last executing test programs:

11m46.625025871s ago: executing program 1 (id=456):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000001040)={0x3, {{0x2, 0x4e24, @rand_addr=0xe4010102}}}, 0x88)

11m45.690479812s ago: executing program 1 (id=468):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f00000002c0)={0x4, 0x2, 0xffff, 0x6, 0x1, 0xfffffffffffffffd, 0x0, 0x36a, 0xde4})

11m45.211715133s ago: executing program 1 (id=476):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
inotify_add_watch(0xffffffffffffffff, 0x0, 0x10000000)

11m44.792251679s ago: executing program 1 (id=480):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000003c0)={[{@errors_remount}, {@gid}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@fmask={'fmask', 0x3d, 0x8c1}}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@errors_continue}, {@keep_last_dots}, {@errors_remount}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'ascii'}}, {@namecase}]}, 0x1, 0x1531, &(0x7f0000001f80)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL9zzu/0O86neb6fz/5Yz+z9rP287/Ne1t6YbzoOqtageuV6RAT/FrzwRxIAxAJAPwC4BgACACgdVzru/P7sEpP+vZOwP9fDqVe6AnYlcf+zNu5/1sb9z9q4/1kb9z9r4/5nbdz/rI37z1hWtnFq/mt5y7ob3///66vzh3v4+/8vJLPE6C9Wl7i+E0DMP5vC/c/auP9/WcE/cxD3P2vj/mdVsVe6APZfgN//f0lNfh1m+8MDuf9ZG/efsazsSt9/vtIbRLL2c3ClX3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxrKGU/6i0+AVAFwKr3RdjDHGGGOMMcYY+/P4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/Yv7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFc1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiTDOl/If5b/9O/oCfz75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/Sr4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufPLvkAEIlCBCmKCmCA2iA1yBDmCnEHOIFeQK4gEkSAuiAtyB9cHeYK8Qb4gfxAfFAgKBjowgQ3ExaZHgxuCIsGNQdHgpqBYUDxwQYkgIbg5KBncEpQKbg1KB7cFZYLbg7JBuaB8UCG4I6gY3BlUCu4KKgd3B1WCqkG1oHpwT1AjuDeoGdwX1AruD2oHDwR1ggeDusFDQb3g4aB+8EjQIHg0aBg8FjQKGgdNgqZBsz91fu9P5H3CddPddZLuoXvql3Uv3Vv30X11P/2K7q9f1QP0azpZD9SD9Ot6sH5DD9Fv6qF6mB6u39Ij9Eg9So/WY/RYnaLH6fH6bT1Bv6Mn6kl6sp6iU/VUPU2/q6frGXqmfk/P0u/r2XqOnqvn6TT9gZ6vF+h0/aFeqD/SGXqRXqyX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepverj/WO/QneqfepXfrT/Ue/Zneqz/X+/QXer/+Umfqr/QB/bU+qL/Rh/S3+rD+Th/RR/Ux/b0+rn/QJ/RJfUqf1mf0j/qs/kmf0/784v7817tRRpkYE2NiTazJYXKYnCanyWVymYiJmDgTZ3Kb3CaPyWPymXwm3sSbgqagOY8MmUKmkImaqCliipiipqgpZooZZ5xJMAmmpClpSplSprQpbcqYMqasKWvKm/LmDnOHudPcae4yd5m7zd2mqqlqqpvqpoapYWqamqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkmpgmpplpZpqb5qaFaWFamVamtWlt2pg2JtEkmramrWln2pn2pr3pYDqYjqaj6WQ6mS6mi+lquppupptJMkmmp+lpeplepo/pY/qZfqa/6W8GmAEm2SSbQWaQGWwGmyFmiBlqhpnh5xeqZqQZZUZ/O8aMNSkmxYw3480EM8FMNBPNZDPZpJpUM81MM9PNdDPTzDSzzCwz28w2c81ck2bSzHwz36SbdLPQLDQZJsMsNovNUrPULDfLzUqz0qw2q81aWGvWm/Vmo9loNpvNZqvZarab7WaH2WF2mp1mt9lt9pg9Zq/Za/aZfWa/2W8yTaY5YA6Yg+agOWQOmcPmsDlijphj5pg5bo6bE+aEOWVOmTMm78XvS29ibXabw15lc9qrbS57jf37OJ/Nb+NtAVvQapvH5v1VbKy1Re1Ntpgtbp0tYRPszb+Jy9pytrytYO+wFe2dttJv4hr2XlvT3mdr2fttdXvPr+La9gFbxz5q6yIC2Ma2vm1qG9hHbUP7mG1kG9smtqltbZ+ybezTNtE+Y9vaZ38Tz7cL7Eq7yq62a+xOu8uesqftQfuNPWN/tN1sd9vPvmL721ftAPuaTbYDfxMPt2/ZEXakHWVH2zF27G/iyXaKTbVT7TT7rp1uZ/wmTrMf2Fk23c62c+xcO+/n+HxN6fZDu9B+ZDNsAIvtErvULrPL7Yr/X+sSu86utxvsDvuJ3Wy32K12m91+aSFsd9nd9lO7x35mD9iv7T77hd1vD9lM+9XP8fnHd8h+aw/b7+wRe9Qes9/b4/YH9XPuyF4A9kf7vf3JnrPeAiEBSVIUUAxlo1jKTjnoKspJV1MuuoYidC3F0XWUm66nPJSX8lF+iqcCVJA0GbJEFFIhKkxRuoEulVeMipOjEpRAN1NJuoVK0a1Umm6jMnQ7laVyVJ4q0B1Uke6kSnQXVaa7qQpVpWpUne6hGnQv1aT7qBbdT7XpAapDD1Jdeojq0cNUnx6hBvQoNaTHqBE1pibUlJrR49ScnqAW1JJa0ZPUmp6iNvQ0JdIz1JaepXb0N2pPz1EHep460gvUiTpTF3qRutJL1I26UxL1oJ70MvWi3tSH+lI/eoX606s0gF6jZBpIg+h1Gkxv0BB6k4bSMBpOb9EIGkmjaDSNobGUQuNoPL1NE+gdmkiTaDJNoVSaStPoXZpOM2gmvUez6H2aTXNoLs2jNPqA5tMCSqcPaSF9RBm0iBbTElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDt9TDvoE9pJu2g3fUp76DPaS5/TPvqC9tOXlElf0QH6mg7SN3SIvvXd6Ts6QkfpGH1Px+kHOkEn6RSdpjP0I52ln+gceYIQQxHKUIVBGBNmC2PD7GGO8KowZ3h1mCu8JoyE14Zx4XVh7vD6ME+YN8wX5g/jwwJhwVCHJrQhhWFYKCwcRsMbwiLhjWHREMNiYfHQhSXChPDmsGR4S1gqvDUsHd4WlglvD8uG5cJH768Q3hFWDO8MK4V3hZXDu8MqYdWwWlg9vCesEd4b1gzvC2uF94elwgfCOuGDYd3wobBe+HBYP3wkbBA+GjYMHwsbhY3DJmHTsFn4eNg8fCJsEbYMW4VPhq3Dp8I24dNhYvhM2DZ89uf9Dyz44/1JYY+wZ/hy+HLo/X1ybnReNC36QXR+dEE0PfphdGH0o2hGdFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10fXRD1Pvq2cChE0465QIX47K5WJfd5XBXuZzuapfLXeMi7loX565zud31Lo/L6/K5/C7eFXAFnXbGWUcudIVcYRd1N7gi7kZX1N3kirnizrkSLsE1dc1cM9fcPeFauJaulXvSPemeck+5p93T7hnX1j3r2rm/ufbuOdfBPe+edy+4Tq6z6+JedF3duFwX3pNJrqfr6Xq5Xq6P6+P6uX6uv+vvBrgBLtklu0FukBvsBrshbogb6oa64W64G+FGuFFulBvjxrgUl+LGu/FugpvgJrqJbrKb7FJdqpvmprnpbrqrOOPCWWa72W6um+vSXJqb786vGdPdQrfQZbgMt9gtdkvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt9Nfc2FSt8ftdXvdPrfP7Xdfukz3lTvgvnYH3TfukPvWHXbfuSPuqDvmvnfH3Q/uhDvpTrnT7oz70Z11P7lzzruUyLjI+MjbkQmRdyITI5MikyNTIqmRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF9gc+gL+cI+6m/wRfyNvqi/yRfzxb3zJXyCv9mX9Lf4Uv5WX9rf5sv4231ZX86X94/5Rr6xb+Kb+mb+cd/cP+Fb+Ja+lX/St/ZP+Tb+aZ/on/Ft/bO+nf+bb++f8x38876jf8F38p19F/+i7+pf8t18d5/ke/ie/mXfy/f2fXxf38+/4vv7V/0A/5pP9gP9IP+6H+zf8EP8m36oH+aHx7zlR1y6RIaxPsWP8+P9236Cf8dP9JP8ZD/Fp/qpfpp/10/3M/xM/56f5d/3s/0cP9fP82n+Az/fL/Dp/kO/0H/kM/yiSzeV/XK/wq/0q/xqv8av9ev8er/Bb/Sb/Ga/xW/12/x2/7Hf4T/xO/0uv9t/6vf4z/xe/7nf57/w+/2XPtN/5Q/4r/1B/40/5L/1h/13/og/6o/57/1x/4M/4U/6U/60P+N/9Gf9T/4c/581xhhjjLF/yrjLQ/HrPRdu5/f4nRzxi4N7AsDVW/Jn/nL/+RXl2jwXxr1FfOsIADzTvePDl7YqVZKSki4emyEhKDwH4NLfBJ0XA5fjRdAKnoJEaAklf7f+3qLzGfoH80dvA8jxi5xYuBxfnv9zAEz6nfkff3L4/DLhqbj/Yf45AEULX87JDpfjRdDq5/srLaHUH9Sft/kv64/97fzZv0gBaPGLnJxwOb5cfwI8Ac9C4q+OZIwxxhhjjDHGLugtyre/dP156V98/t71eby6nJMNLsf/6PqcMcYYY4wxxhhjV95znbs8/XhiYsv2//qg0v8q658eNIT/q5l58LsD7wEu/UQBwL85IcD5gfxPPopN/5FzJV986/z9rqWnfQD/Ha38MwZX+IOJMcYYY4wx9qe7vOj/9c/VlSqIMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLgv4Tv07sSj9GxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Er7fwEAAP//nXwDKg==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)

11m44.126664829s ago: executing program 1 (id=491):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000100)=@ethtool_coalesce={0x50}})

11m43.625888455s ago: executing program 1 (id=495):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=@acquire={0x134, 0x17, 0x1, 0x0, 0x0, {{@in6=@private0}, @in6=@remote, {@in=@remote, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {{@in6=@private2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}}}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0x134}}, 0x0)

11m42.933421682s ago: executing program 32 (id=495):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=@acquire={0x134, 0x17, 0x1, 0x0, 0x0, {{@in6=@private0}, @in6=@remote, {@in=@remote, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {{@in6=@private2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}}}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0x134}}, 0x0)

5m57.251444685s ago: executing program 5 (id=5076):
r0 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RNDADDENTROPY(r0, 0x40045201, &(0x7f0000000640)=ANY=[@ANYBLOB="6067e2ea"])

5m56.941675051s ago: executing program 5 (id=5079):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85512, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad]})

5m56.643941139s ago: executing program 5 (id=5084):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x2000000001c0, 0x0, 0x0, 0x2000000001f0, 0x200000000220], 0x0, 0x0, &(0x7f00000001c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x84, '\x00', 0x0, 0xfffffffffffffffc}]}, 0x108)

5m56.225385456s ago: executing program 5 (id=5091):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000380)='./bus\x00', 0x2200804, &(0x7f0000000100)={[{@keep_last_dots}, {@namecase}, {@sys_tz}, {@time_offset={'time_offset', 0x3d, 0x3ff}}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'cp949'}}, {@allow_utime={'allow_utime', 0x3d, 0x1}}]}, 0x3, 0x151f, &(0x7f0000001900)="$eJzs3AuYTlX7MPD7XmvtMSQ9SQ7DWuvePMlhmSTJIUkOSZIkSU4JoUleSUgMOSUNSUgOQ3IYQnKYmDTO5/MxSZImSUJyStZ3TfHq8PZ/37637/X937l/17Uv695rr7XXfu79eNbaz/XM112G1mhUs2oDIoJ/C/78TyIAxALAQAC4BgACACibu2zuzPrsEhP/vZOwv9ZDKVd6BOxK4vxnbZz/rI3zn7Vx/rM2zn/WxvnP2jj/WRvnn7GsbPP0AtfylnU3fv6flfHn/3+RjFJjP19b6vquf6IJ5z9r4/z/1wr+lYM4/1kb5z9r4/xnbZz/rCDbH9Zw/v/bLfkfazn/jGVlV/r5M29XdrvS9x9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsazhjL9MAcCl8pUeF2OMMcYYY4wxxv46PtuVHgFjjDHGGGOMMcb+30MQIEFBADGQDWIhO+QAAQBXQy64BiJwLeSG6yAPXA95IR/khwIQBwWhEGgwYIEghMJQBKJwAxSFG6EYFIcSUBIclIJ4uAlKw81QBm6BsnArlIPboDxUgIpQCW6HynAHVIE7oSrcBdWgOtSAmnA31IJ7oDbcC3XgPqgL90M9eADqw4PQAB6ChvAwNIJHoDE8Ck2gKTSD5tDi/6r989ADXoCe0AsSoTf0gRehL/SD/jAABsJLMAhehsHwCiTBEBgKr8IweA2Gw+swAkbCKHgDRsObMAbGwjgYD8kwASbCWzAJ3obJMAWmwjRIgekwA96BmTALZsO7MAfeg7kwD+bDAkiF92EhLII0+AAWw4eQDktgKSyD5bACVsIqWA1rYC2sg/WwATbCJtgMW2ArbIPtsAN2wi7YDR/BHvgY9sInsA8+/ZPtT/+mfVcEBBQoUKHCGIzBWIzFHJgDc2JOzIW5Yi/dJHkwD+bFvJgf82McxmEhLIQGDRISFsbCGMUoFsWiWAyLYQksgQ4dxmM8lsabsQyWwbJYFsthOSyPFbACVsJKWBkrYxWsglWxKlbDalgDa+DdeDf2xtpYG+tgHayLdS89nsIG2AAbYkNshI2wMTbGJtgEm2EzbIEtsCW2xFbYCttgG2yLbbE9tscETMAO2AE7YkfshJ2wM3bGLtgFu2I37IbPZwN8AV/AXlhN9MY+2Af7YlK2/jgAB+BLOAhfxpfxFUzCITgUX8VX8TUcjqdwBI7EUTgKK4s3cQyORRLjMRmTcSJOxEk4CSfjFJyC0zAFp+MMnIEzcRbOwndxDr6H7+E8nIcLMBVTcSEuwjRMw8V4GtNxCS7FZbgcV+ByXIWrcRWuxXW4FjfgBtyEm3ALbsFtuA134A7chQoAP8KP8WNMwn24D/fjfjyAB/AgHsQMzMBDeAgP42E8gkfwKB7FY3gcT+BxPIkn8RSexjN4Bs/hOTyPz8Z92XBX8TVJIDIpoUSMiBGxIlbkEDlETpFT5BK5RERERG6RW+QReURekVfkF/lFnIgThUQhYYQRJMIYABBRERVFRVFRTBQTJUQJ4YQT8SJelBalRRlRRpQVt4py4jZRXlQQrV0lUUlUFm1cFXGnqCqqimqiuqghaoqaopaoJWqL2qKOqCPqirqinnhA1Be9sT8+JDIz00gMwcZiKDYRTYW8eHO2FMOxlWgt2ognxEgcge1FS5cgnhIdxBjsKP4mxuIzorMYj13Ec6Kr6Ca6i+dFD9HK9RS9xGTsLfqIadhX9BP9xQAxE6uLd3FO9hriFZEkhoih4lWxAF8Tw8XrYoQYKUaJN8Ro8aYYI8aKcWK8SBYTxETxlpgk3haTxRQxVUwTKWK6mCHeETPFLDFbvCvmiPfEXDFPzBcLRKp4XywUi0Sa+EAsFh+KdLFELBXLxHKxQqwUq8RqsUasFevEerFBbBSbxGaxRWwV28R2sUPsFLvEbvGR2CM+FnvFJ2Kf+FTsF5+JA+JzcVB8ITLEl+KQ+EocFl+LI+IbcVR8K46J4+KE+E6cFN+LU+K0OCPOinPiB3Fe/CguCC9AohRSSiUDGSOzyViZXeaQV8mcMrj46l4rc8vrZB55vcwr88n8soCMkwVlIamlkVaSDGVhWURG5Q2yqLxRFpPFZQlZUjpZSsbLm2RpebMsI2+RZeWtspy8TZaXFWRFWUneLivLOyREfj5HNVld1pA15d2ylrxH1pb3yjryPllX3i/ryQdkffmgbCAfkg3lw7KRfEQ2lo/KJrKpbCabyxbyMdlSPi5bydayjXxCtpXtZHv5pEyQT8kO0l+8RZ6RneWzsot8TnaV3WR3+aO8IL3sKXtJgN6yj3xR9pX9ZH85QA6UL8lB8mU5WL4ik+QQOVS+KofJ1+Rw+bocIUfKUfINOVq+KcfIsXKcHC+T5QQ5Ub4lJ8m35WQ5RU6V02SKnC77X+xptpT/tP1b/6D94J/OvklullvkVrlNbpc75E65S+6Wu+UeuUfulXvlPrlP7pf75QF5QB6UB2WGzJCH5CF5WB6WR+QReVQelcfkcXlWfidPyu/lKXlanpZn5Tl5Tp6/+BqAQiWUVEoFKkZlU7Equ8qhrlI51dUql7pGRdS1Kre6TuVR16u8Kp/KrwqoOFVQFVJaGWUVqVAVVkVUVN2AF28YVUKVVE6VUvHqpj/TXhVVN6piqviv2l8aX+IfjK+FaqFaqpaqlWql2qg2qq1qq9qr9ipBJagOqoPqqDqqTqqT6qw6qy6qi+qquqruqrvqoXqonqqnSlSJqo96UfVV/VR/NUANVC+pQWqQGqwGqySVpIaqoWqYGqaGq+FqhBqhRqlRarQarcaoMWqcGqeSVbKaqCaqSWqSmqwmq6lqqkpRKWqGmqFmqplqtpqt5qg5aq6aq+ar+SpVpaqFaqFKU2lqsVqs0tUStUQtU8vUCrVCrVKr1Bq1Rq1T69QGtUGlq81qs9qqtqrtarvaqXaq3Wq32qP2qL1qr9qn9qn9ar86oA6og+qgylAZ6pA6pA6rw+qIOqKOqqPqmDqmTqgT6qQ6qU6pU+qMOqPOqXPqvDqvLqgLmdO+QAQiUIEKYoKYIDaIDXIEOYKcQc4gV5AriASRIHeQO8gTXB/kDfIF+YMCQVxQMCgU6MAENhAXkx4NbgiKBjcGxYLiQYmgZOCCUkF8cFNQOrg5KBPcEpQNbg3KBbcF5YMKQcWgUnB7UDm4I6gS3BlUDe4KqgXVgxpBzeDuoFZwT1A7uDeoE9wX1A3uD+oFDwT1gweDBsFDQcPg4aBR8EjQOHg0aBI0DZoFzYMWf2n/3p/K97jrqXvpRN1b99Ev6r66n+6vB+iB+iU9SL+sB+tXdJIeoofqV/Uw/Zoerl/XI/RIPUq/oUfrN/UYPVaP0+N1sp6gJ+q39CT9tp6sp+ipeppO0dP1DP2Onqln6dn6XT1Hv6fn6nl6vl6gU/X7eqFepNP0B3qx/lCn6yV6qV6ml+sVeqVepVfrNXqtXqfX6w16o96kN+steqveprfrHXqn3qV364/0Hv2x3qs/0fv0p3q//kwf0J/rg/oLnaG/1If0V/qw/lof0d/oo/pbfUwf1yf0d/qk/l6f0qf1GX1Wn9M/6PP6R31B+8zJfebHu1FGmRgTY2JNrMlhcpicJqfJZXKZiImY3CZ3u4vpN/lNfhNn4kwhU8hkIkOmsClsoiZqipqippgpZkqYEsYZZ+JNvCltSpsypowpa8qacqacKW/Km4qmornd3G7uMHeYO82d5i5zl6luqpuapqapZWqZ2qa2qWPqmLqmrqln6pn6pr5pYBqYhqahaWQamcamsWlimphmpplpYVqYlqalaWVamTamjWlr2pr2pr1JMAmmg+lgOpqOppPpZDqbzqaL6WK6mq6mu+luepgepqfpaRJNoulj+pi+pq/pb/qbgWagGWQGmcFmsEkySWaoGWqGmWFmuBluRpiRZlTmRNW8acaYsWacGW+STbKZaCaaSWaSmWwmm6lmqkkxKWaGmWFmmplmtplt5pg5Zq6Za+ab+SbVpJqFZqFJM2lmsVls0k26WWqWmuVmuVlpVprVZrVZa9aa9bDebDQbzWaz2Ww1W812s93sNDvNbrPb7DF7zF6z1+wz+8x+s98cMAfMQXPQZJgMc8gcMofNYXPEHDFHzVFzzBwzJ8wJc9KcNKfMKXPGnDHnTL6Ln5fexNrsNoe9yua0V9tc9hr72zi/LWDjbEFbyGqb1+b7VWystcVscVvClrTOlrLx9qbfxeVtBVvRVrK328r2Dlvld3Ete4+tbe+1dex9tqa9+1dxXXu/rWcfsfURAWxT29A2t43sI7axfdQ2sU1tM9vctrXtbHv7pE2wT9kO9unfxQvtIrvarrFr7Tq7x35sz9iz9rD92p6zP9ietpcdaF+yg+zLdrB9xSbZIb+LR9k37Gj7ph1jx9pxdvzv4ql2mk2x0+0M+46daWf9Lk6179s5Ns3OtfPsfLvgpzhzTGn2A7vYfmjT7RK71C6zy+0Ku9Ku+vtYl9kNdqPdZHfbj+xWu81utzvsTrvrpzjzOvbaT+w++6k9ZL+yB+zn9qA9YjPslz/Fmdd3xH5jj9pv7TF73J6w39mT9nt7yp7+6fozr/07+6O9YL0FQgKSpCigGMpGsZSdctBVlJOuplx0DUXoWspN11Eeup7yUj7KTwUojgpSIdJkyBJRSIWpCEXpBro0Ty9BJclRKYqnm6g03Uxl6BYqS7dSObqNylMFqkiV6HaqTHdQFbqTqtJdVI2qUw2qSXdTLbqHatO9VIfuo7p0P9WjB6g+PUgN6CFqSA9TI3qEGtOj1ISaUjNqTi3oMWpJj1Mrak1t6AlqS+2oPT1JCfQUdaCnqSP9jTrRM9SZnqUu9Bx1pW7UnZ6nHvQC9aRelEi9qQ+9SH2pH/WnATSQXqJB9DINplcoiYbQUHqVhtFrNJxepxE0kkbRGzSa3qQxNJbG0XhKpgk0kd6iSfQ2TaYpNJWmUQpNpxn0Ds2kWTSb3qU59B7NpXk0nxZQKr1PC2kRpdEHtJg+pHRaQktpGS2nFbSSVtFqWkNraR2tpw20kTbRZtpCW2kbbacdtJN20W76iPbQx7SXPqF99Cntp8/oAH1OB+kLyqAv6RB9RYfpazpC3/he9C0do+N0gr6jk/Q9naLTdIbO0jn6gc7Tj3SBPEGIoQhlqMIgjAmzhbFh9jBHeFWYM7w6zBVeE0bCa8Pc4XVhnvD6MG+YL8wfFgjjwoJhoVCHJrQhhWFYOCwSRsMbwqLhjWGxsHhYIiwZurBUGB/eFJYObw7LhLeEZcNbw3LhbWH5sEL4yH2VwtvDyuEdYZXwzrBqeFdYLawe1ghrhneHtcJ7wtrhvWGd8L6wTHh/WC98IKwfPhg2CB8KG4YPh43CR8LG4aNhk7Bp2CxsHrYIHwtbho+HrcLWYZvwibBt2C5sHz4ZJoRPhR3Cp3+qv3/RH9cnhr3DPuGL4Yuh9/fK+dEF0dTo+9GF0UXRtOgH0cXRD6Pp0SXRpdFl0eXRFdGV0VXR1dE10bXRddH10Q3RjdFNUe9rZgOHTjjplAtcjMvmYl12l8Nd5XK6q10ud42LuGtdbnedy+Oud3ldPpffFXBxrqAr5LQzzjpyoSvsiriou8EVdTe6Yq64K+FKOudKuXjX3LVwLVxL97hr5Vq7Nu4J94Rr59q5J92T7inXwT3tOrq/uU7uGdfZPeuedc+5rq6b6+6edz3chFw/vycTXR/Xx/V1fV1/198NdAPdIDfIDXaDXZJLckPdUDfMDXPD3XA3wo1wo9woN9qNdmPcGDfOjXPJLtlNdBPdJDfJTXaT3VQ31aW4FDfDzXAz3UxXedbPZ5nr5rr5br5LdaluocucM6a5xW6xS3fpbqlb6pa75W6lW+lWu9VurVvr1rv1bmPmesJtdlvdVrfdbXc73U632+12e/w1P3fq9rn9br874A64g+4Ll+G+dIfcV+6w+9odcd+4o+5bd8wddyfcd+6k+96dcqfdGXfWnXM/uPPuR3fBeZccmRCZGHkrMinydmRyZEpkamRaJCUyPTIj8k5kZmRWZHbk3cicyHuRuZF5kfmRBZHUyPuRhZFFkbTIB5HFkQ8j6ZElkaWRZZHlkRUR7wtuDX1hX8RH/Q2+qL/RF/PFfQlf0jtfysf7m3xpf7Mv42/xZf2tvpy/zZf3FXxF/6hv4pv6Zr65b+Ef8y39476Vb+3b+Cd8W9/Ot/dP+gT/lO/gn/Yd/d98J/+M7+yf9V38c76r7+a7++d9D/+C7+l7+UTf2/fxL/q+vp/v7wf4gf4lP8i/7Af7V3ySH+KH+lf9MP+aH+5f9yP8SD8q5g0/+tISGcb7ZD/BT/Rv+Un+bT/ZT/FT/TSf4qf7Gf4dP9PP8rP9u36Of8/P9fP8fL/Ap/r3/UK/yKf5D/xi/6FP90suPVT2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9Lr/bf+T3+I/9Xv+J3+c/9fv9Z/6A/9wf9F/4DP+lP+S/8of91/6I/8Yf9d/6Y/64P+G/8yf99/6UP+3P+LP+nP/Bn/c/+gt/9jdrvf7U0Ywxxhhj/zUmXC6Kf1Tf+x/sE784uA8AXL2tQMYv6zNnlOvz/lzuJ+LaRgDgqV5dHrq0VauWeOnLJUiXEBSZB3Dpm6BMMXA5XgJtoB0kQGso/Q/H3090O0e/7z8x8Rf9R28FyPGLNrFwOb7c/2d/0P9jT4xaWC48k/t/6H8eQLEil9tkh7/Hf/91RWso8wf952v5T8af/fNkgFa/aJMTLseXxx8Pj8PTkPCrIxljjDHGGGOMsZ/1ExU7XVp/XlqU/3Z9m7k+j1OX22Quai/F/2x9zhhjjDHGGGOMsSvvmW7dn3wsIaF1p39akADwqz1V/pVWXPhfU/Ae4NIeBQD/Zoe/uVv+E4Ut/5FzJV186/y2avlZH8D/H6n8KwpX+D8mxhhjjDHG2F/u8qT/1/vVlRoQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWBf0n/pzYlb5GxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Er7PwEAAP//To8JBw==")
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)

