl/dZ/zR/ucv2gHLLKm+fuYxpVtavx1XXOXZldlI43zNnW51FMDqwcH4+9yGgYal5kfOZgdzo5k09nkossMNP7Lspc25Ld1TxZva7DlttZnWXbmZ4/vj2sYCPt4U9Z2Yw2tj90bd2Vjb/7s8f3fmX39vd1m392waKVZtnljvs6ns2zh11XZQLY67ZO4zsGWda7vss6htnUONC6X/71znWeWuc54v0fDOl/psc714bRHrs+ybC5bcptOT2WD2dqOW037e7R5ROTXkT+U78qGz+o42bCM4yS/zGvXtx8nncdk3P8bwj4ZXmINrQ/HG0+uWrTfz/U4ye91EY7V/Lrvy290dLT1V6ttx2q+zeM3LH0MdH3suhwD6VhuOQY29jsGBlcNNY6BwYU1b2w7BqYWXWYwG2jc1ukbeh8DE7NHT0zMPPrYLYeP7js0fWj62NTkzu3bdmzftmPHxMHDR6Ynm3+e3S4tkbXZYDoGN4bXmngMfrBj29ZDcv6bF+55MFqQ50F+3z9zY76gywezJY7xfJunN5//8yB93295Hgy3PA+6vqZ2eR4ML+N5kG9zZvPyvmcOt/zfbQ0r9Vq4ruUYuJTfD/PbfPBDS78Wrg/reuams/1+OLToGIh3ayA89/JT0s97o7eF/bL4uLg2P+OyVdmpmemTWx7ZNzt7cioL46K4suWx6jxe1rbcp2zR8TJ41sfLnr//1Y3Xdjl9XdhXozf3fqzybbaP936sGq/u7ftzVdbcn22nbs3CuMAu9v7s9t0s358pS/TYn/k2T99y/j8LplzS8vo30u/1b2hkuPn6N5T2xkjb69/ih2aosbIsO3PL8l7/RsL/F/v176qCvP7l++rBLb2PgXybZybO9hgY7vn6d32YA2E9HwqJYbQl97/dOH+ueZi2PJZ9j5vh4ZFw3AzHW2w/brYtukx+bfltb548t+Nm8/Xtj1Xbzy0VPG7yffVXk72Pm3ybl6fO/7VjTfxry2vHqn7HwMjQqny9I+kgaL7eza+Jx8CWbH92PDuSHUiXyR/l/LbGty7vGFgV/r/Yrx3XFOQYyPfV81t7HwP5Nj/admF/dtocTknbtPzs1Pn7haUy/7XDC9fXudsudObP1/nxH38qndYtQ+TbvL79bHNG7/10czjlsi77qfP5s9QxfSC7OPvpmrDOIzt6/24q3+aqncs8nvZkWfbq1KuN33eF3+9+79SPv9/2e99uv1N+derVeyfu/8nZrB8AgHP3duPPuVXNnzVb/sV6Of/+DwAAAJRCzP2DYSbyPwAAAFRGzP1DYSbyPwAAAFRGzP3DYSY1yf8P37brhbeeyNK7Ac4H8fy4G+67o7ld7HjPha/H5hfkp3/02yMvfPWJ5d32YJZlv7r3fV23f/iOuK6mE3GdH24/fZFrrlvW7T/0wMJ2re+fcGZX8/rj/VnuYRC7yi9NbG1c79ijU4358r1ZY94/98xTzetvfh23P72tuf3fhDct2XNwoO3ym8N6NoU5Ft5T5r49C/shn/FyL6z/wL9e+dmF24uXG9j4zsbdfP6Pm9cb3yPquSub28f7vdT6/+Vr330h3/6RG7qv/4nB7us/Ha73tTB/ubu5fes+/2rL+v80rD/eXrzclm/9sOv6X3xPc/sXw3HxjTA713/XX7z/rW6PV7ydPbc3Lxdvf/J/tzcuF68vXn/n+kefmGrbH53X//KbzevZ/eWfD7VuH0+PtxM9dHv78T0QHt+2HnmWZd/9s6xtP2cfaV7unzvWH6/vxO3d139zxzpPDFzXuPzC/VnXdr++/ndbu97fuJ49/7iu7f48d3fYf29O/Ci/3tP3h+MxnP9/rzSvr/O9TF+8u/31Jm7/jXXN5228vomO9T/Xsf656/J913/997zZXP+Ld65uW/+eT4Tj6Z7m7Lf+Q397Rdvlv/md5uNx8ivjx47PnDp8oGWvtj6PV4+uWXvZ5e945xXhtbTz673HZx+ePjk2OTaZZWMlfMvAlV7/t8L8n+aYu/C30PSTnzePu2c/2fy+9cFfNL9+Lpz+UHg84/fHr//1SNvx2vm4z93ZnOe7/pvCOpbrPV/7r+uWteHpz7906p/+5PXOnwvi/Tnx7tHG/Xt+w9WN8wZebp7f+XrVz3++u/15/dPhycb8Qdiv8+GdmTde3by9zuuP703y7Kebz9/4k1y8fNbxfiLrhtrvx/mu/6fh55gfXtP++hePjx880fFuzuuygXwJc+H1IZtrnh+3ivv72TNXd729+D482dx7z2aZS5p5dGbiyOFjpx6ZmJ2emZ2YefSxvUePnzo2u7fx3qV7v9jv8gvP77WN5/eB6Z3bs8az/XhzrLBLvf4TD+w/cOvkjQemD+47dXD2gRPTJw/tn5nZP31g5sZ9Bw9Of6Xf5Q8f2D21dde2W7eOHzp8YPdtu3Zt2zV++NjxfBnNRfWxc/JL48dO7m1cZGb39l1TO3Zsnxw/evzA9O5bJyfHT/W7fON703h+6S+Pn5w+sm/28NHp8ZnDj03vntq1c+fWvu/+ePTEwZmxiZOnjk2cGp4+OdG8L2OzjZPz7339Lk89zBwPr3cdBsJP55+7eWd6f9zct59c8qqam7T/eJq9Ed4LKn5/6/d1zP0jYSY1yf8AAABQBzH3hzf+XzhD/gcAAIDKiLl/dZiJ/A8AAACVEXN/M/mPpo9/r0v+v1D9/yf1/xv0//X/M/3/RP9f/z/T/9f/70P/X/+/zOvX/0/9/xn9f5ZStP5/yP3Zmizz7/8AAABQUTH3rw0zkf8BAACgMmLuvyzMRP4HAACAyoi5//Iwk5rkf5//r/+v/9+r/x+31f/P9P+L0P/f9N/6/4vo/+v/Z/r/5+xS9+fLvv4C9v/X6P9TNEXr/8fc/44wk5rkfwAAAKiDmPvfGWYi/wMAAEBlxNx/RZiJ/A8AAACVEXP/ujCTmuR//X/9f/1/n/+v/1+a/r/P/+9C/1//P9P/P2eXuj9f9vUXsP/v8/8pnKL1/2Pu/7Uwk5rkfwAAAKiDmPvfFWYi/wMAAEBlxNx/ZZiJ/A8AAACVEXP/VWEmNcn/9ez/v5Zlmf5/pv+v/9+xTv1//f+VoP+v/9+L/r/+f5nXr/+v/09/Rev/x9z/7jCTmuR/AAAAqIOY+68OM5H/AQAAoDJi7n9PmIn8DwAAAJURc/81YSY1yf/17P/7/H/9/yb9//Z16v/r/68E/X/9/170/5fR/x9e+Kv+f7HWr/+v/09/Rev/x9z/3jCTmuR/AAAAqIOY+68NM5H/AQAAoDJi7n9fmIn8DwAAAJURc//6MJOa5H/9f/1//X/9f/1//f+VVK7+/+CS5+j/N+n/t7tw/f+5hQX4/P/SrF//X/+f/orW/4+5//1hJjXJ/wAAAFAHMfd/IMxE/gcAAIDKiLn/ujAT+R8AAAAqI+b+sTCTmuR//X/9f/1//X/9f/3/lVSu/v/S9P+b9P/bXZTP/2+h/1+s9ev/6//TX9H6/zH3bwgzqUn+BwAAgDqIuX9jmIn8DwAAAJURc//1YSbyPwAAAFRGzP2bwkxqkv/1//X/9f/1//X/9f9Xkv6//n8v+v/6/2Vev/6//j/9Fa3/H3P/DWEmNcn/AAAAUAcx998YZiL/AwAAQGXE3P/BMBP5HwAAACoj5v7NYSY1yf/6//r/+v8l7v8P6f9n+v+Fp/+v/9+L/r/+f5nXr/+v/09/Rev/x9z/oTCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7r85zET+BwAAgMqIuX88zKQm+V//X/9f/7/E/X+f/9+2fv3/YtL/1//vRf9f/7/M69f/1/+nv6L1/2PuvyXMpCb5HwAAAOog5v4tYSbyPwAAAFRGzP0TYSbyPwAAAFRGzP2TYSY1yf/6//r/+v/6//r/+v8rSf9f/78X/X/9/zKvX/9f/5/+itb/j7l/KsykJvkfAAAA6iDm/q1hJvI/AAAAVEbM/dvCTOR/AAAAqIyY+7eHmdQk/5ek/78lFaD0//X/9f/1//X/S0X/X/+/F/1//f8yr1//X/+fdoNdTita/z/m/h1hJjXJ/wAAAFAHMffvDDOR/wEAAKAyYu6/NcxE/gcAAIDKiLn/tjCTmuT/kvT/ff6//r/+fwv9f/3/MtH/1//vRf9f/7/M69f/1/+nv6L1/2Pu3xVmUpP8DwAAAHUQc/+Hw0zkfwAAAKiMmPtvDzOR/wEAAKBUun0OYRRz/0fCTGqS//X/q97/n1+t/6//r//fe/36/ytL/1//vxf9f/3/Mq9f/1//n/6K1v+PuX93mElN8j8AAADUQcz9d4SZyP8AAABQGTH33xlmIv8DAABAZcTcvyfMpCb5X/+/6v1/n/+v/6//32/9+v8rS/9f/78X/f9y9v/Djy36/wXq/+fHkP4/RVS0/n/M/XeFmdQk/wMAAEAdxNz/0TAT+R8AAAAqI+b+j4WZyP8AAABQGTH3fzzMpCb5X/9f/1//X/9f/1//fyXp/69Y/7/xUljk/v+aZdyM/n85+/+R/n9x+v8+/5+iKlr/P+b+u8NMapL/AQAAoA5i7v9EmIn8DwAAAJURc/+vh5nI/wAAAFAZMfffE2ZSk/yv/6//r/+v/6//r/+/kvT/ff5/L/r/+v9lXr/+v/4//RWt/x9z/2+EmdQk/wMAAEAdxNx/b5iJ/A8AAACVEXP/J8NM5H8AAAAomVVLnhNz/2+GmdQk/5ev/z9Wyv7/YLp+/X/9f/1//X/9/wtJ/1//P9P/P2eXuj9f9vXr/+v/01/R+v8x9/9WmElN8j8AAADUQcz9nwozkf8BAACgMmLu/+0wE/kfAAAAKiPm/vvCTGqS/y90/7/z8r34/H/9/0z/X/9f/1///zzp/+v/Z/r/5+xS9+fLvn79f/1/+ita/z/m/t8JM6lJ/gcAAIA6iLn//jAT+R8AAAAK6uGzvkTM/Z8OM5H/AQAAoDJi7v9MmElN8n/5Pv9f/1//X/9f/1//v0z0//X/e9H/1/8v8/r1//X/6a9o/f+Y+x8IM6lJ/gcAAIA6iLn/s2Em8j8AAABURsz9vxtmIv8DAABAZcTc/3thJj3y/9KVhPLR/9f/1//X/9f/1/9fSfr/i/v/+WuY/n+T/r/+f5nXr/+v/09/Rev/x9z/uTAT//4PAAAAlRFz/++Hmcj/AAAAUBkx9/9BmIn8DwAAAJURc/+DYSY1yf/6//r/+v/6//r/+v8rSf/f5//3ov+v/1/m9ev/6//TX9H6/zH3fz7MpCb5HwAAAOog5v4/DDOR/wEAAKAyYu7fG2Yi/wMAAEBlxNz/UJhJTfK//r/+v/6//r/+v/7/StL/1//vRf9f/7/M69f/1/+nv6L1/2Pu3xdmsqf9ZgAAAIDyirn/C2EmNfn3fwAAAKiDmPv3h5nI/wAAAFAZMfcfCDOpSf7X/9f/1//X/9f/1/9fSfr/+v+96P/r/5d5/fr/+v/0V7T+f8z902EmNcn/AAAAUAcx9x8MM5H/AQAAoDJi7j8UZiL/AwAAQGXE3P9wmElN8r/+v/6//n9t+/+vfK9jnfr/+v8rQf9f/78X/X/9/zKvX/9f/5/+itb/j7n/cJhJTfI/AAAA1EHM/V8MM5H/AQAAoDJi7v9SmIn8DwAAAJURc/+RMJOa5H/9f/1//f/a9v+X9/n/axZuV/9f//9c6P/r//ei/6//X+b16//r/9Nf0fr/MfcfDTOpSf4HAACAOoi5/1iYifwPAAAAlRFz//EwE/kfAAAAKiPm/hNhJjXJ//r/Z9X/XzWwRDdQ/7/7+vX/K9D/b6H/r/9/LvT/9f970f/X/y/z+vX/9f/pr2j9/5j7/yjMpCb5HwAAAOog5v6TYSbyPwAAAFRGzP0zYSbyPwAAAFRGzP2zYSY1yf/6/z7/X/9f/1//X/9/Jen/6//3ov+v/1/m9ev/6//TX9H6/zH3nwozqUn+B4D/Z+8+c/U6qz4OP6/zOiRCwBTCEGACDIExIDEGeknooUPovYXeQofQe++99x4IvUpB8VlrhWPsvW2f8/jc+17X9SELTpB8RzEf/kp+2gAAHeTuv1/cYv8DAADANHL33z9usf8BAABgGrn7HxC3NNn/+n/9v/5f/6//1//vk/5f/79E/6//3/L79f/6f9aN1v/n7n9g3NJk/wMAAEAHufsfFLfY/wAAADCN3P0PjlvsfwAAAJhG7v6HxC1N9r/+X/+v/9f/6//1//uk/9f/L9H/6/+3/H79v/6fdaP1/7n7Hxq3NNn/AAAA0EHu/ofFLfY/AAAATCN3/8PjFvsfAAAAppG7/9q4pcn+1//r//X/G+z//1//r//fDv2//n+J/l//v+X36//1/6wbrf/P3X9d3NJk/wMAAEAHufsfEbfY/wAAADCN3P2PjFvsfwAAAJhG7v5HxS1N9r/+X/+v/99g/+/7//r/DdH/6/+X6P/1/1t+v/5f/8+60fr/3P2Pjlua7H8AAADoIHf/Y+IW+x8AAACmkbv/sXGL/Q8AAADTyN3/uLilyf7X/+v/9f/6f/2//n+f9P/6/yX6f/3/lt+v/9f/s27v/f+9rz9zL7T/z91/fdzSZP8DAABAB7n7Hx+32P8AAAAwjdz9T4hb7H8AAACYRu7+J8YtTfa//l//f0f/f9v/6f/1//r/O36u/z8e+n/9/xL9v/5/y+/X/+v/Wbf3/n+l9z/7v+fuf1Lc0mT/AwAAQAe5+58ct9j/AAAAMI3c/U+JW+x/AAAAmEbu/qfGLU32v/5f/+/7//p//b/+f5/0/8P2/2f/X+8w/f8F0f/r/8/X/9/rAt6v/6eD0fr/3P1Pi1ua7H8AAADoIHf/0+MW+x8AAACmkbv/hrjF/gcAAIBp5O5/RtzSZP/r//X/+n/9/+H+/1TL/v/2n+n/90P/P2z/v0z/f0H0//p/3//X/7NstP4/d/8z45Ym+x8AAAA6yN3/rLjF/gcAAIBp5O5/dtxi/wMAAMA0cvc/J25psv/1//p//b/+/0jf/79ijv7f9//3R/+v/1+i/9f/b/n9+n/9P+tG6/9z9z83bmmy/wEAAGB6p3a1+58Xt9j/AAAAMI3c/c+PW+x/AAAAmEbu/hfELU32v/5f/6//1/8fqf+f5Pv/+v/90f/r/5dcaP+/0//XX4v+f5z36//1/6wbrf/P3f/CuKXJ/gcAAIAOcve/KG6x/wEAAGAauftfHLfY/wAAADCN3P0viVua7H/9v/5f/6//1//r//dJ/6//X+L7//r/Lb9f/6//Z91o/X/u/pfGLU32PwAAAHSQu/9lcYv9DwAAANPI3f/yuMX+BwAAgGnk7n9F3HL2/j91OV91+ej/9f/6f/2//l//v0/6f/3/Ev3/ufv/q87z6+n/x3q//l//z7rR+v/c/TfGLf75PwAAAEwjd/8r4xb7HwAAAKaRu/9VcYv9DwAAANPI3f/quKXJ/j9f/3/rnQ/+vP7/wuj/z/1+/b/+X/+v/9f/6/+X6P99/3/L79f/6/9ZN1r/n7v/NXFLk/0PAAAAHeTuf23cYv8DAADANHL3vy5usf8BAABgGrn7Xx+3NNn/x//9/2v0//p//X9c/b/+X/+v/9f/L9P/6/+3/H79v/6fdaP1/7n73xC3NNn/AAAA0EHu/jfGLfY/AAAATCN3/5viFvsfAAAAppG7/81xS5P9f/z9v+//6/8vsv8/pf9P+v/4+6r/1/9fBP2//n+n/79kJ93Pb/39+n/9P+tG6/9z9990Zur12/8AAADQwU1n/njV7i1xi/0PAAAA08jd/9a4xf4HAACAaeTuf1vc0mT/6//1/yfe//v+f9H/x99X/b/+/yLo//X/O/3/JTvpfn7r79f/6/9ZN1r/n7v/7XFLk/0PAAAAHeTuf0fcYv8DAADANGL3H/zL7/Y/AAAATOmdZ/541e5dcUuT/d+4/7/mqP3/1f/1n/X/536//v9Y+v+bzv69p//X/2+J/l//v0T/r//f8vvH6f/jB9fq/xnPaP1/7v53xy1N9j8AAAB0kLv/PXGL/Q8AAADTyN1/c9xi/wMAAMA0cve/N25psv8b9/+TfP//PrfEC/T/8/b/vv8fV/+v/z8X/b/+f6f/v2Qn3c9v/f3j9P++/8+4Ruv/c/e/L25psv8BAACgg9z9749b7H8AAACYRu7+D8Qt9j8AAABMI3f/B+OWJvtf/7/1/t/3//X/+n/9/9j0//r/Jfp//f+W36//1/+zbrT+P3f/h+KWJvsfAAAAOsjd/+G4xf4HAACAaeTu/0jcYv8DAADANHL3fzRuabL/9f/6/331/7f/Ivr/Jv3/dfr/nf7/vPT/+v8l+n/9/5bfr//X/7NutP4/d//H4pYm+x8AAAA6yN3/8bjF/gcAAIBp5O7/RNxi/wMAAMA0cvd/Mm64x11O7knH6/R5fh69uf5f/+/7//p/3//X/++T/l//v0T/r//f8vv1//p/1o3W/+fu/1Tc4p//AwAAwDRy9386brH/AQAAYBq5+z8Tt9j/AAAAMI3c/Z+NW5rsf/2//l//v9n+/2r9/+H36//HpP/X/y/R/+v/t/x+/b/+n3Wj9f+5+z8XtzTZ/wAAANBB7v7Pxy32PwAAAEwjd/8X4hb7HwAAAKaRu/+LcUuT/a//1//r/zfb//v+/1nv1/+PSf+v/1+i/9f/b/n9+n/9P+tG6/9z938pbmmy/wEAAKCD3P1fjlvsfwAAAJhG7v6vxC32PwAAAEwjd/9X45Ym+1//r//X/+v/9f/6/33S/+v/l+j/9f9bfr/+X//PutH6/9z9X4tbmux/AAAA6CB3/9fjFvsfAAAAppG7/xtxi/0PAAAA08jd/824pcn+n7n/X/qf6f8P6P/1/zv9v/5/z/T/+v8l+n/9/5bfr//X/7NutP4/d/+34pYm+x8AAAA6yN3/7bjF/gcAAIBp5O7/Ttxi/wMAAMA0cvd/N25psv9n7v+X6P8P6P/1/zv9v/5/z/T/+v8l+n/9/5bfr//X/7PuhPr/07vz9P+5+78XtzTZ/wAAANBB7v7vxy32PwAAAEwjd/8P4hb7HwAAAKaRu/+Hccs8+/++Ny/8Sf3/sff/Z34T6f/1/7sh+//Th96p/z+g/98v/b/+f4n+X/+/5ffr//X/rBvt+/+5+38Ut8yz/wEAAKC93P0/jlvsfwAAAJhG7v6fxC32PwAAAEwjd/9P45Ym+1//7/v/+v9O/f89r9j5/r/+/zLT/+v/l+j/9f9bfr/+X//PutH6/9z9P4tbmux/AAAA6CB3/8/jFvsfAAAAppG7/xdxi/0PAAAA08jd/8u4pcn+1//r//X/rfr/Q+/X/x/Q/++X/l//v0T/r//f8vuz/8/fd/p//T//a7T+P3f/r+KWJvsfAAAAOsjd/+u4xf4HAACAaeTu/03cYv8DAADANHL3/zZuabL/9f/6f/1/m/7/trvtdvp//f9lN1D/f+VRfh39/wH9/2H6f/2/7//r/1k2Wv+fu/+WuKXJ/gcAAIAOcvf/Lm6x/wEAAGAauft/H7fY/wAAADCN3P23xi1N9r/+X/8/Zf9/J/2/7//r/0cxUP9/JPr/A/r/w/T/+n/9v/6fZaP1/7n7/xC3NNn/AAAA0EHu/j/GLfY/AAAATCN3/5/iFvsfAAAAppG7/89xS5P9r//X/198/3+6/rqH7f99/1//r/8fxrz9/5X6f/3/kfv/G248+LH+f5vv1//r/1k3Wv+fu/8vcUuT/Q8AAAAd5O7/a9xi/wMAAMA0cvf/LW6x/wEAAGAaufv/Hrc02f/T9P93v+vB1f/7/r/+X/8fP9f/j2He/t/3//X/vv+v/9f/6/9ZM1r/n7v/H3FLk/0PAAAAHeTu/2fcYv8DAADANHL3/ytusf8BAABgGrn7/x23NNn/0/T/Sf+v/9f/6//j5/r/Mej/9f9L9P/6/y2/X/+v/2fdaP1/7v7/BAAA//9RaTCH")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)

799.426286ms ago: executing program 4 (id=1405):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {0xa, 0x0, 0x3}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {0xa, 0x10}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x0)

789.044307ms ago: executing program 3 (id=1406):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, r1, 0x325, 0x70bd2d, 0x25dfdbfd}, 0x14}}, 0x200080c0)

685.248225ms ago: executing program 1 (id=1407):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x458, 0x87, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xc0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x9, 0x0, 0x1, {0x22, 0xa0}}, {{{0x9, 0x5, 0x81, 0x3, 0x40}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="0000d2000000d200a7ea311df0"], 0x0, 0x0, 0x0, 0x0}, 0x0)

622.80542ms ago: executing program 3 (id=1408):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)={0x18, r1, 0x1, 0x0, 0x0, {0xa}, [@TIPC_NLA_LINK={0x4}]}, 0x18}}, 0x0)

575.831564ms ago: executing program 4 (id=1409):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
ppoll(&(0x7f0000001280)=[{r0}, {r0, 0x100}], 0x2, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000240)='./file3\x00', 0x4002, &(0x7f0000000180), 0x2, 0xbd2, &(0x7f0000000540)="$eJzs3N1rXGUaAPDnnEymaZvtpMuybPdmsyxLC8tOky4p27KwrVS88ULQW6EhnZSQ6QdJpCbNxUT/AVGvBW8EtShe2OveKHrrjba3ihdCkdgoiGjkzEeSNjNJ2s70hPb3g3fO+553Zp7nmcPMOS/MTABPrOHsJo04FBFnk4hSc38aEcV6byCi1rjfyvLixE/LixNJrK4+/30SSUTcWV6caD1X0tzubw4GIuKLp5L446ub487OL0yPV6uVmeb46NyFy0dn5xf+PXVh/HzlfOXi6PH/jh0bOz5yYqxrtf789anrP/79mW9rv7z367Uf3ngniVMx2JzbWEe3DMfw2muyUSEixrsdLCd9zXo21pkUtnlQ2uOkAADoKN1wDffnKEVfrF+8leKTL3NNDgAAAOiK1b6IVQAAAOAxl1j/AwAAwGOu9T2AO8uLE62W7zcSHq3bpyNiqFH/SrM1ZgpRq28Hoj8i9t1JYuPPWpPGwx7acER8c+vEh1mLHv0OeSu1pYj4S7vjn9TrH6r/intz/WlEjHQh/vA9423q7+tCyLs8TP2nuhD/PusHgK64cbpxItt8/kvXrn+izfmv0Obc9SDanP+6fo7fSuv6b2XT9d96/X0drv+e22GMq+++daXTXFb//64//UGrZfGz7bZPuu2frOzM7aWIvxba1Z+s1Z90qP/sDmOUfrtS6TT3wPV3yerbEYejff0tydb/T3R0cqpaGWncto2x9PnY+53i511/dvz3dai/9f9PnY7/5R3GePHMmY827by13t26/vS7YvJCvVds7nl5fG5uZjSimDy7ef+xrXNp3af1HFn9R/6x9fu/Xf3ZZ0Kt+Tpka4Gl5jYbv3JPzP9fu/pxp3xa6788j/+5Dsd/Y/2fFTYf/9d2GOOfn75+pNPcxvVv1rL4rbUwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALSkETEYSVpe66dpuRyxPyL+FPvS6qXZuX9NXnrp4rlsLmIo+tPJqWplJCJKjXGSjUfr/fXxsXvG/4mIgxHxZmlvfVyeuFQ9l3fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArNkfEYORpOWISCNipZSm5XLeWQEAAABddyDvBAAAAICeG8o7AQAAAKDnrP8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADosYN/u3EziYjayb31lik25/pzzQzotTTvBIDc9OWdAJCbQt4JALm5zzW+ywV4DCXbzA90nNnT9VwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2L0OH7pxM4mI2sm99ZYpNuf6c80M6LU07wSA3PR1mhiIiMKjzQV4tLzF4clljQ8k28wPrN+ndvfMnp7lBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDuM1hvSVqOiGJzX7kc8YeIGIr+ZHKqWhmJiAMR8VWpf082Hs05ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALpvdn5herxarcxknTSanbU9OuudpPGK1XZLPjoP2SnGrkhjl3by/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPs/ML0+PVamVmNu9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLzNzi9Mj1erlZkedvKuEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/PweAAD//1pFCiI=")

475.134852ms ago: executing program 3 (id=1410):
r0 = syz_open_dev$media(&(0x7f0000000380), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f00000000c0)={0x80000000, 0x0, &(0x7f0000000240)=[{}, {{0x80000000, <r1=>0x0}, {<r2=>0x80000000, <r3=>0x0}}]})
ioctl$MEDIA_IOC_SETUP_LINK(r0, 0xc0347c03, &(0x7f00000001c0)={{r2, r1, 0x1, [0x0, 0xf7df]}, {r2, r3, 0x7, [0x6]}, 0x1, [0x8, 0x3df]})

272.371618ms ago: executing program 3 (id=1411):
syz_usb_connect(0x5, 0x24, &(0x7f0000001280)={{0x12, 0x1, 0x300, 0x0, 0x1f, 0x66, 0x8, 0x58f, 0x6610, 0x4805, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x4, 0x95, 0x70, 0x81, [{{0x9, 0x4, 0x0, 0x81, 0x0, 0xff, 0xff, 0xff, 0x2}}]}}]}}, &(0x7f0000001700)={0xffffffa0, 0x0, 0x0, 0x0, 0x23})
r0 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000000)={&(0x7f0000000680)=[{0xb5ad, 0x5010, 0x0, 0x0}, {0x4, 0x3810, 0x0, 0x0}, {0x2, 0x811, 0x0, 0x0}], 0x3})

90.636083ms ago: executing program 4 (id=1412):
syz_usb_connect(0x2, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000011620140480b05101e8c00000001090212000100000000090401"], 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000a40)={&(0x7f0000000140)=[{0x0, 0x0, 0x0, 0x0}], 0x1})

0s ago: executing program 5 (id=1413):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x4}}}]}, 0x38}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="280000001800090000000000000000001c140000fe000001000000000c0013"], 0x28}}, 0x0)

kernel console output (not intermixed with test programs):

m.
[   98.332157][ T4276] EXT4-fs (loop4): unmounting filesystem.
