last executing test programs:

4m19.94903688s ago: executing program 1 (id=5439):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020100090a0000000600000000000000030006000000000002000000ffffffff0000000000000000010005"], 0x50}}, 0x0)

4m19.736702818s ago: executing program 1 (id=5441):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000005c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000600)={0x1, 0x0, 0x3, 0x2})

4m19.628813328s ago: executing program 1 (id=5443):
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3002, 0x6, &(0x7f0000000000)=0xa636, 0x9, 0x0)
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x6, &(0x7f0000000040)=0x5, 0x9, 0x2)

4m19.351623066s ago: executing program 1 (id=5445):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000000)={[{@nodioread_nolock}, {@inlinecrypt}, {@minixdf}, {@barrier}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
mount(&(0x7f0000000000)=@loop={'/dev/loop', 0x0}, &(0x7f0000000240)='./file0\x00', &(0x7f00000001c0)='ext4\x00', 0x0, 0x0)

4m18.902988039s ago: executing program 1 (id=5448):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0xe, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x1, 0x0, "2115beba7af972a16fd06e6b4594848119e1a8bc94b6871c7f46690000000011"})

4m17.243660302s ago: executing program 1 (id=5474):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2010880, &(0x7f0000000740)=ANY=[@ANYBLOB='iocharset=cp737,umask=0\x00\x00\x00\x00\x00\x00\x00@0800d=', @ANYRESHEX=0x0, @ANYBLOB=',integrity,errors=continue,discard,noquota\x00iocharset=cp850,grpquota,usrquota,uid=', @ANYRESHEX=0x0, @ANYBLOB=',quota,gid=', @ANYRESHEX=0x0, @ANYRESHEX, @ANYRESHEX=0x0, @ANYBLOB=',errors=continue,subj_type=+-]{.&Q.,fowner=', @ANYRESDEC=0x0, @ANYBLOB=',measure,\x00'], 0x5, 0x615b, &(0x7f0000008b40)="$eJzs3UuPHFfZB/Cnr3PJm2SURZTXQmjihEsI8TUYQ4A4C1iwyQJ5i2xNJpGFA8g2yIksPGg2LFjxCUBILBFiiVjwAbJgyy4rVkSykUBZUahmzvFUt7vdY8bT1TPn95PG1U+d6u5T/e/qi6uqTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8d3vfO9sJyKu/DTNWIv4v+hFdCNW6no9IlbW1/Ly/Yh4IXaa4/mIGCxF1Nff+efZiNcj4qNnIu7dv7NRzz63z358+w9/++33n3r7r78fnP73H2/13pi23O3bv/zXn+4ebJ0BAACgNFVVVZ30Nf9E+n7fbbtTAMBc5Pf/KsnzF6buHtLt/+rvb/95EdZPrVar1eo51k3VZHebRURsNa9Tf2awOx4Ajpit+LTtLtAi+RetHxFPtd0JYKF12u4Ah+Le/TsbnZRvp/l+sL7bno8FGcl/q/Pg/I5p01nGjzGZ1/NrO3rx3JT+rMypD4sk598dz//KbvswLXfY+c/LtPyHu6c+FSfn3xvPf8zxyb87Mf9S5fz7j5V/T/4AAAAAALDA8v//r7W8/3fp4KuyL4/a/7s+pz4AAAAAAAAAwJN20PH/HjD+HwAAACys+rt67dfP7M2b9lts9fzLnYinx5YHCpNOllltux8AAAAAAAAAAAAAUJL+7jG8lzsRg4h4enW1qqr6r2m8flwHvf5RV/r6Q8nafpEHAIBdHz0zdi5/J2I5Ii6n3/obrK6uVtXyymq1Wq0s5c+zw6XlaqXxvTZP63lLw318IO4Pq/rGlhvXa5r1fXlW+/jt1fc1rHr76NgTMkiP5pTmlsIGgGT33eied6RjpqqenfbhA0bY/o8f2z/70fbzFAAAADh8VVVVnfRz3ifSPv9u250CAOYiv/+P7xc4lDricG9frVYf97qzYP1Rq49c3VRNdrdZRMRW8zr1ZwbD8QPAEbMVn7bdBVok/6L1I+KFtjsBLLRO2x3gUNy7f2ejk/LtNN8P0vju+ViQkfy3OjvXy9efNJ1l/BiTeT2/tqMXz03pz/Nz6sMiyfl3x/O/sts+TMsddv7zMi3/ej3XWuhP23L+vfH8xxyf/LsT8y9Vzr//WPn35A8AAAAAAAss////mv2/eZUBAAAAAAAA4Mi5d//ORj7vNe///8yE5Zz/eTzl/DvyL1LOvzuW/xfHlus1Ln/y1l7+/7x/Z+N3t/7x/3m63/yX8oVOemZ10jOik+6p00/Tg6zdw7YHvWF9T4NOt9dPx/xUg3fjWlyPzTgzsmw3PR577WdH2uueDkbaz4209x9qPz/SPki/O1Ct5PZTsRE/iuvxzk573bY0Y/2XZ7RXM9pz/j3bf5Fy/v3GX53/amrvjE2jsWk2t/vmdNL9XLr22V+cOeR12Y/t6D1Yt6Z6/U620J+dx+SpYfzk5uaNU7ev3rp142ykycjcc5EmT1jOf7Dzt7T3+v/Sbnt+3W9ur5/8fPjQ6/6s/BfFdvSn5v9S43K9vq/MuW9tyPkP01/O/53UPmn7P9r5T9/+X22hPwAAAAAAAAAAAAAAAPAoVVXtnCJ6KSIupPN/2jo3EwCYr/z+XyV5vlqtVqvV7dYfD5tz2u/P8aibqsnebBYR8ZfmderPDD+bdGMAwCL7T0R83HYnaI38C5Z/76+evtx2Z4C5uvnBhz+4ev365o2bbfcEAAAAAAAAAPhf5fE/1xvjP78cEWtjy42M//pWrB90/M9+vvBggNEnPND3FNvdYa/bGG78xdgZn/vUtPG/T8ajx//uz7i/wYz24Yz2pRntyxPn7qU18USPhpz/i43xzuv8T4wNv17C+K/jY96XIOd/svF8rvP/wthyzfyr3yxc/lv7XXA7uiP5n771/o9P3/zgw9euvX/1vc33Nn94/uzZM+cvXLh48eLpd69d3zyz++/h9HoB5Pzz2NeOAy1Lzj9nLv+y5Pw/l2r5lyXn//lUy78sOf/8eU/+Zcn55+8+8i9Lzv+VVMu/LDn/L6Va/mXJ+b+aavmXJef/5VTLvyw5/9dSLf+y5PxPpVr+Zcn5n071PvL38/DHSM4/7+Gy/Zcl55+PbJB/WXL+51It/7Lk/M+nWv5lyfm/nmr5lyXn/5VUy78sOf8LqZZ/WXL+X021/MuS87+YavmXJef/tVTLvyw5/6+nWv5lyfm/kWr5lyXn/41Uy78sOf9vplr+Zcn5fyvV8i9Lzv/NVMu/LHu//1/uhUvpsViU/rjgQvsXWn5hAgAAAAAAAAAAAAAeMo/DidteRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe/cWI9dd3wH8zF7stUOIgRCc1JBNYkJIluzaTnyhTTHh2gClQEKhF2zXuzYLvuG1S6BINg2USBgVVVRNH2gBoTZSVWEhHmhFaR6qXp5K+0BfKqpKSI1QQAYJqa1otpo5///fM+PZObve8Xr2/D8fyf7tzpyZc+bMmdn9rv3dAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAuzveMPeZRlEUzT+tv7YUxQuaH2+a3NK67LXXewsBAACA1fq/1t+XbkoX7F/GjdqW+YdX/PM3FhcXF4v3jf7h+BcWF9MVk0UxvrEoWtdFF//z/Y32ZYInionGSNvnIxWrH624fqzi+vGK6zdUXL+x4vqJiuuv2AFX2FT+PKZ1Z9tbH24pd2lxczHeum57j1s90dg4MhJ/ltPSaN1mcfxIMV8cK+aKmY7ly2UbreW/dUdzXW8t4rpG2ta1rXmE/PgTh+M2NMI+3t6xrsv3Gf3w9cXkT378icN/dua5W3vNyt3QcX/ldt5zZ3M7PxUuKbe1UWxM+yRu50jbdm7r8ZyMdmxno3W75sfd23lpmds5enkz11T3cz5RjLQ+/k5rP421/1gv7adt4bL/vqsoivOXN7t7mSvWVYwUmzsuGbn8/EyUR2TzPpqH0ouLsRUdp3cs4zhtztntncdp92siPv93hNuNLbEN7U/TDz+54YrnfaXHadR81Eu9VrqPwUG/VoblGIzHxXdaD/rJnsfg9vD4P3H30sdgz2OnxzGYHnfbMXhn1TE4smG0tc3pSWi0bnP5GNzRsfxoa02N1nz27v7H4PSZ46emFz728dfMHz90dO7o3IldO3bM7Nq9e+/evdNH5o/NzZR/X+XeHn6bi5H0Grgz7Lv4GnhV17Lth+rilwf3Opzo8zrc0rXsoF+HY90PrrE2L8grj+nytfFoc6dPXBgplniNtZ6fe1f/OkyPu+11ONb2Ouz5NaXH63BsGa/D5jKn7l3e9yxjbX96bcO1+lqwpe0Y7P5+pPsYHPT3I8NyDE6E4+Lf7136a8G2sL1PTq30+5HRK47B9HDDe0/zkvT9/sTe1uh1XN7WvOKGDcXZhbnT9z9+6MyZ0zuKMNbES9qOle7jdXPbYyquOF5HVny87p9/xZO39bh8S9hXE69p/jWx5HPVXOaB+/s/V62vbr33Z8elO4swBmyt92evr+bN/ZmyZJ/92VzmU9Or/1485dK299/xJd5/Y+5/vlxfuqsnRsfHytfvaNo74x3vx51P1VjrvavRWvel6eW9H4+HP2v9fnxzn/fjrV3LDvr9eLz7wcX340bVTztWp/v5nAjHybGZ/u/HzWW27lzpMTnW9/34rjAbYf+/OiSFlIvajp2ljtu0rrGx8fC4xuIaOo/TXR3Lj4ds1lzX0zuv7ji9567yvkbTo7tsrY7Tya5lB32cpverpY7TRtVP365O9/M5EY6Lm3f1P06byzzzwOrfOzfFD9veOzdUHYPjoxua2zyeDsLy/X5xUzwG7y8OFyeLY8Vs69oNreOp0VrX1IPLOwY3hD9r/V65tc8xeE/XsoM+BtPXsaWOvcbYlQ9+ALqfz4lwXDz1YP9jsLnMG/cM9nvXe8IlaZm27127f7621M+8buvaTdfyZ17N7fy7Pf1/Nttc5tjelebM/vvpvnDJDT32U/frd6nX1GyxNvtpa9jO5/YuvZ+a29Nc5gv7lnk87S+K4txHHm79vDf8+8rXz373Gx3/7tLr33TOfeThH9145O9Xsv0ArH/Pl2Nz+bWu7V+mlvPv/wAAAMC6EHP/SJiJ/A8AAAC1EXN//F/hifwPAAAAtRFz/1iYSSb5f+sbn5t//lyRmvmLQbw+7YZHyuVix3UmfD65eFnz8oe/OvfTvz63vHWPFEXxs0d+p+fyWx+J21WaDNt58U2dl195w3PLWv/Bxy4v195f/1K4//h4wuOv+lWKPSu4M0VRfOumz7XWM/n+C635zCMHW/Pd5598ornMpX3l5/H2z76kXP6Lofy7/8ihjts/G/bD98OceVvv/RFv97ULr962572X1xdv17jzha2H/dQHyvuND/DzT5TLx/281Pb/zWef/lpz+cdf2Xv7z4303v6nw/1+Ncz/eXm5fPtz0Pw83u7TYfvj+uLt7v/Kt3tu/8XPlMufenO53MEw4/rvCZ9vf/Nz8+376/HGoY7HVbylXC6uf+a7v9+6Pt5fvP/u7Z84cKFjf3QfH8/8a3k/013Lx8vjeqK/6lp/837aj8+4/qd/72DHfq5a/8V3P/vy5v12r/++ruVGu27f/Rub/uTTn+u5vrg9+//yVMfj2f+u8DoO63/qA+F4DNf/78XPdaw3OviuzvefuPyXtpzreDzRW39Srv/i64625n9N/vSPb3jBjS88f3tz3xXFd95T3l/V+o/+6cmO7f/yLfe2no94fezod69/KXH9pz86deLkwtn52ba92vrdOW8vt2fjxKbNze29Kby3dn9+4OSZD86dnpyZnCmKyfr+Cr2r9pUwf1SO8yu9/b2Phefztj/61ua7/+Wz8fJ/e7S8/MLbyq9brwrLfT5cvqV8/hYbq1z/U3fc0np9N54pP+/osQ/Atu0/2LusBcPj7/6+IB7vp176wdZ+aF7X+roRX9er3P7vzZb3882wXxfDb2a+85bL62tfPv5uhAvvKV/vq95/4W0uPq9/Hp7vd3y/vP+4XfHxfi98H/PtrZ3vd/H4+Oa5ke77b/0Wj/Ph/aQ4X14fl4r7+8KlW3puXvw9JMX5W1uf/0G6n1tX9DCXsvCxhelj8yfOPj59Zm7hzPTCxz5+4PjJsyfOHGj9Ls8DH6q6/eX3p82t96fZud0PFDObiqI4WcyswRvWtdn+5kfL2/5Tjx2e3TNz9+zckUNnj5x57NTc6aOHFxYOz80u3H3oyJG5j1bdfn72oR079+3as3Pq6PzsQ3v37du1b2r+xMnmZpQbVWH3zIenTpw+0LrJwkMP7Nvx4IMPzEwdPzk799CemZmps1W3b31tmmre+renTs8dO3Rm/vjc1ML8x+ce2rFv9+6dlb8N8PipIwuT06fPnpg+uzB3erp8LJNnWhc3v/ZV3Z56WviP8vvZbo3yF/EV77xvd/r9rE1f/eSSd1Uu0vULRJ8Lv4vmn150au9yPo+5fzzMJJP8DwAAADmIuX9DmIn8DwAAALURc//GMBP5HwAAAGoj5v6JMJNM8r/+/7L6/5Xq3/8vr9f/z6v/f+ojZa90vff/Y39e/z8P17n/v+r16//r/9ev/7/8/vzAt//r+v/6/1xvw9b/j7l/U1Fkmf8BAAAgBzH3bw4zkf8BAACgNmLuvyHMRP4HAACA2oi5/wVhJpnkf/3/ZfX/d1YVrurf/3f+f/3/Yn32/+OTo/+fjRX379/7aMen+v+B/r/+fx36/87/r//PdTa+5DXXq/8fc/+NYSaZ5H8AAADIQcz9Lwwzkf8BAACgNmLuvynMRP4HAACA2oi5f0uYSSb5X//f+f/1//X/a93/X+35/9s2Rv9/fXD+//569P9v77mg/v8K+/8T+v/rsf8/PtjtH+7+f+Xm6/9zTQzb+f9j7n9RmEkm+R8AAAByEHP/i8NM5H8AAACojZj7XxJmIv8DAABAbcTcf3OYSSb5X/9f/1//X/9f/7/3+qvP/19+pP8/XPT/+9u2/Qd7u19jPen/O/9/Dv3/AW//cPf/B33+//E3dd9e/59ehq3/H3P/S8NMMsn/AAAAkIOY+28JM5H/AQAAoDZi7n9ZmIn8DwAAALURc//WMJNM8r/+v/6//r/+v/5/7/VX9/9L+v/DRf+/vx7n/+9tmf3/0a7L9f9L+v/6/7Xv//f45lf/n16Grf8fc/+tYSaZ5H8AAADIQcz9t4WZyP8AAABQGzH3/1yYifwPAAAAtRFz/7Ywk0zyv/6//r/+f179//s26P/r/9eb/n9/g+7/O/+//n87/f+M+v89rKT/v7HqzqiNYev/x9z/8jCTTPI/AAAA5CDm/leEmcj/AAAAUBsx998eZiL/AwAAQG3E3D8ZZpJJ/tf/r1f//y/+9qnbC/1//f+K9de0/x8PA/3/zOn/96f/X0H/X/9f/39N+v/kY9j6/zH33xFmkkn+BwAAgBzE3H9nmIn8DwAAALURc/9dYSbyPwAAANRGzP3bw0wyyf/6//Xq/0f6//r//dZf0/5/Mmz9/y+Gqf+/NvT/e2h7ker/V9D/1//Pvv8fv/vV/2cwhq3/H3P/K8NMMsn/AAAAkIOY++8OM5H/AQAAoDZi7n9VmIn8DwAAALURc/89YSaZ5H/9f/1//X/9f/3/3ut3/v/1Sf+/P/3/Cvr/+v/Z9/+d/5/BGrb+f8z9rw4zyST/AwAAQA5i7r83zET+BwAAgNqI/3+z/H+v8j8AAADUUcz9U2EmmeR//X/9/5z6/w39f/1//f/a0//vT/+/gv6//r/+v/4/AzVs/f+Y+18TZpJJ/gcAAIAcxNx/f5iJ/A8AAAC1EXP/dJiJ/A8AAAC1EXP/TJhJJvlf/1//P6f+v/P/d/T/J4pC/1//v370//vT/6+w1v3/4lLrYv3/wbje2z+U/f+i0P/nuhq2/n/M/TvCTDLJ/wAAAJCDmPt3hpnI/wAAAFAbMffvCjOR/wEAAKA2Yu5/IMwkk/yv/6//r/+fbf/f+f/1/2tJ/78//f8Kzv+v/1+3/r/z/3OdDVv/P+b+B8NMMsn/AAAAkIOY+3eHmcj/AAAAUBsx9+8JM5H/AQAAoDZi7t8bZpJJ/tf/r0n//3f/sWPd+v/6//3WP5j+/yb9/zD1/4dLTfv/3S+Lq6b/X0H/X/9f/1//n4Eatv5/zP37wkwyyf8AAACQg5j7XxtmIv8DAABAbcTc//NhJvI/AAAA1EbM/b8QZpJJ/tf/r0n/v4v+v/5/v/U7/7/+f53VtP8/MPr/FfT/9f/1//X/Gahr3/+PHy2v/x9z/0NhJpnkfwAAAMhBzP2/GGYi/wMAAEBtxNz/ujAT+R8AAABqI+b+/WEmmeR//X/9f/1//f9r0/9/XdFtGPv/zYNH/79eVtu/b+j/l/T/9f/1//X/9f8ZgGE7/3/M/a8PM8kk/wMAAEAOYu5/OMxE/gcAAIDaiLn/DWEm8j8AAADURmfuzy//6//r/+v/6/87/3/v9ev/r0/O/9+f/n8F/X/9f/1//X8Gatj6/29s3WqieFOYSSb5HwAAAHIQc/+bw0zkfwAAAKiNmPvfEmYi/wMAAEBtxNz/1jCTTPK//r/+v/6//n92/f+JQv+/xvT/+9P/r6D/r/+v/6//z0ANW/8/5v5fCjPJJP8DAABADmLufyTMRP4HAACA2oi5/21hJvI/AAAA1EbM/W8PM8kk/+v/6//r/+v/Z9f/d/7/WtP/70//v8IQ9P+bX9P0/9fn9uv/6/9zpWHr/8fc/44wk0zyPwAAAOQg5v5fDjOR/wEAAKA2Yu5/Z5iJ/A8AAAC1EXP/r4SZZJL/9f/1//X/9f+z6P83b6T/nwX9//70/yv06P9vdP5//X/9f/1/rtqw9f9j7n9XmEkm+R8AAAByEHP/u8NM5H8AAACojZj73xNmIv8DAABAbcTc/2iYSSb5X/8/y/5/esj6/yX9/wz6/87/nw39//70/ysMwfn/9f/X7/br/+v/c6Vh6//H3P9YmEkm+R8AAAByEHP/e8NM5H8AAACojZj7fzXMRP4HAACA2oi5/31hJpnkf/3/LPv/zv+/Zv3/sY7jI6f+/0Tb85mOS/1//f81oP/fn/5/Bf1//f9h7v+Ho3nTErfX/2cYDVv/P+b+94eZZJL/AQAAIAcx9/9amIn8DwAAALURc/+vh5nI/wAAAFAbMff/RphJJvlf/1//X//f+f+d/7/3+vX/1yf9//70/yvo/+v/D3P/v4L+P8No2Pr/Mff/ZphJRfDr/v4UAAAAGF4x938gzCSTf/8HAACAHMTcfyDMRP4HAACA2oi5/2CYSSb5X/+/u/8fz6iq/6//r/+v/6//vx4Nrv//shuLQv9f/1//X/9f/1//n9UYtv5/zP2Hwkwyyf8AAACQg5j7fyvMRP4HAACA2oi5/3CYifwPAAAAtRFz/2yYSSb5X//f+f8H1f//mf6//n+g/9+b/v/acP7//vT/K+j/6//r/+v/M1DD1v+PuX8uzCST/A8AAAA1ln4cHHP/kTAT+R8AAABqI+b+o2Em8j8AAADURsz9HwwzyST/6//r/zv///Xo/491LK//X9L/1/8fBP3//vT/K+j/6//r/+v/M1DD1v+PuX8+zCST/A8AAAA5iLn/Q2Em8j8AAADURsz9Hw4zkf8BAACgNmLuPxZmkkn+1//X/8+9/98oivPO/6//32v9+v/rk/5/f/r/FfT/9f/1//X/Gahh6//H3H88zCST/A8AAAA5iLn/RJiJ/A8AAAC1EXP//7N3H01yndcdh9ssksCs7I/gtVde2it/BW+9c5XWKiUqB4rKWaJyDlTOOScq55wzlXOkIqUqqDg45xCDbtwGMI3pe9/zPJujQQHqHqIF6S/Ur+5d4hb7HwAAAIaRu/+ucUuT/a//1/937/9Xe3n+/9Gfr/8/S/+v/9+Ftf7+6kv79Rfs///zv677f/2//l//P0n/r//X/3O+ufX/ufvvFrc02f8AAADQQe7+u8ct9j8AAAAMI3f/PeIW+x8AAACGkbv/urilyf7X/+v/9f/6/yP9/836f/3/snn+/zT9/xb6f/2//l//z07Nrf/P3X/PuKXJ/gcAAIAOcvffK26x/wEAAGAYufvvHbfY/wAAADCM3P33iVua7H/9/+z7/9P6f/2/5//r//X/F0//P03/v4X+X/+v/9f/s1Nz6/9z9983bmmy/wEAAKCD3P33i1vsfwAAABhG7v77xy32PwAAAAwjd/8D4pYm+1//P/v+3/P/9f/6f/2//v8S3LS6488E/f86/f8WW/r/1Ur/P+Wi+/nN395y3v8F6P/1/6ybW/+fu/+BcUuT/Q8AAAAd5O5/UNxi/wMAAMAwcvdfH7fY/wAAADCM3P0Pjlua7H/9v/5f/6//1/9vfn39/zJ5/v+04/f///Fvd75T3/7f8/+nef6//l//z/nm1v/n7r8hbmmy/wEAAKCD3P0PiVvsfwAAABhG7v6Hxi32PwAAAAwjd//D4pYm+1//36b/P6xd9P/6f/2//n90+v9pnv+/xeEfcwf1pf5f/6//1/9zPHPr/3P3PzxuabL/AQAAoIPc/Y+IW+x/AAAAGEbu/kfGLfY/AAAADCN3/6Pilib7X//fpv/3/H/9v/5f/9+C/n+a/n+LUZ7/f5mfmn3388e17/ev/9f/s25u/X/u/kfHLU32PwAAAHSQu/8xcYv9DwAAAMPI3f/YuMX+BwAAgGHk7n9c3NJk/+v/9f/L6P/zFebX/x+s9P/6f/3/nOj/p+n/txil/79M++7nl/7+9f/6f9bNrf/P3f/4uKXJ/gcAAIAOcvc/IW6x/wEAAGAYufufGLfY/wAAADCM3P1Pilua7H/9v/5/Gf2/5//r//X/+v+Lo/+fpv/fYtn9/yV/3s63735+6e9f/6//Z93c+v/c/TfGLU32PwAAAHSQu//JcYv9DwAAAMPI3f+UuMX+BwAAgGHk7n9q3NJk/+v/9f/6f/2//n/z6+v/l0n/P03/v8Wy+/9j23c/v/T3r//X/7NuRv3/Ob/q9OppcUuT/Q8AAAAd5O5/etxi/wMAAMAwcvc/I26x/wEAAGAYufufGbc02f/6/9n0/4c531j9/8FqtdL/r5r2/wfn/H7W51L/r/8/Afr/afr/LfT/+n/9v/6fnZpR/3/4de7+Z8UtTfY/AAAAdJC7/9lxi/0PAAAAw8jd/5y4xf4HAACAYeTuf27c0mT/6/9n0/8fGqv/9/z/8z8fnfp/z/9fp/8/GTPt/6+92NfX/+v/9f/Lff/6f/0/6+bW/+fuf17cdO01l/0tAgAAADOTu//5cUuTv/8HAACADnL3vyBusf8BAABgoW5c+5Hc/S+MW5rsf/3/bvv/cwNP/b/+//zPh/5f/6//v/Jm2v9fNP2//l//v9z3r//X/7Nubv1/7v4XxS1N9j8AAAB0kLv/prjF/gcAAIBh5O5/cdxi/wMAAMAwcve/JG5psv/1/57/r//X/+v/N7++/n+Z9P/T5t3/n6k/TvT/+v8lvv8d9P+n7viX+n/GcAn9/5kzZ66/4v1/7v6Xxi1N9j8AAAB0kLv/ZXGL/Q8AAADDyN3/8rjF/gcAAIBh5O5/RdzSZP/r/5v2//lR1/8f0v/r/ze9vv5/mfT/0+bd/3v+v/5/2e/f8//1/6yb2/P/c/e/Mm5psv8BAACgg9z9r4pb7H8AAAAYRu7+V8ct9j8AAAAMI3f/a+KWJvtf/9+0//f8f/2//v+k+//bVvr/E7GI/v/gwq8/9/7/Bv2//n9Cu/7/f//7yJf6f/0/6+bW/+fuf23c0mT/AwAAQAe5+18Xt9j/AAAAMIzc/a+PW+x/AAAAGEbu/jfETVc32f/6f/2//l//r//f/Pon/Pz/a1erlf5/BxbR/0+Ye//v+f/6/ynt+v/z6P/1/6ybW/+fu/+NcUuT/Q8AAAAd5O5/U9xi/wMAAMAwcve/OW6x/wEAAGAYufvfErc02f/6f/3/le7/b//M6P/P0v/vqf+/YRH9v+f/74j+f5r+fwv9v/5f/6//50Tsq//P3f/WuKXJ/gcAAIAOcve/LW6x/wEAAGAYufvfHrfY/wAAADCM3P3viFua7H/9v/7f8//1/6dm1/+fPvLv1+T5//r/HdH/T9P/b6H/1//r/2/U/7NLc3v+f+7+d8YtTfY/AAAAdJC7/11x6/+6tf8BAABgGLn73x232P8AAAAwjNz974lbmux//b/+X/+v/x/++f/6/1b0/9P0/1vo//X/+n/P/2en5tb/5+5/b9zSZP8DAABAB7n73xe32P8AAAAwjNz9749b7H8AAAAYRu7+m+OWJvtf/6//1//r//X/Z38P9f9j0P9PO5n+/0D/r/+vfv5f4j8F+n/9/7Zfz5jm1v/n7v9A3NJk/wMAAEAHufs/GLfY/wAAADCM3P0filvsfwAAAFikqzf8WO7+D8ctTfa//l//r//X/+v/N7++/n+Z9P/TPP9/C/3/Jfbz/37kq6U9///8//7S/+v/2b399/9n/xdbfp27/yNxS5P9DwAAAB3k7v9o3GL/AwAAwDBy938sbrH/AQAAYBi5+z8etzTZ//p//b/+X/+v/9/8+vr/ZdL/T9P/b6H/3+vz85f+/vX/+n/W7b//P/p17v5PxC1N9j8AAAB0kLv/k3GL/Q8AAADDyN3/qbjF/gcAAIBhHO7+jMsa7n/9v/5f/6//1/9vfn39/zLp/6fp/7fQ/+v/9f/6f3Zqbv3/pw9/1enVZ+KWJvsfAAAAOsjd/9m4xf4HAACAYeTu/1zcYv8DAADAMHL3fz5uabL/G/T/pzb9NP3/0vr/M2fOXK//1/8f/X7u6P9v0f9T9P/T9P9b6P/1//p//T87Nbf+P3f/F+KWJvsfAAAAOsjd/8W4xf4HAACAYeTu/1LcYv8DAADAMHL3fzluabL/G/T/G82q/z+t//f8f/3/yvP/9f87ov+fpv/fYsT+//TFf/v77uePa9/vX/+v/2fd3Pr/3P1fiVua7H8AAADoIHf/V+MW+x8AAACGkbv/a3GL/Q8AAADDyN3/9bhlcft/U4G+nf7/5Pr/2//ZdXn+/8Fq8/vX/+v/9f/6/ytN/z9N/7/FiP3/Jdh3P7/096//1/+zbm79f+7+b8Qti9v/AAAAwIXk7v9m3GL/AwAAwDBy938rbrH/AQAAYBi5+78dtzTZ//r/GTz/f8D+3/P/N38+9P+z7v+v0v+PQf8/Tf+/hf5f/6//31H/n59m/X93c+v/c/d/J25psv8BAACgg9z9341b7H8AAAAYRu7+78Ut9j8AAAAMI3f/LXHLOfv/8p6svwz6f/2//l//r//f/Pr6/2XS/0+72P7/1Op4/X/S/+v/9f9d+3/P/+esufX/ufu/H7f4+38AAABYnGsu8OO5+38Qt9j/AAAAMIzc/T+MW+x/AAAAGEbu/h/FLbdeta+3dKL0//p//b/+X/+/+fX1/8um/9/M8/+30P/vop//H/3/GP3/aqX/5/jm1v/n7v9x3OLv/wEAAGAYuft/ErfY/wAAADCM3P0/jVvsfwAAABhG7v6fxS1N9r/+X/9/zP7/MM3U/5+l/z9L/7+Z/v9keP7/NP3/Fvp/z//X/3v+Pzs1t/4/d//P45Ym+x8AAAA6yN3/i7jF/gcAAIBh5O7/Zdxi/wMAAMAwcvf/Km5psv/31v/HP2r9/+L7f8//1//r//X/s6L/n6b/30L/r//X/+v/2am59f+5+38dtzTZ/wAAANBB7v7fxC32PwAAAAwjd/9v4xb7HwAAAIaRu/93cUuT/e/5//p//b/+X/+/+fX1/8uk/5+m/9+sfqP0//p//b/+n52aW/+fu//3cUuT/Q8AAAAd5O7/Q9xi/wMAAMAwcvffGrfY/wAAADCM3P1/jFua7H/9v/5f/6//1/9vfn39/zLp/6fts///v3/d/rKe/7/3/j/fgv5f/6//Zyfm1v/n7v9T3NJk/wMAAEAHufv/HLfY/wAAADCM3P1/iVvsfwAAABhG7v6/xi1N9v+W/v9U/UT9/yT9/9H3r//f/PnQ/x+7/z9Y6f/1/1vo/6d5/v8W+n/P/9f/6//Zqbn1/7n7/xa3NNn/AAAA0EHu/tviFvsfAAAAhpG7/+9xi/0PAAAAw8jd/4+4pcn+9/x//b/+X/+/oP7/yPej/9f/b6L/n6b/30L/r//X/+v/2am59f+5+/8ZAAD///ZFSMI=")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1)