5m55.675112536s ago: executing program 5 (id=5100):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000400)=@gettaction={0x30, 0x32, 0x301, 0x0, 0x3, {}, [@action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x3418}]}, 0x30}, 0x1, 0x0, 0x0, 0x40a0}, 0x4000000)

5m54.976942645s ago: executing program 5 (id=5109):
r0 = syz_open_procfs(0x0, &(0x7f00000004c0)='map_files\x00')
getdents64(r0, 0x0, 0x0)

5m54.549449954s ago: executing program 33 (id=5109):
r0 = syz_open_procfs(0x0, &(0x7f00000004c0)='map_files\x00')
getdents64(r0, 0x0, 0x0)

5m26.060439919s ago: executing program 4 (id=5407):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f00000002c0)={0x6, @capture={0x0, 0x1, {0x7, 0xe}, 0x7, 0xfffff315}})

5m25.756579302s ago: executing program 4 (id=5412):
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x22000406, &(0x7f0000000840)={[{@dioread_lock}, {@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}, {@jqfmt_vfsold}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@journal_checksum}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nobh}, {@grpid}], [], 0x2c}, 0x84, 0x4d8, &(0x7f0000000900)="$eJzs3MtvG9UaAPBvJs2jz6S91b23D6ihICIKSZMW6IIFIJC6ASHBoixDGqpSt0VNkGhV0RShskT8BcASCYkVG1YgIQRsALGFPUKqUDctLJDR2DOJ3diOnbQJrX8/aexzZs48vjNzxjM+9gTQs0rZSxKxJSJ+iYjhWraxQKn2duPaxek/r12cTqJSeemPpFru+rWL00XRYr7NeWY0jUjfTWJPk/XOnr9waqpcnjmX58fnTr8xPnv+wqMnT0+dmDkxc2byyJHDhyaeeHzysY7iuLTM9Cyu67vfPrt319FXPnh+uhKvfvdptr1b8un1cdSMdLTedkpRikpucexA9fXBVS/932VrRAzm6WTDOm8MHeuLiGx39Vfb/3D0xeLOG47n3lnIfL1OGwjcNtln0/YlY/vy93Th8wu4GyXaOPSo4hM/u/8thrW8/lhvV5/OXmeq8d/Ihx9eqNVNmt3LjtTu2PtazP/fJuOGFpOV4WXWvyUijs3/9WE2RNPvIdpIOi4JALDgy+z655Fm139pw7XNtrwPZSQiDkTEjoj4T0TsjHShzP8i4v9drr90U37p9c9PG7tcZFey678n876tYqhNKeJKFnJbq/H3J6+dLM8czOtkNPoHs/xEm3V89ezP77eaVqq7/suGbP3FtWC+Hb9vGGyc5/jU3NQqQm5w9XIksaFZ/MlCT0BWA7siYvcKlp/V2cmHP9mbpbdtXjp9+fjbuAX9TJWPIx6q7f/5uCn+QlJbU6v+yfGhKM8cHC+OiqW+//HKi/X5/rp0Q/xDncU0tNJgm7h6OWJT0+M/j79oBkV/7Wz367jy63st72mW7v8kjs3Xl8iP/42L1ZYd/wPJy9X0QD7uram5uXMTEQP5iIbxk4tLK/JF+Sz+0f2N8dfui9PsHPf3R/l8eyIiO4jviYh7I2Jfvu33RcT9EbG/TfzfPvPA6+1raIXH/y2QxX+83f6PGEnq++tXkOg79c0Xrdbf2fnvcDU1mo+pP/8NtFhupxu42voDAACAO0Fa7YNO0rG6328XdsamtHx2du5AKd48c7zWVz0S/WnxTddw3fehE/l3w0V+8qb8oYjYXv2l0cZqfmz6bHnrOsUM1Gyua/+1c0Gajo3Vpv3W6kcvwN2jq360+h+dffb5rd8YYE35vyb0Lu0fepf2D71L+4fe1az9X4q4sQ6bAqwxn//Qu7R/6F3aP/Qu7R960tK/xOePW8nOCSv/y395x9HVPDHg9icqwyufPVpPmu9+gX2dFS6eftHxkjsrnES0CaddItL2ZQY639S1T6TLlnlquWrp7+qZGENNamNfnhiMiE6Xc2nNarU4QySeMgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANzR/gkAAP//fHDiVg==")

5m24.628566116s ago: executing program 4 (id=5426):
r0 = fsopen(&(0x7f00000000c0)='debugfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x3, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='\x05\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)

5m24.240678973s ago: executing program 4 (id=5431):
syz_mount_image$exfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000700)=ANY=[@ANYBLOB='errors=remount-ro,keep_last_dots,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c7379735f747a2c696f636861727365743d69736f383835392d342c757466382c6b6565705f6c6173745f646f74732c6572726f72733d72656d6f756e742d726f2c74696d655f6f66667365743d3078303030303030303030303030303430312c756d61736b3d30303030303030303030303030303030303133313534302c757466382c000d2107f4ae933a85c2c86746e7fcf93b8f07fa998d72a59f34f752211bb1873da78612210b72901d9d8a4fd2716834e7b3b4b354de7781f2fb8434443395d9a19e09fe67ed8b149f352d557645701909e190ea9b328434f6915ab3b248a8757d8004e83f48cbed9807c86bbbb059732a2d9a47c660ae84222ffaaa812e887b79e2c1e46c23b4225b3261ba31455a1eb385f58eca96109a962806af58d0323d8d"], 0x1, 0x152a, &(0x7f0000001ac0)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL/T+Z1+x/mceb6fz/5Yz6z9rP287/Ne9t6YbzoOqtageuV6RAT/ErzwRxIAxAJAPwC4BgACACgdVzru/Hx2iUn/2kHYX+vh1CtdAbuSuP9ZG/c/a+P+Z23c/6yN+5+1cf+zNu5/1sb9Zywr2zg1/7W8Zd2N7///96vzhzP8/f9fJLPE6C9Wl7i+E0DMn03h/mdt3P//WsGf2Yn7n7Vx/7Oq2CtdAPsPwO//rCDbH85w/7M27j9jWdmVvv98pTeIZO3n4Eq//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ2n/GUKAC6Nr3RdjDHGGGOMMcYY++v4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/ZP7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFY1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiSjOl/If5b/9O/oCfj75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/TL4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufOnfYEIRKACFcQEMUFsEBvkCHIEOYOcQa4gVxAJIkFcEBfkDq4P8gR5g3xB/iA+KBAUDHRgAhuIi02PBjcERYIbg6LBTUGxoHjgghJBQnBzUDK4JSgV3BqUDm4LygS3B2WDckH5oEJwR1AxuDOoFNwVVA7uDqoEVYNqQfXgnqBGcG9QM7gvqBXcH9QOHgjqBA8GdYOHgnrBw0H94JGgQfBo0DB4LGgUNA6aBE2DZn/p+t6fyPuE66a76yTdQ/fUL+teurfuo/vqfvoV3V+/qgfo13SyHqgH6df1YP2GHqLf1EP1MD1cv6VH6JF6lB6tx+ixOkWP0+P123qCfkdP1JP0ZD1Fp+qpepp+V0/XM/RM/Z6epd/Xs/UcPVfP02n6Az1fL9Dp+kO9UH+kM/QivVgv0Uv1Mr1cr9Ar9Sq9Wq/Ra/U6vV5v0Bv1Jr1Zb9Fb9Ta9XX+sd+hP9E69S+/Wn+o9+jO9V3+u9+kv9H79pc7UX+kD+mt9UH+jD+lv9WH9nT6ij+pj+nt9XP+gT+iT+pQ+rc/oH/VZ/ZM+p/35k/vzX+9GGWViTIyJNbEmh8lhcpqcJpfJZSImYuJMnMltcps8Jo/JZ/KZeBNvCpqC5jwyZAqZQiZqoqaIKWKKmqKmmClmnHEmwSSYkqakKWVKmdKmtCljypiypqwpb8qbO8wd5k5zp7nL3GXuNnebqqaqqW6qmxqmhqlpappappapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWKamGammWlumpsWpoVpZVqZ1qa1aWPamESTaNqatqadaWfam/amg+lgOpqOppPpZLqYLqar6Wq6mW4mySSZnqan6WV6mT6mj+ln+pn+pr8ZYAaYZJNsBplBZrAZbIaYIWaoGWaGnz9RNSPNKDPajDFjTYpJMePNeDPBTDATzUQz2Uw2qSbVTDPTzHQz3cw0M80sM8vMNrPNXDPXpJk0M9/MN+km3Sw0C02GyTCLzWKz1Cw1y81ys9KsNKvNarMW1pr1Zr3ZaDaazWaz2Wq2mu1mu9lhdpidZqfZbXabPWaP2Wv2mn1mn9lv9ptMk2kOmAPmoDloDplD5rA5bI6YI+aYOWaOm+PmhDlhTplT5ozJe/H70ptYm93msFfZnPZqm8teY/8+zmfz23hbwBa02uaxeX8VG2ttUXuTLWaLW2dL2AR782/isracLW8r2DtsRXunrfSbuIa919a099la9n5b3d7zq7i2fcDWsY/auogAtrGtb5vaBvZR29A+ZhvZxraJbWpb26dsG/u0TbTP2Lb22d/E8+0Cu9KusqvtGrvT7rKn7Gl70H5jz9gfbTfb3fazr9j+9lU7wL5mk+3A38TD7Vt2hB1pR9nRdowd+5t4sp1iU+1UO82+a6fbGb+J0+wHdpZNt7PtHDvXzvs5Pl9Tuv3QLrQf2QwbwGK7xC61y+xyu+L/17rErrPr7Qa7w35iN9stdqvdZrdfOhG2u+xu+6ndYz+zB+zXdp/9wu63h2ym/ern+PzjO2S/tYftd/aIPWqP2e/tcfuD+jl3ZC8A+6P93v5kz1lvgZCAJCkKKIayUSxlpxx0FeWkqykXXUMRupbi6DrKTddTHspL+Sg/xVMBKkiaDFkiCqkQFaYo3UCXyitGxclRCUqgm6kk3UKl6FYqTbdRGbqdylI5Kk8V6A6qSHdSJbqLKtPdVIWqUjWqTvdQDbqXatJ9VIvup9r0ANWhB6kuPUT16GGqT49QA3qUGtJj1IgaUxNqSs3ocWpOT1ALakmt6ElqTU9RG3qaEukZakvPUjv6G7Wn56gDPU8d6QXqRJ2pC71IXekl6kbdKYl6UE96mXpRb+pDfakfvUL96VUaQK9RMg2kQfQ6DaY3aAi9SUNpGA2nt2gEjaRRNJrG0FhKoXE0nt6mCfQOTaRJNJmmUCpNpWn0Lk2nGTST3qNZ9D7Npjk0l+ZRGn1A82kBpdOHtJA+ogxaRItpCS2lZbScVtBKWkWraQ2tpXW0njbQRtpEm2kLbaVttJ0+ph30Ce2kXbSbPqU99Bntpc9pH31B++lLyqSv6AB9TQfpGzpE3/ru9B0doaN0jL6n4/QDnaCTdIpO0xn6kc7ST3SOPEGIoQhlqMIgjAmzhbFh9jBHeFWYM7w6zBVeE0bCa8O48Lowd3h9mCfMG+YL84fxYYGwYKhDE9qQwjAsFBYOo+ENYZHwxrBoiGGxsHjowhJhQnhzWDK8JSwV3hqWDm8Ly4S3h2XDcuGj91cI7wgrhneGlcK7wsrh3WGVsGpYLawe3hPWCO8Na4b3hbXC+8NS4QNhnfDBsG74UFgvfDisHz4SNggfDRuGj4WNwsZhk7Bp2Cx8PGwePhG2CFuGrcInw9bhU2Gb8OkwMXwmbBs++/P8Awv+eD4p7BH2DF8OXw69v0/Ojc6LpkU/iM6PLoimRz+MLox+FM2ILoouji6JLo0uiy6ProiujK6Kro6uia6Nrouuj26Iel89Gzh0wkmnXOBiXDYX67K7HO4ql9Nd7XK5a1zEXevi3HUut7ve5XF5XT6X38W7Aq6g084468iFrpAr7KLuBlfE3eiKuptcMVfcOVfCJbimrplr5pq7J1wL19K1ck+6J91T7in3tHvaPePaumddO/c319495zq4593z7gXXyXV2XdyLrqsbl+vCezLJ9XQ9XS/Xy/VxfVw/18/1d/3dADfAJbtkN8gNcoPdYDfEDXFD3VA33A13I9wIN8qNcmPcGJfiUtx4N95NcBPcRDfRTXaTXapLddPcNDfdTXcVZ1w4ymw32811c12aS3Pz3flzxnS30C10GS7DLXaL3VK31C13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdDrfD7fTXXFjU7XF73V63z+1z+92XLtN95Q64r91B94075L51h9137og76o65791x94M74U66U+60O+N+dGfdT+6c8y4lMi4yPvJ2ZELkncjEyKTI5MiUSGpkamRa5N3I9MiMyMzIe5FZkfcjsyNzInMj8yJpkQ8i8yMLIumRDyMLIx9FMiKLIosjSyJLI8si3hfYHPpCvrCP+ht8EX+jL+pv8sV8ce98CZ/gb/Yl/S2+lL/Vl/a3+TL+dl/Wl/Pl/WO+kW/sm/imvpl/3Df3T/gWvqVv5Z/0rf1Tvo1/2if6Z3xb/6xv5//m2/vnfAf/vO/oX/CdfGffxb/ou/qXfDff3Sf5Hr6nf9n38r19H9/X9/Ov+P7+VT/Av+aT/UA/yL/uB/s3/BD/ph/qh/nhMW/5EZcukWGsT/Hj/Hj/tp/g3/ET/SQ/2U/xqX6qn+bf9dP9DD/Tv+dn+ff9bD/Hz/XzfJr/wM/3C3y6/9Av9B/5DL/o0k1lv9yv8Cv9Kr/ar/Fr/Tq/3m/wG/0mv9lv8Vv9Nr/df+x3+E/8Tr/L7/af+j3+M7/Xf+73+S/8fv+lz/Rf+QP+a3/Qf+MP+W/9Yf+dP+KP+mP+e3/c/+BP+JP+lD/tz/gf/Vn/kz/H/2eNMcYYY+xPGXd5KH49c+F2fo/fyRG/2LknAFy9JX/mL+fPn1GuzXNh3FvEt44AwDPdOz58aatSJSkp6eK+GRKCwnMALv1N0HkxcDleBK3gKUiEllDyd+vvLTqfoX+wfvQ2gBy/yImFy/Hl9T8HwKTfWf/xJ4fPLxOeivsf1p8DULTw5ZzscDleBK1+vr/SEkr9Qf15m/+y/tjfrp/9ixSAFr/IyQmX48v1J8AT8Cwk/mpPxhhjjDHGGGPsgt6ifPtL15+X/sXn712fx6vLOdngcvyPrs8ZY4wxxhhjjDF25T3XucvTjycmtmz/zw8q/a+y/vSgIfxfrcyD3x14D3DpJwoA/sUFAc4P5L/zUWz6txwr+eJb5++nlp72AfxntPKvGFzhDybGGGOMMcbYX+7ySf+vf66uVEGMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlgW9O/4dWJX+jEyxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjV9r/CwAA///UxgMC")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)

5m23.451989047s ago: executing program 4 (id=5438):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000240)={0x2, 0x1, 0xa, 0x4, 0x5c, &(0x7f0000000d00)="cc2e033d5508a6a9693d671a2164854c49f5ab49952a1307de554781d1bed39ec62d6ff1691f872c568cdfaac8279c72f214f29e752330c3236827ec197b35e6dbafc97f2aefe26549340041be6024bc299474ad21c050e99ee61a8577eaf230b4e2a2b604308a2da64d225247ea998deae64e08dd1d7238ab6a4f78bd2f137c5641f6f75598a9df1021d4e94b850cc7328e09457bf759827bc920eb1074d7eafaf0d74f29b5050c134105d747c6e99d5846e65183d371754de7800f5c78df34421fc471d8130a8ebfb72427c631223f583839c356190175d1e9e16b24a80ad7e21a9b648e75543a4bf1fa2054e97fa5f3ce8f05f2946c8c11a2029c5cc3b5ce002f35c3b46904d58aa28f1fbea185089ab286c79557c74cd12e2f4f6c36b1128be2e36c69a872ff280c383f3b2141a10ad9137f23dac458f64d31851f8498ff04c0b1aa9bcf0a8511ed13617aff112c8e8cb33de2a39f12f014b49c72a60c6c844fb237c7f546e431c314a3a6ea9cb70c4da9d0c319a6ce5d0399e48755f4affa14cd59bdbafe52f3bdd5d837724ccfe1ece024ae736c74fb4e92e4feb20ef96b323d0b0cf18e4eec5e699badec5b72fea972c0e232d85f473b347e81e7c3e9553b417d79d392cd807b2c8869c7691cbcfa1eb821854a117f9d38e38857883044d4d4e35a38cc9d4a196972f6de97ca255a71a1645542f13fb118f1c96af9d908c5a95700f37ae003dea86a0e46ddced48718c850a7646a7e10faa9f83225026498fe8a3c2053a080176310c62da92f6e14b7566ae34753e7ef11d0967d35baff265f2f616c747c25ec10d5a6b989990ef84a8c77828c5cc90b111850962bdd5a92c90846894d094f582fd501f7f2566130994861dbfc25397844e661798962e57c3e13f04b45fc5b3cae610c23c7e6c4edb2437ded7e21bb1baaef546c58277faa6c0b1391d9b6a8fb8f5145226e378ddfe05ecc5cda2d3407e4e086a01d0f55a15f77f06d607eac6a8d7b681a75aecfa3431f9aec0c3e37d0f4e9b77c43bf5db3f17451cb645b3253868469951fbbbf4d1a4fdab4ba48676a0579e6cdc892bbfda99a576962553244895fb8b307511fef172d2a7269c8c884ee05e3ed7b20ed98f9f1db5b352321a238c0da1b717e3a9e5c54a43d96258a618288b8d0048b49097845cbbe1d9344e11066b9152229888f2c52c4cdf9861f27886c985c888ac843bbfff57b5816fe592ad0b9d69ec590e15a5f5f0dd51e377fa79c0cb20a7d38449c03f1d4db243271b77f07a21a933cf9fb62eeb4a43c4a8dc2cee6a423cca675974d128773900fce7c25ee6599e7b433e84fafb3a3cacb5c9801f7528ef2874017a75312400bf049aa8acb2258295cfe722390973cbd82454e14d05dc96fc29cfc00da983ffffc0da92b5c044c24ac3ed7a0e8be3f60aac5388536778e8a"})

5m22.672864442s ago: executing program 4 (id=5443):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000700)={<r0=>0xffffffffffffffff})
sendmmsg(r0, &(0x7f000000a4c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000009480)=[{0x408, 0x1, 0x1, "8f66e98e752fffaf3be5fafd89aaf907d5e0d51a274fbb9646bd1965aa05ae8507da4337f0bef564e5032db7fedf4ec37befe22ef17b1aa55e45e5ac9d1c71096a866de213fa425b90988d9c619662ec1b6cdbaa6554313bfd28a04dd1fbd53f961c8d562ad254775dcc3b21c1bcdd0162c00b36fed7571b429b9130ebc660b776219e6c664f5fef6d5f414e8a4d8257361a50e0606abf8e2aa7272953269ff8969c9bb8273b7cf97b7dd65348fc0f60e550d1925d8563e14329abe1a5ba5d988ccf2541812da336ae566a8155581a7d0686f79dbbcef9f3dfaa4cf964350b68d3877732b10c8440ff62094217fa120bc7e7da253b727df47cbf88bf492cff9299e6f00cbe55b23a1d33a69740dd4919eba21447eaddc68b7f225e2bcb598f1c2285c1fdef06ab1631a6ddfe40f2c79db7afe5aced4a5c66508eac54df7506b55e4cb2bd3a6c616a9895d7a4ac7061d7d74812a201acc9a8611bcace51a1fd216f0bcd1271ac1186d63ba3cbda19684242c9d57de8388e02eba2aa66a6d4e81116436158f9387d922e0e26f1ba6ee4edae003043fa619ad88b40d87f25330be8616981578c7027661c922976c09a5631ccfb17bfda00c20a574e2c068a13c3903acb8f41f15047edc21e301234b9c4ae5cefd63faa52b209c3a00e7ddef943e6d15e81cd10ce903d8d55e8fc88df49c14c4c2ed68b44839c37dbd3fc33a099da154a9dbe62c8b4aa3680e9f47b7cc7ffd36b15bc6698252c420b94ec1ed22b4a54f1a9ab2422ab34158f7880974eb2dbdf73a0332c34bad6d236de5e76bd27900dc1019f20b8d0a9dd2f2bda3d1cb2ec9117ad41683a5bcf6f9f41e5eb703df03dc1d787d1015c048d5c1954794aa8d3014425f4622d425843efa04dd0889e6f1c8601c53bde9d73051959a946f5986400f97153d414dedbd814bac40e2b774e731ce2433e3cbd2b7118dc3915872027543d13e7abbdab258ebddffb7196d9ed4e5a5142912e7720d6926feec26715265046018e19496c8a89544f1bd994713ad0fa5b3d8e0a411f6805ee98ca60507900213ee237d05dbbe4b57f3b2328d8e05de7055611083efe1a0e2e1cf842007e2be6ddfa44c6aaf7d4e2618eaed91454cef8ac97ea0aced382ad8de944385031d04b8f657a1e158bde6189ddb6a2b6856357a65140b175ba38db78f65888c9ee78e8e73c119eac4c6965ee75063cae4bd281236b971a757903153782c3358a29935208c265988cdb27eb87e4ad0967cb59c34214fb0e4373fe21eee0409726561f0133ee109745ee02b26d391f4daaf6b0b3b6acbf367f7670b0b967346f034f9786bee4f008e41f463be72dda13a88f32224f8493bd4482613188ba14dad81bb723d73a7b1f3163c281f916c2aa782b6ab29efac696db9b99af460a89bd821f3b"}], 0x408}}], 0x2, 0x8800)

5m21.50615766s ago: executing program 34 (id=5443):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000700)={<r0=>0xffffffffffffffff})
sendmmsg(r0, &(0x7f000000a4c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000009480)=[{0x408, 0x1, 0x1, "8f66e98e752fffaf3be5fafd89aaf907d5e0d51a274fbb9646bd1965aa05ae8507da4337f0bef564e5032db7fedf4ec37befe22ef17b1aa55e45e5ac9d1c71096a866de213fa425b90988d9c619662ec1b6cdbaa6554313bfd28a04dd1fbd53f961c8d562ad254775dcc3b21c1bcdd0162c00b36fed7571b429b9130ebc660b776219e6c664f5fef6d5f414e8a4d8257361a50e0606abf8e2aa7272953269ff8969c9bb8273b7cf97b7dd65348fc0f60e550d1925d8563e14329abe1a5ba5d988ccf2541812da336ae566a8155581a7d0686f79dbbcef9f3dfaa4cf964350b68d3877732b10c8440ff62094217fa120bc7e7da253b727df47cbf88bf492cff9299e6f00cbe55b23a1d33a69740dd4919eba21447eaddc68b7f225e2bcb598f1c2285c1fdef06ab1631a6ddfe40f2c79db7afe5aced4a5c66508eac54df7506b55e4cb2bd3a6c616a9895d7a4ac7061d7d74812a201acc9a8611bcace51a1fd216f0bcd1271ac1186d63ba3cbda19684242c9d57de8388e02eba2aa66a6d4e81116436158f9387d922e0e26f1ba6ee4edae003043fa619ad88b40d87f25330be8616981578c7027661c922976c09a5631ccfb17bfda00c20a574e2c068a13c3903acb8f41f15047edc21e301234b9c4ae5cefd63faa52b209c3a00e7ddef943e6d15e81cd10ce903d8d55e8fc88df49c14c4c2ed68b44839c37dbd3fc33a099da154a9dbe62c8b4aa3680e9f47b7cc7ffd36b15bc6698252c420b94ec1ed22b4a54f1a9ab2422ab34158f7880974eb2dbdf73a0332c34bad6d236de5e76bd27900dc1019f20b8d0a9dd2f2bda3d1cb2ec9117ad41683a5bcf6f9f41e5eb703df03dc1d787d1015c048d5c1954794aa8d3014425f4622d425843efa04dd0889e6f1c8601c53bde9d73051959a946f5986400f97153d414dedbd814bac40e2b774e731ce2433e3cbd2b7118dc3915872027543d13e7abbdab258ebddffb7196d9ed4e5a5142912e7720d6926feec26715265046018e19496c8a89544f1bd994713ad0fa5b3d8e0a411f6805ee98ca60507900213ee237d05dbbe4b57f3b2328d8e05de7055611083efe1a0e2e1cf842007e2be6ddfa44c6aaf7d4e2618eaed91454cef8ac97ea0aced382ad8de944385031d04b8f657a1e158bde6189ddb6a2b6856357a65140b175ba38db78f65888c9ee78e8e73c119eac4c6965ee75063cae4bd281236b971a757903153782c3358a29935208c265988cdb27eb87e4ad0967cb59c34214fb0e4373fe21eee0409726561f0133ee109745ee02b26d391f4daaf6b0b3b6acbf367f7670b0b967346f034f9786bee4f008e41f463be72dda13a88f32224f8493bd4482613188ba14dad81bb723d73a7b1f3163c281f916c2aa782b6ab29efac696db9b99af460a89bd821f3b"}], 0x408}}], 0x2, 0x8800)

20.113415806s ago: executing program 2 (id=9176):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, 0x0, &(0x7f0000000080)=0x16)

19.723170146s ago: executing program 2 (id=9180):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
bind$phonet(r0, &(0x7f0000000000)={0x23, 0x20}, 0x10)
close(r0)

19.335318596s ago: executing program 2 (id=9184):
r0 = open(&(0x7f0000000040)='./bus\x00', 0x1612c2, 0x17)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/zoneinfo\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x4000000400010046)