[   98.656862][ T5164] loop1: detected capacity change from 0 to 128
[   98.682687][ T5142] loop3: detected capacity change from 0 to 40427
[   98.740040][ T5142] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[   98.760569][ T5142] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   98.873885][ T5142] F2FS-fs (loop3): Found nat_bits in checkpoint
[   98.955823][ T5170] tipc: Started in network mode
[   98.979237][ T5170] tipc: Node identity aaaaaaaaaa3, cluster identity 4711
[   99.015023][ T5170] tipc: Enabled bearer <eth:ipvlan0>, priority 12
[   99.080105][ T5142] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   99.088442][ T5142] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   99.422269][ T4271] syz-executor: attempt to access beyond end of device
[   99.422269][ T4271] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  100.092350][ T5178] loop4: detected capacity change from 0 to 32768
[  100.131812][   T22] tipc: Node number set to 10136234
[  100.136284][ T5178] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 9
[  100.198178][ T5191] loop1: detected capacity change from 0 to 4096
[  100.234949][ T5185] loop2: detected capacity change from 0 to 32768
[  100.329512][ T5185] JBD2: Ignoring recovery information on journal
[  100.367198][ T4794] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 9
[  100.555145][ T5185] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  100.577173][ T5191] ntfs: (device loop1): parse_options(): NLS character set cpS not found. Using previous one iso8859-2.
[  100.631466][ T5191] ntfs: volume version 3.1.
[  100.730210][ T5185] OCFS2: ERROR (device loop2): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #32 has bit count of 1024
[  100.760119][ T5185] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  100.777320][ T5191] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  100.815940][ T5185] OCFS2: File system is now read-only.
[  100.869068][ T5185] (syz.2.299,5185,0):ocfs2_trim_mainbm:7611 ERROR: status = -30
[  100.877351][ T5064] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  100.882302][ T5191] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5).
[  100.910040][ T5191] ntfs: (device loop1): ntfs_cluster_alloc(): Failed to map page.
[  100.920635][ T5205] netlink: 76 bytes leftover after parsing attributes in process `syz.4.307'.
[  100.935595][ T5191] ntfs: (device loop1): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -5).
[  100.969875][ T5191] ntfs: (device loop1): ntfs_attr_extend_allocation(): Cannot extend allocation of inode 0x43, attribute type 0x80, because the conversion from resident to non-resident attribute failed with error code -5.
[  101.046917][ T4270] ocfs2: Unmounting device (7,2) on (node local)
[  101.060015][ T5064] usb 4-1: Using ep0 maxpacket: 32
[  101.065490][ T5191] ntfs: (device loop1): ntfs_prepare_file_for_write(): Cannot perform write to inode 0x43, attribute type 0x80, because extending the allocation failed (error 5).
[  101.093185][ T5064] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  101.119529][ T5064] usb 4-1: config 0 has no interface number 0
[  101.143548][ T5064] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  101.166307][ T5208] loop4: detected capacity change from 0 to 1024
[  101.167047][ T5064] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.211253][ T5064] usb 4-1: Product: syz
[  101.216964][ T5064] usb 4-1: Manufacturer: syz
[  101.236462][ T5064] usb 4-1: SerialNumber: syz
[  101.260206][ T5064] usb 4-1: config 0 descriptor??
[  101.286234][ T5064] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  101.328254][ T5064] usb 4-1: selecting invalid altsetting 1
[  101.355800][ T5064] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  101.394009][ T5208] hfsplus: xattr searching failed
[  101.395868][ T5064] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  101.495446][ T5064] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  101.515615][ T5064] usb 4-1: media controller created
[  101.552053][ T5213] loop1: detected capacity change from 0 to 256
[  101.573511][ T5064] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  101.589575][ T5213] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  101.630234][ T5064] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  101.640998][ T5213] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  101.642707][ T5211] loop2: detected capacity change from 0 to 4096
[  101.667540][ T5064] zl10353_read_register: readreg error (reg=127, ret==-71)
[  101.696478][ T5213] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  101.708767][ T5064] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  101.737816][ T5211] ntfs: (device loop2): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  101.790551][ T5064] usb 4-1: USB disconnect, device number 3
[  101.798278][ T5211] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  101.830818][ T5211] ntfs: (device loop2): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  101.945538][ T5211] ntfs: volume version 3.1.
[  102.467672][ T5223] loop2: detected capacity change from 0 to 4096
[  102.472282][ T5229] loop4: detected capacity change from 0 to 1024
[  102.522366][ T5229] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  102.528042][ T5233] loop3: detected capacity change from 0 to 512
[  102.567590][ T4276] EXT4-fs (loop4): unmounting filesystem.
[  102.594569][ T5223] ntfs: volume version 3.1.
[  102.642204][ T5233] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002]
[  102.700243][ T5233] System zones: 1-12
[  102.706303][ T5233] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.318: Directory hole found for htree index block 0
[  102.727229][ T5233] EXT4-fs (loop3): Remounting filesystem read-only
[  102.811285][ T5233] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117
[  102.829895][ T5233] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.318: Directory hole found for htree index block 0
[  102.866343][ T5233] EXT4-fs (loop3): Remounting filesystem read-only
[  102.916423][ T5233] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  102.930825][ T5233] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  103.032523][ T5233] EXT4-fs: Ignoring sb option on remount
[  103.068421][ T5233] EXT4-fs: Ignoring removed orlov option
[  103.095687][ T5233] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  103.132035][ T5233] EXT4-fs (loop3): re-mounted. Quota mode: writeback.
[  103.150095][ T5247] loop2: detected capacity change from 0 to 512
[  103.210309][ T5247] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  103.239357][ T4271] EXT4-fs (loop3): unmounting filesystem.
[  103.389595][ T5247] ext4 filesystem being mounted at /68/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.457253][ T5253] loop3: detected capacity change from 0 to 256
[  103.504803][ T5253] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  103.572783][ T4270] EXT4-fs (loop2): unmounting filesystem.
[  104.543304][ T5279] xt_policy: too many policy elements
[  104.690398][ T5281] loop3: detected capacity change from 0 to 1024
[  104.825300][    T9] hfsplus: b-tree write err: -5, ino 4
[  104.869286][ T5283] loop1: detected capacity change from 0 to 64
[  105.335026][ T5296] netlink: 'syz.1.344': attribute type 3 has an invalid length.
[  105.556477][ T5303] IPVS: stopping master sync thread 5304 ...
[  105.564890][ T5304] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  105.618971][ T5308] loop3: detected capacity change from 0 to 128
[  105.878961][ T5314] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  106.053553][   T22] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  106.254034][   T22] usb 2-1: Using ep0 maxpacket: 8
[  106.276724][   T22] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  106.308688][   T22] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  106.334464][   T22] usb 2-1: New USB device found, idVendor=044f, idProduct=b654, bcdDevice= 0.00
[  106.399895][   T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.429317][   T22] usb 2-1: config 0 descriptor??
[  106.657185][ T5333] loop2: detected capacity change from 0 to 24
[  106.691765][ T5333] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  106.744390][ T4266] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  106.756823][ T4266] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  106.762559][ T5333] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  106.774654][ T4266] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  106.784354][ T4266] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  106.793462][ T4266] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  106.807149][ T4266] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  106.866321][   T22] thrustmaster 0003:044F:B654.0005: hidraw0: USB HID v0.00 Device [HID 044f:b654] on usb-dummy_hcd.1-1/input0
[  106.883484][   T22] thrustmaster 0003:044F:B654.0005: no inputs found
[  106.952362][ T4366] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.082381][  T127] usb 2-1: USB disconnect, device number 6
[  107.145160][ T4366] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.169676][ T5340] fido_id[5340]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  107.303742][ T4366] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.342311][ T5334] chnl_net:caif_netlink_parms(): no params data found
[  107.349941][   T22] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  107.389848][ T5064] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  107.439377][ T4366] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.494048][ T5334] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.502066][ T5334] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.511561][ T5334] device bridge_slave_0 entered promiscuous mode
[  107.532668][ T5334] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.537437][ T5359] loop3: detected capacity change from 0 to 64
[  107.540227][ T5334] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.555132][ T5334] device bridge_slave_1 entered promiscuous mode
[  107.555158][   T22] usb 3-1: Using ep0 maxpacket: 32
[  107.600000][ T5064] usb 5-1: Using ep0 maxpacket: 16
[  107.601287][   T22] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  107.618273][ T5064] usb 5-1: config 0 has an invalid interface number: 251 but max is 0
[  107.635375][ T5334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.653028][ T5064] usb 5-1: config 0 has no interface number 0
[  107.677580][   T22] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  107.701760][   T22] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.703518][ T5064] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  107.718785][   T22] usb 3-1: config 0 descriptor??
[  107.728509][ T5334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.786346][ T5064] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  107.844825][ T5064] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  107.855857][ T5064] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.869869][ T5064] usb 5-1: Product: syz
[  107.884400][ T5064] usb 5-1: Manufacturer: syz
[  107.894477][ T5064] usb 5-1: SerialNumber: syz
[  107.912273][ T5064] usb 5-1: config 0 descriptor??
[  107.922321][ T5346] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  107.948988][ T5334] team0: Port device team_slave_0 added
[  107.950152][ T5346] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  107.987536][ T5334] team0: Port device team_slave_1 added
[  108.139553][ T5334] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.151248][   T22] magicmouse 0003:05AC:0265.0006: item fetching failed at offset 2/5
[  108.159778][ T5334] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.171865][   T22] magicmouse 0003:05AC:0265.0006: magicmouse hid parse failed
[  108.202691][   T22] magicmouse: probe of 0003:05AC:0265.0006 failed with error -22
[  108.234225][ T5346] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  108.257981][ T5346] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  108.259984][ T5334] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.279896][  T127] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  108.346840][ T5334] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.364875][ T5334] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.419956][ T5334] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.484281][   T22] usb 3-1: USB disconnect, device number 3
[  108.490783][  T127] usb 2-1: Using ep0 maxpacket: 8
[  108.497718][  T127] usb 2-1: config index 0 descriptor too short (expected 30, got 18)
[  108.545693][  T127] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  108.565257][  T127] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.587657][  T127] usb 2-1: Product: syz
[  108.605717][  T127] usb 2-1: Manufacturer: syz
[  108.615827][  T127] usb 2-1: SerialNumber: syz
[  108.634262][  T127] usb 2-1: config 0 descriptor??
[  108.656219][ T5334] device hsr_slave_0 entered promiscuous mode
[  108.681678][  T127] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  108.682226][ T5064] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  108.700527][ T5334] device hsr_slave_1 entered promiscuous mode
[  108.708005][  T127] usb 2-1: setting power ON
[  108.719528][ T5363] loop3: detected capacity change from 0 to 32768
[  108.726727][  T127] dvb-usb: bulk message failed: -22 (2/0)
[  108.732035][ T5064] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read software interface selection register: -71
[  108.735624][  T127] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  108.766261][ T5363] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.373 (5363)
[  108.776091][ T5064] asix: probe of 5-1:0.251 failed with error -71
[  108.787898][  T127] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  108.796779][  T127] usb 2-1: media controller created
[  108.815661][  T127] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  108.848207][ T5064] usb 5-1: USB disconnect, device number 2
[  108.849138][  T127] usb 2-1: selecting invalid altsetting 6
[  108.875546][ T5334] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  108.898008][  T127] usb 2-1: digital interface selection failed (-22)
[  108.901649][ T5334] Cannot create hsr debugfs directory
[  108.908234][ T5365] dvb-usb: bulk message failed: -22 (3/0)
[  108.911437][ T4269] Bluetooth: hci1: command 0x0409 tx timeout
[  108.919367][  T127] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  108.940067][ T5365] cxusb: i2c rd: len=80 is too big!