4m16.921224655s ago: executing program 32 (id=5474):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2010880, &(0x7f0000000740)=ANY=[@ANYBLOB='iocharset=cp737,umask=0\x00\x00\x00\x00\x00\x00\x00@0800d=', @ANYRESHEX=0x0, @ANYBLOB=',integrity,errors=continue,discard,noquota\x00iocharset=cp850,grpquota,usrquota,uid=', @ANYRESHEX=0x0, @ANYBLOB=',quota,gid=', @ANYRESHEX=0x0, @ANYRESHEX, @ANYRESHEX=0x0, @ANYBLOB=',errors=continue,subj_type=+-]{.&Q.,fowner=', @ANYRESDEC=0x0, @ANYBLOB=',measure,\x00'], 0x5, 0x615b, &(0x7f0000008b40)="$eJzs3UuPHFfZB/Cnr3PJm2SURZTXQmjihEsI8TUYQ4A4C1iwyQJ5i2xNJpGFA8g2yIksPGg2LFjxCUBILBFiiVjwAbJgyy4rVkSykUBZUahmzvFUt7vdY8bT1TPn95PG1U+d6u5T/e/qi6uqTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8d3vfO9sJyKu/DTNWIv4v+hFdCNW6no9IlbW1/Ly/Yh4IXaa4/mIGCxF1Nff+efZiNcj4qNnIu7dv7NRzz63z358+w9/++33n3r7r78fnP73H2/13pi23O3bv/zXn+4ebJ0BAACgNFVVVZ30Nf9E+n7fbbtTAMBc5Pf/KsnzF6buHtLt/+rvb/95EdZPrVar1eo51k3VZHebRURsNa9Tf2awOx4Ajpit+LTtLtAi+RetHxFPtd0JYKF12u4Ah+Le/TsbnZRvp/l+sL7bno8FGcl/q/Pg/I5p01nGjzGZ1/NrO3rx3JT+rMypD4sk598dz//KbvswLXfY+c/LtPyHu6c+FSfn3xvPf8zxyb87Mf9S5fz7j5V/T/4AAAAAALDA8v//r7W8/3fp4KuyL4/a/7s+pz4AAAAAAAAAwJN20PH/HjD+HwAAACys+rt67dfP7M2b9lts9fzLnYinx5YHCpNOllltux8AAAAAAAAAAAAAUJL+7jG8lzsRg4h4enW1qqr6r2m8flwHvf5RV/r6Q8nafpEHAIBdHz0zdi5/J2I5Ii6n3/obrK6uVtXyymq1Wq0s5c+zw6XlaqXxvTZP63lLw318IO4Pq/rGlhvXa5r1fXlW+/jt1fc1rHr76NgTMkiP5pTmlsIGgGT33eied6RjpqqenfbhA0bY/o8f2z/70fbzFAAAADh8VVVVnfRz3ifSPv9u250CAOYiv/+P7xc4lDricG9frVYf97qzYP1Rq49c3VRNdrdZRMRW8zr1ZwbD8QPAEbMVn7bdBVok/6L1I+KFtjsBLLRO2x3gUNy7f2ejk/LtNN8P0vju+ViQkfy3OjvXy9efNJ1l/BiTeT2/tqMXz03pz/Nz6sMiyfl3x/O/sts+TMsddv7zMi3/ej3XWuhP23L+vfH8xxyf/LsT8y9Vzr//WPn35A8AAAAAAAss////mv2/eZUBAAAAAAAA4Mi5d//ORj7vNe///8yE5Zz/eTzl/DvyL1LOvzuW/xfHlus1Ln/y1l7+/7x/Z+N3t/7x/3m63/yX8oVOemZ10jOik+6p00/Tg6zdw7YHvWF9T4NOt9dPx/xUg3fjWlyPzTgzsmw3PR577WdH2uueDkbaz4209x9qPz/SPki/O1Ct5PZTsRE/iuvxzk573bY0Y/2XZ7RXM9pz/j3bf5Fy/v3GX53/amrvjE2jsWk2t/vmdNL9XLr22V+cOeR12Y/t6D1Yt6Z6/U620J+dx+SpYfzk5uaNU7ev3rp142ykycjcc5EmT1jOf7Dzt7T3+v/Sbnt+3W9ur5/8fPjQ6/6s/BfFdvSn5v9S43K9vq/MuW9tyPkP01/O/53UPmn7P9r5T9/+X22hPwAAAAAAAAAAAAAAAPAoVVXtnCJ6KSIupPN/2jo3EwCYr/z+XyV5vlqtVqvV7dYfD5tz2u/P8aibqsnebBYR8ZfmderPDD+bdGMAwCL7T0R83HYnaI38C5Z/76+evtx2Z4C5uvnBhz+4ev365o2bbfcEAAAAAAAAAPhf5fE/1xvjP78cEWtjy42M//pWrB90/M9+vvBggNEnPND3FNvdYa/bGG78xdgZn/vUtPG/T8ajx//uz7i/wYz24Yz2pRntyxPn7qU18USPhpz/i43xzuv8T4wNv17C+K/jY96XIOd/svF8rvP/wthyzfyr3yxc/lv7XXA7uiP5n771/o9P3/zgw9euvX/1vc33Nn94/uzZM+cvXLh48eLpd69d3zyz++/h9HoB5Pzz2NeOAy1Lzj9nLv+y5Pw/l2r5lyXn//lUy78sOf/8eU/+Zcn55+8+8i9Lzv+VVMu/LDn/L6Va/mXJ+b+aavmXJef/5VTLvyw5/9dSLf+y5PxPpVr+Zcn5n071PvL38/DHSM4/7+Gy/Zcl55+PbJB/WXL+51It/7Lk/M+nWv5lyfm/nmr5lyXn/5VUy78sOf8LqZZ/WXL+X021/MuS87+YavmXJef/tVTLvyw5/6+nWv5lyfm/kWr5lyXn/41Uy78sOf9vplr+Zcn5fyvV8i9Lzv/NVMu/LHu//1/uhUvpsViU/rjgQvsXWn5hAgAAAAAAAAAAAAAeMo/DidteRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe/cWI9dd3wH8zF7stUOIgRCc1JBNYkJIluzaTnyhTTHh2gClQEKhF2zXuzYLvuG1S6BINg2USBgVVVRNH2gBoTZSVWEhHmhFaR6qXp5K+0BfKqpKSI1QQAYJqa1otpo5///fM+PZObve8Xr2/D8fyf7tzpyZc+bMmdn9rv3dAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAuzveMPeZRlEUzT+tv7YUxQuaH2+a3NK67LXXewsBAACA1fq/1t+XbkoX7F/GjdqW+YdX/PM3FhcXF4v3jf7h+BcWF9MVk0UxvrEoWtdFF//z/Y32ZYInionGSNvnIxWrH624fqzi+vGK6zdUXL+x4vqJiuuv2AFX2FT+PKZ1Z9tbH24pd2lxczHeum57j1s90dg4MhJ/ltPSaN1mcfxIMV8cK+aKmY7ly2UbreW/dUdzXW8t4rpG2ta1rXmE/PgTh+M2NMI+3t6xrsv3Gf3w9cXkT378icN/dua5W3vNyt3QcX/ldt5zZ3M7PxUuKbe1UWxM+yRu50jbdm7r8ZyMdmxno3W75sfd23lpmds5enkz11T3cz5RjLQ+/k5rP421/1gv7adt4bL/vqsoivOXN7t7mSvWVYwUmzsuGbn8/EyUR2TzPpqH0ouLsRUdp3cs4zhtztntncdp92siPv93hNuNLbEN7U/TDz+54YrnfaXHadR81Eu9VrqPwUG/VoblGIzHxXdaD/rJnsfg9vD4P3H30sdgz2OnxzGYHnfbMXhn1TE4smG0tc3pSWi0bnP5GNzRsfxoa02N1nz27v7H4PSZ46emFz728dfMHz90dO7o3IldO3bM7Nq9e+/evdNH5o/NzZR/X+XeHn6bi5H0Grgz7Lv4GnhV17Lth+rilwf3Opzo8zrc0rXsoF+HY90PrrE2L8grj+nytfFoc6dPXBgplniNtZ6fe1f/OkyPu+11ONb2Ouz5NaXH63BsGa/D5jKn7l3e9yxjbX96bcO1+lqwpe0Y7P5+pPsYHPT3I8NyDE6E4+Lf7136a8G2sL1PTq30+5HRK47B9HDDe0/zkvT9/sTe1uh1XN7WvOKGDcXZhbnT9z9+6MyZ0zuKMNbES9qOle7jdXPbYyquOF5HVny87p9/xZO39bh8S9hXE69p/jWx5HPVXOaB+/s/V62vbr33Z8elO4swBmyt92evr+bN/ZmyZJ/92VzmU9Or/1485dK299/xJd5/Y+5/vlxfuqsnRsfHytfvaNo74x3vx51P1VjrvavRWvel6eW9H4+HP2v9fnxzn/fjrV3LDvr9eLz7wcX340bVTztWp/v5nAjHybGZ/u/HzWW27lzpMTnW9/34rjAbYf+/OiSFlIvajp2ljtu0rrGx8fC4xuIaOo/TXR3Lj4ds1lzX0zuv7ji9567yvkbTo7tsrY7Tya5lB32cpverpY7TRtVP365O9/M5EY6Lm3f1P06byzzzwOrfOzfFD9veOzdUHYPjoxua2zyeDsLy/X5xUzwG7y8OFyeLY8Vs69oNreOp0VrX1IPLOwY3hD9r/V65tc8xeE/XsoM+BtPXsaWOvcbYlQ9+ALqfz4lwXDz1YP9jsLnMG/cM9nvXe8IlaZm27127f7621M+8buvaTdfyZ17N7fy7Pf1/Nttc5tjelebM/vvpvnDJDT32U/frd6nX1GyxNvtpa9jO5/YuvZ+a29Nc5gv7lnk87S+K4txHHm79vDf8+8rXz373Gx3/7tLr33TOfeThH9145O9Xsv0ArH/Pl2Nz+bWu7V+mlvPv/wAAAMC6EHP/SJiJ/A8AAAC1EXN//F/hifwPAAAAtRFz/1iYSSb5f+sbn5t//lyRmvmLQbw+7YZHyuVix3UmfD65eFnz8oe/OvfTvz63vHWPFEXxs0d+p+fyWx+J21WaDNt58U2dl195w3PLWv/Bxy4v195f/1K4//h4wuOv+lWKPSu4M0VRfOumz7XWM/n+C635zCMHW/Pd5598ornMpX3l5/H2z76kXP6Lofy7/8ihjts/G/bD98OceVvv/RFv97ULr962572X1xdv17jzha2H/dQHyvuND/DzT5TLx/281Pb/zWef/lpz+cdf2Xv7z4303v6nw/1+Ncz/eXm5fPtz0Pw83u7TYfvj+uLt7v/Kt3tu/8XPlMufenO53MEw4/rvCZ9vf/Nz8+376/HGoY7HVbylXC6uf+a7v9+6Pt5fvP/u7Z84cKFjf3QfH8/8a3k/013Lx8vjeqK/6lp/837aj8+4/qd/72DHfq5a/8V3P/vy5v12r/++ruVGu27f/Rub/uTTn+u5vrg9+//yVMfj2f+u8DoO63/qA+F4DNf/78XPdaw3OviuzvefuPyXtpzreDzRW39Srv/i64625n9N/vSPb3jBjS88f3tz3xXFd95T3l/V+o/+6cmO7f/yLfe2no94fezod69/KXH9pz86deLkwtn52ba92vrdOW8vt2fjxKbNze29Kby3dn9+4OSZD86dnpyZnCmKyfr+Cr2r9pUwf1SO8yu9/b2Phefztj/61ua7/+Wz8fJ/e7S8/MLbyq9brwrLfT5cvqV8/hYbq1z/U3fc0np9N54pP+/osQ/Atu0/2LusBcPj7/6+IB7vp176wdZ+aF7X+roRX9er3P7vzZb3882wXxfDb2a+85bL62tfPv5uhAvvKV/vq95/4W0uPq9/Hp7vd3y/vP+4XfHxfi98H/PtrZ3vd/H4+Oa5ke77b/0Wj/Ph/aQ4X14fl4r7+8KlW3puXvw9JMX5W1uf/0G6n1tX9DCXsvCxhelj8yfOPj59Zm7hzPTCxz5+4PjJsyfOHGj9Ls8DH6q6/eX3p82t96fZud0PFDObiqI4WcyswRvWtdn+5kfL2/5Tjx2e3TNz9+zckUNnj5x57NTc6aOHFxYOz80u3H3oyJG5j1bdfn72oR079+3as3Pq6PzsQ3v37du1b2r+xMnmZpQbVWH3zIenTpw+0LrJwkMP7Nvx4IMPzEwdPzk799CemZmps1W3b31tmmre+renTs8dO3Rm/vjc1ML8x+ce2rFv9+6dlb8N8PipIwuT06fPnpg+uzB3erp8LJNnWhc3v/ZV3Z56WviP8vvZbo3yF/EV77xvd/r9rE1f/eSSd1Uu0vULRJ8Lv4vmn150au9yPo+5fzzMJJP8DwAAADmIuX9DmIn8DwAAALURc//GMBP5HwAAAGoj5v6JMJNM8r/+/7L6/5Xq3/8vr9f/z6v/f+ojZa90vff/Y39e/z8P17n/v+r16//r/9ev/7/8/vzAt//r+v/6/1xvw9b/j7l/U1Fkmf8BAAAgBzH3bw4zkf8BAACgNmLuvyHMRP4HAACA2oi5/wVhJpnkf/3/ZfX/d1YVrurf/3f+f/3/Yn32/+OTo/+fjRX379/7aMen+v+B/r/+fx36/87/r//PdTa+5DXXq/8fc/+NYSaZ5H8AAADIQcz9Lwwzkf8BAACgNmLuvynMRP4HAACA2oi5f0uYSSb5X//f+f/1//X/a93/X+35/9s2Rv9/fXD+//569P9v77mg/v8K+/8T+v/rsf8/PtjtH+7+f+Xm6/9zTQzb+f9j7n9RmEkm+R8AAAByEHP/i8NM5H8AAACojZj7XxJmIv8DAABAbcTcf3OYSSb5X/9f/1//X/9f/7/3+qvP/19+pP8/XPT/+9u2/Qd7u19jPen/O/9/Dv3/AW//cPf/B33+//E3dd9e/59ehq3/H3P/S8NMMsn/AAAAkIOY+28JM5H/AQAAoDZi7n9ZmIn8DwAAALURc//WMJNM8r/+v/6//r/+v/5/7/VX9/9L+v/DRf+/vx7n/+9tmf3/0a7L9f9L+v/6/7Xv//f45lf/n16Grf8fc/+tYSaZ5H8AAADIQcz9t4WZyP8AAABQGzH3/1yYifwPAAAAtRFz/7Ywk0zyv/6//r/+f179//s26P/r/9eb/n9/g+7/O/+//n87/f+M+v89rKT/v7HqzqiNYev/x9z/8jCTTPI/AAAA5CDm/leEmcj/AAAAUBsx998eZiL/AwAAQG3E3D8ZZpJJ/tf/r1f//y/+9qnbC/1//f+K9de0/x8PA/3/zOn/96f/X0H/X/9f/39N+v/kY9j6/zH33xFmkkn+BwAAgBzE3H9nmIn8DwAAALURc/9dYSbyPwAAANRGzP3bw0wyyf/6//Xq/0f6//r//dZf0/5/Mmz9/y+Gqf+/NvT/e2h7ker/V9D/1//Pvv8fv/vV/2cwhq3/H3P/K8NMMsn/AAAAkIOY++8OM5H/AQAAoDZi7n9VmIn8DwAAALURc/89YSaZ5H/9f/1//X/9f/3/3ut3/v/1Sf+/P/3/Cvr/+v/Z9/+d/5/BGrb+f8z9rw4zyST/AwAAQA5i7r83zET+BwAAgNqI/3+z/H+v8j8AAADUUcz9U2EmmeR//X/9/5z6/w39f/1//f/a0//vT/+/gv6//r/+v/4/AzVs/f+Y+18TZpJJ/gcAAIAcxNx/f5iJ/A8AAAC1EXP/dJiJ/A8AAAC1EXP/TJhJJvlf/1//P6f+v/P/d/T/J4pC/1//v370//vT/6+w1v3/4lLrYv3/wbje2z+U/f+i0P/nuhq2/n/M/TvCTDLJ/wAAAJCDmPt3hpnI/wAAAFAbMffvCjOR/wEAAKA2Yu5/IMwkk/yv/6//r/+fbf/f+f/1/2tJ/78//f8Kzv+v/1+3/r/z/3OdDVv/P+b+B8NMMsn/AAAAkIOY+3eHmcj/AAAAUBsx9+8JM5H/AQAAoDZi7t8bZpJJ/tf/r0n//3f/sWPd+v/6//3WP5j+/yb9/zD1/4dLTfv/3S+Lq6b/X0H/X/9f/1//n4Eatv5/zP37wkwyyf8AAACQg5j7XxtmIv8DAABAbcTc//NhJvI/AAAA1EbM/b8QZpJJ/tf/r0n/v4v+v/5/v/U7/7/+f53VtP8/MPr/FfT/9f/1//X/Gahr3/+PHy2v/x9z/0NhJpnkfwAAAMhBzP2/GGYi/wMAAEBtxNz/ujAT+R8AAABqI+b+/WEmmeR//X/9f/1//f9r0/9/XdFtGPv/zYNH/79eVtu/b+j/l/T/9f/1//X/9f8ZgGE7/3/M/a8PM8kk/wMAAEAOYu5/OMxE/gcAAIDaiLn/DWEm8j8AAADURmfuzy//6//r/+v/6/87/3/v9ev/r0/O/9+f/n8F/X/9f/1//X8Gatj6/29s3WqieFOYSSb5HwAAAHIQc/+bw0zkfwAAAKiNmPvfEmYi/wMAAEBtxNz/1jCTTPK//r/+v/6//n92/f+JQv+/xvT/+9P/r6D/r/+v/6//z0ANW/8/5v5fCjPJJP8DAABADmLufyTMRP4HAACA2oi5/21hJvI/AAAA1EbM/W8PM8kk/+v/6//r/+v/Z9f/d/7/WtP/70//v8IQ9P+bX9P0/9fn9uv/6/9zpWHr/8fc/44wk0zyPwAAAOQg5v5fDjOR/wEAAKA2Yu5/Z5iJ/A8AAAC1EXP/r4SZZJL/9f/1//X/9f+z6P83b6T/nwX9//70/yv06P9vdP5//X/9f/1/rtqw9f9j7n9XmEkm+R8AAAByEHP/u8NM5H8AAACojZj73xNmIv8DAABAbcTc/2iYSSb5X/8/y/5/esj6/yX9/wz6/87/nw39//70/ysMwfn/9f/X7/br/+v/c6Vh6//H3P9YmEkm+R8AAAByEHP/e8NM5H8AAACojZj7fzXMRP4HAACA2oi5/31hJpnkf/3/LPv/zv+/Zv3/sY7jI6f+/0Tb85mOS/1//f81oP/fn/5/Bf1//f9h7v+Ho3nTErfX/2cYDVv/P+b+94eZZJL/AQAAIAcx9/9amIn8DwAAALURc/+vh5nI/wAAAFAbMff/RphJJvlf/1//X//f+f+d/7/3+vX/1yf9//70/yvo/+v/D3P/v4L+P8No2Pr/Mff/ZphJRfDr/v4UAAAAGF4x938gzCSTf/8HAACAHMTcfyDMRP4HAACA2oi5/2CYSSb5X/+/u/8fz6iq/6//r/+v/6//vx4Nrv//shuLQv9f/1//X/9f/1//n9UYtv5/zP2Hwkwyyf8AAACQg5j7fyvMRP4HAACA2oi5/3CYifwPAAAAtRFz/2yYSSb5X//f+f8H1f//mf6//n+g/9+b/v/acP7//vT/K+j/6//r/+v/M1DD1v+PuX8uzCST/A8AAAA1ln4cHHP/kTAT+R8AAABqI+b+o2Em8j8AAADURsz9HwwzyST/6//r/zv///Xo/491LK//X9L/1/8fBP3//vT/K+j/6//r/+v/M1DD1v+PuX8+zCST/A8AAAA5iLn/Q2Em8j8AAADURsz9Hw4zkf8BAACgNmLuPxZmkkn+1//X/8+9/98oivPO/6//32v9+v/rk/5/f/r/FfT/9f/1//X/Gahh6//H3H88zCST/A8AAAA5iLn/RJiJ/A8AAAC1EXP//7N3H01yndcdh9ssksCs7I/gtVde2it/BW+9c5XWKiUqB4rKWaJyDlTOOScq55wzlXOkIqUqqDg45xCDbtwGMI3pe9/zPJujQQHqHqIF6S/Ur+5d4hb7HwAAAIaRu/+ucUuT/a//1/937/9Xe3n+/9Gfr/8/S/+v/9+Ftf7+6kv79Rfs///zv677f/2//l//P0n/r//X/3O+ufX/ufvvFrc02f8AAADQQe7+u8ct9j8AAAAMI3f/PeIW+x8AAACGkbv/urilyf7X/+v/9f/6/yP9/836f/3/snn+/zT9/xb6f/2//l//z07Nrf/P3X/PuKXJ/gcAAIAOcvffK26x/wEAAGAYufvvHbfY/wAAADCM3P33iVua7H/9/+z7/9P6f/2/5//r//X/F0//P03/v4X+X/+v/9f/s1Nz6/9z9983bmmy/wEAAKCD3P33i1vsfwAAABhG7v77xy32PwAAAAwjd/8D4pYm+1//P/v+3/P/9f/6f/2//v8S3LS6488E/f86/f8WW/r/1Ur/P+Wi+/nN395y3v8F6P/1/6ybW/+fu/+BcUuT/Q8AAAAd5O5/UNxi/wMAAMAwcvdfH7fY/wAAADCM3P0Pjlua7H/9v/5f/6//1/9vfn39/zJ5/v+04/f///Fvd75T3/7f8/+nef6//l//z/nm1v/n7r8hbmmy/wEAAKCD3P0PiVvsfwAAABhG7v6Hxi32PwAAAAwjd//D4pYm+1//36b/P6xd9P/6f/2//n90+v9pnv+/xeEfcwf1pf5f/6//1/9zPHPr/3P3PzxuabL/AQAAoIPc/Y+IW+x/AAAAGEbu/kfGLfY/AAAADCN3/6Pilib7X//fpv/3/H/9v/5f/9+C/n+a/n+LUZ7/f5mfmn3388e17/ev/9f/s25u/X/u/kfHLU32PwAAAHSQu/8xcYv9DwAAAMPI3f/YuMX+BwAAgGHk7n9c3NJk/+v/9f/L6P/zFebX/x+s9P/6f/3/nOj/p+n/txil/79M++7nl/7+9f/6f9bNrf/P3f/4uKXJ/gcAAIAOcvc/IW6x/wEAAGAYufufGLfY/wAAADCM3P1Pilua7H/9v/5/Gf2/5//r//X/+v+Lo/+fpv/fYtn9/yV/3s63735+6e9f/6//Z93c+v/c/TfGLU32PwAAAHSQu//JcYv9DwAAAMPI3f+UuMX+BwAAgGHk7n9q3NJk/+v/9f/6f/2//n/z6+v/l0n/P03/v8Wy+/9j23c/v/T3r//X/7NuRv3/Ob/q9OppcUuT/Q8AAAAd5O5/etxi/wMAAMAwcvc/I26x/wEAAGAYufufGbc02f/6/9n0/4c531j9/8FqtdL/r5r2/wfn/H7W51L/r/8/Afr/afr/LfT/+n/9v/6fnZpR/3/4de7+Z8UtTfY/AAAAdJC7/9lxi/0PAAAAw8jd/5y4xf4HAACAYeTuf27c0mT/6/9n0/8fGqv/9/z/8z8fnfp/z/9fp/8/GTPt/6+92NfX/+v/9f/Lff/6f/0/6+bW/+fuf17cdO01l/0tAgAAADOTu//5cUuTv/8HAACADnL3vyBusf8BAABgoW5c+5Hc/S+MW5rsf/3/bvv/cwNP/b/+//zPh/5f/6//v/Jm2v9fNP2//l//v9z3r//X/7Nubv1/7v4XxS1N9j8AAAB0kLv/prjF/gcAAIBh5O5/cdxi/wMAAMAwcve/JG5psv/1/57/r//X/+v/N7++/n+Z9P/T5t3/n6k/TvT/+v8lvv8d9P+n7viX+n/GcAn9/5kzZ66/4v1/7v6Xxi1N9j8AAAB0kLv/ZXGL/Q8AAADDyN3/8rjF/gcAAIBh5O5/RdzSZP/r/5v2//lR1/8f0v/r/ze9vv5/mfT/0+bd/3v+v/5/2e/f8//1/6yb2/P/c/e/Mm5psv8BAACgg9z9r4pb7H8AAAAYRu7+V8ct9j8AAAAMI3f/a+KWJvtf/9+0//f8f/2//v+k+//bVvr/E7GI/v/gwq8/9/7/Bv2//n9Cu/7/f//7yJf6f/0/6+bW/+fuf23c0mT/AwAAQAe5+18Xt9j/AAAAMIzc/a+PW+x/AAAAGEbu/jfETVc32f/6f/2//l//r//f/Pon/Pz/a1erlf5/BxbR/0+Ye//v+f/6/ynt+v/z6P/1/6ybW/+fu/+NcUuT/Q8AAAAd5O5/U9xi/wMAAMAwcve/OW6x/wEAAGAYufvfErc02f/6f/3/le7/b//M6P/P0v/vqf+/YRH9v+f/74j+f5r+fwv9v/5f/6//50Tsq//P3f/WuKXJ/gcAAIAOcve/LW6x/wEAAGAYufvfHrfY/wAAADCM3P3viFua7H/9v/7f8//1/6dm1/+fPvLv1+T5//r/HdH/T9P/b6H/1//r/2/U/7NLc3v+f+7+d8YtTfY/AAAAdJC7/11x6/+6tf8BAABgGLn73x232P8AAAAwjNz974lbmux//b/+X/+v/x/++f/6/1b0/9P0/1vo//X/+n/P/2en5tb/5+5/b9zSZP8DAABAB7n73xe32P8AAAAwjNz9749b7H8AAAAYRu7+m+OWJvtf/6//1//r//X/Z38P9f9j0P9PO5n+/0D/r/+vfv5f4j8F+n/9/7Zfz5jm1v/n7v9A3NJk/wMAAEAHufs/GLfY/wAAADCM3P0filvsfwAAAFikqzf8WO7+D8ctTfa//l//r//X/+v/N7++/n+Z9P/TPP9/C/3/Jfbz/37kq6U9///8//7S/+v/2b399/9n/xdbfp27/yNxS5P9DwAAAB3k7v9o3GL/AwAAwDBy938sbrH/AQAAYBi5+z8etzTZ//p//b/+X/+v/9/8+vr/ZdL/T9P/b6H/3+vz85f+/vX/+n/W7b//P/p17v5PxC1N9j8AAAB0kLv/k3GL/Q8AAADDyN3/qbjF/gcAAIBhHO7+jMsa7n/9v/5f/6//1/9vfn39/zLp/6fp/7fQ/+v/9f/6f3Zqbv3/pw9/1enVZ+KWJvsfAAAAOsjd/9m4xf4HAACAYeTu/1zcYv8DAADAMHL3fz5uabL/G/T/pzb9NP3/0vr/M2fOXK//1/8f/X7u6P9v0f9T9P/T9P9b6P/1//p//T87Nbf+P3f/F+KWJvsfAAAAOsjd/8W4xf4HAACAYeTu/1LcYv8DAADAMHL3fzluabL/G/T/G82q/z+t//f8f/3/yvP/9f87ov+fpv/fYsT+//TFf/v77uePa9/vX/+v/2fd3Pr/3P1fiVua7H8AAADoIHf/V+MW+x8AAACGkbv/a3GL/Q8AAADDyN3/9bhlcft/U4G+nf7/5Pr/2//ZdXn+/8Fq8/vX/+v/9f/6/ytN/z9N/7/FiP3/Jdh3P7/096//1/+zbm79f+7+b8Qti9v/AAAAwIXk7v9m3GL/AwAAwDBy938rbrH/AQAAYBi5+78dtzTZ//r/GTz/f8D+3/P/N38+9P+z7v+v0v+PQf8/Tf+/hf5f/6//31H/n59m/X93c+v/c/d/J25psv8BAACgg9z9341b7H8AAAAYRu7+78Ut9j8AAAAMI3f/LXHLOfv/8p6svwz6f/2//l//r//f/Pr6/2XS/0+72P7/1Op4/X/S/+v/9f9d+3/P/+esufX/ufu/H7f4+38AAABYnGsu8OO5+38Qt9j/AAAAMIzc/T+MW+x/AAAAGEbu/h/FLbdeta+3dKL0//p//b/+X/+/+fX1/8um/9/M8/+30P/vop//H/3/GP3/aqX/5/jm1v/n7v9x3OLv/wEAAGAYuft/ErfY/wAAADCM3P0/jVvsfwAAABhG7v6fxS1N9r/+X/9/zP7/MM3U/5+l/z9L/7+Z/v9keP7/NP3/Fvp/z//X/3v+Pzs1t/4/d//P45Ym+x8AAAA6yN3/i7jF/gcAAIBh5O7/Zdxi/wMAAMAwcvf/Km5psv/31v/HP2r9/+L7f8//1//r//X/s6L/n6b/30L/r//X/+v/2am59f+5+38dtzTZ/wAAANBB7v7fxC32PwAAAAwjd/9v4xb7HwAAAIaRu/93cUuT/e/5//p//b/+X/+/+fX1/8uk/5+m/9+sfqP0//p//b/+n52aW/+fu//3cUuT/Q8AAAAd5O7/Q9xi/wMAAMAwcvffGrfY/wAAADCM3P1/jFua7H/9v/5f/6//1/9vfn39/zLp/6fts///v3/d/rKe/7/3/j/fgv5f/6//Zyfm1v/n7v9T3NJk/wMAAEAHufv/HLfY/wAAADCM3P1/iVvsfwAAABhG7v6/xi1N9v+W/v9U/UT9/yT9/9H3r//f/PnQ/x+7/z9Y6f/1/1vo/6d5/v8W+n/P/9f/6//Zqbn1/7n7/xa3NNn/AAAA0EHu/tviFvsfAAAAhpG7/+9xi/0PAAAAw8jd/4+4pcn+9/x//b/+X/+/oP7/yPej/9f/b6L/n6b/30L/r//X/+v/2am59f+5+/8ZAAD///ZFSMI=")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1)

