last executing test programs:

13.9332051s ago: executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0x2000acec, &(0x7f00000004c0)=ANY=[@ANYBLOB='iocharset=ascii,discard,codepage=utf8,uid=', @ANYRESHEX=0x0, @ANYBLOB=',dmask=00000000000000000000152,iocharset=iso8859-1,gid=', @ANYRESHEX=0x0, @ANYBLOB=',fmask=00000000000000000000010,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6644c3636e61b96e355e662d643100392d654c63142d33396336343534342c646566636f6e746578743d73797361646d5f752c726f6f74636f6e746578743d73746166665f752c00000400000000000000"], 0x1, 0x14f8, &(0x7f0000002a80)="$eJzs3AuYjlW7OPB1r7WeMaZJb5MchnWv++FNg2WSJIeEHJIkSZKcEpImSRISQ05JQxJynCSHISSHaUxyPp9yTpp80iRJSEhY/0vft7fv27V3+/vv9nZd39y/61qXdXve+37uZ+655n2e97pmvusxsm7zerWaEpH4H4G//pMqhIgVQgwVQlwnhAiEEBUTKiZcPp5fQer/7CTsz/VwxtXugF1NPP+8jeeft/H88zaef97G88/beP55G88/b+P5M5aXbZ9d9HpeeXfx5/95Gb///wvJLTfpq43lbuz5T6Tw/PM2nn/exvPP23j+eRvPP2/j+f/rq/lfHOP55208f8bysqv9+TOv31kx/3fnutrff4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG8oZz/gothPi3/dXuizHGGGOMMcYYY38en+9qd8AYY4wxxhhjjLH/fSCkUEKLQMSIfCJW5Bdx4hoRL64VBcR1IiKuFwniBlFQ3CgKicKiiCgqEkUxUVwYgcIKEqEoIUqKqLhJlBI3iyRRWpQRZYUT5USyuEWUF7eKCuI2UVHcLiqJO0RlUUVUFdXEnaK6uEvUEDVFLXG3qC3qiLqinrhH1Bf3igbiPtFQ3C8aiQdEY/GgaCIeEk3Fw6KZeEQ0F4+KFuIx0VK0Eq1FG9H2/yv/JdFHvCz6in4iVfQXA8QrYqAYJAaLIWKoeFUME6+J4eJ1kSZGiJHiDTFKvClGi7fEGDFWjBNvi/FigpgoJonJYopIF++IqeJdMU28J6aLGWKmmCUyxGwxR7wv5op5Yr74QCwQH4qFYpFYLJaITPGRyBJLRbb4WCwTn4jlYoVYKVaJ1WKNWCvWifVig9goNonNYovYKraJ7eJTsUPsFLvEbrFH7BX7xGdiv/hcHBBfiBzx5T+Zf/Y/5PcEAQIkSNCgIQZiIBZiIQ7iIB7ioQAUgAhEIAESoCAUhEJQCIpAEUiERCgOxQEBgYCgBJSAKEShFJSCJEiCMlAGHDhIhmQoD7dCBagAFaEiVIJKUBmqQBWoBtWgOlSHGlADakEtqA21oS7UhXvgHrgXGkADaAgNoRE0gsbQGJpAE2gKTaEZNIPm0BxaQAtoCS2hNbSGttAW2kE7aA/toSN0hE7QCTpDZ0iBFOgCXaArdIVu0A26Q3foAT2gJ/SCXvASvAQvw8vQD2rL/jAABsBAGAiDYQgMgVdhGLwGr8HrkAYjYCS8AW/AmzAazsAYGAvjYBxUlxNgIkwCklMgHdJhKkyFaTANpsMMmAGzIANmwxyYA3NhHsyDD2ABfAgfwiJYBEsgEzIhC5ZCNmTDMjgLy2EFrIRVsBrWwGpYB+thHWyETbARtsAW2Abb4FP4FHbCTtgNu2Ev7IXP4DP4HD6HNMiBHDgIB+EQHILDcBhyIReOwBE4CkfhGByD43AcTsBJOAUn4TSchjNwFs7BOTgP5+ECvJD4TbO9pTekCXmZllrGyBgZK2NlnIyT8TJeFpAFZERGZIJMkAVlQVlIFpJFZBGZKBNlcVlcokRJMpQlZAkZlVFZSpaSSTJJlpFlpJNOJstkWV6WlxVkBVlR3i4ryTtkZVlFdnDVZDVZXXZ0NWRNWUvWkrVlHVlX1gPvvawvG8gGsqFsKBvJRrKxfFA2kf1hMDwsL0+muRwBLeRIaClbydayjXwTHpft5GhoLzvIjvJJORbGQGfZzqXIZ2QXORG6yufkJHhedpdToId8UfaUvWRv+ZLsI9u7vrKfnA795QA5CwbKQXKwHCLnQh15eWJ15esyTY6QI+Ubcgm8KUfLt+QYOVaOk2/L8XKCnCgnyclyikyX78ip8l05Tb4np8sZcqacJTPkbDlHvi/nynlyvvxALpAfyoVykVwsl8hM+ZHMkktltvxYLpOfyOVyhVwpV8nVco1cK9fJ9XKD3Cg3yc1yi9wqt8nt8lO5Q+6Uu+RuuUfulfvkZ3K//FwekF/IHPmlPCj/Ig/Jr+Rh+bXMld/II/JbeVR+J4/J7+Vx+YM8IU/KU/JHeVr+JM/Is/Kc/Fmel7/IC/KivCS9FAqUVEppFagYlU/FqvwqTl2j4tW1qoC6TkXU9SpB3aAKqhtVIVVYFVFFVaIqpooro1BZRSpUJVRJFVU3qVLqZpWkSqsyqqxyqpxKVreo8upWVUHdpiqq21UldYeqrKqoqqqaulNVV3epGqqmqqXuVrVVHVVX1VP3qPrqXtVA3acaqvtVI/WAaqweVE3UQ6qpelg1U4+o5upR1UI9plqqVqq1aqPaqsdVO/WEaq86qI7qSdVJPaU6q6dVinpGdVHPqq7qOdVNPa+6qxdUD/Wi6ql6qd7qorqkvOqr+qlU1V8NUK+ogWqQGqyGqKHqVTVMvaaGq9dVmhqhRqo31Cj1phqt3lJj1Fg1Tr2txqsJaqKapCarKSpdvaOmqnfVNPWemq5mqJlqlspQs9Xgv1Wa/9/If/d38of/evZtarv6VO1QO9UutVvtUXvVPrVP7Vf71QF1QOWoHHVQHVSH1CF1WB1WuSpXHVFH1FF1VB1Tx9RxdVydUCfVz+pHdVr9pM6os+qs+lmdV+fVhb99DYQGLbXSWgc6RufTsTq/jtPX6Hh9rS6gr9MRfb1O0DfogvpGXUgX1kV0UZ2oi+ni2mjUVpMOdQldUkf1TbqUvlkn6dK6jC6rnS6nk/Ut/0S++N38P+qvrW6r2+l2ur1urzvqjrqT7qQ76846RafoLrqL7qq76m66m+6uu+seuofuqXvq3rq37qP76L66r07VqXqAfkUP1IP0YD1ED9Wv6mF6mB6uh+s0naZH6pF6lB6lR+vReoweo8fpcXq8Hq8n6ol6sp6s03W6nqqn6ml6mp6up+uZeqbO0Bl6jp6j5+q5er6erxfoBXqhXqgX68U6U2fqLJ2ls3W2XqaX6eV6hV6hV+lVeo1eo9fpdXqD3qA36U16i96il+vterveoXfoXXqX3qP36H16n96v9+sD+oDO0Tn6oD6oD+lD+rA+rHN1rj6ij+ij+qg+po/p4/q4PqFP6FP6lD6tT+sz+ow+p8/p8/q8vqAv6Ev60uXbvkAGMtCBDmKCmCA2iA3igrggPogPCgQFgkgQCRKChKBgcGNQKCgcFAmKBolBsaB4YAIMbEBBGJQISgbR4KagVHBzkBSUDsoEZQMXlAuSg1uC8sGtQYXgtqBicHtQKbgjqBxUCaoG1YI7g+rBXUGNoGZQK7g7qB3UCeoG9YJ7gvrBvUGD4L6gYXB/0Ch4IGgcPBg0CR4KmgYPB82CR4LmwaNBi+CxoGXQKmgdtAna/qn1vT9T+AnX1/Qzqaa/GWBeMQPNIDPYDDFDzatmmHnNDDevmzQzwow0b5hR5k0z2rxlxpixZpx524w3E8xEM8lMNlNMunnHTDXvmmnmPTPdzDAzzSyTYWabOeZ9M9fMM/PNB2aB+dAsNIvMYrPEZJqPTJZZarLNx2aZ+cQsNyvMSrPKrDZrzFqzzqw3G8xGs8lsNlvMVrPNbDefGjA7zS6z2+wxe80+85nZbz43B8wXJsd8aQ6av5hD5itz2Hxtcs035oj51hw135lj5ntz3PxgTpiT5pT50Zw2P5kz5qw5Z342580v5oK5aC4Zf/nm/vLbO2rUGIMxGIuxGIdxGI/xWAALYAQjmIAJWBALYiEshEWwCCZiIhbH4ngZIWEJLIFRjGIpLIVJmIRlsAw6dJiMyVgey2MFrIAVsSJWwkpYGStjVayKd+KdeBfehTWxJt6Nd2MdrIP1sB7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsTW2xbbYDtthe2yPHbEjdsJO2Bk7YwqmYBfsgl2xK3bDbtgdu2MP7IE9sSf2xt7YB/tgX+yLqZiKA3AADsSBOBgH41AcisNwGA7H4ZiGaTgSR+IoHIWjcTSOwbE4Dt/G8TgBJ+IknIxTMB3TcSpOxWk4DafjdJyJMzEDM3AOzsG5OBfn43xcgAtwIS7ExbgYMzETszALszEbl+EyXI7LcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Ds/jL3gBL+Il9BhrpYiz19h4e60tYK+zsTa//fu4iC1qE20xW9waW8gW/ocYrbVJtrQtY8taZ8vZZHvLb+LKtoqtaqvZO211e5et8Zu4vr3XNrD32Yb2flvP3vMPcSP7gG1sH7VN7GO2qW1lm9k2trl91Lawj9mWtpVtbdvYTvYp29k+bVPsM7aLffY3cZZdatfbDXaj3WT328/tOfuzPWq/s+ftL/2F7WeH2lftMPuaHW5ft2l2xG/icfZtO95OsBPtJDvZTvlNPNPOshl2tp1j37dz7bzfxJn2I7vAZtuFdpFdbJf8Gl/uKdt+bJfZT+xyu8KutKvsarvGrrXr/r3XVXaL3Wq32X32M7vD7rS77G67x+79Nb58HQfsFzbHfmmP2G/tIfuVPWyP2Vz7za/x5es7Zr+3x+0P9oQ9aU/ZH+1p+5M9Y8/+ev3n7S/2R3vRXrLeCgKSpEhTQDGUj2IpP8XRNRRP11IBuo4idD0l0A1UkG6kQlSYilBRSqRiVJwMIVkiCqkElaQo3USl6GZKotJUhsqSo3KUTLdQebqVKtBtVJFup0p0B1WmKlSVqtGdVJ3uohpUk2rR3VSb6lBdqkf3UH26lxrQfdSQ7qdG9AA1pgepCT1ETelhakaPUHN6lFrQY9SSWlFrakNt6XFqR09Qe+pAHelJ6kRPUWd6mlLoGepCz1JXeo660fPUnV6gHvQi9aRe1Jteoj70MvWlfpRK/WkAvUIDaRANpiE0lF6lYfQaDafXKY1G0Eh6g0bRmzSa3qIxNJbG0ds0nibQRJpEk2kKpdM7NJXepWn0Hk2nGTSTZlEGzaY59D7NpXk0nz6gBfQhLaRFtJiWUCZ9RFm0lLLpY1pGn9ByWkEraRWtpjW0ltbRetpAG2kTbaYttJW20Xb6lHbQTtpFu2kP7aV99Bntp8/pAH1BOfQlHaS/0CH6ig7T15RL39AR+paO0nd0jL6n4/QDnaCTdIp+pNP0E52hs3SOfqbz9AtdoIt0iTyJEEIZqlCHQRgT5gtjw/xhXHhNGB9eGxYIrwsj4fVhQnhDWDC8MSwUFg6LhEXDxLBYWDw0IYY2pDAMS4Qlw2h4U1gqvDlMCkuHZcKyoQvLhcnhLWH58NawQnhbWDG8PawU3hFWDquEj95fLbwzrB7eFdYIa4a1wrvD2mGdsG5YL7wnrB/eGzYI7wsbhveHFcIHwsbhg2GT8KGwafhw2Cx8JGwePhq2CB8LW4atwtZhm7Bt+HjYLnwibB92CDuGT4adwqfCzuHTYUr4TNglfPYPj6eG/cMB4SvhK6H396nF0SXRzOhH0azo0mh29OPosugn0eXRFdGV0VXR1dE10bXRddH10Q3RjdFN0c3RLdGt0W1R7+vlEw6cdMppF7gYl8/Fuvwuzl3j4t21roC7zkXc9S7B3eAKuhtdIVfYFXFFXaIr5oo749BZRy50JVxJF3U3uVLuZpfkSrsyrqxzrpxLdm1cW9fWtXNPuPaug+vonnRPuqfcU+5p97R7xnVxz7qu7jnXzT3vursX3AvuRdfT9XK93Uuuj3vZ9XX9XKpLdQPcADfQDXSD3WA31A11w9wwN9wNd2kuzY10I90oN8qNdqPdGDfGjXPj3Hg33k10E91kN9mlu3Q31U1109w0N91NdzPdTJfhMtwcN8fNdXPdfDffLUha4Ba6hW6xW+wyXabLclku22W7ZW6ZW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrsdbofb5Xa5PW6P2+f2uf1uvzvgDrgcl+MOuoPukDvkDruvXa77xh1x37qj7jt3zH3vjrsf3Al30p1yP7rT7id3xp1159zP7rz7xV1wF90l51165J3I1Mi7kWmR9yLTIzMiMyOzIhmR2ZE5kfcjcyPzIvMjH0QWRD6MLIwsiiyOLIlkRj6KZEWWRrIjH0eWRYQWYkVkZWRVZHVkTcT7YjtCX8KX9FF/ky/lb/ZJvrQv48t658v5ZH+LL+9v9RX8bb6iv91X8nf4yr6Kr+of8y19K9/at/Ft/eO+nX/Ct/cdfEf/pO/kn/Kd/dM+xT/ju/hnfVf/nO/mn/fd/Qu+h3/R9/S9fG//ku/jX/Z9fT+f6vv7Af4VP9AP8oP9ED/Uv+qH+df8cP+6T/Mj/Ej/hh/l3/Sj/Vt+jB/rx/m3/Xg/wU/0k/xkP8Wn+3f8VP+un+bf89P9DD/Tz/IZfraf49/3c/08P99/4Bf4D/1Cv8gv9kt8pv/IZ/mlPtt/7Jf5T/xyv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8dv+p3+F3+l1+t9/j9/p9/jO/33/uD/gvfI7/0h/0f/GH/Ff+sP/a5/pv/BH/rT/qv/PH/Pf+uP/Bn/An/Sn/oz/tf/Jn/Fl/zv/sz/tf/AV/0V/i31ljjDHGGPtvUX9wvP/v/J/827psgBDi2p1Fc/9jzc2F/rofJBM7RYQQz/Tr8fC/rdq1U1NT//ba5UoEJRcJISJX8mPElXiF6CieEimigyj/u/0Nkr3O0x/Uj94uRNzf5cSKK/GV+rf+J/Uff3JcVqXwXMJ/UX+REEklr+TkF1fiK/Ur/Cf1C7f7g/7zf5UuRPu/y4kXV+Ir9ZPFE+JZkfIPr2SMMcYYY4wxxv5qkKza7Y+eny8/nyfqKzn5xJX4j57PGWOMMcYYY4wxdvU936v304+npHToxhve8IY3/7652j+ZGGOMMcYYY3+2Kzf9V7sTxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMs7/q/+HNiV/saGWOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsavt/wUAAP//ht07TQ==")
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x48140, 0x0)
acct(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00')
acct(0x0)

13.168054783s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

12.837578758s ago: executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f00000004c0)={0x0, 0x0, 0x20, 0x0, "cbfea29368cc60a1ff856ae471fe261fdfb44a306ea8d6996bbcb8eb45d73158"})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

12.428873414s ago: executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000180)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10)
r2 = fcntl$dupfd(r0, 0x0, r1)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="10a5"], 0x14}}, 0x0)

4.876985903s ago: executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r1, 0x4068aea3, &(0x7f0000000140)={0xa4, 0x0, 0x1})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x1, 0x0, 0x7, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.44264377s ago: executing program 2:
r0 = syz_open_dev$media(&(0x7f0000000240), 0x9, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000440)={0x0, 0x8, 0x0, &(0x7f0000000500)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4.415081383s ago: executing program 3:
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000049500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe3c, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000000000000000000000000000bb", @ANYRES32=0x41424344], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)