[  108.940067][ T5365] 
[  108.943567][ T5363] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  108.980089][  T127] usb 2-1: setting power OFF
[  108.985248][  T127] dvb-usb: bulk message failed: -22 (2/0)
[  109.034800][ T5363] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  109.044095][ T5363] BTRFS info (device loop3): metadata ratio 2
[  109.053393][  T127] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  109.053426][ T5363] BTRFS info (device loop3): force zlib compression, level 3
[  109.070599][ T5363] BTRFS info (device loop3): enabling auto defrag
[  109.077317][ T5363] BTRFS warning (device loop3): excessive commit interval 3966
[  109.085844][ T5363] BTRFS info (device loop3): max_inline at 0
[  109.091950][ T5363] BTRFS info (device loop3): using free space tree
[  109.109940][  T127] (NULL device *): no alternate interface
[  109.222875][  T127] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  109.289286][  T127] usb 2-1: USB disconnect, device number 7
[  109.667680][ T4271] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  109.851574][ T4794] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop3 scanned by udevd (4794)
[  110.548957][ T5437] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0
[  110.699355][ T5334] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  110.869167][ T5334] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  110.904365][ T5334] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  110.979921][ T4266] Bluetooth: hci1: command 0x041b tx timeout
[  111.200723][ T5334] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  111.329966][ T4366] device hsr_slave_0 left promiscuous mode
[  111.351082][ T4366] device hsr_slave_1 left promiscuous mode
[  111.388103][ T4366] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  111.405052][ T4366] batman_adv: batadv0: Removing interface: batadv_slave_0
[  111.458938][ T4366] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  111.485666][ T4366] batman_adv: batadv0: Removing interface: batadv_slave_1
[  111.495413][ T5477] loop3: detected capacity change from 0 to 64
[  111.517776][ T4366] device bridge_slave_1 left promiscuous mode
[  111.533033][ T4366] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.640996][ T4366] device bridge_slave_0 left promiscuous mode
[  111.645516][ T5482] loop1: detected capacity change from 0 to 64
[  111.655745][ T4366] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.806002][ T4366] device veth1_macvtap left promiscuous mode
[  111.820793][ T4366] device veth0_macvtap left promiscuous mode
[  111.838486][ T4366] device veth1_vlan left promiscuous mode
[  111.855955][ T4366] device veth0_vlan left promiscuous mode
[  111.926193][ T5489] loop1: detected capacity change from 0 to 2048
[  111.948717][ T5489] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  111.989611][ T5491] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  112.528756][ T4366] team0 (unregistering): Port device team_slave_1 removed
[  112.575179][ T4366] team0 (unregistering): Port device team_slave_0 removed
[  112.613613][ T4366] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  112.662347][ T4366] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  113.063097][ T4266] Bluetooth: hci1: command 0x040f tx timeout
[  113.132204][ T4366] bond0 (unregistering): Released all slaves
[  113.383755][ T5499] loop4: detected capacity change from 0 to 1024
[  113.501151][ T5499] hfsplus: bad catalog entry type
[  113.568501][ T5334] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.602722][ T5505] loop1: detected capacity change from 0 to 64
[  113.631431][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  113.641959][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  113.683379][ T5334] 8021q: adding VLAN 0 to HW filter on device team0
[  113.716726][   T11] hfsplus: b-tree write err: -5, ino 4
[  113.726103][ T5505] syz.1.411: attempt to access beyond end of device
[  113.726103][ T5505] loop1: rw=2049, sector=268435468, nr_sectors = 2 limit=64
[  113.738656][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  113.788143][ T5505] Buffer I/O error on dev loop1, logical block 134217734, lost async page write
[  113.791628][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  113.868414][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.875697][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.952494][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  113.989879][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  114.013785][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  114.040173][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.047404][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.085138][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  114.122971][ T5519] loop2: detected capacity change from 0 to 2048
[  114.150177][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  114.161937][ T5519] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  114.195518][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  114.236676][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  114.268952][ T5525] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  114.278004][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  114.350826][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  114.410518][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  114.429248][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  114.455487][ T5334] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  114.496542][ T5334] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  114.530891][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  114.545603][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  114.575479][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  114.844970][ T5544] loop2: detected capacity change from 0 to 8
[  114.938978][ T5544] SQUASHFS error: zlib decompression failed, data probably corrupt
[  114.957129][ T5544] SQUASHFS error: Failed to read block 0x9b: -5
[  114.973840][ T5544] SQUASHFS error: Unable to read metadata cache entry [99]
[  114.988472][ T5544] SQUASHFS error: Unable to read inode 0x127
[  114.989947][   T27] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  115.016047][ T5517] loop3: detected capacity change from 0 to 32768
[  115.046365][ T5517] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.416 (5517)
[  115.107076][ T5517] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  115.139805][ T4266] Bluetooth: hci1: command 0x0419 tx timeout
[  115.146660][ T5517] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  115.211368][   T27] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  115.239055][ T5517] BTRFS info (device loop3): enabling auto defrag
[  115.259355][   T27] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  115.285615][ T5517] BTRFS info (device loop3): doing ref verification
[  115.300603][   T27] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  115.314762][ T5517] BTRFS info (device loop3): max_inline at 0
[  115.350181][ T5517] BTRFS info (device loop3): force clearing of disk cache
[  115.357355][ T5517] BTRFS info (device loop3): turning on sync discard
[  115.369780][   T27] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  115.379115][   T27] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.409800][ T5517] BTRFS info (device loop3): disabling free space tree
[  115.444107][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  115.468399][   T27] usb 5-1: config 0 descriptor??
[  115.483002][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  115.505288][   T27] hub 5-1:0.0: USB hub found
[  115.559004][ T5334] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.703084][ T5517] BTRFS info (device loop3): enabling ssd optimizations
[  115.707966][   T27] hub 5-1:0.0: 14 ports detected
[  115.715955][   T27] hub 5-1:0.0: insufficient power available to use all downstream ports
[  115.768163][ T5517] BTRFS info (device loop3): rebuilding free space tree
[  115.847537][ T5517] BTRFS info (device loop3): disabling free space tree
[  115.870406][ T5517] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  115.899845][ T5517] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  115.917383][ T5541] loop4: detected capacity change from 0 to 512
[  116.022701][ T5541] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  116.066055][ T5541] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.173182][   T27] hub 5-1:0.0: hub_hub_status failed (err = -71)
[  116.197707][ T5559] orangefs_mount: mount request failed with -4
[  116.199513][   T27] hub 5-1:0.0: config failed, can't get hub status (err -71)
[  116.286261][   T27] usb 5-1: USB disconnect, device number 3
[  116.555325][ T4271] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  117.135434][ T5598] loop1: detected capacity change from 0 to 131072
[  117.215475][ T4276] EXT4-fs (loop4): unmounting filesystem.
[  117.254715][ T5598] F2FS-fs (loop1): Found nat_bits in checkpoint
[  117.307250][ T5598] F2FS-fs (loop1): recover fsync data on readonly fs
[  117.316155][ T5598] F2FS-fs (loop1): Mounted with checkpoint version = 1b41e955
[  117.524704][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  117.550975][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  117.616732][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  117.643408][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  117.693955][ T5334] device veth0_vlan entered promiscuous mode
[  117.713518][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  117.750588][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  117.776712][ T5623] loop1: detected capacity change from 0 to 16
[  117.807670][ T5334] device veth1_vlan entered promiscuous mode
[  117.816213][ T5623] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  117.904703][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  117.926279][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  117.972061][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  117.986373][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  117.999192][ T5334] device veth0_macvtap entered promiscuous mode
[  118.017866][ T5334] device veth1_macvtap entered promiscuous mode
[  118.067303][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.079794][ T4255] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  118.102571][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.189173][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.217007][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.243523][ T5638] loop2: detected capacity change from 0 to 512
[  118.247571][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.269885][ T4255] usb 5-1: Using ep0 maxpacket: 8
[  118.275280][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.284470][ T5638] EXT4-fs: Ignoring removed mblk_io_submit option
[  118.287011][ T4255] usb 5-1: config index 0 descriptor too short (expected 30, got 18)
[  118.307629][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.324184][ T4255] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  118.349538][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.389774][ T4255] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.406650][ T4255] usb 5-1: Product: syz
[  118.412873][ T5334] batman_adv: batadv0: Interface activated: batadv_slave_0
[  118.432256][ T4255] usb 5-1: Manufacturer: syz
[  118.437485][ T4255] usb 5-1: SerialNumber: syz
[  118.461429][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  118.482039][ T4255] usb 5-1: config 0 descriptor??
[  118.498326][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.510250][ T4255] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  118.518308][ T4255] usb 5-1: setting power ON
[  118.552036][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  118.563443][ T4255] dvb-usb: bulk message failed: -22 (2/0)
[  118.581496][ T4255] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  118.599866][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.610725][ T4255] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  118.616296][ T5644] loop1: detected capacity change from 0 to 1764
[  118.619182][ T4255] usb 5-1: media controller created
[  118.634539][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  118.657685][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.672818][ T5638] EXT4-fs (loop2): Test dummy encryption mode enabled
[  118.686326][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  118.696445][ T5638] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802e018, mo2=0002]
[  118.714151][ T5625] dvb-usb: bulk message failed: -22 (3/0)
[  118.726408][ T4255] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  118.737454][ T5638] EXT4-fs error (device loop2): ext4_orphan_get:1400: comm syz.2.443: inode #13: comm syz.2.443: iget: illegal inode #
[  118.737579][ T5625] cxusb: i2c rd: len=80 is too big!
[  118.737579][ T5625] 
[  118.751265][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.765182][ T5644] iso9660: Corrupted directory entry in block 2 of inode 1920
[  118.770161][ T5334] batman_adv: batadv0: Interface activated: batadv_slave_1
[  118.779922][ T5638] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.443: couldn't read orphan inode 13 (err -117)
[  118.784217][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  118.805079][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  118.815874][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  118.827621][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  118.833163][ T5638] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  118.836781][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  118.854615][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  118.878208][ T5334] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.879835][ T4255] usb 5-1: selecting invalid altsetting 6
[  118.892122][ T5334] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.912761][ T5334] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.926203][ T5334] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.956789][ T4255] usb 5-1: digital interface selection failed (-22)
[  119.000449][ T4255] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  119.029889][ T4255] usb 5-1: setting power OFF
[  119.053528][ T4255] dvb-usb: bulk message failed: -22 (2/0)
[  119.075099][ T4255] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  119.124501][ T4255] (NULL device *): no alternate interface
[  119.126738][ T5638] EXT4-fs error (device loop2): ext4_resize_begin:62: comm syz.2.443: resize_inode disabled but reserved GDT blocks non-zero
[  119.227682][ T4360] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.278096][ T4360] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.301975][ T4255] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  119.381583][ T4255] usb 5-1: USB disconnect, device number 4
[  119.381995][ T4366] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  119.423865][ T4360] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.468414][ T4360] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.530822][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  119.555031][ T4270] EXT4-fs (loop2): unmounting filesystem.
[  119.959319][ T5669] loop4: detected capacity change from 0 to 128
[  120.013044][ T5669] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  120.085986][ T5669] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  120.466281][ T5681] loop5: detected capacity change from 0 to 64
[  120.625806][ T5657] loop3: detected capacity change from 0 to 32768
[  120.680953][ T5657] XFS: noikeep mount option is deprecated.
[  120.852882][ T5661] loop2: detected capacity change from 0 to 32768
[  120.877928][ T5657] XFS (loop3): Mounting V5 Filesystem
[  121.065947][ T5657] XFS (loop3): Ending clean mount
[  121.093248][ T5657] XFS (loop3): Quotacheck needed: Please wait.
[  121.211626][ T5657] XFS (loop3): Quotacheck: Done.
[  121.289205][ T5713] sp0: Synchronizing with TNC
[  121.503502][ T4271] XFS (loop3): Unmounting Filesystem
[  121.664283][ T5720] loop1: detected capacity change from 0 to 1024
[  121.936056][   T33] hfsplus: b-tree write err: -5, ino 4
[  122.215883][ T5736] netlink: 32 bytes leftover after parsing attributes in process `syz.2.476'.
[  122.249554][ T5708] loop5: detected capacity change from 0 to 32768
[  122.280123][ T5738] netlink: 32 bytes leftover after parsing attributes in process `syz.2.476'.
[  122.363803][ T5737] loop4: detected capacity change from 0 to 2048
[  122.431008][ T5737] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d
[  122.492647][ T5737] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  123.136318][ T5766] loop3: detected capacity change from 0 to 16
[  123.233882][ T5766] erofs: (device loop3): mounted with root inode @ nid 36.
[  123.331135][ T5766] erofs: (device loop3): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36
[  123.384149][ T5766] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535
[  123.893393][ T5799] loop5: detected capacity change from 0 to 512
[  123.979856][ T4613] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  124.022463][ T5799] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  124.079933][ T5799] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  124.179871][ T4613] usb 3-1: Using ep0 maxpacket: 8
[  124.187019][ T4613] usb 3-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  124.187047][ T4613] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.187065][ T4613] usb 3-1: Product: syz
[  124.187078][ T4613] usb 3-1: Manufacturer: syz
[  124.187091][ T4613] usb 3-1: SerialNumber: syz
[  124.188964][ T4613] usb 3-1: config 0 descriptor??
[  124.192123][ T4613] radio-usb-si4713 3-1:0.0: Si4713 development board discovered: (10C4:8244)
[  124.330860][ T5334] EXT4-fs (loop5): unmounting filesystem.
[  124.494888][ T5824] capability: warning: `syz.5.508' uses deprecated v2 capabilities in a way that may be insecure
[  124.681026][ T5830] netlink: 'syz.5.511': attribute type 3 has an invalid length.
[  124.806488][ T4613] radio-usb-si4713: probe of 3-1:0.0 failed with error -71
[  124.837400][ T4613] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  124.865829][ T4613] usb 3-1: USB disconnect, device number 4
[  124.889057][ T5837] netlink: 44 bytes leftover after parsing attributes in process `syz.4.513'.
[  125.339943][ T4549] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  125.363003][ T5861] loop1: detected capacity change from 0 to 256
[  125.392405][ T5861] exfat: Deprecated parameter 'namecase'
[  125.455021][ T5861] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  125.531725][ T4549] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  125.610827][ T4549] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64
[  125.662573][ T4549] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  125.719831][ T4549] usb 4-1: New USB device found, idVendor=046d, idProduct=e104, bcdDevice= 0.00
[  125.729049][ T4549] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.800624][ T4549] usb 4-1: config 0 descriptor??
[  125.806176][ T5847] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  125.840215][ T4269] Bluetooth: hci0: Unknown advertising packet type: 0xb00
[  125.840304][ T4269] Bluetooth: hci0: Malformed LE Event: 0x0d
[  126.265241][ T4549] hid-generic 0003:046D:E104.0007: unbalanced collection at end of report description
[  126.284971][ T4549] hid-generic: probe of 0003:046D:E104.0007 failed with error -22
[  126.490628][ T4255] usb 4-1: USB disconnect, device number 4
[  127.363167][ T5922] loop4: detected capacity change from 0 to 64
[  127.749960][ T4255] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  127.872511][ T5904] loop2: detected capacity change from 0 to 32768
[  127.949904][ T4255] usb 2-1: Using ep0 maxpacket: 32
[  127.965335][ T4255] usb 2-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=82.d5
[  127.976372][ T5941] loop4: detected capacity change from 0 to 512
[  127.990739][ T5941] EXT4-fs: Ignoring removed nomblk_io_submit option
[  128.009915][ T4255] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.010018][ T5941] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  128.025899][ T4255] usb 2-1: Product: syz
[  128.033909][ T4255] usb 2-1: Manufacturer: syz
[  128.039028][ T4255] usb 2-1: SerialNumber: syz
[  128.045634][ T4255] usb 2-1: config 0 descriptor??
[  128.052425][ T5904] XFS (loop2): Mounting V5 Filesystem
[  128.054754][ T4255] hub 2-1:0.0: bad descriptor, ignoring hub
[  128.084909][ T4255] hub: probe of 2-1:0.0 failed with error -5
[  128.110315][ T5941] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  128.141592][ T5941] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=842c01c, mo2=0002]
[  128.147378][ T5904] XFS (loop2): Ending clean mount
[  128.153871][ T5954] loop5: detected capacity change from 0 to 256
[  128.171188][ T4255] gspca_main: vc032x-2.14.0 probing 0ac8:c301
[  128.213117][ T5956] loop3: detected capacity change from 0 to 256
[  128.236357][ T5941] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80)
[  128.242289][ T5956] FAT-fs (loop3): Directory bread(block 64) failed
[  128.264200][ T5904] XFS (loop2): Quotacheck needed: Please wait.
[  128.271569][ T5941] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features
[  128.281248][ T4255] gspca_vc032x: reg_w err -71
[  128.282375][ T5954] exfat: Deprecated parameter 'utf8'
[  128.285944][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.319361][ T5954] exfat: Deprecated parameter 'namecase'
[  128.336500][ T5941] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  128.363959][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.370493][ T5956] FAT-fs (loop3): Directory bread(block 65) failed
[  128.386271][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.397101][ T5956] FAT-fs (loop3): Directory bread(block 66) failed
[  128.409639][ T5954] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  128.418004][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.449839][ T5956] FAT-fs (loop3): Directory bread(block 67) failed
[  128.463209][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.489817][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.500568][ T5956] FAT-fs (loop3): Directory bread(block 68) failed
[  128.500601][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.539463][ T5956] FAT-fs (loop3): Directory bread(block 69) failed
[  128.559122][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.581725][ T5956] FAT-fs (loop3): Directory bread(block 70) failed
[  128.585186][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.605762][ T5956] FAT-fs (loop3): Directory bread(block 71) failed
[  128.630230][ T5956] FAT-fs (loop3): Directory bread(block 72) failed
[  128.632824][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.636793][ T5956] FAT-fs (loop3): Directory bread(block 73) failed
[  128.673402][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.683803][ T4276] EXT4-fs (loop4): unmounting filesystem.
[  128.694607][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.719950][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.730011][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.735344][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.769807][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.780908][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.819874][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.835474][ T4255] gspca_vc032x: I2c Bus Busy Wait 00
[  128.874907][ T4255] gspca_vc032x: Unknown sensor...
[  128.907851][ T4255] vc032x: probe of 2-1:0.0 failed with error -22
[  128.968911][ T4255] usb 2-1: USB disconnect, device number 8
[  128.986695][ T5904] XFS (loop2): Quotacheck: Done.
[  129.285271][ T4270] XFS (loop2): Unmounting Filesystem
[  129.317845][ T5971] loop3: detected capacity change from 0 to 1024
[  130.054366][ T5997] loop1: detected capacity change from 0 to 8
[  130.089873][ T4960] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  130.122037][ T5997] SQUASHFS error: Failed to read block 0x260685: -5
[  130.137572][ T5997] SQUASHFS error: Unable to read metadata cache entry [260685]
[  130.163773][ T5997] SQUASHFS error: Unable to read directory block [260685:0]
[  130.202204][ T5999] SQUASHFS error: Unable to read metadata cache entry [260685]
[  130.202703][ T6001] loop3: detected capacity change from 0 to 8
[  130.219896][ T5999] SQUASHFS error: Unable to read directory block [260685:0]
[  130.256517][ T6001] SQUASHFS error: Unable to read directory block [629:4f]
[  130.300054][ T4960] usb 6-1: Using ep0 maxpacket: 16
[  130.307623][ T4960] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  130.348723][ T4960] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  130.375015][ T4960] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  130.416683][ T4960] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  130.471998][ T4960] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  130.503111][ T6007] loop2: detected capacity change from 0 to 16
[  130.513100][ T4960] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  130.529651][ T6007] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  130.569137][ T4960] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  130.599167][ T4960] usb 6-1: Manufacturer: syz
[  130.617601][ T4960] usb 6-1: config 0 descriptor??
[  130.693680][ T6009] loop1: detected capacity change from 0 to 4096
[  130.724760][ T5989] loop4: detected capacity change from 0 to 32768
[  130.817084][ T6014] loop3: detected capacity change from 0 to 128
[  131.149930][ T4960] rc_core: IR keymap rc-hauppauge not found
[  131.158478][ T4960] Registered IR keymap rc-empty
[  131.178190][ T4960] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  131.215679][ T4960] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  131.281251][ T4960] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  131.329655][ T4960] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input9
[  131.398965][ T4960] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  131.449861][ T4960] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  131.489889][ T4960] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  131.529857][ T4960] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  131.579843][ T4960] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  131.620107][ T4960] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  131.659857][ T4960] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  131.689876][ T4960] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  131.739904][ T4960] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  131.799824][ T4960] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  131.831221][ T4960] mceusb 6-1:0.0: Registered  with mce emulator interface version 1
[  131.879801][ T4960] mceusb 6-1:0.0: 2 tx ports (0x1 cabled) and 2 rx sensors (0x0 active)
[  131.909155][ T4960] usb 6-1: USB disconnect, device number 2
[  132.154563][ T6026] loop4: detected capacity change from 0 to 32768
[  132.177733][ T6026] BTRFS: device fsid 3a375e4e-b156-4d76-a2ad-16e198ce1409 devid 1 transid 8 /dev/loop4 scanned by syz.4.579 (6026)
[  132.229396][ T6026] BTRFS info (device loop4): first mount of filesystem 3a375e4e-b156-4d76-a2ad-16e198ce1409
[  132.239834][ T4554] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  132.255726][ T6026] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  132.270342][ T6026] BTRFS info (device loop4): using free space tree
[  132.378354][ T6060] netlink: 48 bytes leftover after parsing attributes in process `syz.1.594'.