36.673002468s ago: executing program 6 (id=8685):
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./bus\x00', 0x1010800, &(0x7f0000000080)=ANY=[], 0x1, 0x32b, &(0x7f00000008c0)="$eJzs3M9LK1cUwPGTH8ZEMZNFaWmheGk3bReDpl0XslAozULUlGqhMOqkDZkmkgmWlIJ21W3pf9BNF+LSndD2H3DTXbvppjs3hS6ePOTdR+aHTswP3xvNi+L3A5LrnHPivcxMOBOcOfv8p2/qVdesWm1JZpUkRETORQqSlFAieE1644xEHcj7s///9fbaxuanpXJ5aVWp5dL6h0WlVH7+t2+/zwVpJ9NyWvjy7L/iv6evn7559mz965qraq5qNNvKUlvNf9rWlmOrnZpbN5VacWzLtVWt4dotP97041WnubvbUVZjZ25mt2W7rrIaHVW3O6rdVO1WR1lfWbWGMk1Tzc3IIJmBWx+ryuHqqlWKWbx9x5NBXE+11iPCOlGyUiKS64tUDsc6LwAAcC9d6/9TXksfq/+XvNf/d5Ov+v+jd/5oz352nA/6/5PMoP7/o7/99+rp/7Micqf9f3bA6vs7ogdv/2WSb9X/436Y987InsM70ZPQapWs7tlghxt++OJowRvQ/wMAAAAAAAAAAAAAAAAAAAAA8BCca21orY3wNfj54CrD3zbJOWJ8+vZ/orvLtTEd3FISHhOTnifGY21jU7LejXvpvIjz415lr+K/BvEwcUEMufCOh0B3HN4LqLoK8ruzH9Tv71VSXqRUlZo4YsuiGFK4Xq/18iflpUXl662fkplofVEMeU1Ep6SvvjiwPiPvvRupN8WQP7elKY7sdI/rCx3Uh/c5lq/V57y8CM4BAAAAAMCDZapLA6/fTXNY3K+/vL7u/X5AJHJ9vtB/fa4NEeOt9GTXDgAAAADAY+F2vqtbjmO3RgxycnNO/EE6XvnUqJxUZIU9ITkYuuRM8AjV8a10xCD8R4p6JhLKyi/B5jjvHK5/PHNOSpyqedHT/qxu89fDr42G5cjKuPdXekjojZ9/fRLvnRPBU3ujoY+PszesdGyDqRf68NCpW376AAAAAHiVwqY/53q/JiY9HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHqMRjwFL39XjxCa9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC+eB4AAP//L+X5Dg==")
creat(&(0x7f0000000100)='./file2\x00', 0x2e)

36.084009706s ago: executing program 6 (id=8695):
r0 = syz_open_dev$swradio(&(0x7f0000000a00), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, &(0x7f0000000a40)={0x1, 0x5})

35.608703681s ago: executing program 6 (id=8703):
r0 = socket(0x2000000000000021, 0x2, 0x2)
shutdown(r0, 0x0)

35.337152496s ago: executing program 6 (id=8710):
r0 = socket$inet(0x2, 0x2, 0x0)
getsockopt$inet_mreqsrc(r0, 0x0, 0x6a, 0x0, &(0x7f0000000140))

35.000564162s ago: executing program 6 (id=8716):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0x4}, @NHA_GROUP_TYPE={0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)

34.644515363s ago: executing program 6 (id=8722):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_CLAIMINTERFACE(r0, 0x8004550f, &(0x7f0000000140)=0x3f)

18.52379128s ago: executing program 33 (id=8722):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_CLAIMINTERFACE(r0, 0x8004550f, &(0x7f0000000140)=0x3f)

10.372823311s ago: executing program 7 (id=9049):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x10, &(0x7f0000000480)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1234}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x8a}}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa0)

10.100474428s ago: executing program 7 (id=9056):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c00000015000100000000ec001fb6330d70000008000100", @ANYRES16=r0], 0x1c}, 0x1, 0x0, 0x0, 0x48001}, 0x0)

9.829367913s ago: executing program 7 (id=9061):
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x1e, &(0x7f00000001c0)=ANY=[@ANYBLOB='data_checksum=none,reconstruct_alloc,recovery_pass_last=set_may_go_rw,fsbk,data_checksum=crc32c,errors=continue,background_compression=lz4,discard,vncompatible,ratmit_errors,\x00'/194], 0x3, 0x594a, &(0x7f000000b480)="$eJzs3X2QHGX9IPCnZ2azk91ssgkgEWSzBKIIaja8Fb6URs+3AqRiYSnhorCQDUaTkEqCQEAJHnhQgIWWlqL+gRZSh0aLKjglUiIvl3CKUpwedYXUyR36h1fIkRLIUZbn/mp3+pnM9k5vz87OhgQ+n0q253mm59vffvqZnn6emd0JAAAAvC7suX7rvnOO+tBvvjzy8jUf/cXGa0Nveby+GlfoT5dXvFoZciB1z1k8vsz2i7dc9aO/DF78gV/f3fPDV3avPXbdHz942MX3f+7MXbd996GX+u7917NFcWN/OnF/OXk+CaH6y73f/Mrux44cq0tCCOWkf0cIC5NFDy1MMiGG/hFCWJsWFofyhDvvefmUdWPLa2/qnlC/IBNEf399q6b9bPu+y08Kf3r/6ut+t+SnP+na+dyO/ask1Yb+FML8Cxsf3xVCmJv+HxN72+L44HS5KoTQ0/C4MwryOq7F/JfnlI9Ol3PSZW9BnHj/0ky5lFkvW466Msuegu3NVF4e7a5XZF6mnD0ZzVRenrF+Ybr8ebo8cZrxy/F/EkpJqNTT35Ds7yOh4bglIRk/ltV6uVQ/tiHd/0w5yZRLmXK5K7Nf49tNO1o5SSbWx/Uy9fF0XEnrj208Vzdxbk79G9NlNX2ivhLLIXujpnfSjfp+jYt57Z0ilwOh1HAOalZfP/DpwehN63qTRZMeM9pEvG/36puXldc8vKc/J4/k7iSNn7QVf/tvF877zI9vvGxxXvwLS2n8UiZ+0lL8Z856/IXzb/zBd3Lj3xrjl8fP7dPN/+QHep4/65Hrl+a2z97YPpW22mf42UdvWXL4RTtz8789xq+2FX/lrse7+/Y98GBu/kOxfea2Ff/pd3/4z3c9ed9zufFDjN/TVvw1uzZ/tXtg3wm58R+M7dPbVvxnXtx5+lMDA38dbHzACX374z8R4/e1Ff/OHbe9644FN52Ze3xXxfbpbyv+2cfff928ffcdk3fuTG7v1CsnwOvTYek11g1pud1x5kw1jBe+PVipXSXNS//3dXJDmYvPse3M72R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAghHHHSf/3I//5k//OVtNyd3ni6VFvG+jkhJHNDCFu3DW/Ztn7TJYOfu/SyLZuGNwwObxsc2bRty5WDp75tcMvI5g3DV47dO/T2U2qPWxSS2jI5ZtK2u0dHR0v9E+vi9v7d8Tv/tOyM//O3EIaO+MNAJTf/5bdtvOPwJj8zkpWj79t42Tl/OO376X71p3n1N8lrdHR0NOTk9X/P++cdX9/7lxNCGHrDVHk9+vR7fzUhofGK/XFSpe5QS6g76WmaRz3rNJ/YXpV16zeMDE3dvmOPL+fsx7+/6rl/rLvia/+stW81dz9abN+5K0c3lL61+uz//62raxVFeb1ax72oveNexPxi+1XT9p6f7tf8nP2q5OzX9b978MlfHnXjSzvCUOXFJZO3XbRfXWkH6Ere2NJ24xZ6koUT6qvp+vGIx8ct37Zx8/KtV25/+/qNw5eMXDKy6Z0rTl1x+tBpp5+2fHzPl3d4/+P239zi/h+Y/rTgCzt+Hn+21p+K8ipqj7G8itujMaO851/PuV/5xjtve+ScWkVRP49r188n6bJn7DivCA39bXJbNduvonYIIQw2a4cXXjozHPk/1l9XdB5qPDKNPzOSlaOPLf3798/43uL31CoOyHm+MaE2z/P1rPfnM95e1fR4jB6k7dsdyul+9TbNa8Vjj3TdvOdvX6znN2dOuGJ427YtK2o/56WZzkuObppXtjbu15Lxn+WQNkuod9Mm/XVMV6jllz1/xtWzrdqb3tebLGq6X1nxvt2rb15WXvPwnryWTu6ubXFu6KstkzflrLkh88ByPeFm2z9Yn39F/WPgI9+795P3/uzUSf3j5NrPov1Kcvbrp0/e+Y0ffu0//qxz+/WR9z7e//f/+dlltYpD5bxSzzrNJ2k8r5wcQtHzb0lovh+5z79S8/0pev5lt7N//ebxBjPl3lBu6/l68gM9z5/1yPVLc5+ve1t9vl49oVQueL4eLP0n+/xKKhPzmL3n14SOkqwc/fUNh+146JpVR9Uqivp1fe1m/fqUFsYfOfv1q/OfGrh08D/8986dN370tnsu+OPwyi/VKto/7jGXzhz3atq+1Zz2rWcdx52N7fuOiy/dsLZWP9Pr38qsXf+my4LxTzyVbL1y++eHN2wY2bK1tf1q9fU0bifbyu2+nsaz26KC/SpN2q/Zu9FKe7X6fIv5r227vSY+33pD0tbrwvbfLpz3mR/feFn/pEelG7qwlMYvtRX/mbMef+H8G3/wndz4t8b4lbbiDz/76C1LDr9oZ27825M0frWt+Ct3Pd7dt++BB3PjD8X857YV/+l3f/jPdz1533O58UOM39te+7+48/SnBgb+mhv/iSTdztg1Ugj3vHzKulo5CV3p8y3m0TUhr5AtJ5lyKVMuN5ZLtbnW+gbKSTKxPq6X1h/bkEszn8qpj1dh1cW15SuxHLI3pq4/2JQazv3N6ouuUwEAXuvi+//xGjS+/z+SXijlzzTAfjMdhy3OiRvHYfvnc+ZMuH9xGj8+Ps4DDrwjDI0trx2sXehP932E+HzIznPG7Zxw3MQY7c5zFs2/L82UY161+fJKwzg0NXlcUwktzL9P3s7U8++Z3S+eHx+8YVJagw3zVtnj15XOmDX7vEMm38pYhLz+kZ0Xi5/nGJgfVo1vr8X+kf0cTTwO2c/RxO0clTlxtvZ5la6Q/RzNTPtHTHuK/jGecvH7G5OPX5iiffcfv+bRssdvGse7Orb+bL8/24F5w6antFbmDZ+YP8X5suV5w9l9P8y8ZE789Al2sM8bxvq4H5UW5xM/mVNfe9buqJfbnU+Mp4uY194pcjkQzCcCr1Vx/B9fI8bG/2MX4P8vs17RdWj2qjHGy/2cULl5PkXjjsmf0+tp63V8za7NX+0e2HdC7nXOg61+7mfzhFJPwed+itpxWaZc2I45EzRF473sdoraPfu5jN7Q11a737njtnfdseCmM3PbfVXthbS43b8xodRX0O6HwHihefwD9TmDbuOFpvEPkc8xFM2fvWrjkfSDT7M1HvlETv10P9/QM+lGfb/GHXLjka4DmxcAcOiI4//6+2fp+P9/xRXS64iiceuJmXKMlztuzbk+yRu3fixdXpFZvzf9jYrpXjefffz9183bd98xueOW21sdh/6nCaX+wnHozMbNueOIVZ35vHjuOKI+zprZODE3//o4cWbj9Nz49XH6zMbRue1Tf99tZvMAufHr8wCH+ji3YL4us7FYbHW+7jU7jk5/fXa2xtHn5tRPdxzdO+lGfb/GGUcDALy64vg/XsbF8f8jmfVm+j577rigQ9ft2b8HUo//xIEaV872uG+2x62zPa6f7XmJQ31cPNvzQrM7T/a6HxenGzUuBgDgYBbH/3PTcv74f2bjk2bjt64J4xPj86bxjc8PkvH5oT7/ZfzvffFixv8AAK9tcfwff+0x/v2//5KWs3+33jg9J75xunH6VP2n5XF65+fZgs8BvLrzAHP3r28eAACAV0PX+Ehp8u/ZfzpdZn/PPu/38s/PWb9VlfTy+KJtW0ZGLrhs89rhbSMXbLp07cjWCy7fsn7btpFNtfVmOm7MHbek48auUEnbo/l62XHbgvTvISzI+XsI2fVj2KPHb0z+ewjZzc4t+DsC+49fa/nmHb/SFOs36x95xzsv/qdy1o/qx//iz558wbqtF6zftH7b+uEN67ePTFxvbNTaM43vzYzNMq3vS838mKQ0/e/v7EwepUl5dKXtkff97Ekmj4VpJgvzvv8gJ+/f/Levf+H40X/eFcLQEeU3zaj9kpWj//m8kY9t2/OHzWP5l6bMv75mmlfR95Vm14/7U9lw6dZtJ6279LJN2W+UbE+czyjVy7M0n5E+/cstzk+syamf7ucUypNuHJxanp8AAGCC+P5/vJ6N7x9+Lb2AivWtj9Nn9v5x7jh9qLVxevZ7yYrG6dn14/62Ok6vznCcnt1+0Ti92frNxul54+68+J/IWX+6Wu8nM/ucR24/ubC1fpL9PoOifpJdf7r9JJlhP8luv6ifNFu/WT/JO+558T+es36ewv6QJjzTz+Xk9odbW+sPb82Ui/pDdv3p9ofSDPtDdvtF/aHZ+s36Q97xzYt/Ts76rZrYP8Y6xni/GLng8ku3fL5hvdn+/ouZ5ze73//Rrtbzn93Pfc1+/rP7ubLZz39mnyvLzf+Jmc2EtZ7/7H6/S7sO2Hxt+mGzos+fFc3jrs6pn+487pxJNw5O5nHh1RPH//Htnjj+vylddvptoEP+e9J8j1nz+B36HrOi6xiv5+my2YvmQcDrOQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBruiuLx5d7rt+675yjPvSbL4+8fM1Hf7Hx2rdc9aO/DF78gV/f3fPDV3avPXbdHz942MX3f+7MXbd996GX+u7917OFgfvHf1ZOTIvVEJLnkxCqv9z7za/sfuzIsbokhFBO+neEsDBZ9NDCJBNh6B8hhLX1PCfeec/Lp6wbW157U/eE+gWZINn9Cr3lmE9jniFcUbhHHIKqaT/bvu/yk8Kf3r/6ut8t+elPunY+t2P/Kkm1oT+FMP/Cxsd3hRDmpv/HxN62OD44Xa4KIfQ0PO6MgryOazH/5Tnlo9PlnHTZWxAn3r80Uy5l1suWo67MsqdgezOVl0e76xWZlylnT0Y1lbbj5+UZ6xemy5+nyxOnGb8c/yehlIRKPf0Nyf4+EhqOWxKS8WNZrZdL9WMb0v3PlJNMuZQpl7sy+zW+3bSjlZNkYn1cL1MfT8eVtP7Y8RzLuft9bk79G9NlNX2ivhLLIXujpnfSjfp+jYt57c3N5MAoNZyDmtXXD3x6MHrTut5k0aTHjDYR79u9+uZl5TUP7+nPySO5O0njJ23F3/7bhfM+8+MbL1ucF//CUhq/1Fb8Z856/IXzb/zBd3Lj3xrjl9uKf/IDPc+f9cj1S3PbZ29sn0pb8YefffSWJYdftDM3/9tr8Z8M1bbir9z1eHffvgcezM1/KLbP3LbiP/3uD//5rifvey43fojxe9qKv2bX5q92D+w7ITf+g7H9e9vrPy/uPP2pgYG/DubFfyLG72sr/p07bnvXHQtuOjP3+K6K7dPfVvyzj7//unn77jummhf/9k69cgK8Ph2WXmPdkJbbHWfOVMN44duDldo137z0f18nN5Qxtp35sxgfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDXpt9ffeqnz3vfx1dXkhCSnHVGm4j3leesXDnYxnaHn330liWHX7SzsW5xG3EAAACAYnEcXqrXVMPicHkyNxzddP04R3B0LCUT67NzCDFOdo6g3TilDsUpdyhOpUNxuibHGW0nzpwO5dPdoTjVgjjV0FqcuVPEqYz1ihbz6Zkyn9bj9HYozrwOxenrUJz5HYqzoENx+qeM03o/XNihOIs6FOewDsU5vENxjuhQnDe0EWdOkzhHdiif7JzydPthX7rmUXlxxm+UC+NUknL9jmbz6Uem2zlmhtvpLdhOX9HrcYvbmdvido7LPK40ze1UW9zOm2e4naTF7bx1htspFWwn9tsrsvnF7cRSi/3/yg7F2d6hOFd1KM7VHYrzxQ7F+VKH4lwzwzgArYrj//3jvf7QXXlP6EnPONlZgDjeXTL+c/LrXd4JKcZ7U6Z+TlG87EA9E2/JdPPLTiBk4i3N1HdNiFepj0emiFdtjLcsc2fh/mYnFDL5nZip7y6Kl51YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBZ9PurT/30ee/7+OqQhLF/TY02Ee8rz1m5crCN7e5effOy8pqH9zTWdVfaCAQAAAAUiuPwrnpNNXRXVoTuZM6E9arpPEA1LZf7a8uB+WHV2DIZLI2Xe5KFUz6ukj5u+baNm5dvvXL729dvHL5k5JKRTe9cceqK04dOO/205evWbxgZqv0MobsgXghhfPph65XbPz+8YcPIlq21ymz+i9PHLU7LSfq4gXeEobHltWn+iwq2V5q0vdm7UXz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf2PXbkPdPOs/gF93kpNkZ+u/+bOnrKynoQ+j6tC2nkmnY7lBcLC1pYeBJNPjKK7F4elatnbUGbeC22xRhI1CqfSFlTrcHL7ZgxviHihUZrXgqUW2oXuhL5RNJ93oC+mI9CR3TpKTNMc41nV+Pi9yJ9f1u67ffeXFge99AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfLCma+OTlfJEdTQKIepTU+8hmUtn47g0RN8vP7/9+7mx0yvbx3KZITYCAAAABkpy+EhrJB9ymXRIh6tmPi0NbRNhNvcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/e6Zr45OV8kT14iiEqDGU6q6p95DMpbNxXBqi7xvvPPmZV8fG/to+VhzqBAAAAMAgSQ6fDf35UAzLwkh0VUdd89lAWNS1vrsu2WfxPOu6nx30q1s2z7pr5ln3sQF1G5rXXQEAAAAufEn+z7RGCiGXWdA3/w/K9Undkq66dPM6zG8FAAAAgP9Okv9zrZFiyGWKrbw+37y/tKsuWT/o//bJ+hV91g/6f/765tX/6QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgwjFdG5+slCeq6SiEqE9NvYdkLp2N49IQfde8MPr3W47kO8ZymSE2AgAAAAZq5PCHls5G73zIZUbDSLh4JveP3XTw6S8+/ex4CKER87PZsGvTjh13r2m8JnWrjx0Z+d7Rt741p2514/W8HRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjfTNfGJyvliepFUQhRn5p6D8lcOhvHpSH6vv65L/z58ZPPvdk+VhxiHwAAAGCwJIfPZv98KIZsyIYrZj61Z/2zUl3r+z0zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD467vnGfV/fNDW1+W5vvPHGm9ab8/2XCQAAeL8tCVGo/4eu3Hi+7xoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgwmK6NT1bKE9V8FELUp6beQzKXzsZxaYi+8fPHcwtOv/BS+1hxiH0AAACAwZIcPpv986EYRsJIuHzmU69nAjP5v/AB3iQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwoTJdG5+slCeqC6IQoj419R6SuXQ2jktD9H1s94HPHl743Zvbx3KZITYCAAAABkpyeLY1kg+5zMdDLlzd/DzVuSBKN6+9nwvMrtvesWx03utqHevS8163p+tkmeZpGuvyyX6FxrW1rjR3XaltXTG02pc61oV9HasWDLjPAAAAAOdRkv9zrZFCyGVybTn3Jx31BTkXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOhjujY+WSlPVKMohKhPTb2HZC6djePSEH3v+83/X/KVn+7d2T5WHGIfAAAAYLAkh89m/3wohsXh/8LimdwfCp31Sd0/KmcOP/rPv6wMYdUVJ8Yy3dv+MHnzq9dvfLH7JYRUZ3UqhIXNflGffr/+3aP3Lq+feTyEVZenr57TL5y7X+eWcf2Zyub1O46e2D7gy2ndHQAAAFzYkvw/0hophFzmrr75P0neA/J/y0wAX3jv7p9f1nxtJvKuFalCs1+qT7/PL3/yTyvW/u2ts/n/XP0+dWDr4cs6GjZGukRxvbx154YT1x1KJadu9E939U++ly99881/bdn1yJlG/3zIN8cXZXr1n/va5aK4PpXaX1333v5aZ/9Mn/M/9NuXTv5y0d53z/Z/Z8loq/815zj/ufuP3vrwvusPHNnQ2T+EUOrV/+13bw5X/uHOB7vPP9q1cfs33/7aJYrrx5aeOrT2YPGGzv5RV//k+//Zycf2/fiR7zyb9E9+K7Jy2Xz7p7r6v7Ln0t0vP7BxUWf/VJ/zv3jbq2PbSt/+fff57+jYNdP3Luae/4lrn7r9tU3x/d1TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHy3TtfHJSnmimopCiPrU1HtI5tLZOC4N0feNW46/fdveH/2gfaw4xD4AAADAYEkOn83++VAM2ZANozO5/5nK5vU7jp7YHgqN2ah5zUxtu2fHJ7Zs23nXHefpzgEAAID5SvJ/pjVSCLnM8jDSzP/lrTs3nLjuUCrJ/6kk/2+5c2rzqtCqe2XPpbtffmDjotZzghBmfhaQP1v36dm6m248Xjj1x6+t6Fm3Zrbu2NJTh9YeLN6Q1IX2utWh9XziiWufuv21TfH9rftrr/vkV7dNNR9PJPuO3vrwvusPHNnQOkfzOtrcN6mbSu2vrntvfy2pSzev+ea5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC5pmvjk5XyRDWkQ4j61NR7SObS2TguDdF33fJfPHjJ6ecWt4/lMkNsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBvduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBjP6FxVHEcwN/b3ZhtNmmTVrAqpmlVlHqwKIjoRUVFWpGCp0qRamsPoiCIKPVgKq1YquJFsHopooIapaBgY7G0Sir+K148qKBQPQilGNCG4sFIdt9sN5OMaydFUD8fWN6+NzPf+c28t7PZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCv0ltb3myP7Hx46o4LbvnsyftOPnHbBw9uv+zxN38a2XzTp/v6Xjs1sWXl1m9vXrb5wP1rx/e8fPi3gff+ONY1+LFWszp16yHEEzGE+oeTLzw18fl5M2MxhFCNg6MhDMWlh4diLmHN7yGELe06Z2989+TVW2fa7bt7Z40vyYXkrys0qlk9LYOz6+W/pZ7W2bapR68I39+4YceXK955u2fs+OjpXWK9Yz2FsHhT5/E9IYRF6TUjW23Ls4NTuz6E0Ndx3LVd6rr4b9Z/ZUH/wtSek9pGl5xs+6pcv5LbL9/P9OTavi7nW6iiOsru101/rp9/GC1UUZ3Z+FBq30/t6jPMr2avGCox1NrlPxBPr5HQMW8xxOZc1tv9SntuQ7r+XD/m+pVcv9qTu67medNCq8Y4ezzbLzeePY5raXxl57N6HncWjJ+f2nr6oJ7K+iH/pqUx5037upqyuib/opZ/QqXjGTTfeHvi02Q00lgjLp1zzPQctels28SGZy6tbvzoyGBBHXFfTPnxDPKn2/nbvhjqv/utXY8sL8rfVEn5lVL5P6w7+stdu155qTD/+Sy/Wir/qoN9J9Z9vHNV4f2ZzO5PrVT+Pcc+eXbFufeOzTfXzfy9WX69VP4N40d7B6YOHiqsf012fxaVyv/u+lt/fOPr/ccL80OW31cqf+P4Q8/1Dk9dXph/qPVRaDRXaIn18+vYNd8MD/88UpT/VXb/B+bJj13zXx/dc92rS3avLVyf67P7M1iq/tsvObCjf2r/RUXPzrj3bH1zAvw/LUt/Yz2d+mV/Zy5Ux++FF0dqrW+g/vQaOJsnypk5z+L0Pv+/FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBPduBAAAAAAECQv/UgFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//DfgnuQ==")
truncate(&(0x7f0000000040)='./file2\x00', 0x1c9e)