19.0015672s ago: executing program 2 (id=9187):
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000040)={[{@test_dummy_encryption}, {@jqfmt_vfsv1}]}, 0x2, 0xbbf, &(0x7f0000000440)="$eJzs3M9rHOUbAPBnJptt2ub73VRErBcjIi2I26SSYotgKxUvHgS9Cg3ppoRsf5BEatIcNvoPiHoWvAhqUTzYcy+KXr1oe1U8CEVioyCikdkfSdpk09TudmL7+cC7877z7u7zPDvszrywuwHctwazmzRib0ScSCJKzf1pRBTrvb6IWuN+S4vzY78vzo8lsbz8yi9JJBFxfXF+rPVcSXO7uznoi4hvn0/igbfWx52enZscrVYrU83xgZnT5w5Mz849NXF69FTlVOXM8KFnRg6OHBo6PNKxWv/44eil3x578afanx//dfHXdz9M4mj0N+fW1tEpgzG48pqsVYiI0U4Hy0lPs561dSaFWzwo7XJSAAC0la65hnsoStETqxdvpfjyu1yTAwAAADpiuSdiGQAAALjHJdb/AAAAcI9rfQ/g+uL8WKvl+42Eu+vasYgYaNS/1GyNmULU6tu+6I2IXdeTWPuz1qTxsDs2GBE/Xj38WdaiS79D3kxtISIe3uj4J/X6B+q/4l5ffxoRQx2IP3jT+L9U/9EOxM+7fgDuT5ePNU5k689/6cr1T2xw/itscO76N/I+/7Wu/5bWXf+t1t/T5vrv5S3GuPDR++fbzWX1P3vphU9bLYufbe+oqNtwbSHikcJG9Scr9Sdt6j+xxRilv89X2s3lXf/yBxH7YuP6W5LN/5/owPhEtTLUuN0wxsI3I5+0i593/dnx39Wm/tb/P7U7/ue2GOO148c/X7fz6mp38/rTn4vJq/VesbnnjdGZmanhiGLy0vr9BzfPpXWf1nNk9e9/fPP3/0b1Z58JtebrkK0FFprbbPzmTTGfu3jhi3b5tNZ/eR7/k22O/9r6vy6sP/5vbzHGE1+9s7/d3Nr1b9ay+K21MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0pBHRH0laXumnabkcsTsiHoxdafXs9MyT42dfP3Mym4sYiN50fKJaGYqIUmOcZOPhen91fPCm8dMRsSci3ivtrI/LY2erJ/MuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBW7I6I/krQcEWlELJXStFzOOysAAACg4wZuHBbzygMAAADonoG8EwAAAAC6zvofAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALtvz6OUrSUTUjuyst0yxOdeba2ZAt6V5JwDkpifvBIDcFPJOAMjNba7xXS7APSi5xXxf25kdHc8FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgO1r397LV5KIqB3ZWW+ZYnOuN9fMgG5L804AyE3PZpOFu5cHcPd5i8P9yxofSG4x37d6n9qNMzu6lhMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA209/vSVpOSKKzX3lcsT/ImIgepPxiWplKCL+HxHfl3p3ZOPhlUf35ZY3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnTU9Ozc5Wq1WprJOGs3Oyh6d1U7SeMVq2yUfnTvsFGNbpLFNO3l/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkIfp2bnJ0Wq1MjWddyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3qZn5yZHq9XKVBc7edcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB+/gkAAP//FUoKgg==")
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c})

17.708552503s ago: executing program 2 (id=9201):
syz_mount_image$jfs(&(0x7f0000005dc0), &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x208000, &(0x7f0000001d40)=ANY=[@ANYBLOB="009c1b06223d15055c6d39aecad6836294e3e1fc38b80cd5eb20b39dc7dceb316fa1203f802b4368850fdef916202a989ea54a4e800c324c19bad386d9a72fc1de2fa7f100eae8a434158d0ed0d6a9061d60971bcf895342571bae0ea58240ebdd0f6f3dd42fa0f9754224a9c2045d2e098e01000000943549e2c2e191b7da91b8645dfdb324ceaf445cdc974884e2d5ac6dbf8b92da3a8a65176db66ca798dce71880c5e6837b5a99b6696d5003a06f62bbfb0b9ba0a6ffbfc2dd37662e077430379386d8e3abf802401b0e8382824a68cf51cde62ac99470edf8c757396564c8079d89017df3182005ec9fe433b122f1c02ca72eb68e41fc7ff69975649149ff4be64bd665e56a5fe9ef4d6ee02ff30ad838a9744100d520765c83c0178534e09d2f578bd10d3bfc68d1e75d6965613448d1045b6a0298d0804f82bc984e271c346d1e30886f81feb02b8320d47dc752b2dd23b4d8e20f2bda7ff84c57d63da96f044f8daaac7cb7132ef6"], 0x1, 0x5e62, &(0x7f0000011a80)="$eJzs3cuOFNcZB/Cvunt6LsQwshTLQlmMsXMhGBguhtxtbxIpq0gRm6xA47GFgpMISBRbKIw1i7xBlCwSJfus8gTZw0N4kWWQINl4lYpq5hyoKffQYJiuYc7vJzVVX52q7lP8+zpd1ScAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjxD396poqIy79JC5YjvhTDiEHEYlOvRMTiynJefxQRr8ZWc7zSrD4f0Wy/9c+RiPMRcfdwxP0Ht9aaxWefsB//PfTlI//++49O/vEff7hz/M8n3uy2/2X9X3d+djvdFgAAAPBU6rquq/Qx/2j6fD/ou1MAwEzk1/86ycvVarVarVYfvLqtnux2u4iIjfY2zXuG25OuDADYvzbis767QI/kX7RRRBzquxPAvua4+4Pp/oNba1XKt2q/Hqxst+djQXbkv1E9PL9jt+k03WNMZnX/2oxhvLxLfxZn1If9JOc/6OZ/ebt9nNbb6/xnZbf8x9unPhUn5z/s5t9xcPIfTMy/VDn/0VPlP5Q/AAAAAADsY/nv/8sz+/632nG92fzz2Z2pHvf978qM+gAAAAAAAAAAz9uzjv/3kPH/AAAAYN9qPqs3/nr40bLdPmM3yy9VES911gcKk06WWeq7HwAAAAAAAAAAAABQktH2MbyXqoi5iHhpaamu6+bS1q2f1rNu/6Irff+hZH0/yQMAwLa7hzvn8lcRCxFxKf3W39zS0lJdLywu1Uv14nx+PzueX6gXW59r87RZNj9+gjfEo3HdXNlCa7u2aZ+Xp7V3r6+5rXE9fIKOzUaPgQNARGy/Gt33inTA1PWR6PtdDi8Gj/+Dx+OfJ9H3/RQAAADYe3Vd11X6Oe+j6Tv/Qd+dAgBmIr/+d78XUKvVarVaffDqtnqy2+0iIjba2zTvGW5PujIAYP/aiM/67gI9kn/RRhHxat+dAPa1qu8OsCfuP7i1VqV8q/brQRrfPR8LsiP/jWpru7z9pOk03WNMZnX/2oxhvLxLf16ZUR/2k5z/oJv/5e32cVpvr/Ofld3yb/ZzuYf+9C3nP+zm33Fw8h9MzL9UOf/RU+U/lD8AAAAAAOxj+e//y77/zbsMAAAAAAAAAC+c+w9ureXzXvP3/1+ZsJ7zPw+mnH8l/yLl/Aed/L/RWW/Ymr/37qP8//Pg1tpP/vTp0Tx90vzn80yV7llVukdU6ZaqUZo+y9593ubccNzc0lw1GI7SMT/13PtxNa7FeqzuWHeQ/j8etZ/Z0d70dC7dlbfbz+5oH223t7Y/t6N9Lv3uQL2Y20/FWvwyrsV7W+1N2/yU/V+Y0l5Pac/5Dz3+i5TzH7UuTf5Lqb3qTBv3Phl87nHfnk66nXd+f+fu6t7vzlSbMXy4b23N/h3roT9b/yeHxvHrG+vXT/32ys2b189EmuxYejbS5DnL+c+ly8Pn/9e32/Pzfvvxeu+T8VPnv19sxmjX/F9vzTf7e3zGfetDzn+cLjn/91L75Mf/i5z/7o//Ez30BwAAAAAAAAAAAAAAAB6nruutU0TfiYgL6fyfvs7NBABmK7/+10lerlar1Wq1+uDVbfVkb7eLiPhne5vmPcPvJl0ZALCf/S8iPu27E/RG/gXLv/fXTN/ouzPATN346OOfX7l2bf36jb57AgAAAAAAAAB8UXn8z5XW+M9vRMRyZ70d47++GyvPOv7nKM88HGD0OQ/0vYvNwXg4aA03/lo8fvzvY/H48b9HU25vbkr7eEr7/JT2hSntE0/0aMn5v9Ya77zJ/2hn+PUSxn/tjnlfgpz/sdb9ucn/65312vnXf3uR8x/syP/0zQ9/dfrGRx+fvPrhlQ/WP1j/xfnV1QvnLr61enH19PtXr62nf3vs8d7K+eexrx0HWpacf85c/mXJ+X811fIvS87/a6mWf1ly/vn9nvzLkvPPn33kX5ac//FUy78sOf9vplr+Zcn5n0i1/MuS838z1fIvS87/ZKrlX5ac/6lUy78sOf/TqZZ/WXL++Rsu+Zcl55+PbJB/WXL+Z1Mt/7Lk/M+lWv5lyfmfT7X8y5LzfyvV8i9Lzv9CquVflpz/xVTLvyw5/2+lWv5lyfl/O9XyL0vO/zupln9Zcv7fTbX8y5Lz/16q5V+WnP/3Uy3/suT8f5Bq+Zcl5/92quVflke//2/GjBkzeabvZyYAAAAAAAAAAAAAoGsWhxP3vY8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb17jZHrLO8AfvbmrB0uWwjBDQE2jgkmWbLre0xrMLeSJqSlQGhLL8a118bgW702t0aKUWiJ1KiNVD7Ah3IrUvlSEQGqqEqRK7UCCSTyiVZqG1IFqohCa2g/QEXYambe592Z8V7PbOyZc34/KX7s2TMz75x5Z3b/6/zXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ7qbXzn54qCiKxn/NXyaK4hmN32+cnGj8cesrrvYKAQAAgF491fz10rPzBQdWcaW2Y776om9+cX5+fr547Lsve/5H5ufzByaLYuKaomh+LDx5z99ubT8meaAYHxpu+/PwCnc/ssLHR1f4+NgKH9+wwsevWeHj4yt8/LITcJmNre/HNG9sa/O3E61TWlxXjDU/tnWRaz0wdM3wcHwvp2moeZ35saPF8eJEMVvMdBzfOnaoefyXb2rc151F3Ndw233d2NghP7zvcKxhKJ3jrR33tXCb4QevLiZ/9MP7Dr/pY4/fsNhc8TR03F5rndu2NNb5oXRJa61DxTX5nMQ6h9vWeeMiz8lIxzqHmtdr/L57nZdWuc6RhWVeUd3P+Xgx3Pz9o83zNNr+bb18nm5Ml/345qIoLiwsu/uYy+6rGC42dVwyvPD8jLd2ZOM2GlvpOcXomvbpTavYp415ZGvnPu1+TcTzf1O63ugSa2h/mn7wwQ2XPe9r3aeh8aiXeq1078H1fq30yx6MffFo80E/uOge3Joe/323LL0HF907i+zB/Ljb9uCWlfbg8IaR5przkzDUvM7CHtzecfxI856GmvPJW5bfg9PnTp6Znnv/B15+/OShY7PHZk/tmpnZs3Pv7pm9M9NHj5+YTb+WPNv9b1MxnF8DW9K5i9fAS7uObd+q859av9fh+DKvw4muY9f7dTja/eCGrswL8vI93XptvLVx0scfGi6WeI01n59be38d5sfd9jocbXsdLvo5ZZHX4egqXoeNY87curqvWUbb/ltsDU/X54KJtj3Y/fVI9x5c769H+mUPjqd98a+3Lv254Ma03gen1vr1yMhlezA/3PTe07gkf70/fkdzLLYvb2h84NoNxfm52bO3v+/QuXNntxdpXBHPbdsr3ft1U9tjKi7br8Nr3q8HPvz1b9ywyOUT6VyNv7zxy/iSz1XjmF23L/9cNT+7LX4+Oy7dUaSxzq70+Vzss3njfOYsucz5bBzzoenevxbPubTt/XdsifffyP0/a97P1nxTD4yMjbZevyP57Ix1vB93PlWjzfeuoeZ9X5pe3fvxWPrvSr8fX7fM+/HmrmPX+/14rPvBxfvx0Erf7ehN9/M5nvbJiZnl348bx2zesdY9Obrs+/HNaQ6l8/+ylBRyLmrbO0vt23xfo6Nj6XGNxj107tOdHcePpWzWuK/P7ii3T7fd3LqtkfzoFlypfTrZdex679P8frXUPh1a6btv5XQ/n+NpX1y3c/l92jjm4q7e3zs3xm/b3js3rLQHx0Y2NNY8ljdh6/1+fmPswduLw8Xp4kRxpPnRDc39NNS8r6ndq9uDG9J/V/q9cvMye3Bb17HrvQfz57Gl9t7Q6OUPfh10P5/jaV98dPfye7BxzOv2ru/XrtvSJfmYtq9du7+/ttT3vG7oOk1P5/e8Guv8h73Lf2+2ccyJO9aaM5c/T7elS65d5Dx1v36Xek0dKa7Medqc1vn9O5Y+T431NI75yL5V7qcDRVF84e4Dze/3pr9f+fz5b32x4+9dDrQ+9qV9C7d12Vcdi/29zxfuPnDxn+/6yVoeIwD97WfNX7duan2ua/ubqdX8/T8AAAAwECL3D6eZyf8AAABQGZH74/8Kz+R/AAAAqIzI/aNpZjXJ/w/+2/Pe/dP7i9zMn0/i43EazjzROi46rp9Mf56cX9C4/DWf+cevv/3+1d33cFEUP73rXxY9/sEnYl0tD6d1Tn678/LLbP72qu7/HfcuHNfeAZxItx+Pp3sbfPm/n2heb3Jfa16862JzvvnCgw80Pn5pX+vP0Z188n9ax/15KvMeOPr3Hdff9ljr/rY+tvzjiut97o0b737B2xbuL643tOVZzYfx0Ve2bjd+7s3Dr20dfykdt9T6/+6PP/u5xvHve8ni679/ePH1P5lu9ztp/uSp1uXt57Tx57jeH6b1x/3F9W7/9FcWXf8jb2gd/0h6Xj6ZZvf6X/2nL3yq/XzF+uN+Djzeul7c/8xf/0fzenF7cfvd6x9/1RMd56P79i9+vnU7+9/zvyPtx8flcT953z3e+Tw3bqd9v4XP/tHFjvNc/Hvren/Ttf64vTOPL77+27rWeWb7pub1l6qMf3z2O4s+3ljPgb96tOPxPPK9dP5ec0/zdsd/nPZj+vj/Pdy6ve6flvDo9zrfT+L4T060Xpdxe9Nd63+4a/0XXtw4dyuv/84ftdb/yKu+2vl8/GdrHQd+0Jorrf/YJ77Zcf1Pfav1fJx979Sp03Pnj0eHeiL97J8z323d3jXjGzdd+4xnPuvZ6b2y+88HT5975+zZyZnJmaKYHMAfifd0r//Taf5Xa1xY79u/ryiK97Z9Xrv19a39V7zo0p+8+M7PvDOO+6fXtS5/6O7W562XpuMeTpdfSM933M7HP9b6fNjr+uN+lpp5vat0/msf3rOqA9Pj/+hN1zdfZUMXWxd3v1+VFa/zx5/X+bp/7K2t+aV0XufTT2becv3Xmsd133/8bISH3tJ6fcdXcnH9Xtf/l+n5vuc7rduP283rTV/HfGVz5/tjPD9fur/rJw1MtH6Kx4X0/lFcaH08joqvqR66dP1alrmkuffPTZ84fur8+6bPzc6dm557/wcOnjx9/tS5g82fzXnwXStdf+H1van5+j4yu2dX0Xy1n26Np9nVXv+Zew8f2Ttzy5HZo4fOHz1375nZs8cOz80dnj0yd8uho0dn37vS9Y8f2b99x76de3dMHTt+ZP8d+/bt3Dd1/NTpxjJai1rBnpl3T506e7B5lbn9u/Zt371718zUydNHZvfvnZmZOr/S9Zufm6Ya137P1NnZE4fOHT85OzV3/AOz+7fv27Nnx4o/3e/kmaNzk9Nnz5+aPj83e3a69VgmzzUvbnzuW+n60DD3iY2Lfp4aSl+9b79tT/75rA2f+eCSN9U6pOsHiH4//Syab/zFn+1ezZ8j94+lmdUk/wMAAEAdRO7fkGYm/wMAAEBlRO6/Js1M/gcAAIDKiNw/nmZWk/yv/6//r/+v/x/0//X/y9D/1/8vQ/9f/38Q1q//r/9P7/qt/x+5f2NR1DL/AwAAQB1E7t+UZib/AwAAQGVE7r82zUz+BwAAgMqI3P+MNLOa5H/9f/1//X/9/6D/r/9fhv6//n8Z+v/6/4Owfv1//X9612/9/8j9z0wzq0n+BwAAgDqI3P+sNDP5HwAAACojcv+z08zkfwAAAKiMyP0TaWY1yf/6//r/+v/6/0H/X/+/DP1//f8y9P/1/wdh/fr/+v/0rt/6/5H7fy7NrCb5HwAAAOogcv9z0szkfwAAAKiMyP3PTTOT/wEAAKAyIvdfl2ZWk/yv/6//3z/9/4VarP6//r/+/+DQ/9f/L0P/X/9/ENav/6//T+/6rf8fuf95aWY1yf8AAABQB5H7r08zk/8BAACgMiL3Pz/NTP4HAACAyojcvznNrCb5X/9f/79/+v/+/f+g/6//P0j0//X/y9D/1/8fhPXr/+v/07t+6/9H7v/5NLOa5H8AAACog8j9N6SZyf8AAABQGZH7X5BmJv8DAABAZUTuvzHNrCb5X/9f/1//X/8/6P/r/5eh/6//X4b+v/7/IKxf/1//n971W/8/cv8L08xqkv8BAACgDiL3vyjNTP4HAACAyojc/+I0M/kfAAAAKiNy/2SaWU3yv/6//r/+v/5/0P/X/y9D/1//vwz9f/3/QVi//r/+P73rt/5/5P6b0sxqkv8BAACgDiL3b0kzk/8BAACgMiL335xmJv8DAABAZUTu35pmVpP8r/+v/6//r/8f9P/1/8vQ/9f/L0P/X/9/ENav/6//T+/6rf8fuf8laWY1yf8AAABQB5H7b0kzk/8BAACgMiL3vzTNTP4HAACAyojcvy3NrCb5X/9f/1//X/8/6P/r/5eh/6//X4b+v/7/IKxf/1//n971W/8/cv/L0sxqkv8BAACgDiL335pmJv8DAABAZUTuvy3NTP4HAACAyojcP5VmVpP8r/+v/6//r/8f9P/1/8vQ/9f/L0P/X/9/ENav/6//T+/6rf8fuf/laWY1yf8AAABQB5H7b08zk/8BAACgMiL3T6eZyf8AAABQGZH7Z9LMapL/9f/1//X/9f+D/r/+fxn6//r/Zej/6/8Pwvr1//X/6V2/9f8j929PM6tJ/gcAAIA6iNy/I81M/gcAAIDKiNy/M81M/gcAAIDKiNy/K82sJvlf/1//X/9f/z/o/+v/l6H/r/9fhv6//v8grF//X/+f3vVb/z9y/+40s5rkfwAAAKiDyP170szkfwAAAKiMyP1708zkfwAAAKiMyP13pJnVJP/r/+v/6//r/wf9f/3/MvT/9f/L0P/X/x+E9ev/6//Tu37r/0fu35dmVpP8DwAAAHUQuf8VaWbyPwAAAFRG5P5fSDOT/wEAAKAyIvf/YppZTfK//r/+v/6//n/Q/9f/L0P/X/+/DP1//f9BWL/+v/4/veu3/n/k/v1pZjXJ/wAAAFAHkftfmWYm/wMAAEBlRO5/VZqZ/A8AAACVEbn/QJpZTfK//r/+v/6//n/Q/x+Q/v8frOKYK0j/X/+/DP1//f9BWL/+v/4/veu3/n/k/lenmdUk/wMAAEAdRO5/TZqZ/A8AAACVEbn/tWlm8j8AAABURuT+16WZ1ST/6//r/+v/6/8H/f8B6f/3Gf1//f8y9P/1/wdh/fr/+v/0rt/6/5H7X59mVpP8DwAAAHUQuf+X0szkfwAAAKiMyP1vSDOT/wEAAKAyIvffmWZWk/yv/6///3T1/zek29D/b9t3+v9N+v/6/2uh/6//X6yl/z+UXsH6/01Xuz8/6OvX/9f/p3f91v+P3P/LaWY1yf8AAABQB5H770ozk/8BAACgMiL3351mJv8DAABAZUTuf2OaWU3yf9/3/9Md6v8v2f9/ZmP2Y/8/6P+37Tv9/yb9f/3/tdD/1/8v/Pv/pV3t/vygr1//X/+f3vVb/z9y/z1pZjXJ/wAAAFAHkft/Jc1M/gcAAIDKiNz/q2lm8j8AAABURuT+N6WZ1ST/933/P9H/H7x//z/o/7ftO/3/Jv1//f+10P/X/y/0/0u72v35QV+//r/+P73rt/5/5P5fSzOrSf4HAACAOojc/+Y0M/kfAAAAKiNy/1vSzOR/AAAAqIzI/W9NM6tJ/tf/1//X/9f/D/r/+v9l6P/r/5eh/6//Pwjr1//X/6d3/db/j9x/b5pZTfI/AAAA1EHk/relmcn/AAAAUBmR+389zUz+BwAAgMqI3P8baWY1yf/6//r/+v/6/0H/X/+/DP1//f8y9P/1/wdh/fr/+v/0rt/6/5H7fzPNrCb5HwAAAOogcv/b08zkfwAAAKiMyP2/lWYm/wMAAEBlRO7/7TSzmuR//X/9f/1//f+g/6//X4b+v/5/Gfr/+v+DsH79f/1/etdv/f/I/b+TZlaT/A8AAAB1ELn/d9PM5H8AAACojMj9B9PM5H8AAACojMj970gzq0n+1//X/9f/1/8P+v/6/2Xo/+v/l6H/r/8/COvX/9f/p3f91v+P3H8ozawm+R8AAADqIHL/76WZyf8AAABQGZH7D6eZyf8AAABQGZH7j6SZ1ST/6//r/+v/6/8H/X/9/zL0//X/y9D/1/8Pyz0hV3v969X/Hyn0/6mvfuv/R+6fTTOrSf4HAACAOojcfzTNTP4HAACAyojcfyzNTP4HAACAyojc/840s5rkf/1//X/9f/3/oP+v/1+G/r/+fxn6//r/g7B+//6//j+967f+f+T+42lmNcn/AAAAUAeR+9+VZib/AwAAQGVE7n93mpn8DwAAAJURuf9EmllN8r/+v/6//r/+f9D/1/8vQ/9f/78M/X/9/0FYv/6//j+967f+f+T+k2lmNcn/AAAAUAeR+0+lmcn/AAAAUBmR+0+nmcn/AAAAUBmR+8+kmdUk/+v/6//r/+v/B/1//f8y9P/1/8vQ/9f/H4T16//r/9O7fuv/R+7//TSzmuR/AAAAqIPI/WfTzOR/AAAAqIzI/XNpZvI/AAAAVEbk/nNpZjXJ//r/+v/6//r/Qf9f/78M/X/9/zL0//X/B2H9/8/eXfuIkl1bHL7JkyZ6/+1jNDMzM/OYmZmZmZnZgYPea0uWx7Z8ymNXnf19yZZucHXU6qBX8FPp//X/HHe2/j+7/1/qtiH7HwAAACbI7v/Xus3+BwAAgG1k9/9b3Wb/AwAAwDay+/+9bhuy//X/+n/9v/4/9P/6/xX6f/3/Cv2//v8K79f/6/857mz9f3b/f9RtQ/Y/AAAATJDd/591m/0PAAAA28ju/6+6zf4HAACAbWT3/3fdNmT/6//1//p//X/o//X/K/T/+v8V+n/9/xXer//X/3Pc2fr/7P7/qduG7H8AAACYILv/f+s2+x8AAAC2kd3/f3Wb/Q8AAADbyO7//7ptyP7X/+v/9f/6/9D/6/9X6P/1/yv0//r/K7xf/6//57iz9f/Z/Xep24bsfwAAAJggu/+udZv9DwAAANvI7r9b3Wb/AwAAwDay++9etw3Z//p//b/+X/8f+n/9/wr9v/5/hf5f/3+F9+v/9f8cd7b+P7v/HnXbkP0PAAAAE2T337Nus/8BAABgG9n996rb7H8AAADYRnb/veu2Iftf/6//1//r/0P/r/9fof/X/6/Q/+v/r/B+/b/+n+PO1v9n99+nbhuy/wEAAGCC7P771m32PwAAAGwju/9+dZv9DwAAANvI7r9/3TZk/+v/9f/6f/1/6P/1/yv0//r/Ffp//f8V3q//1/9z3Nn6/+z+B9RtQ/Y/AAAATJDd/8C6zf4HAACAbWT3P6hus/8BAABgG9n9D67bhux//b/+X/+v/w/9v/5/hf5f/79C/6//v8L79f/6f447W/+f3f+Qum3I/gcAAIAJsvsfWrfZ/wAAALCN7P6H1W32PwAAAGwju//hdduQ/a//1//r//X/of/X/6/Q/+v/V+j/9f9XeL/+X//PcWfr/7P7H1G3Ddn/AAAAMEF2/yPrNvsfAAAAtpHd/6i6zf4HAACAbWT3P7puG7L/9f/6f/2//j/0//r/Ffp//f8K/b/+/wrv1//r/znubP1/dv9j6rYh+x8AAAAmyO5/bN1m/wMAAMA2svsfV7fZ/wAAALCN7P7H121D9r/+X/+v/9f/h/5f/79C/6//X6H/1/9f4f36f/0/x52t/8/uf0LdNmT/AwAAwATZ/U+s2+x/AAAA2EZ2/5PqNvsfAAAAtpHd/+S6bcj+1//r//X/+v/Q/+v/V2zY/9/8Cuj/9f/6f/2//l//z2Fn6/+z+59Stw3Z/wAAADBBdv9T6zb7HwAAALaR3f+0us3+BwAAgG1k9z+9bhuy//X/+n/9v/4/9P/6/xUb9v++/3/rb93/3/ZH/6L/1/9f4f36f/0/x52t/8/uf0bdNmT/AwAAwATZ/c+s2+x/AAAA2EZ2/7PqNvsfAAAAtpHd/+y6bcj+1//r//X/+v/Q/+v/V+j/9f8r9P/6/yu8X/+v/+e4s/X/2f3PqduG7H8AAACYILv/uXWb/Q8AAADbyO5/Xt1m/wMAAMA2svufX7cN2f/6f/2//l//H/p//f8K/b/+f4X+X/9/hffr//X/HHe2/j+7/wV125D9DwAAAJf1V2z37P4X1l35PwAAAIBzy+5/Ud1m/wMAAMA2svtfXLcN2f/6f/3/Ofr/22/d0fv1//r/W/r/09P/6/9X6P/1/1d4v/5f/89xZ+v/s/tfUrcN2f8AAAAwQXb/7XWb/Q8AAADbyO5/ad1m/wMAAMA2svtfVrcN2f/6f/3/Ofr/md//v03//wc/T/2//v+O6P/1/7f0/8v+0f381d+v/9f/c9zZ+v/s/pfXbUP2PwAAAEyQ3f+Kus3+BwAAgG1k97+ybrP/AQAAYBvZ/a+q24bsf/2//l//7/v/of/X/6/Q/+v/V+j/9f9XeL/+X//PcWfr/7P7X123Ddn/AAAAMEF2/2vqNvsfAAAAtpHd/9q6zf4HAACAbWT3v65uG7L/9f/6f/2//j/0//r/Ffp//f8K/b/+/wrv1//r/znubP1/dv/r67Yh+x8AAAAmyO5/Q91m/wMAAMA2svvfWLfZ/wAAALCN7P431W1D9r/+X/+v/9f/h/5f/79C/6//X6H/1/9f4f36f/0/x52t/8/uf3PdNmT/AwAAwATZ/W+p2+x/AAAA2EZ2/1vrNvsfAAAAtpHd/7a6bcj+1//r//X/+v/Q/+v/V+j/9f8r9P/6/yu8X/+v/+e4s/X/2f1vr9uG7H8AAACYILv/HXWb/Q8AAADbyO5/Z91m/wMAAMA2svvfVbcN2f/6f/2//l//H/p//f8K/b/+f4X+X/9/hffr//X/HHe2/j+7/91125D9DwAAABNk97+nbrP/AQAAYBvZ/e+t2+x/AAAA2EZ2//vqtiH7X/+v/9f/6/9D/6//X6H/1/+v0P/r/6/wfv2//p/jztb/Z/e/v24bsv8BAABgguz+D9Rt9j8AAABsI7v/g3Wb/Q8AAADbyO7/UN02ZP/r//X/+n/9f+j/9f8r9P/6/xX6f/3/Fd6v/9f/c9zZ+v/s/g/XbUP2PwAAAEyQ3f+Rus3+BwAAgG1k93+0brP/AQAAYBvZ/R+r24bsf/2//l//r/8P/b/+f4X+X/+/Qv+v/7/C+/X/+n+OO1v/n93/8bptyP4HAACACbL7P1G32f8AAACwjez+T9Zt9j8AAABsI7v/U3XbkP2v/9f/79X/36R4+v8b+v8b+v87l/5f/79C/6//v8L79f/6f447W/+f3f/pum3I/gcAAIAJsvs/U7fZ/wAAALCN7P7P1m32PwAAAGwju/9zdduQ/a//1//v1f/f0P/f0P/f0P/fufT/+v8V+n/9/xXer//X/3Pc2fr/7P7P121D9j8AAABMkN3/hbrN/gcAAIBtZPd/sW6z/wEAAGAb2f1fqtuG7H/9v/5f/6//D/2//n+F/l//v0L/r///U/75RO/X/+v/Oe5s/X92/5frtiH7HwAAACbI7v9K3Wb/AwAAwDay+79at9n/AAAAsI3s/q/VbUP2v/5f/6//1/+H/l//v0L/r/9fof/X/1/h/fp//T/Hna3/z+7/et02ZP8DAADABNn936jb7H8AAADYRnb/N+s2+x8AAAC2kd3/rbptyP7X/+v/9f/6/9D/6/9X6P/1/yv0//r/K7xf/6//57iz9f/Z/d+u24bsfwAAAJggu/87dZv9DwAAANvI7v9u3Wb/AwAAwDay+79Xtw3Z//p//b/+X/8f+n/9/wr9v/5/hf5f/3+F9+v/9f8c9+f6//qb/+/a/2f3f79uG7L/AQAAYILs/h/UbfY/AAAAbCO7/4d1m/0PAAAA28ju/1HdNmT/6//1//p//X/o//X/K/T/+v8V+n/9/xXer//X/3Pc2b7/n93/47ptyP4HAACACbL7f1K32f8AAACwjez+n9Zt9j8AAABsI7v/Z3XbkP3/l/r/f6qr/7+h/9f/39L/N/2//v+W/l//v0j/r/+/wvv1//p/jjtb/5/d//O6bcj+BwAAgAmy+39Rt9n/AAAAsI3s/l/WbfY/AAAAbCO7/1d125D97/v/+n/9v/4/9P/6/xX6f/3/Cv2//v8K79f/6/857mz9f3b/r+u2IfsfAAAAJsju/03dZv8DAADANrL7f1u32f8AAACwjez+39VtQ/a//l//r//X/4f+X/+/Qv+v/1+h/9f/X+H9+n/9P8edrf/P7v99AAAA//8VVGrr")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents(r0, &(0x7f0000000040)=""/61, 0x3d)