[  132.444850][ T4554] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  132.494418][ T4554] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  132.537392][ T4554] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  132.557923][ T4554] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  132.578894][ T6026] BTRFS info (device loop4): enabling ssd optimizations
[  132.579913][ T4554] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  132.621235][ T4554] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  132.638272][ T4554] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  132.646715][ T4554] usb 4-1: Product: syz
[  132.651209][ T4554] usb 4-1: Manufacturer: syz
[  132.662135][ T4554] cdc_wdm 4-1:1.0: skipping garbage
[  132.667484][ T4554] cdc_wdm 4-1:1.0: skipping garbage
[  132.690211][ T4554] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  132.699875][ T4554] cdc_wdm 4-1:1.0: Unknown control protocol
[  132.729808][ T4613] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  132.826188][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  132.832971][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  132.853262][ T4276] BTRFS info (device loop4): last unmount of filesystem 3a375e4e-b156-4d76-a2ad-16e198ce1409
[  132.933941][ T4554] usb 4-1: USB disconnect, device number 5
[  132.949972][ T4613] usb 6-1: Using ep0 maxpacket: 16
[  132.957153][ T4613] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  132.995579][ T4613] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  133.029117][ T4613] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  133.048316][ T4613] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.066835][ T4613] usb 6-1: Product: syz
[  133.075813][ T4613] usb 6-1: Manufacturer: syz
[  133.087864][ T4613] usb 6-1: SerialNumber: syz
[  133.235040][ T4794] BTRFS: device fsid 3a375e4e-b156-4d76-a2ad-16e198ce1409 devid 1 transid 9 /dev/loop4 scanned by udevd (4794)
[  133.525289][ T4613] usb 6-1: cannot find UAC_HEADER
[  133.687960][ T4613] snd-usb-audio: probe of 6-1:1.0 failed with error -22
[  133.809928][ T4282] udevd[4282]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  133.833785][ T6089] loop2: detected capacity change from 0 to 32768
[  133.857566][ T4613] usb 6-1: USB disconnect, device number 3
[  133.872096][ T6089] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.601 (6089)
[  133.939602][ T6089] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  133.990093][ T6089] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  133.999370][ T6089] BTRFS info (device loop2): enabling auto defrag
[  134.066800][ T6089] BTRFS info (device loop2): doing ref verification
[  134.109881][ T6089] BTRFS info (device loop2): max_inline at 0
[  134.116080][ T6089] BTRFS info (device loop2): force clearing of disk cache
[  134.141811][ T6089] BTRFS info (device loop2): turning on sync discard
[  134.185149][ T6089] BTRFS info (device loop2): disabling free space tree
[  134.465286][ T6143] netlink: 332 bytes leftover after parsing attributes in process `syz.3.611'.
[  134.495097][ T6147] loop4: detected capacity change from 0 to 512
[  134.501850][ T6089] BTRFS info (device loop2): enabling ssd optimizations
[  134.522220][ T6089] BTRFS info (device loop2): rebuilding free space tree
[  134.550557][ T6143] netlink: 'syz.3.611': attribute type 9 has an invalid length.
[  134.573699][ T6089] BTRFS info (device loop2): disabling free space tree
[  134.587877][ T6089] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  134.595731][ T6143] netlink: 108 bytes leftover after parsing attributes in process `syz.3.611'.
[  134.604735][ T6147] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  134.637963][ T6089] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  134.674497][ T6147] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  134.681367][ T6143] netlink: 32 bytes leftover after parsing attributes in process `syz.3.611'.
[  134.738750][ T6147] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  134.808068][ T6147] EXT4-fs (loop4): 1 truncate cleaned up
[  134.849861][ T6147] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  134.912628][ T4270] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  135.114715][ T6160] loop1: detected capacity change from 0 to 4096
[  135.135288][ T4276] EXT4-fs (loop4): unmounting filesystem.
[  135.232529][ T6160] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[  135.251612][ T4282] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 12 /dev/loop2 scanned by udevd (4282)
[  135.813832][ T6181] loop3: detected capacity change from 0 to 1024
[  136.949445][ T6223] loop3: detected capacity change from 0 to 1024
[  136.960129][ T6225] netlink: 'syz.5.642': attribute type 1 has an invalid length.
[  137.023829][ T6223] hfsplus: bad catalog entry type
[  137.106882][ T4347] hfsplus: b-tree write err: -5, ino 4
[  137.865893][ T6252] loop5: detected capacity change from 0 to 512
[  137.889529][ T6252] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  137.960764][ T6252] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  137.978712][ T6248] loop3: detected capacity change from 0 to 4096
[  137.986934][ T6228] loop4: detected capacity change from 0 to 32768
[  137.999757][ T6252] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.657: corrupted in-inode xattr
[  138.081500][ T6248] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  138.090891][ T6252] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.657: couldn't read orphan inode 15 (err -117)
[  138.158262][ T6252] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  138.222404][ T6228] XFS (loop4): Mounting V5 Filesystem
[  138.478154][ T6252] System zones: 1-12
[  138.485001][ T6228] XFS (loop4): Ending clean mount
[  138.539491][ T6252] EXT4-fs (loop5): re-mounted. Quota mode: writeback.
[  138.578071][ T6228] XFS (loop4): Quotacheck needed: Please wait.
[  138.627460][ T6263] loop2: detected capacity change from 0 to 4096
[  138.706225][ T5334] EXT4-fs (loop5): unmounting filesystem.
[  138.730068][ T6228] XFS (loop4): Quotacheck: Done.
[  138.988801][ T6267] loop3: detected capacity change from 0 to 8192
[  139.042302][ T4276] XFS (loop4): Unmounting Filesystem
[  139.141621][ T6274] genirq: Flags mismatch irq 4. 00000000 (das16m1) vs. 00000000 (ttyS0)
[  139.157017][ T6267] syz.3.660 (6267) used greatest stack depth: 19648 bytes left
[  139.748485][ T6293] [U] ¦
[  140.202832][ T6310] loop1: detected capacity change from 0 to 64
[  140.327134][ T6315] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  140.408090][ T6317] loop5: detected capacity change from 0 to 64
[  140.510047][ T6317] syz.5.679: attempt to access beyond end of device
[  140.510047][ T6317] loop5: rw=0, sector=1024, nr_sectors = 2 limit=64
[  140.592167][ T6317] Buffer I/O error on dev loop5, logical block 512, async page read
[  140.668678][ T6317] syz.5.679: attempt to access beyond end of device
[  140.668678][ T6317] loop5: rw=0, sector=113152, nr_sectors = 2 limit=64
[  140.697593][ T6317] Buffer I/O error on dev loop5, logical block 56576, async page read
[  140.805213][ T6286] loop3: detected capacity change from 0 to 32768
[  140.863900][ T6330] loop1: detected capacity change from 0 to 2048
[  140.888768][ T6286] XFS (loop3): Mounting V5 Filesystem
[  140.984448][ T6286] XFS (loop3): Ending clean mount
[  140.995403][ T6330] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  141.120637][ T6286] XFS (loop3): Quotacheck needed: Please wait.
[  141.285602][ T6286] XFS (loop3): Quotacheck: Done.
[  141.555532][ T6328] loop2: detected capacity change from 0 to 32768
[  141.605999][ T4271] XFS (loop3): Unmounting Filesystem
[  141.725498][ T6328] XFS (loop2): Mounting V5 Filesystem
[  142.031128][ T6328] XFS (loop2): Ending clean mount
[  142.057958][ T6328] XFS (loop2): Quotacheck needed: Please wait.
[  142.155733][ T6328] XFS (loop2): Quotacheck: Done.
[  142.194142][ T6383] netlink: 24 bytes leftover after parsing attributes in process `syz.1.695'.
[  142.391369][ T4270] XFS (loop2): Unmounting Filesystem
[  142.563967][ T5417] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  142.769951][ T5417] usb 5-1: Using ep0 maxpacket: 32
[  142.780668][ T5417] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  142.819965][ T5417] usb 5-1: config 0 has no interface number 0
[  142.863972][ T5417] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  142.899980][ T6154] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 2: invalid block bitmap
[  142.925075][ T5417] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.964549][ T5417] usb 5-1: Product: syz
[  142.979043][ T5417] usb 5-1: Manufacturer: syz
[  142.992540][ T5417] usb 5-1: SerialNumber: syz
[  143.015331][ T5417] usb 5-1: config 0 descriptor??
[  143.027839][ T5417] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  143.063934][ T6407] tipc: Started in network mode
[  143.099381][ T6407] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  143.141741][ T6407] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00aa
[  143.218851][ T6407] tipc: Enabled bearer <udp:syz0>, priority 10
[  143.234571][ T5417] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  143.274999][ T5417] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  143.636727][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  143.647407][ T5417] usb 5-1: USB disconnect, device number 5
[  143.670308][ T5417] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  143.722856][ T5417] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  143.762345][ T6400] loop3: detected capacity change from 0 to 32768
[  143.789681][ T5417] quatech2 5-1:0.51: device disconnected
[  144.314497][ T4394] tipc: Node number set to 1
[  144.346694][ T6445] loop4: detected capacity change from 0 to 512
[  144.484958][ T6445] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.718: iget: bad extended attribute block 1
[  144.577230][ T6445] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.718: couldn't read orphan inode 15 (err -117)
[  144.640544][ T6445] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  144.862762][ T4276] EXT4-fs (loop4): unmounting filesystem.
[  145.594901][ T6484] loop4: detected capacity change from 0 to 164
[  145.704019][ T6484] rock: directory entry would overflow storage
[  145.732739][ T6484] rock: sig=0x66, size=4, remaining=3
[  145.800672][ T6484] rock: directory entry would overflow storage
[  145.806878][ T6484] rock: sig=0x66, size=4, remaining=3
[  145.925044][ T6463] loop2: detected capacity change from 0 to 32768
[  145.975146][ T6463] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.723 (6463)
[  146.061937][ T6463] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  146.116388][ T6463] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  146.151538][ T6463] BTRFS info (device loop2): using free space tree
[  146.519931][ T6463] BTRFS info (device loop2): enabling ssd optimizations
[  146.586954][   T26] kauditd_printk_skb: 13 callbacks suppressed
[  146.586968][   T26] audit: type=1800 audit(1755615449.687:18): pid=6463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.723" name="file1" dev="loop2" ino=260 res=0 errno=0
[  146.731128][ T6463] BTRFS info (device loop2): balance: start -susage=4294967288..4294967100,vrange=5..9,limit=4
[  146.744052][ T6463] BTRFS info (device loop2): balance: ended with status: 0
[  146.873260][ T6532] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  146.902772][ T5067] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  146.973754][ T4270] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  147.014924][ T6512] loop3: detected capacity change from 0 to 32768
[  147.122891][ T6512] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  147.240672][ T6512] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  147.486098][    T7] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  147.567215][ T4271] ocfs2: Unmounting device (7,3) on (node local)
[  147.662324][ T4282] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 11 /dev/loop2 scanned by udevd (4282)
[  147.680729][ T6547] netlink: 12 bytes leftover after parsing attributes in process `syz.1.746'.
[  148.046414][ T6516] loop4: detected capacity change from 0 to 32768
[  148.301895][ T6516] XFS (loop4): Mounting V5 Filesystem
[  148.469157][ T6516] XFS (loop4): Ending clean mount
[  148.504842][ T6516] XFS (loop4): Quotacheck needed: Please wait.
[  148.545414][ T6585] genirq: Flags mismatch irq 4. 00000000 (pcl812) vs. 00000000 (ttyS0)
[  148.644153][ T6516] XFS (loop4): Quotacheck: Done.
[  148.707347][   T26] audit: type=1800 audit(1755615451.807:19): pid=6516 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.739" name="bus" dev="loop4" ino=4426 res=0 errno=0
[  149.089455][ T4276] XFS (loop4): Unmounting Filesystem
[  149.677078][ T6582] loop5: detected capacity change from 0 to 32768
[  149.757918][ T6582] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  149.827902][ T6582] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  149.965154][ T6601] loop2: detected capacity change from 0 to 32768
[  150.042800][ T5334] ocfs2: Unmounting device (7,5) on (node local)
[  150.110826][ T6601] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  150.189521][ T6601] (syz.2.763,6601,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=16, inode=65, rec_len=64016, name_len=255
[  150.471139][ T4270] ocfs2: Unmounting device (7,2) on (node local)
[  151.043824][ T6642] loop4: detected capacity change from 0 to 512
[  151.051922][ T6608] loop3: detected capacity change from 0 to 32768
[  151.084393][ T6644] netlink: 'syz.5.774': attribute type 29 has an invalid length.
[  151.095025][ T6608] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.765 (6608)
[  151.132824][ T6644] netlink: 'syz.5.774': attribute type 29 has an invalid length.
[  151.173347][ T6648] netlink: 'syz.5.774': attribute type 29 has an invalid length.
[  151.192069][ T6642] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  151.213248][ T6608] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  151.245664][ T6642] ext4 filesystem being mounted at /156/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  151.276545][ T6608] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  151.315260][ T6608] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  151.379215][ T6608] BTRFS info (device loop3): use zstd compression, level 3
[  151.412015][ T6652] Quota error (device loop4): do_check_range: Getting dqdh_next_free 2741 out of range 0-6
[  151.448623][ T6608] BTRFS info (device loop3): using free space tree
[  151.492138][ T6652] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  151.549283][ T6652] EXT4-fs error (device loop4): ext4_acquire_dquot:6814: comm syz.4.773: Failed to acquire dquot type 0
[  151.633012][ T6668] comedi comedi3: 8255: I/O port conflict (0x40404f26,4)
[  151.633120][ T6668] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  151.658172][ T6668] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  151.658259][ T6668] comedi comedi3: 8255: I/O port conflict (0xc,4)
[  151.658294][ T6668] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  151.658347][ T6668] comedi comedi3: 8255: I/O port conflict (0x5c95239c,4)
[  151.658378][ T6668] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  151.658408][ T6668] comedi comedi3: 8255: I/O port conflict (0x3bf,4)
[  151.658485][ T6668] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  151.658514][ T6668] comedi comedi3: 8255: I/O port conflict (0x20000001,4)
[  151.658554][ T6668] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  151.658613][ T6668] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  151.658662][ T6668] comedi comedi3: 8255: I/O port conflict (0x400,4)
[  151.658712][ T6668] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  151.835051][ T6608] BTRFS info (device loop3): enabling ssd optimizations
[  151.943688][   T26] audit: type=1800 audit(1755615455.047:20): pid=6608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.765" name="file1" dev="loop3" ino=260 res=0 errno=0
[  151.976219][ T4276] EXT4-fs (loop4): unmounting filesystem.
[  152.076506][ T4271] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  152.288444][ T6692] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  152.331646][ T4960] kernel write not supported for file task/373/attr/keycreate (pid: 4960 comm: kworker/0:11)
[  152.994207][ T6717] loop2: detected capacity change from 0 to 256
[  153.107958][ T6717] FAT-fs (loop2): Directory bread(block 64) failed
[  153.145204][ T6717] FAT-fs (loop2): Directory bread(block 65) failed
[  153.179963][ T6717] FAT-fs (loop2): Directory bread(block 66) failed
[  153.187946][ T6719] loop4: detected capacity change from 0 to 1024
[  153.227052][ T6717] FAT-fs (loop2): Directory bread(block 67) failed
[  153.267642][ T6717] FAT-fs (loop2): Directory bread(block 68) failed
[  153.296980][ T6717] FAT-fs (loop2): Directory bread(block 69) failed
[  153.325964][ T6717] FAT-fs (loop2): Directory bread(block 70) failed
[  153.384136][ T6717] FAT-fs (loop2): Directory bread(block 71) failed
[  153.430199][ T6717] FAT-fs (loop2): Directory bread(block 72) failed
[  153.464899][ T6717] FAT-fs (loop2): Directory bread(block 73) failed
[  153.565340][ T4366] hfsplus: b-tree write err: -5, ino 4
[  153.801466][ T6732] loop3: detected capacity change from 0 to 4096
[  153.845400][ T6732] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
[  153.953231][ T6745] loop4: detected capacity change from 0 to 512
[  153.980522][ T6745] EXT4-fs: Ignoring removed mblk_io_submit option
[  154.088780][ T6745] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 2: comm syz.4.803: invalid block
[  154.215788][ T6745] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.803: invalid indirect mapped block 10 (level 1)
[  154.279026][ T6745] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.803: invalid indirect mapped block 8 (level 1)
[  154.344447][ T6745] EXT4-fs (loop4): 1 truncate cleaned up
[  154.372757][ T6745] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  154.654931][ T4276] EXT4-fs (loop4): unmounting filesystem.
[  154.671199][ T6765] netlink: 'syz.2.810': attribute type 3 has an invalid length.
[  155.598630][ T6797] device gretap0 entered promiscuous mode
[  155.656381][ T6799] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  155.864964][   T26] audit: type=1400 audit(1755615458.967:21): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=2626200D3ADD pid=6804 comm="syz.2.831"
[  156.068557][ T6789] loop4: detected capacity change from 0 to 32768
[  156.141153][ T6789] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  156.476257][ T4276] ocfs2: Unmounting device (7,4) on (node local)
[  157.050694][ T6842] loop3: detected capacity change from 0 to 64
[  157.476178][ T6856] loop4: detected capacity change from 0 to 2048
[  157.584959][ T6856] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  157.692312][ T6856] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  157.722987][ T6856] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[  157.828788][ T4276] EXT4-fs (loop4): unmounting filesystem.
[  158.122157][   T26] audit: type=1326 audit(1755615461.227:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6880 comm="syz.1.865" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f757358ebe9 code=0x0
[  158.808548][ T6909] loop5: detected capacity change from 0 to 1024
[  158.856271][ T6909] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  158.898451][ T6869] loop2: detected capacity change from 0 to 40427
[  158.956738][ T6869] F2FS-fs (loop2): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  158.997775][ T6869] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  159.057555][ T6869] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x6
[  159.081636][ T5334] EXT4-fs (loop5): unmounting filesystem.
[  159.095256][ T6869] F2FS-fs (loop2): invalid crc value
[  159.126739][ T6869] F2FS-fs (loop2): Found nat_bits in checkpoint
[  159.245981][ T6920] netlink: 32 bytes leftover after parsing attributes in process `syz.3.882'.
[  159.265858][ T6869] F2FS-fs (loop2): Start checkpoint disabled!
[  159.375147][ T6869] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  159.401185][ T6869] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  159.676803][ T6905] loop4: detected capacity change from 0 to 32768
[  159.724092][ T6905] 
[  159.724092][ T6905]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  159.724092][ T6905] 
[  159.769452][ T6905] ERROR: (device loop4): diWrite: ixpxd invalid
[  159.769452][ T6905] 
[  159.824209][ T6905] ERROR: (device loop4): txCommit: 
[  159.824209][ T6905] 
[  159.915399][   T11] kworker/u4:1: attempt to access beyond end of device
[  159.915399][   T11] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  160.177349][ T4276] 
[  160.177349][ T4276]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  160.177349][ T4276] 
[  160.200097][ T4276] 
[  160.200097][ T4276]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  160.200097][ T4276] 
[  160.522416][ T6931] loop3: detected capacity change from 0 to 32768
[  160.594951][ T6931] XFS: ikeep mount option is deprecated.
[  160.621293][ T6946] loop4: detected capacity change from 0 to 64
[  160.676949][ T6946] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  160.761568][ T6931] XFS (loop3): Mounting V5 Filesystem
[  160.775981][ T6959] MINIX-fs warning: remounting unchecked fs, running fsck is recommended
[  160.913691][ T6931] XFS (loop3): Ending clean mount
[  160.973879][ T6931] XFS (loop3): Quotacheck needed: Please wait.
[  161.072720][ T6931] XFS (loop3): Quotacheck: Done.