6.090313384s ago: executing program 7 (id=9105):
syz_mount_image$nilfs2(&(0x7f0000000180), &(0x7f0000000040)='./file2\x00', 0x2080c2, &(0x7f0000001340)=ANY=[@ANYBLOB="6e6f646973636172642c6f726465723d7374726963742c6e6f626172726965722c6e6f7265636f766572792c646973636172642c6e6f626172726965722c6e6f626172726965722c6e6f6469736361726400006f626172726965722c00b693ae323c6c990c0c780f52734fda36720da0cebb641309f189e33d43205928061960e269883188ee81334e0b579f020f9faf47adf8bedab43ba78ea5ca08b35a9e75695b9d27ac0969190fb0681074338556ca8550ee75cc2f6ce9875c5d526045775d212fa1792578dd4b5035727b7ac2935a666b52a26c157372dbbab67c4b9da3cf329e0844a0210149e16a6fe992aaa951fe41672c53682b80a3ed74a3d52855415a2f7857a6e0fe78901b5c81872a72df4750fcf7bfb0077e31844d5a399a8c226d8e7180bf3595a82e9f2118ab8eceb0b154e33239"], 0x1, 0xa9f, &(0x7f0000002000)="$eJzs3V2IXNXhAPBzZ3c2X+s/E/9JXU3UWFu0H+66MWm1qSZioC2FEOhDQfsSYkxD1rQ0IlUEow+lL6Ig5qkPsfSlL0pbivpSUh+KFJRSWoQ+WelrCkIfpKBTduec2ZmTGe9Msrt3Z+f3g7Nn7j333nPu7J07d+49HwEYW7Wlv/v3bw4hvPLWy0dufvWdFxfnHGov0Vj6O9kxVQ8hFHF6MtveBxOt+JOPnjnRKy7CvqW/aTocvdxed1sI4XzYGy6FRnjhkQuT779x9L3Xwpknjx15983V2ftlxWpnAAAA68CxSwf37/rnX3bv+O/rtxwOm9rz0/V5I05Px+v+w/FCOV0v10L3dNEROk1ly03GUMuWm+ixXGc+9Wy5yT75T2XbrfdZblNJ/hMd83rtN4yydBw3QlGb7Zqu1WZnW7/Jw9Lv+qli9uzphcfOVVRQYMX959YQwl5hPMPu26ovg1BlaG6v+gwE0JI/L7zC+ZV9Utfe2uRg+V9+sNZ7/Q71FS0hY2FzK1rr4z8n//Wd/6+eU1OBlbMBj6a/XdexX+lzNB2n8+cIef2lYT//aXv584hBrwH6PUcYlecL/co5scbluFr9yp8fFxvV/TFO78MDWXr8HCw9Tsv/p6PyPwZ6+9j9f0FYkXBjUX0Zhg3Nqk9AwLqV15trRik9r9eXp28qSd9ckr6lJH1rSXoYMB3G0e+eeDG8VCzf78p/0w97P2w628T/DVme/H7ksPnn9X4HV1+R/PP6xLCubfvThXsfffivrfr/Rfv4/zQe73vjdCN+ti7FBdL9wvy+ervuf6M7m1qf5a7PinNdj+WXXu/sXq7Yubyd0HGeuaIcM2mN1h3d7f2W29O9/Ua23JYYNmflza9PtmbrpfrT6aQ43VWa5f2tZ/sxlZUjnVd2xDgvB1yNdDx21/9fPPqW6v+3H2PNhHrx2OmFk3fH6XScvjNR37Q4f36tCw5cs0Hb/8yE7vY/0+359VrneWH78vyi87zQyObv6zP/njidvud+OLFlaf7siR8tPNpV8vhD/tmVeR9gHJ176ukzxxcWTv5kNV8sZrTKWWzAF+F8COugGF6M04t0Xji+UOlpCVgDc088/uO5c089fdfpx4+fOnnq5Nn5A/P33ndgfv5r980tXdfPdV7db8TqwjC+lr/9qy4JAAAAAAAAAAAAMKhTH85d/PvbX/9Hq/3/cvu/1P4/1fxN7f9/nrX/z5r5tysIp3aAqR3fFe3tsw5Wp7Ll6jH8f7b9nVk+u7L1Phfj9jh+sf1/yi7v1zWV54Zsft5/b1puJpuf95cylfVBUoSfbe0s3+dj/HyMfxmgQsWW3rNjXNa/dTrWU/8U+qUYTen/lo6G1I/JtngopPbeqb+S1P9DOv/vWJtissLWol1h1fsI9Pbvjdz/d7qIqbocgrBOQ7NpFA9gfah6/M903zPFZ//wnc2LIS12+cHu82Xefylci/U+/uRGy/+5ivPPDTD+54oOL9we/27g8182Yl7+AGhAB5//7r86sg03DZp/Pv5p6gd653D5fzPmn/bmjjBY/s1Xs/zzB0IDuj/Lf+uA+V+x/3uuLv8HYv7pbbvz9kHzb5W4qHWXI79vnJ7/pfvG38/yP5Ttf+rbc+j9v8qBGg/H/GGcjco4s8MalfF/+8nrYRyI0+lEmOo55OOdDFv+VL8ifQ/syrZflHy/feb4vyPwMLhH+ZvPNpu/GJdxXL4R47LPw3T8n6bjsdFjutYxXe/x3m7Ucw2Mqg828vM/YfTDlnVQhmsPra/Vznnpy/Cz1vvj6pet2WxW2qevDoWrVfX7X/XT56rzr/r9L5OP/5tfw+fj/+bp+fi/38vS8/F/8/Xz8fXy9Hz83/z93FaSfkO23Xx84JmS9BtL0m8qSd9dkr6nJP3mkvTbStJvKUm/tST9+pL028O3Q6c8/Qsl63+xf/rHnYv2W//Oku1/qSR9o0vtUcZ1/2Gc5e3zfP5hfKTnP/0+/ztL0oHRdeH1+Yce/u0PGq32/1Pt+yHpOd7hOF2Pv51/Gqfz596hY3ox7e04/WGWvt7vd8A4yfvPyL/f7yhJB0ZXqufl8w1jqOhdSTN/3tav36p+1/mMli/H+Csx/mqM74rxbIznYjwf431rVD5Wx0O/+f3Bl4rl3/vbs/RB65Pn7YHyfqLuGbA8+f2BYeuz5/34Deta87/K5mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACVqS393b9/pgjhlbdePnLxz9/69eKcQ+0lGkt/Jzum6u31Qrg7xhMxvhhffPLRMyc6409jXIR9oQhFe344ermd07YQwvmwN1wKjfDCIxcm33/j6HuvhTNPHjvy7pur9w60FKudAQAAAFTofwEAAP//ocAWDQ==")
creat(&(0x7f0000000000)='./file2\x00', 0x4a)

2.642315715s ago: executing program 0 (id=9156):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB(r0, 0xc01c64ae, &(0x7f00000000c0)={0x0, 0xfffffffe, 0x80000001, 0x80000001, 0x2, 0x6, 0x5ec8})

2.39246745s ago: executing program 0 (id=9158):
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
io_uring_register$IORING_REGISTER_PBUF_RING(0xffffffffffffffff, 0x1f, &(0x7f00000004c0)={0x0}, 0x1)

2.358508833s ago: executing program 2 (id=9159):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
fadvise64(0xffffffffffffffff, 0x80000000, 0xf8d, 0x3)

2.277720534s ago: executing program 4 (id=9161):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0xe, 0xa, 0x1, "0506ddff09000affea9c2206ff57b9d2a100000000000000000000613dbda500", 0x38303553})

2.146452599s ago: executing program 0 (id=9162):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000040), 0x4)

2.101432347s ago: executing program 2 (id=9163):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private=0xa010101}}}], 0x20}, 0x24000080)

1.956136633s ago: executing program 4 (id=9166):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newlink={0x48, 0x10, 0x49920d862a92153b, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x11044, 0x2000}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_GROUP={0x8, 0x1b, 0x2}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x5be6}]}, 0x48}, 0x1, 0x0, 0x0, 0x8084}, 0xc4)

1.884069847s ago: executing program 2 (id=9167):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$PPPIOCSFLAGS(r0, 0x40047459, 0x0)

1.870673255s ago: executing program 0 (id=9168):
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x121040, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r0, 0x40086603, &(0x7f0000000040))

1.73271628s ago: executing program 5 (id=9170):
r0 = gettid()
rt_tgsigqueueinfo(r0, r0, 0x0, &(0x7f00000003c0)={0x0, 0x0, 0x80000001})

1.715916768s ago: executing program 7 (id=9171):
r0 = syz_open_dev$loop(&(0x7f0000000080), 0x8b9, 0x80981)
ioctl$LOOP_SET_CAPACITY(r0, 0x4c07)

1.626586957s ago: executing program 4 (id=9172):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x8a, &(0x7f0000000180)={[{@jqfmt_vfsold}, {@usrjquota}, {@acl}, {@noload}, {@data_err_ignore}, {@usrjquota, 0x22}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@init_itable_val={'init_itable', 0x3d, 0x101}}, {@noblock_validity}]}, 0xfe, 0x44d, &(0x7f0000000900)="$eJzs3MtvG0UYAPDPdpw0fZBQyqOhhUBBRDySJn3QA5cikDiAhASHIk4hSatQt0FNkGgVQeAQjqgSd8QRib+AC+WCgBMSV7gjpAjl0sLJaO3d1E3sJE6cuNS/n7TJjGesmW93xx7Peh1AxxpM/uQi9kfE7xHRV83eWWGw+u/W8vzEP8vzE7kol9/6O1epd3N5fiKrmj1vXzVTLq/T7uK7EeOl0tSVND8yd+mDkdmr116YvjR+YerC1OWxM2dOnjjafXrsVEviTOK6OfDxzJHDr71z/Y2Jc9ff+/nbpL/70/LaOFplsLp363q61Y212YGadK6rjR2hKYWISA5XsTL++6IQvStlffHqZ23tHLCjyuV8uadx8UIZuIclE3WgE2Vv9Mnn32zbpanHXWHpbKysY9xKt2pJV+TTOsX0M9JOGIyIcwv/fpVssUPrEAAAtW6cjYjn683/8vFQTb370mso/RFxf0QcjIgHIuJQRDwYUan7cEQ80mT7q6+QrJ3/lPu2FNgmJfO/l9JrW3fO/7LZX/QX0tyBSvzF3Pnp0tTxdJ8MRbEnyY+u08YPr/z2RaOy2vlfsiXtZ3PBtB9/da1aoJscnxvfTsy1lj6NGOiqF39uZc6bzI8PR8TAFtuYfvabI43K+jeMfx0tmJSXv454pnr8F2JV/Jlcw+uToy+eHjs1sidKU8dHsrNirV9+XXyzUfsbH/+dtXSjHHvrnv8r8ffn9kTMXr12sXK9drb5Nhb/+LzhZ5qtnv/dubcr6e70sY/G5+aujEZ0515f+/jY7edm+ax+cv4PHas//g/G7T3xaEQkJ/HRiHgsIh5P+/5ERDwZEcfWif+nl596v/n411mVb6Ek/smNjn/UHv/mE4WLP37XfPyZ5PifrKSG0kc28/q32Q5uZ98BAADA/0W+8h34XH54JZ3PDw9Xv8N/KPbmSzOzc8+dn/nw8mT1u/L9UcxnK119Neuho+laXpYfW5U/ka4bf1noreSHJ2ZKk+0OHjrcvgbjP/Fnod29A3ac+7Wgcxn/0LmMf+hcxj90LuMfOle98f9JG/oB7L4N3v97d6sfwO4z/4fOZfxD5zL+oSM1vDc+v61b/iXalPi+e3u/1bD5ROTvkpDvmUQx6hZ1bfrHLLaY6Klb1O5XJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNb4LwAA//+KpOMG")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.sectors\x00', 0x26e1, 0x0)

1.602387865s ago: executing program 0 (id=9173):
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_TIOCINQ(r0, 0x541b, 0x0)

1.536853822s ago: executing program 2 (id=9174):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="c00000000001050500000000000000000a0000003c0002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c00028005000100000000003c0001800c00028005000100000000002c00018014000300"], 0xc0}}, 0x0)

1.536697879s ago: executing program 5 (id=9175):
r0 = socket$inet(0x2, 0x4000000000000001, 0x6)
getsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, 0x0, &(0x7f0000000080)=0x53)

1.349401822s ago: executing program 0 (id=9177):
syz_usb_connect$hid(0x4, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003000000086e051c0140000102030109022d000101000904002501"], 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ff199610b90661408801010203010902120001000000000904"], 0x0)

1.279466638s ago: executing program 5 (id=9178):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}]}, @NFT_MSG_NEWRULE={0x418, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x3f0, 0x4, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_FLAGS={0x8}, @NFTA_CONNLIMIT_COUNT={0x8}, @NFTA_CONNLIMIT_FLAGS={0x8}, @NFTA_CONNLIMIT_COUNT={0x8}, @NFTA_CONNLIMIT_COUNT={0x8}]}}}, {0x3a0, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x394, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0x158, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x75, 0x1, "05e360daecd801f90ff50e7867639552061035aae3941922608264ecf394e527910b35a04a8c2ee09bca2321664867ab813098b2b89326563abea550c6404ca3b76a63445bc14f9f14cb86b921761c298411310fe8d36c32ab1055d646f8897f049eb7e1b770a0cae61be6fe46fbfbbbaa"}, @NFTA_DATA_VERDICT={0x48, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x54, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}]}]}, @NFTA_CMP_OP={0x8}, @NFTA_CMP_OP={0x8}, @NFTA_CMP_DATA={0x208, 0x3, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x4}, @NFTA_DATA_VALUE={0xbf, 0x1, "1cacb4a3a68b031c68acdd1dc0ba5f9ccfb8efd02baaf5b5a41baf6213998b62e2b369fd53c6c4e56a7d6976e372a2d7691f11c917f5b03285d260fe1e9d85fa62fa3070a4a00d245052e901b0f34749b187fd2ad9e3995889edb70a3e1b6d276f33b7f62da25d7d22b1f4c4e35d76f55a1a07e65e1017060481714edcb2bfec1f0ad4c48f69ef2b9d88af5c57cf688a92564f3d65d224707d96328e1d8c3e78bccb14874d17ad08857c4bc29a958490fbd5cadef449e09e1a7b48"}, @NFTA_DATA_VERDICT={0x48, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VERDICT={0xfffffffffffffe35, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0x9d, 0x1, "6bd01f0aaf422d7f052b2fc60c3d9d93cf4634e4b2d4a116bf7aae32643de2fb9c91b8082e44a1664aad3afd061706fffcc142a3da7c339454c0355210a6282d1276887ddcf9d4409d1d0faa5bf3adf6ccfd0ed2ae52f9ae3e6ceca1452505ba79588af434c8700fe2b7f8c53eb505949465db2cbf5aed0c809933f90a05307bf8a2d3cd8af64e303d0da044623b0d84ce368938a7f96fc033"}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0xf, 0x1, "efbb17b799969e4ce91e47"}]}, @NFTA_CMP_SREG={0x8}, @NFTA_CMP_OP={0x8}, @NFTA_CMP_OP={0x8}, @NFTA_CMP_OP={0x8}]}}}, {0xc, 0x1, 0x0, 0x1, @osf={{0x8}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x494}}, 0x0)

1.2791729s ago: executing program 7 (id=9179):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
syz_usb_connect(0x0, 0x24, &(0x7f0000000440)={{0x12, 0x1, 0x0, 0x90, 0xc3, 0x3f, 0x40, 0xaf7, 0x101, 0x2d62, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xcb, 0x35, 0x52}}]}}]}}, 0x0)

1.155973567s ago: executing program 2 (id=9181):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}]}}}]}]}], {0x14}}, 0xc4}}, 0x0)

1.060502569s ago: executing program 4 (id=9182):
set_mempolicy(0x1, &(0x7f0000000180)=0x6c0d05c5, 0x2)
unshare(0x68040200)

1.032268428s ago: executing program 3 (id=9183):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x5, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x868}, 0x1c)

1.023427189s ago: executing program 5 (id=9184):
futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000000), 0x2}], 0x1, 0x0, 0x0, 0x0)
futex(&(0x7f0000000140), 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0)

900.569812ms ago: executing program 2 (id=9185):
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000000c0)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c6865617274626561743d6e6f6e652c67727071756f74612c696e6f646536342c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c6c6f63616c666c6f636b732c00a5ac95942a38e6bfeea96108fa50b58440ef6041bea5aa31e2dd2532458d802e41aa4599ba680aa7bd6d04004258b7a8902f078e686e0ad0017a9f40cab7e8ed9483c468cbe8b5111b52c62ae7bd99dde7768746459302ef1adff359935a901d9a93c2ee3190699fae61911c9956efa1b72ad683a0acc6d36539173f0f11dd2011263c662522d12cca07a4a3d593ee6ca5954cd0b5674f92faa9f828438f930b721d144e46001a56724219f14c2c58ef31aee3852b15bddc24bade32ed8f3cba254e2dbc6baf27"], 0x0, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
quotactl$Q_GETNEXTQUOTA(0xffffffff80000900, &(0x7f0000000880)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

886.539351ms ago: executing program 3 (id=9186):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r0, 0x7af, 0x0)

800.464555ms ago: executing program 5 (id=9187):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/igmp\x00')
preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000140)=""/180, 0xb4}], 0x1, 0x2, 0xf5)

659.676503ms ago: executing program 3 (id=9188):
syz_mount_image$squashfs(&(0x7f00000006c0), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f0000000400)=ANY=[@ANYRES16=0x0, @ANYRESDEC, @ANYRES8, @ANYRESDEC, @ANYRES32, @ANYRES64, @ANYRES8=0x0, @ANYRESDEC, @ANYRES32], 0x1, 0x1ef, &(0x7f0000000b80)="$eJzslU1rE0EYx3+zO0kazaFnTwWL7UXbbEE8erMfwA9gSNda3PjSDWhCweilFw/ilyj4KTwIevcgInipBwU9VDxVJDI7z4wTEoiVRCjsH8LzPP95XrPzciu/n9eAX0d7bRYpoGjwQSk0sKIsd1y18rvIoeCztnZT+BciP4nMe/23T63av93KsnQ3701RlIJpPtkQq0h5Rp30hGLOc2rqN09GGcVE5wj4q3lmophqY0vd2I40HvVshKlN8pFY/kPz/64snWDf2Emt8qMxuiW+zLqxCvOeHTzzszH9M71/bj/nRJ9YwutjJ2XOSm/WCaMTReXI9ZVfexzxrTDeHe21jXJDbjHDbdmfOxKFjzFeBT7nNAxAxQx9Hg1XjbECrHU799byXv/iTqe1nW6nd5Jk4/L667NyRIePYCdL11XQhjnUuHsJMOe0HqxXgI9/1gcEUEFrBmdAVbG9uRB3Oa+eDwLrEAWxYQ6b96WvXxMupsN1LrAAPBioJUiw/9YyJpvmphltE0UsRlMHfcIxEQvFwqX23WxrH4VyYQdon6N5SMUbCdYwhdKNK378fZHLIjdFHog8FOneLvcm6SLDV7FWB1DlYavb3S0eL6t5LvFcsugrR1LVvYbKdVKjRIkSJUqUKFHilOB3AAAA//9pS0H2")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)

599.072573ms ago: executing program 5 (id=9189):
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYRES16, @ANYBLOB="010028057000fcdbdf253b0000000800", @ANYBLOB="04008e00080057001b0a00000400"], 0x398}, 0x1, 0x0, 0x0, 0x4094}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d0327408ca0768a8d4c4000000010902120001000000000904"], 0x0)

376.577488ms ago: executing program 3 (id=9190):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x34, 0x3d, 0x9, 0x0, 0x0, {0x1}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@nested={0x10, 0x10, 0x0, 0x1, [@typed={0x4, 0xb}, @typed={0x7, 0x132, 0x0, 0x0, @str='{*\x00'}]}]}, @typed={0x8, 0x2, 0x0, 0x0, @pid=0xffffffffffffffff}]}, 0x34}, 0x1, 0x0, 0x0, 0x51}, 0x0)

263.530813ms ago: executing program 3 (id=9191):
r0 = socket(0x1d, 0x2, 0x6)
setsockopt$inet_int(r0, 0x6a, 0xd, 0x0, 0x0)

190.938245ms ago: executing program 4 (id=9192):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="180000190000000002000000000000001840000002000000000000000000000095000000000000009500000000000200"], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x14, &(0x7f0000000600), 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

20.309603ms ago: executing program 4 (id=9193):
r0 = socket$inet(0x2, 0x3, 0x6)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)

0s ago: executing program 3 (id=9194):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000003d80)=0xffffffffffffffff, 0x4)

kernel console output (not intermixed with test programs):