14.380910874s ago: executing program 2 (id=9237):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
sendfile(r1, r0, 0x0, 0x80008)

13.689415097s ago: executing program 35 (id=9237):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
sendfile(r1, r0, 0x0, 0x80008)

11.779387684s ago: executing program 0 (id=9251):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00')
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x38, 0x10, 0x401, 0x70bd21, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8, 0x1, @udp=r1}]}}}]}, 0x38}}, 0x4005804)

8.13335001s ago: executing program 0 (id=9262):
syz_usb_connect(0x1, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
close_range(r0, r0, 0x0)

7.445520729s ago: executing program 6 (id=9268):
r0 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c)
sendmmsg$inet(r0, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001c40)="2cae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e799bd41e3f76258180fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57ce93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c098a23e765552767b122885fb1629e9c180be47da7931bd125b80de15aab0c56a2edf2e0483b87f5ab299dc046076203dea10ccbfc631d5bf4a87ce67004519f248f086346ce6a8a9d181789a59f81d9b7f6781daac3e229914b8b8998c15c3b6302a519331cb05995bc60b7cb872dd3b5b43331c77c5d72e21f7bd2b1a915ff3204e3f20d3a20b22d6a58155b5a4ebf6d1d1cd90c656ecaff0f0002ff91deb3efa91762cdeefbcc43553750f22ac5c18cc5e8b6f790c2f4e6373af9f98d10d5df49ff8e5cbcbd68e11ed0b967add11410dc2e34f08dbfaf8eb95d4d1153b4c6093192a340eb30fcc71619888c6486746a049585d249efb96b9cace83320b8f96b40ebe3a9a788d05a053380d1026b9434df87a3a387549bcabe88684c4dbf0da9a5212f3dbc8d1dff240856691243b203d7edd4d3cc89a38a6c80fdb1229a", 0x257}, {&(0x7f0000000500)="ab29d92826349952eb8f7a2a74f535bc9739c1df57144c51a3391625b8b5354134b06ef1355501aeae96e3f097503998f375a054cf3d7de4fe53ea51518955349cdbadca60e1c65cc18dbe99369be03e492fb55fc9067bb6f7f7c3ee1720000000054a63ac58225ed0502f5ac8999e0c74a5dbb320bd54ec813e8bee6bfa5cbfb0726ac1b6ad97d802d5fae186f0769421fb965c7396854e2a3aeb44a3769f8449901ba5e2b2da1ff6119aeb26ac204cfc6b54be73b6f195491ae2c0cb26b0cba61dae7a178919c6e2e31a2a074863edba4a0e58b61faec4a42c29d7f9e48a43b8cb7d3c5a1e5aa67f875381406e9036608b6ab1844ea7cf630d828118bba0f0f85e2e6316ae1ed9a2a7d08a05c170cb76bf111930df0cf760f7768571afdefe82a25296cee7c010f748a97046efcc774e7d85edbd5058104fef4942fb4430da89f67d1fea33bf738b393eed8633fc8e8f630932206960e9076c7d7fc99fce018701c50d39b811a7427a7a9fcb340c2755541f228462010ec40ba945a0febd460dad5d548f1be090f5dbaa8ae8835dc47ed2537681827f6129759272574cf58f2f33e47a0e416573cfdcfb44ed9dd4ce41af4de9c471c49f12f090934c3b32f2f4777c65b1574826727f5f628ad5de745fc858b1f6166753b33ed6006a824210fd9e0dd9f23b88e3dcb2388a7311364fac143895932d4768ccb3e05871b3d5a0ef70da8eeceb8668bf67d24174de5a412991b561733fad1096feaab1ecc5c0176df9b40b8c9c3515d0f15e6ad486ca058414f82d009f015521587860d3c39e28695b152872be1d833518c3a43cfc8e29961d03496ee5299f0429b13d5b23c5c2094f8c9240ddee0ee78be5334b9453d308019bf4503e24cc079e66549668a66275fe14630ea320d5827babe13a5073c243dfcbe082e71d14f03163fabb68d170b7524b434e6f141600000000000000a9a3c42ae3df18f3ed4017f3c860544812908b56c0cd6aa727619497e37bfa9baf4dde1e93a55ddb4181178461d02b1957bad620d73b178f97e6cc72edf23de95a27313df60d69a329605486c889fc20245694643ecde0f0810c1a1719ee3b920100eb07333c04142f07b0b241fe520e74334d990ae0dc920d07a537ab4179", 0x32e}], 0x2, 0x0, 0x0, 0x900}}], 0x1, 0x4)

7.125443286s ago: executing program 6 (id=9272):
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000069c0)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5e0b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998247856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f0b00f694c5bef739aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404c669485a2e714ec9bb31ae0f201ca2e5b9ece2b035fbe2ee8d90aa87a986a307fe4fe90b7b2a48217f79001e60692c", @ANYRESDEC], 0x2, 0x5567, &(0x7f0000006f40)="$eJzs3M1rI+UfAPAnyb6//coPD952YBFa2IRN9wW9Vd3FF+xSfDl40jRJQ3aTTGnStPYk6FE8+J+IgifBi3+DB8/exIPiTVBmnulqrS5bk23a3c8HJt+ZZ5585/sMoeWbhATgqTWX/PpzKVwKZ0MIlRDChVLI90vFlluK4dkQwuUQQvkvW6kYfzBwKoRwLoRwKUsewjfDOCc79dnV8ZWbP73+y9ffnT5x/vOvvp/dqoFZey6E0F+P+1v9GNNOjPeK8ca4m8f+jXER44n+/eI4jXGrvZpn2Grszmvk8Xonzk/XN4dZXOs1mlnsdNfy8fVBvOBw3NnNkz/hXmMjP261V/PYHaZ57OzEurZ34t/LneEo5mkV+T7I04fRaDfG8fZ2O65n/X4em4NRMR7zpq32dhbHRSwuF5ppr5XXsTrJnT7a3ugONreTcXtj2E0Hyc1a/fla/Va1vpG22qP2jWqj37p1I5nv9LJp1VG70V/qpGmn16410/5CMt9pNqv1ejJ/u73abQySer12vXatenOh2LuavHL3naTXSuaz+FJ3sHmq2xsma+lGEp+xkCzWrr+wkFypJ28tryQrb965s7zy9nu337374vJrLxeT9pWVzC9eW1ys1q9VF+sLR2D92f/dR1z/aJL1f1wUfYD1lya7PfBwXmAAB7av/w/T7f8rQf8P7Hfc+/8wzf4/a6ke2v+f+e83+og7UP9bnrz/n6j/Par9/zFeP0xE/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8NT64eQXr+Y7c/H4fDF+sRj6f3FcCiGUQwi//4NKOLUnZ6XIc/Jf5p/8Ww3flkKeIbvG6WI7F0JYKrbf/ve47wIAAAA8ub788PKnsVuPD3OzLojDFN+GKV94f0r5SlnOuR+nlK2cPTwzpWT56/tE2J5StvzOnZlSsviW24lpZXskld3w0cU/B/MFlWIoH2o5AADAoajsCYfbhQAAAHCYPpl1AcxGKTz4EHj3C/ynYyg+2jy75xwAAABwDJVmXQAAAADw2OX9v9//AwAAgCdb/P0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uVEbiOIA/GwwkH8KinJPK7lBGSkhxxyBAtIEJZAW0gA1kFvuuUSwwh4heRek1TJeC/R9km3GRr+ZAS5vLAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB06U+1mf9afPkZi+ty9ofr5JoPAAAA8NSu2szrF9Om/S6d/5BOfUrtIiLKiDhXuw9i1MocpJzqwvurR2P4HVEnHPsYp+1tRHxN2/+PXX8KAAAAcL+2q/Wsqdab3bTvAfGamkWb8v23THlFRFTTv5nSyuPuc6aw+vc9jB+Z0uoFrEmmsGbJbXj+2ihXJ22D1iHNZLKsv8S6VXbTLwAA0Kd2JXChCgEAAOAOfO97APSjOO1O9xnHzSHdEHzTagEAAAA3qOh7AAAAAEDn6vr/Fp7/98/fEgAAAODFmuf/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KVdtZlvV+vZpevLZ+bsD9fJNyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB7Yn3sUAGEwBqCf4u8mvf9NHZSIjl2d3oNCSCilAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQM/wnhq/8DRHVU1pE+bUraqWTAlrpoQtc8KeC63zyHn9+SUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABu9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GN+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu7Yt40qDAD457PPTQuIEFCGACoSAyw0cUtLRxhAEQN/AlKUOiXgUmgz0CoCZYEJZe6CYEQICRS2/g+dG6lL2TpkCBIz6M53ybV1qSnNnUt+P+n5fbYv733vfIry5V0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDaeSdeSoq4nT1MD+PytZu768tZv31Pn7m+eWsua1ncethE37z9+JOfbC9XnxyfrTz5qv5kAAAAOBzaZX0fEbfTrcWsT6bz+j8tj8lq/u+fGcZlPX9v3b+9uz5VvDVX1v+//Xrnhb2JpofzZIOurA76C/en0jmgJU68Zx96RCc/8/nvXtr5B5K8v/H8Tpqfz9a3N268283DI3VkCwA8ihNlnwVT+z8PZX2v4dwAOBw6lcK7rP/b083mBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCHnY14qoxbETHX2Y8z27vry6P665u35sp25tq1zeqY2RBpRKysDvppjWuZdJevXP1kaTDoXxoZRDzwrf8eHI+Igxn5AUGMeOvDMb484p+PKS7PqGcV/y5oTUYajQZJ8fkUr3TrveoONiivvcc/ckPfkAAA+N9Ki5bV9bfTrcXstdZMxF8/3F3/v1aJY8z6/85HZ25W56rW/73aVjj55tcufDZ/+crVN1YvLJ3vn+9/+ubJ3lu9U2dPnz47n52rhfmVSPoLTacJAADAE6xbtGr9n8zcv/9/rBLHmPX/59/1vqzO1Vb/j7S/6dd0JgAAAIdRdy967pU//2iNOKLV7cYXS2trl3rDx73nJ4ePtab7iI4UrVr/t2eazgoAAACow85G6679/3OVOMbc/3/6xxd/ro7ZjoijERcjon9i+eLgXH3LmWh1/KFyPlG36ZUCAADQlKNFq+7/p/n9/8neLQ9JRLz+6jAu/9fVOPV/+72vf6rOVb3//1R9S5xIyezwfOT9bERntumMAAAAeBKNu9U7VbSs2P893Vr8+JdjH3Td/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQt78DAAD//77oN4s=")
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f00000010c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000f80)='./file0/../file0\x00')

6.052416955s ago: executing program 8 (id=9282):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000d, 0x4008031, 0xffffffffffffffff, 0x2000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)

5.110763758s ago: executing program 3 (id=9287):
r0 = syz_io_uring_setup(0x5c2, &(0x7f00000002c0)={0x0, 0x3594, 0x10, 0x1003, 0x21e}, &(0x7f0000000240), &(0x7f0000000340))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f00000000c0)={0x1, 0xffffffffffffffff, 0x35, {0x5, 0x1}, 0x1}, 0x1)

5.059508245s ago: executing program 7 (id=9288):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x30, r1, 0x1, 0x70bd2a, 0x40000, {{}, {}, {0x14, 0x19, {0x2, 0x1, 0x1}}}}, 0x30}}, 0x4)

4.783440085s ago: executing program 3 (id=9289):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_QUEUE_SREG_QNUM={0x8, 0x4, 0x1, 0x0, 0x1e}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}}, 0x0)

4.671251808s ago: executing program 7 (id=9290):
r0 = socket$kcm(0x10, 0x3, 0x10)
recvmsg$kcm(r0, &(0x7f0000002780)={0x0, 0x0, 0x0}, 0x40000080)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="1400000036000b635ef1681c717a3c4a0ed89a5b", 0x14}], 0x1}, 0x0)

4.592931545s ago: executing program 0 (id=9291):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ip6gretap0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001800)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="03000000000000001c0012800c0001006d6163766c616e000c000280080001000800000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1], 0x4c}}, 0x800)

4.508806015s ago: executing program 6 (id=9292):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./bus\x00', 0x8, &(0x7f0000000040)={[{@autodefrag}, {@autodefrag}, {@ref_verify}, {@max_inline={'max_inline', 0x3d, [0x54]}}, {@clear_cache}, {@discard}, {@noenospc_debug}, {@barrier}, {@nospace_cache}]}, 0x1, 0x55a3, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0x4020940d, &(0x7f0000000440)={0x4})

4.354434309s ago: executing program 3 (id=9293):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000e40)={0x14, 0x2b, 0xb, 0x0, 0x0, {0x9}}, 0x14}}, 0x0)

4.270441052s ago: executing program 8 (id=9294):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0002696fad83764beb8a2462fbc43f99fac2327c63cc5887b51804412fea962e9af58943cc8aab67b900000000f49ad6207e388dc0b7f3570dd67e337b70531b3f7716b313dc238de27f7a85fe063ceeff43705ed8049ef10433c122a1ae39b4e8711c27f3955e28b2cf61781d2ed6e10fa443d2e8ad65f8731298f097f85deb8b024cf9d02e421c016a0fca49050d993a7e74695dcde372f1d1a4b6eabf69ec001c77d4ad5792609b6c0309134a2ae3f7ac440a6253c61050aaac2ec221f83baa63417f1ecaa27069f6bfdeeb0b168a5e8743d20fc879f5ef6a0ed4058710c13f6c6e682c9ed01ef6647cc3a9a838f82034fa1c595c2c419e9be778b6dd9fa81a1e4dfb88abd419f0983d5f"], 0x1, 0x178, &(0x7f0000000240)="$eJzsmDFP6lAYht9zyoXcm7u4ujhIFAdLW9S4EMPmaCJq3CRQCVrEQAdhc/F/ODs4u/kjjLM6GBdGN5Oatgc4EgEdNDG+z/DxHPr1cPqRvENBCPm1PNw/360Vb6UB4D/SSKnvn4xBj9T6X27Oyq2p9fzF3GP+KtW4HN5PAAiCj/9+AsB1wYCv1kHw9u60+ixC9n0LEgvKdyBgKt+DxLZyFwK7yg80b4T9prlf81yz3PAqoVhhscPihCU3fL7uqUBFO5/QrrfancOS57nNL5RJ8+sWJPLa+fT/qzcbS5ufDQlbeQ4Cm8pXkerNJh6J9vzTicH+xjc/P4VC+WkyyKfgXGBey6eElh9Zv36cbbU7i7V6qepW3SPHya1YS5a17GSjIIrrmPz7G+XTP23/PyN6kyKJk5LvN+249tdOXN9LXBnln0RmNl6H2Z8ceZr4ulD3icgyxph2QgghhBBCCCGEEEII+QQzENFb0Ak4G1H3awAAAP//SA92ew==")
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)=@raw={0xc, 0x6810fe690be90f4b, {"49aecf0c3ee60ecb1b"}}, &(0x7f0000000000), 0x1200)

4.237431842s ago: executing program 7 (id=9295):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000b40), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000180000006000a004e24000014000900fec0ffffffffffff0000000000000001050002000a"], 0x38}}, 0x0)

4.13132978s ago: executing program 3 (id=9296):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x8090)

3.882346835s ago: executing program 7 (id=9297):
r0 = syz_usb_connect(0x0, 0x202, &(0x7f0000000780)=ANY=[@ANYBLOB="1201100152018b401e040740185d000000010902f00101040000030904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.80373365s ago: executing program 3 (id=9298):
syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000e00)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0093d84f10fc3e1ec648b776cb7f8081d09ad0cc63a23840b824f920b21981285520a35f491e6934193661e8f46d"], 0x1, 0xd99, &(0x7f0000000e80)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
ioctl$FITRIM(r0, 0x40086e8b, &(0x7f00000000c0)={0x200000, 0xfffffffffffffff7, 0x1})

3.750254046s ago: executing program 0 (id=9299):
io_submit(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
r0 = io_uring_setup(0x4dc2, &(0x7f0000000200)={0x0, 0x9153, 0x8, 0x2, 0x20})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x18, &(0x7f0000000000), 0x1)

3.716808219s ago: executing program 8 (id=9300):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000ec0)=@raw={'raw\x00', 0x3c1, 0x3, 0x450, 0x2b0, 0x150, 0x150, 0x0, 0xf8010000, 0x380, 0x238, 0x238, 0x380, 0x238, 0x3, 0x0, {[{{@ipv6={@mcast1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, [], [], 'team_slave_0\x00', 'hsr0\x00', {}, {}, 0x84}, 0x0, 0x248, 0x2b0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'batadv0\x00', {0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x4}}}, @common=@inet=@sctp={{0x148}, {[], [], [], 0x5, [], 0x0, 0x6}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}, {{@ipv6={@empty, @mcast1, [], [], 'batadv_slave_0\x00', 'gre0\x00'}, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b0)
syz_emit_ethernet(0x83, &(0x7f00000003c0)={@random="e10931d8640a", @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x4d, 0x88, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {0x0, 0x0, 0x4d, 0x0, @opaque="8c9c0b2c31828155d4aba6b7c478e3c6764e864bfa9e756f7dcfbcc58d3b17d0fa078fcdaa45cb12b6b0dc150530caa4e74412dd869c19aa7f3f0e9705f2abd3befb520856"}}}}}}, 0x0)

3.415296153s ago: executing program 0 (id=9301):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000010000000000000000001851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000106608000000000000180000000000000000000000000000009500000000000000360a020000001000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78)

3.135280358s ago: executing program 8 (id=9302):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000009c0)='m', 0x1}], 0x1}, 0x4000005)
recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f00000005c0)=""/179, 0xb3}], 0x1}, 0x40010001)

3.057300137s ago: executing program 3 (id=9303):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x100, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, {0x4}, {0xe, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_QUANTUM={0x8, 0x7, 0xa86}, @TCA_FQ_PIE_MEMORY_LIMIT={0x8, 0x8, 0x23}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840)

2.94993407s ago: executing program 0 (id=9304):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000001800010080000000000200001d01080008000a00", @ANYRES32, @ANYBLOB='\b\x00\t\x00', @ANYRES32], 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000019"], 0x34}}, 0x0)

2.734961569s ago: executing program 8 (id=9305):
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="60000000000201040000000000000000020000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000240003801400018008000100ac1414aaf4ff0100ac1414000c0002800500010088000000040001"], 0x60}, 0x1, 0x0, 0x0, 0x40090}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="c400000010000304020000000000000000000400", @ANYRES32=0x0, @ANYBLOB="0003000000000000680012800b0001006272696467650000580002800c001f00010000000000000005001600010000000500250001000000050029000000000008000400010100000c002e0000000000000000000c001e00a00000000000000008001b00fbffffff05002a000000000008000a"], 0xc4}, 0x1, 0x0, 0x0, 0x4}, 0x8044)

2.572330689s ago: executing program 8 (id=9306):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r0, 0x8b27, &(0x7f0000000040))

1.545005262s ago: executing program 6 (id=9307):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/sockcreate\x00')
exit(0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')

364.889476ms ago: executing program 7 (id=9308):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000480)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0xff, 0x7fff0010}]})
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r0, &(0x7f0000001d80)='.\x00', 0x8000, &(0x7f0000001dc0)={0x1, 0x70, 0x20000}, 0x20)

270.608694ms ago: executing program 7 (id=9309):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x88, &(0x7f0000000180), 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file3\x00', 0x141042, 0x0)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000000)={0xe0, 0x2000009, 0x1, 0x9, 0x1, [0x20000007, 0x9, 0x3, 0xd6]})

173.848986ms ago: executing program 6 (id=9310):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
readlinkat(r0, &(0x7f0000000140)='./mnt\x00', &(0x7f0000000180)=""/10, 0xa)

0s ago: executing program 6 (id=9311):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r0, 0x0)
write$P9_RLERROR(r0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