[  161.331944][ T4271] XFS (loop3): Unmounting Filesystem
[  161.987084][ T6997] loop5: detected capacity change from 0 to 1764
[  161.993924][ T4394] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  162.180990][ T4394] usb 3-1: Using ep0 maxpacket: 32
[  162.189381][ T4394] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  162.223405][ T4394] usb 3-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  162.256898][ T4394] usb 3-1: config 0 interface 0 has no altsetting 0
[  162.299909][ T4394] usb 3-1: New USB device found, idVendor=056a, idProduct=0094, bcdDevice= 0.00
[  162.308993][ T4394] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.349378][ T7008] sp0: Synchronizing with TNC
[  162.349867][ T7010] loop4: detected capacity change from 0 to 256
[  162.381794][ T7010] exfat: Deprecated parameter 'utf8'
[  162.385971][ T4394] usb 3-1: config 0 descriptor??
[  162.390361][ T7006] loop3: detected capacity change from 0 to 4096
[  162.401502][ T7006] ntfs: (device loop3): parse_options(): Unrecognized mount option caQe_sensitive.
[  162.434857][ T7010] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d)
[  162.488084][ T4258] I/O error, dev loop3, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  162.549234][ T7010] exFAT-fs (loop4): error, found bogus dentry(12) beyond unused empty group(11) (start_clu : 5, cur_clu : 5)
[  162.739935][ T4266] Bluetooth: hci2: command 0x0c12 tx timeout
[  162.824330][ T4394] wacom 0003:056A:0094.0008: Using device in hidraw-only mode
[  162.850072][ T4394] wacom 0003:056A:0094.0008: hidraw0: USB HID v0.05 Device [HID 056a:0094] on usb-dummy_hcd.2-1/input0
[  163.009263][ T7023] nbd: must specify a size in bytes for the device
[  163.067920][ T4394] usb 3-1: USB disconnect, device number 5
[  163.235976][ T7027] fido_id[7027]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  163.297443][ T7035] loop3: detected capacity change from 0 to 256
[  163.360534][ T7035] exfat: Deprecated parameter 'namecase'
[  163.383115][ T7035] exFAT-fs (loop3): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  164.084232][ T7029] loop5: detected capacity change from 0 to 40427
[  164.110474][ T7029] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  164.127245][ T7029] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  164.179954][ T7029] F2FS-fs (loop5): Found nat_bits in checkpoint
[  164.209787][ T4554] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  164.305673][ T7029] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  164.321187][ T7029] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  164.365120][ T7062] netlink: 12 bytes leftover after parsing attributes in process `syz.2.941'.
[  164.374552][ T7062] netlink: 4 bytes leftover after parsing attributes in process `syz.2.941'.
[  164.412155][ T4554] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  164.437303][ T4554] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1022, setting to 64
[  164.480493][ T4554] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  164.522432][ T4554] usb 5-1: New USB device found, idVendor=172f, idProduct=0038, bcdDevice= 0.00
[  164.542160][ T4554] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.551053][ T7064] loop2: detected capacity change from 0 to 1024
[  164.590012][ T4554] usb 5-1: config 0 descriptor??
[  164.600434][ T7047] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  164.685997][ T7064] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm syz.2.942: Invalid block bitmap block 0 in block_group 0
[  164.758476][ T7064] Quota error (device loop2): write_blk: dquota write failed
[  164.782364][ T7064] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  164.798452][ T7064] EXT4-fs error (device loop2): ext4_acquire_dquot:6814: comm syz.2.942: Failed to acquire dquot type 0
[  164.812388][ T7064] EXT4-fs error (device loop2): ext4_free_blocks:6210: comm syz.2.942: Freeing blocks not in datazone - block = 0, count = 4096
[  164.853118][ T7064] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.942: Invalid inode bitmap blk 0 in block_group 0
[  164.872707][   T11] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-7
[  164.900709][   T11] EXT4-fs error (device loop2): ext4_release_dquot:6850: comm kworker/u4:1: Failed to release dquot type 0
[  164.922088][ T7064] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem
[  164.959280][ T7064] EXT4-fs (loop2): 1 orphan inode deleted
[  165.001794][ T7064] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  165.044010][ T4554] waltop 0003:172F:0038.0009: unknown main item tag 0x0
[  165.071659][ T4554] waltop 0003:172F:0038.0009: unknown main item tag 0x0
[  165.078850][ T4554] waltop 0003:172F:0038.0009: unknown main item tag 0x0
[  165.121751][ T7075] loop5: detected capacity change from 0 to 64
[  165.127111][ T4554] waltop 0003:172F:0038.0009: unknown main item tag 0x0
[  165.127140][ T4554] waltop 0003:172F:0038.0009: unknown main item tag 0x0
[  165.132672][ T4554] waltop 0003:172F:0038.0009: hidraw0: USB HID v0.09 Device [HID 172f:0038] on usb-dummy_hcd.4-1/input0
[  165.144295][ T7075] hfs: unable to locate alternate MDB
[  165.144385][ T7075] hfs: continuing without an alternate MDB
[  165.247922][ T4554] usb 5-1: USB disconnect, device number 6
[  165.289673][ T4270] EXT4-fs (loop2): unmounting filesystem.
[  165.528017][ T7078] fido_id[7078]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  165.556253][ T7086] netlink: 'syz.5.950': attribute type 3 has an invalid length.
[  166.212751][ T7077] loop3: detected capacity change from 0 to 32768
[  166.243867][ T7077] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.947 (7077)
[  166.259538][ T7111] netlink: 104 bytes leftover after parsing attributes in process `syz.5.961'.
[  166.350544][ T7077] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  166.400613][ T7077] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  166.439959][ T7077] BTRFS info (device loop3): enabling auto defrag
[  166.446444][ T7077] BTRFS info (device loop3): doing ref verification
[  166.509812][ T7077] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  166.543263][ T7077] BTRFS info (device loop3): trying to use backup root at mount time
[  166.619792][ T7077] BTRFS info (device loop3): max_inline at 4096
[  166.626357][ T7077] BTRFS info (device loop3): enabling ssd optimizations
[  166.669766][ T7077] BTRFS info (device loop3): using spread ssd allocation scheme
[  166.704608][ T7077] BTRFS info (device loop3): using free space tree
[  166.881470][ T7140] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.971'.
[  166.948605][ T7140] netlink: zone id is out of range
[  166.989890][ T7143] sp0: Synchronizing with TNC
[  166.997049][ T7140] netlink: zone id is out of range
[  167.028043][ T7140] netlink: del zone limit has 4 unknown bytes
[  167.090533][ T7147] [U] è
[  167.244142][ T4271] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  167.560569][ T4794] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 9 /dev/loop3 scanned by udevd (4794)
[  167.661523][ T7174] netlink: 12 bytes leftover after parsing attributes in process `syz.4.983'.
[  167.886475][ T7180] netlink: 8 bytes leftover after parsing attributes in process `syz.3.979'.
[  168.070444][ T7183] loop5: detected capacity change from 0 to 4096
[  168.161833][ T7192] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  168.417145][ T7201] netlink: 4 bytes leftover after parsing attributes in process `syz.3.994'.
[  169.017168][ T7220] loop3: detected capacity change from 0 to 16
[  169.074421][ T7220] erofs: (device loop3): mounted with root inode @ nid 36.
[  169.126086][ T7220] erofs: (device loop3): z_erofs_readahead: readahead error at page 2 @ nid 89
[  169.155472][ T7220] erofs: (device loop3): z_erofs_readahead: readahead error at page 1 @ nid 89
[  169.191265][ T7220] erofs: (device loop3): z_erofs_readahead: readahead error at page 0 @ nid 89
[  169.224279][ T7220] erofs: (device loop3): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89
[  169.271201][ T7196] loop4: detected capacity change from 0 to 32768
[  169.277952][ T7220] erofs: (device loop3): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89
[  169.315512][ T7220] erofs: (device loop3): z_erofs_read_folio: failed to read, err [-117]
[  169.333017][   T26] audit: type=1326 audit(1755615472.437:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  169.414826][   T26] audit: type=1326 audit(1755615472.437:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  169.547162][   T26] audit: type=1326 audit(1755615472.437:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  169.637306][   T26] audit: type=1326 audit(1755615472.437:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  169.659398][    C1] vkms_vblank_simulate: vblank timer overrun
[  169.782141][   T26] audit: type=1326 audit(1755615472.437:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  169.891798][   T26] audit: type=1326 audit(1755615472.437:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  169.973986][   T26] audit: type=1326 audit(1755615472.437:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  170.005222][ T5067] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  170.090043][   T26] audit: type=1326 audit(1755615472.437:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  170.194085][   T26] audit: type=1326 audit(1755615472.437:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  170.226429][ T5067] usb 4-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  170.262450][ T5067] usb 4-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3
[  170.299847][   T26] audit: type=1326 audit(1755615472.437:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  170.334470][ T5067] usb 4-1: Product: syz
[  170.338732][ T5067] usb 4-1: Manufacturer: syz
[  170.359227][ T5067] usb 4-1: SerialNumber: syz
[  170.394872][ T5067] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  170.413890][   T26] audit: type=1326 audit(1755615472.437:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  170.537864][   T26] audit: type=1326 audit(1755615472.437:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  170.560300][    C1] vkms_vblank_simulate: vblank timer overrun
[  170.622225][   T26] audit: type=1326 audit(1755615472.437:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  170.644659][    C1] vkms_vblank_simulate: vblank timer overrun
[  170.755558][   T26] audit: type=1326 audit(1755615472.437:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.5.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae898ebe9 code=0x7fc00000
[  170.777990][    C1] vkms_vblank_simulate: vblank timer overrun
[  170.813005][ T5067] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  170.834158][ T5067] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  171.038369][ T5067] usb 4-1: USB disconnect, device number 6
[  171.101935][ T7279] netlink: 277 bytes leftover after parsing attributes in process `syz.1.1031'.
[  171.198036][ T7283] loop2: detected capacity change from 0 to 64
[  171.352715][ T7263] loop5: detected capacity change from 0 to 32768
[  171.445829][ T7263] JBD2: Ignoring recovery information on journal
[  171.469864][ T5417] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  171.532533][ T7263] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  171.681472][ T5417] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  171.701415][ T5417] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  171.725776][ T5417] usb 5-1: New USB device found, idVendor=0458, idProduct=5019, bcdDevice= 0.00
[  171.756765][ T5417] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.780068][ T5417] usb 5-1: config 0 descriptor??
[  171.802462][ T5334] ocfs2: Unmounting device (7,5) on (node local)
[  172.087260][ T7300] loop5: detected capacity change from 0 to 512
[  172.124681][ T7300] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  172.233035][ T7300] EXT4-fs (loop5): 1 truncate cleaned up
[  172.235747][ T5417] kye 0003:0458:5019.000A: hidraw0: USB HID v0.00 Device [HID 0458:5019] on usb-dummy_hcd.4-1/input0
[  172.241110][ T7300] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  172.354939][ T5417] kye 0003:0458:5019.000A: tablet-enabling feature report not found
[  172.399926][ T5417] kye 0003:0458:5019.000A: tablet enabling failed
[  172.454291][ T5417] usb 5-1: USB disconnect, device number 7
[  172.463588][ T7310] loop2: detected capacity change from 0 to 256
[  172.518031][ T5334] EXT4-fs (loop5): unmounting filesystem.
[  172.811206][ T7311] fido_id[7311]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  172.938557][ T7321] loop3: detected capacity change from 0 to 128
[  173.288928][ T7333] [U] ¹ÉMÙ­ÕÁQ&’Ù Kœ4
[  173.311110][ T7333] [U] [“)ÎU°}¸�Ç”ÍÚJϬ}N°SEF*œ	£‡¿ßÅNZÍÀF[F_H®¦'ª„W"ÓXÅ~¶ÎÏÚ;VA˜)^ˆ`Û1C':ZÂÞ÷ÃÃÚÞFOBÞ	*?ÛŸC‹Z˜S¯Ý<8ZNÑ·�š Ñ˜¾ÔEY�	T�T<$CÐR¿Æ–»/VG¿ÐÃ{Y«~Y5\—
;ƃZ–ÓDX ŸƒYÖA€Ì"XI®F¦{‚Å`A$í¡55?­
É×S«AÃM¢ÅO‰¤«ÝÍ»*K€¶
[  173.395859][ T7332] [U] Ô
[  173.764162][ T7344] loop2: detected capacity change from 0 to 4096
[  173.780317][ T5417] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  173.847170][ T7344] ntfs: volume version 3.1.
[  173.979828][ T5417] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  173.985762][ T7329] loop5: detected capacity change from 0 to 40427
[  174.000037][ T5417] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  174.038771][ T5417] usb 4-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.00
[  174.054451][ T7329] F2FS-fs (loop5): Invalid SB checksum offset: 0
[  174.067695][ T5417] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.075544][ T7329] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  174.102085][ T5417] usb 4-1: config 0 descriptor??
[  174.114428][ T7339] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  174.166309][ T7329] F2FS-fs (loop5): invalid crc value
[  174.231455][ T7329] F2FS-fs (loop5): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  174.324242][ T7329] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[  174.331988][ T7329] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  174.359945][ T4312] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  174.463471][ T5334] syz-executor: attempt to access beyond end of device
[  174.463471][ T5334] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  174.549876][ T4312] usb 3-1: Using ep0 maxpacket: 32
[  174.556908][ T4312] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  174.564266][ T5417] nzxt-kraken2 0003:1E71:170E.000B: hidraw0: USB HID v0.00 Device [HID 1e71:170e] on usb-dummy_hcd.3-1/input0
[  174.585732][ T4312] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  174.616776][ T4312] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.632668][ T4312] usb 3-1: Product: syz
[  174.642302][ T4312] usb 3-1: Manufacturer: syz
[  174.651433][ T4312] usb 3-1: SerialNumber: syz
[  174.680189][ T4312] usb 3-1: config 0 descriptor??
[  174.691498][ T4312] cdc_ether 3-1:0.0: skipping garbage
[  174.697372][ T4312] usb 3-1: bad CDC descriptors
[  174.720226][ T4312] usb 3-1: unsupported MDLM descriptors
[  174.794481][ T4312] usb 4-1: USB disconnect, device number 7
[  174.920878][ T4309] usb 3-1: USB disconnect, device number 6
[  174.924908][ T7359] fido_id[7359]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  175.008243][ T7363] program syz.5.1066 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  175.060320][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  175.475716][ T7380] loop3: detected capacity change from 0 to 512
[  175.545215][ T7380] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  175.618079][ T7380] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.1075: bad orphan inode 16
[  175.645863][ T7380] ext4_test_bit(bit=15, block=4) = 0
[  175.675197][ T7380] EXT4-fs (loop3): 1 orphan inode deleted
[  175.697150][ T7380] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  175.891531][ T4271] EXT4-fs (loop3): unmounting filesystem.
[  175.997837][ T7399] loop5: detected capacity change from 0 to 24
[  176.054595][ T7401] lo speed is unknown, defaulting to 1000
[  176.072460][ T7401] lo speed is unknown, defaulting to 1000
[  176.133043][ T7401] lo speed is unknown, defaulting to 1000
[  176.176262][ T7401] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  176.264649][ T7401] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  176.397204][ T7401] lo speed is unknown, defaulting to 1000
[  176.425339][ T7401] lo speed is unknown, defaulting to 1000
[  176.461400][ T7401] lo speed is unknown, defaulting to 1000
[  176.487345][ T7401] lo speed is unknown, defaulting to 1000
[  176.510850][ T7401] lo speed is unknown, defaulting to 1000
[  177.117355][   T26] kauditd_printk_skb: 57 callbacks suppressed
[  177.117369][   T26] audit: type=1326 audit(1755615480.217:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7429 comm="syz.4.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7ed8ebe9 code=0x7ffc0000
[  177.214354][   T26] audit: type=1326 audit(1755615480.267:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7429 comm="syz.4.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fea7ed8ebe9 code=0x7ffc0000
[  177.319878][   T26] audit: type=1326 audit(1755615480.267:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7429 comm="syz.4.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7ed8ebe9 code=0x7ffc0000
[  177.438999][   T26] audit: type=1326 audit(1755615480.267:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7429 comm="syz.4.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7ed8ebe9 code=0x7ffc0000
[  177.489889][ T4379] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  177.515068][   T26] audit: type=1326 audit(1755615480.277:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7429 comm="syz.4.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fea7ed8ebe9 code=0x7ffc0000
[  177.537423][    C1] vkms_vblank_simulate: vblank timer overrun
[  177.589978][   T26] audit: type=1326 audit(1755615480.277:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7429 comm="syz.4.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7ed8ebe9 code=0x7ffc0000
[  177.673678][   T26] audit: type=1326 audit(1755615480.277:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7429 comm="syz.4.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7ed8ebe9 code=0x7ffc0000
[  177.702122][ T4379] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.732708][ T4379] usb 2-1: config 0 interface 0 has no altsetting 0
[  177.739542][ T4379] usb 2-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  177.775921][ T4379] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.803795][ T4379] usb 2-1: config 0 descriptor??
[  178.080969][ T7458] sp0: Synchronizing with TNC
[  178.230177][ T4379] magicmouse 0003:05AC:0269.000C: unknown main item tag 0x0
[  178.248592][ T4379] magicmouse 0003:05AC:0269.000C: unknown main item tag 0x0
[  178.260556][ T4379] magicmouse 0003:05AC:0269.000C: unknown main item tag 0x0
[  178.272928][ T7463] loop5: detected capacity change from 0 to 256
[  178.279942][ T4379] magicmouse 0003:05AC:0269.000C: unknown main item tag 0x0
[  178.287319][ T4379] magicmouse 0003:05AC:0269.000C: unknown main item tag 0x0
[  178.295784][ T4379] magicmouse 0003:05AC:0269.000C: unknown main item tag 0x0
[  178.303511][ T4379] magicmouse 0003:05AC:0269.000C: unknown main item tag 0x0
[  178.317444][ T7463] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  178.342502][ T4379] magicmouse 0003:05AC:0269.000C: hidraw0: USB HID v10.00 Device [HID 05ac:0269] on usb-dummy_hcd.1-1/input0
[  178.399437][ T7463] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008)
[  178.476952][ T7465] netlink: 'syz.2.1113': attribute type 10 has an invalid length.
[  178.496073][ T4379] usb 2-1: USB disconnect, device number 9
[  178.530311][ T7465] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.541152][ T7465] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.563016][ T7452] loop3: detected capacity change from 0 to 32768
[  178.580555][ T7469] netlink: 'syz.4.1114': attribute type 3 has an invalid length.
[  178.614770][ T7452] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 11
[  178.636513][ T7465] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.643950][ T7465] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.652977][ T7465] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.660327][ T7465] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.718120][ T7466] fido_id[7466]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  178.732361][ T7465] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  178.795506][ T7468] device bridge_slave_1 left promiscuous mode
[  178.821048][ T7468] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.877199][ T7468] device bridge_slave_0 left promiscuous mode
[  178.929970][ T7468] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.931892][ T4256] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 11
[  179.088884][ T7468] bond0: (slave bridge0): Releasing backup interface
[  179.454776][ T7493] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1125'.
[  179.872131][ T7505] netlink: 'syz.2.1131': attribute type 1 has an invalid length.
[  179.930209][ T7505] netlink: 16098 bytes leftover after parsing attributes in process `syz.2.1131'.
[  180.143827][ T7481] loop3: detected capacity change from 0 to 40427
[  180.226562][ T7481] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  180.268437][ T7481] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  180.308906][ T7481] F2FS-fs (loop3): invalid crc value
[  180.342784][ T7489] loop5: detected capacity change from 0 to 32768
[  180.402574][ T7481] F2FS-fs (loop3): Found nat_bits in checkpoint
[  180.475709][ T7489] XFS (loop5): Mounting V5 Filesystem
[  180.582789][ T7481] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  180.602192][ T7489] XFS (loop5): Ending clean mount
[  180.616579][ T7481] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  180.636752][ T7489] XFS (loop5): Quotacheck needed: Please wait.
[  180.653739][ T7536] Cannot find add_set index 1 as target
[  180.737009][ T7489] XFS (loop5): Quotacheck: Done.
[  180.942662][ T5334] XFS (loop5): Unmounting Filesystem
[  181.276742][ T7518] loop4: detected capacity change from 0 to 32768
[  181.598645][ T7548] loop3: detected capacity change from 0 to 2048
[  181.616623][ T7548] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  181.808460][ T7552] loop5: detected capacity change from 0 to 4096
[  181.847607][ T7552] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  181.903984][ T7552] ntfs: (device loop5): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  181.927264][ T7552] ntfs: (device loop5): ntfs_read_locked_inode(): $DATA attribute is missing.
[  182.013099][ T7552] ntfs: volume version 3.1.
[  182.065266][ T7557] loop4: detected capacity change from 0 to 512
[  182.138794][ T7557] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.1148: inode #1: comm syz.4.1148: iget: illegal inode #
[  182.234798][ T7557] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.1148: error while reading EA inode 1 err=-117
[  182.290603][ T7557] EXT4-fs (loop4): 1 orphan inode deleted
[  182.296494][ T7557] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  182.505985][ T4276] EXT4-fs (loop4): unmounting filesystem.