ace 83 has no altsetting 0
[  753.354627][ T1983] usb 1-1: New USB device found, idVendor=0557, idProduct=2001, bcdDevice=6d.a7
[  753.373278][T22648] EXT4-fs (loop6): 1 truncate cleaned up
[  753.383685][ T1983] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  753.403706][T22648] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  753.427176][ T1983] usb 1-1: Product: syz
[  753.437972][ T1983] usb 1-1: Manufacturer: syz
[  753.459557][ T1983] usb 1-1: SerialNumber: syz
[  753.485642][T22648] ext4 filesystem being mounted at /295/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  753.507236][ T1983] usb 1-1: config 0 descriptor??
[  753.596113][T22667] loop5: detected capacity change from 0 to 64
[  753.784740][ T1983] usb 1-1: USB disconnect, device number 95
[  753.839502][T18262] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  753.881178][   T32] Quota error (device loop6): do_check_range: Getting block 0 out of range 1-5
[  753.911298][   T32] EXT4-fs error (device loop6): ext4_release_dquot:6950: comm kworker/u8:2: Failed to release dquot type 1
[  754.136284][T22683] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7473'.
[  754.433534][T22695] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7481'.
[  755.624360][T22748] loop0: detected capacity change from 0 to 512
[  755.657152][T22748] EXT4-fs error (device loop0): ext4_map_blocks:671: inode #2: block 3: comm syz.0.7508: lblock 0 mapped to illegal pblock 3 (length 1)
[  755.724511][T22748] EXT4-fs (loop0): Remounting filesystem read-only
[  755.732943][T22748] EXT4-fs warning (device loop0): dx_probe:823: inode #2: lblock 0: comm syz.0.7508: error -117 reading directory block
[  755.746216][T22748] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  755.755371][T22748] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  755.805644][T22755] openvswitch: netlink: VXLAN extension 15883 out of range max 1
[  755.822243][T22758] program syz.6.7513 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  755.831964][T22756] xt_CONNSECMARK: invalid mode: 0
[  756.010418][ T5898] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  756.051450][T22766] netlink: 'syz.3.7516': attribute type 16 has an invalid length.
[  756.091034][T22766] netlink: 'syz.3.7516': attribute type 17 has an invalid length.
[  756.213908][T22766] 8021q: adding VLAN 0 to HW filter on device 
[  756.281344][T22766] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  756.371908][T22778] netlink: 'syz.4.7522': attribute type 10 has an invalid length.
[  756.422105][T22778] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7522'.
[  756.465654][T22778] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  756.506778][T22784] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7524'.
[  757.010825][T22802] netlink: 'syz.3.7534': attribute type 2 has an invalid length.
[  757.041052][T22802] netlink: 'syz.3.7534': attribute type 1 has an invalid length.
[  757.070555][T22805] loop4: detected capacity change from 0 to 1024
[  757.385079][T22820] netlink: 'syz.3.7543': attribute type 25 has an invalid length.
[  757.469570][T22822] loop2: detected capacity change from 0 to 164
[  757.568345][T22826] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7547'.
[  757.801130][T22834] openvswitch: netlink: IP tunnel dst address not specified
[  758.363158][T22859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7563'.
[  758.493555][T22864] loop6: detected capacity change from 0 to 256
[  758.599296][T22864] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  758.786737][T22875] overlayfs: missing 'lowerdir'
[  759.280292][T22892] sit0: entered promiscuous mode
[  759.351407][T22892] netlink: 'syz.4.7580': attribute type 1 has an invalid length.
[  759.365416][T22892] netlink: 1 bytes leftover after parsing attributes in process `syz.4.7580'.
[  759.528645][T22854] loop0: detected capacity change from 0 to 32768
[  759.547944][T22904] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  759.555538][T22904] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  759.665424][T22854] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  760.000975][T22854] XFS (loop0): Ending clean mount
[  760.038360][T22854] XFS (loop0): Quotacheck needed: Please wait.
[  760.122259][T22854] XFS (loop0): Quotacheck: Done.
[  760.147376][T22936] loop2: detected capacity change from 0 to 64
[  760.296865][ T5898] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  761.671149][T22995] netlink: 'syz.5.7625': attribute type 16 has an invalid length.
[  761.702803][T22995] netlink: 'syz.5.7625': attribute type 17 has an invalid length.
[  761.802828][T22995] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  762.400312][T22976] loop4: detected capacity change from 0 to 32768
[  762.494216][T22976] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.7616 (22976)
[  762.600435][T22976] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  762.646686][T22976] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  762.666208][T23029] loop6: detected capacity change from 0 to 2048
[  762.681425][T22976] BTRFS info (device loop4): disk space caching is enabled
[  762.700058][T22976] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  762.767542][T23029] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  762.914124][T22976] BTRFS info (device loop4): rebuilding free space tree
[  762.956257][T23055] bridge2: entered promiscuous mode
[  762.997233][T23055] bridge2: entered allmulticast mode
[  763.015007][T22976] BTRFS info (device loop4): disabling free space tree
[  763.049107][T22976] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  763.091982][T22976] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  763.308984][T22976] BTRFS info (device loop4): balance: start -sdevid=0,drange=9..255,vrange=2..1024,limit=9223372036854777855,stripes=3..2145695905
[  763.364026][T22976] BTRFS info (device loop4): balance: ended with status: 0
[  763.534570][T22441] usb 6-1: new high-speed USB device number 82 using dummy_hcd
[  763.549971][T23077] loop0: detected capacity change from 0 to 512
[  763.557504][ T5894] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  763.621408][T23079] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7659'.
[  763.686223][T23079] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7659'.
[  763.712879][T23077] EXT4-fs error (device loop0): __ext4_iget:4984: inode #15: block 1803188595: comm syz.0.7658: invalid block
[  763.823219][T22441] usb 6-1: Using ep0 maxpacket: 32
[  763.831549][T23077] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.7658: couldn't read orphan inode 15 (err -117)
[  763.832230][T22441] usb 6-1: config 0 has an invalid interface number: 235 but max is 0
[  763.870580][T22441] usb 6-1: config 0 has no interface number 0
[  763.885601][T22441] usb 6-1: config 0 interface 235 altsetting 0 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  763.909002][T22441] usb 6-1: New USB device found, idVendor=085a, idProduct=0009, bcdDevice=a3.47
[  763.918101][T22441] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  763.936393][T22441] usb 6-1: Product: syz
[  763.958418][T23077] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  763.973107][T22441] usb 6-1: Manufacturer: syz
[  763.977741][T22441] usb 6-1: SerialNumber: syz
[  764.010094][T22441] usb 6-1: config 0 descriptor??
[  764.178492][ T5898] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  764.298068][T22441] kaweth 6-1:0.235: Firmware present in device.
[  764.461682][T22441] kaweth 6-1:0.235: Error reading configuration (-71), no net device created
[  764.480130][T22441] kaweth 6-1:0.235: probe with driver kaweth failed with error -5
[  764.546776][T22441] usb 6-1: USB disconnect, device number 82
[  764.625968][T23111] net veth1_virt_wifi »»»»»»: renamed from virt_wifi0
[  764.921861][T23121] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7680'.
[  765.266489][T23133] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7685'.
[  765.584662][T23148] loop2: detected capacity change from 0 to 256
[  765.621824][T23107] loop4: detected capacity change from 0 to 32768
[  765.694195][T23151] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0
[  765.943848][T23107] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  765.967411][T23162] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7694'.
[  766.035524][T23107] bcachefs (loop4): initializing new filesystem
[  766.077574][T23107] bcachefs (loop4): going read-write
[  766.094575][T23135] loop6: detected capacity change from 0 to 32768
[  766.102150][T23107] bcachefs (loop4): marking superblocks
[  766.129659][T23135] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.7684 (23135)
[  766.162503][T23107] bcachefs (loop4): initializing freespace
[  766.204501][T23135] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  766.234412][T23135] BTRFS info (device loop6): using sha256 (sha256-ni) checksum algorithm
[  766.261233][T23135] BTRFS info (device loop6): using free-space-tree
[  766.291842][T23107] bcachefs (loop4): done initializing freespace
[  766.356932][T23176] 
@ÿ: renamed from bond_slave_0 (while UP)
[  766.358815][T23107] bcachefs (loop4): reading snapshots table
[  766.389094][T23107] bcachefs (loop4): reading snapshots done
[  766.452174][T23107] bcachefs (loop4): done starting filesystem
[  766.623175][T23199] netlink: 84 bytes leftover after parsing attributes in process `syz.2.7704'.
[  766.632713][T23199] netlink: 'syz.2.7704': attribute type 2 has an invalid length.
[  766.642762][T23199] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7704'.
[  766.763484][T18262] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  766.880840][ T5894] bcachefs (loop4): shutting down
[  766.888808][ T5894] bcachefs (loop4): going read-only
[  766.924972][ T5894] bcachefs (loop4): finished waiting for writes to stop
[  766.998477][ T5894] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  767.152193][ T5894] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  767.219943][ T5894] bcachefs (loop4): clean shutdown complete, journal seq 4
[  767.242130][ T5894] bcachefs (loop4): marking filesystem clean
[  767.341583][ T5894] bcachefs (loop4): shutdown complete
[  767.770492][T16185] Bluetooth: hci3: command 0x0406 tx timeout
[  768.083295][T23244] loop6: detected capacity change from 0 to 8
[  768.118151][T23244] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  768.146806][T23244] cramfs: Error -3 while decompressing!
[  768.176556][T23244] cramfs: ffffffff9a536be8(26)->ffff8880595da000(4096)
[  768.198264][T23244] cramfs: Error -5 while decompressing!
[  768.201616][T23241] loop2: detected capacity change from 0 to 4096
[  768.215946][T23244] cramfs: ffffffff9a536c02(26)->ffff8880595db000(4096)
[  768.226789][T23244] cramfs: Error -3 while decompressing!
[  768.237576][T23244] cramfs: ffffffff9a536c1c(16)->ffff8880595dc000(4096)
[  768.256999][T23241] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  768.270082][T23244] cramfs: Error -3 while decompressing!
[  768.287764][T23244] cramfs: ffffffff9a536be8(26)->ffff8880595da000(4096)
[  768.307983][T23225] loop5: detected capacity change from 0 to 32768
[  768.309967][   T29] audit: type=1800 audit(1738772167.749:140): pid=23244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.7727" name="file3" dev="loop6" ino=348 res=0 errno=0
[  768.334610][ T6074] usb 4-1: new high-speed USB device number 106 using dummy_hcd
[  768.388400][T23241] ntfs3(loop2): Failed to initialize $Extend/$Reparse.
[  768.441628][T23225] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  768.520165][ T6074] usb 4-1: config 0 has an invalid interface number: 117 but max is 0
[  768.559407][ T6074] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  768.621271][ T6074] usb 4-1: config 0 has no interface number 0
[  768.646646][ T6074] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  768.710837][ T6074] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  768.768409][T23225] XFS (loop5): Ending clean mount
[  768.775611][ T6074] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  768.791446][ T6074] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  768.819419][ T6074] usb 4-1: Product: syz
[  768.839941][ T6074] usb 4-1: Manufacturer: syz
[  768.841878][T23225] XFS (loop5): Quotacheck needed: Please wait.
[  768.844831][ T6074] usb 4-1: SerialNumber: syz
[  768.891465][ T6074] usb 4-1: config 0 descriptor??
[  769.005762][T23225] XFS (loop5): Quotacheck: Done.
[  769.067514][T23277] loop6: detected capacity change from 0 to 256
[  769.103497][T23275] netlink: 'syz.0.7738': attribute type 16 has an invalid length.
[  769.125288][T23277] FAT-fs (loop6): Directory bread(block 64) failed
[  769.135823][T23277] FAT-fs (loop6): Directory bread(block 65) failed
[  769.146384][T23277] FAT-fs (loop6): Directory bread(block 66) failed
[  769.156878][T23275] netlink: 152 bytes leftover after parsing attributes in process `syz.0.7738'.
[  769.177786][T23277] FAT-fs (loop6): Directory bread(block 67) failed
[  769.214830][T23277] FAT-fs (loop6): Directory bread(block 68) failed
[  769.216055][ T5905] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  769.221517][T23277] FAT-fs (loop6): Directory bread(block 69) failed
[  769.261578][T23277] FAT-fs (loop6): Directory bread(block 70) failed
[  769.286099][T23277] FAT-fs (loop6): Directory bread(block 71) failed
[  769.292821][T23277] FAT-fs (loop6): Directory bread(block 72) failed
[  769.322845][T23277] FAT-fs (loop6): Directory bread(block 73) failed
[  769.341382][ T5949] usb 4-1: USB disconnect, device number 106
[  770.209048][T23302] ntfs3(nbd6): try to read out of volume at offset 0x0
[  770.377099][ T5951] usb 6-1: new high-speed USB device number 83 using dummy_hcd
[  770.416582][T23310] netlink: 'syz.2.7752': attribute type 2 has an invalid length.
[  770.430689][T22441] usb 4-1: new high-speed USB device number 107 using dummy_hcd
[  770.452494][T23310] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7752'.
[  770.491570][T23313] loop6: detected capacity change from 0 to 256
[  770.574684][ T5951] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  770.606395][ T5951] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  770.612095][T22441] usb 4-1: Using ep0 maxpacket: 32
[  770.649688][ T5951] usb 6-1: Product: syz
[  770.652831][T22441] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  770.672262][ T5951] usb 6-1: Manufacturer: syz
[  770.686804][ T5951] usb 6-1: SerialNumber: syz
[  770.693106][T22441] usb 4-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  770.713420][T22441] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  770.737126][ T5951] usb 6-1: config 0 descriptor??
[  770.750756][T22441] usb 4-1: Product: syz
[  770.754945][T22441] usb 4-1: Manufacturer: syz
[  770.777410][T23320] x_tables: ip_tables: osf match: used from hooks POSTROUTING, but only valid from PREROUTING/INPUT/FORWARD
[  770.812073][T22441] usb 4-1: SerialNumber: syz
[  770.844362][T22441] usb 4-1: config 0 descriptor??
[  770.885025][T22441] usb 4-1: bad CDC descriptors
[  770.906509][T22441] usb 4-1: unsupported MDLM descriptors
[  771.023855][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  771.030271][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  771.046859][ T5951] hso 6-1:0.0: Failed to find BULK IN ep
[  771.067167][ T5951] usb-storage 6-1:0.0: USB Mass Storage device detected
[  771.150777][ T1983] usb 4-1: USB disconnect, device number 107
[  771.231461][ T5951] usb 6-1: USB disconnect, device number 83
[  771.494397][T23348] loop0: detected capacity change from 0 to 256
[  771.988940][T23364] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7772'.
[  772.404506][T23371] loop4: detected capacity change from 0 to 4096
[  772.806648][T23400] netlink: 'syz.5.7784': attribute type 1 has an invalid length.
[  772.992834][T23354] loop2: detected capacity change from 0 to 32768
[  773.312107][T23354] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  773.376250][T23354] bcachefs (loop2): initializing new filesystem
[  773.423186][T23354] bcachefs (loop2): going read-write
[  773.466493][T23354] bcachefs (loop2): marking superblocks
[  773.589225][T23354] bcachefs (loop2): initializing freespace
[  773.649739][T23354] bcachefs (loop2): done initializing freespace
[  773.658117][T23354] bcachefs (loop2): reading snapshots table
[  773.669363][T23354] bcachefs (loop2): reading snapshots done
[  773.803209][T23354] bcachefs (loop2): done starting filesystem
[  774.075514][T23450] netlink: 'syz.5.7797': attribute type 1 has an invalid length.
[  774.084021][T23450] netlink: 56 bytes leftover after parsing attributes in process `syz.5.7797'.
[  774.169350][ T5900] bcachefs (loop2): shutting down
[  774.212039][ T5900] bcachefs (loop2): going read-only
[  774.223665][ T5900] bcachefs (loop2): finished waiting for writes to stop
[  774.237967][ T5900] bcachefs (loop2): flushing journal and stopping allocators, journal seq 2
[  774.372731][T23464] netlink: 40 bytes leftover after parsing attributes in process `syz.5.7802'.
[  774.382972][ T5900] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  774.396213][ T5950] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[  774.455890][T23403] loop4: detected capacity change from 0 to 32768
[  774.472274][ T5900] bcachefs (loop2): clean shutdown complete, journal seq 4
[  774.504868][ T5900] bcachefs (loop2): marking filesystem clean
[  774.569992][T23403] JBD2: Ignoring recovery information on journal
[  774.571276][ T5950] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  774.589851][ T5950] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  774.598177][ T5950] usb 1-1: Product: syz
[  774.602434][ T5950] usb 1-1: Manufacturer: syz
[  774.607047][ T5950] usb 1-1: SerialNumber: syz
[  774.614534][T23403] jbd2_journal_bmap: journal block not found at offset 32 on loop4-75
[  774.627951][T23403] JBD2: bad block at offset 32
[  774.634942][ T5950] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  774.662541][ T5900] bcachefs (loop2): shutdown complete
[  774.676998][T22441] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  774.691107][T23403] (syz.4.7785,23403,1):ocfs2_load_local_alloc:312 ERROR: Invalid local alloc inode, 75
[  774.711889][T23403] (syz.4.7785,23403,1):ocfs2_load_local_alloc:356 ERROR: status = -22
[  774.733308][T23403] (syz.4.7785,23403,1):ocfs2_check_volume:2401 ERROR: status = -22
[  774.753120][T23403] (syz.4.7785,23403,1):ocfs2_check_volume:2429 ERROR: status = -22
[  774.785293][T23403] (syz.4.7785,23403,1):ocfs2_mount_volume:1764 ERROR: status = -22
[  774.812379][T23403] (syz.4.7785,23403,1):ocfs2_fill_super:1177 ERROR: status = -22
[  775.098875][T23480] netlink: 'syz.5.7809': attribute type 13 has an invalid length.
[  775.166517][ T6074] usb 1-1: USB disconnect, device number 96
[  775.177153][T23437] loop6: detected capacity change from 0 to 32768
[  775.253767][T23437] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  775.491785][T23437] XFS (loop6): Ending clean mount
[  775.533673][T23437] XFS (loop6): Quotacheck needed: Please wait.
[  775.613872][T23437] XFS (loop6): Quotacheck: Done.
[  775.679728][T23504] openvswitch: netlink: IPv6 tunnel dst address is zero
[  775.800155][T18262] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  775.808912][T22441] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  775.816937][T22441] ath9k_htc: Failed to initialize the device
[  775.825797][ T6074] usb 1-1: ath9k_htc: USB layer deinitialized
[  776.237393][T23519] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7824'.
[  776.285841][T23519] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7824'.
[  776.299403][ T6074] usb 1-1: new high-speed USB device number 97 using dummy_hcd
[  776.502331][ T6074] usb 1-1: Using ep0 maxpacket: 32
[  776.522218][ T6074] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  776.609260][ T6074] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  776.637749][ T6074] usb 1-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0
[  776.647268][ T6074] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  776.663610][ T6074] usb 1-1: Product: syz
[  776.667799][ T6074] usb 1-1: Manufacturer: syz
[  776.692953][ T6074] usb 1-1: SerialNumber: syz
[  776.709017][ T6074] usb 1-1: config 0 descriptor??
[  776.749449][ T6074] qmi_wwan 1-1:0.0: probe with driver qmi_wwan failed with error -22
[  777.008170][T22441] usb 1-1: USB disconnect, device number 97
[  777.810432][T23575] xt_time: invalid argument - start or stop time greater than 23:59:59
[  778.146232][T23587] loop5: detected capacity change from 0 to 64
[  778.212920][T23587] hfs: keylen 94 too large
[  778.239214][T23587] hfs: inconsistency in B*Tree (1,0,1,0,3)
[  778.453906][T23596] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7849'.
[  778.525077][T23553] loop4: detected capacity change from 0 to 32768
[  778.626005][T23553] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  779.015095][T23553] XFS (loop4): Ending clean mount
[  779.023086][T23553] XFS (loop4): Quotacheck needed: Please wait.
[  779.183079][T23553] XFS (loop4): Quotacheck: Done.
[  779.525087][ T5894] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  779.632336][T23651] loop5: detected capacity change from 0 to 128
[  779.724477][T23651] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  779.822280][T23651] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  780.170083][ T5951] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[  780.366871][ T5951] usb 3-1: Using ep0 maxpacket: 16
[  780.398263][ T5951] usb 3-1: config 0 has an invalid interface number: 60 but max is 0
[  780.425936][ T5951] usb 3-1: config 0 has no interface number 0
[  780.455963][T23681] nft_compat: unsupported protocol 0
[  780.465721][ T5951] usb 3-1: New USB device found, idVendor=046d, idProduct=0900, bcdDevice=fa.5a
[  780.522071][ T5951] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  780.530084][ T5951] usb 3-1: Product: syz
[  780.551531][ T5951] usb 3-1: Manufacturer: syz
[  780.564862][ T5951] usb 3-1: SerialNumber: syz
[  780.586410][ T5951] usb 3-1: config 0 descriptor??
[  780.716202][T23690] netlink: 'syz.0.7881': attribute type 11 has an invalid length.
[  780.716993][ T5951] gspca_main: spca500-2.14.0 probing 046d:0900
[  780.724046][T23690] netlink: 224 bytes leftover after parsing attributes in process `syz.0.7881'.
[  780.768379][T23691] netlink: 'syz.6.7880': attribute type 1 has an invalid length.
[  780.861723][ T5951] gspca_spca500: reg write: error -71
[  780.892839][ T5951] gspca_spca500: reg write: error -71
[  780.920115][ T5951] gspca_spca500: reg write: error -71
[  780.960267][ T5951] gspca_spca500: reg write: error -71
[  780.966632][ T5951] gspca_spca500: reg write: error -71
[  781.001901][ T5951] gspca_spca500: reg write: error -71
[  781.012552][ T5951] gspca_spca500: reg write: error -71
[  781.029216][ T5951] gspca_spca500: reg write: error -71
[  781.064436][ T5951] gspca_spca500: reg write: error -71
[  781.086944][ T5951] gspca_spca500: reg write: error -71
[  781.117479][ T5951] gspca_spca500: reg write: error -71
[  781.161160][ T5951] gspca_spca500: reg write: error -71
[  781.190307][ T5951] gspca_spca500: reg write: error -71
[  781.219810][ T5951] gspca_spca500: reg write: error -71
[  781.283416][ T5951] usb 3-1: USB disconnect, device number 89
[  781.418663][T23715] bridge0: port 2(bridge_slave_1) entered disabled state
[  781.484500][T23715] bridge_slave_1: left allmulticast mode
[  781.514470][T23715] bridge_slave_1: left promiscuous mode
[  781.556031][T23715] bridge0: port 2(bridge_slave_1) entered disabled state
[  781.629766][T23721] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7891'.
[  781.646421][T23715] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  781.655290][T23722] netlink: 'syz.3.7890': attribute type 1 has an invalid length.
[  782.003570][T23732] loop0: detected capacity change from 0 to 512
[  782.013913][T23733] netlink: 44 bytes leftover after parsing attributes in process `syz.2.7895'.
[  782.035214][T23733] netlink: 'syz.2.7895': attribute type 3 has an invalid length.
[  782.081028][T23686] loop4: detected capacity change from 0 to 32768
[  782.127223][T23732] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  782.154098][T23732] ext4 filesystem being mounted at /1265/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  782.263684][T23686] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  782.475057][ T5898] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  782.488041][T23763] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  782.612217][T23686] XFS (loop4): Ending clean mount
[  782.647494][T23686] XFS (loop4): Quotacheck needed: Please wait.
[  782.786675][T23686] XFS (loop4): Quotacheck: Done.
[  783.074600][ T5894] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  783.289360][T23791] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[  783.880749][T23809] loop0: detected capacity change from 0 to 64
[  783.970668][T23809] syz.0.7927: attempt to access beyond end of device
[  783.970668][T23809] loop0: rw=0, sector=32783, nr_sectors = 1 limit=64
[  784.306438][ T5951] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[  784.333556][T23784] loop5: detected capacity change from 0 to 32768
[  784.431034][T23784] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  784.500779][ T5951] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  784.510829][ T5951] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  784.520702][ T5951] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  784.530436][ T5951] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  784.543247][ T5951] usb 3-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  784.552512][ T5951] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  784.560584][ T5951] usb 3-1: Product: syz
[  784.564939][ T5951] usb 3-1: Manufacturer: syz
[  784.569615][ T5951] usb 3-1: SerialNumber: syz
[  784.579674][ T5951] usb 3-1: config 0 descriptor??
[  784.596152][ T5951] ums-isd200 3-1:0.0: USB Mass Storage device detected
[  784.690498][T23824] loop0: detected capacity change from 0 to 8192
[  784.730687][T23784] XFS (loop5): Ending clean mount
[  784.915965][ T5905] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  784.987602][ T5951] ums-isd200 3-1:0.0: probe with driver ums-isd200 failed with error -22
[  785.017094][T23817] loop4: detected capacity change from 0 to 32768
[  785.099977][T23817] 
[  785.099977][T23817]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  785.099977][T23817] 
[  785.149351][ T1983] usb 3-1: USB disconnect, device number 90
[  785.196983][T23817] jfs_lookup: dtSearch returned -5
[  785.293427][T23820] loop6: detected capacity change from 0 to 32768
[  785.313420][T23820] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.7933 (23820)
[  785.403823][ T5894] 
[  785.403823][ T5894]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  785.403823][ T5894] 
[  785.418391][T23820] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  785.444315][ T5894] 
[  785.444315][ T5894]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  785.444315][ T5894] 
[  785.470016][T23820] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm
[  785.510498][T23820] BTRFS info (device loop6): disk space caching is enabled
[  785.555747][T23820] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  785.736042][T23857] loop0: detected capacity change from 0 to 2048
[  785.802334][T23857] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  785.966457][T23820] BTRFS info (device loop6): rebuilding free space tree
[  786.028361][T23820] BTRFS info (device loop6): disabling free space tree
[  786.072079][T23820] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  786.113102][T23820] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  786.193231][T23881] loop4: detected capacity change from 0 to 512
[  786.203936][T23884] netlink: 52 bytes leftover after parsing attributes in process `syz.0.7949'.
[  786.230886][T23820] BTRFS warning (device loop6): get dev_stats failed, device not found