4822] FAT-fs (loop2): Directory bread(block 68) failed
[  728.140311][T24822] FAT-fs (loop2): Directory bread(block 69) failed
[  728.140398][T24822] FAT-fs (loop2): Directory bread(block 70) failed
[  728.140428][T24822] FAT-fs (loop2): Directory bread(block 71) failed
[  728.140515][T24822] FAT-fs (loop2): Directory bread(block 72) failed
[  728.140545][T24822] FAT-fs (loop2): Directory bread(block 73) failed
[  728.289605][T24826] syz.3.7986: attempt to access beyond end of device
[  728.289605][T24826] loop3: rw=0, sector=64, nr_sectors = 2 limit=0
[  728.289695][T24826] isofs_fill_super: bread failed, dev=loop3, iso_blknum=16, block=32
[  728.580241][T24834] netlink: 'syz.7.7991': attribute type 11 has an invalid length.
[  728.580272][T24834] netlink: 224 bytes leftover after parsing attributes in process `syz.7.7991'.
[  729.569970][T24873] loop8: detected capacity change from 0 to 16
[  729.656636][T24873] erofs (device loop8): mounted with root inode @ nid 36.
[  729.685400][   T30] audit: type=1326 audit(1750971337.466:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24876 comm="syz.6.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  729.729027][T24873] syz.8.8010: attempt to access beyond end of device
[  729.729027][T24873] loop8: rw=524288, sector=8, nr_sectors = 24 limit=16
[  729.811726][T24873] syz.8.8010: attempt to access beyond end of device
[  729.811726][T24873] loop8: rw=0, sector=8, nr_sectors = 16 limit=16
[  729.813683][   T30] audit: type=1326 audit(1750971337.466:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24876 comm="syz.6.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  729.962763][   T30] audit: type=1326 audit(1750971337.503:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24876 comm="syz.6.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  730.055431][   T30] audit: type=1326 audit(1750971337.503:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24876 comm="syz.6.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  730.153754][   T30] audit: type=1326 audit(1750971337.503:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24876 comm="syz.6.8012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  730.262670][   T30] audit: type=1800 audit(1750971337.653:270): pid=24873 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.8010" name="file2" dev="loop8" ino=89 res=0 errno=0
[  730.640011][T24911] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8029'.
[  730.682163][T24911] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8029'.
[  730.715273][T24911] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8029'.
[  730.741098][T24915] loop6: detected capacity change from 0 to 16
[  730.763877][T24915] erofs (device loop6): mounted with root inode @ nid 36.
[  730.935790][T24922] loop7: detected capacity change from 0 to 256
[  731.012236][T24922] exfat: Deprecated parameter 'namecase'
[  731.060037][T24927] QAT: Device 7 not found
[  731.182206][T24922] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  731.893978][T24954] netlink: 28 bytes leftover after parsing attributes in process `syz.8.8050'.
[  731.930116][T24954] netlink: 28 bytes leftover after parsing attributes in process `syz.8.8050'.
[  732.071043][T24961] loop2: detected capacity change from 0 to 512
[  732.178513][T24961] EXT4-fs: Ignoring removed oldalloc option
[  732.301407][T24961] EXT4-fs (loop2): 1 truncate cleaned up
[  732.347484][T24961] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  732.604341][   T24] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  732.621186][ T5838] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  732.780896][   T24] usb 8-1: Using ep0 maxpacket: 32
[  732.811614][T24988] loop6: detected capacity change from 0 to 256
[  732.830144][   T24] usb 8-1: config 4 has an invalid interface number: 128 but max is 0
[  732.838665][   T24] usb 8-1: config 4 has no interface number 0
[  732.857905][   T24] usb 8-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  732.935235][   T24] usb 8-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  732.977600][   T24] usb 8-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  733.010719][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.075797][   T24] hub 8-1:4.128: USB hub found
[  733.271090][T25003] program syz.0.8072 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  733.290906][   T24] hub 8-1:4.128: 2 ports detected
[  733.306700][   T24] hub 8-1:4.128: Using single TT (err -22)
[  733.534742][   T24] hub 8-1:4.128: hub_hub_status failed (err = -71)
[  733.541369][   T24] hub 8-1:4.128: config failed, can't get hub status (err -71)
[  733.636890][   T24] usb 8-1: USB disconnect, device number 9
[  734.123061][T25031] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  734.184457][T25033] loop6: detected capacity change from 0 to 256
[  734.240211][T25033] exfat: Deprecated parameter 'namecase'
[  734.246732][T25036] netlink: 40 bytes leftover after parsing attributes in process `syz.8.8089'.
[  734.288817][T25033] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  734.386043][T25033] overlay: filesystem on ./file0 not supported
[  734.428113][T25041] netlink: 132 bytes leftover after parsing attributes in process `syz.7.8090'.
[  734.506972][T25043] random: crng reseeded on system resumption
[  734.563240][T25043] Unrecognized hibernate image header format!
[  734.599740][T25043] PM: hibernation: Image mismatch: architecture specific data
[  735.837588][T25097] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8118'.
[  736.233518][T25100] nvme_fabrics: missing parameter 'transport=%s'
[  736.259306][T25100] nvme_fabrics: missing parameter 'nqn=%s'
[  736.494419][T17860] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  736.502349][T25111] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8124'.
[  736.711273][T17860] usb 9-1: config 0 has an invalid interface number: 241 but max is 1
[  736.727365][T25116] loop7: detected capacity change from 0 to 64
[  736.743078][T17860] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  736.766874][T17860] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2
[  736.814411][T17860] usb 9-1: config 0 has no interface number 0
[  736.835907][T17860] usb 9-1: config 0 interface 241 altsetting 5 endpoint 0xD has an invalid bInterval 22, changing to 8
[  736.883569][T17860] usb 9-1: config 0 interface 241 has no altsetting 0
[  736.920850][T17860] usb 9-1: New USB device found, idVendor=2c42, idProduct=1608, bcdDevice=bd.4b
[  736.947464][T17860] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.990514][T25118] loop2: detected capacity change from 0 to 256
[  737.014581][T17860] usb 9-1: config 0 descriptor??
[  737.030512][T25094] loop3: detected capacity change from 0 to 32768
[  737.040759][T25118] exfat: Deprecated parameter 'utf8'
[  737.046104][T25118] exfat: Deprecated parameter 'utf8'
[  737.082677][T25089] loop6: detected capacity change from 0 to 40427
[  737.093723][T25118] exfat: Deprecated parameter 'utf8'
[  737.111317][T25089] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  737.123304][T25094] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  737.156022][T25089] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  737.219036][T25118] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d)
[  737.246335][T25089] F2FS-fs (loop6): invalid crc value
[  737.294061][T17860] usb 9-1: string descriptor 0 read error: -71
[  737.311138][T17860] f81232 9-1:0.241: f81534a converter detected
[  737.325996][T17860] f81534a ttyUSB0: f81232_set_register failed status: -71
[  737.339085][T17860] f81534a ttyUSB0: probe with driver f81534a failed with error -5
[  737.407677][T17860] usb 9-1: USB disconnect, device number 8
[  737.459442][T25094] XFS (loop3): Ending clean mount
[  737.474778][T17860] f81232 9-1:0.241: device disconnected
[  737.521157][T25094] XFS (loop3): Quotacheck needed: Please wait.
[  737.761069][T25089] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  737.795111][T25089] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  737.818232][T25094] XFS (loop3): Quotacheck: Done.
[  737.992149][T25144] netlink: 2 bytes leftover after parsing attributes in process `syz.7.8134'.
[  738.034034][T25144] batadv_slave_1: entered promiscuous mode
[  738.085361][ T5825] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  738.271546][T25150] netlink: 'syz.2.8136': attribute type 5 has an invalid length.
[  738.471616][ T6030] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  738.570052][   T24] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  738.636904][T25158] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  738.666528][ T6030] usb 9-1: Using ep0 maxpacket: 32
[  738.704515][ T6030] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD8, changing to 0x88
[  738.736955][ T6030] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  738.771069][   T24] usb 1-1: Using ep0 maxpacket: 32
[  738.790595][   T24] usb 1-1: unable to get BOS descriptor or descriptor too short
[  738.820513][ T6030] usb 9-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11
[  738.848550][ T6030] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  738.856840][   T24] usb 1-1: unable to read config index 0 descriptor/start: -71
[  738.872206][   T24] usb 1-1: can't read configurations, error -71
[  738.891727][ T6030] usb 9-1: Product: syz
[  738.896014][ T6030] usb 9-1: Manufacturer: syz
[  738.920753][ T6030] usb 9-1: SerialNumber: syz
[  738.939722][ T6030] usb 9-1: config 0 descriptor??
[  738.962069][ T6030] usb 9-1: no audio or video endpoints found
[  739.041012][T25166] loop2: detected capacity change from 0 to 512
[  739.122487][T25166] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  739.210608][T17860] usb 9-1: USB disconnect, device number 9
[  739.375035][ T5838] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  739.395985][T25173] loop7: detected capacity change from 0 to 64
[  739.662124][T25179] loop2: detected capacity change from 0 to 1024
[  739.818162][   T60] hfsplus: b-tree write err: -5, ino 4
[  739.928251][T25164] loop3: detected capacity change from 0 to 32768
[  739.974455][T25164] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.8145 (25164)
[  740.095451][T25164] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  740.149363][T25164] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  740.151807][T25183] loop7: detected capacity change from 0 to 4096
[  740.202125][T25164] BTRFS info (device loop3): using free-space-tree
[  740.378941][T25183] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[  740.493639][T25213] Zero length message leads to an empty skb
[  740.711095][T17817] ntfs3(loop7): ino=9, ntfs_sync_fs failed, -22.
[  740.891403][ T5825] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  740.957531][   T30] audit: type=1326 audit(1750971348.010:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25220 comm="syz.7.8164" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1f37f8e929 code=0x0
[  741.594352][T25182] loop6: detected capacity change from 0 to 32768
[  741.711955][T25182] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  742.238172][T25182] XFS (loop6): Ending clean mount
[  742.345370][T25265] netlink: 332 bytes leftover after parsing attributes in process `syz.3.8178'.
[  742.354810][T25265] netlink: 'syz.3.8178': attribute type 9 has an invalid length.
[  742.363034][T25265] netlink: 108 bytes leftover after parsing attributes in process `syz.3.8178'.
[  742.372235][T25265] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8178'.
[  742.480392][ T7241] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  742.557141][T25271] netlink: 'syz.7.8180': attribute type 21 has an invalid length.
[  742.565092][T25271] netlink: 156 bytes leftover after parsing attributes in process `syz.7.8180'.
[  742.902801][T25277] loop7: detected capacity change from 0 to 256
[  743.020191][T25277] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  743.640775][T25302] loop7: detected capacity change from 0 to 64
[  743.823521][T25309] tipc: Started in network mode
[  743.858882][T25309] tipc: Node identity ac14140c, cluster identity 4711
[  743.904735][T25311] loop3: detected capacity change from 0 to 2048
[  743.939968][T25309] tipc: Enabled bearer <udp:syz2>, priority 10
[  743.947781][T17860] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  744.034302][T25311] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  744.144706][T25311] EXT4-fs error (device loop3): ext4_ext_precache:632: inode #2: comm syz.3.8199: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  744.191981][T17860] usb 3-1: Using ep0 maxpacket: 8
[  744.223503][T17860] usb 3-1: unable to get BOS descriptor or descriptor too short
[  744.264499][T17860] usb 3-1: config 4 interface 0 has no altsetting 0
[  744.266129][T25311] EXT4-fs (loop3): Remounting filesystem read-only
[  744.278163][T17860] usb 3-1: string descriptor 0 read error: -22
[  744.309000][T17860] usb 3-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  744.330632][T17860] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  744.403641][T17860] usb 3-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  744.470121][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  744.492043][T17860] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  744.530821][T17860] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  744.562729][T25329] loop7: detected capacity change from 0 to 8
[  744.575108][T17860] usb 3-1: media controller created
[  744.619001][T25329] MTD: Attempt to mount non-MTD device "/dev/loop7"
[  744.731322][T17860] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  745.024164][ T6030] tipc: Node number set to 2886997004
[  745.450110][T25350] [U] 
[  745.525069][T25356] loop3: detected capacity change from 0 to 1024
[  745.629054][T25356] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  745.720740][T17860] zl10353_read_register: readreg error (reg=127, ret==0)
[  745.759774][T25356] ext4 filesystem being mounted at /1406/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  745.844283][T17860] usb 3-1: USB disconnect, device number 27
[  746.015494][T25367] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8224'.
[  746.017511][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  746.315545][T25377] netlink: 136 bytes leftover after parsing attributes in process `syz.6.8229'.
[  746.369166][T25377] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[  746.397474][T25381] loop8: detected capacity change from 0 to 1024
[  746.625607][T25389] loop7: detected capacity change from 0 to 128
[  746.659236][T25389] EXT4-fs (loop7): Test dummy encryption mode enabled
[  746.756528][T25389] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  746.830705][ T6527] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  746.892054][T25389] ext4 filesystem being mounted at /482/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  747.004595][ T6527] usb 1-1: Using ep0 maxpacket: 32
[  747.077504][ T6527] usb 1-1: New USB device found, idVendor=084f, idProduct=0001, bcdDevice=e0.b8
[  747.105719][T17817] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  747.108799][ T6527] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  747.138243][ T6527] usb 1-1: Product: syz
[  747.160389][ T6527] usb 1-1: Manufacturer: syz
[  747.182943][ T6527] usb 1-1: SerialNumber: syz
[  747.219029][T25406] loop2: detected capacity change from 0 to 128
[  747.238338][T25404] loop6: detected capacity change from 0 to 4096
[  747.255499][ T6527] empeg 1-1:1.0: empeg converter detected
[  747.255945][T25406] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  747.292958][T25404] EXT4-fs (loop6): Test dummy encryption mode enabled
[  747.374134][T25406] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  747.374416][T25404] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  747.481163][ T6527] usb 1-1: empeg converter now attached to ttyUSB0
[  747.558447][T25406] EXT4-fs error (device loop2): __ext4_find_entry:1626: inode #2: comm syz.2.8242: checksumming directory block 0
[  747.692598][ T7241] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  747.757801][ T6527] usb 1-1: USB disconnect, device number 24
[  747.787612][ T6527] empeg ttyUSB0: empeg converter now disconnected from ttyUSB0
[  747.800658][ T5838] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  747.819474][T25419] loop8: detected capacity change from 0 to 1024
[  747.829059][ T6527] empeg 1-1:1.0: device disconnected
[  747.841660][T25420] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8248'.
[  747.987444][T25419] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  748.147737][T25432] netlink: 16 bytes leftover after parsing attributes in process `syz.7.8254'.
[  748.285404][T17860] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  748.345317][T18710] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  748.519051][T17860] usb 7-1: Using ep0 maxpacket: 16
[  748.566293][T17860] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  748.605173][T17860] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  748.654484][T17860] usb 7-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  748.702851][T17860] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  748.744841][T17860] usb 7-1: config 0 descriptor??
[  749.124175][T25463] netlink: 'syz.8.8267': attribute type 2 has an invalid length.
[  749.152851][T25463] ‰lm;Ê-: entered promiscuous mode
[  749.239529][T17860] gt683r_led 0003:1770:FF00.0001: hidraw0: USB HID v0.00 Device [HID 1770:ff00] on usb-dummy_hcd.6-1/input0
[  749.418651][ T6527] usb 7-1: USB disconnect, device number 23
[  749.450745][T17860] gt683r_led 0003:1770:FF00.0001: failed to send set report request: -19
[  749.484046][T17860] gt683r_led 0003:1770:FF00.0001: failed to send set report request: -19
[  749.493504][T25466] fido_id[25466]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/7-1/report_descriptor': No such file or directory
[  749.790606][T25480] blktrace: Concurrent blktraces are not allowed on sg0
[  750.639732][T25513] loop6: detected capacity change from 0 to 128
[  750.703552][T25513] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  750.749350][T25513] ext4 filesystem being mounted at /1284/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  750.790940][ T6030] IPVS: starting estimator thread 0...
[  750.891996][T25520] IPVS: using max 27 ests per chain, 64800 per kthread
[  750.923199][T25522] netlink: 52 bytes leftover after parsing attributes in process `syz.2.8293'.
[  750.981125][ T7241] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  750.998841][ T6527] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  751.191506][T25528] sctp: [Deprecated]: syz.6.8295 (pid 25528) Use of int in max_burst socket option.
[  751.191506][T25528] Use struct sctp_assoc_value instead
[  751.213281][ T6527] usb 9-1: Using ep0 maxpacket: 16
[  751.227118][ T6527] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  751.264907][ T6527] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  751.311522][ T6527] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  751.336446][T25501] loop3: detected capacity change from 0 to 32768
[  751.364373][ T6527] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  751.403200][ T6527] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  751.448611][T25501] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  751.463435][ T6527] usb 9-1: config 0 descriptor??
[  751.503366][T25535] dvmrp5: entered allmulticast mode
[  751.538791][T25535] pimreg: entered allmulticast mode
[  751.591774][T25501] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  752.018102][ T6527] input: HID 045e:07da as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:045E:07DA.0002/input/input40
[  752.074583][ T5825] ocfs2: Unmounting device (7,3) on (node local)
[  752.161046][ T6527] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.8-1/input0
[  752.270174][ T6527] usb 9-1: USB disconnect, device number 10
[  752.342986][T25550] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  752.614702][T25551] fido_id[25551]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory
[  752.708504][T25559] loop2: detected capacity change from 0 to 256
[  752.749452][T25559] exfat: Deprecated parameter 'namecase'
[  752.783943][ T5843] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  752.847027][T25559] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  752.976473][ T5843] usb 8-1: Using ep0 maxpacket: 16
[  753.000584][ T5843] usb 8-1: config 0 interface 0 altsetting 13 endpoint 0x81 has an invalid bInterval 238, changing to 11
[  753.055893][ T5843] usb 8-1: config 0 interface 0 altsetting 13 endpoint 0x81 has invalid wMaxPacketSize 0
[  753.091491][ T5843] usb 8-1: config 0 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  753.137713][ T5843] usb 8-1: config 0 interface 0 has no altsetting 0
[  753.144399][ T5843] usb 8-1: New USB device found, idVendor=05ac, idProduct=026c, bcdDevice= 0.00
[  753.214369][ T5843] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  753.271430][ T5843] usb 8-1: config 0 descriptor??
[  753.598269][T25573] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8317'.
[  753.640346][T25573] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8317'.
[  753.750680][ T5843] apple 0003:05AC:026C.0003: item fetching failed at offset 0/3
[  753.782602][ T5843] apple 0003:05AC:026C.0003: parse failed
[  753.796766][ T5843] apple 0003:05AC:026C.0003: probe with driver apple failed with error -22
[  753.994673][ T5843] usb 8-1: USB disconnect, device number 10
[  754.274769][T25589] befs: Bad value for 'gid'
[  754.301194][T25589] befs: Bad value for 'gid'
[  754.617737][T25595] netlink: 'syz.6.8327': attribute type 1 has an invalid length.
[  755.057556][T25578] loop8: detected capacity change from 0 to 32768
[  755.114195][ T6030] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  755.145450][T25578] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.8319 (25578)
[  755.242287][T25578] BTRFS info (device loop8 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  755.295761][T25578] BTRFS info (device loop8 state S): using blake2b (blake2b-256-generic) checksum algorithm
[  755.338476][ T6030] usb 8-1: Using ep0 maxpacket: 32
[  755.338576][T25578] BTRFS info (device loop8 state S): disk space caching is enabled
[  755.349352][ T6030] usb 8-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  755.402727][T25578] BTRFS warning (device loop8 state S): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  755.412945][ T6030] usb 8-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[  755.467187][T25578] workqueue: max_active 2097158 requested for btrfs-worker is out of range, clamping between 1 and 2048
[  755.477395][ T6030] usb 8-1: config 0 interface 0 has no altsetting 0
[  755.523411][T25578] workqueue: max_active 2097158 requested for btrfs-delalloc is out of range, clamping between 1 and 2048
[  755.524436][ T6030] usb 8-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00
[  755.627230][T25578] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 2048
[  755.641938][ T6030] usb 8-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[  755.664210][T25578] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048
[  755.687364][T25578] workqueue: max_active 2097158 requested for btrfs-rmw is out of range, clamping between 1 and 2048
[  755.691211][ T6030] usb 8-1: Product: syz
[  755.724439][T25578] workqueue: max_active 2097158 requested for btrfs-endio-write is out of range, clamping between 1 and 2048
[  755.768742][ T6030] usb 8-1: config 0 descriptor??
[  755.782604][T25578] workqueue: max_active 2097158 requested for btrfs-compressed-write is out of range, clamping between 1 and 2048
[  755.841147][T25632] loop6: detected capacity change from 0 to 16
[  755.903979][T25632] erofs (device loop6): mounted with root inode @ nid 36.
[  756.249401][T18710] BTRFS info (device loop8 state CS): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  756.258594][ T6030] waterforce 0003:1044:7A4D.0004: unknown main item tag 0x0
[  756.307045][ T6030] waterforce 0003:1044:7A4D.0004: unknown main item tag 0x0
[  756.346658][ T6030] waterforce 0003:1044:7A4D.0004: unknown main item tag 0x0
[  756.377512][ T6030] waterforce 0003:1044:7A4D.0004: unknown main item tag 0x0
[  756.384885][ T6030] waterforce 0003:1044:7A4D.0004: unknown main item tag 0x0
[  756.457813][ T6030] waterforce 0003:1044:7A4D.0004: hidraw0: USB HID v0.05 Device [syz] on usb-dummy_hcd.7-1/input0
[  756.579642][ T6030] waterforce 0003:1044:7A4D.0004: fw version request failed with -38
[  756.621929][ T6030] usb 8-1: USB disconnect, device number 11
[  756.655693][   T30] audit: type=1326 audit(1750971362.689:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25650 comm="syz.6.8347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  756.725077][   T30] audit: type=1326 audit(1750971362.735:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25650 comm="syz.6.8347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  756.867233][   T30] audit: type=1326 audit(1750971362.735:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25650 comm="syz.6.8347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  756.973419][T25658] loop3: detected capacity change from 0 to 512
[  756.999417][   T30] audit: type=1326 audit(1750971362.735:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25650 comm="syz.6.8347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  757.072689][T25658] EXT4-fs: Ignoring removed nobh option
[  757.101209][   T30] audit: type=1326 audit(1750971362.735:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25650 comm="syz.6.8347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  757.145394][T25658] EXT4-fs (loop3): blocks per group (95) and clusters per group (32768) inconsistent
[  757.145856][T25654] fido_id[25654]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[  757.271690][   T30] audit: type=1326 audit(1750971362.735:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25650 comm="syz.6.8347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  757.433173][   T30] audit: type=1326 audit(1750971362.735:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25650 comm="syz.6.8347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  757.523518][T25666] loop6: detected capacity change from 0 to 2048
[  757.566842][T25666] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  757.873721][T25681] netdevsim netdevsim8: Firmware load for '/../file0' refused, path contains '..' component
[  758.265315][T25697] loop8: detected capacity change from 0 to 64
[  758.304678][T25698] netlink: 'syz.3.8366': attribute type 6 has an invalid length.
[  758.710341][T25708] loop8: detected capacity change from 0 to 1024
[  758.791616][T25710] macsec1: entered promiscuous mode
[  758.821048][T25710] macsec1: entered allmulticast mode
[  758.864191][   T30] audit: type=1326 audit(1750971364.766:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25711 comm="syz.3.8373" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2bb98e929 code=0x0
[  759.810754][T25734] loop8: detected capacity change from 0 to 1024
[  760.125303][T25720] loop7: detected capacity change from 0 to 32768
[  760.175299][T25720] XFS: attr2 mount option is deprecated.
[  760.192803][  T965] hfsplus: b-tree write err: -5, ino 4
[  760.212234][T25742] loop6: detected capacity change from 0 to 1024
[  760.249270][T25720] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  760.257577][T25742] EXT4-fs: Ignoring removed oldalloc option
[  760.280006][T25748] netlink: 'syz.3.8387': attribute type 298 has an invalid length.
[  760.322203][T25742] EXT4-fs: Ignoring removed orlov option
[  760.364899][T25720] XFS (loop7): Ending clean mount
[  760.407428][T25742] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  760.460726][T25720] XFS (loop7): Quotacheck needed: Please wait.
[  760.518878][T25742] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  760.702236][T25720] XFS (loop7): Quotacheck: Done.
[  760.740270][T25742] EXT4-fs warning (device loop6): ext4_resize_begin:72: won't resize using backup superblock at 1
[  760.883621][T17817] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  760.903600][ T7241] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  761.089317][ T6030] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  761.281695][ T6030] usb 4-1: Using ep0 maxpacket: 16
[  761.320715][ T6030] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  761.350794][ T6030] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  761.368861][ T6030] usb 4-1: config 0 interface 0 has no altsetting 0
[  761.398521][ T6030] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  761.424299][ T6030] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  761.476646][ T6030] usb 4-1: config 0 descriptor??
[  761.928387][T25800] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8407'.
[  761.937456][ T5900] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  761.980369][T25800] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8407'.
[  761.997721][T25800] netlink: 'syz.0.8407': attribute type 14 has an invalid length.
[  762.013023][ T6030] hid (null): usage index exceeded
[  762.015662][T25803] tipc: Started in network mode
[  762.018162][ T6030] hid (null): usage index exceeded
[  762.018184][ T6030] hid (null): unknown global tag 0x53
[  762.040428][T25800] netlink: 'syz.0.8407': attribute type 11 has an invalid length.
[  762.057011][T25803] tipc: Node identity aaaaaaaaaa34, cluster identity 4711
[  762.084451][T25803] tipc: Enabled bearer <eth:macvlan0>, priority 10
[  762.136633][ T5900] usb 7-1: Using ep0 maxpacket: 32
[  762.142818][ T5900] usb 7-1: too many configurations: 255, using maximum allowed: 8
[  762.177644][T25805] loop7: detected capacity change from 0 to 256
[  762.211132][T25805] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d)
[  762.252739][T25805] exFAT-fs (loop7): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  762.308035][T25805] exFAT-fs (loop7): valid_size(150994954) is greater than size(10)
[  762.517065][T17860] usb 4-1: USB disconnect, device number 27
[  762.671044][ T5900] usb 7-1: New USB device found, idVendor=0e41, idProduct=534d, bcdDevice=85.bd
[  762.702968][ T5900] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=254
[  762.745811][ T5900] usb 7-1: Product: syz
[  762.750053][ T5900] usb 7-1: Manufacturer: syz
[  762.754706][ T5900] usb 7-1: SerialNumber: syz
[  762.793233][ T5900] usb 7-1: config 0 descriptor??
[  763.095663][ T5900] usb 7-1: USB disconnect, device number 24
[  763.283104][   T24] tipc: Node number set to 10398378
[  763.310621][T25827] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8420'.
[  763.858156][T25843] hsr0: entered promiscuous mode
[  764.214067][T25857] loop7: detected capacity change from 0 to 512
[  764.270148][T25857] EXT4-fs: Ignoring removed oldalloc option
[  764.391987][T25857] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.8436: error while reading EA inode 32 err=-116
[  764.459870][T25857] EXT4-fs (loop7): Remounting filesystem read-only
[  764.478647][T25857] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  764.545637][T25857] EXT4-fs (loop7): 1 orphan inode deleted
[  764.576788][T25857] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  764.601659][T25868] loop3: detected capacity change from 0 to 1024
[  764.687408][T25868] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  764.799805][T17817] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  764.887757][T25849] loop6: detected capacity change from 0 to 32768