[  182.592541][ T7567] loop3: detected capacity change from 0 to 256
[  182.621043][ T7567] exfat: Deprecated parameter 'utf8'
[  182.626460][ T7567] exfat: Deprecated parameter 'namecase'
[  182.654638][ T7567] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xfa2e39b7, utbl_chksum : 0xe619d30d)
[  183.066286][ T7583] netem: incorrect gi model size
[  183.098770][ T7583] netem: change failed
[  183.219464][ T7586] loop4: detected capacity change from 0 to 4096
[  183.244097][ T7586] __ntfs_warning: 6 callbacks suppressed
[  183.244112][ T7586] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  183.381860][ T7586] ntfs: (device loop4): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  183.419792][ T7586] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing.
[  183.485439][ T7594] loop5: detected capacity change from 0 to 256
[  183.490188][ T7586] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  183.539971][ T7586] ntfs: (device loop4): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  183.568965][ T7596] loop2: detected capacity change from 0 to 1024
[  183.642900][ T7586] ntfs: volume version 3.1.
[  183.655285][ T7594] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d)
[  183.702800][ T7586] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Index buffer (VCN 0x0) of directory inode 0x5 has a size (24) differing from the directory specified size (4096). Directory inode is corrupt or driver bug.
[  183.813489][ T7586] ntfs: (device loop4): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  183.840241][ T7586] ntfs: (device loop4): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  183.999231][ T7586] ntfs: (device loop4): ntfs_readdir(): Index buffer (VCN 0x0) of directory inode 0x5 has a size (24) differing from the directory specified size (4096). Directory inode is corrupt or driver bug.
[  184.087158][ T7604] sp0: Synchronizing with TNC
[  185.388070][ T7616] loop3: detected capacity change from 0 to 32768
[  185.511405][ T7648] loop5: detected capacity change from 0 to 1024
[  185.557010][ T7616] XFS (loop3): Mounting V5 Filesystem
[  185.616550][ T7616] XFS (loop3): Ending clean mount
[  185.624247][ T7616] XFS (loop3): Quotacheck needed: Please wait.
[  185.725289][ T4347] hfsplus: b-tree write err: -5, ino 4
[  185.747163][ T7616] XFS (loop3): Quotacheck: Done.
[  185.823036][ T7633] loop2: detected capacity change from 0 to 32768
[  185.921280][ T4271] XFS (loop3): Unmounting Filesystem
[  186.088158][ T7633] XFS (loop2): Mounting V5 Filesystem
[  186.317069][ T7666] loop5: detected capacity change from 0 to 1024
[  186.317938][ T7633] XFS (loop2): Ending clean mount
[  186.478026][ T7641] loop4: detected capacity change from 0 to 32768
[  186.611410][ T7641] JBD2: Ignoring recovery information on journal
[  186.667742][ T4270] XFS (loop2): Unmounting Filesystem
[  186.739224][ T7641] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  186.860599][ T7666] hfsplus: found bad thread record in catalog
[  186.870263][ T7685] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  186.870263][ T7685]    program syz.1.1197 not setting count and/or reply_len properly
[  186.895822][ T7641] (syz.4.1187,7641,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry too close to end - offset=32, inode=17057, rec_len=280, name_len=10
[  187.167633][ T4276] ocfs2: Unmounting device (7,4) on (node local)
[  187.179039][ T4360] hfsplus: b-tree write err: -5, ino 4
[  187.603593][ T7701] lo speed is unknown, defaulting to 1000
[  187.609407][ T7701] lo speed is unknown, defaulting to 1000
[  187.625277][ T7704] program syz.2.1196 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  187.671461][ T7701] lo speed is unknown, defaulting to 1000
[  187.701159][ T7708] program syz.2.1196 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  187.741595][ T7701] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  187.750588][ T7708] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  187.830192][ T7701] lo speed is unknown, defaulting to 1000
[  187.872033][ T7701] lo speed is unknown, defaulting to 1000
[  187.901027][ T7701] lo speed is unknown, defaulting to 1000
[  187.941276][ T7701] lo speed is unknown, defaulting to 1000
[  187.977169][ T7701] lo speed is unknown, defaulting to 1000
[  187.990032][ T7717] sp0: Synchronizing with TNC
[  188.475440][ T7739] binfmt_misc: register: failed to install interpreter file ./file0
[  188.580088][ T4312] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  188.782300][ T4312] usb 3-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  188.782330][ T4312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.785427][ T4312] usb 3-1: config 0 descriptor??
[  188.909831][ T4255] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  189.032777][ T7758] siw: device registration error -23
[  189.089959][ T4255] usb 4-1: Using ep0 maxpacket: 32
[  189.097973][ T4255] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  189.129950][ T4255] usb 4-1: config 0 has no interface number 0
[  189.147814][ T4255] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  189.169913][ T4255] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.188346][ T4255] usb 4-1: Product: syz
[  189.213718][ T4255] usb 4-1: Manufacturer: syz
[  189.218713][ T4312] hid-alps 0003:044E:120C.000D: hidraw0: USB HID v0.06 Device [HID 044e:120c] on usb-dummy_hcd.2-1/input0
[  189.246504][ T4255] usb 4-1: SerialNumber: syz
[  189.269109][ T4255] usb 4-1: config 0 descriptor??
[  189.277118][ T4255] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  189.416847][ T4394] usb 3-1: USB disconnect, device number 7
[  189.459288][ T7767] fido_id[7767]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  189.490351][ T4255] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  189.523378][ T4255] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  189.941258][    C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  189.960121][ T4394] usb 4-1: USB disconnect, device number 8
[  189.971213][ T4394] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  189.992191][ T4394] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  190.010369][ T4394] quatech2 4-1:0.51: device disconnected
[  190.122871][ T7786] siw: device registration error -23
[  190.565063][ T5417] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  190.678719][ T7805] loop3: detected capacity change from 0 to 4096
[  190.751561][ T5417] usb 5-1: Using ep0 maxpacket: 16
[  190.758480][ T7805] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  190.760699][ T5417] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.780026][ T5417] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  190.790370][ T5417] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  190.799429][ T5417] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.809502][ T5417] usb 5-1: config 0 descriptor??
[  190.963066][ T4271] EXT4-fs (loop3): unmounting filesystem.
[  191.225982][ T5417] hid-multitouch 0003:1FD2:6007.000E: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.4-1/input0
[  191.472670][ T4394] usb 5-1: USB disconnect, device number 8
[  191.502040][ T7823] fido_id[7823]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory
[  191.704712][ T7815] loop2: detected capacity change from 0 to 32768
[  192.135089][ T7840] loop3: detected capacity change from 0 to 64
[  192.656499][ T7863] loop3: detected capacity change from 0 to 1024
[  192.689683][ T7864] loop4: detected capacity change from 0 to 2048
[  192.752216][ T7864] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  192.766721][ T7863] hfsplus: xattr searching failed
[  192.805025][ T7864] NILFS (loop4): mounting unchecked fs
[  192.875540][ T4282] udevd[4282]: incorrect nilfs2 checksum on /dev/loop4
[  192.893852][ T7864] NILFS (loop4): recovery complete
[  192.917381][   T11] hfsplus: b-tree write err: -5, ino 4
[  192.929584][ T7869] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  192.953251][ T7870] netlink: 'syz.1.1271': attribute type 10 has an invalid length.
[  193.060655][ T7870] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.070575][ T7870] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.195606][ T7870] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.202818][ T7870] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.210473][ T7870] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.217621][ T7870] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.266431][ T7870] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  193.286518][ T7874] device bridge_slave_1 left promiscuous mode
[  193.326432][ T7874] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.336656][ T7884] loop2: detected capacity change from 0 to 128
[  193.357667][ T7884] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  193.367142][ T7874] device bridge_slave_0 left promiscuous mode
[  193.420532][ T7874] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.537031][ T7874] bond0: (slave bridge0): Releasing backup interface
[  193.667149][ T7890] loop2: detected capacity change from 0 to 4096
[  193.697894][ T7890] NILFS: invalid option "cp=0x00": invalid checkpoint number 0
[  193.742403][ T7890] overlayfs: unrecognized mount option "\strict" or missing value
[  194.045432][ T7898] loop2: detected capacity change from 0 to 512
[  194.172345][ T7898] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  194.211137][ T7898] ext4 filesystem being mounted at /267/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  194.264427][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  194.270808][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  194.380939][ T4270] EXT4-fs (loop2): unmounting filesystem.
[  194.440739][ T7883] loop5: detected capacity change from 0 to 32768
[  194.468090][ T7892] loop4: detected capacity change from 0 to 32768
[  194.581307][ T7883] XFS (loop5): Mounting V5 Filesystem
[  194.612004][ T7892] ERROR: (device loop4): duplicateIXtree: 
[  194.612004][ T7892] 
[  194.693717][ T7892] ERROR: (device loop4): remounting filesystem as read-only
[  194.910565][ T7883] XFS (loop5): Ending clean mount
[  194.922453][ T7883] XFS (loop5): Quotacheck needed: Please wait.
[  195.016109][   T26] audit: type=1326 audit(1755615498.117:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542758ebe9 code=0x7ffc0000
[  195.110135][ T7883] XFS (loop5): Quotacheck: Done.
[  195.119635][ T7900] loop3: detected capacity change from 0 to 32768
[  195.160155][   T26] audit: type=1326 audit(1755615498.147:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542758ebe9 code=0x7ffc0000
[  195.224864][ T7900] XFS (loop3): Mounting V5 Filesystem
[  195.327445][ T5334] XFS (loop5): Unmounting Filesystem
[  195.356368][   T26] audit: type=1326 audit(1755615498.147:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f542758ebe9 code=0x7ffc0000
[  195.373986][ T7942] loop2: detected capacity change from 0 to 1024
[  195.401892][ T7900] XFS (loop3): Ending clean mount
[  195.464203][   T26] audit: type=1326 audit(1755615498.147:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542758ebe9 code=0x7ffc0000
[  195.670287][   T26] audit: type=1326 audit(1755615498.147:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f542758ebe9 code=0x7ffc0000
[  195.692631][    C1] vkms_vblank_simulate: vblank timer overrun
[  195.706493][ T4271] XFS (loop3): Unmounting Filesystem
[  195.710634][ T4347] hfsplus: b-tree write err: -5, ino 4
[  196.767852][ T3637] udevd[3637]: worker [4794] terminated by signal 33 (Unknown signal 33)
[  196.804473][ T3637] udevd[3637]: worker [4794] failed while handling '/devices/virtual/block/loop1'
[  197.149166][ T7983] netlink: 'syz.4.1316': attribute type 29 has an invalid length.
[  197.185339][ T7983] netlink: 'syz.4.1316': attribute type 29 has an invalid length.
[  197.215455][ T7983] netlink: 'syz.4.1316': attribute type 29 has an invalid length.
[  197.267040][ T7986] loop2: detected capacity change from 0 to 512
[  197.294640][ T7986] EXT4-fs: Ignoring removed orlov option
[  197.324142][ T7986] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  197.356639][ T7986] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  197.482457][ T7986] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.1317: corrupted in-inode xattr
[  197.565252][ T7986] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1317: couldn't read orphan inode 15 (err -117)
[  197.579929][ T7986] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  197.736214][ T4270] EXT4-fs (loop2): unmounting filesystem.
[  197.896055][ T8006] loop2: detected capacity change from 0 to 64
[  197.997184][ T8006] syz.2.1324: attempt to access beyond end of device
[  197.997184][ T8006] loop2: rw=0, sector=3072, nr_sectors = 2 limit=64
[  198.299825][ T5417] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  198.349308][   T26] audit: type=1326 audit(1755615501.447:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8022 comm="syz.4.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7ed8ebe9 code=0x7ffc0000
[  198.414892][   T26] audit: type=1326 audit(1755615501.447:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8022 comm="syz.4.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7fea7ed8ebe9 code=0x7ffc0000
[  198.452305][   T26] audit: type=1326 audit(1755615501.447:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8022 comm="syz.4.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7ed8ebe9 code=0x7ffc0000
[  198.512818][ T5417] usb 4-1: config 0 interface 0 altsetting 253 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  198.534270][ T5417] usb 4-1: config 0 interface 0 altsetting 253 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  198.589773][ T4379] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  198.597385][ T5417] usb 4-1: config 0 interface 0 has no altsetting 0
[  198.614458][ T5417] usb 4-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00
[  198.632053][ T5417] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.651371][ T5417] usb 4-1: config 0 descriptor??
[  198.656989][ T8012] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  198.790120][ T4379] usb 6-1: Using ep0 maxpacket: 32
[  198.797485][ T4379] usb 6-1: config 0 has an invalid interface number: 85 but max is 0
[  198.817105][ T4379] usb 6-1: config 0 has no interface number 0
[  198.827279][ T4379] usb 6-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  198.864787][ T4379] usb 6-1: config 0 interface 85 has no altsetting 0
[  198.902225][ T4379] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  198.919825][ T4379] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.937491][ T4379] usb 6-1: Product: syz
[  198.949836][ T4379] usb 6-1: Manufacturer: syz
[  198.960072][ T4379] usb 6-1: SerialNumber: syz
[  198.980688][ T4379] usb 6-1: config 0 descriptor??
[  199.098535][ T5417] lenovo 0003:17EF:6067.000F: hidraw0: USB HID v1.03 Device [HID 17ef:6067] on usb-dummy_hcd.3-1/input0
[  199.169288][ T8051] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1346'.
[  199.195009][ T4379] appletouch 6-1:0.85: Failed to read mode from device.
[  199.201895][ T8051] device dummy0 entered promiscuous mode
[  199.212047][ T4379] appletouch: probe of 6-1:0.85 failed with error -5
[  199.231849][ T8051] device dummy0 left promiscuous mode
[  199.363055][ T4379] usb 4-1: USB disconnect, device number 9
[  199.490362][ T5417] usb 6-1: USB disconnect, device number 4
[  199.611333][ T8039] loop2: detected capacity change from 0 to 40427
[  199.636490][ T8039] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  199.652822][ T8039] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  199.705682][ T8039] F2FS-fs (loop2): Found nat_bits in checkpoint
[  199.822584][ T8039] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  199.832924][ T8039] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  199.897816][   T26] audit: type=1800 audit(1755615502.997:100): pid=8039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1340" name="file1" dev="loop2" ino=10 res=0 errno=0
[  200.039960][ T4394] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  200.152925][ T8075] Bluetooth: MGMT ver 1.22
[  200.252246][ T4394] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  200.272584][   T11] kworker/u4:1: attempt to access beyond end of device
[  200.272584][   T11] loop2: rw=1, sector=77824, nr_sectors = 800 limit=40427
[  200.275332][ T4394] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.310347][ T8079] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  200.352615][ T4394] usb 5-1: config 0 descriptor??
[  200.401559][ T4394] cp210x 5-1:0.0: cp210x converter detected
[  200.777068][ T4394] usb 5-1: cp210x converter now attached to ttyUSB0
[  200.946952][ T8097] loop3: detected capacity change from 0 to 256
[  201.034700][ T8097] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  201.055537][ T4394] usb 5-1: USB disconnect, device number 9
[  201.077097][ T4394] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  201.162835][ T4394] cp210x 5-1:0.0: device disconnected
[  201.249933][ T5067] usb 3-1: new full-speed USB device number 8 using dummy_hcd
[  201.390041][ T5417] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  201.441420][ T5067] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.460093][ T5067] usb 3-1: New USB device found, idVendor=056a, idProduct=0317, bcdDevice= 0.00
[  201.481678][ T5067] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.501676][ T5067] usb 3-1: config 0 descriptor??
[  201.579987][ T5417] usb 6-1: Using ep0 maxpacket: 16
[  201.587763][ T5417] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.599472][ T5417] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.610180][ T5417] usb 6-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[  201.619272][ T5417] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.656249][ T5417] usb 6-1: config 0 descriptor??
[  201.923384][ T5067] wacom 0003:056A:0317.0010: item fetching failed at offset 0/7
[  201.947302][ T8115] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  201.960961][ T5067] wacom 0003:056A:0317.0010: parse failed
[  201.967272][ T5067] wacom: probe of 0003:056A:0317.0010 failed with error -22
[  201.991794][ T8115] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  202.011750][ T8115] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  202.039182][ T8115] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  202.043812][ T8107] loop3: detected capacity change from 0 to 40427
[  202.072393][ T8115] comedi comedi3: 8255: I/O port conflict (0xc,4)
[  202.079227][ T8115] comedi comedi3: 8255: I/O port conflict (0x12,4)
[  202.084015][ T8107] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  202.093405][ T8107] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  202.108065][ T5417] ntrig 0003:1B96:0008.0011: collection stack underflow
[  202.120541][ T5417] ntrig 0003:1B96:0008.0011: item 0 1 0 12 parsing failed
[  202.125101][ T4312] usb 3-1: USB disconnect, device number 8
[  202.131796][ T5417] ntrig 0003:1B96:0008.0011: parse failed
[  202.138406][ T8119] loop4: detected capacity change from 0 to 164
[  202.144329][ T5417] ntrig: probe of 0003:1B96:0008.0011 failed with error -22
[  202.153036][ T8115] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  202.153073][ T8115] comedi comedi3: 8255: I/O port conflict (0xd,4)
[  202.153143][ T8115] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffc,4)
[  202.161278][ T8107] F2FS-fs (loop3): invalid crc value
[  202.183863][ T8119] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  202.196145][ T8115] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  202.220783][ T8115] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  202.243307][ T8115] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffe,4)
[  202.255416][ T8107] F2FS-fs (loop3): Found nat_bits in checkpoint
[  202.270988][ T8115] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  202.290223][ T8115] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  202.317671][ T8115] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  202.329314][ T4394] usb 6-1: USB disconnect, device number 5
[  202.342031][ T8115] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  202.356059][ T8115] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  202.368300][ T8115] comedi comedi3: 8255: I/O port conflict (0x80,4)
[  202.375971][ T8115] comedi comedi3: 8255: I/O port conflict (0x20001e58,4)
[  202.383984][ T8115] comedi comedi3: 8255: I/O port conflict (0x7,4)
[  202.391959][ T8115] comedi comedi3: 8255: I/O port conflict (0x2000e67,4)
[  202.399222][ T8115] comedi comedi3: 8255: I/O port conflict (0x8,4)
[  202.407214][ T8115] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffe,4)
[  202.431860][ T8107] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  202.449235][ T8107] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  202.557365][ T4271] syz-executor: attempt to access beyond end of device
[  202.557365][ T4271] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  202.758560][ T8134] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1384'.
[  203.240449][ T8152] loop4: detected capacity change from 0 to 512
[  203.263122][ T5417] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  203.263919][ T8154] loop2: detected capacity change from 0 to 2048
[  203.282468][ T8154] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=3932051, location=3932051
[  203.315329][ T8152] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm syz.4.1391: Invalid block bitmap block 0 in block_group 0
[  203.343950][ T8154] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  203.424599][ T8152] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  203.475685][ T5417] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  203.480295][ T8152] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.1391: attempt to clear invalid blocks 983261 len 1
[  203.510738][ T5417] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  203.528042][ T8152] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1391: invalid indirect mapped block 2683928664 (level 0)
[  203.556663][ T5417] usb 6-1: New USB device found, idVendor=056a, idProduct=00bc, bcdDevice= 0.00
[  203.571238][ T8152] EXT4-fs error (device loop4): __ext4_get_inode_loc:4507: comm syz.4.1391: Invalid inode table block 0 in block_group 0
[  203.583074][ T5417] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.613912][ T8152] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5915: Corrupt filesystem
[  203.628089][ T5417] usb 6-1: config 0 descriptor??
[  203.635828][ T8152] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  203.658677][ T8152] EXT4-fs error (device loop4): __ext4_get_inode_loc:4507: comm syz.4.1391: Invalid inode table block 0 in block_group 0
[  203.683734][ T8152] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5915: Corrupt filesystem
[  203.710225][ T8152] EXT4-fs error (device loop4): ext4_truncate:4312: inode #13: comm syz.4.1391: mark_inode_dirty error
[  203.742574][ T8152] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  203.767745][ T8152] EXT4-fs error (device loop4): __ext4_get_inode_loc:4507: comm syz.4.1391: Invalid inode table block 0 in block_group 0
[  203.808917][ T8152] EXT4-fs (loop4): 1 truncate cleaned up
[  203.825123][ T8152] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  203.971591][ T8152] EXT4-fs: Ignoring removed bh option
[  204.081649][ T5417] wacom 0003:056A:00BC.0012: Unknown device_type for 'HID 056a:00bc'. Assuming pen.