4.327042545s ago: executing program 2:
syz_mount_image$bcachefs(&(0x7f0000005d80), &(0x7f0000000180)='./bus\x00', 0x42, &(0x7f0000000000)=ANY=[], 0x1, 0x5e18, &(0x7f000000dc40)="$eJzs3X+QHNWdGPDumVntSiuJlSybFRJiMbIdccEWKBDjO4eNc3ZsB4wsLIzFcZIMi62zkGT9QIAuQUAOE0xSqoI6CMRXOnA5V6mrBJcuIb5TqmSM8ZWvikJ2/IeP/DIVO3/ER1RniXMkl/dqd7p3p3v7Tc9OzwoZPp+q3dnX++b7vt+e1z3dvbMzEQAAAG8JL/7entc/ccGHv3v/2Kl7P/qnd9wXDdYnlw+kHYaS27veqAyZS2u+dybzyPY3hidv8/Pi/D9b9vrQA9de9/DVH/nelj9fMrpq9dhVXz9y/YMPPP/BXzz/+JPXlo2TzqdLp9vxX8VRtOrHRx5/8Nt/cf7Esnhi/HjoYLRkSbz0m0viXIi1p6Moum0qz+wvj5xad/vE7X1f7s8sPy8XxHx/axtI5tmBzZ99+tgXRr99ZGTXup+evHLnweku8UDLfIqixVta798XRdH85GtCOtuG0zsnt+ujKFrQcr/3l+R1SYf5XxZor0xu5yW3gyVx0t9fnGs3Osyjkbvt7/B+3arNcfy8/PrL74zmSlrn4uT2ueT20lnGqadfcVSLo8ZU+tvj6TkStTxucRRPzu2BqXZtsh1NtaN8O861a7l2vS9X1+S4yYqtx3F2edovtzzdHTeS5Re37qsLbAgsX57cDiQb6s/TdpT/oWlwxg/TdUQteZ04WxMjoBbY9mrRwcnlU+klD8ZgsmwwXjrjPuMF0t+d+M7WTa/98J7nhgJ5xM/GSfw4iuPGrOOPjj117Gs3HV0+HIq/pZbEr3WV/4v1l05/9eTwwmD8Q2n8elfxN/7yJw/df8P+ZcH1cyJdP42u4q9+ZOGBU/s39I+E4h9O4w+0xo87jX/VLauuvvDkvjuD+a9N18/8rvL/waNrztxy6BtHg/GjNP6CruK/8tQzK+vLHzsejH8sXT+DXcW/cd0T13x8xQNPBtf/y2n8RRPxHynq0y7+puMPbtn19AtrgvNzfbp+hrrK//Q133/1zNC1z4T2nfHhs/0MC/Dm8rbkGOuhpN3teWZVLecLT4w0mgcCC5OvRb0cKCeePHe5aPEcDgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAW8Bj1/zHL7a23/V/79x4/D+t2tZI2v2NKIqjKHqt3myny+dFUTw/iqI9e7fu3rttx+dGfmfnvt07tm4f2bp3ZGzH3t13j/y9vzuye2zX9q13T/x27WXrmvdbOhktipbGF87IZXx8fDyKopHWZel4f/ixZ///xif/+jNRtPbt31/VCNbzvv/26oeXFXzPiUfH1/+bKx+9Z97/Pq+5YCjJayiU11B2WZrB4OjLf/mh5344kdc72uX1+Euf/n+ZhCYXTMdJ1Pqj2uQP/fGCwjymsp7OZ3J9NW7ftn1sbfn6jQPr9z0v/MnJ/3DXxn/ZXL8DwTo6XL8Ta7Ux/vDP7n/PwQ+NfeAcftzL1ndLCZP5petvIFnfi5O6FgfqqgXqunPklRP/6t//l68ejNY2fnbRzLHL6upLJkBfvLyjcdMRFsRLMn0Hkv7pI57e731779j1vj1333PZtju2fm7sc2M71q278urL111+xdXr3jdZevN7z+pPx39Ph/UvTCItjFcUrrf80nTciya/16Mk7fSm5Yfmzi3VFw02b3PrOe2er3ow+d1gvHRGTuMF0t+d+M7WTa/98J7nQlte/GxzxPnRouZtvDLQc3vujvWphIvGPzvb5c7fH9iefu9suyzLq2xeTeRVPq9aM2qzH3vpkod+9vSX/vXNHewvWrpO5pfmuWBic7k8atluZ66roro6eHxGi9bDrZft/pO7t206VLY/b31kWr/nxKPj/2tlfN2+PX+5u7ngrDxftibU5fPlVNbT+Uyur4Hk8ThX129/VE/qGizMa0P89Affc8fRX5vKb9686K6te/fuvrz5fS7rev3M3NX1o3nnLdt234oLZ9R1RfN72X7/oly7dL9fKwxTut/PjzPdvzjeSK49GNW7ep7Y+MufPHT/DfuXBZ8nTnT6PPG7mVa94vNELbC9P/zXXxl5/eZPvV62nVy/Z8W9ywq+58sbHf/GH//65R/49A0faS44K/uh1oS63A9NZZ3kk66vyf3QFedOHW/c45zZEOPR8Yu+/u4bz5z64iebC8rW71TvovW7rnw/Xw/UdXPfO5c8+tMV7+zd/N2z+W8uee+ChefY/B1I1u9AYP1OZZ3kU29dv++9def225rtc/e4ram/5Pwnfd7Zc/c9X9i6ffvY7j2d1dXp82k6Tn4td/t8mj57LC2pK328puuaux86WV+dbm9p/rflYnS7vQGkpp8X5mWW5/ef6XW/VYujje/90rdeikeaz5e9ut6ajnNB7om5i+ut0Q0T50cl50nvzLWz50mNqKXuppnnSZN3KTtPyo9Tdp50Sa5dfh7zUGElocevL3nmLbpumsu3MREhND+Gk/jDSTs93lz13ujK+nPv+lg82tn86PR4Oh3n7+RWULfH02XzY3VUnFev58e7c3cqf7wPFWY2EHg8yh7v1ZlA4+NVz8uHAlmn5+WDUdxV/NGxp4597aajy4Pxt9SS+LWu4r9Yf+n0V08OLwzGP5TGb3QVf/UjCw+c2r+hPxj/cLp+BrqKf9Utq66+8OS+O4Px16b5z+8q/g8eXXPmlkPfOBqMH6XxB7uKf+O6J675+IoHngzGfzlOxpnYdqPoyKl1tzfbcdSXzP80j75MXlG+HefatVy73tqupX8OSQaox3F2edovtzyto5Esv7glxyIbA8vTrXYg2bB/nraj/A/tl6e7pzSvE4Hnn7Ol1nLsUbS87Ppkr7z24+E/bG2nf/9P50B/o/nYXZFbX2XPH/m9dxoveB02cAmj7Hhh5t/fFnS1/b3y1DMr68sfOx68rvqjTq+r7sq0FhRcV41bcqmab3B/cSzdn1bbHw2H4r+cxq/2fBCMnzwflM2zd+XapfOsr3i8snmWP04ZjBZ1Vfem4w9u2fX0C2uC82x9c4Mvn2ePZVqLSq7fV/y7dBzaXaZ/l666PoLzeH1vjmuC8yw5rimbZ5fm2tXnWfZ49Lrk9q5c/8HkCvFs6z59zfdfPTN07TPBeXa403n2R5nWUOk8q3Z8G3ycpo5v5/r4/Ff7+PMNOz5M/pw7V8eHGwLLZ3t8ODjjh+k6ol/F48PAfgYA2vnuw3f/n9Z2ev6fPnen5//fyt2v6nll/vVQqU7PK6Oh4vjpeWUw/uHenK8Ej1OnzleqvQ44eJz3bLfXkZsHQp0fZ8/t+dZb5Dh+qpn+rvQ4Pjnom/vrQnN7Xuk8JGlH+R+aSs9DGtOFvpGchwAAvLlc/G+/8put7fT8f+p1b8n//7+QtnP3P/fOc5veOue51f7+Xn6dpGfn0Zmpc/Zej3Vuv76i/DrYXF+nch3gnL4OkNz6eyQAAL2w+fbdY2N7dm29dWzzth3b9k4t75s8c5r5OtW/n9yuz8Upe/10Uf8Fbfp/Mhg/m8/7p/r/sjhQTmPyNa9R9NlbP3/F5tvG7pxt/e8vza/zetrVnz+/CNV/daB/SNX6Q+OV1V/Uv139NwTjZ/P5QKB/SNX6Q+OV1V/Uv139nwrGz+bz64H+IVXrD41XVn9R/zb1z/hvoFD9v5Hchv5/rChwlfpD45XVX9S/3eN/YzB+Np8PBvqHVK0/NF5Z/UX929X/6WD8bD7/INA/pGr9ofHK6i/q367+m4Lxs/lcE+gfEqp//N5Qfp2NV1Z/Uf929X8mGD+bz2igf0jVxz80Xln9Rf3b1b8pGD+bzz8M9A+pWn9ovLL6i/q3q//mYPxsPh8K9A+pWn9ovLL6i/q3q/+3gvGz+fyjQP+QqvWHxiurv6h/u/pvCcbP5vObgf4hVesPjVdWf1H/dvX/djB+Np8PB/qHVK0/NF5Z/UX929W/ORg/m89HAv1DqtYfGq+s/qL+7erfEoyfzecfB/qHVK0/NF5Z/UX929W/NRg/m89HA/1DqtYfGq+s/qL+7er/bDB+Np+PBfqHVK0/NF5Z/UX929V/azB+Np+PB/qHVK0/NF5Z/UX929Wff7/DUP3/JNA/pGr9ofHK6i/q367+sWD8bD7XBvqHVK0/O978gvw6r6dd/bcX9I8K8rku0D+kav2h8crqL+rfrv7PBeNn8/lEoH/IjPrTFzV0WH9ovLL6i/q3q//zwfjZfK4P9A+p+viHxiurP9O/Vl7/tmD8bD7rA/1DqtYfGq+s/oL+/e36/04wfjafTwb6h1StPzReWf1F/ds9/l8Ixs/msyHQP6Rq/aHxyuov6t+u/u3B+Nl8bgj0D6laf2i8svqL+rer/45g/Gw+nwr0D6laf2i8svqL+rerf0cwfjafjYH+IVXrD41XVn9R/3b17wzGz+ZzY6B/SNX6Q+Ml+cWh/9cs6t+u/l3F8Wfk8+lA/5Cq9YfGK3v8i/q3q/+LwfjZfG4K9A/ppv7RDsYrq7+of7v6dwfjZ+v/TKB/SNXHPzReWf1F/dvVvycYP5vPpkD/Vq2v+65af2i8svqL+rerf28wfjafmwP9Q6rWHxqvrP6i/u3q3xeMn83ntwL9Q6rWHxqvrP6i/u3qvzMYP5vPLYH+IVXrD41XVn9R/3b17w/Gz+bz24H+IVXrD41XVn9R/3b1598HMlT/5kD/kKn69+4eG9u8b9dtW/eObd6x87axPZv37962d+9YcqBW9f/Kwv8X9Ab/IwttZbaP5iTZtmPP2O7mljH9zz190fy287d1TkST//bUvFY6EL+jo/75t73udtacK/O9L2q0XV8X5NrnJS+BOy/wfrT5/mnYFZM/zHw/2vywjZL3cS3bP+XHD+2f4jb9i/avof1Z2fPfrPd/hfO7dbyBtvXnF/cn/9jXH7+9o/5Rm89362y+Vvu/0+B8fbmz+Zp/3/Wy+ZrvP9v5OlhxvubHD82nWpv+7Y6HOp2vmwL9U53PzzhYb9G8mu3nDKZhZ/U5g7lvM3TxWQadbw/V/o88uD0kSZdtD/n/4y7bHvL9Z7s9zK+4PeTHL9seivrnt4f+NvO77PpV749fq71vQXA+rO1sPuQ/x6psPuT7z3Y+DFScD/nxy+ZDUf921ws7nQ+fCvTvVOfzo9r7igTnx5bO5kf+8yTK5ke+/2znR1xxfuTHL5sfRf3b/T2l0/nxyUD/VOb58/Y9kyf127Zu33ZP7gUYQ8nz5xv9fNjx8/IfVMjjb37jRz9vfkvyqM3Io+x4Is6tjyVJJktCn3sYWH+3/td/t/Fbv/jSV6Jo7dvrK8N5T6c8/S0nHh1feu/qr930juMfmsi/1jb/qZ7p5xaXfN5xvn9aT2P7zj17f+32nft2dPqKq/bS90OpTbXn6P1QkoX1Dt/fJPT/BLN9f5O+GT+cmzp+fxOAN4nzDj+7qLWdvv9f+nw0nOz75ic7wHR558fZ1d5fL3icfaiz4+w1+XpLjrPz/dN6Oz3OrlU8zs6PX3acXdS/3ev2Oj3O/kSg/2xl58nEBJmcH2Ob9+/c3fqauLn+3Nre5zu3n+NbPb+5/fyDbnWe/9y+L+Tc5z+3nwM89/nP7ec8d+usnS8lLxoqe//IsvOo0P+lz/Y8at6MH85NzqMA4Nz3L3b/+A9a2+n5f3IWO3X+/+WkXe/x+HN9HjXX55VzfZx8jnyOXdfnWXN9HuR8oM1g5wDnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADF/uh//Odvtrb7G8OTty/+3p7XP3HBh797/9ipez/6p3fcd/6fLXt96IFrr3v46o98b8ufLxldtXrsqq8fuf7BB57/4C+ef/zJa0sHGmreXJo0B6Io/qs4ilb9+MjjD377L86fWBZPjB8PHYyWLImXfnNJnIuw9nQURbdN5Zn95ZFT626fuL3vy/2Z5eflguTrigbraT6ZPKO7SiviV9BAMs8ObP7s08e+MPrtIyO71v305JU7D053iQda5lMULd7Sev++KIrmJ18T0tk2nN45uV0fRdGClvu9vySvSzrM/7JAe2VyOy+5HSyJk/7+4ly70WEejdxtf4f361ZtjuPn5ddffmc0V9I6Fye3zyW3l84yTj39iqNaHDWm0t8eT8+RqOVxi6N4cm4PTLVrk+1oqh3l23GuXcu16325uibHTVZsPY6zy9N+ueXp7riRLL+4dV9dYENg+fLkdiDZUH+etqP8D02DM36YriNqyevE2ZoYAbXAtpcun0oveTAGk2WD8dIZ9xkvkP7uxHe2bnrth/c8NxTII342TuLHXcUfHXvq2NduOrp8OBR/Sy2JX+sq/ov1l05/9eTwwmD8Q2n8elfxN/7yJw/df8P+ZcH1cyJdP42u4q9+ZOGBU/s39I+E4h9O4w90Ff+qW1ZdfeHJfXcG81+brp/5XcX/waNrztxy6BtHg/GjNP6CruK/8tQzK+vLHzsejH8sXT+DXcW/cd0T13x8xQNPBtf/y2n8RV3F33T8wS27nn5hTXB+rk/Xz1BX8U9f8/1Xzwxd+0xo3xkfPtvPsABvLm9LjrEeStrdnmdW1XK+8MRIo3nMtzD5WtTLgXLilnMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI2Tle39fafvXow9d//n9u/u+NOIriwH3GC6S/q88bHR3pIo/Vjyw8cGr/hv60PTH2cBdxAAAAgJlWvPKlL7a20/PwWtKOo4FoONofz49WFN4/vUawIm3F2eX5awjzp3v2JE6tR3HqPYrT6FGcvh7FmdejOP09ijNQEmcg6izO/LZxah3ns6BHcQZ7FGdhj+Is6lGcxT2Kc16P4gy1jdP5PFzSozhLexTnbT2Ks6xHcd7eozjv6FGc83sUJ39NebbzcFHS84JQnMkf6qVxGnF96hdF19PTcS6sOM5gh+Pkr9nPdpz5HY5zScVxBjoc590VxznY4ThrcverzXKcWsk46by9K1RP2upw/t/dozj39CjOgR7F+d0exfmngTjRLOP8sx7lc2/FOAAhv//8pX/c2k7P/9PzzzgaivobV0QLkj1O/ipAer570eT3mc93oR1SGm9lbnlfWbz8CXYu3kWzzS9/ASEX751t4zVmnK8WxGu0xlvdo3gAAAAwG//89IHMn+Zmnv8PR/2NZVPnr+/K3b/0fD3/h+xEGu/SHsUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4G/ZtdcYueq2AOD/szM7My68bxfS9p3S26atFELohaZGUGHSRBKMsEVsuTRkrbCwDUsL3RZo1RTB2GYTDFq8cPtgQWIIEUhIGnBNMKDEDzY2iOHiurAS+EIE6Q0oOmZ25797Znamu4zSUt/fL+Scec55nv/zP+cDyXO2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADww/cvf/yfb6bj0aHB7r6RnuGQhMp/DZUbiPcyuVKpq4V9fPHW5lv+473dB2Nc6Z3PtrAQAAAAMMVLV867KB3HOTyO3kkohHx2dcgnuZq6YvU7QLEat3WOnxetCGszB3/2mqTUNhafn5xXU1eo1hWqcaZaN7Br912b+/t7t3+PPyp96p+jfj9JCGOfLxb9OGxYsfeNQ0nX+HN0TPMcbdW6lTvuvmflwK7dl265e/OdvXf2bl2zZu3lq9esvuzyNSvv2NLfu2r8GPLTrBdCKNW+l5r05KvJTy4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDa7PmHg7+XjkeHBrv7RnqGO5IQkiY15QbivUyuVOpqYR8fPPnMgsy8xw7HuNI7n21hIQAAAGCKv31p3lXpOM7hcfROQiHks7mQCfPG4iWTqdkQyuV4fVnd9dOxdwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PQ6crz739Lx6NBgd99Iz/A5SQhJk5pyA/FeJlcqdbWwj41r/uyqX5n/8BMxrvQutrAOAAAAMNU7F7U/nI7jHN5WjZNQCMWwNLQn82rq4reBC+rWq8+L6yycYV79t4NmeUtnmHfhDPMunibvuur5gQAAAABnn5s7/3FjOo7zf3s1TkJnyGeLIVONp5vj43eBxXV5sX66+T7WL2lSP93cH+vr534AAAD4aXbppy9/m46nzv/FkM8WJubv6f6efm317O/kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAzf3f8mr9Ox6NDg919Iz3DmSSEpElNuYF4L5Mrlbpa2MeG//5k30M33D87xpXe+WwLCwEAAABTvJD7+fvTcZzD4+idhELIZztCezhnbO7/KDdr9pbfnb8whFAaS8jlwgObd+zYftn4Meb9WnLgl5bfPXTJlLzV48fT/6QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/1prn929Kx6NDg919Iz3DP5OEkDSpKTcQ72VypVJXC/t4Z//FJ2999NWhGFd6F1tYBwAAAJhqQf/r/56O4xweZ/8kFEIx5EIuzB2L07N+RVvdes2+GQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/fwzs2n3X5v7+3u1++OHHafqR+2Fs45Q/zvT/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDPlta1/9Hk6Hh0a7O4b6RkuJCEkTWrKDcR7mVyp1NXCPn7u1kWXLzy6874YV3oXW1gHAAAAmGrTZzuPpuM4h8fZPwmFUAztoT3MqcZTjc3/nadjtwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJm0OCSh/B39ZP2Z3jUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwfTj27oYn0/Ho0GB330jP8I+SEJImNeUG4r1MrlTqamEftxz+/d+458CbF8e40jufbWEhAAAAYIr2T9/9zXQc5/A4eiehEPLZBSEfFlSv9NcukGRiYsPvApN1v11Tlplx3b66HY/vrFD9DlGY2GcY++wwWffoKeuK1attnTN7TwAAAHA2m7Pvut9Jx3H+b6/GSegM+eyc1Fx9T019x4zn+Mdq6n4047q/rKnrnKbu/+CVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtemT9Wz9Jx6NDg919Iz3DSRJC0qSm3EC8l8mVSl0t7KPU++Trz900NC/Gld7FFtYBAAAAprrhk8IfpuM4h8fZPwmFUAwLw4/DwrG5P3TW1se8c0r/9P66g+/dHMKquW8vyjbt96eHbvw8nPjFj74aP4yFIbTVJrWFMKvaL2nS77Z/fn7DG9/ufTqEVXMyC5r3m2w1eaiTlMrn71n23E1zD69rugwAAACc1QrPHPuLdBzn/zhRJ6Ez5LNbm87/Me87zf/dA/P3zK4eq18AJipeGzu2dVb7tTXpN/jl013HN/368cr8//aiwsS/FbhoaW1+ulX6WPfNISmVF7984caTx+69fvxC7J+p6b9pov+m9iXn7f9s/pLYv1C9fnuYaf9Q13+g58TSFR3nXl3bP4TQ1ej5//yal77e8MSXN4/3b/6+V/7r6C/PDtv+pNAfj+NXpvZf/9Ta/btzH8+q7Z806b/8zVeOvvjAhkfqn/+CbKP+U491Kl2z5cEjDy1/cF3vFan+bU3639f1wRd/8Fd/82yl/5HFHRP9l5/i+aftf2jpviMH9j6+qfb9lxr1v+3S7a/s2nLLo/XP31G3cPrNp49T3/+HC5Jrdw68v73+FgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNmt58VvTqTj0aHB7r6RnuG2JISkSU25gXgvkyuVulrYx99nDn3z7NHiuTGu9C62sA4AAAAw1fXrPrwzHcc5PM7+SSiEYsiFXOgYm/vP37PsuZvmHl4XOqv3q+ds/7aBHZfcsW3n1tsr0el+DAAAAOAUDlz59bp0HOf/OMEnoTPks8tCe3X+X//U2v27cx/PivN/CGHsz/3ZO7b0964KE98JBnpOLF3Rce7VMS9TPRcqeStu29Z/+3gc1331hV9YfcWNN0zkt6XzL5vMW/zyhRtPHrv3+oZ5aybzPlyQXLtz4P3tqX2WJvJWT+YNHnlo+YPreq+Iz5FUz4Xq88S8Q0v3HTmw9/FNMa+teu6orgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhHDeV//1W+l4dGiwu2+kZzhkQkia1JQbiPcyuVKpq4V9fHPV26MnO3/1mRhXeuezLSwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/sAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYWdegmNqwrjAH7OnamZdkpNSsFEamixGwtCoVjsQsjGx6I+qIgPKEYxblQURCt2YR9YRF0UFAp2IyqulVkUtYtYaBQFQcGFuHKhK5UskiJVVGZyzmTm1svECxEpvx8MZ75z5/7nO2fOHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+1B3+4vTlYjzUne+NCd/baW784Prf80h0fP3Xsmk+2XRw/ceDOV/ff9s3s5xMz07vm9n3YufvkifO3/HH+9FsHRn7RCyvD7lS2Qoi/xBCmf+ycPnnhy6I7F7vfH8ePhomJuPXTiVhK2HMphPBYv8/hi53lvY93x2OvjQ3NX10KWXj52Yt3DawrtBu5nxXjw/1yZWmlc3bk4UffmX9i5kJnxzN7f1666emjqx+JrYHzFMKW2cH7N4QQNqZXVz5tk/nmNN4TQtg0cN/NI/q6fo393zi8lL7tabwqje0ROfn6zlLdXGMfzdI4tsb76irWOb+svH/lP6P1kte5JY1n07j7X+Y08iuGIoZmv/0n4+oZCQO/Wwyxd7Zb/bro1aFfh3IdS3VRqhsbSuvqfW/a2EaMw/P5c6X5/HfcTPM7ywe/5GDF/FQaW+lB/S3XofxmRfuyN6vrCAN9Lf5XB6NCUfHs5fl+e+nHaKe5dtx62T1//YN8bfGzRx769bsXz45X9BE/iCk/jsi/f6jK12bmzsy//8C5qcmq/Nki5Re1+l9ofHXpvaXJzZX5p3J+o1b+fX/+9Mrxew9vq9yfxbw/zVr5u17ffGT58MGxHVX5b+f8Vq38fYem91+39Nzzlf3vyfuzsVb+t2/c8PuhUx+dq8wPOX9Trfzvz7y7vTH15teV+fN5f9p18vNj9Df7dWyCQAyFAZgDSwMBF7B1ChewsLZyBKcQRxAr0VUcQHEDx9DGwgRESBMl4PF9cMU1L+ER8vLviv0/5/qhav+Ly3q5OpwmxfM5z/2JVfXv0+vtEWfH0t3Z7VtPWIB+GaU31ib91+bMb73lhe148Bpgw/SFXy70oWuWlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgnzwAAAP//hm9SzQ==")
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000400)='./file2\x00', 0xc3804, &(0x7f00000001c0)=ANY=[@ANYBLOB='errors=continue,iocharset=iso8859e=00000000000000000000005,iocharset=koi8-r,uid=\x00'/93, @ANYRESHEX=0x0, @ANYBLOB=',errors=remount-ro,iocharset=maciceland,errors=remount-ro,discard,discard,\x00'], 0x5, 0x1518, &(0x7f0000002280)="$eJzs3AuYjVX7MPD7Xms9Y0jaTXIY1lr3wyaHZZIkhyQ5JEmSJDklJE3ySl4khpCkIQnJYUgOQ0gOE5PG+Xw+JknSJElITsn6rgmft7f63n/f2//1v/5z/67rufa693rWetba97Nnr+fZM/Nt16G1mtSu3oiI4N+CFx+SACAWAAYCwHUAEABA+bjycVn1OSUm/XsHYX+th1Ov9gjY1cT5z944/9kb5z974/xnb5z/7I3zn71x/rM3zj9j2dnm6QWv5y37bnz/Pzvjz///RTLLjP1ybZkbu/2JJpz/7I3z/79W8F/ZifOfvXH+szfOf/bG+c8OcvxhDec/u7p4TnD+GcvOrvb9Z96u7na1zz/GGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY9nDGX+FAoDL5as9LsYYY4wxxhhjjP11fI6rPQLGGGOMMcYYY4z990MQIEFBADGQA2IhJ+QCAQDXQh64DiJwPcTBDZAXboR8kB8KQEGIh0JQGDQYsEAQQhEoClEoBsXhJigBJaEUlAYHZSABboaycAuUg1uhPNwGFeB2qAiVoDJUgTugKtwJ1eAuqA53Qw2oCbWgNtwDdeBeqAv3QT24H+rDA9AAHoSG8BA0goehMTwCTeBRaAqPQTNoDi2gJbT6/2r/AvSEF6EX9IYk6AN94SXoB/3/7ysyCF6FwfAaJMMQGAqvwzB4A4bDmzACRsIoeAtGw9swBsbCOBgPKTABJsI7MAnehckwBabCNEiF6TAD3oOZMAtmw/swBz6AuTAP5sMCSIMPYSEsgnT4CBbDx5ABS2ApLIPlsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg+2wA3bCLtgNn8Ae+BT2wmewDz7/k+1P/1P7bggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYF/NiPsyHBbAAxmM8FsbCaNAgIWERLIJRjGJxLI4lsASWwlLo0GECJmBZvAXLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oP3YB+si3WxHtbD+lj/8u0pbISNsDE2xibYBJtiU2yGzbAFtsBW2ApbY2tsg22wHbbD9tgeO2AHTMRE7IgdsRN2ws7YGbtgF+yKXbEbdsfu+EIOwBfxReyNNUQf7It9sR8m5xiAL+PL+AoOwlfxVXwNk3EIDsXX8XV8A4fjKRyBI3EUjsKqvjcAjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsL3cQ5+gB/gPJyHCzAN03AhLsJ0TMfFeBozcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/BT/FTTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyJJ/EUnsYzeAbP4Tk8j8/Hf914V8k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFcVFclBAlRClRSjjhRIJIEGVFWVFOlBPlxW2igrhdVBSVRFtXRVQRVUU7V03cJaqL6qKGqClqidqitqgj6oi6oq6oJ+qJ+qK+aCAeFA1FHxyAD4uszDQRQ7CpGIrNRHMhL71fW4vh2Ea0Fe3Ek2IkjsAOorVLFM+IjmIMdhJ/E2PxOdFFjMeu4u+im+gueogXRE/RxvUSvcVk7CP6imnYT/QXA8TLYibWFO/jnJy1xGsiWQwRQ8XrYgG+IYaLN8UIMVKMEm+J0eJtMUaMFePEeJEiJoiJ4h0xSbwrJospYqqYJlLFdDFDvCdmillitnhfzBEfiLlinpgvFog08aFYKBaJdPGRWCw+FhliiVgqlonlYoVYKVaJ1WKNWCvWifVig9goNonNYovYKraJ7WKH2Cl2id3iE7FHfCr2is/EPvG52C++EAfEl+Kg+Epkiq/FIfGNOCy+FUfEd+Ko+F4cE8fFCfGDOCl+FKfEaXFGnBXnxE/ivPhZXBBegEQppJRKBjJG5pCxMqfMJa+RuWVw6dW9XsbJG2ReeaPMJ/PLArKgjJeFZGGppZFWkgxlEVlURmUxWVzeJEvIkrKULC2dLCMT5M2yrLxFlpO3yvLyNllB3i4rykqysqwi75BV5Z0SIhePUUPWlLVkbXmPrCPvlXXlfbKevF/Wlw/IBvJB2VA+JBvJh2Vj+YhsIh+VTeVjsplsLlvIlrKVfFy2lk/INrKtbCeflO3lU7KDfFomymdkR+kvnSLPyS7yedlV/l12k91lD/mzvCC97CV7S4A+sq98SfaT/eUA+bIcKF+Rg+SrcrB8TSbLIXKofF0Ok2/I4fJNOUKOlKPkW3K0fFuOkWPlODlepsgJcqJ8R06S78rJcoqcKqfJVDldDrjU02wp/2X7d36n/eBfjr5JbpZb5Fa5TW6XO+ROuUvulrvlHrlH7pV75T65T+6X++UBeUAelAdlpsyUh+QheVgelkfkEXlUHpXH5HF5Vv4gT8of5Sl5Wp6WZ+U5eU6ev/QagEIllFRKBSpG5VCxKqfKpa5RudW1Ko+6TkXU9SpO3aDyqhtVPpVfFVAFVbwqpAorrYyyilSoiqiiKqqK4aUTRpVSpZVTZVSCuvnPtFfF1U2qhCr5q/aXx6f/YHytVCvVWrVWbVQb1U61U+1Ve9VBdVCJKlF1VB1VJ9VJdVadVRfVRXVVXVU31U31UD1UT9VT9VK9VJJKUn3VS6qf6q8GqJfVQPWKGqQGqcFqsEpWyWqoGqqGqWFquBquRqgRapQapUar0WqMGqPGqXEqRaWoiWqimqQmqclqspqqpqpUlapmqBlqppqpZqvZao6ao+aquWq+mq/SVJpaqBaqdJWuFqvFKkMtUUvUMrVMrVAr1Cq1Sq1Ra9Q6tU5tUBtUhtqsNqutaqvarrarnWqn2q12qz1qj9qr9qp9ap/ar/arA+qAOqgOqkyVqQ6pQ+qwOqyOqCPqqDqqjqlj6oQ6oU6qk+qUOqXOqDPqnDqnzqvz6oK6kLXsC0QgAhWoICaICWKD2CBXkCvIHeQO8gR5gkgQCeKCuCBvcGOQL8gfFAgKBvFBoaBwoAMT2EBcSno0KBYUD24KSgQlg1JB6cAFZYKE4OagbHBLUC64NSgf3BZUCG4PKgaVgspBleCOoGpwZ1AtuCuoHtwd1AhqBrWC2sE9QZ3g3qBucF9QL7g/qB88EDQIHgwaBg8FjYKHg8bBI0GT4NGgafBY0CxoHrQIWgat/tL+vT+V/wnXS/fWSbqP7qtf0v10fz1Av6wH6lf0IP2qHqxf08l6iB6qX9fD9Bt6uH5Tj9Aj9Sj9lh6t39Zj9Fg9To/XKXqCnqjf0ZP0u3qynqKn6mk6VU/XM/R7eqaepWfr9/Uc/YGeq+fp+XqBTtMf6oV6kU7XH+nF+mOdoZfopXqZXq5X6JV6lV6t1+i1ep1erzfojXqT3qy36K16m96ud+idepferT/Re/Sneq/+TO/Tn+v9+gt9QH+pD+qvdKb+Wh/S3+jD+lt9RH+nj+rv9TF9XJ/QP+iT+kd9Sp/WZ/RZfU7/pM/rn/UF7bMW91kf70YZZWJMjIk1sSaXyWVym9wmj8ljIiZi4kycyWvymnwmnylgCph4E28Km8ImCxkyRUwREzVRU9wUNyVMCVPKlDLOOJNgEkxZU9aUM+VMeVPeVDAVTEVT0VQ2lc0d5g5zp7nT3GXuMnebu01NU9PUNrVNHVPH1DV1TT1Tz9Q39U0D08A0NA1NI9PINDaNTRPTxDQ1TU0z08y0MC1MK9PKtDatTRvTxrQz7Ux70950MB1Mokk0HU1H08l0Mp1NZ9PFdDFdTVfTzXQzPUwP09P0NL1ML5Nkkkxf09f0M/3MADPADDQDzSAzyAw2g02ySTZDzVAzzAwzw81wM8KMNKOyFqrmbTPGjDXjzHiTYlLMRDPRTDKTzGQz2Uw13qSaVDPDzDAzzUwz28w2c8wcM9fMNfPNfJNm0sxCs9Ckm3Sz2Cw2GSbDLDVLzXKz3Kw0K81qs9qsNWvNelhvNpqNZrPZbLaarWa72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloMk2mOWQOmcPmsDlijpij5qg5Zo6ZE+aEOWlOmlPmlDljzphzJv+lz0tvYm1Om8teY3Pba20ee53957iALWjjbSFb2Gqbz+b/VWystSVsSVvKlrbOlrEJ9ubfxBVtJVvZVrF32Kr2TlvtN3Ede6+ta++z9ez9tra951dxffuAbWAftQ0RAWxz29i2tE3so7apfcw2s81tC9vStrdP2Q72aZton7Ed7bO/iRfaRXa1XWPX2nV2j/3UnrFn7WH7rT1nf7K9bG870L5iB9lX7WD7mk22Q34Tj7Jv2dH2bTvGjrXj7PjfxFPtNJtqp9sZ9j070876TZxmP7RzbLqda+fZ+XbBL3HWmNLtR3ax/dhm2CV2qV1ml9sVdqVddXmsl7+tt7vtJ3ar3Wa32x12p931S5w1j732M7vPfm4P2W/sAfulPWiP2Ez79S9x1vyO2O/sUfu9PWaP2xP2B3vS/mhP2dO/zD9r7j/Yn+0F6y0QEpAkRQHFUA6KpZyUi66h3HQt5aHrKELXUxzdQHnpRspH+akAFaR4KkSFSZMhS0QhFaGiFKVidHmdXopKk6MylEA3U1m6hcrRrVSebqMKdDtVpEpUmarQHVSV7qRqdBdVp7upBtWkWlSb7qE6dC/VpfuoHt1P9ekBakAPUkN6iBrRw9SYHqEm9Cg1pceoGTWnFtSSWtHj1JqeoDbUltrRk9SenqIO9DQl0jPUkZ6lTvQ36kzPURd6nrrS36kbdace9AL1pBepF/WmJOpDfekl6kf9aQC9TAPpFRpEr9Jgeo2SaQgNpddpGL1Bw+lNGkEjaRS9RaPpbRpDY2kcjacUmkAT6R2aRO/SZJpCU2kapdJ0mkHv0UyaRbPpfZpDH9BcmkfzaQGl0Ye0kBZROn1Ei+ljyqAltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lbbRdtpBO2kX7aZPaA99SnvpM9pHn9N++oIO0Jd0kL6iTPqaDtE3dJi+pSP0ne9N39MxOk4n6Ac6ST/SKTpNZ+gsnaOf6Dz9TBfIE4QYilCGKgzCmDBHGBvmDHOF14S5w2vDPOF1YSS8PowLbwjzhjeG+cL8YYGwYBgfFgoLhzo0oQ0pDMMiYdEwGhYLi4c3hSXCkmGpsHTowjJhQnhzWDa8JSwX3hqWD28LK4S3hxXDSuGj91cJ7wirhneG1cK7wurh3WGNsGZYK6wd3hPWCe8N64b3hfXC+8Ny4QNhg/DBsGH4UNgofDhsHD4SNgkfDZuGj4XNwuZhi7Bl2Cp8PGwdPhG2CduG7cInw/bhU2GH8OkwMXwm7Bg++0v9A4v+uD4p7BP2DV8KXwq9v0/Ojy6IpkU/jC6MLoqmRz+KLo5+HM2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel87Bzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qKumCvubnIlXElXypV2zpVxCa6la+VaudbuCdfGtXXt3JPuSfeUe8o97Z52z7iO7lnXyf3NdXbPuS7ueRUD4Lq57q6He8H1dBPyXHxPJrm+rq/r5/q5AW6AG+gGukFukBvsBrtkl+yGuqFumBvmhrvhboTLCQCj3Gg32o1xY9w4N86luBQ30U10k9wkN9lNdlPdVJfqUt0MN8PNdDNd1VkXjzLXzXXz3XyX5tLcQpe1Zkx3i91il+Ey3FK31C13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdTrfT7Xa73R5/3cVO3T633+13B9wBd9B95TLd1+6Q+8Yddt+6I+47d9R974654+6E+8GddD+6U+60O+POunPuJ3fe/ewuOO9SIhMiEyPvRCZF3o1MjkyJTI1Mi6RGpkdmRN6LzIzMisyOvB+ZE/kgMjcyLzI/siCSFvkwsjCyKJIe+SiyOPJxJCOyJLI0siyyPLIi4n2hraEv4ov6qC/mi/ubfAlf0pfypb3zZXyCv9mX9bf4cv5WX97f5iv4231FX8lX9o/5Zr65b+Fb+lb+cd/aP+Hb+La+nX/St/dP+Q7+aZ/on/Ed/bO+k/+b7+yf8138876r/7vv5rv7Hv4F39O/6Hv53j7J9/F9/Uu+n+/vB/iX/UD/ih/kX/WD/Ws+2Q/xQ/3rfph/ww/3b/oRfqQfFfOWH335EhnG+xQ/wU/07/hJ/l0/2U/xU/00n+qn+xn+PT/Tz/Kz/ft+jv8Akvw8P98v8Gn+Q7/QL/Lp/iO/2H/sM/ySy7dQ/Uq/yq/2a/xav86v9xv8Rr/Jb/Zb/Fa/zW/3O/xOv8vv9p/4Pf5Tv9d/5vf5z/1+/4U/4L/0B/1XPtN/7Q/5b/xh/60/4r/zR/33/pg/7k/4H/xJ/6M/5U/7M/6sP+d/8uf9z/4C/80aY4wxxth/yYQrRfF79X1+5znxDzv3BYBrtxXM/Mf6rBXl+nwXy/1FfPsIADzTu+vDl7caNZKSki7tmyEhKDoP4PI3QVli4Eq8BNrBU5AIbaHs746/v+h+jv5F/9HbAHL9Q5tYuBJf6f+LP+j/8SdHLawQnon7f/Q/D6BE0Sttsq6TLsdLoJ3KemwL5f6g//yt/8X4c36ZAtDmH9rkhivxlfEnwBPwLCT+ak/GGGOMMcYYY+yi/qJy58vXn5d/4/P3rs/j1ZU2OeBK/K+uzxljjDHGGGOMMXb1Pde9x9OPX1OsbedfComJf6JQ7c/szIXfK3j4HzGMiwXvAS4/owDg3+wQ4JfCuP/gLLb8R46VfOmt889Vy8/6AP5npPKvKFzlH0yMMcYYY4yxv9yVRf+vn1dXa0CMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlg29J/4d2JXe46MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbY1fZ/AgAA//81OQSC")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x61, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000))
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
read$FUSE(r0, &(0x7f00000061c0)={0x2020}, 0x2020)