[  786.245230][T23884] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  786.275257][T23881] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  786.393496][T23881] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  786.460238][T18262] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  786.544637][T23881] ext4 filesystem being mounted at /1289/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  786.709725][T23881] EXT4-fs error (device loop4): ext4_get_verity_descriptor_location:335: inode #15: comm syz.4.7942: verity file corrupted; can't find descriptor
[  786.783731][T23881] EXT4-fs (loop4): Remounting filesystem read-only
[  786.814326][T23881] fs-verity (loop4, inode 15): Error -117 getting verity descriptor size
[  787.055726][ T5894] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  787.471016][T23919] block device autoloading is deprecated and will be removed.
[  787.544639][T23925] netlink: 'syz.2.7968': attribute type 3 has an invalid length.
[  787.904555][T23941] loop0: detected capacity change from 0 to 128
[  787.980402][T23944] program syz.2.7974 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  788.030227][T23951] loop6: detected capacity change from 0 to 256
[  788.187842][ T5898] sysv_free_block: flc_count > flc_size
[  788.193456][ T5898] sysv_free_block: flc_count > flc_size
[  788.236909][ T5898] sysv_free_block: flc_count > flc_size
[  788.274708][ T5898] sysv_free_block: flc_count > flc_size
[  788.280311][ T5898] sysv_free_block: flc_count > flc_size
[  788.323101][ T5898] sysv_free_block: flc_count > flc_size
[  788.368824][ T5898] sysv_free_block: flc_count > flc_size
[  788.374410][ T5898] sysv_free_block: flc_count > flc_size
[  788.425133][ T5898] sysv_free_block: flc_count > flc_size
[  788.430720][ T5898] sysv_free_block: flc_count > flc_size
[  788.501409][ T5898] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  788.775289][T23977] netlink: zone id is out of range
[  788.788057][T23977] netlink: del zone limit has 8 unknown bytes
[  788.890635][T23981] loop4: detected capacity change from 0 to 256
[  788.979585][ T1983] usb 1-1: new high-speed USB device number 98 using dummy_hcd
[  789.052674][T23981] FAT-fs (loop4): Directory bread(block 64) failed
[  789.096022][T23981] FAT-fs (loop4): Directory bread(block 65) failed
[  789.102670][T23981] FAT-fs (loop4): Directory bread(block 66) failed
[  789.109878][T23987] netlink: 'syz.5.7992': attribute type 21 has an invalid length.
[  789.141463][T23987] netlink: 160 bytes leftover after parsing attributes in process `syz.5.7992'.
[  789.157179][T23981] FAT-fs (loop4): Directory bread(block 67) failed
[  789.175061][ T1983] usb 1-1: config 0 has an invalid interface number: 50 but max is 0
[  789.191018][T23981] FAT-fs (loop4): Directory bread(block 68) failed
[  789.199749][ T1983] usb 1-1: config 0 has no interface number 0
[  789.216401][T23981] FAT-fs (loop4): Directory bread(block 69) failed
[  789.223025][T23981] FAT-fs (loop4): Directory bread(block 70) failed
[  789.224261][ T1983] usb 1-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  789.279689][ T1983] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  789.306444][T23981] FAT-fs (loop4): Directory bread(block 71) failed
[  789.311806][ T1983] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  789.353069][T23981] FAT-fs (loop4): Directory bread(block 72) failed
[  789.363530][ T1983] usb 1-1: Product: syz
[  789.375989][T23981] FAT-fs (loop4): Directory bread(block 73) failed
[  789.381933][ T1983] usb 1-1: Manufacturer: syz
[  789.403800][ T1983] usb 1-1: SerialNumber: syz
[  789.434105][ T1983] usb 1-1: config 0 descriptor??
[  789.462837][T22441] usb 4-1: new high-speed USB device number 108 using dummy_hcd
[  789.472057][ T1983] yurex 1-1:0.50: USB YUREX device now attached to Yurex #0
[  789.641086][T22441] usb 4-1: Using ep0 maxpacket: 32
[  789.678154][T22441] usb 4-1: config 0 has an invalid interface number: 146 but max is 0
[  789.697464][T22441] usb 4-1: config 0 has no interface number 0
[  789.736282][T22441] usb 4-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  789.757929][    C1] yurex 1-1:0.50: yurex_interrupt - overflow with length 8, actual length is 8
[  789.790824][T22441] usb 4-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  789.807797][T24005] futex_wake_op: syz.5.8001 tries to shift op by 32; fix this program
[  789.828048][T22441] usb 4-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  789.878085][T22441] usb 4-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  789.921029][T22441] usb 4-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82
[  789.961160][T22441] usb 4-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  789.980697][ T1983] usb 1-1: USB disconnect, device number 98
[  790.001346][ T1983] yurex 1-1:0.50: USB YUREX #0 now disconnected
[  790.014140][T22441] usb 4-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  790.046539][T24012] cgroup: name respecified
[  790.059788][T22441] usb 4-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid maxpacket 4097, setting to 1024
[  790.081767][T22441] usb 4-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  790.103446][T22441] usb 4-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  790.120539][T22441] usb 4-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  790.130669][T22441] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  790.155247][T22441] usb 4-1: Product: syz
[  790.159442][T22441] usb 4-1: Manufacturer: syz
[  790.164053][T22441] usb 4-1: SerialNumber: syz
[  790.189758][T22441] usb 4-1: config 0 descriptor??
[  790.197703][T23993] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  790.239945][T23993] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  790.262698][T22441] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3
[  790.271176][T22441] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2
[  790.323803][T22441] scsi host1: microtekX6
[  790.526995][T24007] loop4: detected capacity change from 0 to 32768
[  790.558505][T22441] usb 4-1: USB disconnect, device number 108
[  790.689277][T24007] ERROR: (device loop4): dbAllocAG: unable to allocate blocks
[  790.689277][T24007] 
[  790.759932][T24007] ERROR: (device loop4): remounting filesystem as read-only
[  790.789786][T24007] jfs_create: dtInsert returned -EIO
[  790.838513][T24007] ERROR: (device loop4): jfs_create: 
[  790.838513][T24007] 
[  790.846973][T24032] loop5: detected capacity change from 0 to 1024
[  790.992028][T24032] hfsplus: trying to free free bnode 0(1)
[  791.182179][T15119] hfsplus: b-tree write err: -5, ino 4
[  791.683292][T24060] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8027'.
[  791.906659][T24070] netlink: 128 bytes leftover after parsing attributes in process `syz.4.8032'.
[  791.950263][T24070] netlink: 40 bytes leftover after parsing attributes in process `syz.4.8032'.
[  792.201386][T24084] netlink: 'syz.4.8038': attribute type 1 has an invalid length.
[  792.234893][T24084] netlink: 228 bytes leftover after parsing attributes in process `syz.4.8038'.
[  792.423586][T24091] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8041'.
[  792.816278][T24111] netdevsim netdevsim6 netdevsim0: entered promiscuous mode
[  793.436235][T22441] usb 6-1: new high-speed USB device number 84 using dummy_hcd
[  793.633468][T22441] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 8
[  793.648353][T22441] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 895
[  793.659731][T22441] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  793.685285][T22441] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  793.709939][T22441] usb 6-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice= 0.00
[  793.729124][T22441] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  793.755286][T22441] usb 6-1: SerialNumber: syz
[  793.774852][T22441] usb 6-1: config 0 descriptor??
[  793.794398][T24125] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  793.806693][T22441] port100 6-1:0.0: NFC: Could not get supported command types
[  793.916202][T24106] loop2: detected capacity change from 0 to 32768
[  793.959765][T24106] ERROR: (device loop2): diAllocAG: nfreeinos = 0, but iag on freelist
[  793.959765][T24106] 
[  793.986983][T24106] ialloc: diAlloc returned -5!
[  794.062567][T22441] usb 6-1: USB disconnect, device number 84
[  794.090031][T24153] ax25_connect(): syz.3.8073 uses autobind, please contact jreuter@yaina.de
[  794.158233][T24155] loop4: detected capacity change from 0 to 128
[  794.175413][T24155] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  794.203911][T24155] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  794.356127][T24157] xt_l2tp: invalid flags combination: 8
[  794.655281][T24169] netlink: 20 bytes leftover after parsing attributes in process `syz.6.8081'.
[  794.729970][T24169] netlink: 20 bytes leftover after parsing attributes in process `syz.6.8081'.
[  794.752636][T24172] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8082'.
[  795.004652][T24183] netlink: 244 bytes leftover after parsing attributes in process `syz.3.8086'.
[  795.036820][T24188] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8088'.
[  795.151452][T24193] loop5: detected capacity change from 0 to 164
[  795.214177][T24193] ISOFS: unable to read i-node block
[  795.219543][T24193] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  795.956272][T24221] netlink: 'syz.3.8101': attribute type 1 has an invalid length.
[  795.999873][T24221] netlink: 220 bytes leftover after parsing attributes in process `syz.3.8101'.
[  796.222975][T24233] netlink: 96 bytes leftover after parsing attributes in process `syz.5.8107'.
[  796.473834][T24242] cifs: Unknown parameter 'no'‘a�£Nð[G¶zob,erèèµ;%j¸¼
[  796.473834][T24242] ‡üzæ,€@q¬Ú÷ôÐåéJ#³"ŽÚh/.�W1ȱ¨nNCº"†CÙ׈¡E)Ð8+€î¶á÷™¿1®ðÚ<“™;Ï8­+`# ÷Ž
'
[  796.514806][T24245] netlink: ct family unspecified
[  796.539480][T24245] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  796.675593][T24201] loop0: detected capacity change from 0 to 32768
[  796.724832][T24201] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.8093 (24201)
[  796.829818][T24201] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  796.859100][T24257] loop4: detected capacity change from 0 to 256
[  796.892275][T24201] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  796.924409][T24264] snd_dummy snd_dummy.0: control 2:16:0:syz0:-3 is already present
[  796.954110][T24201] BTRFS info (device loop0): using free-space-tree
[  797.037595][T24257] FAT-fs (loop4): Directory bread(block 64) failed
[  797.121758][T24257] FAT-fs (loop4): Directory bread(block 65) failed
[  797.178086][T24257] FAT-fs (loop4): Directory bread(block 66) failed
[  797.201102][T24279] loop2: detected capacity change from 0 to 64
[  797.232498][T24257] FAT-fs (loop4): Directory bread(block 67) failed
[  797.239129][T24257] FAT-fs (loop4): Directory bread(block 68) failed
[  797.310315][T24257] FAT-fs (loop4): Directory bread(block 69) failed
[  797.334528][T24279] Bad inode number on dev loop2: 6 is out of range
[  797.370614][T24257] FAT-fs (loop4): Directory bread(block 70) failed
[  797.377340][T24257] FAT-fs (loop4): Directory bread(block 71) failed
[  797.449349][T24257] FAT-fs (loop4): Directory bread(block 72) failed
[  797.471024][ T5898] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  797.473121][T24257] FAT-fs (loop4): Directory bread(block 73) failed
[  798.014545][T24260] loop5: detected capacity change from 0 to 32768
[  798.246275][T24322] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8131'.
[  798.452301][T24260] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  798.557623][T24260] bcachefs (loop5): recovering from clean shutdown, journal seq 10
[  798.565789][T24260] bcachefs (loop5): Version upgrade required:
[  798.565789][T24260] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  798.565789][T24260] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size
[  798.565789][T24260]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  798.771620][T24260] bcachefs (loop5): dropping and reconstructing all alloc info
[  798.840420][T24343] tmpfs: Bad value for 'mpol'
[  798.856065][T24260] bcachefs (loop5): accounting_read... done
[  798.885629][T24260] bcachefs (loop5): alloc_read... done
[  798.947026][T24260] bcachefs (loop5): stripes_read... done
[  798.975131][T24260] bcachefs (loop5): snapshots_read... done
[  798.983207][T24260] bcachefs (loop5): check_allocations... done
[  799.135342][T24260] bcachefs (loop5): going read-write
[  799.164896][T24360] netlink: 'syz.2.8143': attribute type 4 has an invalid length.
[  799.191679][T24260] bcachefs (loop5): done starting filesystem
[  799.423534][ T5949] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  799.524221][ T5905] bcachefs (loop5): shutting down
[  799.540682][ T5905] bcachefs (loop5): going read-only
[  799.545997][ T5905] bcachefs (loop5): finished waiting for writes to stop
[  799.606809][T24378] loop4: detected capacity change from 0 to 64
[  799.621672][ T5949] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  799.623281][ T5905] bcachefs (loop5): flushing journal and stopping allocators, journal seq 11
[  799.648932][ T5949] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  799.686809][ T5949] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  799.718040][ T5905] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 11
[  799.729889][ T5949] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  799.744985][ T5905] bcachefs (loop5): unclean shutdown complete, journal seq 12
[  799.802024][ T5905] bcachefs (loop5): done going read-only, filesystem not clean
[  799.812148][ T5949] usb 7-1: SerialNumber: syz
[  799.909834][ T5905] bcachefs (loop5): shutdown complete
[  800.001902][T24392] loop0: detected capacity change from 0 to 256
[  800.072189][ T5949] usb 7-1: 0:2 : does not exist
[  800.164336][ T5949] usb 7-1: USB disconnect, device number 7
[  800.284147][T24403] loop4: detected capacity change from 0 to 512
[  800.295844][T24405] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8160'.
[  800.305755][T24392] FAT-fs (loop0): Directory bread(block 64) failed
[  800.328957][T24392] FAT-fs (loop0): Directory bread(block 65) failed
[  800.355549][T24392] FAT-fs (loop0): Directory bread(block 66) failed
[  800.374927][T24403] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  800.384171][T24392] FAT-fs (loop0): Directory bread(block 67) failed
[  800.404680][T24403] ext4 filesystem being mounted at /1320/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  800.423361][T24392] FAT-fs (loop0): Directory bread(block 68) failed
[  800.439185][ T8181] udevd[8181]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  800.492088][T24392] FAT-fs (loop0): Directory bread(block 69) failed
[  800.540340][T24392] FAT-fs (loop0): Directory bread(block 70) failed
[  800.559456][T24392] FAT-fs (loop0): Directory bread(block 71) failed
[  800.571340][T24403] Quota error (device loop4): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  800.588311][T24392] FAT-fs (loop0): Directory bread(block 72) failed
[  800.600873][T24392] FAT-fs (loop0): Directory bread(block 73) failed
[  800.639994][T24403] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  800.695879][T24403] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.8159: Failed to acquire dquot type 0
[  800.880883][ T5894] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  801.121913][T24430] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8166'.
[  801.283187][T22441] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[  801.394423][T24441] netlink: 'syz.4.8169': attribute type 11 has an invalid length.
[  801.465981][T22441] usb 1-1: Using ep0 maxpacket: 8
[  801.496141][T22441] usb 1-1: config 0 has an invalid interface number: 52 but max is 0
[  801.528974][T22441] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  801.551333][T22441] usb 1-1: config 0 has no interface number 0
[  801.557450][T22441] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  801.619956][T22441] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  801.656680][T24447] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  801.682639][T22441] usb 1-1: config 0 interface 52 has no altsetting 0
[  801.712265][T22441] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  801.735963][T22441] usb 1-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[  801.764141][T22441] usb 1-1: Manufacturer: syz
[  801.782579][T22441] usb 1-1: config 0 descriptor??
[  802.051504][T22441] input: syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.52/input/input60
[  802.264527][T24461] netlink: 830 bytes leftover after parsing attributes in process `syz.6.8177'.
[  802.323032][ T5838] usb 1-1: USB disconnect, device number 99
[  802.328977][    C1] synaptics_usb 1-1:0.52: synusb_irq - usb_submit_urb failed with result: -19
[  802.532823][T24469] loop6: detected capacity change from 0 to 8
[  802.610259][T24443] loop2: detected capacity change from 0 to 32768
[  802.647947][T24469] SQUASHFS error: Failed to read block 0x2d7: -5
[  802.668925][T24443] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.8171 (24443)
[  802.676402][T24467] 8021q: adding VLAN 0 to HW filter on device bond3
[  802.715515][T24443] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  802.716307][T24469] SQUASHFS error: Unable to read metadata cache entry [2d5]
[  802.737245][T24443] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  802.755441][T24443] BTRFS info (device loop2): disk space caching is enabled
[  802.764498][T24443] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  803.035687][T24443] BTRFS info (device loop2): rebuilding free space tree
[  803.136513][T24443] BTRFS info (device loop2): disabling free space tree
[  803.176630][T24443] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  803.219646][T24443] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  803.412160][T24503] loop6: detected capacity change from 0 to 16
[  803.419043][T24503] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  803.526844][ T5900] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  803.532491][T24508] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8192'.
[  803.564399][T24503] cramfs: empty filesystem
[  804.041280][   T29] audit: type=1107 audit(1738772201.153:141): pid=24524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  804.290226][T24533] loop2: detected capacity change from 0 to 1024
[  804.746960][T24545] loop5: detected capacity change from 0 to 512
[  804.791406][T24545] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  804.845953][T24545] ext4 filesystem being mounted at /1268/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  804.893625][T24545] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #15: comm syz.5.8210: corrupted xattr block 33: bad e_name length
[  805.099129][ T5905] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  805.130276][T24554] loop0: detected capacity change from 0 to 4096
[  805.141480][T24554] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  805.332419][T24554] ntfs3(loop0): ino=19, mi_enum_attr
[  805.363346][T24554] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  805.461880][T24564] netlink: 'syz.5.8214': attribute type 5 has an invalid length.
[  805.603165][T24566] netlink: 44 bytes leftover after parsing attributes in process `syz.6.8218'.
[  805.790229][T24574] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  806.212661][T24590] nfs: Unknown parameter 'ntext'
[  806.671158][ T5949] usb 6-1: new high-speed USB device number 85 using dummy_hcd
[  806.871881][ T5949] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.02
[  806.895938][ T5949] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  806.926122][ T5949] usb 6-1: Product: syz
[  806.950526][ T5949] usb 6-1: Manufacturer: syz
[  806.955145][ T5949] usb 6-1: SerialNumber: syz
[  806.990925][ T5949] usb 6-1: config 0 descriptor??
[  807.210497][T24624] netlink: 650 bytes leftover after parsing attributes in process `syz.3.8247'.
[  807.237371][ T5949] hso 6-1:0.0: Failed to find BULK IN ep
[  807.247919][T24624] netlink: 650 bytes leftover after parsing attributes in process `syz.3.8247'.
[  807.354570][T24594] loop0: detected capacity change from 0 to 32768
[  807.400437][T24630] loop4: detected capacity change from 0 to 64
[  807.448527][ T6074] usb 6-1: USB disconnect, device number 85
[  807.599608][T24636] netlink: 16 bytes leftover after parsing attributes in process `syz.6.8252'.
[  807.699614][T24638] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8256'.
[  807.753432][T24638] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8256'.
[  807.830798][T24642] devtmpfs: Cannot enable quota on remount
[  807.958751][T24646] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8254'.
[  807.978701][T24646] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8254'.
[  807.991044][T24649] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  808.880795][T24684] loop0: detected capacity change from 0 to 512
[  808.968168][T24684] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  809.002290][T24684] System zones: 0-2, 18-18, 34-34
[  809.049985][T24684] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8277: bg 0: block 248: padding at end of block bitmap is not set
[  809.130200][T24684] Quota error (device loop0): write_blk: dquota write failed
[  809.144989][T24684] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  809.163688][T24695] loop4: detected capacity change from 0 to 24
[  809.170759][T24695] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  809.206301][T24684] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.8277: Failed to acquire dquot type 1
[  809.235667][T24695] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  809.246412][T24684] EXT4-fs (loop0): 1 truncate cleaned up
[  809.259391][T24684] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  809.305140][T24695] VFS: Lookup of 'file0' in romfs loop4 would have caused loop
[  809.328604][T24684] ext4 filesystem being mounted at /1323/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  809.375063][T24700] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8283'.
[  809.437961][T24671] loop6: detected capacity change from 0 to 32768
[  809.461273][T24684] EXT4-fs error (device loop0): ext4_lookup:1817: inode #2: comm syz.0.8277: deleted inode referenced: 12
[  809.520391][T24671] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  809.587394][ T5898] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  809.749146][T18262] ocfs2: Unmounting device (7,6) on (node local)
[  810.338209][T24733] netlink: zone id is out of range
[  810.343379][T24733] netlink: zone id is out of range
[  810.348560][T24733] netlink: zone id is out of range
[  810.377827][T24737] rtc_cmos 00:00: Alarms can be up to one day in the future
[  810.401580][T24733] netlink: del zone limit has 4 unknown bytes
[  810.452320][T24729] loop4: detected capacity change from 0 to 4096
[  810.530762][T24741] xt_connbytes: Forcing CT accounting to be enabled
[  810.617369][T24743] loop5: detected capacity change from 0 to 2048
[  810.639079][T24743] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  810.713774][T24750] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  810.976758][T24758] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8311'.
[  811.129234][ T5838] usb 4-1: new high-speed USB device number 109 using dummy_hcd
[  811.180503][T24766] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8314'.
[  811.318813][ T5838] usb 4-1: Using ep0 maxpacket: 32
[  811.354591][ T5838] usb 4-1: config index 0 descriptor too short (expected 35577, got 27)
[  811.381145][ T5838] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  811.422597][ T5838] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  811.448188][ T5838] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92
[  811.460390][T24767] loop2: detected capacity change from 0 to 4096
[  811.468865][ T5838] usb 4-1: config 1 has no interface number 0
[  811.476498][ T5838] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  811.493132][ T5838] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  811.520432][T24767] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  811.527710][ T5838] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found
[  811.595707][T24767] ntfs3(loop2): ino=19, mi_enum_attr
[  811.595752][T24767] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  811.644218][T24767] ntfs3(loop2): failed to convert "c46c" to cp866
[  811.644790][T24767] ntfs3(loop2): ino=20, mi_enum_attr
[  811.757322][ T5838] snd_usb_pod 4-1:1.1: set_interface failed
[  811.757489][ T5838] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected
[  811.757615][ T5838] snd_usb_pod 4-1:1.1: probe with driver snd_usb_pod failed with error -71
[  811.762100][ T5838] usb 4-1: USB disconnect, device number 109
[  812.299448][T24801] loop5: detected capacity change from 0 to 512
[  812.328246][T24801] EXT4-fs: Ignoring removed nomblk_io_submit option
[  812.425144][T24801] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  812.438060][T24801] ext4 filesystem being mounted at /1289/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  812.662254][T24818] __nla_validate_parse: 1 callbacks suppressed
[  812.662277][T24818] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8339'.
[  812.726498][ T5905] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  812.953616][T24824] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8343'.
[  812.956454][T24827] cgroup: No subsys list or none specified
[  813.265623][T24798] loop6: detected capacity change from 0 to 32768
[  813.342334][T24798] (syz.6.8331,24798,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  813.422354][T24798] (syz.6.8331,24798,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  813.472574][T24798] (syz.6.8331,24798,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC.
[  813.547711][T24798] JBD2: Ignoring recovery information on journal
[  813.719345][T24798] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  813.967204][T24798] (syz.6.8331,24798,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x28030c75. Applying ECC.
[  813.969942][T24854] loop4: detected capacity change from 0 to 512
[  814.032093][T24798] (syz.6.8331,24798,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x28d1d8ae
[  814.064602][T24854] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  814.104563][T24798] (syz.6.8331,24798,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5
[  814.139155][T24854] System zones: 1-12
[  814.149484][T24820] loop2: detected capacity change from 0 to 32768
[  814.158564][T24798] (syz.6.8331,24798,1):ocfs2_quota_read:201 ERROR: status = -5
[  814.166403][T24798] Quota error (device loop6): find_tree_dqentry: Can't read quota tree block 5
[  814.175237][T24854] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #11: comm syz.4.8356: iget: bogus i_mode (0)
[  814.176041][T24798] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[  814.196569][T24798] (syz.6.8331,24798,1):ocfs2_acquire_dquot:890 ERROR: status = -5
[  814.212759][T24798] (syz.6.8331,24798,1):ocfs2_mknod:314 ERROR: status = -5
[  814.220317][T24798] (syz.6.8331,24798,1):ocfs2_mknod:502 ERROR: status = -5
[  814.227511][T24798] (syz.6.8331,24798,1):ocfs2_mkdir:658 ERROR: status = -5
[  814.235742][T24854] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.8356: couldn't read orphan inode 11 (err -117)
[  814.252699][T24836] loop5: detected capacity change from 0 to 32768
[  814.272502][T24820] ERROR: (device loop2): duplicateIXtree: 
[  814.272502][T24820] 
[  814.318103][T24854] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  814.334468][T24820] ERROR: (device loop2): remounting filesystem as read-only
[  814.555615][T18262] ocfs2: Unmounting device (7,6) on (node local)
[  814.563566][ T5894] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  815.312636][T24890] xt_limit: Overflow, try lower: 65536/2147483648
[  815.540686][T24902] xt_hashlimit: max too large, truncated to 1048576
[  815.679471][T24905] loop0: detected capacity change from 0 to 1024
[  815.828117][T24912] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  816.173477][T24922] loop0: detected capacity change from 0 to 2048
[  816.183510][T24927] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«=
[  816.239673][T24927] [U] J"—e:ÀÆ"