[  204.110748][ T4276] EXT4-fs (loop4): unmounting filesystem.
[  204.114544][ T5417] wacom 0003:056A:00BC.0012: hidraw0: USB HID v0.00 Device [HID 056a:00bc] on usb-dummy_hcd.5-1/input0
[  204.165662][ T5417] input: Wacom Intuos4 WL Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:00BC.0012/input/input12
[  204.287716][ T5417] usb 6-1: USB disconnect, device number 6
[  204.519902][ T4309] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  204.526741][ T8194] loop4: detected capacity change from 0 to 4096
[  204.546867][ T8190] fido_id[8190]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  204.632758][ T8194] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  204.729934][ T4309] usb 2-1: Using ep0 maxpacket: 16
[  204.739194][ T4309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  204.747488][ T8182] loop2: detected capacity change from 0 to 32768
[  204.799848][ T4276] EXT4-fs (loop4): unmounting filesystem.
[  204.806813][ T4309] usb 2-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[  204.828775][ T8182] ERROR: (device loop2): duplicateIXtree: 
[  204.828775][ T8182] 
[  204.850439][ T8182] ERROR: (device loop2): remounting filesystem as read-only
[  204.857987][ T4309] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.891567][ T4394] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  204.899055][ T8200] BUG: Bad page state in process syz.2.1404  pfn:2ffc1
[  204.915152][ T4309] usb 2-1: config 0 descriptor??
[  204.959054][ T8200] page:ffffea0000bff040 refcount:0 mapcount:0 mapping:0000000000000000 index:0x33 pfn:0x2ffc1
[  204.983472][ T8200] flags: 0xfff00000002006(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[  205.016815][ T8200] raw: 00fff00000002006 ffffea00009e0008 ffffc9000ce77980 0000000000000000
[  205.043034][ T8200] raw: 0000000000000033 ffff888020791ba0 00000000ffffffff 0000000000000000
[  205.059172][ T8200] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  205.069027][ T8200] page_owner tracks the page as allocated
[  205.089829][ T4394] usb 4-1: Using ep0 maxpacket: 8
[  205.095930][ T8200] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 8182, tgid 8181 (syz.2.1404), ts 204894494771, free_ts 204879095874
[  205.116307][ T8200]  post_alloc_hook+0x173/0x1a0
[  205.121546][ T8200]  get_page_from_freelist+0x1a26/0x1ac0
[  205.126202][ T4394] usb 4-1: unable to get BOS descriptor or descriptor too short
[  205.127439][ T8200]  __alloc_pages+0x1df/0x4e0
[  205.141334][ T4394] usb 4-1: config 4 interface 0 has no altsetting 0
[  205.157515][ T8200]  folio_alloc+0x1c/0x60
[  205.158017][ T4394] usb 4-1: string descriptor 0 read error: -22
[  205.163450][ T8200]  filemap_alloc_folio+0xdb/0x460
[  205.178994][ T4394] usb 4-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  205.181069][ T8200]  __filemap_get_folio+0x697/0xdd0
[  205.198220][ T4394] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.199756][ T8200]  pagecache_get_page+0x26/0x250
[  205.219112][ T8200]  __get_metapage+0x2a4/0xfa0
[  205.227910][ T8200]  diNewExt+0x9eb/0x2cb0
[  205.232095][ T4394] usb 4-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  205.238358][ T8200]  diAllocAG+0xde9/0x1c20
[  205.244726][ T8200]  diAlloc+0x1c9/0x1910
[  205.248947][ T8200]  ialloc+0x88/0x950
[  205.252802][ T4394] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  205.259658][ T8200]  jfs_mkdir+0x190/0xa70
[  205.266627][ T4394] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  205.267687][ T8200]  vfs_mkdir+0x387/0x570
[  205.275295][ T4394] usb 4-1: media controller created
[  205.286705][ T8200]  do_mkdirat+0x1d0/0x430
[  205.289979][ T4554] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  205.292051][ T8200]  __x64_sys_mkdirat+0x85/0x90
[  205.308526][ T8200] page last free stack trace:
[  205.314884][ T8200]  free_unref_page_prepare+0x8b4/0x9a0
[  205.316258][ T4394] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  205.320799][ T8200]  free_unref_page_list+0xbb/0x8e0
[  205.336644][ T8200]  release_pages+0x1f92/0x2200
[  205.341737][ T8200]  tlb_flush_mmu+0xff/0x210
[  205.346322][ T8200]  tlb_finish_mmu+0xbd/0x1c0
[  205.351538][ T8200]  exit_mmap+0x343/0x8e0
[  205.355970][ T8200]  __mmput+0x118/0x3c0
[  205.363055][ T4309] kye 0003:0458:0087.0013: unknown main item tag 0xd
[  205.370185][ T4309] kye 0003:0458:0087.0013: unexpected long global item
[  205.378401][ T4309] kye 0003:0458:0087.0013: parse failed
[  205.384362][ T8200]  exit_mm+0x1e6/0x2c0
[  205.388545][ T8200]  do_exit+0x8c1/0x2400
[  205.393086][ T8200]  do_group_exit+0x217/0x2d0
[  205.397717][ T8200]  __x64_sys_exit_group+0x3b/0x40
[  205.403031][ T4309] kye: probe of 0003:0458:0087.0013 failed with error -22
[  205.413586][ T8200]  do_syscall_64+0x4c/0xa0
[  205.418166][ T8200]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  205.424908][ T8200] Modules linked in:
[  205.435160][ T8200] CPU: 0 PID: 8200 Comm: syz.2.1404 Not tainted 6.1.148-syzkaller #0
[  205.443295][ T8200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  205.453391][ T8200] Call Trace:
[  205.456700][ T8200]  <TASK>
[  205.459655][ T8200]  dump_stack_lvl+0x168/0x22e
[  205.464348][ T8200]  ? show_regs_print_info+0x12/0x12
[  205.469576][ T8200]  ? swiotlb_print_info+0x60/0x60
[  205.474640][ T8200]  bad_page+0x14b/0x170
[  205.478825][ T8200]  free_unref_page_prepare+0x42a/0x9a0
[  205.481511][ T4554] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  205.484295][ T8200]  ? percpu_ref_put+0x19/0x180
[  205.484331][ T8200]  free_unref_page_list+0xbb/0x8e0
[  205.498493][ T4554] usb 5-1: config 0 has no interface number 0
[  205.502180][ T8200]  release_pages+0x1f92/0x2200
[  205.502218][ T8200]  ? lru_cache_disable+0x30/0x30
[  205.502239][ T8200]  ? folio_memcg_rcu+0x220/0x220
[  205.502263][ T8200]  __pagevec_release+0x6d/0xe0
[  205.502283][ T8200]  truncate_inode_pages_range+0x2f6/0xff0
[  205.502309][ T8200]  ? mapping_evict_folio+0x520/0x520
[  205.502327][ T8200]  ? parse_options+0xc03/0xdb0
[  205.516893][ T4554] usb 5-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  205.518080][ T8200]  ? jfs_fill_super+0xac0/0xac0
[  205.518106][ T8200]  ? list_lru_walk_node+0x24f/0x2c0
[  205.518144][ T8200]  ? sync_filesystem+0x103/0x220
[  205.524015][ T4554] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.527817][ T8200]  jfs_remount+0x337/0x5a0
[  205.527853][ T8200]  ? jfs_statfs+0x550/0x550
[  205.527871][ T8200]  ? __might_sleep+0xd0/0xd0
[  205.527895][ T8200]  ? hook_sb_remount+0x19/0xc0
[  205.547925][ T4554] usb 5-1: config 0 descriptor??
[  205.552756][ T8200]  reconfigure_super+0x219/0x880
[  205.552794][ T8200]  path_mount+0xdfd/0x1010
[  205.552809][ T8200]  ? kmem_cache_free+0xf7/0x290
[  205.552832][ T8200]  __se_sys_mount+0x2d6/0x3c0
[  205.552853][ T8200]  ? __x64_sys_mount+0xc0/0xc0
[  205.552870][ T8200]  ? lockdep_hardirqs_on+0x94/0x140
[  205.552889][ T8200]  ? __x64_sys_mount+0x1c/0xc0
[  205.552906][ T8200]  do_syscall_64+0x4c/0xa0
[  205.552922][ T8200]  ? clear_bhb_loop+0x60/0xb0
[  205.552939][ T8200]  ? clear_bhb_loop+0x60/0xb0
[  205.552956][ T8200]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  205.552977][ T8200] RIP: 0033:0x7f542758ebe9
[  205.553009][ T8200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.553023][ T8200] RSP: 002b:00007f54283e5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  205.553043][ T8200] RAX: ffffffffffffffda RBX: 00007f54277b6090 RCX: 00007f542758ebe9
[  205.572375][ T4554] usb 5-1: selecting invalid altsetting 1
[  205.576378][ T8200] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000
[  205.576396][ T8200] RBP: 00007f5427611e19 R08: 0000000000000000 R09: 0000000000000000
[  205.576406][ T8200] R10: 0000000002200020 R11: 0000000000000246 R12: 0000000000000000
[  205.576417][ T8200] R13: 00007f54277b6128 R14: 00007f54277b6090 R15: 00007ffd08a4fc28
[  205.576444][ T8200]  </TASK>
[  205.605409][ T4379] usb 2-1: USB disconnect, device number 10
[  205.613319][ T4554] dvb_ttusb_budget: ttusb_init_controller: error
[  205.631537][ T8200] Disabling lock debugging due to kernel taint
[  205.638034][ T4554] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  205.646485][ T8200] BUG: Bad page state in process syz.2.1404  pfn:27800
[  205.774536][ T8200] page:ffffea00009e0000 refcount:0 mapcount:0 mapping:0000000000000000 index:0x32 pfn:0x27800
[  205.779608][ T4554] DVB: Unable to find symbol cx22700_attach()
[  205.786199][ T8200] flags: 0xfff00000002006(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[  205.809754][ T8200] raw: 00fff00000002006 ffffea0000769cc8 ffffc9000ce77980 0000000000000000
[  205.818739][ T8200] raw: 0000000000000032 ffff8880207914d8 00000000ffffffff 0000000000000000
[  205.828293][ T8200] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  205.835763][ T8200] page_owner tracks the page as allocated
[  205.841517][ T8200] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 8182, tgid 8181 (syz.2.1404), ts 204894457819, free_ts 204879104486
[  205.856574][ T4554] DVB: Unable to find symbol tda10046_attach()
[  205.860213][ T8200]  post_alloc_hook+0x173/0x1a0
[  205.866572][ T4554] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  205.871393][ T8200]  get_page_from_freelist+0x1a26/0x1ac0
[  205.885986][ T8200]  __alloc_pages+0x1df/0x4e0
[  205.893172][ T8200]  folio_alloc+0x1c/0x60
[  205.901028][ T8200]  filemap_alloc_folio+0xdb/0x460
[  205.912789][ T8200]  __filemap_get_folio+0x697/0xdd0
[  205.918037][ T8200]  pagecache_get_page+0x26/0x250
[  205.923930][ T8200]  __get_metapage+0x2a4/0xfa0
[  205.928725][ T8200]  diNewExt+0x9eb/0x2cb0
[  205.933058][ T8200]  diAllocAG+0xde9/0x1c20
[  205.937743][ T8200]  diAlloc+0x1c9/0x1910
[  205.942164][ T8200]  ialloc+0x88/0x950
[  205.946189][ T8200]  jfs_mkdir+0x190/0xa70
[  205.950490][ T8200]  vfs_mkdir+0x387/0x570
[  205.954864][ T8200]  do_mkdirat+0x1d0/0x430
[  205.959385][ T8200]  __x64_sys_mkdirat+0x85/0x90
[  205.964301][ T8200] page last free stack trace:
[  205.969245][ T8200]  free_unref_page_prepare+0x8b4/0x9a0
[  205.974908][ T8200]  free_unref_page_list+0xbb/0x8e0
[  205.980084][ T8200]  release_pages+0x1f92/0x2200
[  205.985064][ T8200]  tlb_flush_mmu+0xff/0x210
[  205.990774][ T8200]  tlb_finish_mmu+0xbd/0x1c0
[  205.995505][ T8200]  exit_mmap+0x343/0x8e0
[  206.000393][ T8200]  __mmput+0x118/0x3c0
[  206.004574][ T8200]  exit_mm+0x1e6/0x2c0
[  206.008762][ T8200]  do_exit+0x8c1/0x2400
[  206.013082][ T8200]  do_group_exit+0x217/0x2d0
[  206.017787][ T8200]  __x64_sys_exit_group+0x3b/0x40
[  206.024620][ T8200]  do_syscall_64+0x4c/0xa0
[  206.029079][ T8200]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  206.035170][ T8200] Modules linked in:
[  206.039080][ T8200] CPU: 0 PID: 8200 Comm: syz.2.1404 Tainted: G    B              6.1.148-syzkaller #0
[  206.049060][ T8200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  206.059132][ T8200] Call Trace:
[  206.062439][ T8200]  <TASK>
[  206.065406][ T8200]  dump_stack_lvl+0x168/0x22e
[  206.070265][ T8200]  ? show_regs_print_info+0x12/0x12
[  206.075579][ T8200]  ? swiotlb_print_info+0x60/0x60
[  206.080626][ T8200]  bad_page+0x14b/0x170
[  206.085019][ T8200]  free_unref_page_prepare+0x42a/0x9a0
[  206.090500][ T8200]  ? percpu_ref_put+0x19/0x180
[  206.095372][ T8200]  free_unref_page_list+0xbb/0x8e0
[  206.100692][ T8200]  release_pages+0x1f92/0x2200
[  206.105589][ T8200]  ? lru_cache_disable+0x30/0x30
[  206.110552][ T8200]  ? folio_memcg_rcu+0x220/0x220
[  206.115503][ T8200]  __pagevec_release+0x6d/0xe0
[  206.120355][ T8200]  truncate_inode_pages_range+0x2f6/0xff0
[  206.126072][ T8200]  ? mapping_evict_folio+0x520/0x520
[  206.131447][ T8200]  ? parse_options+0xc03/0xdb0
[  206.136216][ T8200]  ? jfs_fill_super+0xac0/0xac0
[  206.141074][ T8200]  ? list_lru_walk_node+0x24f/0x2c0
[  206.146436][ T8200]  ? sync_filesystem+0x103/0x220
[  206.151366][ T8200]  jfs_remount+0x337/0x5a0
[  206.155886][ T8200]  ? jfs_statfs+0x550/0x550
[  206.160379][ T8200]  ? __might_sleep+0xd0/0xd0
[  206.165163][ T8200]  ? hook_sb_remount+0x19/0xc0
[  206.170142][ T8200]  reconfigure_super+0x219/0x880
[  206.175369][ T8200]  path_mount+0xdfd/0x1010
[  206.179870][ T8200]  ? kmem_cache_free+0xf7/0x290
[  206.185082][ T8200]  __se_sys_mount+0x2d6/0x3c0
[  206.189749][ T8200]  ? __x64_sys_mount+0xc0/0xc0
[  206.194675][ T8200]  ? lockdep_hardirqs_on+0x94/0x140
[  206.200044][ T8200]  ? __x64_sys_mount+0x1c/0xc0
[  206.205064][ T8200]  do_syscall_64+0x4c/0xa0
[  206.209562][ T8200]  ? clear_bhb_loop+0x60/0xb0
[  206.214488][ T8200]  ? clear_bhb_loop+0x60/0xb0
[  206.219152][ T8200]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  206.225054][ T8200] RIP: 0033:0x7f542758ebe9
[  206.229548][ T8200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.249319][ T8200] RSP: 002b:00007f54283e5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  206.258134][ T8200] RAX: ffffffffffffffda RBX: 00007f54277b6090 RCX: 00007f542758ebe9
[  206.266189][ T8200] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000
[  206.274516][ T8200] RBP: 00007f5427611e19 R08: 0000000000000000 R09: 0000000000000000
[  206.282669][ T8200] R10: 0000000002200020 R11: 0000000000000246 R12: 0000000000000000
[  206.290855][ T8200] R13: 00007f54277b6128 R14: 00007f54277b6090 R15: 00007ffd08a4fc28
[  206.299047][ T8200]  </TASK>
[  206.308003][ T8200] BUG: Bad page state in process syz.2.1404  pfn:1da73
[  206.317724][ T8200] page:ffffea0000769cc0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x31 pfn:0x1da73
[  206.329589][ T8200] flags: 0xfff00000002006(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[  206.339480][ T8200] raw: 00fff00000002006 ffffc9000ce77980 ffffc9000ce77980 0000000000000000
[  206.348273][ T8200] raw: 0000000000000031 ffff8880207919b0 00000000ffffffff 0000000000000000
[  206.357168][ T8200] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  206.364669][ T8200] page_owner tracks the page as allocated
[  206.370462][ T8200] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 8182, tgid 8181 (syz.2.1404), ts 204894420256, free_ts 204879112932
[  206.389868][ T8200]  post_alloc_hook+0x173/0x1a0
[  206.394667][ T8200]  get_page_from_freelist+0x1a26/0x1ac0
[  206.401034][ T8200]  __alloc_pages+0x1df/0x4e0
[  206.405701][ T8200]  folio_alloc+0x1c/0x60
[  206.410141][ T8200]  filemap_alloc_folio+0xdb/0x460
[  206.415391][ T8200]  __filemap_get_folio+0x697/0xdd0
[  206.423322][ T8200]  pagecache_get_page+0x26/0x250
[  206.423434][ T4394] zl10353_read_register: readreg error (reg=127, ret==0)
[  206.435961][ T8204] usb 4-1: dvb_usb_au6610: wlen=0, aborting
[  206.442052][ T8200]  __get_metapage+0x2a4/0xfa0
[  206.457813][ T8200]  diNewExt+0x9eb/0x2cb0
[  206.462653][ T8200]  diAllocAG+0xde9/0x1c20
[  206.467049][ T8200]  diAlloc+0x1c9/0x1910
[  206.472985][ T8200]  ialloc+0x88/0x950
[  206.476939][ T8200]  jfs_mkdir+0x190/0xa70
[  206.481468][ T8200]  vfs_mkdir+0x387/0x570
[  206.485836][ T8200]  do_mkdirat+0x1d0/0x430
[  206.491783][ T8200]  __x64_sys_mkdirat+0x85/0x90
[  206.496686][ T8200] page last free stack trace:
[  206.502805][ T4394] usb 4-1: USB disconnect, device number 10
[  206.504541][ T8200]  free_unref_page_prepare+0x8b4/0x9a0
[  206.516291][ T8200]  free_unref_page_list+0xbb/0x8e0
[  206.523139][ T8200]  release_pages+0x1f92/0x2200
[  206.528166][ T4554] usb 5-1: USB disconnect, device number 10
[  206.542803][ T8200]  tlb_flush_mmu+0xff/0x210
[  206.547376][ T8200]  tlb_finish_mmu+0xbd/0x1c0
[  206.559744][ T8200]  exit_mmap+0x343/0x8e0
[  206.564078][ T8200]  __mmput+0x118/0x3c0
[  206.568247][ T8200]  exit_mm+0x1e6/0x2c0
[  206.581803][ T8200]  do_exit+0x8c1/0x2400
[  206.586024][ T8200]  do_group_exit+0x217/0x2d0
[  206.595729][ T8200]  __x64_sys_exit_group+0x3b/0x40
[  206.601504][ T8200]  do_syscall_64+0x4c/0xa0
[  206.605963][ T8200]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  206.612046][ T8200] Modules linked in:
[  206.616079][ T8200] CPU: 0 PID: 8200 Comm: syz.2.1404 Tainted: G    B              6.1.148-syzkaller #0
[  206.625705][ T8200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  206.635941][ T8200] Call Trace:
[  206.639338][ T8200]  <TASK>
[  206.642362][ T8200]  dump_stack_lvl+0x168/0x22e
[  206.647194][ T8200]  ? show_regs_print_info+0x12/0x12
[  206.652387][ T8200]  ? swiotlb_print_info+0x60/0x60
[  206.657699][ T8200]  bad_page+0x14b/0x170
[  206.661979][ T8200]  free_unref_page_prepare+0x42a/0x9a0
[  206.667790][ T8200]  ? percpu_ref_put+0x19/0x180
[  206.672650][ T8200]  free_unref_page_list+0xbb/0x8e0