4.173851724s ago: executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f00000004c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0xfecc)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0)
futex(&(0x7f0000004000), 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

3.249206462s ago: executing program 4:
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x40, r1, 0x189f4c11598f3cd7, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'syz_tun\x00'}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}]}]]}, 0x40}}, 0x0)

3.171463147s ago: executing program 4:
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000002c0)=[@in={0x2, 0x0, @rand_addr=0x64010102}], 0x10)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x25, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, 0x90)

3.105112839s ago: executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r1, 0x4068aea3, &(0x7f0000000140)={0xa4, 0x0, 0x1})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x1, 0x0, 0x7, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.074462874s ago: executing program 3:
r0 = epoll_create1(0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
close(r1)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080))

3.029379951s ago: executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0xcf5)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
ppoll(&(0x7f0000000140)=[{r0}], 0x1, 0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x3)

2.927991564s ago: executing program 3:
syz_mount_image$xfs(&(0x7f000000b840), &(0x7f0000000240)='./file0\x00', 0x44, &(0x7f0000000380)={[{@grpquota}, {@filestreams}, {@logbufs={'logbufs', 0x3d, 0x3}}]}, 0x1, 0xb862, &(0x7f0000017140)="$eJzs3XtsnWUdwPGnXdu1kMEwdFwUGZMBA9nWbVAKwbUd6yiXymVgB0yorMCk4zIKblxLCAmoGMB4IWZRIl6jRHEQiYLTiHJxGGOA+AeRgDFgsuhfoMZQ8/acU9pDaehTnqeBfT7J+p73Pf29Oz3f87wnLKSnt+vszhDqQslQqPb869se++L6rsd//qV7dzx4x7MPlY62N5bvbi9vO8rbzjByspHDtaVDdV/f/nBtsVM79rx7NDXV7BXCxVXnaS1tbmipfN9wlfLh+ZX7a0d3az5f+jNqz+LLH9rX94UQ5o6ZrwkhLH3bD7qb6u1Y01V+TsKYbrPKd9e8dd/Itq70Z+XTIazcEd7x9TGjisc5t2vOxw+c6QfyftDbsaa7qn97uXNNeT22V6/B3VH16/yVBxbfXn4KR15vM5hwWno7uk4Lk6zjY/53wcLh0nWzPoTQEEKYHUJonOkevDc6OpcX79m1lf1y9sr6nzvR6+LwZa/8J4Qwr3gbL10vSu8FwPtLR+fyVROs/4bJ1n/bbdtfs/7h/a+7o3N5sdar1n/jZOt/Y9u650rrvr21NPXmzP4QAAAAAMCErtl6/eV9AwP9m91www03Rm/M9JUJSO2tRT/TjwQAAAAAAAAAAAB4t3L878Qz/TMCAAAAAAAAAAAAwAdFd0/Hrlk14w7NGrtz0M7+ke2KN3ov+95dwxsq2/Ldp05wynGf8z88PDzctmtl5bPYZ1d9XnZj9XBx/qG6N54s77ZXf/5g/cjR+nDRJRsH+pcWf9Wq+rCl2GkpzttVH+4udpYVO2vqw/eLneUjO01hR7Gz+OIrBzYUB06OfMY+WLp7hsKsccXCuFfD2P5D9Qt2VLaTnLJytrpQ7r/vvudsrrqvYuL+b52/450+l5z3xtT6L95S2U5yyret/wNeXfvLie575/6j5+/UP60Jrv/jGlVf96uu//MnOOXo/Lznn7ys6P/I43esLR+qezfX/zHnX1Xdf+Tko9f/4lQnVa7/xXvL6mk9Gbuh7p5bd022/ifvX1d5X68dMzt6ttNOeLat6L/Xou1/Lh+qn2L/kyZb/zXz33Y9YYq6e+4frlr/U+gfDpvglKNNvvbCKU8X/X/y5NrmMfdNpf/q6v5LBjddteSardcfvXFT36X9l/Zf0bp0xXHHtrSuaFkyckUofZ3ec7I7md76H/n8/7EzNSEsHJ1feOyb5xX95327q7d8qHGK/bsmXf8XjX+sjLGgNjQ0hC19g4ObW0pfK7vLSl9L3zZB/ym8/3/siPK3NZW3NSHsPzrful/z/kX/5lmrP1I+1DDF/msm7T80+vcSaZrrf0PVzLj+Q8/c/7Oi/4Ifnlv5N4Wpvv+fPFn/2m9Z/9PV3VP1Dz7vsaL/3+oWHR853u2//9LK0f9X+y48O3L8FP3TytH/ug8fMhg5fqr+aeXo37TixFsjx0/TP60c/Xec0PbdyPHT9U8rR/9vHHXMHyPHe/RPK0f/sw5teTVy/JP6p5Wj/98/tPX8yPEz9E8rR/8lB910Y+T4mfqnlaP/4JyrmyPHz9I/rRz9H6u9dlnk+Nn6p5Wj/2+O3vj7yPG1+qeVo/+eCza9FDl+jv5p5eh/xrK+OyPHz9U/rRz97zux/8HI8U/pn1aO/hce+PAlkeO9+qeVo/9Xm3/aETm+Tv+0cvTfWf/YEZHj5+mfVo7+dXs8unfk+Pn6p5Wj/w0Lv/PfyPEL9E8rR/+Hjrz/xcjx9fqnlaP/a8f/eHvk+Kf1TytH//nH/ODLkeMX6p9Wjv5XHfKnFyLHL9I/rRz9H1383L8ix/v0TytH/5c/8Zf7Isc/o39aOfof1fLi45HjF+ufVo7+az/664l+T9C7sUH/tHL037bPEwOR4/36p5Wj/+9qnqqPHL9E/7Ry9N97r50LIscv1T+tHP2fWnTQPyLHL9M/rRz9w2EH7Iwc36h/Wjn6n39s8wOR45/VP60c/e9t2+e2yPHL9U8rR/9d8+ZcFzk+oH9aOfofekDTmZHjm/RPK0f/W5rqj4scv0L/tHL0f6Sh5uDI8Sv1TytH/9ql3T+KHL9K/7Ry9H9m5elfiBy/Wv+0cvS/e0nHy5Hjm/VPK0f/dfNXPxE5fo3+aeXof9je62J/I/ug/mnl6P/PsH6/yPFr9U8rR//tc8+8OXL8Ov3TytH/poPPWRc5/rnnX982O+ifTI7+vzju9nsix7dY/2nl6L+59dZHIse36p9Wjv6LDr/rr5Hj1+ufVo7+Lx1x578jx2/QP60c/b85+ytzIsdv1D+tHP3PbbznyMjxm/RPK0f/OftvWxU5frP+aeXo/9v97tsQOX6L/gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/ZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsHcncJfOhf//7xkz9iRlLZK9ZJclhUGD0mJNsu+yhrIWokK2pCgpa0RJlpKQdkuWyr7v+77v/o8xM2K8x1c9/H/K+/l8POa+73POdZ+5zud1Xdc5c3/ucw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDGW3X4iksMDAwZdWnXV91++eOHnbXPGsPPPn2/A885cc+LTh557eLjj7p58RfGMPDinS0+4rbBIxcZcsipxwwecWHwy+93wgkmGDTJwKD18lrttOb/sdrTj/5i8EsXB+098s9LJnrxb590nZMGBgYm/T/ur9aqw5YePmLwRv55qds4o24edf1LXw8Z+WeRtQYGFll9YKzbx5vvuZWHL/9mr8P/glWHLb3sGP0HRnV+sfuY+3erMbfzcfZYfdCbGu4Nsuqw4cuNaD22/Xj77fZ7cRsYGBhy+MDAkCMGBoYcOTAw5Kg3uwdvjGFLzLfEiGP+6Msjq+86+gVBOr4PevqTp454zhg68nliyNGjnwuA/y3DlphvybD/jzv69rT/3/rsLavY/+F/37LDlphv4GWv80deu+vof9/H/X/Rac+87s1bYwAAAODf9fx9Z5w9aq5v8MDAdANjzPe+aNTPBQaddM4ll7xpK/rfIcyTvfp3Jv7HjOg8/vHTDwxssfKbvSq8Cd4S89j8x/Tvpn83/bvp303/bvp307+b/t3076Z/N/276d9N/2Jjmf+fdPTnncc5balRi8586UGbrjTm94+4bvz/52v9pnmrzv8PbDJoZMsRzTcZGBj41LAVVpptYGBgpU0PunSGgZduW2jEbYtMNs6oEwTM9uLHj43ljke/m/zFkzVM+NJ9nPTi/S/7whHjDBpjJV5m/Rf2PXbjVZ+Yf8zPs4z9cbx0fonzP37FwaPfyzJ4jIXGtq2Ovv/Rj2XMzqPWfbYR6z7XtptvNdc2O+w4xyabr7PRBhttsMWCc8+/0ALzLDj/PHNtuMlmG8w98uPYxmzkqSuWfD1jNu6YY3bfsJeP2ZiPbWxjNv1rj9mL97jxuZdPMXrMhvybY7bka4/Z9JuMXtfFhw6s/eLYjPgrlxo6sP2IC/OMN2ITGrXsVCOW/chkgwcGDvjXAx3x1XgvbYODdt3kDThvyajPw0Z9XiKet+S0sZ23ZGC9Me5n4ZGftj1r9HJjvs961NWv+7wliw7ffdYR++IY3///h//o+f9VvRYa9NJAjT5pyKhlRvb613kmRg/b4i87z8SC6Vwyb6RXre/0g1/artP6jnpf3KAxxv+13hc3MNuta58w8nEtvuDI73r+P46Sjx3L/Wv0glccOwZe+9gxzr++/Ne1G1w47ZjHjk+MfRVfsV+MHqPxxlhobMeOc58YsuuI+x+9zmM5diy3yag3Gv/r2DHir11y9LFjxLoPHzpwwIgL8464sPTQgeNGXJjvxQsTDJwz4sKc62252fojrljm1dvtbINe8QuPYbsdPsZ2+zrOj7PY+QMDi52THtfYhzNL2+24r7G++f3cA6/5fu5Z93p2xYGBgSlGPkuPeJAj1/0/kdZ3yGuvbzj/xMBrnX9iYOGFTljyDV7fl/azF7e1UaeLWmYs3/OK/WzSV+1nu43zsj3j9b6uWT8sP/LrqV66t1OOuGDX0WM0dIz7/b+eo0c/ltR/9Gu+lxt8+MCg1xqbpV/P2Ezy2mPzel+/zDbjyNsneI2xmWryKRccPTbj/ptjs/RYxublr4dfbtCuAxO8cmyGvPgaeKZRYzP89YzNxG/MdjNhWH7k1zO/dNVqzy8w8+ixCWMRn/9H3//wf3ds1n5pu5npxdtmGDww7rgD26+z7bZbzzPy4+iL8478+Nr74FKvZyzHf2PGcppRR53Brx6cl65a+KJFlvtP98Gl/t2xnH5g8Oh/c28y5s7yxvHzn276d9O/m/7d9O+mfzf9u+lfbCzz/9OP/rng7BfOdsmoH8YMPe+EVdZ/s9f3TfaWnv8f1fcV8//rr3LCeYMHXrrtNednRy7zXzk/u+DITzvNM3q5MecHR139uudnz9z/9NX/H83P/kdG76uv4+eGjv/d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/YmOZ/5979O8BPH/vtjeOmggduu6wqf/j91m9Rbyl5/9H9X3F/P85Uw9bd/DAS7e95vz/yGU65v+3vub23f+b5/9H76vm//k/6N9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+xcYy/7/46N8D2Oz5yx4Y/fsAFx+6xJZv9vq+yd6q8//+//9ejv/d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/YqPm/wfG+G8PP2O7iML8//+2sfRfXv+opf8K+kct/VfUP2rpv5L+UUv/lfWPWvqvon/U0v+z+kct/VfVP2rp/zn9o5b+q+kftfT/vP5RS//V9Y9a+q+hf9TSf039o5b+a+kftfRfW/+opf86+kct/dfVP2rpv57+UUv/9fWPWvpvoH/0yv5vgREaS/8N9Y9a9v+N9I9a+m+sf9TSfxP9o5b+X9A/aum/qf5RS//N9I9a+m+uf9TSfwv9o5b+W+oftfTfSv+opf8X9Y9a+m+tf9TSfxv9o5b+2+oftfT/kv5RS/8v6x+19N9O/6il//b6Ry39d9A/aum/o/5RS/+d9I9a+u+sf9TS/yv6Ry39v6p/1NJ/F/2jlv676h+19N9N/6il/9f0j1r6765/1NJ/D/2jlv5f1z9q6f8N/aOW/t/UP2rpv6f+UUv/vfSPWvrvrX/U0v9b+kct/ffRP2rpv6/+UUv//fSPWvrvr3/U0v+AV/Wf4P/pav23aun/bft/1NL/QP2jlv7f0T9q6X+Q/lFL/+/qH7X0/57+UUv/g/WPWvofon/U0v/7+kct/X+gf9TS/1D9o5b+P9Q/aul/mP5RS/8f6R+19P+x/lFL/8P1j1r6H6F/1NL/SP2jlv5H6R+19D9a/6il/zH6Ry39f6J/1NL/WP2jlv7H6R+19P+p/lFL/+P1j1r6n6B/1NL/Z/pHLf1/rn/U0v9E/aOW/r/QP2rpf5L+UUv/X+oftfQ/Wf+opf8p+kct/U/VP2rpf5r+UUv/X+kftfT/tf5RS//T9Y9a+v9G/6il/xn6Ry39f6t/1NL/TP2jlv5n6R+19D9b/6il/+/0j1r6n6N/1NL/9/pHLf3/oH/U0v+P+kct/f+kf9TS/8/6Ry39/6J/1NL/r/pHLf3P1T9q6X+e/lFL//P1j1r6X6B/1NL/b/pHLf0v1D9q6X+R/lFL/4v1j1r6X6J/1NL/7/pHLf3/oX/U0v+f+kct/S/VP2rpf5n+UUv/y/WPWvpfoX/U0v9K/aOW/lfpH7X0v1r/qKX/NfpHLf2v1T9q6X+d/lFL/+v1j1r636B/1NL/Rv2jlv436R+19L9Z/6il/y36Ry39b9U/aul/m/5RS//b9Y9a+t+hf9TS/079o5b+d+kftfS/W/+opf89+kct/e/VP2rpf5/+UUv/+/WPWvo/oH/U0v9B/aOW/g/pH7X0f1j/qKX/I/pHLf0f1T9q6f+Y/lFL/8f1j1r6P6F/1NL/Sf2jlv5P6R+19H9a/6il/zP6Ry39n9U/aun/nP5RS//n9Y9a+r+gf1TSf9CA/lFL/0H6Ry39B+sftfQfR/+opf8Q/aOW/kP1j1r6j6t/1NJ/PP2jlv7j6x+19J9A/6il/4T6Ry39J9I/auk/sf5RS/+36R+19J9E/6il/9v1j1r6T6p/1NL/HfpHLf0n0z9q6f9O/aOW/u/SP2rpP7n+UUv/KfSPWvpPqX/U0n8q/aOW/lPrH7X0n0b/qKX/u/WPWvq/R/+opf+0+kct/afTP2rp/179o5b+0+sftfR/n/5RS/8Z9I9a+s+of9TSfyb9o5b+M+sftfSfRf+opf+s+kct/WfTP2rp/379o5b+H9A/auk/u/5RS/8P6h+19J9D/6il/5z6Ry3959I/auk/t/5RS/959I9a+s+rf9TSfz79o5b+8+sftfT/kP5RS/8F9I9a+i+of9TSfyH9o5b+C+sftfT/sP5RS/9F9I9a+n9E/6il/0f1j1r6L6p/1NJ/Mf2jlv6L6x+19B+mf9TSfwn9o5b+S+oftfRfSv+opf/H9I9a+g/XP2rpv7T+UUv/ZfSPWvovq3/U0v/j+kct/T+hf9TSfzn9o5b+n9Q/aun/Kf2jlv6f1j9q6f8Z/aOW/svrH7X0X0H/qKX/ivpHLf1X0j9q6b+y/lFL/1X0j1r6f1b/qKX/qvpHLf0/p3/U0n81/aOW/p/XP2rpv7r+UUv/NfSPWvqvqX/U0n8t/aOW/mvrH7X0X0f/qKX/uvpHLf3X0z9q6b++/lFL/w30j1r6b6h/1NJ/I/2jlv4b6x+19N9E/6il/xf0j1r6b6p/1NJ/M/2jlv6b6x+19N9C/6il/5b6Ry39t9I/aun/Rf2jlv5b6x+19N9G/6il/7b6Ry39v6R/1NL/y/pHLf230z9q6b+9/lFL/x30j1r676h/1NJ/J/2jlv476x+19P+K/lFL/6/qH7X030X/qKX/rvpHLf130z9q6f81/aOW/rvrH7X036Om/wsj7fL6lm7p//Wa/v+elv7f0D9q6f9N/aOW/nvqH7X030v/qKX/3vpHLf2/pX/U0n8f/aOW/vvqH7X030//qKX//vpHLf0P0D9q6f9t/aOW/gfqH7X0/47+UUv/g/SPWvp/V/+opf/39I9a+h+sf/TW7T/45dcOOkT/6K3b/5X7//f1j1r6/0D/qKX/ofpHLf1/qH/U0v8w/aOW/j/SP2rp/2P9o5b+h+sftfQ/Qv+opf+R+kct/Y/SP2rpf7T+UUv/Y/SPWvr/RP+opf+x+kct/Y/TP2rp/1P9o5b+x+sftfQ/Qf+opf/P9I9a+v9c/6il/4n6Ry39f6F/1NL/JP2jlv6/1D9q6X+y/lFL/1P0j1r6n6p/1NL/NP2jlv6/0j9q6f9r/aOW/qfrH7X0/43+UUv/M/SPWvr/Vv+opf+Z+kct/c/SP2rpf7b+UUv/3+kftfQ/R/+opf/v9Y9a+v9B/6il/x/1j1r6/0n/qKX/n/WPWvr/Rf+opf9f9Y9a+p+rf9TS/zz9o5b+5+sftfS/QP+opf/f9I9a+l+of9TS/yL9o5b+F+sftfS/RP+opf/f9Y9a+v9D/6il/z/1j1r6X6p/1NL/Mv2jlv6X6x+19L9C/6il/5X6Ry39r9I/aul/tf5RS/9r9I9a+l+rf9TS/zr9o5b+1+sftfS/Qf+opf+N+kct/W/SP2rpf7P+UUv/W/SPWvrfqn/U0v82/aOW/rfrH7X0v0P/qKX/nfpHLf3v0j9q6X+3/lFL/3v0j1r636t/1NL/Pv2jlv736x+19H9A/6il/4P6Ry39H9I/aun/sP5RS/9H9I9a+j+qf9TS/zH9o5b+j+sftfR/Qv+opf+T+kct/Z/SP2rp/7T+UUv/Z/SPWvo/q3/U0v85/aOW/s/rH7X0f0H/qKT/i1/q/2ot/QfpH7X0H6x/1NJ/HP2jlv5D9I9a+g/VP2rpP67+UUv/8fSPWvqPr3/U0n8C/aOW/hPqH7X0n0j/qKX/xPpHLf3fpn/U0n8S/aOW/m/XP2rpP6n+UUv/d+gftfSfTP+opf879Y9a+r9L/6il/+T6Ry39p9A/auk/pf5RS/+p9I9a+k+tf9TSfxr9o5b+79Y/aun/Hv2jlv7T6h+19J9O/6il/3v1j1r6T69/1NL/ffpHLf1n0D9q6T+j/lFL/5n0j1r6z6x/1NJ/Fv2jlv6z6h+19J9N/6il//v1j1r6f0D/qKX/7PpHLf0/qH/U0n8O/aOW/nPqH7X0n0v/qKX/3PpHLf3n0T9q6T+v/lFL//n0j1r6z69/1NL/Q/pHLf0X0D9q6b+g/lFL/4X0j1r6L9zef3C+uqX/h9v7j0VL/0X0j1r6f0T/qKX/R/WPWvovqn/U0n8x/aOW/ovrH7X0H6Z/1NJ/Cf2jlv5L6h+19F9K/6il/8f0j1r6D9c/aum/tP5RS/9l9I9a+i+rf9TS/+P6Ry39P6F/1NJ/Of2jlv6f1D9q6f8p/aOW/p/WP2rp/xn9o5b+y+sftfRfQf+opf+K+kct/VfSP2rpv7L+UUv/VfSPWvp/Vv+opf+q+kct/T+nf9TSfzX9o5b+n9c/aum/uv5RS/819I9a+q+pf9TSfy39o5b+a+sftfRfR/+opf+6+kct/dfTP2rpv77+UUv/DfSPWvpvqH/U0n8j/aOW/hvrH7X030T/qKX/F/SPWvpvqn/U0n8z/aOW/pvrH7X030L/qKX/lvpHLf230j9q6f9F/aOW/lvrH7X030b/qKX/tvpHLf2/pH/U0v/L+kct/bfTP2rpv73+UUv/HfSPWvrvqH/U0n8n/aOW/jvrH7X0/4r+UUv/r+oftfTfRf+opf+u+kct/XfTP2rp/zX9o5b+u+sftfTfQ/+opf/X9Y9a+n9D/6il/zf1j1r676l/1NJ/L/2jlv576x+19P+W/lFL/330j1r676t/1NJ/P/2jlv776x+19D9A/6il/7f1j1r6H6h/1NL/O/pHLf0P0j9q6f9d/aOW/t/TP2rpf7D+UUv/Q/SPWvp/X/+opf8P9I9a+h+qf9TS/4f6Ry39D9M/aun/I/2jlv4/1j9q6X+4/lFL/yP0j1r6H6l/1NL/KP2jlv5H6x+19D9G/6il/0/0j1r6H6t/1NL/OP2jlv4/1T9q6X+8/lFL/xP0j1r6/0z/qKX/z/WPWvqfqH/U0v8X+kct/U/SP2rp/0v9o5b+J+sftfQ/Rf+opf+p+kct/U/TP2rp/yv9o5b+v9Y/aul/uv5RS//f6B+19D9D/6il/2/1j1r6n6l/1NL/LP2jlv5n6x+19P+d/lFL/3P0j1r6/17/qKX/H/SPWvr/Uf+opf+f9I9a+v9Z/6il/1/0j1r6/1X/qKX/ufpHLf3P0z9q6X++/lFL/wv0j1r6/03/qKX/hfpHLf0v0j9q6X+x/lFL/0v0j1r6/13/qKX/P/SPWvr/U/+opf+l+kct/S/TP2rpf7n+UUv/K/SPWvpfqX/U0v8q/aOW/lfrH7X0v0b/qKX/tfpHLf2v0z9q6X+9/lFL/xv0j1r636h/1NL/Jv2jlv436x+19L9F/6il/636Ry39b9M/aul/u/5RS/879I9a+t+pf9TS/y79o5b+d+sftfS/R/+opf+9+kct/e/TP2rpf7/+UUv/B/SPWvo/qH/U0v8h/aOW/g/rH7X0f0T/qKX/o/pHLf0f0z9q6f+4/lFL/yf0j1r6P6l/1NL/Kf2jlv5P6x+19H9G/6il/7P6Ry39n9M/aun/vP5RS/8X9I9K+o8zoH/U0n+Q/lFL/8H6Ry39x9E/auk/RP+opf9Q/aOW/uPqH7X0H0//qKX/+PpHLf0n0D9q6T+h/lFL/4n0j1r6T6x/1NL/bfpHLf0n0T9q6f92/aOW/pPqH7X0f4f+UUv/yfSPWvq/U/+opf+79I9a+k+uf9TSfwr9o5b+U+oftfSfSv+opf/U+kct/afRP2rp/279o5b+79E/auk/rf5RS//p9I9a+r9X/6il//T6Ry3936d/1NJ/Bv2jlv4z6h+19J9J/6il/8z6Ry39Z9E/auk/q/5RS//Z9I9a+r9f/6il/wf0j1r6z65/1NL/g/pHLf3n0D9q6T+n/lFL/7n0j1r6z61/1NJ/npH9x3uzVuu/VUv/ee3/UUv/+fSPWvrPr3/U0v9D+kct/RfQP2rpv6D+UUv/hfSPWvovrH/U0v/D+kct/RfRP2rp/xH9o5b+H9U/aum/qP5RS//F9I9a+i+uf9TSf5j+UUv/JfSPWvovqX/U0n8p/aOW/h/TP2rpP1z/qKX/0vpHLf2X0T9q6b+s/lFL/4/rH7X0/4T+UUv/5fSPWvp/Uv+opf+n9I9a+n9a/6il/2f0j1r6L69/1NJ/Bf2jlv4r6h+19F9J/6il/8r6Ry39V9E/aun/Wf2jlv6r6h+19P+c/lFL/9X0j1r6f17/qKX/6vpHLf3X0D9q6b+m/lFL/7X0j1r6r61/1NJ/Hf2jlv7r6h+19F9P/6il//r6Ry39N9A/aum/of5RS/+N9I9a+m+sf9TSfxP9o5b+X9A/aum/qf5RS//N9I9a+m+uf9TSfwv9o5b+W+oftfTfSv+opf8X9Y9a+m+tf9TSfxv9o5b+2+oftfT/kv5RS/8v6x+19N9O/6il//b6Ry39d9A/aum/o/5RS/+d9I9a+u+sf9TS/yv6Ry39v6p/1NJ/F/2jlv676h+19N9N/6il/9f0j1r6765/1NJ/D/2jlv5f1z9q6f8N/aOW/t/UP2rpv6f+UUv/vfSPWvrvrX/U0v9b+kct/ffRP2rpv6/+UUv//fSPWvrvr3/U0v8A/aOW/t/WP2rpf6D+UUv/7+gftfQ/SP+opf939Y9a+n9P/6il/8H6Ry39D9E/aun/ff2jlv4/0D9q6X+o/lFL/x/qH7X0P0z/qKX/j/SPWvr/WP+opf/h+kct/Y/QP2rpf6T+UUv/o/SPWvofrX/U0v8Y/aOW/j/RP2rpf6z+UUv/4/SPWvr/VP+opf/x+kct/U/QP2rp/zP9o5b+P9c/aul/ov5RS/9f6B+19D9J/6il/y/1j1r6n6x/1NL/FP2jlv6n6h+19D9N/6il/6/0j1r6/1r/qKX/6fpHLf1/o3/U0v8M/aOW/r/VP2rpf6b+UUv/s/SPWvqfrX/U0v93+kct/c/RP2rp/3v9o5b+f9A/aun/R/2jlv5/0j9q6f9n/aOW/n/RP2rp/1f9o5b+5+oftfQ/T/+opf/5+r/KuEX9L9A/aun/N/2jlv4X6h+19L9I/6il/8X6Ry39L9E/aun/d/2jlv7/0D9q6f9P/aOW/pfqH7X0v0z/qKX/5fpHLf2v0D9q6X+l/lFL/6v0j1r6X61/1NL/Gv2jlv7X6h+19L9O/6il//X6Ry39b9A/aul/o/5RS/+b9I9a+t+sf9TS/xb9o5b+t+oftfS/Tf+opf/t+kct/e/QP2rpf6f+UUv/u/SPWvrfrX/U0v8e/aOW/vfqH7X0v0//qKX//fpHLf0f0D9q6f+g/lFL/4f0j1r6P6x/1NL/Ef2jlv6P6h+19H9M/6il/+P6Ry39n9A/aun/pP5RS/+n9I9a+j+tf9TS/xn9o5b+z+oftfR/Tv+opf/z+kct/V/QPyrpP2RA/6il/yD9o5b+g/WPWvqPo3/U0n+I/lFL/6H6Ry39x9U/auk/nv5RS//x9Y9a+k+gf9TSf0L9o5b+E+kftfSfWP+opf/b9I9a+k+if9TS/+36Ry39J9U/aun/Dv2jlv6T6R+19H+n/lFL/3fpH7X0n1z/qKX/FPpHLf2n1D9q6T+V/lFL/6n1j1r6T6N/1NL/3fpHLf3fo3/U0n9a/aOW/tPpH7X0f6/+UUv/6fWPWvq/T/+opf8M+kct/WfUP2rpP5P+UUv/mfWPWvrPon/U0n9W/aOW/rPpH7X0f7/+UUv/D+gftfSfXf+opf8H9Y9a+s+hf9TSf079o5b+c+kftfSfW/+opf88+kct/efVP2rpP5/+UUv/+fWPWvp/SP+opf8C+kct/RfUP2rpv5D+UUv/hfWPWvp/WP+opf8i+kct/T+if9TS/6P6Ry39F9U/aum/mP5RS//F9Y9a+g/TP2rpv4T+UUv/JfWPWvovpX/U0v9j+kct/YfrH7X0X1r/qKX/MvpHLf2X1T9q6f9x/aOW/p/QP2rpv5z+UUv/T+oftfT/lP5RS/9P6x+19P+M/lFL/+X1j1r6r6B/1NJ/Rf2jlv4r6R+19F9Z/6il/yr6Ry39P6t/1NJ/Vf2jlv6f0z9q6b+a/lFL/8/rH7X0X13/qKX/GvpHLf3X1D9q6b+W/lFL/7X1j1r6r6N/1NJ/Xf2jlv7r6R+19F9f/6il/wb6Ry39N9Q/aum/kf5RS/+N9Y9a+m+if9TS/wv6Ry39N9U/aum/mf5RS//N9Y9a+m+hf9TSf0v9o5b+W+kftfT/ov5RS/+t9Y9a+m+jf9TSf1v9o5b+X9I/aun/Zf2jlv7b6R+19N9e/6il/w76Ry39d9Q/aum/k/5RS/+d9Y9a+n9F/6il/1f1j1r676J/1NJ/V/2jlv676R+19P+a/lFL/931j1r676F/1NL/6/pHLf2/oX/U0v+b+kct/ffUP2rpv5f+UUv/vfWPWvp/S/+opf8++kct/ffVP2rpv5/+UUv//fWPWvofoH/U0v/b+kct/Q/UP2rp/x39o5b+B+kftfT/rv5RS//v6R+19D9Y/6il/yH6Ry39v69/1NL/B/pHLf0P1T9q6f9D/aOW/ofpH7X0/5H+UUv/H+sftfQ/XP+opf8R+kct/Y/UP2rpf5T+UUv/o/WPWvofo3/U0v8n+kct/Y/VP2rpf5z+UUv/n+oftfQ/Xv+opf8J+kct/X+mf9TS/+f6Ry39T9Q/aun/C/2jlv4n6R+19P+l/lFL/5P1j1r6n6J/1NL/VP2jlv6n6R+19P+V/lFL/1/rH7X0P13/qKX/b/SPWvqfoX/U0v+3+kct/c/UP2rpf5b+UUv/s/WPWvr/Tv+opf85+kct/X+vf9TS/w/6Ry39/6h/1NL/T/pHLf3/rH/U0v8v+kct/f+qf9TS/1z9o5b+5+kftfQ/X/+opf8F+kct/f+mf9TS/0L9o5b+F+kftfS/WP+opf8l+kct/f+uf9TS/x/6Ry39/6l/1NL/Uv2jlv6X6R+19L9c/6il/xX6Ry39r9Q/aul/lf5RS/+r9Y9a+l+jf9TS/1r9o5b+1+kftfS/Xv+opf8N+kct/W/UP2rpf5P+UUv/m/WPWvrfon/U0v9W/aOW/rfpH7X0v13/qKX/HfpHLf3v1D9q6X+X/lFL/7v1j1r636N/1NL/Xv2jlv736R+19L9f/6il/wP6Ry39H9Q/aun/kP5RS/+H9Y9a+j+if9TS/1H9o5b+j+kftfR/XP+opf8T+kct/Z/UP2rp/5T+UUv/p/WPWvo/o3/U0v9Z/aOW/s/pH7X0f17/qKX/C/pHJf2HDugftfQfpH/U0n+w/lFL/3H0j1r6D9E/auk/VP+opf+4+kct/cfTP2rpP77+UUv/CfSPWvpPqH/U0n8i/aOW/hPrH7X0f5v+UUv/SfSPWvq/Xf+opf+k+kct/d+hf9TSfzL9o5b+79Q/aun/Lv2jlv6T6x+19J9C/6il/5T6Ry39p9I/auk/tf5RS/9p9I9a+r9b/6il/3v0j1r6T6t/1NJ/Ov2jlv7v1T9q6T+9/lFL//fpH7X0n0H/qKX/jPpHLf1n0j9q6T+z/lFL/1n0j1r6z6p/1NJ/Nv2jlv7v1z9q6f8B/aOW/rPrH7X0/6D+UUv/OfSPWvrPqX/U0n8u/aOW/nPrH7X0n0f/qKX/vPpHLf3n0z9q6T+//lFL/w/pH7X0X0D/qKX/gvpHLf0X0j9q6b+w/lFL/w/rH7X0X0T/qKX/R/SPWvp/VP+opf+i+kct/RfTP2rpv7j+UUv/YfpHLf2X0D9q6b+k/lFL/6X0j1r6f0z/qKX/cP2jlv5L6x+19F9G/6il/7L6Ry39P65/1NL/E/pHLf2X0z9q6f9J/aOW/p/SP2rp/2n9o5b+n9E/aum/vP5RS/8V9I9a+q+of9TSfyX9o5b+K+sftfRfRf+opf9n9Y9a+q+qf9TS/3P6Ry39V9M/aun/ef2jlv6r6x+19F9D/6il/5r6Ry3919I/aum/tv5RS/919I9a+q+rf9TSfz39o5b+6+sftfTfQP+opf+G+kct/TfSP2rpv7H+UUv/TfSPWvp/Qf+opf+m+kct/TfTP2rpv7n+UUv/LfSPWvpvqX/U0n8r/aOW/l/UP2rpv7X+UUv/bfSPWvpvq3/U0v9L+kct/b+sf9TSfzv9o5b+2+sftfTfQf+opf+O+kct/XfSP2rpv7P+UUv/r+gftfT/qv5RS/9d9I9a+u+qf9TSfzf9o5b+X9M/aum/u/5RS/899I9a+n9d/6il/zf0j1r6f1P/qKX/nvpHLf330j9q6b+3/lFL/2/pH7X030f/qKX/vvpHLf330z9q6b+//lFL/wP0j1r6f1v/qKX/gfpHLf2/o3/U0v8g/aOW/t/VP2rp/z39o5b+B+sftfQ/RP+opf/39Y9a+v9A/6il/6H6Ry39f6h/1NL/MP2jlv4/0j9q6f9j/aOW/ofrH7X0P0L/qKX/kfpHLf2P0j9q6X+0/lFL/2P0j1r6/0T/qKX/sfpHLf2P0z9q6f9T/aOW/sfrH7X0P0H/qKX/z/SPWvr/XP+opf+J+kct/X+hf9TS/yT9o5b+v9Q/aul/sv5RS/9T9I9a+p+qf9TS/zT9o5b+v9I/aun/a/2jlv6n6x+19P+N/lFL/zP0j1r6/1b/qKX/mfpHLf3P0j9q6X+2/lFL/9/pH7X0P0f/qKX/7/WPWvr/Qf+opf8f9Y9a+v9J/6il/5/1j1r6/0X/qKX/X/WPWvqfq3/U0v88/aOW/ufrH7X0v0D/qKX/3/SPWvpfqH/U0v8i/aOW/hfrH7X0v0T/qKX/3/WPWvr/Q/+opf8/9Y9a+l+qf9TS/zL9o5b+l+sftfS/Qv+opf+V+kct/a/SP2rpf7X+UUv/a/SPWvpfq3/U0v86/aOW/tfrH7X0v0H/qKX/jfpHLf1v0j9q6X+z/lFL/1v0j1r636p/1NL/Nv2jlv636x+19L9D/6il/536Ry3979I/aul/t/5RS/979I9a+t+rf9TS/z79o5b+9+sftfR/QP+opf+D+kct/R/SP2rp/7D+UUv/R/SPWvo/qn/U0v8x/aOW/o/rH7X0f0L/qKX/k/pHLf2f0j9q6f+0/lFL/2f0j1r6P6t/1NL/Of2jlv7P6x+19H9B/6ik/7gD+kct/QfpH7X0H6x/1NJ/HP2jlv5D9I9a+g/VP2rpP67+UUv/8fSPWvqPr3/U0n8C/aOW/hPqH7X0n0j/qKX/xPpHLf3fpn/U0n8S/aOW/m/XP2rpP6n+UUv/d+gftfSfTP+opf879Y9a+r9L/6il/+T6Ry39p9A/auk/pf5RS/+p9I9a+k+tf9TSfxr9o5b+79Y/aun/Hv2jlv7T6h+19J9O/6il/3v1j1r6T69/1NL/ffpHLf1n0D9q6T+j/lFL/5n0j1r6z6x/1NJ/Fv2jlv6z6h+19J9N/6il//v1j1r6f0D/qKX/7PpHLf0/qH/U0n8O/aOW/nPqH7X0n0v/qKX/3PpHLf3n0T9q6T+v/lFL//n0j1r6z69/1NL/Q/pHLf0X0D9q6b+g/lFL/4X0j1r6L6x/1NL/w/pHLf0X0T9q6f8R/aOW/h/VP2rpv6j+UUv/xfSPWvovrn/U0n+Y/lFL/yX0j1r6L6l/1NJ/Kf2jlv4f0z9q6T9c/6il/9L6Ry39l9E/aum/rP5RS/+P6x+19P+E/lFL/+X0j1r6f1L/qKX/p/SPWvp/Wv+opf9n9I9a+i+vf9TSfwX9o5b+K+oftfRfSf+opf/K+kct/VfRP2rp/1n9o5b+q+oftfT/nP5RS//V9I9a+n9e/6il/+r6Ry3919A/aum/pv5RS/+19I9a+q+tf9TSfx39o5b+6+oftfRfT/+opf/6+kct/TfQP2rpv6H+UUv/jfSPWvpvrH/U0n8T/aOW/l/QP2rpv6n+UUv/zfSPWvpvrn/U0n8L/aOW/lvqH7X030r/qKX/F/WPWvpvrX/U0n8b/aOW/tvqH7X0/5L+UUv/L+sftfTfTv+opf/2+kct/XfQP2rpv6P+UUv/nfSPWvrvrH/U0v8r+kct/b+qf9TSfxf9o5b+u+oftfTfTf+opf/X9I9a+u+uf9TSfw/9o5b+X9c/aun/Df2jlv7f1D9q6b+n/lFL/730j1r6761/1NL/W/pHLf330T9q6b+v/lFL//30j1r6769/1NL/AP2jlv7f1j9q6X+g/lFL/+/oH7X0P0j/qKX/d/WPWvp/T/+opf/B+kct/Q/RP2rp/339o5b+P9A/aul/qP5RS/8f6h+19D9M/6il/4/0j1r6/1j/qKX/4fpHLf2P0D9q6X+k/lFL/6P0j1r6H61/1NL/GP2jlv4/0T9q6X+s/lFL/+P0j1r6/1T/qKX/8fpHLf1P0D9q6f8z/aOW/j/XP2rpf6L+UUv/X+gftfQ/Sf+opf8v9Y9a+p+sf9TS/xT9o5b+p+oftfQ/Tf+opf+v9I9a+v9a/6il/+n6Ry39f6N/1NL/DP2jlv6/1T9q6X+m/lFL/7P0j1r6n61/1NL/d/pHLf3P0T9q6f97/aOW/n/QP2rp/0f9o5b+f9I/aun/Z/2jlv5/0T9q6f9X/aOW/ufqH7X0P0//qKX/+fpHLf0v0D9q6f83/aOW/hfqH7X0v0j/qKX/xfpHLf0v0T9q6f93/aOW/v/QP2rp/0/9o5b+l+oftfS/TP+opf/l+kct/a/QP2rpf6X+UUv/q/SPWvpfrX/U0v8a/aOW/tfqH7X0v07/qKX/9fpHLf1v0D9q6X+j/lFL/5v0j1r636x/1NL/Fv2jlv636h+19L9N/6il/+36Ry3979A/aul/p/5RS/+79I9a+t+tf9TS/x79o5b+9+oftfS/T/+opf/9+kct/R/QP2rp/6D+UUv/h/SPWvo/rH/U0v8R/aOW/o/qH7X0f0z/qKX/4/pHLf2f0D9q6f+k/lFL/6f0j1r6P61/1NL/Gf2jlv7P6h+19H9O/6il//P6Ry39X9A/Kuk/3oD+UUv/QfpHLf0H6x+19B9H/6il/xD9o5b+Q/WPWvqPq3/U0n88/aOW/uPrH7X0n0D/qKX/hPpHLf0n0j9q6T+x/lFL/7fpH7X0n0T/qKX/2/WPWvpPqn/U0v8d+kct/SfTP2rp/079o5b+79I/auk/uf5RS/8p9I9a+k+pf9TSfyr9o5b+U+sftfSfRv+opf+79Y9a+r9H/6il/7T6Ry39p9M/aun/Xv2jlv7T6x+19H+f/lFL/xn0j1r6z6h/1NJ/Jv2jlv4z6x+19J9F/6il/6z6Ry39Z9M/aun/fv2jlv4f0D9q6T+7/lFL/w/qH7X0n0P/qKX/nPpHLf3n0j9q6T+3/lFL/3n0j1r6z6t/1NJ/Pv2jlv7z6x+19P+Q/lFL/wX0j1r6L6h/1NJ/If2jlv4L6x+19P+w/tFbuf/Leo+3iP7RW7n/y/f/j+gftfT/qP5RS/9F9Y9a+i+mf9TSf3H9o5b+w/SPWvovoX/U0n9J/aOW/kvpH7X0/5j+UUv/4fpHLf2X1j9q6b+M/lFL/2X1j1r6f1z/qKX/J/SPWvovp3/U0v+T+kct/T+lf9TS/9P6Ry39P6N/1NJ/ef2jlv4r6B+19F9R/6il/0r6Ry39V9Y/aum/iv5RS//P6h+19F9V/6il/+f0j1r6r6Z/1NL/8/pHLf1X1z9q6b+G/lFL/zX1j1r6r6V/1NJ/bf2jlv7r6B+19F9X/6il/3r6Ry3919c/aum/gf5RS/8N9Y9a+m+kf9TSf2P9o5b+m+gftfT/gv5RS/9N9Y9a+m+mf9TSf3P9o5b+W+gftfTfUv+opf9W+kct/b+of9TSf2v9o5b+2+gftfTfVv+opf+X9I9a+n9Z/6il/3b6Ry39t9c/aum/g/5RS/8d9Y9a+u+kf9TSf2f9o5b+X9E/aun/Vf2jlv676B+19N9V/6il/276Ry39v6Z/1NJ/d/2jlv576B+19P+6/lFL/2/oH7X0/6b+UUv/PfWPWvrvpX/U0n9v/aOW/t/SP2rpv4/+UUv/ffWPWvrvp3/U0n9//aOW/gfoH7X0/7b+UUv/A/WPWvp/R/+opf9B+kct/b+rf9TS/3v6Ry39D9Y/aul/iP5RS//v6x+19P+B/lFL/0P1j1r6/1D/qKX/YfpHLf1/pH/U0v/H+kct/Q/XP2rpf4T+UUv/I/WPWvofpX/U0v9o/aOW/sfoH7X0/4n+UUv/Y/WPWvofp3/U0v+n+kct/Y/XP2rpf4L+UUv/n+kftfT/uf5RS/8T9Y9a+v9C/6il/0n6Ry39f6l/1NL/ZP2jlv6n6B+19D9V/6il/2n6Ry39f6V/1NL/1/pHLf1P1z9q6f8b/aOW/mfoH7X0/63+UUv/M/WPWvqfpX/U0v9s/aOW/r/TP2rpf47+UUv/3+sftfT/g/5RS/8/6h+19P+T/lFL/z/rH7X0/4v+UUv/v+oftfQ/V/+opf95+kct/c/XP2rpf4H+UUv/v+kftfS/UP+opf9F+kct/S/WP2rpf4n+UUv/v+sftfT/h/5RS/9/6h+19L9U/6il/2X6Ry39L9c/aul/hf5RS/8r9Y9a+l+lf9TS/2r9o5b+1+gftfS/Vv+opf91+kct/a/XP2rpf4P+UUv/G/WPWvrfpH/U0v9m/aOW/rfoH7X0v1X/qKX/bfpHLf1v1z9q6X+H/lFL/zv1j1r636V/1NL/bv2jlv736B+19L9X/6il/336Ry3979c/aun/gP5RS/8H9Y9a+j+kf9TS/2H9o5b+j+gftfR/VP+opf9j+kct/R/XP2rp/4T+UUv/J/WPWvo/pX/U0v9p/aOW/s/oH7X0f1b/qKX/c/pHLf2f1z9q6f+C/lFJ//EH9I9a+g/SP2rpP1j/qKX/OPpHLf2H6B+19B+qf9TSf1z9o5b+4+kftfQfX/+opf8E+kct/SfUP2rpP5H+UUv/ifWPWvq/Tf+opf8k+kct/d+uf9TSf1L9o5b+79A/auk/mf5RS/936h+19H+X/lFL/8n1j1r6T6F/1NJ/Sv2jlv5T6R+19J9a/6il/zT6Ry39361/1NL/PfpHLf2n1T9q6T+d/lFL//fqH7X0n17/qKX/+/SPWvrPoH/U0n9G/aOW/jPpH7X0n1n/qKX/LPpHLf1n1T9q6T+b/lFL//frH7X0/4D+UUv/2fWPWvp/UP+opf8c+kct/efUP2rpP5f+UUv/ufWPWvrPo3/U0n9e/aOW/vPpH7X0n1//qKX/h/SPWvovoH/U0n9B/aOW/gvpH7X0X1j/qKX/h/WPWvovon/U0v8j+kct/T+qf9TSf1H9o5b+i+kftfRfXP+opf8w/aOW/kvoH7X0X1L/qKX/UvpHLf0/pn/U0n+4/lFL/6X1j1r6L6N/1NJ/Wf2jlv4f1z9q6f8J/aOW/svpH7X0/6T+UUv/T+kftfT/tP5RS//P6B+19F9e/6il/wr6Ry39V9Q/aum/kv5RS/+V9Y9a+q+if9TS/7P6Ry39V9U/aun/Of2jlv6r6R+19P+8/lFL/9X1j1r6r6F/1NJ/Tf2jlv5r6R+19F9b/6il/zr6Ry3919U/aum/nv5RS//19Y9a+m+gf9TSf0P9o5b+G+kftfTfWP+opf8m+kct/b+gf9TSf1P9o5b+m+kftfTfXP+opf8W+kct/bfUP2rpv5X+UUv/L+oftfTfWv+opf82+kct/bfVP2rp/yX9o5b+X9Y/aum/nf5RS//t9Y9a+u+gf9TSf0f9o5b+O+kftfTfWf+opf9X9I9a+n9V/6il/y76Ry39d9U/aum/m/5RS/+v6R+19N9d/6il/x76Ry39v65/1NL/G/pHLf2/qX/U0n9P/aOW/nvpH7X031v/qKX/t/SPWvrvo3/U0n9f/aOW/vvpH7X031//qKX/AfpHLf2/rX/U0v9A/aOW/t/RP2rpf5D+UUv/7+oftfT/nv5RS/+D9Y9a+h+if9TS//v6Ry39f6B/1NL/UP2jlv4/1D9q6X+Y/lFL/x/pH7X0/7H+UUv/w/WPWvofoX/U0v9I/aOW/kfpH7X0P1r/qKX/MfpHLf1/on/U0v9Y/aOW/sfpH7X0/6n+UUv/4/WPWvqfoH/U0v9n+kct/X+uf9TS/0T9o5b+v9A/aul/kv5RS/9f6h+19D9Z/6il/yn6Ry39T9U/aul/mv5RS/9f6R+19P+1/lFL/9P1j1r6/0b/qKX/GfpHLf1/q3/U0v9M/aOW/mfpH7X0P1v/qKX/7/SPWvqfo3/U0v/3+kct/f+gf9TS/4/6Ry39/6R/1NL/z/pHLf3/on/U0v+v+kct/c/VP2rpf57+UUv/8/WPWvpfoH/U0v9v+kct/S/UP2rpf5H+UUv/i/WPWvpfon/U0v/v+kct/f+hf9TS/5/6Ry39L9U/aul/mf5RS//L9Y9a+l+hf9TS/0r9o5b+V+kftfS/Wv+opf81+kct/a/VP2rpf53+UUv/6/WPWvrfoH/U0v9G/aOW/jfpH7X0v1n/qKX/LfpHLf1v1T9q6X+b/lFL/9v1j1r636F/1NL/Tv2jlv536R+19L9b/6il/z36Ry3979U/aul/n/5RS//79Y9a+j+gf9TS/0H9o5b+D+kftfR/WP+opf8j+kct/R/VP2rp/5j+UUv/x/WPWvo/oX/U0v9J/aOW/k/pH7X0f1r/qKX/M/pHLf2f1T9q6f+c/lFL/+f1j1r6v6B/VNJ/ggH9o5b+g/SPWvoP1j9q6T+O/lFL/yH6Ry39h+oftfQfV/+opf94+kct/cfXP2rpP4H+UUv/CfWPWvpPpH/U0n9i/aOW/m/TP2rpP4n+UUv/t+sftfSfVP+opf879I9a+k+mf9TS/536Ry3936V/1NJ/cv2jlv5T6B+19J9S/6il/1T6Ry39p9Y/auk/jf5RS/936x+19H+P/lFL/2n1j1r6T6d/1NL/vfpHLf2n1z9q6f8+/aOW/jPoH7X0n1H/qKX/TPpHLf1n1j9q6T+L/lFL/1n1j1r6z6Z/1NL//fpHLf0/oH/U0n92/aOW/h/UP2rpP4f+UUv/OfWPWvrPpX/0lusPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPx/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAxIAAAAAQf9ftyNQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuCgAA//91NCn7")
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0105872, &(0x7f0000000e00)=ANY=[@ANYBLOB="000000004c9002000000000003000100000000000000000000000000000001000000000000000000"])
r1 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0)
renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus\x00', 0x0)