[  765.010120][T25880] loop7: detected capacity change from 0 to 64
[  765.020551][T25849] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  765.119643][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  765.279309][T17860] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  765.308076][ T7241] ocfs2: Unmounting device (7,6) on (node local)
[  765.366279][T25886] loop3: detected capacity change from 0 to 16
[  765.397565][T25886] erofs (device loop3): mounted with root inode @ nid 36.
[  765.493041][T17860] usb 1-1: Using ep0 maxpacket: 16
[  765.500925][T25888] loop7: detected capacity change from 0 to 8
[  765.519496][T17860] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[  765.546960][T17860] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  765.598258][T25888] SQUASHFS error: lzo decompression failed, data probably corrupt
[  765.632895][T17860] usb 1-1: config 0 has no interface number 0
[  765.666415][T17860] usb 1-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  765.678178][T25888] SQUASHFS error: Failed to read block 0x4ef: -5
[  765.684739][T25888] SQUASHFS error: Unable to read metadata cache entry [4ed]
[  765.692109][T17860] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  765.692143][T17860] usb 1-1: Product: syz
[  765.692163][T17860] usb 1-1: Manufacturer: syz
[  765.692183][T17860] usb 1-1: SerialNumber: syz
[  765.707672][T17860] usb 1-1: config 0 descriptor??
[  765.795650][T25895] batman_adv: batadv0: Removing interface: batadv_slave_0
[  765.824719][T25891] SQUASHFS error: Unable to read metadata cache entry [4ed]
[  765.843027][T25891] SQUASHFS error: Unable to read inode 0x500a7
[  765.850627][T25895] batman_adv: batadv0: Removing interface: batadv_slave_1
[  765.880204][T25888] SQUASHFS error: Unable to read inode 0x50087
[  766.003406][T17860] usb 1-1: Found UVC 0.00 device syz (046d:08d3)
[  766.033759][T17860] usb 1-1: No valid video chain found.
[  766.298253][T17860] usb 1-1: USB disconnect, device number 25
[  766.527134][T25912] loop2: detected capacity change from 0 to 64
[  766.903060][T25920] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  766.997664][T25893] loop8: detected capacity change from 0 to 32768
[  767.089914][T25893] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  767.115516][T25927] batman_adv: batadv0: Adding interface: geneve3
[  767.156592][T25927] batman_adv: batadv0: Not using interface geneve3 (retrying later): interface not active
[  767.438232][T25893] XFS (loop8): Ending clean mount
[  767.465355][T25893] XFS (loop8): Quotacheck needed: Please wait.
[  767.656954][T25893] XFS (loop8): Quotacheck: Done.
[  767.821246][T18710] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  768.309061][T25972] option changes via remount are deprecated (pid=25971 comm=syz.7.8485)
[  768.622329][T25977] loop6: detected capacity change from 0 to 4096
[  768.740972][T25977] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  768.787423][T25977] ntfs3(loop6): Failed to load $Extend (-22).
[  768.793586][T25977] ntfs3(loop6): Failed to initialize $Extend.
[  768.925318][T25977] ntfs3: Volume is dirty and "force" flag is not set!
[  769.063668][T25994] netlink: 'syz.3.8493': attribute type 10 has an invalid length.
[  769.108366][T25994] netlink: 55 bytes leftover after parsing attributes in process `syz.3.8493'.
[  769.266054][T25997] netlink: 164 bytes leftover after parsing attributes in process `syz.6.8494'.
[  769.275162][T25997] netlink: 108 bytes leftover after parsing attributes in process `syz.6.8494'.
[  769.351700][T26001] netlink: 104 bytes leftover after parsing attributes in process `syz.8.8496'.
[  771.312445][   T30] audit: type=1326 audit(1750971376.404:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26068 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9d98e929 code=0x7ffc0000
[  771.411442][   T30] audit: type=1326 audit(1750971376.404:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26068 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9d98e929 code=0x7ffc0000
[  771.521310][   T30] audit: type=1326 audit(1750971376.451:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26068 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f1c9d98e929 code=0x7ffc0000
[  771.649477][   T30] audit: type=1326 audit(1750971376.451:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26068 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9d98e929 code=0x7ffc0000
[  771.735211][T26084] netlink: 'syz.6.8529': attribute type 1 has an invalid length.
[  771.752049][   T30] audit: type=1326 audit(1750971376.451:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26068 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9d98e929 code=0x7ffc0000
[  771.842797][   T30] audit: type=1326 audit(1750971376.451:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26068 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f1c9d98e929 code=0x7ffc0000
[  771.871915][   T30] audit: type=1326 audit(1750971376.498:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26068 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9d98e929 code=0x7ffc0000
[  772.027189][   T30] audit: type=1326 audit(1750971376.498:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26077 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1c9d9c11e5 code=0x7ffc0000
[  772.162703][   T30] audit: type=1326 audit(1750971376.600:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26068 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9d98e929 code=0x7ffc0000
[  772.289530][   T30] audit: type=1326 audit(1750971376.647:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26077 comm="syz.8.8524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f1c9d98e929 code=0x7ffc0000
[  772.386116][T26104] loop3: detected capacity change from 0 to 256
[  772.405379][T26050] loop7: detected capacity change from 0 to 32768
[  772.442140][T26104] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  772.472591][T26104] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  772.553462][T26104] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  772.573586][T26050] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  772.723027][T26050] XFS (loop7): Ending clean mount
[  772.961408][T17817] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  773.124599][ T5900] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  773.352935][ T5900] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  773.395846][ T5900] usb 9-1: config 0 interface 0 has no altsetting 0
[  773.441711][ T5900] usb 9-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  773.457279][ T5900] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  773.520011][ T5900] usb 9-1: Product: syz
[  773.524257][ T5900] usb 9-1: Manufacturer: syz
[  773.573520][ T5900] usb 9-1: SerialNumber: syz
[  773.618320][ T5900] usb 9-1: config 0 descriptor??
[  773.640269][ T5900] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  773.685526][ T5900] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  773.706143][T26098] loop2: detected capacity change from 0 to 32768
[  773.747768][ T5900] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  773.781048][ T5900] usb 9-1: media controller created
[  773.834847][T26098] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  773.978280][ T5900] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  774.186840][ T5838] (syz-executor,5838,1):ocfs2_inode_is_valid_to_delete:886 ERROR: Skipping delete of system file 76
[  774.242826][ T5838] ocfs2: Unmounting device (7,2) on (node local)
[  774.375269][ T5900] DVB: Unable to find symbol tda10046_attach()
[  774.396568][ T5900] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  774.425616][ T5900] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  774.456402][T26161] loop2: detected capacity change from 0 to 128
[  774.522298][T26161] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  774.602382][T26161] FAT-fs (loop2): FAT read failed (blocknr 234)
[  774.664742][T26166] FAT-fs (loop2): FAT read failed (blocknr 234)
[  774.689268][ T5900] dvb_usb_m920x 9-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  774.751053][ T5900] usb 9-1: USB disconnect, device number 11
[  774.755958][T26169] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  775.502949][T26188] loop2: detected capacity change from 0 to 4096
[  775.541549][T26188] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  775.699882][T26188] ntfs3(loop2): ino=19, mi_enum_attr
[  775.732883][T26188] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  776.550183][T26225] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8583'.
[  777.154380][ T5843] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  777.198083][T26240] loop3: detected capacity change from 0 to 256
[  777.225005][T26240] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  777.299698][T26216] loop8: detected capacity change from 0 to 40427
[  777.356887][T26216] F2FS-fs (loop8): Wrong secs_per_zone / total_sections (32769, 24)
[  777.360268][ T5843] usb 3-1: New USB device found, idVendor=1b80, idProduct=e396, bcdDevice=a7.b1
[  777.404058][T26216] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  777.407076][ T5843] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  777.466794][T26216] F2FS-fs (loop8): build fault injection rate: 690
[  777.513334][T26216] F2FS-fs (loop8): Image doesn't support compression
[  777.549820][T26216] F2FS-fs (loop8): heap/no_heap options were deprecated
[  777.589887][T26216] F2FS-fs (loop8): build fault injection type: 0x4
[  778.005440][T26216] F2FS-fs (loop8): invalid crc value
[  778.017895][ T5843] usb 3-1: config 0 descriptor??
[  778.028282][ T5843] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  778.047112][ T5843] dvb_usb_af9015 3-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  778.268775][ T5843] usb 3-1: USB disconnect, device number 28
[  778.361298][T26216] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  778.394661][T26216] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  778.513052][ T5195] udevd[5195]: worker [5883] terminated by signal 33 (Unknown signal 33)
[  778.532582][ T5195] udevd[5195]: worker [5883] failed while handling '/devices/virtual/block/loop8'
[  778.547581][T26242] loop6: detected capacity change from 0 to 32768
[  778.567186][T26242] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.8592 (26242)
[  778.645356][T26242] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  778.692481][T26242] BTRFS info (device loop6): using sha256 (sha256-x86_64) checksum algorithm
[  778.759467][T26242] BTRFS info (device loop6): using free-space-tree
[  779.042156][T26242] BTRFS info (device loop6): rebuilding free space tree
[  779.161018][T26242] BTRFS info (device loop6): checking UUID tree
[  779.396844][T26299] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8611'.
[  779.441751][T26299] netlink: 44 bytes leftover after parsing attributes in process `syz.3.8611'.
[  779.557747][ T7241] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  779.977750][T26316] loop7: detected capacity change from 0 to 512
[  780.008671][T26316] EXT4-fs: Ignoring removed nobh option
[  780.014353][T26316] EXT4-fs: Ignoring removed mblk_io_submit option
[  780.163628][T26316] EXT4-fs error (device loop7): ext4_iget_extra_inode:5035: inode #15: comm syz.7.8620: corrupted in-inode xattr: overlapping e_value 
[  780.186350][T26322] loop2: detected capacity change from 0 to 1024
[  780.275695][T26316] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.8620: couldn't read orphan inode 15 (err -117)
[  780.312421][T26316] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  780.330447][T26322] hfsplus: bad catalog entry type
[  780.544097][   T36] hfsplus: b-tree write err: -5, ino 4
[  780.575240][ T6527] IPVS: starting estimator thread 0...
[  780.590732][T17817] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  780.683153][T26337] IPVS: using max 27 ests per chain, 64800 per kthread
[  780.821044][ T5900] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  781.034500][ T5900] usb 9-1: Using ep0 maxpacket: 16
[  781.048437][ T5900] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  781.094934][ T5900] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  781.135828][ T5900] usb 9-1: config 0 interface 0 has no altsetting 0
[  781.158463][T26355] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8635'.
[  781.164492][ T5900] usb 9-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  781.232979][ T5900] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  781.276214][ T5900] usb 9-1: config 0 descriptor??
[  781.575963][T26370] loop7: detected capacity change from 0 to 512
[  781.669186][T26370] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  781.744628][T26370] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  781.750829][ T5900] hid (null): usage index exceeded
[  781.784357][T26370] ext4 filesystem being mounted at /540/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  781.846418][ T5900] hid (null): usage index exceeded
[  781.878745][ T5900] hid (null): unknown global tag 0x53
[  782.023818][ T5900] usb 9-1: USB disconnect, device number 12
[  782.028295][ T6527] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  782.130266][T17817] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  782.221807][ T6527] usb 4-1: Using ep0 maxpacket: 16
[  782.244793][ T6527] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[  782.265435][ T6527] usb 4-1: config 0 has no interface number 0
[  782.297905][ T6527] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  782.329899][ T6527] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  782.381007][ T6527] usb 4-1: config 0 interface 41 has no altsetting 0
[  782.404964][ T6527] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  782.425416][ T6527] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  782.433441][ T6527] usb 4-1: Product: syz
[  782.477380][ T6527] usb 4-1: Manufacturer: syz
[  782.482048][ T6527] usb 4-1: SerialNumber: syz
[  782.512075][T26361] loop6: detected capacity change from 0 to 32768
[  782.530152][ T6527] usb 4-1: config 0 descriptor??
[  782.540815][T26378] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  782.548956][T26378] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  782.605957][T26361] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  782.755385][T26407] tipc: Started in network mode
[  782.760344][T26407] tipc: Node identity ac141417, cluster identity 4711
[  782.772562][T26407] tipc: Enabled bearer <udp:s>, priority 10
[  782.832929][T26378] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  782.840315][T26378] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  782.890348][T26361] XFS (loop6): Ending clean mount
[  783.008967][T26409] loop7: detected capacity change from 0 to 2048
[  783.078177][ T7241] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  783.106834][T26409] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  783.350028][ T6527] CoreChips 4-1:0.41: probe with driver CoreChips failed with error -71
[  783.423613][ T6527] usb 4-1: USB disconnect, device number 28
[  783.585081][T26385] loop2: detected capacity change from 0 to 32768
[  783.728787][T26385] XFS (loop2): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  783.960997][T26385] XFS (loop2): Ending clean mount
[  783.963306][ T6527] tipc: Node number set to 2886997015
[  784.154549][ T5838] XFS (loop2): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  784.285870][T26445] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8669'.
[  784.316176][ T6527] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  784.321458][T26445] nbd: socks must be embedded in a SOCK_ITEM attr
[  784.413949][T26443] netlink: 'syz.6.8670': attribute type 12 has an invalid length.
[  784.437203][T26443] netlink: 9472 bytes leftover after parsing attributes in process `syz.6.8670'.
[  784.497603][ T6527] usb 9-1: Using ep0 maxpacket: 32
[  784.544973][ T6527] usb 9-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  784.567816][ T6527] usb 9-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[  784.596677][ T6527] usb 9-1: config 0 interface 0 has no altsetting 0
[  784.640043][ T6527] usb 9-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00
[  784.660557][ T6527] usb 9-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[  784.702344][ T6527] usb 9-1: Product: syz
[  784.735575][ T6527] usb 9-1: config 0 descriptor??
[  785.234714][ T6527] waterforce 0003:1044:7A4D.0007: unknown main item tag 0x0
[  785.269588][ T6527] waterforce 0003:1044:7A4D.0007: unknown main item tag 0x0
[  785.276962][ T6527] waterforce 0003:1044:7A4D.0007: unknown main item tag 0x0
[  785.319706][ T6527] waterforce 0003:1044:7A4D.0007: unknown main item tag 0x0
[  785.329713][ T6527] waterforce 0003:1044:7A4D.0007: unknown main item tag 0x0
[  785.342820][T26467] loop7: detected capacity change from 0 to 736
[  785.389570][ T6527] waterforce 0003:1044:7A4D.0007: hidraw0: USB HID v0.05 Device [syz] on usb-dummy_hcd.8-1/input0
[  785.401480][T26470] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8682'.
[  785.503883][ T6527] waterforce 0003:1044:7A4D.0007: fw version request failed with -38
[  785.568362][ T6527] usb 9-1: USB disconnect, device number 13
[  785.626965][T26467] rock: directory entry would overflow storage
[  785.649815][T26467] rock: sig=0x3b10, size=4, remaining=3
[  785.900434][T26449] loop3: detected capacity change from 0 to 32768
[  785.901576][T26476] fido_id[26476]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory
[  785.964379][T26449] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.8671 (26449)
[  786.024136][T26449] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  786.118140][T26449] BTRFS info (device loop3): using sha256 (sha256-x86_64) checksum algorithm
[  786.147520][T26484] sp0: Synchronizing with TNC
[  786.197560][T26449] BTRFS info (device loop3): using free-space-tree
[  786.222254][T26487] loop6: detected capacity change from 0 to 512
[  786.263778][T26487] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  786.507053][T26487] EXT4-fs (loop6): 1 truncate cleaned up
[  786.547516][T26487] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  786.659694][T26449] BTRFS info (device loop3): rebuilding free space tree
[  786.693464][T26510] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 256: padding at end of block bitmap is not set
[  786.731775][T26514] usb usb8: usbfs: process 26514 (syz.2.8693) did not claim interface 0 before use
[  786.817089][T26510] EXT4-fs (loop6): Remounting filesystem read-only
[  786.875679][ T7241] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  787.007294][ T5825] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  787.297193][T26530] loop7: detected capacity change from 0 to 1024
[  787.343950][T26530] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  787.424262][T26530] EXT4-fs (loop7): group descriptors corrupted!
[  787.662796][T26539] loop2: detected capacity change from 0 to 1024
[  787.695028][T26544] nbd: must specify at least one socket
[  787.817103][T26539] hfsplus: bad catalog entry type
[  788.607530][T26567] loop2: detected capacity change from 0 to 128
[  788.620892][T26567] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  788.707213][T26570] loop3: detected capacity change from 0 to 736
[  788.811378][   T36] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  789.071230][T26575] loop2: detected capacity change from 0 to 1024
[  789.283934][T26558] loop6: detected capacity change from 0 to 32768
[  789.302122][T26558] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.8715 (26558)
[  789.395292][T26558] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  789.435731][T26558] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm
[  789.466863][T26558] BTRFS info (device loop6): disk space caching is enabled
[  789.483363][T26558] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  789.531120][T26587] zonefs (nullb0) ERROR: Not a zoned block device
[  789.614995][T26558] BTRFS info (device loop6): rebuilding free space tree
[  789.652493][ T5900] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  789.711073][T26558] BTRFS info (device loop6): disabling free space tree
[  789.722020][T26558] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  789.742220][T26558] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  789.830424][T26558] BTRFS info (device loop6): balance: start -susage=34359738372,devid=0,drange=7..526336,limit=65536..0,stripes=4294967295..4
[  789.860364][T26558] BTRFS info (device loop6): balance: ended with status: 0
[  789.868154][ T5900] usb 3-1: Using ep0 maxpacket: 32
[  789.899108][ T5900] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  789.914802][ T5900] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  789.936143][ T5900] usb 3-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[  789.946916][ T5900] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  789.998804][ T5900] usb 3-1: config 0 descriptor??
[  790.034698][ T7241] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  790.053093][T26609] loop8: detected capacity change from 0 to 512
[  790.076251][T26609] EXT4-fs: Ignoring removed i_version option
[  790.083521][T26609] EXT4-fs: Ignoring removed mblk_io_submit option
[  790.149161][T26609] EXT4-fs (loop8): Test dummy encryption mode enabled
[  790.229235][T26609] EXT4-fs error (device loop8): ext4_orphan_get:1393: comm syz.8.8731: inode #13: comm syz.8.8731: iget: illegal inode #
[  790.248720][T26609] EXT4-fs (loop8): Remounting filesystem read-only
[  790.300935][T26609] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  790.535497][T18710] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  790.540984][ T5900] input: HID 054c:03d5 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:054C:03D5.0008/input/input41
[  790.607590][T26606] loop3: detected capacity change from 0 to 32768
[  790.831626][ T5900] sony 0003:054C:03D5.0008: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.2-1/input0
[  790.900787][ T5900] usb 3-1: USB disconnect, device number 29
[  791.170307][T26623] loop8: detected capacity change from 0 to 256
[  791.175878][T26617] fido_id[26617]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  791.301874][T26623] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  791.866160][T26641] loop8: detected capacity change from 0 to 764
[  791.908378][T26641] rock: directory entry would overflow storage
[  791.940542][T26641] rock: sig=0x4654, size=5, remaining=4
[  793.001869][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  793.009803][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  793.042172][T26675] loop3: detected capacity change from 0 to 256
[  793.155889][T26675] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d)
[  793.568767][T26689] loop2: detected capacity change from 0 to 164
[  793.643733][T26689] Unsupported NM flag settings (8)
[  793.701336][T26693] loop8: detected capacity change from 0 to 128
[  793.772519][T26693] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  795.230994][T26700] loop6: detected capacity change from 0 to 32768
[  795.476888][   T30] audit: type=1326 audit(1750971399.026:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26733 comm="syz.7.8785" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1f37f8e929 code=0x0
[  795.555523][T26700] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  795.555555][T26700]   allowing incompatible features above 0.0: (unknown version)
[  795.555572][T26700]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  795.597971][T26737] loop2: detected capacity change from 0 to 256
[  795.675090][T26737] FAT-fs (loop2): Directory bread(block 64) failed
[  795.675135][T26737] FAT-fs (loop2): Directory bread(block 65) failed
[  795.675232][T26737] FAT-fs (loop2): Directory bread(block 66) failed
[  795.675263][T26737] FAT-fs (loop2): Directory bread(block 67) failed
[  795.675352][T26737] FAT-fs (loop2): Directory bread(block 68) failed
[  795.675382][T26737] FAT-fs (loop2): Directory bread(block 69) failed
[  795.675468][T26737] FAT-fs (loop2): Directory bread(block 70) failed
[  795.675498][T26737] FAT-fs (loop2): Directory bread(block 71) failed
[  795.675583][T26737] FAT-fs (loop2): Directory bread(block 72) failed
[  795.675612][T26737] FAT-fs (loop2): Directory bread(block 73) failed
[  795.740069][T26741] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8788'.
[  796.099025][T26745] netlink: 36 bytes leftover after parsing attributes in process `syz.2.8790'.
[  796.200764][T26700] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[  796.247203][T26700] bcachefs (loop6): initializing new filesystem
[  796.326452][T26700] bcachefs (loop6): going read-write
[  796.357282][T26748] loop8: detected capacity change from 0 to 1024
[  796.384953][T26748] EXT4-fs: Ignoring removed mblk_io_submit option
[  796.469621][T26748] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  796.601645][T26748] EXT4-fs error (device loop8): __ext4_iget:5379: inode #12: block 13: comm syz.8.8791: invalid block
[  796.634104][T26700] bcachefs (loop6): marking superblocks
[  796.694015][T26748] EXT4-fs (loop8): Remounting filesystem read-only
[  796.819491][T26700] bcachefs (loop6): initializing freespace
[  796.868934][T26700] bcachefs (loop6): done initializing freespace
[  796.912268][T18710] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  796.944025][T26769] sg_write: data in/out 1156/14 bytes for SCSI command 0x0-- guessing data in;
[  796.944025][T26769]    program syz.7.8796 not setting count and/or reply_len properly
[  796.950788][T26700] bcachefs (loop6): reading snapshots table
[  796.968503][T26700] bcachefs (loop6): reading snapshots done
[  797.089053][T26700] bcachefs (loop6):  loop6: Superblock write was silently dropped! (seq 0 expected 42)
[  797.188889][T26700] bcachefs (loop6): done starting filesystem
[  797.340631][T26700] syz.6.8773 (26700) used greatest stack depth: 17736 bytes left
[  797.390664][ T7241] bcachefs (loop6): shutting down
[  797.410644][ T7241] bcachefs (loop6): going read-only
[  797.473911][ T7241] bcachefs (loop6): finished waiting for writes to stop
[  797.518512][ T7241] bcachefs (loop6): flushing journal and stopping allocators, journal seq 3
[  797.959316][ T7241] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 3
[  798.057469][T26781] loop3: detected capacity change from 0 to 32768
[  798.085361][ T7241] bcachefs (loop6): clean shutdown complete, journal seq 4
[  798.118206][T26781] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  798.126478][T26781] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  798.148752][T26781] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  798.157215][ T7241] bcachefs (loop6): marking filesystem clean
[  798.162166][ T5900] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  798.172002][ T5900] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  798.246763][T26787] loop8: detected capacity change from 0 to 4096
[  798.254677][T26793] loop2: detected capacity change from 0 to 128
[  798.380672][ T7241] bcachefs (loop6): shutdown complete
[  798.386600][ T5900] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 200ms
[  798.415220][T26796] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  798.453252][ T5900] gfs2: fsid=syz:syz.0: jid=0: Done
[  798.506560][T26781] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  798.625538][T26781] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 2142 (type: exp=14, found=25614), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1430
[  798.643795][T26781] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  798.663379][T26781] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  798.673642][T26781] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  798.680331][T26781] gfs2: fsid=syz:syz.0: File system withdrawn
[  798.686879][T26781] CPU: 1 UID: 0 PID: 26781 Comm: syz.3.8803 Not tainted 6.16.0-rc3-syzkaller-00116-ge34a79b96ab9 #0 PREEMPT(full) 
[  798.686914][T26781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  798.686930][T26781] Call Trace:
[  798.686942][T26781]  <TASK>
[  798.686954][T26781]  dump_stack_lvl+0x189/0x250
[  798.687006][T26781]  ? __pfx_dump_stack_lvl+0x10/0x10
[  798.687047][T26781]  ? __pfx__printk+0x10/0x10
[  798.687075][T26781]  ? kobject_uevent_env+0x36b/0x8c0
[  798.687128][T26781]  gfs2_withdraw+0x111e/0x14f0
[  798.687177][T26781]  ? __pfx_gfs2_withdraw+0x10/0x10
[  798.687212][T26781]  ? __filemap_get_folio+0x79f/0xaf0
[  798.687249][T26781]  ? srso_alias_return_thunk+0x5/0xfbef5
[  798.687280][T26781]  ? folio_unlock+0x101/0x160
[  798.687310][T26781]  ? srso_alias_return_thunk+0x5/0xfbef5
[  798.687349][T26781]  gfs2_metatype_check_ii+0x78/0x90
[  798.687384][T26781]  gfs2_quota_init+0xfc8/0x1230
[  798.687425][T26781]  ? srso_alias_return_thunk+0x5/0xfbef5
[  798.687454][T26781]  ? __lock_acquire+0xab9/0xd20
[  798.687515][T26781]  ? __pfx_gfs2_quota_init+0x10/0x10
[  798.687552][T26781]  ? srso_alias_return_thunk+0x5/0xfbef5
[  798.687582][T26781]  ? __pfx_wake_up_bit+0x10/0x10
[  798.687611][T26781]  ? srso_alias_return_thunk+0x5/0xfbef5
[  798.687651][T26781]  ? inode_go_inval+0x259/0x2c0
[  798.687682][T26781]  gfs2_make_fs_rw+0x181/0x2b0
[  798.687719][T26781]  gfs2_fill_super+0x1a91/0x20e0
[  798.687767][T26781]  ? __pfx_gfs2_fill_super+0x10/0x10
[  798.687794][T26781]  ? srso_alias_return_thunk+0x5/0xfbef5
[  798.687829][T26781]  ? init_locking+0xb8/0x210
[  798.687854][T26781]  ? srso_alias_return_thunk+0x5/0xfbef5
[  798.687882][T26781]  ? sb_set_blocksize+0x104/0x180
[  798.687925][T26781]  ? srso_alias_return_thunk+0x5/0xfbef5
[  798.687954][T26781]  ? setup_bdev_super+0x4c1/0x5b0
[  798.687984][T26781]  get_tree_bdev_flags+0x40e/0x4d0
[  798.688009][T26781]  ? __pfx_gfs2_fill_super+0x10/0x10
[  798.688039][T26781]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  798.688066][T26781]  ? rcu_is_watching+0x15/0xb0
[  798.688124][T26781]  gfs2_get_tree+0x51/0x1e0
[  798.688158][T26781]  vfs_get_tree+0x92/0x2b0
[  798.688187][T26781]  do_new_mount+0x24a/0xa40
[  798.688226][T26781]  __se_sys_mount+0x317/0x410
[  798.688265][T26781]  ? __pfx___se_sys_mount+0x10/0x10
[  798.688292][T26781]  ? srso_alias_return_thunk+0x5/0xfbef5
[  798.688330][T26781]  ? srso_alias_return_thunk+0x5/0xfbef5
[  798.688360][T26781]  ? __x64_sys_mount+0x20/0xc0
[  798.688392][T26781]  do_syscall_64+0xfa/0x3b0
[  798.688432][T26781]  ? lockdep_hardirqs_on+0x9c/0x150
[  798.688470][T26781]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  798.688495][T26781]  ? srso_alias_return_thunk+0x5/0xfbef5
[  798.688533][T26781]  ? exc_page_fault+0x9f/0xf0
[  798.688574][T26781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  798.688599][T26781] RIP: 0033:0x7fd2bb9900ca
[  798.688638][T26781] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  798.688666][T26781] RSP: 002b:00007fd2bc761e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  798.688697][T26781] RAX: ffffffffffffffda RBX: 00007fd2bc761ef0 RCX: 00007fd2bb9900ca
[  798.688718][T26781] RDX: 0000200000000280 RSI: 0000200000001c00 RDI: 00007fd2bc761eb0
[  798.688737][T26781] RBP: 0000200000000280 R08: 00007fd2bc761ef0 R09: 00000000000100c0
[  798.688756][T26781] R10: 00000000000100c0 R11: 0000000000000246 R12: 0000200000001c00
[  798.688773][T26781] R13: 00007fd2bc761eb0 R14: 0000000000012664 R15: 0000200000000440
[  798.688814][T26781]  </TASK>
[  799.031386][    C1] vkms_vblank_simulate: vblank timer overrun