[  816.245718][T24922] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d
[  816.300942][T24922] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  816.702090][T24945] program syz.0.8393 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  817.524358][T24969] syz.2.8406 (24969): /proc/24967/oom_adj is deprecated, please use /proc/24967/oom_score_adj instead.
[  817.537639][T24935] loop5: detected capacity change from 0 to 32768
[  817.557593][T24971] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  817.582388][T24935] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.8388 (24935)
[  817.636067][T24935] BTRFS info (device loop5): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  817.684959][T24935] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm
[  817.737999][T24935] BTRFS info (device loop5): disk space caching is enabled
[  817.745248][T24935] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  817.999501][T24935] BTRFS info (device loop5): rebuilding free space tree
[  818.056833][ T5951] usb 1-1: new high-speed USB device number 100 using dummy_hcd
[  818.089504][T24935] BTRFS info (device loop5): disabling free space tree
[  818.121496][T24935] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  818.131231][T24935] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  818.270596][ T5951] usb 1-1: Using ep0 maxpacket: 8
[  818.295043][ T5951] usb 1-1: config 0 has an invalid interface number: 33 but max is 1
[  818.340204][ T5951] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  818.368946][ T5951] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  818.388310][ T5951] usb 1-1: config 0 has no interface number 0
[  818.417313][ T5951] usb 1-1: New USB device found, idVendor=2040, idProduct=2950, bcdDevice=85.f1
[  818.432118][ T5905] BTRFS info (device loop5): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  818.448782][ T5951] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  818.494940][ T5951] usb 1-1: Product: syz
[  818.515823][ T5951] usb 1-1: Manufacturer: syz
[  818.525035][ T5951] usb 1-1: SerialNumber: syz
[  818.549278][ T5951] usb 1-1: config 0 descriptor??
[  818.585273][ T5951] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx
[  818.691105][T25015] loop6: detected capacity change from 0 to 256
[  818.820356][ T2337] usb 1-1: Direct firmware load for v4l-pvrusb2-29xxx-01.fw failed with error -2
[  818.863760][ T2337] usb 1-1: Falling back to sysfs fallback for: v4l-pvrusb2-29xxx-01.fw
[  818.956496][T25015] FAT-fs (loop6): Directory bread(block 64) failed
[  818.963087][T25015] FAT-fs (loop6): Directory bread(block 65) failed
[  819.013910][ T6074] usb 1-1: USB disconnect, device number 100
[  819.070601][T25015] FAT-fs (loop6): Directory bread(block 66) failed
[  819.101789][T25015] FAT-fs (loop6): Directory bread(block 67) failed
[  819.144552][T25015] FAT-fs (loop6): Directory bread(block 68) failed
[  819.175079][T25015] FAT-fs (loop6): Directory bread(block 69) failed
[  819.199111][T25015] FAT-fs (loop6): Directory bread(block 70) failed
[  819.214364][T25015] FAT-fs (loop6): Directory bread(block 71) failed
[  819.235082][T25015] FAT-fs (loop6): Directory bread(block 72) failed
[  819.241685][T25015] FAT-fs (loop6): Directory bread(block 73) failed
[  819.404018][T25035] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  819.413538][T25036] loop5: detected capacity change from 0 to 256
[  819.440617][T25036] exfat: Deprecated parameter 'utf8'
[  819.504649][T25036] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x9ae00b1e, utbl_chksum : 0xe619d30d)
[  819.554779][T25039] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8432'.
[  819.708440][T25043] loop2: detected capacity change from 0 to 512
[  819.755644][T25043] EXT4-fs: Ignoring removed nobh option
[  819.895688][T25043] fscrypt (loop2, inode 2): Error -61 getting encryption context
[  819.903509][T25043] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -61
[  819.976102][T25043] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #13: comm syz.2.8434: casefold flag without casefold feature
[  819.976809][T25056] netlink: 288 bytes leftover after parsing attributes in process `syz.0.8439'.
[  820.074578][T25043] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.8434: couldn't read orphan inode 13 (err -117)
[  820.198160][T25043] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  820.204142][T25053] loop4: detected capacity change from 0 to 4096
[  820.344209][T25043] fscrypt (loop2, inode 2): Error -61 getting encryption context
[  820.490897][ T5900] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  820.707384][T25082] kernel profiling enabled (shift: 7)
[  820.963477][T25088] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8455'.
[  820.975401][T25089] netlink: 1284 bytes leftover after parsing attributes in process `syz.6.8456'.
[  820.984825][T25089] openvswitch: netlink: EtherType 0 is less than min 600
[  821.710625][   T29] audit: type=1326 audit(1738772217.700:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25123 comm="syz.0.8473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb69278cda9 code=0x7ffc0000
[  821.795666][   T29] audit: type=1326 audit(1738772217.700:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25123 comm="syz.0.8473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb69278cda9 code=0x7ffc0000
[  821.809224][ T5838] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  821.902994][   T29] audit: type=1326 audit(1738772217.709:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25123 comm="syz.0.8473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7fb69278cda9 code=0x7ffc0000
[  821.956877][T25130] (unnamed net_device) (uninitialized): peer notification delay (9) is not a multiple of miimon (5), value rounded to 5 ms
[  821.995005][   T29] audit: type=1326 audit(1738772217.709:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25123 comm="syz.0.8473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb69278cda9 code=0x7ffc0000
[  822.055248][ T5838] usb 7-1: Using ep0 maxpacket: 32
[  822.073313][T25130] 8021q: adding VLAN 0 to HW filter on device bond2
[  822.132568][ T5838] usb 7-1: New USB device found, idVendor=0b48, idProduct=1008, bcdDevice=3d.42
[  822.194039][ T5838] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  822.258641][ T5838] usb 7-1: Product: syz
[  822.262861][ T5838] usb 7-1: Manufacturer: syz
[  822.267485][ T5838] usb 7-1: SerialNumber: syz
[  822.290916][T25135] loop2: detected capacity change from 0 to 1024
[  822.296182][ T5838] usb 7-1: config 0 descriptor??
[  822.347454][ T5838] ttusb_dec_send_command: command bulk message failed: error -22
[  822.375965][ T5838] ttusb-dec 7-1:0.0: probe with driver ttusb-dec failed with error -22
[  822.626107][ T5838] usb 7-1: USB disconnect, device number 8
[  822.942449][T25158] lo: entered allmulticast mode
[  822.964668][T25158] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  823.414938][T25177] loop5: detected capacity change from 0 to 1024
[  823.530548][ T5951] usb 4-1: new high-speed USB device number 110 using dummy_hcd
[  823.765452][ T5951] usb 4-1: Using ep0 maxpacket: 16
[  823.819999][ T5951] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  823.844725][ T5951] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  823.885408][ T5951] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  823.911157][ T5951] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  823.947297][ T5951] usb 4-1: Product: syz
[  823.951519][ T5951] usb 4-1: Manufacturer: syz
[  823.988756][ T5951] usb 4-1: SerialNumber: syz
[  824.244214][T25201] loop5: detected capacity change from 0 to 1024
[  824.249996][ T5951] usb 4-1: 0:2 : does not exist
[  824.291597][ T5951] usb 4-1: 5:0: cannot get min/max values for control 5 (id 5)
[  824.319261][ T5951] usb 4-1: 5:0: cannot get min/max values for control 5 (id 5)
[  824.348139][T25169] loop2: detected capacity change from 0 to 32768
[  824.495443][ T5951] usb 4-1: 5:0: cannot get min/max values for control 5 (id 5)
[  824.578125][ T5951] usb 4-1: USB disconnect, device number 110
[  824.845606][ T8181] udevd[8181]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  824.974463][T25221] Invalid ELF header magic: != ELF
[  825.081944][T25225] loop4: detected capacity change from 0 to 16
[  825.165332][T25225] erofs (device loop4): mounted with root inode @ nid 36.
[  825.346841][T25236] netlink: 'syz.2.8517': attribute type 10 has an invalid length.
[  825.366509][T25231] loop0: detected capacity change from 0 to 4096
[  825.387279][T25236] netlink: 40 bytes leftover after parsing attributes in process `syz.2.8517'.
[  826.064473][T25264] x_tables: unsorted underflow at hook 1
[  826.277798][T25272] netlink: 60 bytes leftover after parsing attributes in process `syz.0.8538'.
[  827.002369][T25302] loop4: detected capacity change from 0 to 512
[  827.077466][T25302] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  827.125555][T25302] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.8548: corrupted in-inode xattr: e_value out of bounds
[  827.267703][T25302] EXT4-fs (loop4): Remounting filesystem read-only
[  827.330741][T25302] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  827.490822][T25325] loop0: detected capacity change from 0 to 164
[  827.497771][T25268] loop2: detected capacity change from 0 to 32768
[  827.518190][T25324] netlink: 'syz.5.8557': attribute type 21 has an invalid length.
[  827.540823][ T5894] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  827.560964][T25324] netlink: 'syz.5.8557': attribute type 1 has an invalid length.
[  827.571037][T25268] JBD2: Ignoring recovery information on journal
[  827.778894][T25268] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  827.841401][T25335] loop4: detected capacity change from 0 to 8
[  827.848278][T25335] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  827.870351][T25268] (syz.2.8536,25268,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry too close to end - offset=32, inode=17057, rec_len=280, name_len=10
[  827.952074][T25268] (syz.2.8536,25268,1):ocfs2_prepare_dir_for_insert:4294 ERROR: status = -2
[  828.005643][T25335] cramfs: Error -3 while decompressing!
[  828.031665][T25268] (syz.2.8536,25268,0):ocfs2_mknod:298 ERROR: status = -2
[  828.038601][T25335] cramfs: ffffffff9a536be8(26)->ffff888079561000(4096)
[  828.073375][T25335] cramfs: Error -5 while decompressing!
[  828.079394][T25268] (syz.2.8536,25268,0):ocfs2_mknod:502 ERROR: status = -2
[  828.102162][T25335] cramfs: ffffffff9a536c02(26)->ffff888055c58000(4096)
[  828.122946][T25268] (syz.2.8536,25268,0):ocfs2_create:675 ERROR: status = -2
[  828.133651][T25335] cramfs: Error -3 while decompressing!
[  828.164714][T25335] cramfs: ffffffff9a536c1c(16)->ffff88806d948000(4096)
[  828.191579][T25335] cramfs: Error -3 while decompressing!
[  828.202486][T25335] cramfs: ffffffff9a536be8(26)->ffff888079561000(4096)
[  828.255857][   T29] audit: type=1800 audit(1738772223.836:146): pid=25335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.8559" name="file2" dev="loop4" ino=348 res=0 errno=0
[  828.365876][T25349] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8565'.
[  828.395828][ T5900] ocfs2: Unmounting device (7,2) on (node local)
[  828.662557][T25358] loop4: detected capacity change from 0 to 128
[  828.939133][T25321] loop6: detected capacity change from 0 to 32768
[  829.282862][T25321] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,compression=lz4,journal_flush_disabled,norecovery,nojournal_transaction_names,noexcl,reconstruct_alloc
[  829.389066][T25321] bcachefs (loop6): recovering from clean shutdown, journal seq 10
[  829.431945][T25321] bcachefs (loop6): Version upgrade required:
[  829.431945][T25321] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  829.431945][T25321] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size
[  829.431945][T25321]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  829.523726][ T5838] IPVS: starting estimator thread 0...
[  829.581933][T25321] bcachefs (loop6): dropping and reconstructing all alloc info
[  829.668073][T25402] xt_hashlimit: size too large, truncated to 1048576
[  829.669962][T25399] IPVS: using max 20 ests per chain, 48000 per kthread
[  829.681861][T25402] xt_hashlimit: max too large, truncated to 1048576
[  829.733326][T25321] invalid bkey in btree_node btree=snapshots level=0: u64s 8 type snapshot 0:4294967295:0 len 0 ver 0: is_subvol 1 deleted 0 parent          0 children          0  912261120 subvol 0 tree 0
[  829.733360][T25321]   children not normalized: delete?, fixing
[  829.811471][T25321] bcachefs (loop6): accounting_read... done
[  829.856028][T25321] bcachefs (loop6): alloc_read... done
[  829.895587][T25321] bcachefs (loop6): stripes_read... done
[  829.913808][T25321] bcachefs (loop6): snapshots_read... done
[  829.923441][T25321] bcachefs (loop6): Fixed errors, running fsck a second time to verify fs is clean
[  829.942312][T25321] bcachefs (loop6): done starting filesystem
[  830.077611][T25423] SET target dimension over the limit!
[  830.085920][T25420] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  830.165658][T25420] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  830.262512][T25427] loop0: detected capacity change from 0 to 2048
[  830.375504][ T5908] Bluetooth: hci2: unexpected event for opcode 0x2036
[  830.426642][T25427] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  830.441296][T18262] bcachefs (loop6): shutting down
[  830.499600][T25427] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  830.520510][T18262] bcachefs (loop6): shutdown complete
[  830.656093][ T5898] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  830.673274][T25444] RDS: rds_bind could not find a transport for fe80::3c, load rds_tcp or rds_rdma?
[  831.650019][T25488] netlink: 'syz.3.8615': attribute type 1 has an invalid length.
[  832.016945][T25493] loop4: detected capacity change from 0 to 4096
[  832.029795][T25497] openvswitch: netlink: IP tunnel dst address not specified
[  832.042187][T25498] netlink: 'syz.3.8620': attribute type 11 has an invalid length.
[  832.081488][T25493] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[  832.579093][T25479] loop5: detected capacity change from 0 to 32768
[  832.946492][T25494] loop0: detected capacity change from 0 to 32768
[  832.990010][T25494] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.8618 (25494)
[  833.107801][T25494] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  833.185249][T25494] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  833.203371][T25494] BTRFS info (device loop0): using free-space-tree
[  833.810911][T25550] loop2: detected capacity change from 0 to 2048
[  833.876083][T25550] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  833.952784][ T5898] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  834.047887][T25558] xt_ecn: cannot match TCP bits for non-tcp packets
[  834.738938][ T5908] Bluetooth: hci2: unexpected event for opcode 0x2031
[  834.978416][T25588] loop6: detected capacity change from 0 to 1024
[  835.026053][T25590] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8658'.
[  835.057213][T25588] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  835.078835][T25588] ext4 filesystem being mounted at /492/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  835.147056][T25588] EXT4-fs error (device loop6): ext4_xattr_block_find:1877: inode #15: comm syz.6.8657: corrupted xattr block 128: overlapping e_value 
[  835.288140][T25599] loop0: detected capacity change from 0 to 16
[  835.317802][T18262] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  835.341996][T25599] erofs (device loop0): mounted with root inode @ nid 36.
[  835.405195][T25604] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8663'.
[  835.419189][T25599] erofs (device loop0): bogus lookback distance 0 @ lcn 123 of nid 36
[  835.461448][T25599] erofs (device loop0): bogus lookback distance 0 @ lcn 123 of nid 36
[  835.469918][T25599] erofs (device loop0): read error -117 @ 123 of nid 36
[  835.822375][T25578] syz.3.8654 (25578): drop_caches: 3
[  835.829668][T25616] loop0: detected capacity change from 0 to 2048
[  835.894361][T25617] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  835.962414][T25616] NILFS (loop0): error -2 truncating bmap (ino=16)
[  836.444196][T25637] loop6: detected capacity change from 0 to 1024
[  836.534588][T25637] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  836.585626][T25640] loop0: detected capacity change from 0 to 64
[  836.716734][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  836.727388][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  836.765420][T18262] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  837.003446][T25657] loop6: detected capacity change from 0 to 128
[  837.066898][T25657] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  837.132409][T25657] FAT-fs (loop6): error, fat_free_clusters: deleting FAT entry beyond EOF
[  837.188551][T25657] FAT-fs (loop6): Filesystem has been set read-only
[  837.231932][T25661] loop2: detected capacity change from 0 to 2048
[  837.310901][T25661]  loop2: p1 < > p3
[  837.318212][T25661] loop2: p3 size 134217728 extends beyond EOD, truncated
[  837.446442][T25671] xt_hashlimit: max too large, truncated to 1048576
[  837.759772][T25683] AppArmor: change_hat: Invalid input '-'
[  838.219776][T25695] loop4: detected capacity change from 0 to 4096
[  838.313405][T25695] ntfs3(loop4): ino=3, Correct links count -> 2.
[  838.418583][T25709] ieee802154 phy0 wpan0: encryption failed: -22
[  838.559383][T25713] loop5: detected capacity change from 0 to 256
[  838.623994][T25713] FAT-fs (loop5): Directory bread(block 64) failed
[  838.668810][T25713] FAT-fs (loop5): Directory bread(block 65) failed
[  838.689722][T25713] FAT-fs (loop5): Directory bread(block 66) failed
[  838.699642][T25720] netlink: 36 bytes leftover after parsing attributes in process `syz.0.8720'.
[  838.727860][T25713] FAT-fs (loop5): Directory bread(block 67) failed
[  838.747749][T25713] FAT-fs (loop5): Directory bread(block 68) failed
[  838.780347][T25713] FAT-fs (loop5): Directory bread(block 69) failed
[  838.791856][T25718] loop2: detected capacity change from 0 to 1764
[  838.807469][T25713] FAT-fs (loop5): Directory bread(block 70) failed
[  838.825004][T25713] FAT-fs (loop5): Directory bread(block 71) failed
[  838.868862][T25713] FAT-fs (loop5): Directory bread(block 72) failed
[  838.901184][T25713] FAT-fs (loop5): Directory bread(block 73) failed
[  838.975498][T25729] netlink: 'syz.0.8723': attribute type 10 has an invalid length.
[  838.985100][T25725] loop4: detected capacity change from 0 to 2048
[  839.031123][T25725] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  839.106897][ T5908] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  839.119329][ T5908] Bluetooth: hci2: Injecting HCI hardware error event
[  839.129739][T16185] Bluetooth: hci2: hardware error 0x00
[  839.143470][T25732] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  839.319811][T25725] syz.4.8721: attempt to access beyond end of device
[  839.319811][T25725] loop4: rw=0, sector=262216, nr_sectors = 2 limit=2048
[  839.384067][T25725] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=1)
[  839.911248][T25756] bridge3: entered promiscuous mode
[  839.916727][T25756] bridge3: entered allmulticast mode
[  840.365089][T25733] loop2: detected capacity change from 0 to 32768
[  840.412514][T25733] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  840.432268][T25733] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  840.481433][T25777] ipt_ECN: cannot use operation on non-tcp rule
[  840.550151][T25733] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  840.561124][T25778] loop4: detected capacity change from 0 to 512
[  840.661441][T25778] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  840.715700][T25733] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  840.725834][T25778] ext4 filesystem being mounted at /1441/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  840.790035][T25789] netlink: 'syz.0.8751': attribute type 21 has an invalid length.
[  840.798264][T25789] netlink: 168 bytes leftover after parsing attributes in process `syz.0.8751'.
[  840.985161][ T5894] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  841.134463][T25796] CIFS mount error: No usable UNC path provided in device string!
[  841.134463][T25796] 
[  841.146071][T25796] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  841.319520][T16185] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  841.581362][T25814] ERROR: device name not specified.
[  841.779670][    T8] usb 4-1: new full-speed USB device number 111 using dummy_hcd
[  841.990079][    T8] usb 4-1: config 0 has an invalid interface number: 207 but max is 0
[  842.011848][    T8] usb 4-1: config 0 has no interface number 0
[  842.040548][    T8] usb 4-1: New USB device found, idVendor=12d1, idProduct=ed56, bcdDevice=46.dd
[  842.071530][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  842.097918][    T8] usb 4-1: Product: syz
[  842.133278][    T8] usb 4-1: Manufacturer: syz
[  842.147591][    T8] usb 4-1: SerialNumber: syz
[  842.167496][    T8] usb 4-1: config 0 descriptor??
[  842.198082][    T8] qmi_wwan 4-1:0.207: bogus CDC Union: master=0, slave=1
[  842.386013][T25836] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes
[  842.439627][    T8] qmi_wwan 4-1:0.207: probe with driver qmi_wwan failed with error -22
[  842.463852][T25798] loop5: detected capacity change from 0 to 40427
[  842.640363][T25844] netlink: 44 bytes leftover after parsing attributes in process `syz.4.8776'.
[  842.653011][ T5951] usb 4-1: USB disconnect, device number 111
[  843.470730][T25878] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8787'.
[  844.264540][T25902] loop5: detected capacity change from 0 to 4096
[  844.602223][T25914] loop4: detected capacity change from 0 to 1024
[  844.758938][   T12] hfsplus: b-tree write err: -5, ino 4
[  846.002757][T25924] loop0: detected capacity change from 0 to 32768
[  846.019421][T25926] loop5: detected capacity change from 0 to 32768
[  846.093213][T25955] loop2: detected capacity change from 0 to 64
[  846.100874][T25926] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  846.118401][T25926] (syz.5.8810,25926,0):ocfs2_find_entry:1086 ERROR: status = -117
[  846.154565][T25924] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  846.163919][T25926] (syz.5.8810,25926,1):ocfs2_find_entry:1086 ERROR: status = -117
[  846.177832][T25926] (syz.5.8810,25926,1):ocfs2_symlink:2077 ERROR: status = -117
[  846.217249][T25924] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  846.371013][T25924] XFS (loop0): Ending clean mount
[  846.389956][T25924] XFS (loop0): Quotacheck needed: Please wait.
[  846.397868][ T5905] ocfs2: Unmounting device (7,5) on (node local)
[  846.515511][T25968] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  846.554949][T25924] XFS (loop0): Quotacheck: Done.
[  846.671558][T25970] vivid-007: =================  START STATUS  =================
[  846.692860][ T5898] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  846.707639][ T5951] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[  846.727243][T25970] vivid-007: Generate PTS: true
[  846.782383][T25970] vivid-007: Generate SCR: true
[  846.787857][T25970] tpg source WxH: 640x360 (Y'CbCr)
[  846.805600][T25970] tpg field: 1
[  846.809046][T25970] tpg crop: 640x360@0x0
[  846.813461][T25970] tpg compose: 640x360@0x0
[  846.846820][T25970] tpg colorspace: 8
[  846.851515][T25970] tpg transfer function: 0/0
[  846.863148][T25970] tpg Y'CbCr encoding: 0/0
[  846.874292][T25970] tpg quantization: 0/0
[  846.904757][T25970] tpg RGB range: 0/2
[  846.919562][T25970] vivid-007: ==================  END STATUS  ==================
[  846.929653][ T5951] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  846.947886][ T5951] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  846.980994][ T5950] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[  846.998188][ T5951] usb 3-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.00
[  847.022612][ T5951] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  847.066950][ T5951] usb 3-1: config 0 descriptor??
[  847.167831][ T5950] usb 5-1: Using ep0 maxpacket: 32
[  847.214520][ T5950] usb 5-1: config 0 has an invalid interface number: 35 but max is 0
[  847.232016][ T5950] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  847.283161][ T5950] usb 5-1: config 0 has no interface number 0
[  847.293973][ T5950] usb 5-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  847.311593][ T5950] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad
[  847.323016][ T5950] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  847.339741][ T5950] usb 5-1: Product: syz
[  847.355999][ T5950] usb 5-1: Manufacturer: syz
[  847.361153][ T5950] usb 5-1: SerialNumber: syz
[  847.384563][ T5950] usb 5-1: config 0 descriptor??
[  847.399741][ T5950] radio-si470x 5-1:0.35: could not find interrupt in endpoint
[  847.441438][ T5950] radio-si470x 5-1:0.35: probe with driver radio-si470x failed with error -5
[  847.553833][ T5951] appletouch 3-1:0.0: Failed to request geyser raw mode
[  847.578800][ T5951] appletouch 3-1:0.0: probe with driver appletouch failed with error -5
[  847.610173][ T5951] usb 3-1: USB disconnect, device number 91
[  847.625845][ T5950] radio-raremono 5-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  847.852317][ T5950] radio-raremono 5-1:0.35: raremono_cmd_main failed (-71)
[  847.878395][ T5950] radio-raremono 5-1:0.35: V4L2 device registered as radio48
[  847.908922][ T5950] usb 5-1: USB disconnect, device number 101
[  847.929990][ T5950] radio-raremono 5-1:0.35: Thanko's Raremono disconnected
[  848.132541][T26011] netlink: 24 bytes leftover after parsing attributes in process `syz.5.8847'.
[  848.161602][T26011] netlink: 24 bytes leftover after parsing attributes in process `syz.5.8847'.
[  849.639479][T26074] loop5: detected capacity change from 0 to 256
[  849.711944][ T5951] usb 4-1: new high-speed USB device number 112 using dummy_hcd
[  849.753390][T26074] FAT-fs (loop5): Directory bread(block 64) failed
[  849.763607][T26074] FAT-fs (loop5): Directory bread(block 65) failed
[  849.795995][T26074] FAT-fs (loop5): Directory bread(block 66) failed
[  849.813850][T26074] FAT-fs (loop5): Directory bread(block 67) failed
[  849.824648][T26074] FAT-fs (loop5): Directory bread(block 68) failed
[  849.865341][T26074] FAT-fs (loop5): Directory bread(block 69) failed
[  849.893476][ T5951] usb 4-1: Using ep0 maxpacket: 16
[  849.910833][ T5951] usb 4-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=46.8b
[  849.925813][T26074] FAT-fs (loop5): Directory bread(block 70) failed
[  849.932414][T26074] FAT-fs (loop5): Directory bread(block 71) failed
[  849.947843][ T5951] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  849.968446][ T5951] usb 4-1: Product: syz
[  849.972750][ T5951] usb 4-1: Manufacturer: syz
[  849.977380][ T5951] usb 4-1: SerialNumber: syz
[  849.989699][T26074] FAT-fs (loop5): Directory bread(block 72) failed
[  849.998048][T26074] FAT-fs (loop5): Directory bread(block 73) failed
[  850.026250][ T5951] usb 4-1: config 0 descriptor??
[  850.505425][    T8] usb 4-1: USB disconnect, device number 112
[  850.511931][    T8] f81534a_ctrl 4-1:0.0: failed to set register 0x116: -19
[  850.543011][    T8] f81534a_ctrl 4-1:0.0: failed to enable ports: -19
[  850.863494][T26113] MPI: mpi too large (107144 bits)
[  851.230089][T26091] loop0: detected capacity change from 0 to 32768
[  851.286217][T26091] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.8877 (26091)
[  851.314986][T26132] set match dimension is over the limit!
[  851.364194][T26091] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  851.447374][T26091] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  851.509049][T26091] BTRFS info (device loop0): using free-space-tree
[  851.566526][   T29] audit: type=1326 audit(1738772245.631:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26140 comm="syz.5.8894" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f312498cda9 code=0x0
[  852.033187][ T5898] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  852.988988][T26199] xt_TPROXY: Can be used only with -p tcp or -p udp
[  853.377377][T26212] syz.2.8912: attempt to access beyond end of device
[  853.377377][T26212] nbd2: rw=0, sector=16, nr_sectors = 2 limit=0
[  853.589259][T26177] loop4: detected capacity change from 0 to 32768
[  853.651836][T26218] netlink: 'syz.2.8914': attribute type 4 has an invalid length.
[  853.679071][T26177] ERROR: (device loop4): dbAlloc: the hint is outside the map
[  853.679071][T26177] 
[  853.747432][T26177] ialloc: diAlloc returned -5!
[  854.674443][T26247] trusted_key: encrypted_key: keyword '_z„N”W÷Ìult' not recognized
[  855.082992][T26254] loop2: detected capacity change from 0 to 4096
[  855.117367][T26254] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[  855.264992][T26254] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[  855.458961][T26241] loop4: detected capacity change from 0 to 32768
[  855.578984][T26241] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  855.654788][ T5908] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  855.666777][ T5908] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  855.679212][ T5908] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  855.691494][ T5908] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  855.699204][ T5908] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  855.708751][ T5908] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  855.761053][T26271] C! speed is unknown, defaulting to 1000
[  855.808664][T26241] XFS (loop4): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  855.845999][T26281] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[  855.900805][T26281] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[  855.928709][T26281] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[  855.936390][T26241] XFS (loop4): Starting recovery (logdev: internal)
[  856.016709][T26241] XFS (loop4): Ending recovery (logdev: internal)
[  856.051790][T26241] XFS (loop4): Quotacheck needed: Please wait.
[  856.143675][T26271] chnl_net:caif_netlink_parms(): no params data found
[  856.151351][T26241] XFS (loop4): Quotacheck: Done.
[  856.335546][ T5894] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  856.522620][T26301] netlink: 34 bytes leftover after parsing attributes in process `syz.2.8946'.
[  856.585251][T26271] bridge0: port 1(bridge_slave_0) entered blocking state
[  856.618017][T26271] bridge0: port 1(bridge_slave_0) entered disabled state
[  856.646510][T26271] bridge_slave_0: entered allmulticast mode
[  856.694630][T26271] bridge_slave_0: entered promiscuous mode
[  856.713716][T26271] bridge0: port 2(bridge_slave_1) entered blocking state
[  856.768224][T26271] bridge0: port 2(bridge_slave_1) entered disabled state
[  856.775631][T26271] bridge_slave_1: entered allmulticast mode
[  856.811539][T26271] bridge_slave_1: entered promiscuous mode
[  857.083051][T26271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  857.128949][T26271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  857.396293][T26271] team0: Port device team_slave_0 added
[  857.455705][T26271] team0: Port device team_slave_1 added
[  857.699410][T26271] batman_adv: batadv0: Adding interface: batadv_slave_0
[  857.716189][T26271] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  857.753371][T26271] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  857.809453][T26271] batman_adv: batadv0: Adding interface: batadv_slave_1
[  857.856951][T26271] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  857.916373][ T5908] Bluetooth: hci6: command tx timeout
[  857.944765][T26271] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  858.154105][T26271] hsr_slave_0: entered promiscuous mode
[  858.174857][T26271] hsr_slave_1: entered promiscuous mode
[  858.221981][T26271] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  858.268078][T26271] Cannot create hsr debugfs directory
[  858.273763][T26359] netlink: 36 bytes leftover after parsing attributes in process `syz.4.8976'.
[  858.580580][T26369] libceph: resolve '400' (ret=-3): failed
[  858.617588][T26374] ip6t_srh: unknown srh invflags 7401
[  858.794251][T26380] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8986'.
[  858.879368][T26271] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  858.908835][T26271] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  859.002339][T26271] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  859.035254][T26271] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  859.310718][T26271] 8021q: adding VLAN 0 to HW filter on device bond0
[  859.375196][T26271] 8021q: adding VLAN 0 to HW filter on device team0
[  859.475607][T18513] bridge0: port 1(bridge_slave_0) entered blocking state
[  859.482844][T18513] bridge0: port 1(bridge_slave_0) entered forwarding state
[  859.559647][T18513] bridge0: port 2(bridge_slave_1) entered blocking state
[  859.566879][T18513] bridge0: port 2(bridge_slave_1) entered forwarding state
[  859.624017][T26405] netlink: 'syz.4.8997': attribute type 4 has an invalid length.
[  859.669914][T26408] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8999'.
[  859.785016][T26271] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  860.135088][ T5908] Bluetooth: hci6: command tx timeout
[  860.177502][T26271] 8021q: adding VLAN 0 to HW filter on device batadv0
[  860.283443][T26384] loop2: detected capacity change from 0 to 32768
[  860.296080][T26432] netlink: 68 bytes leftover after parsing attributes in process `syz.3.9009'.
[  860.309825][T26433] netlink: 'syz.0.9008': attribute type 1 has an invalid length.
[  860.399663][T26384] XFS (loop2): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[  860.428444][T26433] netlink: 224 bytes leftover after parsing attributes in process `syz.0.9008'.
[  860.512609][T26384] XFS (loop2): Quotacheck needed: Please wait.
[  860.598080][ T1983] XFS (loop2): Metadata CRC error detected at xfs_rmapbt_read_verify+0x41/0xd0, xfs_rmapbt block 0x14 
[  860.625845][ T1983] XFS (loop2): Unmount and run xfs_repair
[  860.680113][ T1983] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  860.690910][ T1983] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  860.699805][ T1983] 00000010: 00 00 02 00 00 00 00 14 00 00 00 01 00 00 00 80  ................
[  860.722130][ T1983] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  860.773303][ T1983] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[  860.797736][ T1983] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  860.812406][T26271] veth0_vlan: entered promiscuous mode
[  860.825383][ T1983] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  860.863825][T26271] veth1_vlan: entered promiscuous mode
[  860.871102][ T1983] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  860.947666][ T1983] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  860.960523][   T11] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x14 len 4 error 74
[  860.968187][T26271] veth0_macvtap: entered promiscuous mode
[  860.988501][T26271] veth1_macvtap: entered promiscuous mode