2.748358756s ago: executing program 4:
socket$inet_udplite(0x2, 0x2, 0x88)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080))
sched_setaffinity(0x0, 0x0, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000440)="ab", 0xff77, 0xfffffffffffffffe)

2.290673674s ago: executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})

2.077069698s ago: executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x9, 0x3, 0x238, 0x120, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0xd0, 0xffffffff, 0xffffffff, 0x218, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@ip={@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'pim6reg1\x00', 'dvmrp0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298)

1.921706841s ago: executing program 0:
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x800, &(0x7f0000004140)=ANY=[], 0x1, 0x1cf, &(0x7f0000000780)="$eJzKKC4sZmdgYPj7sSaZQYABDBgZeBguMDAysDAwMKgzQsQYmCDUeij/BZSeCZW2gfKbofRCKF1xS3vdmlN+Z0566motk2VmaPXUlkcWk0vtMXKTXMwjwcwQmnpkUXFlVXZiTk5qUfFChopbyUkVp08wsFy3v6bSLMHp8EeewyFJ00GH6YiPR9aMxhLOSVKaYmxsmQpnz3yQX8emcYTh0QrmjXWeeY11halT89LykqqyqrLmTZy4cWZjZ2Pjyol1UWl+qxhbUlw2NXUyMjlsURPYzGyoPslGe8K79lUPkxxYezz8mk8ZK71OZb5kvLBI6tSKqpkTvijNZjT8znCHp2yFhIaGk8QVCYsGE4YjdbYNriAnpjQwpCmEMSapsYm1bTkzJ4SZn81tgUJL8gmm0KMcS2dKWBwQqjr501LzrUOi24xtTx3YzvAcPs6zpqBP0Oi4BIPTQsH/MiBjEhoayjTWMi21XfClSOOvhNdqY6cMBnd7pmWwAGVpAJEroTxZsJ6E5BUeOpqaRinJCQ2bJBKS3AoMlRm27uFcLdDAgBRtKgwMDNsZYXELAddgjFEwCkbBKBgFo2AUjIJRMApGwSgYBSMCAAIAAP//QJCYyw==")
llistxattr(&(0x7f0000001080)='./file0\x00', 0x0, 0x0)

1.732284244s ago: executing program 0:
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="040e0400470c"], 0x7)

1.532626453s ago: executing program 0:
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0)
ioctl$EVIOCSKEYCODE_V2(r0, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffe, "00207d2000000000201b14700c1e0ac74f000000001200000000000900"})
ioctl$EVIOCGRAB(r0, 0x40084503, 0x0)

737.213455ms ago: executing program 0:
socket$can_raw(0x1d, 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r0, &(0x7f0000000180)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, &(0x7f0000000080)})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000"], 0x7c}}, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000000c0), 0x492492492492627, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

575.746835ms ago: executing program 2:
openat$vcsu(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000740)='bbr\x00', 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

362.860913ms ago: executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000d40)={0x38, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x5, 0x1, [0x0]}]}]}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x38}}, 0x0)

219.994045ms ago: executing program 2:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000c0010002000040"])
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000bc0)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@enum, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x2, [{0x0, 0x1, 0x7}]}]}}, 0x0, 0x3e}, 0x20)
openat$zero(0xffffffffffffff9c, &(0x7f00000004c0), 0x2000, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x4001, 0x3, 0x458, 0x300, 0xb, 0x148, 0x308, 0x148, 0x3c0, 0x230, 0x242, 0x3c0, 0x215, 0x3, 0x0, {[{{@ip={@local, @remote, 0x0, 0x0, 'batadv_slave_0\x00', 'macvtap0\x00', {}, {}, 0x73}, 0x0, 0x2d0, 0x300, 0x0, {0xff0f000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x0, 0x0, 0x8}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0xe, 0x0, 0x6, './file0\x00'}}]}, @common=@inet=@SET2={0x30}}, {{@uncond, 0xec010000, 0xa0, 0xc0, 0x0, {}, [@common=@ah={{0x30}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4b8)

181.547356ms ago: executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r1, 0x4068aea3, &(0x7f0000000140)={0xa4, 0x0, 0x1})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)={0x0, 0x1, 0x0, 0x7, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

156.012507ms ago: executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000180)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10)
r2 = fcntl$dupfd(r0, 0x0, r1)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="10a5"], 0x14}}, 0x0)

115.192045ms ago: executing program 4:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000a80)=@delsa={0x28, 0x11, 0x1, 0x0, 0x0, {@in=@multicast2, 0x0, 0x0, 0xff}}, 0x28}}, 0x0)