[  799.233683][T26781] gfs2: fsid=syz:syz.0: can't make FS RW: -5
[  799.613579][T26809] loop8: detected capacity change from 0 to 22
[  799.638117][T26809] MTD: Attempt to mount non-MTD device "/dev/loop8"
[  799.692970][T26809] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  800.824411][T26843] loop7: detected capacity change from 0 to 4096
[  800.917170][T26813] loop2: detected capacity change from 0 to 32768
[  800.973797][T26854] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  801.248984][T26855] loop8: detected capacity change from 0 to 4096
[  801.324640][T26855] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512).
[  801.433350][T26860] loop7: detected capacity change from 0 to 8
[  801.527591][T26855] ntfs3(loop8): Failed to initialize $Extend/$Reparse.
[  802.987595][T26893] loop3: detected capacity change from 0 to 64
[  803.355969][T26905] loop3: detected capacity change from 0 to 256
[  803.390913][T26905] exfat: Deprecated parameter 'utf8'
[  803.407143][T26905] exfat: Deprecated parameter 'utf8'
[  803.506402][T26905] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  803.580315][T26875] loop7: detected capacity change from 0 to 32768
[  803.614258][T26913] loop2: detected capacity change from 0 to 256
[  803.684512][T26875] XFS (loop7): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  803.837438][T26875] XFS (loop7): Ending clean mount
[  804.123798][T26936] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  804.173299][T17817] XFS (loop7): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  804.395084][T26943] loop8: detected capacity change from 0 to 256
[  804.479544][T26943] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  804.943138][T26953] loop8: detected capacity change from 0 to 2048
[  804.957801][T26955] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8880'.
[  804.988516][T26955] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8880'.
[  805.007033][T26958] loop3: detected capacity change from 0 to 256
[  805.054627][T26953] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  805.284776][T18710] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  805.906137][T26982] Bluetooth: MGMT ver 1.23
[  805.929953][T26966] loop7: detected capacity change from 0 to 32768
[  805.945367][T26966] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.8883 (26966)
[  805.994602][T26966] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  805.994701][T26966] BTRFS info (device loop7): using crc32c (crc32c-x86_64) checksum algorithm
[  805.994738][T26966] BTRFS info (device loop7): using free-space-tree
[  806.125974][T26966] BTRFS info (device loop7): rebuilding free space tree
[  806.174258][   T30] audit: type=1800 audit(1750971409.027:291): pid=26966 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.8883" name="file1" dev="loop7" ino=260 res=0 errno=0
[  806.241046][T17817] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  806.714614][T27011] loop2: detected capacity change from 0 to 2048
[  806.843796][T27011] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  807.208082][ T5838] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  807.607110][ T6030] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  807.736246][T27040] netlink: 240 bytes leftover after parsing attributes in process `syz.3.8907'.
[  807.820350][ T6030] usb 9-1: Using ep0 maxpacket: 16
[  807.855099][ T6030] usb 9-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  807.895531][ T6030] usb 9-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  807.903682][ T6030] usb 9-1: Product: syz
[  807.912357][T27043] loop2: detected capacity change from 0 to 16
[  807.920393][ T6030] usb 9-1: Manufacturer: syz
[  807.925077][ T6030] usb 9-1: SerialNumber: syz
[  807.954229][T27043] erofs (device loop2): mounted with root inode @ nid 36.
[  807.972170][ T6030] usb 9-1: config 0 descriptor??
[  808.175148][T27015] loop6: detected capacity change from 0 to 32768
[  808.300694][T27015] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  808.305955][ T6527] usb 9-1: USB disconnect, device number 14
[  808.443004][T27015] XFS (loop6): Ending clean mount
[  808.507145][T27015] XFS (loop6): Quotacheck needed: Please wait.
[  808.724188][T27015] XFS (loop6): Quotacheck: Done.
[  808.805389][T27068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8918'.
[  808.940085][ T7241] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  809.369814][T27080] loop3: detected capacity change from 0 to 256
[  809.483659][T27080] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  809.555217][T27080] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  809.570150][   T30] audit: type=1800 audit(1750971412.189:292): pid=27080 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.8924" name="file1" dev="loop3" ino=1048741 res=0 errno=0
[  809.646740][T27080] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  809.734558][T27080] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  809.877047][T27087] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  809.915693][ T6527] kernel write not supported for file /audio (pid: 6527 comm: kworker/0:12)
[  810.719657][T27110] netlink: 'syz.8.8937': attribute type 32 has an invalid length.
[  810.732880][T27107] loop2: detected capacity change from 0 to 512
[  810.747979][T27110] netlink: 8 bytes leftover after parsing attributes in process `syz.8.8937'.
[  810.787273][T27107] EXT4-fs: Ignoring removed oldalloc option
[  810.804505][T27110] (unnamed net_device) (uninitialized): option coupled_control: invalid value (17)
[  810.869945][T27107] EXT4-fs (loop2): 1 truncate cleaned up
[  810.949093][T27107] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  811.123926][   T30] audit: type=1800 audit(1750971413.667:293): pid=27107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.8939" name="file1" dev="loop2" ino=15 res=0 errno=0
[  811.329464][ T5838] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  811.614640][T27085] loop7: detected capacity change from 0 to 40427
[  811.764951][T27142] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8952'.
[  811.804112][T27142] netlink: 'syz.6.8952': attribute type 1 has an invalid length.
[  811.846982][T27142] netlink: 44 bytes leftover after parsing attributes in process `syz.6.8952'.
[  811.966538][T27150] loop2: detected capacity change from 0 to 256
[  812.147432][T27150] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  812.235593][T27150] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  812.292370][T27154] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8955'.
[  812.436858][T27085] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  812.788540][T17817] syz-executor: attempt to access beyond end of device
[  812.788540][T17817] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  812.873276][T17817] CPU: 1 UID: 0 PID: 17817 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00116-ge34a79b96ab9 #0 PREEMPT(full) 
[  812.873314][T17817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  812.873332][T17817] Call Trace:
[  812.873344][T17817]  <TASK>
[  812.873355][T17817]  dump_stack_lvl+0x189/0x250
[  812.873409][T17817]  ? __pfx_dump_stack_lvl+0x10/0x10
[  812.873445][T17817]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  812.873485][T17817]  ? __pfx_queue_work_on+0x10/0x10
[  812.873512][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.873543][T17817]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  812.873580][T17817]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  812.873617][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.873646][T17817]  ? f2fs_hw_is_readonly+0x39b/0x470
[  812.873687][T17817]  f2fs_handle_critical_error+0x37c/0x540
[  812.873730][T17817]  f2fs_write_end_io+0x495/0x810
[  812.873766][T17817]  ? blkg_put+0x22/0x240
[  812.873817][T17817]  __submit_merged_bio+0x27a/0x6a0
[  812.873858][T17817]  __submit_merged_write_cond+0x255/0x530
[  812.873900][T17817]  f2fs_write_data_pages+0x261d/0x3000
[  812.873936][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.874013][T17817]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  812.874124][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.874187][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.874216][T17817]  ? __lock_acquire+0xab9/0xd20
[  812.874266][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.874294][T17817]  ? do_raw_spin_lock+0x121/0x290
[  812.874334][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.874370][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.874399][T17817]  ? do_raw_spin_unlock+0x122/0x240
[  812.874430][T17817]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  812.874467][T17817]  do_writepages+0x32e/0x550
[  812.874517][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.874551][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.874579][T17817]  ? do_raw_spin_unlock+0x122/0x240
[  812.874615][T17817]  filemap_fdatawrite+0x191/0x230
[  812.874641][T17817]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  812.874724][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.874761][T17817]  ? do_raw_spin_unlock+0x122/0x240
[  812.874799][T17817]  f2fs_sync_dirty_inodes+0x31f/0x830
[  812.874859][T17817]  f2fs_write_checkpoint+0x94a/0x1de0
[  812.874932][T17817]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  812.875038][T17817]  ? kill_f2fs_super+0x298/0x6c0
[  812.875083][T17817]  kill_f2fs_super+0x2c3/0x6c0
[  812.875136][T17817]  ? __pfx_kill_f2fs_super+0x10/0x10
[  812.875169][T17817]  ? radix_tree_delete_item+0x2b6/0x400
[  812.875218][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.875247][T17817]  ? shrinker_free+0x2ce/0x3e0
[  812.875285][T17817]  deactivate_locked_super+0xbc/0x130
[  812.875327][T17817]  cleanup_mnt+0x425/0x4c0
[  812.875363][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.875391][T17817]  ? lockdep_hardirqs_on+0x9c/0x150
[  812.875434][T17817]  task_work_run+0x1d4/0x260
[  812.875473][T17817]  ? __pfx_task_work_run+0x10/0x10
[  812.875508][T17817]  ? __x64_sys_umount+0x122/0x160
[  812.875558][T17817]  ? exit_to_user_mode_loop+0x40/0x110
[  812.875602][T17817]  exit_to_user_mode_loop+0xec/0x110
[  812.875641][T17817]  do_syscall_64+0x2bd/0x3b0
[  812.875679][T17817]  ? lockdep_hardirqs_on+0x9c/0x150
[  812.875717][T17817]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.875741][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  812.875770][T17817]  ? exc_page_fault+0x9f/0xf0
[  812.875811][T17817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.875836][T17817] RIP: 0033:0x7f1f37f8fc57
[  812.875860][T17817] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  812.875882][T17817] RSP: 002b:00007ffd401585a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  812.875910][T17817] RAX: 0000000000000000 RBX: 00007f1f38010925 RCX: 00007f1f37f8fc57
[  812.875928][T17817] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd40158660
[  812.875945][T17817] RBP: 00007ffd40158660 R08: 0000000000000000 R09: 0000000000000000
[  812.875962][T17817] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd401596f0
[  812.875979][T17817] R13: 00007f1f38010925 R14: 00000000000bced0 R15: 00007ffd40159730
[  812.876023][T17817]  </TASK>
[  813.298396][T27167] loop6: detected capacity change from 0 to 64
[  813.325487][T27168] loop2: detected capacity change from 0 to 512
[  813.364480][T27168] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  813.390516][T17817] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  813.471407][T27157] loop3: detected capacity change from 0 to 32768
[  813.489818][T27171] netlink: 'syz.8.8962': attribute type 29 has an invalid length.
[  813.500587][T27171] netlink: 'syz.8.8962': attribute type 29 has an invalid length.
[  813.582853][T27168] EXT4-fs (loop2): 1 truncate cleaned up
[  813.627446][T27168] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  813.680787][T27157] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  813.865355][T27179] loop8: detected capacity change from 0 to 1024
[  813.957684][T27157] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  813.987372][T27179] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  814.079343][ T5838] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  814.140892][T27179] EXT4-fs error (device loop8): ext4_search_dir:1474: inode #11: block 32: comm syz.8.8963: bad entry in directory: rec_len % 4 != 0 - offset=12, inode=2, rec_len=65526, size=1024 fake=1
[  814.152239][T27157] XFS (loop3): Starting recovery (logdev: internal)
[  814.358598][T27157] XFS (loop3): Ending recovery (logdev: internal)
[  814.471142][T18710] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  814.640550][ T5825] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  814.657214][T27194] loop6: detected capacity change from 0 to 1024
[  814.780030][T27194] hfsplus: bad catalog entry type
[  814.882679][T27197] loop8: detected capacity change from 0 to 1024
[  814.925867][T27199] netdevsim netdevsim0: Firmware load for '../file0' refused, path contains '..' component
[  815.014457][   T60] hfsplus: b-tree write err: -5, ino 4
[  815.036852][T27197] hfsplus: bad catalog entry type
[  815.278387][ T3000] hfsplus: b-tree write err: -5, ino 4
[  815.644269][T27218] loop3: detected capacity change from 0 to 1024
[  815.727972][T27218] hfsplus: bad catalog entry type
[  816.001306][T27226] netlink: 'syz.0.8987': attribute type 1 has an invalid length.
[  816.071214][T27226] netlink: 144 bytes leftover after parsing attributes in process `syz.0.8987'.
[  816.125718][T27226] netlink: 'syz.0.8987': attribute type 1 has an invalid length.
[  816.163964][T27226] netlink: 76 bytes leftover after parsing attributes in process `syz.0.8987'.
[  817.731295][T27288] sp0: Synchronizing with TNC
[  817.930590][T27248] loop6: detected capacity change from 0 to 40427
[  817.982033][T27248] F2FS-fs (loop6): build fault injection rate: 16
[  817.999615][T27248] F2FS-fs (loop6): build fault injection type: 0x3bfe8c
[  818.105152][T27248] F2FS-fs (loop6): invalid crc value
[  818.133834][T27248] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  818.166754][T27296] loop8: detected capacity change from 0 to 64
[  818.212614][T27300] loop2: detected capacity change from 0 to 128
[  818.283823][    C0] F2FS-fs (loop6): inject read IO error in f2fs_read_end_io of blk_update_request+0x5eb/0xe70
[  818.360360][T27296] BFS-fs: bfs_fill_super(): loop8 is unclean, continuing
[  818.746623][T27302] loop3: detected capacity change from 0 to 256
[  818.819754][T27248] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  818.960067][T27307] loop8: detected capacity change from 0 to 128
[  819.062916][T27302] FAT-fs (loop3): Directory bread(block 64) failed
[  819.070110][T27248] F2FS-fs (loop6): inject dquot initialize in f2fs_dquot_initialize of f2fs_new_inode+0x509/0x1050
[  819.105782][T27302] FAT-fs (loop3): Directory bread(block 65) failed
[  819.106375][T27307] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  819.135157][T27302] FAT-fs (loop3): Directory bread(block 66) failed
[  819.167511][T27302] FAT-fs (loop3): Directory bread(block 67) failed
[  819.238513][T27302] FAT-fs (loop3): Directory bread(block 68) failed
[  819.266011][T27302] FAT-fs (loop3): Directory bread(block 69) failed
[  819.274800][T27307] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  819.296367][T27302] FAT-fs (loop3): Directory bread(block 70) failed
[  819.329777][T27302] FAT-fs (loop3): Directory bread(block 71) failed
[  819.353962][T27302] FAT-fs (loop3): Directory bread(block 72) failed
[  819.360600][T27302] FAT-fs (loop3): Directory bread(block 73) failed
[  820.027547][T27317] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9028'.
[  820.092623][T27317] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  820.240434][T27321] loop3: detected capacity change from 0 to 512
[  820.273331][T27321] EXT4-fs: Ignoring removed nomblk_io_submit option
[  820.334949][T27321] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  820.348190][T27321] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  820.439173][T27321] EXT4-fs (loop3): 1 truncate cleaned up
[  820.461844][T27321] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  820.547196][T27321] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #2: block 4: comm syz.3.9030: lblock 0 mapped to illegal pblock 4 (length 1)
[  820.657913][T27321] EXT4-fs (loop3): Remounting filesystem read-only
[  820.799943][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  821.060215][T27313] loop8: detected capacity change from 0 to 32768
[  821.470249][T27352] loop6: detected capacity change from 0 to 64
[  821.637019][T27354] loop2: detected capacity change from 0 to 256
[  821.706503][T27354] exfat: Deprecated parameter 'utf8'
[  821.777394][T27354] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  822.120549][T27366] program syz.2.9051 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  822.223226][T27368] Bluetooth: MGMT ver 1.23
[  822.664758][T27381] loop8: detected capacity change from 0 to 256
[  822.696247][T27381] exFAT-fs (loop8): failed to load upcase table (idx : 0x00011f50, chksum : 0xa6aae999, utbl_chksum : 0xe619d30d)
[  823.130500][T27392] netlink: 'syz.7.9062': attribute type 27 has an invalid length.
[  824.191127][T27434] loop3: detected capacity change from 0 to 512
[  824.211583][T27433] loop8: detected capacity change from 0 to 512
[  824.249659][T27435] vlan2: entered allmulticast mode
[  824.251141][T27434] EXT4-fs: Ignoring removed nobh option
[  824.254854][T27435] vlan1: entered allmulticast mode
[  824.307715][T27435] veth0_vlan: entered allmulticast mode
[  824.331620][T27433] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -2
[  824.383746][T27433] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -2
[  824.424418][T27434] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.9082: iget: bad i_size value: 38620345925642
[  824.448156][T27433] EXT4-fs (loop8): 1 truncate cleaned up
[  824.494546][T27433] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  824.533613][T27434] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.9082: couldn't read orphan inode 15 (err -117)
[  824.694343][T27434] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  824.780988][T27433] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000.
[  824.806616][T27449] netlink: 'syz.0.9088': attribute type 1 has an invalid length.
[  824.832858][T27449] netlink: 208 bytes leftover after parsing attributes in process `syz.0.9088'.
[  824.849400][T27434] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.9082: bg 0: block 5: invalid block bitmap
[  824.875971][T27418] loop6: detected capacity change from 0 to 40427
[  824.879830][T27449] netlink: 'syz.0.9088': attribute type 1 has an invalid length.
[  824.931478][T27449] netlink: 'syz.0.9088': attribute type 2 has an invalid length.
[  824.941865][T27418] F2FS-fs (loop6): build fault injection rate: 771
[  824.943013][T27434] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  825.014807][T27418] F2FS-fs (loop6): invalid crc value
[  825.022097][T18710] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  825.037554][T27434] EXT4-fs (loop3): This should not happen!! Data will be lost
[  825.037554][T27434] 
[  825.084278][T27434] EXT4-fs (loop3): Total free blocks count 0
[  825.095085][T27434] EXT4-fs (loop3): Free/Dirty block details
[  825.150287][T27434] EXT4-fs (loop3): free_blocks=0
[  825.190033][T27434] EXT4-fs (loop3): dirty_blocks=2
[  825.215740][T27434] EXT4-fs (loop3): Block reservation details
[  825.233438][T27434] EXT4-fs (loop3): i_reserved_data_blocks=2
[  825.348475][T27418] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  825.373725][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  825.569900][ T7241] syz-executor: attempt to access beyond end of device
[  825.569900][ T7241] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  825.621032][ T7241] CPU: 1 UID: 0 PID: 7241 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00116-ge34a79b96ab9 #0 PREEMPT(full) 
[  825.621075][ T7241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  825.621091][ T7241] Call Trace:
[  825.621102][ T7241]  <TASK>
[  825.621115][ T7241]  dump_stack_lvl+0x189/0x250
[  825.621175][ T7241]  ? __pfx_dump_stack_lvl+0x10/0x10
[  825.621215][ T7241]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  825.621257][ T7241]  ? __pfx_queue_work_on+0x10/0x10
[  825.621288][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.621319][ T7241]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  825.621356][ T7241]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  825.621394][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.621425][ T7241]  ? f2fs_hw_is_readonly+0x39b/0x470
[  825.621469][ T7241]  f2fs_handle_critical_error+0x37c/0x540
[  825.621512][ T7241]  f2fs_write_end_io+0x495/0x810
[  825.621552][ T7241]  ? blkg_put+0x22/0x240
[  825.621605][ T7241]  __submit_merged_bio+0x27a/0x6a0
[  825.621646][ T7241]  __submit_merged_write_cond+0x255/0x530
[  825.621687][ T7241]  f2fs_write_data_pages+0x261d/0x3000
[  825.621778][ T7241]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  825.621834][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.621873][ T7241]  ? kernel_text_address+0xa5/0xe0
[  825.621954][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.621988][ T7241]  ? stack_depot_save_flags+0x40/0x900
[  825.622034][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.622092][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.622122][ T7241]  ? __lock_acquire+0xab9/0xd20
[  825.622178][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.622208][ T7241]  ? do_raw_spin_lock+0x121/0x290
[  825.622247][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.622284][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.622313][ T7241]  ? do_raw_spin_unlock+0x122/0x240
[  825.622346][ T7241]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  825.622384][ T7241]  do_writepages+0x32e/0x550
[  825.622437][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.622472][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.622500][ T7241]  ? do_raw_spin_unlock+0x122/0x240
[  825.622537][ T7241]  filemap_fdatawrite+0x191/0x230
[  825.622565][ T7241]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  825.622651][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.622688][ T7241]  ? do_raw_spin_unlock+0x122/0x240
[  825.622725][ T7241]  f2fs_sync_dirty_inodes+0x31f/0x830
[  825.622791][ T7241]  f2fs_write_checkpoint+0x94a/0x1de0
[  825.622908][ T7241]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  825.623004][ T7241]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  825.623040][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.623070][ T7241]  ? kfree+0x18e/0x440
[  825.623120][ T7241]  ? kill_f2fs_super+0x298/0x6c0
[  825.623164][ T7241]  kill_f2fs_super+0x2c3/0x6c0
[  825.623211][ T7241]  ? __pfx_kill_f2fs_super+0x10/0x10
[  825.623242][ T7241]  ? radix_tree_delete_item+0x2b6/0x400
[  825.623298][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.623327][ T7241]  ? shrinker_free+0x2ce/0x3e0
[  825.623367][ T7241]  deactivate_locked_super+0xbc/0x130
[  825.623412][ T7241]  cleanup_mnt+0x425/0x4c0
[  825.623449][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.623478][ T7241]  ? lockdep_hardirqs_on+0x9c/0x150
[  825.623526][ T7241]  task_work_run+0x1d4/0x260
[  825.623566][ T7241]  ? __pfx_task_work_run+0x10/0x10
[  825.623596][ T7241]  ? __x64_sys_umount+0x122/0x160
[  825.623649][ T7241]  ? exit_to_user_mode_loop+0x40/0x110
[  825.623698][ T7241]  exit_to_user_mode_loop+0xec/0x110
[  825.623741][ T7241]  do_syscall_64+0x2bd/0x3b0
[  825.623780][ T7241]  ? lockdep_hardirqs_on+0x9c/0x150
[  825.623818][ T7241]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.623842][ T7241]  ? srso_alias_return_thunk+0x5/0xfbef5
[  825.623879][ T7241]  ? exc_page_fault+0x9f/0xf0
[  825.623921][ T7241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.623947][ T7241] RIP: 0033:0x7f4f9798fc57
[  825.623972][ T7241] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  825.623996][ T7241] RSP: 002b:00007ffef6a3e278 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  825.624024][ T7241] RAX: 0000000000000000 RBX: 00007f4f97a10925 RCX: 00007f4f9798fc57
[  825.624044][ T7241] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffef6a3e330
[  825.624062][ T7241] RBP: 00007ffef6a3e330 R08: 0000000000000000 R09: 0000000000000000
[  825.624079][ T7241] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffef6a3f3c0
[  825.624097][ T7241] R13: 00007f4f97a10925 R14: 00000000000bfdaf R15: 00007ffef6a3f400
[  825.624141][ T7241]  </TASK>
[  825.624433][ T7241] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  826.191588][T27476] loop8: detected capacity change from 0 to 256
[  826.734604][T27489] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  827.429337][T27512] loop3: detected capacity change from 0 to 8
[  827.459940][T27515] loop6: detected capacity change from 0 to 256
[  827.528651][T27516] loop2: detected capacity change from 0 to 1024
[  827.567505][T27518] netlink: 12 bytes leftover after parsing attributes in process `syz.8.9117'.
[  827.622346][T27516] EXT4-fs: Ignoring removed bh option
[  827.686556][T27516] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  827.758952][T27516] EXT4-fs error (device loop2): ext4_quota_enable:7124: comm syz.2.9115: inode #2304: comm syz.2.9115: iget: illegal inode #
[  827.787013][T27516] EXT4-fs (loop2): Remounting filesystem read-only
[  827.830008][T27516] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix.
[  827.887243][T27530] delete_channel: no stack
[  827.892498][T27529] delete_channel: no stack
[  827.905305][T27516] EXT4-fs (loop2): mount failed
[  828.197540][T27538] loop8: detected capacity change from 0 to 512
[  828.221170][T27538] EXT4-fs error (device loop8): ext4_validate_block_bitmap:432: comm syz.8.9124: bg 0: block 5: invalid block bitmap
[  828.258200][T27538] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  828.302326][T27538] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #11: comm syz.8.9124: invalid indirect mapped block 3 (level 2)
[  828.424318][T27538] EXT4-fs (loop8): 2 truncates cleaned up
[  828.460927][T27538] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  828.607637][T27547] CIFS mount error: No usable UNC path provided in device string!
[  828.607637][T27547] 
[  828.642052][T27547] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  828.667589][T18710] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  829.096387][T27558] loop7: detected capacity change from 0 to 512
[  829.126638][T27558] EXT4-fs: Ignoring removed oldalloc option
[  829.169066][T27558] EXT4-fs (loop7): 1 truncate cleaned up
[  829.188772][T27558] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  829.223053][T27537] loop2: detected capacity change from 0 to 32768
[  829.272242][T27537] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  829.450160][T27537] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  829.520577][T17817] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  830.057743][T27550] loop3: detected capacity change from 0 to 32768
[  830.304101][T27584] loop6: detected capacity change from 0 to 512
[  830.463514][T27550] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.9132 (27550)
[  830.502720][ T5900] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  830.524397][ T5838] ocfs2: Unmounting device (7,2) on (node local)
[  830.530890][T27584] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.9146: casefold flag without casefold feature
[  830.638380][T27584] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.9146: couldn't read orphan inode 15 (err -117)
[  830.752989][T27584] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  830.765848][ T5900] usb 9-1: Using ep0 maxpacket: 32
[  830.786982][ T5900] usb 9-1: config 0 has an invalid interface number: 51 but max is 0
[  830.836206][T27574] loop7: detected capacity change from 0 to 131072
[  830.851870][ T5900] usb 9-1: config 0 has no interface number 0
[  830.861264][T27550] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  830.903631][T27574] F2FS-fs (loop7): Skip to start discard thread for readonly image
[  830.918202][T27550] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  830.932643][ T5900] usb 9-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  830.982375][T27574] F2FS-fs (loop7): Mounted with checkpoint version = 1b41e955
[  830.985176][ T5900] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  831.015806][T27550] BTRFS info (device loop3): disk space caching is enabled
[  831.084127][T27550] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  831.103880][ T5900] usb 9-1: Product: syz
[  831.126385][ T5900] usb 9-1: Manufacturer: syz
[  831.132050][ T5900] usb 9-1: SerialNumber: syz
[  831.169181][ T7241] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  831.189401][ T5900] usb 9-1: config 0 descriptor??
[  831.211337][ T5900] quatech2 9-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  831.438568][ T5900] usb 9-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  831.492847][ T5900] usb 9-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  831.502439][T27550] BTRFS info (device loop3): rebuilding free space tree
[  831.578185][T27550] BTRFS info (device loop3): disabling free space tree
[  831.635063][T27550] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  831.644839][T27550] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  831.866504][    C1] usb 9-1: qt2_read_bulk_callback - non-zero urb status: -71
[  831.881771][ T5900] usb 9-1: USB disconnect, device number 15
[  831.948511][ T5900] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  831.982382][   T30] audit: type=1800 audit(1750971433.174:294): pid=27550 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.9132" name="file1" dev="loop3" ino=260 res=0 errno=0
[  832.019310][ T5900] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  832.088085][ T5900] quatech2 9-1:0.51: device disconnected
[  832.139732][ T5825] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  832.221637][T27623] netlink: 'syz.0.9155': attribute type 1 has an invalid length.
[  832.284294][T27623] netlink: 248 bytes leftover after parsing attributes in process `syz.0.9155'.
[  832.922190][T27638] loop8: detected capacity change from 0 to 512
[  833.007392][T27642] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  833.062356][T27638] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  833.158202][T27638] ext4 filesystem being mounted at /548/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  833.593644][T18710] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  833.777597][T27617] loop7: detected capacity change from 0 to 32768
[  833.992090][T27672] loop8: detected capacity change from 0 to 128
[  834.002014][T27617] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  834.005073][T27672] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  834.057688][T27672] ext4 filesystem being mounted at /549/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  834.186811][T27617] XFS (loop7): Ending clean mount
[  834.286247][T17817] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  834.454470][T18710] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  834.849096][T27697] loop8: detected capacity change from 0 to 256
[  834.959567][T27697] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x987a2e96, utbl_chksum : 0xe619d30d)
[  835.154645][T27697] exFAT-fs (loop8): start_clu is invalid cluster(0x0)