[  861.035964][T26271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  861.082134][   T11] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xab0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  861.082694][T26271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  861.123150][T26271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  861.137724][T26271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  861.155452][   T11] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  861.164112][T26271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  861.203366][T26271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  861.221600][T26384] XFS (loop2): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  861.246994][T26271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  861.264042][T26384] Invalid source name
[  861.271849][T26384] UBIFS error (pid: 26384): cannot open "./file0", error -22
[  861.278826][T26271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  861.317345][T26271] batman_adv: batadv0: Interface activated: batadv_slave_0
[  861.340352][T26271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  861.362376][T26271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  861.402449][T26271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  861.424815][T26271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  861.435144][T26271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  861.449642][T26271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  861.460342][T26271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  861.508724][T26271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  861.523496][ T5900] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  861.530935][T26271] batman_adv: batadv0: Interface activated: batadv_slave_1
[  861.557416][T26470] netlink: 'syz.4.9021': attribute type 21 has an invalid length.
[  861.601958][T26271] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  861.642358][T26271] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  861.642406][T26271] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  861.642441][T26271] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  862.059106][T15119] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  862.130441][T15119] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  862.276499][T26496] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9034'.
[  862.280874][T15119] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  862.308603][T15119] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  862.360806][ T5908] Bluetooth: hci6: command tx timeout
[  862.588465][T26511] xt_cgroup: xt_cgroup: no path or classid specified
[  862.666855][T26513] netlink: 'syz.2.9041': attribute type 8 has an invalid length.
[  862.877584][T26518] xt_CT: No such helper "syz0"
[  863.248854][T26537] netlink: 'syz.4.9052': attribute type 4 has an invalid length.
[  863.296655][T26537] netlink: 17 bytes leftover after parsing attributes in process `syz.4.9052'.
[  863.401254][T26544] netlink: 'syz.2.9054': attribute type 1 has an invalid length.
[  863.920660][   T29] audit: type=1326 audit(1738772257.183:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26564 comm="syz.4.9064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f682e38cda9 code=0x7ffc0000
[  864.015674][   T29] audit: type=1326 audit(1738772257.211:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26564 comm="syz.4.9064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f682e38cda9 code=0x7ffc0000
[  864.153314][   T29] audit: type=1326 audit(1738772257.220:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26564 comm="syz.4.9064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f682e38cda9 code=0x7ffc0000
[  864.255112][   T29] audit: type=1326 audit(1738772257.220:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26564 comm="syz.4.9064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f682e38cda9 code=0x7ffc0000
[  864.294024][T26576] xt_hashlimit: max too large, truncated to 1048576
[  864.300951][T26576] xt_hashlimit: overflow, rate too high: 0
[  864.317991][   T29] audit: type=1326 audit(1738772257.220:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26564 comm="syz.4.9064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f682e38cda9 code=0x7ffc0000
[  864.582446][ T5908] Bluetooth: hci6: command tx timeout
[  865.002241][T26556] loop2: detected capacity change from 0 to 32768
[  865.043237][T26556] XFS: ikeep mount option is deprecated.
[  865.087793][T26556] XFS: noikeep mount option is deprecated.
[  865.106802][T26560] loop7: detected capacity change from 0 to 32768
[  865.142639][T26605] netlink: 20 bytes leftover after parsing attributes in process `syz.5.9083'.
[  865.196892][T26556] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  865.312338][T26556] XFS (loop2): Ending clean mount
[  865.378545][T26556] XFS (loop2): Quotacheck needed: Please wait.
[  865.409443][T26560] bcachefs (loop7): starting version 1.519: (unknown version) opts=errors=continue,metadata_checksum=none,compression=lz4,background_compression=lz4,nopromote_whole_extents,recovery_pass_last=set_may_go_rw,nojournal_transaction_names,allocator_stuck_timeout=3,reconstruct_alloc
[  865.513038][T26560] bcachefs (loop7): recovering from clean shutdown, journal seq 10
[  865.549925][T26556] XFS (loop2): Quotacheck: Done.
[  865.550541][T26560] bcachefs (loop7): Version downgrade required:
[  865.614225][T26560] bcachefs (loop7): Version upgrade required:
[  865.614225][T26560] Version upgrade from 0.24: unwritten_extents to 1.519: (unknown version) incomplete
[  865.614225][T26560] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size
[  865.614225][T26560]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  865.704808][ T5838] usb 4-1: new high-speed USB device number 113 using dummy_hcd
[  865.733685][ T5900] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  865.758291][T26560] bcachefs (loop7): dropping and reconstructing all alloc info
[  865.782777][T26560] bcachefs (loop7): accounting_read... done
[  865.795090][T26560] bcachefs (loop7): alloc_read... done
[  865.800697][T26560] bcachefs (loop7): stripes_read... done
[  865.834423][T26560] bcachefs (loop7): snapshots_read... done
[  865.892820][T26560] bcachefs (loop7): check_allocations...
[  865.899123][ T5838] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[  865.961898][ T5838] usb 4-1: config 0 has no interface number 0
[  866.002166][ T5838] usb 4-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[  866.026268][T26560]  done
[  866.037091][ T5838] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  866.063903][ T5838] usb 4-1: Product: syz
[  866.080583][ T5838] usb 4-1: Manufacturer: syz
[  866.085245][ T5838] usb 4-1: SerialNumber: syz
[  866.092646][T26560] bcachefs (loop7): going read-write
[  866.129674][ T5838] usb 4-1: config 0 descriptor??
[  866.175921][T26560] bcachefs (loop7): done starting filesystem
[  866.177028][ T5838] ims_pcu 4-1:0.41: probe with driver ims_pcu failed with error -22
[  866.396549][ T5838] usb 4-1: USB disconnect, device number 113
[  866.473488][ T5908] bucket 0:34 gen 0 data type user sector count overflow: 0 + -8 > U32_MAX
[  866.473529][ T5908] while marking u64s 7 type extent 536870913:24:U32_MAX len 24 ver 0: durability: 1 crc: c_size 8 size 24 offset 0 nonce 0 csum none 0:0  compress lz4 ptr: 0:34:8 gen 0, continuing
[  866.506519][ T5908] 6 transaction updates for bch2_write_index_default journal seq 0
[  866.506565][ T5908]   update: btree=extents cached=0 bch2_trans_update_extent_overwrite+0xf06/0x36d0
[  866.506585][ T5908]     old u64s 5 type deleted 536870913:8:U32_MAX len 0 ver 0
[  866.506602][ T5908]     new u64s 7 type extent 536870913:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 24 offset 0 nonce 0 csum none 0:0  compress lz4 ptr: 0:34:8 gen 0
[  866.506626][ T5908]   update: btree=extents cached=0 bch2_trans_update+0x1e29/0x2550
[  866.506643][ T5908]     old u64s 5 type deleted 536870913:16:U32_MAX len 0 ver 0
[  866.506661][ T5908]     new u64s 7 type extent 536870913:16:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum crc32c 0:0  compress incompressible ptr: 0:0:0 gen 0
[  866.506686][ T5908]   update: btree=extents cached=0 bch2_trans_update+0x186f/0x2550
[  866.506703][ T5908]     old u64s 7 type extent 536870913:24:U32_MAX len 24 ver 0: durability: 1 crc: c_size 8 size 24 offset 0 nonce 0 csum none 0:0  compress lz4 ptr: 0:34:8 gen 0
[  866.506727][ T5908]     new u64s 7 type extent 536870913:24:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 24 offset 16 nonce 0 csum none 0:0  compress lz4 ptr: 0:34:8 gen 0
[  866.506779][ T5908]   update: btree=inodes cached=1 bch2_extent_update_i_size_sectors+0xccb/0x11a0
[  866.506798][ T5908]     old u64s 18 type inode_v3 0:536870913:U32_MAX len 0 ver 0: 
[  866.506816][ T5908]     mode=100755
[  866.506830][ T5908]     flags=(15300000)
[  866.506844][ T5908]     journal_seq=5
[  866.506858][ T5908]     hash_seed=b68791a594a6d5ae
[  866.506873][ T5908]     hash_type=siphash
[  866.506888][ T5908]     bi_size=9000
[  866.506902][ T5908]     bi_sectors=24
[  866.506917][ T5908]     bi_version=0
[  866.506931][ T5908]     bi_atime=2780562352
[  866.506945][ T5908]     bi_ctime=2780562352
[  866.506960][ T5908]     bi_mtime=2780562352
[  866.506983][ T5908]     bi_otime=2780562352
[  866.506997][ T5908]     bi_uid=0
[  866.507010][ T5908]     bi_gid=0
[  866.507024][ T5908]     bi_nlink=1
[  866.507038][ T5908]     bi_generation=0
[  866.507052][ T5908]     bi_dev=0
[  866.507066][ T5908]     bi_data_checksum=0
[  866.507080][ T5908]     bi_compression=0
[  866.507094][ T5908]     bi_project=0
[  866.507108][ T5908]     bi_background_compression=0
[  866.507123][ T5908]     bi_data_replicas=0
[  866.507137][ T5908]     bi_promote_target=0
[  866.507151][ T5908]     bi_foreground_target=0
[  866.507165][ T5908]     bi_background_target=0
[  866.507180][ T5908]     bi_erasure_code=0
[  866.507194][ T5908]     bi_fields_set=0
[  866.507207][ T5908]     bi_dir=4096
[  866.507221][ T5908]     bi_dir_offset=1896155912177158345
[  866.507236][ T5908]     bi_subvol=0
[  866.507250][ T5908]     bi_parent_subvol=0
[  866.507264][ T5908]     bi_nocow=0
[  866.507277][ T5908]     bi_depth=0
[  866.507292][ T5908]     bi_inodes_32bit=0
[  866.507306][ T5908]     new u64s 18 type inode_v3 0:536870913:U32_MAX len 0 ver 0: 
[  866.507323][ T5908]     mode=100755
[  866.507337][ T5908]     flags=(15300000)
[  866.507350][ T5908]     journal_seq=5
[  866.507363][ T5908]     hash_seed=b68791a594a6d5ae
[  866.507378][ T5908]     hash_type=siphash
[  866.507392][ T5908]     bi_size=9000
[  866.507406][ T5908]     bi_sectors=24
[  866.507421][ T5908]     bi_version=0
[  866.507435][ T5908]     bi_atime=2780562352
[  866.507450][ T5908]     bi_ctime=2780562352
[  866.507470][ T5908]     bi_mtime=2780562352
[  866.507485][ T5908]     bi_otime=2780562352
[  866.507499][ T5908]     bi_uid=0
[  866.507512][ T5908]     bi_gid=0
[  866.507526][ T5908]     bi_nlink=1
[  866.507540][ T5908]     bi_generation=0
[  866.507553][ T5908]     bi_dev=0
[  866.507567][ T5908]     bi_data_checksum=0
[  866.507582][ T5908]     bi_compression=0
[  866.507596][ T5908]     bi_project=0
[  866.507610][ T5908]     bi_background_compression=0
[  866.507625][ T5908]     bi_data_replicas=0
[  866.507638][ T5908]     bi_promote_target=0
[  866.507653][ T5908]     bi_foreground_target=0
[  866.507668][ T5908]     bi_background_target=0
[  866.507682][ T5908]     bi_erasure_code=0
[  866.507697][ T5908]     bi_fields_set=0
[  866.507711][ T5908]     bi_dir=4096
[  866.507725][ T5908]     bi_dir_offset=1896155912177158345
[  866.507740][ T5908]     bi_subvol=0
[  866.507754][ T5908]     bi_parent_subvol=0
[  866.507768][ T5908]     bi_nocow=0
[  866.507782][ T5908]     bi_depth=0
[  866.507796][ T5908]     bi_inodes_32bit=0
[  866.507810][ T5908]   update: btree=alloc cached=0 bch2_trans_start_alloc_update+0xa65/0xdd0
[  866.507828][ T5908]     old u64s 5 type deleted 0:34:0 len 0 ver 0
[  866.507843][ T5908]     new u64s 13 type alloc_v4 0:34:0 len 0 ver 0: 
[  866.507860][ T5908]     gen 0 oldest_gen 0 data_type free
[  866.507875][ T5908]     journal_seq_nonempty 0
[  866.507889][ T5908]     journal_seq_empty    0
[  866.507904][ T5908]     need_discard         0
[  866.507919][ T5908]     need_inc_gen         0
[  866.507933][ T5908]     dirty_sectors        0
[  866.507948][ T5908]     stripe_sectors       0
[  866.507963][ T5908]     cached_sectors       0
[  866.507985][ T5908]     stripe               0
[  866.508000][ T5908]     stripe_redundancy    0
[  866.508014][ T5908]     io_time[READ]        0
[  866.508029][ T5908]     io_time[WRITE]       0
[  866.508044][ T5908]     fragmentation     0
[  866.508059][ T5908]     bp_start          8
[  866.508073][ T5908]   
[  866.508086][ T5908]   update: btree=alloc cached=1 bch2_trans_start_alloc_update+0xa65/0xdd0
[  866.508105][ T5908]     old u64s 5 type deleted 0:34:0 len 0 ver 0
[  866.508121][ T5908]     new u64s 13 type alloc_v4 0:34:0 len 0 ver 0: 
[  866.508138][ T5908]     gen 0 oldest_gen 0 data_type free
[  866.508154][ T5908]     journal_seq_nonempty 0
[  866.508168][ T5908]     journal_seq_empty    0
[  866.508183][ T5908]     need_discard         0
[  866.508197][ T5908]     need_inc_gen         0
[  866.508212][ T5908]     dirty_sectors        0
[  866.508227][ T5908]     stripe_sectors       0
[  866.508241][ T5908]     cached_sectors       0
[  866.508256][ T5908]     stripe               0
[  866.508270][ T5908]     stripe_redundancy    0
[  866.508285][ T5908]     io_time[READ]        0
[  866.508300][ T5908]     io_time[WRITE]       0
[  866.508315][ T5908]     fragmentation     0
[  866.508329][ T5908]     bp_start          8
[  866.508343][ T5908]   
[  866.508356][ T5908] 
[  866.928106][T26627] loop4: detected capacity change from 0 to 32768
[  866.932107][ T5908] bcachefs (loop7): /file3 offset 4096: write error: btree update error: bucket_ref_update
[  867.133977][T26627] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  867.265779][T26627] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  867.327628][T26271] bcachefs (loop7): shutting down
[  867.384393][T26271] bcachefs (loop7): going read-only
[  867.389745][T26271] bcachefs (loop7): finished waiting for writes to stop
[  867.454985][T26271] bcachefs (loop7): flushing journal and stopping allocators, journal seq 10
[  867.459263][T26627] XFS (loop4): Ending clean mount
[  867.488130][T26271] bcachefs (loop7): flushing journal and stopping allocators complete, journal seq 10
[  867.514618][T26627] XFS (loop4): Quotacheck needed: Please wait.
[  867.549559][T26271] bcachefs (loop7): unclean shutdown complete, journal seq 11
[  867.575115][T26271] bcachefs (loop7): done going read-only, filesystem not clean
[  867.699755][T26627] XFS (loop4): Quotacheck: Done.
[  867.845300][T26271] bcachefs (loop7): shutdown complete
[  867.935407][T26692] loop2: detected capacity change from 0 to 4096
[  867.969716][T26692] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  868.019697][ T5894] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  868.116845][T26692] ntfs3(loop2): ino=19, mi_enum_attr
[  868.162599][T26692] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  868.527134][ T1983] usb 4-1: new high-speed USB device number 114 using dummy_hcd
[  868.619035][T26713] loop2: detected capacity change from 0 to 512
[  868.661309][T26713] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  868.731168][T26713] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  868.754980][   T29] audit: type=1326 audit(1738772261.692:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26719 comm="syz.5.9122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f312498cda9 code=0x7ffc0000
[  868.790048][ T1983] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  868.795187][T26713] ext4 filesystem being mounted at /1533/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  868.814666][T26722] netlink: 4280 bytes leftover after parsing attributes in process `syz.4.9114'.
[  868.858277][T26713] EXT4-fs: Cannot specify journal on remount
[  868.861655][ T1983] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 3
[  868.911965][   T29] audit: type=1326 audit(1738772261.692:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26719 comm="syz.5.9122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f312498cda9 code=0x7ffc0000
[  868.942565][ T1983] usb 4-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  868.967280][ T1983] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  868.995227][ T1983] usb 4-1: config 0 descriptor??
[  869.003286][   T29] audit: type=1326 audit(1738772261.692:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26719 comm="syz.5.9122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7f312498cda9 code=0x7ffc0000
[  869.009801][ T5900] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  869.124893][   T29] audit: type=1326 audit(1738772261.692:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26719 comm="syz.5.9122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f312498cda9 code=0x7ffc0000
[  869.221935][   T29] audit: type=1326 audit(1738772261.692:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26719 comm="syz.5.9122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f312498cda9 code=0x7ffc0000
[  869.296745][T26732] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9128'.
[  869.325738][T26734] loop5: detected capacity change from 0 to 64
[  869.514593][ T1983] Bluetooth: Can't get version to change to load ram patch err
[  869.523145][ T1983] Bluetooth: Loading patch file failed
[  869.528663][ T1983] ath3k 4-1:0.0: probe with driver ath3k failed with error -71
[  869.592515][ T1983] usb 4-1: USB disconnect, device number 114
[  870.063397][T26758] ieee802154 phy0 wpan0: encryption failed: -22
[  870.594103][T26775] netlink: 288 bytes leftover after parsing attributes in process `syz.3.9149'.
[  870.889952][T26789] openvswitch: netlink: IPv4 tun info is not correct
[  871.126276][T26792] loop7: detected capacity change from 0 to 2048
[  871.161855][T26792] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024)
[  871.257569][T26792] syz.7.9105: attempt to access beyond end of device
[  871.257569][T26792] loop7: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  871.261643][T26803] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  871.436611][T26792] NILFS (loop7): DAT doesn't have a block to manage vblocknr = 16777227
[  871.481681][T26792] NILFS error (device loop7): nilfs_bmap_truncate: broken bmap (inode number=16)
[  871.522035][T26792] Remounting filesystem read-only
[  871.547841][T26792] NILFS (loop7): error -5 truncating bmap (ino=16)
[  871.677846][T26271] NILFS (loop7): disposed unprocessed dirty file(s) when detaching log writer
[  871.901790][T26826] loop4: detected capacity change from 0 to 512
[  871.999775][T26834] netlink: 52 bytes leftover after parsing attributes in process `syz.2.9174'.
[  872.009837][T26826] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  872.032682][T26826] EXT4-fs error (device loop4): ext4_orphan_get:1415: comm syz.4.9172: bad orphan inode 15
[  872.053018][T26834] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9174'.
[  872.063509][T26826] ext4_test_bit(bit=14, block=4) = 1
[  872.100459][T26826] is_bad_inode(inode)=0
[  872.125886][T26826] NEXT_ORPHAN(inode)=0
[  872.140761][T26826] max_ino=32
[  872.156236][T26826] i_nlink=1
[  872.160494][T26826] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  872.206726][T26839] netlink: 248 bytes leftover after parsing attributes in process `syz.5.9178'.
[  872.269351][T26826] EXT4-fs error (device loop4): ext4_append:79: inode #2: comm syz.4.9172: Logical block already allocated
[  872.387403][ T5894] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  872.579009][ T5949] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  872.666394][T26856] C! speed is unknown, defaulting to 1000
[  872.753603][ T5949] usb 8-1: New USB device found, idVendor=0af7, idProduct=0101, bcdDevice=2d.62
[  872.771895][ T5949] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  872.802705][ T5949] usb 8-1: config 0 descriptor??
[  872.848108][ T5949] usb 8-1: selecting invalid altsetting 1
[  872.881356][ T5949] flexcop_usb: set interface failed.
[  872.886724][ T5949] b2c2_flexcop_usb 8-1:0.0: probe with driver b2c2_flexcop_usb failed with error -22
[  873.036483][T26865] openvswitch: netlink: Tunnel attr 306 out of range max 16
[  873.043166][ T5949] usb 8-1: USB disconnect, device number 2
[  873.188198][    T8] usb 6-1: new high-speed USB device number 86 using dummy_hcd
[  873.213589][T26853] loop2: detected capacity change from 0 to 32768
[  873.224369][T26853] (syz.2.9185,26853,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  873.290370][T26853] (syz.2.9185,26853,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  873.334727][T26853] JBD2: Ignoring recovery information on journal
[  873.382896][    T8] usb 6-1: Using ep0 maxpacket: 8
[  873.392595][T26853] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  873.402213][    T8] usb 6-1: config 0 interface 0 has no altsetting 0
[  873.408846][    T8] usb 6-1: New USB device found, idVendor=07ca, idProduct=a868, bcdDevice=c4.d4
[  873.421330][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  873.435305][    T8] usb 6-1: config 0 descriptor??
[  873.454311][    T8] dvb-usb: found a 'AVerMedia AVerTVHD Volar (A868R)' in warm state.
[  873.462773][    T8] usb 6-1: selecting invalid altsetting 0
[  873.469563][    T8] cxusb: set interface failed
[  873.474260][    T8] dvb-usb: bulk message failed: -22 (1/0)
[  873.501235][    T8] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  873.537733][    T8] dvbdev: DVB: registering new adapter (AVerMedia AVerTVHD Volar (A868R))
[  873.570643][    T8] usb 6-1: media controller created
[  873.614711][T26853] 
[  873.617089][T26853] ======================================================
[  873.624112][T26853] WARNING: possible circular locking dependency detected
[  873.631144][T26853] 6.14.0-rc1-syzkaller-00026-gd009de7d5428 #0 Not tainted
[  873.632488][    T8] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  873.638241][T26853] ------------------------------------------------------
[  873.638258][T26853] syz.2.9185/26853 is trying to acquire lock:
[  873.638273][T26853] ffff888059d7a610 (sb_internal#3){.+.+}-{0:0}, at: ocfs2_acquire_dquot+0x6df/0xb70
[  873.669275][T26853] 
[  873.669275][T26853] but task is already holding lock:
[  873.676643][T26853] ffff88807b146a20 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_lock_global_qf+0x225/0x2b0
[  873.687634][T26853] 
[  873.687634][T26853] which lock already depends on the new lock.
[  873.687634][T26853] 
[  873.698032][T26853] 
[  873.698032][T26853] the existing dependency chain (in reverse order) is:
[  873.707045][T26853] 
[  873.707045][T26853] -> #6 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}:
[  873.715928][T26853]        lock_acquire+0x1ed/0x550
[  873.720966][T26853]        down_write+0x99/0x220
[  873.725742][T26853]        ocfs2_lock_global_qf+0x225/0x2b0
[  873.731468][T26853]        ocfs2_acquire_dquot+0x2b0/0xb70
[  873.737109][T26853]        dqget+0x772/0xeb0
[  873.741536][T26853]        __dquot_initialize+0x2e3/0xec0
[  873.747127][T26853]        ocfs2_get_init_inode+0x158/0x1d0
[  873.752876][T26853]        ocfs2_mknod+0xcfa/0x2b30
[  873.757915][T26853]        ocfs2_mkdir+0x1ab/0x470
[  873.762870][T26853]        vfs_mkdir+0x2fb/0x4f0
[  873.767641][T26853]        do_mkdirat+0x264/0x3a0
[  873.772496][T26853]        __x64_sys_mkdirat+0x87/0xa0
[  873.777791][T26853]        do_syscall_64+0xf3/0x230
[  873.782850][T26853]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  873.789275][T26853] 
[  873.789275][T26853] -> #5 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7){+.+.}-{4:4}:
[  873.799816][T26853]        lock_acquire+0x1ed/0x550
[  873.804852][T26853]        down_write+0x99/0x220
[  873.809654][T26853]        ocfs2_lock_global_qf+0x206/0x2b0
[  873.815379][T26853]        ocfs2_acquire_dquot+0x2b0/0xb70
[  873.821021][T26853]        dqget+0x772/0xeb0
[  873.825450][T26853]        __dquot_initialize+0x2e3/0xec0
[  873.831009][T26853]        ocfs2_get_init_inode+0x158/0x1d0
[  873.836741][T26853]        ocfs2_mknod+0xcfa/0x2b30
[  873.841776][T26853]        ocfs2_mkdir+0x1ab/0x470
[  873.846728][T26853]        vfs_mkdir+0x2fb/0x4f0
[  873.851499][T26853]        do_mkdirat+0x264/0x3a0
[  873.856361][T26853]        __x64_sys_mkdirat+0x87/0xa0
[  873.861655][T26853]        do_syscall_64+0xf3/0x230
[  873.866691][T26853]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  873.873125][T26853] 
[  873.873125][T26853] -> #4 (&dquot->dq_lock){+.+.}-{4:4}:
[  873.880964][T26853]        lock_acquire+0x1ed/0x550
[  873.886002][T26853]        __mutex_lock+0x19c/0x1010
[  873.891127][T26853]        dqget+0x6e6/0xeb0
[  873.895558][T26853]        dquot_transfer+0x2c2/0x6d0
[  873.900753][T26853]        ext4_setattr+0xb49/0x1da0
[  873.905869][T26853]        notify_change+0xbcc/0xe90
[  873.910990][T26853]        chown_common+0x501/0x850
[  873.916018][T26853]        do_fchownat+0x16a/0x240
[  873.920951][T26853]        __x64_sys_lchown+0x85/0xa0
[  873.926159][T26853]        do_syscall_64+0xf3/0x230
[  873.931196][T26853]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  873.937624][T26853] 
[  873.937624][T26853] -> #3 (&ei->xattr_sem){++++}-{4:4}:
[  873.945202][T26853]        lock_acquire+0x1ed/0x550
[  873.950240][T26853]        down_read+0xb1/0xa40
[  873.954928][T26853]        ext4_setattr+0xb37/0x1da0
[  873.960041][T26853]        notify_change+0xbcc/0xe90
[  873.965162][T26853]        chown_common+0x501/0x850
[  873.970185][T26853]        do_fchownat+0x16a/0x240
[  873.975137][T26853]        __x64_sys_chown+0x82/0x90
[  873.980276][T26853]        do_syscall_64+0xf3/0x230
[  873.985310][T26853]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  873.991733][T26853] 
[  873.991733][T26853] -> #2 (jbd2_handle){++++}-{0:0}:
[  873.999051][T26853]        lock_acquire+0x1ed/0x550
[  874.004102][T26853]        start_this_handle+0x1eb4/0x2110
[  874.009744][T26853]        jbd2__journal_start+0x2da/0x5d0
[  874.015383][T26853]        jbd2_journal_start+0x29/0x40
[  874.020763][T26853]        ocfs2_start_trans+0x3c9/0x700
[  874.026224][T26853]        ocfs2_shutdown_local_alloc+0x218/0xa90
[  874.032572][T26853]        ocfs2_dismount_volume+0x202/0x910
[  874.038402][T26853]        generic_shutdown_super+0x13b/0x2d0
[  874.044329][T26853]        kill_block_super+0x44/0x90
[  874.049543][T26853]        deactivate_locked_super+0xc6/0x130
[  874.055709][T26853]        cleanup_mnt+0x41f/0x4b0
[  874.060661][T26853]        task_work_run+0x251/0x310
[  874.065788][T26853]        syscall_exit_to_user_mode+0x13f/0x340
[  874.071952][T26853]        do_syscall_64+0x100/0x230
[  874.077102][T26853]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  874.083614][T26853] 
[  874.083614][T26853] -> #1 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  874.092150][T26853]        lock_acquire+0x1ed/0x550
[  874.097193][T26853]        down_read+0xb1/0xa40
[  874.101883][T26853]        ocfs2_start_trans+0x3be/0x700
[  874.107523][T26853]        ocfs2_shutdown_local_alloc+0x218/0xa90
[  874.113777][T26853]        ocfs2_dismount_volume+0x202/0x910
[  874.119592][T26853]        generic_shutdown_super+0x13b/0x2d0
[  874.125494][T26853]        kill_block_super+0x44/0x90
[  874.130969][T26853]        deactivate_locked_super+0xc6/0x130
[  874.136872][T26853]        cleanup_mnt+0x41f/0x4b0
[  874.141815][T26853]        task_work_run+0x251/0x310
[  874.146938][T26853]        syscall_exit_to_user_mode+0x13f/0x340
[  874.153102][T26853]        do_syscall_64+0x100/0x230
[  874.158227][T26853]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  874.164651][T26853] 
[  874.164651][T26853] -> #0 (sb_internal#3){.+.+}-{0:0}:
[  874.172149][T26853]        validate_chain+0x18ef/0x5920
[  874.177605][T26853]        __lock_acquire+0x1397/0x2100
[  874.182986][T26853]        lock_acquire+0x1ed/0x550
[  874.188027][T26853]        ocfs2_start_trans+0x2b9/0x700
[  874.193488][T26853]        ocfs2_acquire_dquot+0x6df/0xb70
[  874.199125][T26853]        dqget+0x772/0xeb0
[  874.203547][T26853]        dquot_get_next_dqblk+0xbd/0x3a0
[  874.209185][T26853]        quota_getnextquota+0x2c7/0x6c0
[  874.214756][T26853]        __se_sys_quotactl+0x2c4/0xa30
[  874.220219][T26853]        do_syscall_64+0xf3/0x230
[  874.225254][T26853]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  874.231675][T26853] 
[  874.231675][T26853] other info that might help us debug this:
[  874.231675][T26853] 
[  874.242069][T26853] Chain exists of:
[  874.242069][T26853]   sb_internal#3 --> &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7 --> &ocfs2_quota_ip_alloc_sem_key
[  874.242069][T26853] 
[  874.259757][T26853]  Possible unsafe locking scenario:
[  874.259757][T26853] 
[  874.267336][T26853]        CPU0                    CPU1
[  874.272695][T26853]        ----                    ----
[  874.278067][T26853]   lock(&ocfs2_quota_ip_alloc_sem_key);
[  874.283706][T26853]                                lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7);
[  874.293526][T26853]                                lock(&ocfs2_quota_ip_alloc_sem_key);
[  874.301770][T26853]   rlock(sb_internal#3);
[  874.306117][T26853] 
[  874.306117][T26853]  *** DEADLOCK ***
[  874.306117][T26853] 
[  874.314251][T26853] 4 locks held by syz.2.9185/26853:
[  874.319440][T26853]  #0: ffff888059d7a0e0 (&type->s_umount_key#90){++++}-{4:4}, at: super_lock+0x27c/0x400
[  874.329320][T26853]  #1: ffff88807b2600a8 (&dquot->dq_lock){+.+.}-{4:4}, at: ocfs2_acquire_dquot+0x2a3/0xb70
[  874.339357][T26853]  #2: ffff88807b146d80 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7){+.+.}-{4:4}, at: ocfs2_lock_global_qf+0x206/0x2b0
[  874.352361][T26853]  #3: ffff88807b146a20 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_lock_global_qf+0x225/0x2b0
[  874.363703][T26853] 
[  874.363703][T26853] stack backtrace:
[  874.369589][T26853] CPU: 1 UID: 0 PID: 26853 Comm: syz.2.9185 Not tainted 6.14.0-rc1-syzkaller-00026-gd009de7d5428 #0
[  874.369615][T26853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  874.369630][T26853] Call Trace:
[  874.369639][T26853]  <TASK>
[  874.369648][T26853]  dump_stack_lvl+0x241/0x360
[  874.369677][T26853]  ? __pfx_dump_stack_lvl+0x10/0x10
[  874.369700][T26853]  ? __pfx__printk+0x10/0x10
[  874.369738][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.369777][T26853]  print_circular_bug+0x13a/0x1b0
[  874.369803][T26853]  check_noncircular+0x36a/0x4a0
[  874.369833][T26853]  ? __pfx_check_noncircular+0x10/0x10
[  874.369855][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.369890][T26853]  ? lockdep_lock+0x123/0x2b0
[  874.369921][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.369960][T26853]  validate_chain+0x18ef/0x5920
[  874.369998][T26853]  ? __pfx_validate_chain+0x10/0x10
[  874.370020][T26853]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  874.370048][T26853]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  874.370075][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.370111][T26853]  ? __pfx_validate_chain+0x10/0x10
[  874.370130][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.370168][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.370203][T26853]  ? stack_depot_save_flags+0x7b4/0x940
[  874.370234][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.370269][T26853]  ? kasan_save_track+0x51/0x80
[  874.370300][T26853]  ? kasan_save_track+0x3f/0x80
[  874.370330][T26853]  ? kasan_save_free_info+0x40/0x50
[  874.370356][T26853]  ? __kasan_slab_free+0x59/0x70
[  874.370391][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.370426][T26853]  ? mark_lock+0x9a/0x360
[  874.370460][T26853]  __lock_acquire+0x1397/0x2100
[  874.370500][T26853]  lock_acquire+0x1ed/0x550
[  874.370530][T26853]  ? ocfs2_acquire_dquot+0x6df/0xb70
[  874.370560][T26853]  ? __pfx_lock_acquire+0x10/0x10
[  874.370590][T26853]  ? __pfx_lock_release+0x10/0x10
[  874.370621][T26853]  ? __pfx___might_resched+0x10/0x10
[  874.370651][T26853]  ? do_raw_spin_unlock+0x13c/0x8b0
[  874.370681][T26853]  ocfs2_start_trans+0x2b9/0x700
[  874.370707][T26853]  ? ocfs2_acquire_dquot+0x6df/0xb70
[  874.370736][T26853]  ? __pfx_ocfs2_start_trans+0x10/0x10
[  874.370764][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.370798][T26853]  ? _raw_spin_unlock+0x28/0x50
[  874.370823][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.370857][T26853]  ? ocfs2_qinfo_unlock+0x121/0x150
[  874.370884][T26853]  ocfs2_acquire_dquot+0x6df/0xb70
[  874.370916][T26853]  ? __pfx_ocfs2_acquire_dquot+0x10/0x10
[  874.370941][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.370977][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.371020][T26853]  dqget+0x772/0xeb0
[  874.371059][T26853]  dquot_get_next_dqblk+0xbd/0x3a0
[  874.371086][T26853]  quota_getnextquota+0x2c7/0x6c0
[  874.371119][T26853]  ? __pfx_quota_getnextquota+0x10/0x10
[  874.371150][T26853]  ? __pfx_aa_get_newest_label+0x10/0x10
[  874.371189][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.371223][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.371258][T26853]  ? security_capable+0x7e/0x2d0
[  874.371289][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.371324][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.371358][T26853]  ? security_quotactl+0x7d/0x2c0
[  874.371389][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.371424][T26853]  ? do_quotactl+0x475/0x870
[  874.371456][T26853]  __se_sys_quotactl+0x2c4/0xa30
[  874.371489][T26853]  ? __pfx___se_sys_quotactl+0x10/0x10
[  874.371517][T26853]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  874.371550][T26853]  ? do_syscall_64+0x100/0x230
[  874.371583][T26853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  874.371620][T26853]  do_syscall_64+0xf3/0x230
[  874.371656][T26853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  874.371690][T26853] RIP: 0033:0x7fd0e238cda9
[  874.371711][T26853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  874.371733][T26853] RSP: 002b:00007fd0e3190038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  874.371759][T26853] RAX: ffffffffffffffda RBX: 00007fd0e25a5fa0 RCX: 00007fd0e238cda9
[  874.371778][T26853] RDX: 0000000000000000 RSI: 0000000020000880 RDI: ffffffff80000900
[  874.371795][T26853] RBP: 00007fd0e240e2a0 R08: 0000000000000000 R09: 0000000000000000
[  874.371810][T26853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  874.371826][T26853] R13: 0000000000000000 R14: 00007fd0e25a5fa0 R15: 00007ffd474a4b28
[  874.371855][T26853]  </TASK>
[  874.887113][    T8] DVB: Unable to find symbol lgdt330x_attach()
[  874.892876][ T5900] ocfs2: Unmounting device (7,2) on (node local)
[  874.897130][    T8] dvb-usb: no frontend was attached by 'AVerMedia AVerTVHD Volar (A868R)'
[  874.987018][    T8] dvb-usb: bulk message failed: -22 (1/0)
[  874.992970][    T8] dvb-usb: AVerMedia AVerTVHD Volar (A868R) successfully initialized and connected.
[  875.011230][    T8] usb 6-1: USB disconnect, device number 86
[  875.043190][    T8] dvb-usb: AVerMedia AVerTVHD Volar (A868R) successfully deinitialized and disconnected.