[  206.678013][ T8200]  release_pages+0x1f92/0x2200
[  206.682971][ T8200]  ? lru_cache_disable+0x30/0x30
[  206.688118][ T8200]  ? folio_memcg_rcu+0x220/0x220
[  206.693240][ T8200]  __pagevec_release+0x6d/0xe0
[  206.698081][ T8200]  truncate_inode_pages_range+0x2f6/0xff0
[  206.703803][ T8200]  ? mapping_evict_folio+0x520/0x520
[  206.709090][ T8200]  ? parse_options+0xc03/0xdb0
[  206.713874][ T8200]  ? jfs_fill_super+0xac0/0xac0
[  206.718804][ T8200]  ? list_lru_walk_node+0x24f/0x2c0
[  206.724005][ T8200]  ? sync_filesystem+0x103/0x220
[  206.729043][ T8200]  jfs_remount+0x337/0x5a0
[  206.733562][ T8200]  ? jfs_statfs+0x550/0x550
[  206.738066][ T8200]  ? __might_sleep+0xd0/0xd0
[  206.742759][ T8200]  ? hook_sb_remount+0x19/0xc0
[  206.747764][ T8200]  reconfigure_super+0x219/0x880
[  206.752713][ T8200]  path_mount+0xdfd/0x1010
[  206.757218][ T8200]  ? kmem_cache_free+0xf7/0x290
[  206.762077][ T8200]  __se_sys_mount+0x2d6/0x3c0
[  206.766848][ T8200]  ? __x64_sys_mount+0xc0/0xc0
[  206.771608][ T8200]  ? lockdep_hardirqs_on+0x94/0x140
[  206.776935][ T8200]  ? __x64_sys_mount+0x1c/0xc0
[  206.781716][ T8200]  do_syscall_64+0x4c/0xa0
[  206.786226][ T8200]  ? clear_bhb_loop+0x60/0xb0
[  206.790980][ T8200]  ? clear_bhb_loop+0x60/0xb0
[  206.795780][ T8200]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  206.801684][ T8200] RIP: 0033:0x7f542758ebe9
[  206.806188][ T8200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.826141][ T8200] RSP: 002b:00007f54283e5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  206.834589][ T8200] RAX: ffffffffffffffda RBX: 00007f54277b6090 RCX: 00007f542758ebe9
[  206.843104][ T8200] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000
[  206.851349][ T8200] RBP: 00007f5427611e19 R08: 0000000000000000 R09: 0000000000000000
[  206.859701][ T8200] R10: 0000000002200020 R11: 0000000000000246 R12: 0000000000000000
[  206.867856][ T8200] R13: 00007f54277b6128 R14: 00007f54277b6090 R15: 00007ffd08a4fc28
[  206.875980][ T8200]  </TASK>
[  206.880442][ T8200] BUG: Bad page state in process syz.2.1404  pfn:5e7ea
[  206.888215][ T8200] page:ffffea000179fa80 refcount:0 mapcount:0 mapping:0000000000000000 index:0xd pfn:0x5e7ea
[  206.898746][ T8200] flags: 0xfff00000002006(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[  206.908916][ T8200] raw: 00fff00000002006 ffffc9000ce77980 ffffc9000ce77980 0000000000000000
[  206.917717][ T8200] raw: 000000000000000d ffff888067d17e88 00000000ffffffff 0000000000000000
[  206.926623][ T8200] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  206.934135][ T8200] page_owner tracks the page as allocated
[  206.939913][ T8200] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 8182, tgid 8181 (syz.2.1404), ts 204889912057, free_ts 204879131800
[  206.958690][ T8200]  post_alloc_hook+0x173/0x1a0
[  206.963512][ T8200]  get_page_from_freelist+0x1a26/0x1ac0
[  206.969284][ T8200]  __alloc_pages+0x1df/0x4e0
[  206.973999][ T8200]  folio_alloc+0x1c/0x60
[  206.978254][ T8200]  filemap_alloc_folio+0xdb/0x460
[  206.983557][ T8200]  do_read_cache_folio+0x1bb/0x760
[  206.988801][ T8200]  do_read_cache_page+0x32/0x220
[  206.994965][ T8200]  __get_metapage+0x316/0xfa0
[  206.999814][ T8200]  diWriteSpecial+0x1b0/0x460
[  207.004536][ T8200]  diSync+0x669/0x890
[  207.008532][ T8200]  diAllocAG+0x16e5/0x1c20
[  207.013616][ T8200]  diAlloc+0x1c9/0x1910
[  207.017799][ T8200]  ialloc+0x88/0x950
[  207.021828][ T8200]  jfs_mkdir+0x190/0xa70
[  207.026200][ T8200]  vfs_mkdir+0x387/0x570
[  207.030579][ T8200]  do_mkdirat+0x1d0/0x430
[  207.034926][ T8200] page last free stack trace:
[  207.039619][ T8200]  free_unref_page_prepare+0x8b4/0x9a0
[  207.045260][ T8200]  free_unref_page_list+0xbb/0x8e0
[  207.052327][ T8200]  release_pages+0x1f92/0x2200
[  207.057209][ T8200]  tlb_flush_mmu+0xff/0x210
[  207.062078][ T8200]  tlb_finish_mmu+0xbd/0x1c0
[  207.067064][ T8200]  exit_mmap+0x343/0x8e0
[  207.071568][ T8200]  __mmput+0x118/0x3c0
[  207.076190][ T8200]  exit_mm+0x1e6/0x2c0
[  207.080586][ T8200]  do_exit+0x8c1/0x2400
[  207.085404][ T8200]  do_group_exit+0x217/0x2d0
[  207.090119][ T8200]  __x64_sys_exit_group+0x3b/0x40
[  207.095176][ T8200]  do_syscall_64+0x4c/0xa0
[  207.100064][ T8200]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  207.106123][ T8200] Modules linked in:
[  207.110113][ T8200] CPU: 0 PID: 8200 Comm: syz.2.1404 Tainted: G    B              6.1.148-syzkaller #0
[  207.120151][ T8200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  207.130383][ T8200] Call Trace:
[  207.133654][ T8200]  <TASK>
[  207.136591][ T8200]  dump_stack_lvl+0x168/0x22e
[  207.141468][ T8200]  ? show_regs_print_info+0x12/0x12
[  207.146670][ T8200]  ? swiotlb_print_info+0x60/0x60
[  207.151781][ T8200]  bad_page+0x14b/0x170
[  207.156243][ T8200]  free_unref_page_prepare+0x42a/0x9a0
[  207.161702][ T8200]  free_unref_page_list+0xbb/0x8e0
[  207.166833][ T8200]  release_pages+0x1f92/0x2200
[  207.171753][ T8200]  ? lru_cache_disable+0x30/0x30
[  207.176685][ T8200]  ? _raw_spin_lock_irq+0xab/0xe0
[  207.182072][ T8200]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  207.187620][ T8200]  ? do_raw_spin_unlock+0x11d/0x230
[  207.192904][ T8200]  __pagevec_release+0x6d/0xe0
[  207.197669][ T8200]  truncate_inode_pages_range+0xc94/0xff0
[  207.203585][ T8200]  ? mapping_evict_folio+0x520/0x520
[  207.209067][ T8200]  ? parse_options+0xc03/0xdb0
[  207.214134][ T8200]  ? jfs_fill_super+0xac0/0xac0
[  207.219084][ T8200]  ? list_lru_walk_node+0x24f/0x2c0
[  207.224378][ T8200]  ? sync_filesystem+0x103/0x220
[  207.229671][ T8200]  jfs_remount+0x337/0x5a0
[  207.234170][ T8200]  ? jfs_statfs+0x550/0x550
[  207.238788][ T8200]  ? __might_sleep+0xd0/0xd0
[  207.243465][ T8200]  ? hook_sb_remount+0x19/0xc0
[  207.248314][ T8200]  reconfigure_super+0x219/0x880
[  207.253247][ T8200]  path_mount+0xdfd/0x1010
[  207.257651][ T8200]  ? kmem_cache_free+0xf7/0x290
[  207.262503][ T8200]  __se_sys_mount+0x2d6/0x3c0
[  207.267289][ T8200]  ? __x64_sys_mount+0xc0/0xc0
[  207.272138][ T8200]  ? lockdep_hardirqs_on+0x94/0x140
[  207.277524][ T8200]  ? __x64_sys_mount+0x1c/0xc0
[  207.282296][ T8200]  do_syscall_64+0x4c/0xa0
[  207.286994][ T8200]  ? clear_bhb_loop+0x60/0xb0
[  207.291681][ T8200]  ? clear_bhb_loop+0x60/0xb0
[  207.296635][ T8200]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  207.302929][ T8200] RIP: 0033:0x7f542758ebe9
[  207.307518][ T8200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.327298][ T8200] RSP: 002b:00007f54283e5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  207.335704][ T8200] RAX: ffffffffffffffda RBX: 00007f54277b6090 RCX: 00007f542758ebe9
[  207.343680][ T8200] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000
[  207.351760][ T8200] RBP: 00007f5427611e19 R08: 0000000000000000 R09: 0000000000000000
[  207.360016][ T8200] R10: 0000000002200020 R11: 0000000000000246 R12: 0000000000000000
[  207.367981][ T8200] R13: 00007f54277b6128 R14: 00007f54277b6090 R15: 00007ffd08a4fc28
[  207.376035][ T8200]  </TASK>
[  207.395784][  T107] BUG: Bad page state in process jfsCommit  pfn:74817
[  207.406907][  T107] page:ffffea0001d205c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x30 pfn:0x74817
[  207.418121][  T107] flags: 0xfff00000002047(locked|referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[  207.430578][  T107] raw: 00fff00000002047 dead000000000100 dead000000000122 0000000000000000
[  207.439346][  T107] raw: 0000000000000030 ffff888020791e88 00000000ffffffff 0000000000000000
[  207.448638][  T107] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  207.456370][  T107] page_owner tracks the page as allocated
[  207.462403][  T107] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 8182, tgid 8181 (syz.2.1404), ts 204894374691, free_ts 204879122474
[  207.481471][  T107]  post_alloc_hook+0x173/0x1a0
[  207.486458][  T107]  get_page_from_freelist+0x1a26/0x1ac0
[  207.492240][  T107]  __alloc_pages+0x1df/0x4e0
[  207.496849][  T107]  folio_alloc+0x1c/0x60
[  207.501160][  T107]  filemap_alloc_folio+0xdb/0x460
[  207.506287][  T107]  __filemap_get_folio+0x697/0xdd0
[  207.511447][  T107]  pagecache_get_page+0x26/0x250
[  207.516395][  T107]  __get_metapage+0x2a4/0xfa0
[  207.521130][  T107]  diNewExt+0x9eb/0x2cb0
[  207.525729][  T107]  diAllocAG+0xde9/0x1c20
[  207.530212][  T107]  diAlloc+0x1c9/0x1910
[  207.534374][  T107]  ialloc+0x88/0x950
[  207.538271][  T107]  jfs_mkdir+0x190/0xa70
[  207.542636][  T107]  vfs_mkdir+0x387/0x570
[  207.547236][  T107]  do_mkdirat+0x1d0/0x430
[  207.551627][  T107]  __x64_sys_mkdirat+0x85/0x90
[  207.556419][  T107] page last free stack trace:
[  207.561157][  T107]  free_unref_page_prepare+0x8b4/0x9a0
[  207.566673][  T107]  free_unref_page_list+0xbb/0x8e0
[  207.571912][  T107]  release_pages+0x1f92/0x2200
[  207.576783][  T107]  tlb_flush_mmu+0xff/0x210
[  207.581441][  T107]  tlb_finish_mmu+0xbd/0x1c0
[  207.586085][  T107]  exit_mmap+0x343/0x8e0
[  207.590375][  T107]  __mmput+0x118/0x3c0
[  207.594655][  T107]  exit_mm+0x1e6/0x2c0
[  207.598722][  T107]  do_exit+0x8c1/0x2400
[  207.603008][  T107]  do_group_exit+0x217/0x2d0
[  207.607614][  T107]  __x64_sys_exit_group+0x3b/0x40
[  207.612811][  T107]  do_syscall_64+0x4c/0xa0
[  207.617534][  T107]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  207.623576][  T107] Modules linked in:
[  207.627827][  T107] CPU: 0 PID: 107 Comm: jfsCommit Tainted: G    B              6.1.148-syzkaller #0
[  207.637476][  T107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  207.647529][  T107] Call Trace:
[  207.650857][  T107]  <TASK>
[  207.653775][  T107]  dump_stack_lvl+0x168/0x22e
[  207.658621][  T107]  ? show_regs_print_info+0x12/0x12
[  207.663813][  T107]  ? swiotlb_print_info+0x60/0x60
[  207.668907][  T107]  bad_page+0x14b/0x170
[  207.673097][  T107]  free_unref_page_prepare+0x42a/0x9a0
[  207.678593][  T107]  free_unref_page+0x2e/0x3f0
[  207.683282][  T107]  ? __folio_put+0xf1/0x210
[  207.687882][  T107]  txUnlock+0x27e/0xcb0
[  207.692048][  T107]  jfs_lazycommit+0x56c/0xa50
[  207.696758][  T107]  ? txFreelock+0x5a0/0x5a0
[  207.701248][  T107]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  207.707228][  T107]  ? do_task_dead+0xd0/0xd0
[  207.711915][  T107]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  207.717804][  T107]  ? __kthread_parkme+0x162/0x1c0
[  207.722824][  T107]  kthread+0x29d/0x330
[  207.726908][  T107]  ? txFreelock+0x5a0/0x5a0
[  207.731407][  T107]  ? kthread_blkcg+0xd0/0xd0
[  207.736076][  T107]  ret_from_fork+0x1f/0x30
[  207.740503][  T107]  </TASK>
[  207.747254][  T107] page:ffffea0001d205c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x30 pfn:0x74817
[  207.758202][  T107] flags: 0xfff00000002047(locked|referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[  207.769776][  T107] raw: 00fff00000002047 dead000000000100 dead000000000122 0000000000000000
[  207.778376][  T107] raw: 0000000000000030 ffff888020791e88 00000000ffffffff 0000000000000000
[  207.787261][  T107] page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u))
[  207.797632][  T107] page_owner tracks the page as allocated
[  207.803475][  T107] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 8182, tgid 8181 (syz.2.1404), ts 204894374691, free_ts 204879122474
[  207.822140][  T107]  post_alloc_hook+0x173/0x1a0
[  207.827034][  T107]  get_page_from_freelist+0x1a26/0x1ac0
[  207.833333][  T107]  __alloc_pages+0x1df/0x4e0
[  207.837956][  T107]  folio_alloc+0x1c/0x60
[  207.842244][  T107]  filemap_alloc_folio+0xdb/0x460
[  207.847561][  T107]  __filemap_get_folio+0x697/0xdd0
[  207.853239][  T107]  pagecache_get_page+0x26/0x250
[  207.858387][  T107]  __get_metapage+0x2a4/0xfa0
[  207.863256][  T107]  diNewExt+0x9eb/0x2cb0
[  207.867515][  T107]  diAllocAG+0xde9/0x1c20
[  207.872038][  T107]  diAlloc+0x1c9/0x1910
[  207.876290][  T107]  ialloc+0x88/0x950
[  207.880335][  T107]  jfs_mkdir+0x190/0xa70
[  207.884871][  T107]  vfs_mkdir+0x387/0x570
[  207.889468][  T107]  do_mkdirat+0x1d0/0x430
[  207.894147][  T107]  __x64_sys_mkdirat+0x85/0x90
[  207.899112][  T107] page last free stack trace:
[  207.904348][  T107]  free_unref_page_prepare+0x8b4/0x9a0
[  207.910049][  T107]  free_unref_page_list+0xbb/0x8e0
[  207.915254][  T107]  release_pages+0x1f92/0x2200
[  207.920166][  T107]  tlb_flush_mmu+0xff/0x210
[  207.924774][  T107]  tlb_finish_mmu+0xbd/0x1c0
[  207.929362][  T107]  exit_mmap+0x343/0x8e0
[  207.934054][  T107]  __mmput+0x118/0x3c0
[  207.938399][  T107]  exit_mm+0x1e6/0x2c0
[  207.942620][  T107]  do_exit+0x8c1/0x2400
[  207.946802][  T107]  do_group_exit+0x217/0x2d0
[  207.951611][  T107]  __x64_sys_exit_group+0x3b/0x40
[  207.956821][  T107]  do_syscall_64+0x4c/0xa0
[  207.961390][  T107]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  207.967448][  T107] ------------[ cut here ]------------
[  207.973016][  T107] kernel BUG at include/linux/mm.h:1135!
[  207.978747][  T107] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  207.984809][  T107] CPU: 0 PID: 107 Comm: jfsCommit Tainted: G    B              6.1.148-syzkaller #0
[  207.994166][  T107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  208.004212][  T107] RIP: 0010:put_metapage+0x24f/0x340
[  208.009491][  T107] Code: 38 c1 0f 8c 32 ff ff ff 4c 89 ef e8 bb 6e e4 fe e9 25 ff ff ff e8 21 52 94 fe 48 8b 3c 24 48 c7 c6 80 23 c6 8a e8 31 de ce fe <0f> 0b 4c 8b 2c 24 4c 89 ee 48 81 e6 ff 0f 00 00 31 ff e8 da 55 94
[  208.029290][  T107] RSP: 0018:ffffc9000254fce0 EFLAGS: 00010246
[  208.035352][  T107] RAX: 05eac30cec27f700 RBX: ffff888020791e88 RCX: 05eac30cec27f700
[  208.043704][  T107] RDX: 0000000000000000 RSI: ffffffff8adef680 RDI: ffffffff8adef640
[  208.051864][  T107] RBP: 000000000000007f R08: dffffc0000000000 R09: fffffbfff1c3ea96
[  208.059845][  T107] R10: fffffbfff1c3ea96 R11: 1ffffffff1c3ea95 R12: ffff888020791eb0
[  208.067893][  T107] R13: ffffea0001d205f4 R14: 1ffff110040f23d6 R15: 1ffff110040f23e3
[  208.075976][  T107] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  208.084991][  T107] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  208.091659][  T107] CR2: 00007f135b384198 CR3: 00000000244d6000 CR4: 00000000003506f0
[  208.099716][  T107] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  208.107764][  T107] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  208.115729][  T107] Call Trace:
[  208.119180][  T107]  <TASK>
[  208.122103][  T107]  txUnlock+0x427/0xcb0
[  208.126254][  T107]  jfs_lazycommit+0x56c/0xa50
[  208.131190][  T107]  ? txFreelock+0x5a0/0x5a0
[  208.135677][  T107]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  208.141562][  T107]  ? do_task_dead+0xd0/0xd0
[  208.146228][  T107]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  208.152111][  T107]  ? __kthread_parkme+0x162/0x1c0
[  208.157216][  T107]  kthread+0x29d/0x330
[  208.161306][  T107]  ? txFreelock+0x5a0/0x5a0
[  208.166064][  T107]  ? kthread_blkcg+0xd0/0xd0
[  208.171083][  T107]  ret_from_fork+0x1f/0x30
[  208.175639][  T107]  </TASK>
[  208.178659][  T107] Modules linked in:
[  208.187793][  T107] ---[ end trace 0000000000000000 ]---
[  208.193318][  T107] RIP: 0010:put_metapage+0x24f/0x340
[  208.198623][  T107] Code: 38 c1 0f 8c 32 ff ff ff 4c 89 ef e8 bb 6e e4 fe e9 25 ff ff ff e8 21 52 94 fe 48 8b 3c 24 48 c7 c6 80 23 c6 8a e8 31 de ce fe <0f> 0b 4c 8b 2c 24 4c 89 ee 48 81 e6 ff 0f 00 00 31 ff e8 da 55 94
[  208.218823][  T107] RSP: 0018:ffffc9000254fce0 EFLAGS: 00010246
[  208.224957][  T107] RAX: 05eac30cec27f700 RBX: ffff888020791e88 RCX: 05eac30cec27f700
[  208.233148][  T107] RDX: 0000000000000000 RSI: ffffffff8adef680 RDI: ffffffff8adef640
[  208.241861][  T107] RBP: 000000000000007f R08: dffffc0000000000 R09: fffffbfff1c3ea96
[  208.250259][  T107] R10: fffffbfff1c3ea96 R11: 1ffffffff1c3ea95 R12: ffff888020791eb0
[  208.258241][  T107] R13: ffffea0001d205f4 R14: 1ffff110040f23d6 R15: 1ffff110040f23e3
[  208.266446][  T107] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  208.275564][  T107] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  208.282183][  T107] CR2: 00007f135b384198 CR3: 00000000244d6000 CR4: 00000000003506f0
[  208.290478][  T107] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  208.298460][  T107] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  208.306578][  T107] Kernel panic - not syncing: Fatal exception
[  208.313128][  T107] Kernel Offset: disabled
[  208.317475][  T107] Rebooting in 86400 seconds..