[  835.362637][T27705] loop2: detected capacity change from 0 to 4096
[  835.412582][T27705] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  835.449756][T27705] EXT4-fs (loop2): Test dummy encryption mode enabled
[  835.620332][T27705] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  835.704987][T27715] loop7: detected capacity change from 0 to 1024
[  835.836545][T27705] overlayfs: failed to create directory ./file0/work (errno: 117); mounting read-only
[  835.872297][T27715] EXT4-fs: Ignoring removed orlov option
[  835.967382][T27715] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  836.176411][T27715] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9192'.
[  836.344994][ T5838] EXT4-fs error (device loop2): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /1558/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  836.437142][T17817] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  836.463349][ T5838] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  836.494478][T27742] loop6: detected capacity change from 0 to 64
[  836.541683][ T5838] EXT4-fs warning (device loop2): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  836.576592][ T5838] EXT4-fs error (device loop2): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /1558/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  836.597814][    C1] vkms_vblank_simulate: vblank timer overrun
[  836.681753][ T5838] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  836.703185][T27742] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended.  leaving read-only.
[  836.748182][ T5838] EXT4-fs warning (device loop2): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  836.783837][ T5838] EXT4-fs error (device loop2): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /1558/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  836.844162][ T5838] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  836.886567][ T5838] EXT4-fs warning (device loop2): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  836.902559][ T5838] EXT4-fs error (device loop2): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /1558/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  836.973984][ T5838] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  837.017484][ T5838] EXT4-fs warning (device loop2): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  837.032227][ T5838] EXT4-fs error (device loop2): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /1558/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  837.068831][ T5838] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  837.094700][ T5838] EXT4-fs warning (device loop2): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  837.165242][ T5838] EXT4-fs warning (device loop2): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  837.212574][ T5838] EXT4-fs warning (device loop2): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  837.261359][ T5838] EXT4-fs warning (device loop2): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  837.307359][ T5838] EXT4-fs warning (device loop2): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  837.310162][T27760] loop6: detected capacity change from 0 to 2048
[  837.361973][ T5838] EXT4-fs warning (device loop2): ext4_empty_dir:3095: inode #12: comm syz-executor: directory missing '..'
[  837.430050][T27760] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found!
[  837.505543][T27760] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  837.705855][T27773] loop8: detected capacity change from 0 to 256
[  837.817020][T27773] exFAT-fs (loop8): failed to load upcase table (idx : 0x0001034b, chksum : 0x6322ccb6, utbl_chksum : 0xe619d30d)
[  838.748537][T27808] program syz.6.9222 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  839.029251][ T5838] team0: Port device syz_tun removed
[  839.095405][T27818] loop6: detected capacity change from 0 to 64
[  839.104530][T27816] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  839.104530][T27816]    program syz.3.9227 not setting count and/or reply_len properly
[  839.281128][ T5838] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  839.427807][T27827] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9232'.
[  839.487849][T27827] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9232'.
[  839.498610][T27827] netlink: 'syz.7.9232': attribute type 13 has an invalid length.
[  839.593753][ T3000] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  840.000031][ T3000] netdevsim netdevsim2 netdevsim2 (unregistering): left allmulticast mode
[  840.042535][ T3000] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  840.170058][ T3000] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  840.360849][ T3000] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  840.536244][T27844] loop3: detected capacity change from 0 to 4096
[  840.622706][T27844] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  841.673328][T27849] loop8: detected capacity change from 0 to 32768
[  841.683033][ T5145] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  841.708237][ T5145] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  841.710269][T27849] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.9242 (27849)
[  841.733545][T27850] loop7: detected capacity change from 0 to 32768
[  841.740598][ T5145] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  841.770120][ T5145] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  841.782395][ T5145] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  841.804828][T27849] BTRFS info (device loop8): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  841.811618][T27850] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.9243 (27850)
[  841.818538][T27849] BTRFS info (device loop8): using sha256 (sha256-x86_64) checksum algorithm
[  841.862888][T21741] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  841.911977][T21741] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  841.921035][T21741] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  841.930400][T21741] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  841.942651][T21741] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  842.005904][T27865] loop6: detected capacity change from 0 to 8
[  842.038937][T27850] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  842.083725][T27865] SQUASHFS error: Failed to read block 0x6a4: -5
[  842.092347][T27865] SQUASHFS error: Unable to read metadata cache entry [6a2]
[  842.142390][T27850] BTRFS info (device loop7): using crc32c (crc32c-x86_64) checksum algorithm
[  842.191640][T27850] BTRFS info (device loop7): disk space caching is enabled
[  842.302596][T27850] BTRFS warning (device loop7): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  842.388358][T27849] BTRFS info (device loop8): rebuilding free space tree
[  842.488981][T27849] BTRFS info (device loop8): disabling free space tree
[  842.507970][T27849] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  842.575457][T27849] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  842.649094][T27850] BTRFS info (device loop7): rebuilding free space tree
[  842.738282][T27850] BTRFS info (device loop7): disabling free space tree
[  842.785883][T27850] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  842.842215][T27850] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  843.011234][T18710] BTRFS info (device loop8): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  843.091078][   T30] audit: type=1800 audit(1750971443.568:295): pid=27850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.9243" name="file1" dev="loop7" ino=260 res=0 errno=0
[  843.153119][T17817] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  843.407973][T27884] loop6: detected capacity change from 0 to 32768
[  843.514740][ T3000] team0: Port device bridge0 removed
[  843.535747][T27884] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  843.668850][T27884] XFS (loop6): Ending clean mount
[  843.963924][ T7241] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  844.134012][T21741] Bluetooth: hci3: command tx timeout
[  844.356799][   T24] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  844.538776][   T24] usb 9-1: config 0 interface 0 altsetting 14 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  844.554160][ T3000] bond0 (unregistering): (slave team0): Releasing backup interface
[  844.568632][   T24] usb 9-1: config 0 interface 0 altsetting 14 endpoint 0x81 has invalid wMaxPacketSize 0
[  844.590235][   T24] usb 9-1: config 0 interface 0 has no altsetting 0
[  844.596912][   T24] usb 9-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00
[  844.613263][ T3000] bond0 (unregistering): Released all slaves
[  844.621406][   T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  844.645304][   T24] usb 9-1: config 0 descriptor??
[  844.651586][ T3000] bond1 (unregistering): Released all slaves
[  844.747264][T27920] loop7: detected capacity change from 0 to 40427
[  844.962077][T27920] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  845.018773][   T30] audit: type=1800 audit(1750971445.373:296): pid=27920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.9258" name="file2" dev="loop7" ino=10 res=0 errno=0
[  845.111990][   T24] elecom 0003:056E:00FB.0009: item fetching failed at offset 1/3
[  845.152268][T17817] syz-executor: attempt to access beyond end of device
[  845.152268][T17817] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  845.163016][   T24] elecom 0003:056E:00FB.0009: probe with driver elecom failed with error -22
[  845.169293][T17817] CPU: 0 UID: 0 PID: 17817 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00116-ge34a79b96ab9 #0 PREEMPT(full) 
[  845.169328][T17817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  845.169345][T17817] Call Trace:
[  845.169356][T17817]  <TASK>
[  845.169367][T17817]  dump_stack_lvl+0x189/0x250
[  845.169420][T17817]  ? __pfx_dump_stack_lvl+0x10/0x10
[  845.169458][T17817]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  845.169496][T17817]  ? __pfx_queue_work_on+0x10/0x10
[  845.169523][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.169553][T17817]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  845.169588][T17817]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  845.169625][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.169653][T17817]  ? f2fs_hw_is_readonly+0x39b/0x470
[  845.169693][T17817]  f2fs_handle_critical_error+0x37c/0x540
[  845.169734][T17817]  f2fs_write_end_io+0x495/0x810
[  845.169778][T17817]  ? blkg_put+0x22/0x240
[  845.169829][T17817]  __submit_merged_bio+0x27a/0x6a0
[  845.169876][T17817]  __submit_merged_write_cond+0x255/0x530
[  845.169917][T17817]  f2fs_write_data_pages+0x261d/0x3000
[  845.169949][T17817]  ? check_noncircular+0xe0/0x160
[  845.169986][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.170014][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.170092][T17817]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  845.170123][T17817]  ? __switch_to+0x6c0/0x1600
[  845.170227][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.170256][T17817]  ? trace_sched_exit_tp+0x38/0x120
[  845.170297][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.170326][T17817]  ? __schedule+0x1713/0x4d00
[  845.170368][T17817]  ? folios_put_refs+0x559/0x640
[  845.170420][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.170448][T17817]  ? __lock_acquire+0xab9/0xd20
[  845.170497][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.170526][T17817]  ? do_raw_spin_lock+0x121/0x290
[  845.170563][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.170598][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.170626][T17817]  ? do_raw_spin_unlock+0x122/0x240
[  845.170658][T17817]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  845.170694][T17817]  do_writepages+0x32e/0x550
[  845.170743][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.170778][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.170806][T17817]  ? do_raw_spin_unlock+0x122/0x240
[  845.170844][T17817]  filemap_fdatawrite+0x191/0x230
[  845.170877][T17817]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  845.170963][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.170999][T17817]  ? do_raw_spin_unlock+0x122/0x240
[  845.171036][T17817]  f2fs_sync_dirty_inodes+0x31f/0x830
[  845.171096][T17817]  f2fs_write_checkpoint+0x94a/0x1de0
[  845.171169][T17817]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  845.171280][T17817]  ? kill_f2fs_super+0x298/0x6c0
[  845.171325][T17817]  kill_f2fs_super+0x2c3/0x6c0
[  845.171372][T17817]  ? __pfx_kill_f2fs_super+0x10/0x10
[  845.171409][T17817]  ? radix_tree_delete_item+0x2b6/0x400
[  845.171456][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.171484][T17817]  ? shrinker_free+0x2ce/0x3e0
[  845.171522][T17817]  deactivate_locked_super+0xbc/0x130
[  845.171562][T17817]  cleanup_mnt+0x425/0x4c0
[  845.171597][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.171625][T17817]  ? lockdep_hardirqs_on+0x9c/0x150
[  845.171667][T17817]  task_work_run+0x1d4/0x260
[  845.171705][T17817]  ? __pfx_task_work_run+0x10/0x10
[  845.171734][T17817]  ? __x64_sys_umount+0x122/0x160
[  845.171783][T17817]  ? exit_to_user_mode_loop+0x40/0x110
[  845.171827][T17817]  exit_to_user_mode_loop+0xec/0x110
[  845.171875][T17817]  do_syscall_64+0x2bd/0x3b0
[  845.171913][T17817]  ? lockdep_hardirqs_on+0x9c/0x150
[  845.171950][T17817]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.171977][T17817]  ? srso_alias_return_thunk+0x5/0xfbef5
[  845.172005][T17817]  ? exc_page_fault+0x9f/0xf0
[  845.172046][T17817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.172070][T17817] RIP: 0033:0x7f1f37f8fc57
[  845.172094][T17817] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  845.172116][T17817] RSP: 002b:00007ffd401585a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  845.172143][T17817] RAX: 0000000000000000 RBX: 00007f1f38010925 RCX: 00007f1f37f8fc57
[  845.172161][T17817] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd40158660
[  845.172177][T17817] RBP: 00007ffd40158660 R08: 0000000000000000 R09: 0000000000000000
[  845.172194][T17817] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd401596f0
[  845.172212][T17817] R13: 00007f1f38010925 R14: 00000000000c456a R15: 00007ffd40159730
[  845.172257][T17817]  </TASK>
[  845.173465][T17817] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  845.331400][   T24] usb 9-1: USB disconnect, device number 16
[  845.667392][ T3000] bond2 (unregistering): Released all slaves
[  845.705704][T27906] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9254'.
[  845.820632][ T3000] tipc: Disabling bearer <eth:macvlan0>
[  845.873759][ T3000] tipc: Left network mode
[  845.981985][ T3000] IPVS: stopping backup sync thread 24745 ...
[  846.353647][T21741] Bluetooth: hci3: command tx timeout
[  846.879550][T27860] lo speed is unknown, defaulting to 1000
[  847.017394][T27959] loop3: detected capacity change from 0 to 4096
[  847.176009][T27969] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  847.268647][T27971] loop7: detected capacity change from 0 to 64
[  847.342228][T27971] hfs: unable to locate alternate MDB
[  847.367969][T27971] hfs: continuing without an alternate MDB
[  848.471972][T27963] loop6: detected capacity change from 0 to 40427
[  848.504012][T27963] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  848.520202][T27963] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  848.564337][T27963] F2FS-fs (loop6): invalid crc value
[  848.576798][T21741] Bluetooth: hci3: command tx timeout
[  849.061155][T27963] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  849.111116][T27963] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  849.679831][T28018] ip6gretap0: entered promiscuous mode
[  849.760857][T28018] ip6gretap0: left promiscuous mode
[  849.938074][T28031] loop8: detected capacity change from 0 to 16
[  850.030547][T28031] erofs (device loop8): mounted with root inode @ nid 36.
[  850.377997][ T3000] hsr_slave_0: left promiscuous mode
[  850.447350][ T3000] hsr_slave_1: left promiscuous mode
[  850.453578][ T3000] batman_adv: batadv0: Removing interface: 
€Â
[  850.488467][T28039] loop3: detected capacity change from 0 to 4096
[  850.599778][T28048] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  850.637443][T28044] xt_CT: No such helper "pptp"
[  850.675126][   T30] audit: type=1800 audit(1750971450.659:297): pid=28039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.9298" name="file1" dev="loop3" ino=15 res=0 errno=0
[  850.805232][T21741] Bluetooth: hci3: command tx timeout
[  850.999994][T28058] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9303'.
[  851.036804][T28058] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9303'.
[  851.067149][T28058] netlink: 'syz.3.9303': attribute type 7 has an invalid length.
[  851.266930][T28062] netlink: 36 bytes leftover after parsing attributes in process `syz.8.9305'.
[  851.399513][ T3017] smc: removing ib device syz2
[  851.631838][T28053] loop6: detected capacity change from 0 to 32768
[  851.646346][T28053] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.9292 (28053)
[  851.712259][T28053] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  851.732153][T28053] BTRFS info (device loop6): using sha256 (sha256-x86_64) checksum algorithm
[  851.929247][T28053] BTRFS info (device loop6): rebuilding free space tree
[  851.998896][T28053] BTRFS info (device loop6): disabling free space tree
[  852.008691][T28053] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  852.034313][T28053] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  852.497490][ T7241] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  853.834701][   T30] audit: type=1326 audit(1750971453.616:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28090 comm="syz.6.9310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  853.864218][   T30] audit: type=1326 audit(1750971453.616:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28090 comm="syz.6.9310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  853.896856][   T30] audit: type=1326 audit(1750971453.616:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28090 comm="syz.6.9310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4f9798d290 code=0x7ffc0000
[  853.952300][   T30] audit: type=1326 audit(1750971453.616:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28090 comm="syz.6.9310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4f9798d290 code=0x7ffc0000
[  854.044899][   T30] audit: type=1326 audit(1750971453.616:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28090 comm="syz.6.9310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  854.075372][T28060] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9304'.
[  854.128384][   T30] audit: type=1326 audit(1750971453.616:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28090 comm="syz.6.9310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  854.171400][ T6527] ==================================================================
[  854.179584][ T6527] BUG: KASAN: slab-use-after-free in __ethtool_get_link_ksettings+0x6e/0x190
[  854.188423][ T6527] Read of size 8 at addr ffff88807b8ba2e8 by task kworker/0:12/6527
[  854.196428][ T6527] 
[  854.198775][ T6527] CPU: 0 UID: 0 PID: 6527 Comm: kworker/0:12 Not tainted 6.16.0-rc3-syzkaller-00116-ge34a79b96ab9 #0 PREEMPT(full) 
[  854.198809][ T6527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  854.198827][ T6527] Workqueue: events smc_ib_port_event_work
[  854.198876][ T6527] Call Trace:
[  854.198887][ T6527]  <TASK>
[  854.198899][ T6527]  dump_stack_lvl+0x189/0x250
[  854.198942][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  854.198971][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  854.199001][ T6527]  ? __pfx_dump_stack_lvl+0x10/0x10
[  854.199039][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  854.199066][ T6527]  ? rcu_is_watching+0x15/0xb0
[  854.199121][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  854.199150][ T6527]  ? lock_release+0x4b/0x3e0
[  854.199189][ T6527]  ? __virt_addr_valid+0x1c8/0x5c0
[  854.199246][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  854.199289][ T6527]  ? __virt_addr_valid+0x4a5/0x5c0
[  854.199316][ T6527]  print_report+0xd2/0x2b0
[  854.199373][ T6527]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  854.199410][ T6527]  kasan_report+0x118/0x150
[  854.199442][ T6527]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  854.199480][ T6527]  __ethtool_get_link_ksettings+0x6e/0x190
[  854.199517][ T6527]  ib_get_eth_speed+0x15e/0x7b0
[  854.199554][ T6527]  ? __pfx_ib_get_eth_speed+0x10/0x10
[  854.199592][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  854.199628][ T6527]  ? do_raw_spin_unlock+0x122/0x240
[  854.199665][ T6527]  rxe_query_port+0x93/0x3b0
[  854.199713][ T6527]  ib_query_port+0x170/0x830
[  854.199752][ T6527]  smc_ib_port_event_work+0x15a/0x940
[  854.199796][ T6527]  ? _raw_spin_unlock_irq+0x23/0x50
[  854.199831][ T6527]  ? process_scheduled_works+0x9ef/0x17b0
[  854.199870][ T6527]  ? process_scheduled_works+0x9ef/0x17b0
[  854.199909][ T6527]  process_scheduled_works+0xae1/0x17b0
[  854.199965][ T6527]  ? __pfx_process_scheduled_works+0x10/0x10
[  854.200008][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  854.200044][ T6527]  worker_thread+0x8a0/0xda0
[  854.200104][ T6527]  ? __kthread_parkme+0x7b/0x200
[  854.200149][ T6527]  kthread+0x711/0x8a0
[  854.200183][ T6527]  ? __pfx_worker_thread+0x10/0x10
[  854.200222][ T6527]  ? __pfx_kthread+0x10/0x10
[  854.200248][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  854.200281][ T6527]  ? _raw_spin_unlock_irq+0x23/0x50
[  854.200316][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  854.200346][ T6527]  ? lockdep_hardirqs_on+0x9c/0x150
[  854.200383][ T6527]  ? __pfx_kthread+0x10/0x10
[  854.200413][ T6527]  ret_from_fork+0x3fc/0x770
[  854.200458][ T6527]  ? __pfx_ret_from_fork+0x10/0x10
[  854.200498][ T6527]  ? __switch_to_asm+0x39/0x70
[  854.200525][ T6527]  ? __switch_to_asm+0x33/0x70
[  854.200551][ T6527]  ? __pfx_kthread+0x10/0x10
[  854.200579][ T6527]  ret_from_fork_asm+0x1a/0x30
[  854.200617][ T6527]  </TASK>
[  854.200628][ T6527] 
[  854.472082][ T6527] Allocated by task 5838:
[  854.476411][ T6527]  kasan_save_track+0x3e/0x80
[  854.481128][ T6527]  __kasan_kmalloc+0x93/0xb0
[  854.485728][ T6527]  __kvmalloc_node_noprof+0x30d/0x5f0
[  854.491103][ T6527]  alloc_netdev_mqs+0xa6/0x11e0
[  854.495981][ T6527]  rtnl_create_link+0x31f/0xd10
[  854.500854][ T6527]  rtnl_newlink_create+0x25c/0xb00
[  854.505989][ T6527]  rtnl_newlink+0x16d6/0x1c70
[  854.510679][ T6527]  rtnetlink_rcv_msg+0x7cf/0xb70
[  854.515624][ T6527]  netlink_rcv_skb+0x208/0x470
[  854.520403][ T6527]  netlink_unicast+0x75b/0x8d0
[  854.525173][ T6527]  netlink_sendmsg+0x805/0xb30
[  854.529944][ T6527]  __sock_sendmsg+0x21c/0x270
[  854.534654][ T6527]  __sys_sendto+0x3bd/0x520
[  854.539165][ T6527]  __x64_sys_sendto+0xde/0x100
[  854.543940][ T6527]  do_syscall_64+0xfa/0x3b0
[  854.548464][ T6527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.554367][ T6527] 
[  854.556688][ T6527] Freed by task 3000:
[  854.560659][ T6527]  kasan_save_track+0x3e/0x80
[  854.565358][ T6527]  kasan_save_free_info+0x46/0x50
[  854.570398][ T6527]  __kasan_slab_free+0x62/0x70
[  854.575164][ T6527]  kfree+0x18e/0x440
[  854.579073][ T6527]  device_release+0x9c/0x1c0
[  854.583692][ T6527]  kobject_put+0x22b/0x480
[  854.588116][ T6527]  netdev_run_todo+0xd2e/0xea0
[  854.592902][ T6527]  default_device_exit_batch+0x81e/0x890
[  854.598545][ T6527]  ops_undo_list+0x525/0x990
[  854.603156][ T6527]  cleanup_net+0x4c5/0x800
[  854.607581][ T6527]  process_scheduled_works+0xae1/0x17b0
[  854.613146][ T6527]  worker_thread+0x8a0/0xda0
[  854.617760][ T6527]  kthread+0x711/0x8a0
[  854.621835][ T6527]  ret_from_fork+0x3fc/0x770
[  854.626441][ T6527]  ret_from_fork_asm+0x1a/0x30
[  854.631223][ T6527] 
[  854.633542][ T6527] The buggy address belongs to the object at ffff88807b8ba000
[  854.633542][ T6527]  which belongs to the cache kmalloc-cg-4k of size 4096
[  854.647882][ T6527] The buggy address is located 744 bytes inside of
[  854.647882][ T6527]  freed 4096-byte region [ffff88807b8ba000, ffff88807b8bb000)
[  854.661788][ T6527] 
[  854.664114][ T6527] The buggy address belongs to the physical page:
[  854.670537][ T6527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b8b8
[  854.679466][ T6527] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  854.688066][ T6527] memcg:ffff888028c37781
[  854.692305][ T6527] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  854.699863][ T6527] page_type: f5(slab)
[  854.703853][ T6527] raw: 00fff00000000040 ffff88801a44b500 ffffea00012d8000 dead000000000002
[  854.712447][ T6527] raw: 0000000000000000 0000000000040004 00000000f5000000 ffff888028c37781
[  854.721040][ T6527] head: 00fff00000000040 ffff88801a44b500 ffffea00012d8000 dead000000000002
[  854.729742][ T6527] head: 0000000000000000 0000000000040004 00000000f5000000 ffff888028c37781
[  854.738517][ T6527] head: 00fff00000000003 ffffea0001ee2e01 00000000ffffffff 00000000ffffffff
[  854.747216][ T6527] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  854.755893][ T6527] page dumped because: kasan: bad access detected
[  854.762320][ T6527] page_owner tracks the page as allocated
[  854.768036][ T6527] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5838, tgid 5838 (syz-executor), ts 100188725865, free_ts 99764936833
[  854.789515][ T6527]  post_alloc_hook+0x240/0x2a0
[  854.794296][ T6527]  get_page_from_freelist+0x21e4/0x22c0
[  854.799858][ T6527]  __alloc_frozen_pages_noprof+0x181/0x370
[  854.805688][ T6527]  alloc_pages_mpol+0x232/0x4a0
[  854.810557][ T6527]  allocate_slab+0x8a/0x3b0
[  854.815072][ T6527]  ___slab_alloc+0xbfc/0x1480
[  854.819753][ T6527]  __kmalloc_noprof+0x305/0x4f0
[  854.824605][ T6527]  __register_sysctl_table+0x72/0x1340
[  854.830093][ T6527]  __addrconf_sysctl_register+0x398/0x530
[  854.835840][ T6527]  addrconf_sysctl_register+0x168/0x1c0
[  854.841405][ T6527]  ipv6_add_dev+0xd46/0x1370
[  854.846004][ T6527]  addrconf_notify+0x794/0x1010
[  854.850878][ T6527]  notifier_call_chain+0x1b6/0x3e0
[  854.856011][ T6527]  register_netdevice+0x1608/0x1ae0
[  854.861221][ T6527]  virt_wifi_newlink+0x428/0x860
[  854.866186][ T6527]  rtnl_newlink_create+0x310/0xb00
[  854.871311][ T6527] page last free pid 5824 tgid 5824 stack trace:
[  854.877639][ T6527]  __free_frozen_pages+0xc71/0xe70
[  854.882763][ T6527]  __slab_free+0x326/0x400
[  854.887190][ T6527]  qlist_free_all+0x97/0x140
[  854.891793][ T6527]  kasan_quarantine_reduce+0x148/0x160
[  854.897616][ T6527]  __kasan_slab_alloc+0x22/0x80
[  854.902471][ T6527]  __kmalloc_cache_noprof+0x1be/0x3d0
[  854.907854][ T6527]  alloc_netdev_mqs+0xc36/0x11e0
[  854.912822][ T6527]  rtnl_create_link+0x31f/0xd10
[  854.917685][ T6527]  rtnl_newlink_create+0x25c/0xb00
[  854.922803][ T6527]  rtnl_newlink+0x16d6/0x1c70
[  854.927483][ T6527]  rtnetlink_rcv_msg+0x7cf/0xb70
[  854.932444][ T6527]  netlink_rcv_skb+0x208/0x470
[  854.937215][ T6527]  netlink_unicast+0x75b/0x8d0
[  854.941979][ T6527]  netlink_sendmsg+0x805/0xb30
[  854.946752][ T6527]  __sock_sendmsg+0x21c/0x270
[  854.951445][ T6527]  __sys_sendto+0x3bd/0x520
[  854.955952][ T6527] 
[  854.958273][ T6527] Memory state around the buggy address:
[  854.963908][ T6527]  ffff88807b8ba180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  854.972087][ T6527]  ffff88807b8ba200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  854.980189][ T6527] >ffff88807b8ba280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  854.988260][ T6527]                                                           ^
[  854.995830][ T6527]  ffff88807b8ba300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  855.003969][ T6527]  ffff88807b8ba380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  855.012201][ T6527] ==================================================================
[  855.054027][   T30] audit: type=1326 audit(1750971453.616:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28090 comm="syz.6.9310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f9798e929 code=0x7ffc0000
[  855.115393][ T6527] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  855.122658][ T6527] CPU: 0 UID: 0 PID: 6527 Comm: kworker/0:12 Not tainted 6.16.0-rc3-syzkaller-00116-ge34a79b96ab9 #0 PREEMPT(full) 
[  855.134839][ T6527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  855.145013][ T6527] Workqueue: events smc_ib_port_event_work
[  855.151009][ T6527] Call Trace:
[  855.154318][ T6527]  <TASK>
[  855.157270][ T6527]  dump_stack_lvl+0x99/0x250
[  855.161936][ T6527]  ? __asan_memcpy+0x40/0x70
[  855.166667][ T6527]  ? __pfx_dump_stack_lvl+0x10/0x10
[  855.171925][ T6527]  ? __pfx__printk+0x10/0x10
[  855.176558][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  855.182266][ T6527]  panic+0x2db/0x790
[  855.186237][ T6527]  ? __pfx_panic+0x10/0x10
[  855.190870][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  855.196536][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  855.202322][ T6527]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  855.208277][ T6527]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  855.214630][ T6527]  ? print_memory_metadata+0x314/0x400
[  855.220111][ T6527]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  855.226149][ T6527]  check_panic_on_warn+0x89/0xb0
[  855.231124][ T6527]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  855.237217][ T6527]  end_report+0x78/0x160
[  855.241469][ T6527]  kasan_report+0x129/0x150
[  855.245990][ T6527]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  855.252058][ T6527]  __ethtool_get_link_ksettings+0x6e/0x190
[  855.258016][ T6527]  ib_get_eth_speed+0x15e/0x7b0
[  855.262910][ T6527]  ? __pfx_ib_get_eth_speed+0x10/0x10
[  855.268301][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  855.273946][ T6527]  ? do_raw_spin_unlock+0x122/0x240
[  855.279171][ T6527]  rxe_query_port+0x93/0x3b0
[  855.283802][ T6527]  ib_query_port+0x170/0x830
[  855.288410][ T6527]  smc_ib_port_event_work+0x15a/0x940
[  855.293807][ T6527]  ? _raw_spin_unlock_irq+0x23/0x50
[  855.299020][ T6527]  ? process_scheduled_works+0x9ef/0x17b0
[  855.304766][ T6527]  ? process_scheduled_works+0x9ef/0x17b0
[  855.310654][ T6527]  process_scheduled_works+0xae1/0x17b0
[  855.316240][ T6527]  ? __pfx_process_scheduled_works+0x10/0x10
[  855.322339][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  855.328011][ T6527]  worker_thread+0x8a0/0xda0
[  855.332669][ T6527]  ? __kthread_parkme+0x7b/0x200
[  855.337636][ T6527]  kthread+0x711/0x8a0
[  855.341719][ T6527]  ? __pfx_worker_thread+0x10/0x10
[  855.346861][ T6527]  ? __pfx_kthread+0x10/0x10
[  855.351557][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  855.357209][ T6527]  ? _raw_spin_unlock_irq+0x23/0x50
[  855.362421][ T6527]  ? srso_alias_return_thunk+0x5/0xfbef5
[  855.368061][ T6527]  ? lockdep_hardirqs_on+0x9c/0x150
[  855.373277][ T6527]  ? __pfx_kthread+0x10/0x10
[  855.377895][ T6527]  ret_from_fork+0x3fc/0x770
[  855.382510][ T6527]  ? __pfx_ret_from_fork+0x10/0x10
[  855.387654][ T6527]  ? __switch_to_asm+0x39/0x70
[  855.392429][ T6527]  ? __switch_to_asm+0x33/0x70
[  855.397203][ T6527]  ? __pfx_kthread+0x10/0x10
[  855.401803][ T6527]  ret_from_fork_asm+0x1a/0x30
[  855.406582][ T6527]  </TASK>
[  855.409871][ T6527] Kernel Offset: disabled
[  855.414206][ T6527] Rebooting in 86400 seconds..