91.509778ms ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x200000c1, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
clock_settime(0x0, &(0x7f00000029c0)={0x77359400})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000500)=@newsa={0xf0, 0x10, 0x1, 0x0, 0x0, {{@in=@local, @in=@multicast2}, {@in6=@empty, 0x0, 0x32}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0x2}}, 0xf0}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000740)=@mangle={'mangle\x00', 0x64, 0x6, 0x6f0, 0x2e0, 0x2e0, 0x2e0, 0x538, 0x2e0, 0x620, 0x620, 0x620, 0x620, 0x620, 0x6, 0x0, {[{{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'system_u:object_r:devicekit_exec_t:s0\x00'}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@mcast1}}}, {{@ipv6={@mcast2, @loopback, [], [], 'ip6gretap0\x00', 'syzkaller0\x00'}, 0x0, 0x120, 0x168, 0x0, {}, [@common=@ipv6header={{0x28}}, @common=@inet=@set4={{0x50}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@local, @ipv6=@private1}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv4=@empty, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x750)

0s ago: executing program 4:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x800448d4, &(0x7f0000000080)={0x0, 0x200, "00fa00"})

kernel console output (not intermixed with test programs):

0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[   86.848179][ T5165] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[   86.894907][ T5165] usb 5-1: New USB device found, idVendor=0499, idProduct=1035, bcdDevice=56.12
[   86.912312][ T5165] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.004991][ T5165] usb 5-1: config 0 descriptor??
[   87.053205][   T45] cfg80211: failed to load regulatory.db
[   87.362793][ T5293] udevd[5293]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   87.497681][ T5165] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -12
[   87.580473][ T5165] usb 5-1: USB disconnect, device number 2
[   87.614501][ T5288] loop2: detected capacity change from 0 to 32768
[   87.702948][ T5288] =======================================================
[   87.702948][ T5288] WARNING: The mand mount option has been deprecated and
[   87.702948][ T5288]          and is ignored by this kernel. Remove the mand
[   87.702948][ T5288]          option from the mount to silence this warning.
[   87.702948][ T5288] =======================================================
[   87.738782][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   87.749807][    T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!!
[   87.828415][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   87.882674][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   87.895644][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   88.106272][ T5288] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   88.172962][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   88.202476][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   88.253779][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   88.262885][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   88.497489][ T5288] XFS (loop2): Ending clean mount
[   88.550186][ T5288] XFS (loop2): Quotacheck needed: Please wait.
[   88.801620][ T5288] XFS (loop2): Quotacheck: Done.
[   88.851307][ T5109] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   89.423692][ T5304] loop4: detected capacity change from 0 to 32768
[   89.545983][ T5304] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   89.608687][ T5322] loop2: detected capacity change from 0 to 256
[   89.760024][ T5304] XFS (loop4): Ending clean mount
[   89.909238][ T5305] loop3: detected capacity change from 0 to 32768
[   90.105322][ T5304] syz-executor.4 (5304) used greatest stack depth: 18136 bytes left
[   90.129284][ T5305] jfs_strtoUCS: char2uni returned -22.
[   90.167695][ T5305] charset = utf8, char = 0xc5
[   90.216455][ T5108] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   92.210707][   T29] kauditd_printk_skb: 51 callbacks suppressed
[   92.210735][   T29] audit: type=1804 audit(1717731583.528:63): pid=5347 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1596766507/syzkaller.qMOzAi/7/file0" dev="sda1" ino=1944 res=1 errno=0
[   92.241080][    C1] vkms_vblank_simulate: vblank timer overrun
[   93.345505][   T29] audit: type=1326 audit(1717731584.678:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5368 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026f07cf69 code=0x7ffc0000
[   93.392249][ T5358] loop0: detected capacity change from 0 to 4096
[   93.393426][   T29] audit: type=1326 audit(1717731584.678:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5368 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026f07cf69 code=0x7ffc0000
[   93.452055][   T29] audit: type=1326 audit(1717731584.678:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5368 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f026f07cf69 code=0x7ffc0000
[   93.492867][   T29] audit: type=1326 audit(1717731584.678:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5368 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026f07cf69 code=0x7ffc0000
[   93.525231][   T29] audit: type=1326 audit(1717731584.678:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5368 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f026f07cf69 code=0x7ffc0000
[   93.595619][   T29] audit: type=1326 audit(1717731584.728:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5368 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f026f07a6e7 code=0x7ffc0000
[   93.663059][   T29] audit: type=1326 audit(1717731584.738:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5368 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f026f0403b9 code=0x7ffc0000
[   93.690524][   T29] audit: type=1326 audit(1717731584.738:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5368 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f026f07cf69 code=0x7ffc0000
[   93.721134][   T29] audit: type=1326 audit(1717731584.738:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5368 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f026f07a6e7 code=0x7ffc0000
[   93.802801][ T5377] loop3: detected capacity change from 0 to 1024
[   93.806977][ T5377] EXT4-fs: Ignoring removed mblk_io_submit option
[   93.881924][ T5377] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.922176][ T5386] input: syz0 as /devices/virtual/input/input6
[   94.363363][ T5398] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   95.320395][ T5404] loop4: detected capacity change from 0 to 64
[   95.452809][ T5404] hfs: inconsistency in B*Tree (1,0,1,2,3)
[   95.481100][ T5124] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.784315][ T5416] loop1: detected capacity change from 0 to 1764
[   96.226066][ T5422] loop3: detected capacity change from 0 to 4096
[   96.409485][ T5407] loop0: detected capacity change from 0 to 32768
[   98.339187][ T5407] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[   98.354014][ T5407] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   98.369960][ T5407] bcachefs (loop0): bch2_journal_reclaim_start(): error creating journal reclaim thread EINTR
[   98.384295][ T5407] bcachefs (loop0): bch2_fs_recovery(): error EINTR
[   98.392394][ T5407] bcachefs (loop0): bch2_fs_start(): error starting filesystem EINTR
[   98.400770][ T5407] bcachefs (loop0): shutting down
[   98.435711][ T5407] bcachefs (loop0): shutdown complete
[   98.523561][ T5450] loop3: detected capacity change from 0 to 256
[   98.587876][ T5452] loop1: detected capacity change from 0 to 128
[   98.638554][ T5452] EXT4-fs error (device loop1): __ext4_fill_super:5447: inode #2: comm syz-executor.1: iget: checksum invalid
[   98.713284][   T29] kauditd_printk_skb: 87 callbacks suppressed
[   98.713305][   T29] audit: type=1326 audit(1717731590.048:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5449 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f026f07cf69 code=0x0
[   98.744511][ T5452] EXT4-fs (loop1): get root inode failed
[   98.757431][ T5452] EXT4-fs (loop1): mount failed
[  100.419948][ T5456] loop3: detected capacity change from 0 to 32768
[  100.432640][ T5456] btrfs: Deprecated parameter 'usebackuproot'
[  100.445827][ T5456] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  100.474210][ T5456] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (5456)
[  100.545773][ T5456] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  100.563678][ T5456] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  100.572745][ T5456] BTRFS info (device loop3): using free-space-tree
[  100.794083][ T5456] BTRFS info (device loop3): rebuilding free space tree
[  101.312209][   T29] audit: type=1326 audit(1717731592.648:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5484 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  101.346870][   T29] audit: type=1326 audit(1717731592.648:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5484 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  101.380336][   T29] audit: type=1326 audit(1717731592.668:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5484 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  101.408114][   T29] audit: type=1326 audit(1717731592.668:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5484 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  101.430195][    C1] vkms_vblank_simulate: vblank timer overrun
[  101.465605][   T29] audit: type=1326 audit(1717731592.668:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5484 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  101.489422][   T29] audit: type=1326 audit(1717731592.668:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5484 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  101.511463][    C1] vkms_vblank_simulate: vblank timer overrun
[  101.520136][   T29] audit: type=1326 audit(1717731592.668:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5484 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  101.542607][   T29] audit: type=1326 audit(1717731592.678:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5484 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f629887a6e7 code=0x7ffc0000
[  101.564514][    C1] vkms_vblank_simulate: vblank timer overrun
[  101.575084][   T29] audit: type=1326 audit(1717731592.678:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5484 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f62988403b9 code=0x7ffc0000
[  101.597164][    C1] vkms_vblank_simulate: vblank timer overrun
[  101.613921][ T5124] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  104.180124][ T5489] loop2: detected capacity change from 0 to 32768
[  104.708944][ T5489] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  105.026521][ T5489] XFS (loop2): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[  105.052762][ T5489] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop2": -EINTR
[  105.053724][ T5489] XFS (loop2): log mount failed
[  105.430944][   T29] kauditd_printk_skb: 35 callbacks suppressed
[  105.430964][   T29] audit: type=1326 audit(1717731596.768:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5515 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x0
[  105.468229][ T5164] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  105.585012][ T5525] loop1: detected capacity change from 0 to 256
[  105.640207][ T5525] exfat: Deprecated parameter 'namecase'
[  105.654118][ T5525] exfat: Deprecated parameter 'utf8'
[  105.663600][ T5525] exfat: Deprecated parameter 'namecase'
[  105.674134][ T5513] kvm: kvm [5512]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x3200000000
[  105.687857][ T5164] usb 4-1: Using ep0 maxpacket: 8
[  105.701465][ T5164] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  105.705578][ T5525] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[  105.723354][ T5164] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  105.728009][ T5513] kvm: kvm [5512]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xa200000000
[  105.745459][ T5164] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  105.747268][ T5513] kvm: kvm [5512]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xb600000000
[  105.785245][ T5513] kvm: kvm [5512]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xef00000800
[  105.789135][ T5164] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  105.808955][ T5164] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  105.822430][ T5164] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  105.837512][ T5164] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  105.845581][ T5164] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  105.873452][ T5164] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  105.903292][ T5164] usb 4-1: string descriptor 0 read error: -22
[  105.910342][ T5164] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  105.924548][ T5164] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.967576][ T5164] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  106.015655][ T5534] loop1: detected capacity change from 0 to 128
[  106.053472][ T5536] loop4: detected capacity change from 0 to 256
[  106.069107][ T5536] exFAT-fs (loop4): bogus fat length
[  106.078869][ T5536] exFAT-fs (loop4): failed to read boot sector
[  106.085417][ T5536] exFAT-fs (loop4): failed to recognize exfat type
[  106.149260][ T5537] Process accounting resumed
[  106.186562][ T5536] loop4: detected capacity change from 0 to 8
[  106.187444][ T5537] syz-executor.1: attempt to access beyond end of device
[  106.187444][ T5537] loop1: rw=2049, sector=132, nr_sectors = 1 limit=128
[  106.206950][ T5164] usb 4-1: USB disconnect, device number 2
[  107.194200][ T2809] kworker/u8:7: attempt to access beyond end of device
[  107.194200][ T2809] loop1: rw=1, sector=140, nr_sectors = 88 limit=128
[  107.514015][ T5550] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  107.587574][ T5550] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  107.635912][ T5550] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[  108.515046][ T5569] loop0: detected capacity change from 0 to 256
[  109.995362][ T5584] loop3: detected capacity change from 0 to 256
[  110.024066][ T5584] exFAT-fs (loop3): bogus fat length
[  110.034339][ T5584] exFAT-fs (loop3): failed to read boot sector
[  110.048523][ T5584] exFAT-fs (loop3): failed to recognize exfat type
[  110.088775][ T5165] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  110.139264][ T5584] loop3: detected capacity change from 0 to 8
[  110.277542][ T5165] usb 5-1: Using ep0 maxpacket: 8
[  110.296122][ T5165] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  110.322314][ T5165] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  110.391509][ T5165] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  110.449511][ T5587] syz-executor.2 uses obsolete (PF_INET,SOCK_PACKET)
[  110.457433][ T5165] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  110.467740][ T5165] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  111.267589][ T5165] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  111.282003][ T5165] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  111.290988][ T5165] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  111.317355][ T5165] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  111.340920][ T5165] usb 5-1: string descriptor 0 read error: -22
[  111.352769][ T5165] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  111.362546][ T5165] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.388605][ T5165] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  111.467019][ T5595] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  111.560331][ T5598] warning: `syz-executor.2' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  111.655857][ T5578] loop0: detected capacity change from 0 to 32768
[  111.670695][ T5165] usb 5-1: USB disconnect, device number 3
[  111.696765][ T5578] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (5578)
[  111.978127][ T5578] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  112.001963][ T5578] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  112.014821][ T5578] BTRFS info (device loop0): using free-space-tree
[  112.054222][ T5608] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only
[  112.064639][ T5608] overlayfs: fs on './file1' does not support file handles, falling back to index=off,nfs_export=off.
[  112.089264][ T5608] overlayfs: fs on './file1' does not support file handles, falling back to xino=off.
[  112.246261][ T5626] loop1: detected capacity change from 0 to 256
[  113.326319][ T5111] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  113.473380][ T5637] loop4: detected capacity change from 0 to 64
[  114.697541][   T29] audit: type=1326 audit(1717731605.998:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5646 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd21527cf69 code=0x7ffc0000
[  114.791900][   T29] audit: type=1326 audit(1717731606.008:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5646 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd21527cf69 code=0x7ffc0000
[  114.882719][   T29] audit: type=1326 audit(1717731606.018:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5646 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7fd21527cf69 code=0x7ffc0000
[  114.904949][ T5651] capability: warning: `syz-executor.1' uses 32-bit capabilities (legacy support in use)
[  114.917853][ T5650] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only
[  114.957636][ T5650] overlayfs: fs on './file1' does not support file handles, falling back to index=off,nfs_export=off.
[  114.958623][   T29] audit: type=1326 audit(1717731606.018:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5646 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd21527cf69 code=0x7ffc0000
[  115.051383][ T5650] overlayfs: fs on './file1' does not support file handles, falling back to xino=off.
[  115.241442][ T5653] loop1: detected capacity change from 0 to 2048
[  115.284457][   T29] audit: type=1326 audit(1717731606.618:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5654 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ad267cf69 code=0x7ffc0000
[  115.359775][ T5653] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  115.369096][   T29] audit: type=1326 audit(1717731606.618:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5654 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ad267cf69 code=0x7ffc0000
[  115.436960][   T29] audit: type=1326 audit(1717731606.618:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5654 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ad267cf69 code=0x7ffc0000
[  115.633157][   T29] audit: type=1326 audit(1717731606.618:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5654 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f0ad267cf69 code=0x7ffc0000
[  116.448301][   T29] audit: type=1326 audit(1717731606.618:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5654 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ad267cf69 code=0x7ffc0000
[  116.559149][   T29] audit: type=1326 audit(1717731606.618:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5654 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0ad267cccb code=0x7ffc0000
[  116.778185][ T5668] loop0: detected capacity change from 0 to 256
[  120.727461][   T45] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  120.867450][ T5706] loop4: detected capacity change from 0 to 2048
[  121.035569][ T5707] xt_NFQUEUE: number of total queues is 0
[  121.604370][ T5706]  loop4: p2 p3 < > p4 < p5 >
[  121.609449][ T5706] loop4: partition table partially beyond EOD, truncated
[  121.616631][ T5706] loop4: p2 start 33028 is beyond EOD, truncated
[  121.623092][ T5706] loop4: p3 start 4284160 is beyond EOD, truncated
[  121.635010][ T5706] loop4: p5 start 33028 is beyond EOD, truncated
[  121.757481][   T45] usb 2-1: Using ep0 maxpacket: 8
[  121.899073][   T45] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  121.927427][   T45] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  121.952483][   T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.994751][ T5711] Zero length message leads to an empty skb
[  121.995129][ T5715] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  122.018809][   T45] usb 2-1: config 0 descriptor??
[  122.052607][ T5715] bridge_slave_1: left allmulticast mode
[  122.077159][ T5715] bridge_slave_1: left promiscuous mode
[  122.088064][ T5715] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.115810][ T5715] bridge_slave_0: left allmulticast mode
[  122.155821][ T5715] bridge_slave_0: left promiscuous mode
[  122.167843][ T5715] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.255803][ T5699] loop1: detected capacity change from 0 to 256
[  122.287141][ T5699] exfat: Deprecated parameter 'utf8'
[  122.317778][ T5699] exfat: Bad value for 'gid'
[  122.407205][   T29] kauditd_printk_skb: 8 callbacks suppressed
[  122.407224][   T29] audit: type=1326 audit(1717731613.738:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5722 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  122.471038][   T29] audit: type=1326 audit(1717731613.738:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5722 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  122.499404][ T5222] usb 4-1: new low-speed USB device number 3 using dummy_hcd
[  122.566912][   T29] audit: type=1326 audit(1717731613.748:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5722 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  122.654472][   T29] audit: type=1326 audit(1717731613.748:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5722 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  122.679612][ T5163] usb 2-1: USB disconnect, device number 2
[  122.704166][ T5222] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  122.755083][ T5222] usb 4-1: string descriptor 0 read error: -22
[  122.756600][ T5732] loop4: detected capacity change from 0 to 256
[  122.764240][ T5222] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  122.792132][ T5222] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.806519][ T5732] exfat: Deprecated parameter 'utf8'
[  122.819205][ T5720] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  122.834677][ T5222] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  122.850643][ T5732] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xc61f63e4, utbl_chksum : 0xe619d30d)
[  123.043409][ T5222] usb 4-1: USB disconnect, device number 3
[  123.110337][ T5742] tipc: Started in network mode
[  123.115791][ T5742] tipc: Node identity 6f66663a2033360a, cluster identity 4711
[  123.123785][ T5742] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  123.364373][   T29] audit: type=1326 audit(1717731614.698:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5747 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  123.418765][   T29] audit: type=1326 audit(1717731614.708:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5747 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  123.464678][   T29] audit: type=1326 audit(1717731614.708:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5747 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  123.509704][   T29] audit: type=1326 audit(1717731614.708:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5747 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  123.593208][   T29] audit: type=1326 audit(1717731614.708:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5747 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x7ffc0000
[  123.655564][ T5222] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  123.738576][ T5754] loop2: detected capacity change from 0 to 1024
[  123.825472][    C0] net_ratelimit: 2 callbacks suppressed
[  123.825499][    C0] dccp_v4_rcv: dropped packet with invalid checksum
[  123.885104][ T5222] usb 2-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=eb.57
[  123.885135][ T5222] usb 2-1: New USB device strings: Mfr=245, Product=1, SerialNumber=3
[  123.885157][ T5222] usb 2-1: Product: syz
[  123.885172][ T5222] usb 2-1: Manufacturer: syz
[  123.885187][ T5222] usb 2-1: SerialNumber: syz
[  123.894294][ T5222] usb 2-1: config 0 descriptor??
[  123.902214][ T5222] keyspan 2-1:0.0: Keyspan 4 port adapter converter detected
[  123.904082][ T5222] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 81
[  123.904154][ T5222] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 88
[  123.909741][ T5222] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 1
[  123.927708][ T2816] hfsplus: b-tree write err: -5, ino 4
[  123.965146][ T5222] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB0
[  124.049128][ T5222] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 2
[  124.056901][ T5222] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB1
[  124.068009][ T5222] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 4
[  124.079074][ T5222] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB2
[  124.080491][ T5222] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 6
[  124.082036][ T5222] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB3
[  124.105182][ T5222] usb 2-1: USB disconnect, device number 3
[  124.115126][ T5222] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0
[  124.186029][ T5222] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1
[  124.203770][ T5222] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2
[  124.256021][ T5222] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3
[  124.271932][ T5222] keyspan 2-1:0.0: device disconnected
[  124.680222][ T5775] loop4: detected capacity change from 0 to 1
[  124.687505][ T5163] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  124.740778][ T5775] syz-executor.4: attempt to access beyond end of device
[  124.740778][ T5775] loop4: rw=2048, sector=0, nr_sectors = 8 limit=1
[  124.840818][ T5775] SQUASHFS error: Failed to read block 0x0: -5
[  124.854480][ T5775] unable to read squashfs_super_block
[  124.887679][ T5163] usb 1-1: Using ep0 maxpacket: 8
[  124.892777][ T5163] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  124.892834][ T5163] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  124.892860][ T5163] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.897857][ T5163] usb 1-1: config 0 descriptor??
[  125.107701][   T57] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  125.189504][ T5769] loop0: detected capacity change from 0 to 256
[  125.215342][ T5769] exfat: Deprecated parameter 'utf8'
[  125.223981][ T5769] exfat: Bad value for 'gid'
[  126.175122][   T57] usb 4-1: Using ep0 maxpacket: 8
[  126.186640][   T57] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  126.207437][   T57] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  126.222425][   T57] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  126.240731][   T57] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  126.262551][   T57] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  126.271983][   T57] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.290174][   T57] usb 4-1: config 0 descriptor??
[  126.444204][ T5815] syz-executor.1 (pid 5815) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  126.497759][ T5165] usb 1-1: USB disconnect, device number 2
[  127.245044][ T5163] usb 4-1: USB disconnect, device number 4
[  127.860918][ T5830] loop0: detected capacity change from 0 to 4096
[  127.894373][ T5839] Bluetooth: MGMT ver 1.22
[  127.906565][ T5830] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  127.983549][ T5830] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  128.106129][ T5845] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  128.746759][ T5858] loop4: detected capacity change from 0 to 1024
[  128.782391][ T5858] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  128.814268][ T5858] JBD2: no valid journal superblock found
[  128.826240][ T5858] EXT4-fs (loop4): Could not load journal inode
[  128.934941][ T1051] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.005805][ T5836] loop1: detected capacity change from 0 to 40427
[  129.044932][ T5836] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  129.053404][ T5836] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  129.108947][ T5836] F2FS-fs (loop1): invalid crc value
[  129.120411][ T1051] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.153231][ T5836] F2FS-fs (loop1): Found nat_bits in checkpoint
[  129.210046][ T5868] input: syz0 as /devices/virtual/input/input7
[  129.264606][ T1051] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.307590][ T5222] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  129.379613][ T5836] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  129.387038][ T5836] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  129.434572][ T1051] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.537494][ T5222] usb 5-1: Using ep0 maxpacket: 8
[  129.552965][ T5222] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  129.587576][ T5107] syz-executor.1: attempt to access beyond end of device
[  129.587576][ T5107] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  129.608033][ T5222] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  129.638470][ T5222] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  129.654254][ T5107] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  129.668380][ T5222] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  129.706013][ T5222] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  129.733802][ T5222] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.760990][ T5222] usb 5-1: config 0 descriptor??
[  129.766804][ T1051] bridge_slave_1: left allmulticast mode
[  129.786071][ T1051] bridge_slave_1: left promiscuous mode
[  129.803557][ T1051] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.839474][ T1051] bridge_slave_0: left allmulticast mode
[  129.845233][ T1051] bridge_slave_0: left promiscuous mode
[  129.866561][ T1051] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.954097][   T53] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  129.966222][   T53] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  129.990613][   T53] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  130.003657][   T53] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  130.011875][   T53] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  130.026111][   T53] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  130.028522][    T9] usb 5-1: USB disconnect, device number 4
[  130.913605][ T1051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  130.961943][ T1051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  130.991413][ T1051] bond0 (unregistering): Released all slaves
[  131.022302][ T5875] netlink: 196 bytes leftover after parsing attributes in process `syz-executor.2'.
[  131.176186][ T5882] loop2: detected capacity change from 0 to 512
[  131.210469][ T5882] EXT4-fs: Ignoring removed mblk_io_submit option
[  131.290139][ T5882] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #12: comm syz-executor.2: corrupted in-inode xattr: invalid ea_ino
[  131.311351][ T5882] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 12 (err -117)
[  131.336117][ T5882] EXT4-fs (loop2): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.147880][   T53] Bluetooth: hci4: command tx timeout
[  132.444067][ T5109] EXT4-fs (loop2): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  132.587248][ T1051] hsr_slave_0: left promiscuous mode
[  132.611295][ T1051] hsr_slave_1: left promiscuous mode
[  132.639948][ T1051] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  132.663184][ T1051] batman_adv: batadv0: Removing interface: batadv_slave_0
[  132.672716][ T1051] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.686111][ T1051] batman_adv: batadv0: Removing interface: batadv_slave_1
[  132.760964][ T1051] veth1_macvtap: left promiscuous mode
[  132.777479][ T1051] veth0_macvtap: left promiscuous mode
[  132.783232][ T1051] veth1_vlan: left promiscuous mode
[  132.807865][ T1051] veth0_vlan: left promiscuous mode
[  132.808879][ T5897] loop2: detected capacity change from 0 to 1024
[  132.849111][ T5897] EXT4-fs: Ignoring removed i_version option
[  132.881083][ T5897] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  132.987686][ T5897] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.092082][ T5113] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  133.103025][ T5113] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  133.114779][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  133.114871][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  133.131136][ T5113] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  133.170962][ T5113] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  133.180924][ T5113] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  133.190767][ T5113] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  133.441861][ T5888] loop1: detected capacity change from 0 to 32768
[  134.057231][ T1051] team0 (unregistering): Port device team_slave_1 removed
[  134.124597][ T1051] team0 (unregistering): Port device team_slave_0 removed
[  134.236043][   T53] Bluetooth: hci4: command tx timeout
[  134.600601][ T5908] loop0: detected capacity change from 0 to 2048
[  134.643500][ T5908] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.656231][ T5908] ext4 filesystem being mounted at /root/syzkaller-testdir4262080638/syzkaller.aPvyWi/36/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  134.762156][ T5908] fs-verity: sha512 using implementation "sha512-avx2"
[  134.885015][ T5109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.999693][ T5872] chnl_net:caif_netlink_parms(): no params data found
[  135.018739][ T5111] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.268735][   T53] Bluetooth: hci0: command tx timeout
[  135.414134][ T5872] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.425596][ T5872] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.435474][ T5872] bridge_slave_0: entered allmulticast mode
[  135.445470][ T5926] evm: overlay not supported
[  135.447264][ T5872] bridge_slave_0: entered promiscuous mode
[  135.476289][ T5872] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.492295][ T5872] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.507840][ T5872] bridge_slave_1: entered allmulticast mode
[  135.539502][ T5872] bridge_slave_1: entered promiscuous mode
[  135.678977][ T5931] loop2: detected capacity change from 0 to 256
[  135.774205][ T5872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  135.789505][ T5872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  135.815759][ T5931] FAT-fs (loop2): Directory bread(block 64) failed
[  135.830184][ T5931] FAT-fs (loop2): Directory bread(block 65) failed
[  135.843572][ T5931] FAT-fs (loop2): Directory bread(block 66) failed
[  135.852389][ T5931] FAT-fs (loop2): Directory bread(block 67) failed
[  135.865832][ T5931] FAT-fs (loop2): Directory bread(block 68) failed
[  135.876234][ T5931] FAT-fs (loop2): Directory bread(block 69) failed
[  135.915626][ T5931] FAT-fs (loop2): Directory bread(block 70) failed
[  135.931320][ T5931] FAT-fs (loop2): Directory bread(block 71) failed
[  135.952030][ T5931] FAT-fs (loop2): Directory bread(block 72) failed
[  135.965749][ T5931] FAT-fs (loop2): Directory bread(block 73) failed
[  135.989184][ T1051] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.063259][ T5900] chnl_net:caif_netlink_parms(): no params data found
[  136.126900][ T5872] team0: Port device team_slave_0 added
[  136.207204][ T1051] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.258428][ T5918] loop1: detected capacity change from 0 to 32768
[  136.293787][ T5872] team0: Port device team_slave_1 added
[  136.301945][ T5918] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (5918)
[  136.308902][   T53] Bluetooth: hci4: command tx timeout
[  136.379568][ T5918] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  136.419482][ T5918] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  136.434501][ T5918] BTRFS info (device loop1): using free-space-tree
[  136.487488][ T1051] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.563978][ T5872] batman_adv: batadv0: Adding interface: batadv_slave_0
[  136.590426][ T5872] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  136.659361][ T5872] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  136.751570][ T1051] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.789868][ T5107] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  136.866681][ T5872] batman_adv: batadv0: Adding interface: batadv_slave_1
[  136.889864][ T5872] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  136.951923][ T5872] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.092209][ T5940] loop0: detected capacity change from 0 to 32768
[  137.102663][ T5900] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.125813][ T5900] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.145214][ T5900] bridge_slave_0: entered allmulticast mode
[  137.161764][ T5900] bridge_slave_0: entered promiscuous mode
[  137.248618][ T5900] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.277684][ T5900] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.294372][ T5900] bridge_slave_1: entered allmulticast mode
[  137.324970][ T5900] bridge_slave_1: entered promiscuous mode
[  137.347907][   T53] Bluetooth: hci0: command tx timeout
[  137.549161][ T5872] hsr_slave_0: entered promiscuous mode
[  137.575365][ T5872] hsr_slave_1: entered promiscuous mode
[  137.595793][ T5872] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  137.608431][ T5872] Cannot create hsr debugfs directory
[  137.627828][ T5165] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  137.632809][ T5900] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  137.694632][ T5900] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.836681][ T5165] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  137.856077][ T5165] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  137.879146][ T5165] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  137.895174][ T5165] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  137.926675][ T5165] usb 2-1: SerialNumber: syz
[  138.167038][ T5165] usb 2-1: 0:2 : does not exist
[  138.183155][ T5165] usb 2-1: unit 5 not found!
[  138.217086][ T5165] usb 2-1: USB disconnect, device number 4
[  138.387502][   T53] Bluetooth: hci4: command tx timeout
[  138.493774][ T1051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  138.524124][ T1051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  138.558174][ T1051] bond0 (unregistering): Released all slaves
[  138.581064][ T5979] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  138.602511][ T5979] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  138.662133][ T5900] team0: Port device team_slave_0 added
[  138.742280][ T5900] team0: Port device team_slave_1 added
[  138.861323][ T5977] loop0: detected capacity change from 0 to 65536
[  139.085512][ T5900] batman_adv: batadv0: Adding interface: batadv_slave_0
[  139.093425][ T5900] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  139.129496][ T5900] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  139.186732][ T5900] batman_adv: batadv0: Adding interface: batadv_slave_1
[  139.217357][ T5900] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  139.281102][ T5900] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  139.427410][   T53] Bluetooth: hci0: command tx timeout
[  139.526754][   T29] audit: type=1326 audit(1717731630.858:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c9247cf69 code=0x7ffc0000
[  139.584758][   T29] audit: type=1326 audit(1717731630.858:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c9247cf69 code=0x7ffc0000
[  139.656301][   T29] audit: type=1326 audit(1717731630.888:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c9247cf69 code=0x7ffc0000
[  139.707403][   T29] audit: type=1326 audit(1717731630.898:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c9247cf69 code=0x7ffc0000
[  139.733563][   T29] audit: type=1326 audit(1717731630.908:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c9247cf69 code=0x7ffc0000
[  139.756057][   T29] audit: type=1326 audit(1717731630.908:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c9247cf69 code=0x7ffc0000
[  139.764114][ T1051] hsr_slave_0: left promiscuous mode
[  139.787812][   T29] audit: type=1326 audit(1717731630.908:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5c9247a6e7 code=0x7ffc0000
[  139.818431][ T1051] hsr_slave_1: left promiscuous mode
[  139.828875][ T1051] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  139.832354][   T29] audit: type=1326 audit(1717731630.918:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5c924403b9 code=0x7ffc0000
[  139.836324][ T1051] batman_adv: batadv0: Removing interface: batadv_slave_0
[  139.921100][   T29] audit: type=1326 audit(1717731630.918:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5c9247a6e7 code=0x7ffc0000
[  139.957395][ T1051] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  139.964886][ T1051] batman_adv: batadv0: Removing interface: batadv_slave_1
[  139.968244][   T29] audit: type=1326 audit(1717731630.918:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5c924403b9 code=0x7ffc0000
[  140.036650][ T1051] veth1_macvtap: left promiscuous mode
[  140.063343][ T1051] veth0_macvtap: left promiscuous mode
[  140.077640][ T1051] veth1_vlan: left promiscuous mode
[  140.084499][ T1051] veth0_vlan: left promiscuous mode
[  140.565164][ T6004] loop2: detected capacity change from 0 to 32768
[  140.604627][ T6010] loop1: detected capacity change from 0 to 32768
[  140.616549][ T6010] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (6010)
[  140.652392][ T6010] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  140.670881][ T6010] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  140.687025][ T6010] BTRFS info (device loop1): using free-space-tree
[  140.925687][ T6030] loop0: detected capacity change from 0 to 8
[  141.075781][ T5107] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  141.138777][ T6030] SQUASHFS error: Failed to read block 0x4e8: -5
[  141.355463][ T1051] team0 (unregistering): Port device team_slave_1 removed
[  141.427556][ T6040] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  141.445935][ T6040] netlink: 157116 bytes leftover after parsing attributes in process `syz-executor.0'.
[  141.461121][ T1051] team0 (unregistering): Port device team_slave_0 removed
[  141.468779][ T6040] nbd: couldn't find device at index 17
[  141.512234][   T53] Bluetooth: hci0: command tx timeout
[  142.100201][ T5900] hsr_slave_0: entered promiscuous mode
[  142.112641][ T5900] hsr_slave_1: entered promiscuous mode
[  142.120559][ T5900] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  142.134740][ T5900] Cannot create hsr debugfs directory
[  142.163413][ T6049] loop1: detected capacity change from 0 to 1024
[  142.171608][ T6049] EXT4-fs: Ignoring removed orlov option
[  142.326098][ T6049] EXT4-fs (loop1): Test dummy encryption mode enabled
[  142.346473][ T6049] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  142.403248][ T6049] EXT4-fs warning (device loop1): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  142.435918][ T6049] EXT4-fs (loop1): mount failed
[  142.598147][ T6060] loop0: detected capacity change from 0 to 1024
[  142.669337][ T6063] loop1: detected capacity change from 0 to 64
[  142.710268][ T6063] hfs: uid requires an argument
[  142.715492][ T6063] hfs: unable to parse mount options
[  142.791070][ T1051] hfsplus: b-tree write err: -5, ino 4
[  142.910635][ T6070] loop1: detected capacity change from 0 to 8
[  142.938857][ T6072] process 'syz-executor.0' launched './file0' with NULL argv: empty string added
[  142.986093][ T6070] SQUASHFS error: Failed to read block 0x4e8: -5
[  143.026485][ T6074] SQUASHFS error: Failed to read block 0xed04f1: -5
[  143.044619][ T6074] SQUASHFS error: Failed to read block 0x4e8: -5
[  143.078684][ T6074] SQUASHFS error: Failed to read block 0x4e8: -5
[  143.087905][ T6074] SQUASHFS error: Failed to read block 0x4e8: -5
[  143.098293][ T6074] SQUASHFS error: Failed to read block 0x4e8: -5
[  143.215486][ T5900] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  143.248165][ T5900] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  143.284027][ T5900] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  143.302689][ T6082] loop1: detected capacity change from 0 to 256
[  143.313053][ T5900] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  143.362790][ T6082] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  143.397754][ T6082] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  143.434980][ T5872] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  143.476324][ T6086] loop2: detected capacity change from 0 to 2048
[  143.495341][ T6086] NILFS (loop2): invalid segment: Sequence number mismatch
[  143.503057][ T6086] NILFS (loop2): trying rollback from an earlier position
[  143.509671][ T5872] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  143.533688][ T6086] NILFS (loop2): recovery complete
[  143.552829][ T6087] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  143.577067][ T5872] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  143.793735][ T5872] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  143.817054][ T6086] overlayfs: failed to resolve './file0': -2
[  144.120169][ T6092] loop0: detected capacity change from 0 to 1024
[  144.226536][ T5900] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.265399][ T6094] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  144.347969][ T2788] hfsplus: b-tree write err: -5, ino 4
[  144.356425][ T5900] 8021q: adding VLAN 0 to HW filter on device team0
[  144.410929][ T5872] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.479927][ T5872] 8021q: adding VLAN 0 to HW filter on device team0
[  144.488690][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.491847][ T6098] loop2: detected capacity change from 0 to 256
[  144.497192][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  144.550658][ T6098] syz-executor.2: attempt to access beyond end of device
[  144.550658][ T6098] nbd2: rw=0, sector=1, nr_sectors = 1 limit=0
[  144.592413][ T6098] VFS: could not find a valid V7 on nbd2.
[  144.601753][ T5163] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.609056][ T5163] bridge0: port 1(bridge_slave_0) entered forwarding state
[  144.653996][ T5163] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.661245][ T5163] bridge0: port 2(bridge_slave_1) entered forwarding state
[  144.758533][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.765795][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  144.832094][ T6103] loop2: detected capacity change from 0 to 8
[  144.923876][ T6103] SQUASHFS error: Failed to read block 0x4e8: -5
[  144.994940][   T29] kauditd_printk_skb: 141 callbacks suppressed
[  144.994959][   T29] audit: type=1800 audit(1717731636.318:384): pid=6103 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.2" name="file1" dev="loop2" ino=5 res=0 errno=0
[  145.002527][ T5872] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  145.116684][ T5872] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  145.507043][   T29] audit: type=1326 audit(1717731636.838:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6120 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0ad267cf69 code=0x0
[  145.640880][ T5900] 8021q: adding VLAN 0 to HW filter on device batadv0
[  145.739650][ T5872] 8021q: adding VLAN 0 to HW filter on device batadv0
[  145.921630][ T5872] veth0_vlan: entered promiscuous mode
[  145.969780][ T5872] veth1_vlan: entered promiscuous mode
[  146.077098][ T5872] veth0_macvtap: entered promiscuous mode
[  146.130809][ T5872] veth1_macvtap: entered promiscuous mode
[  146.175493][ T5872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.187097][ T5872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.204997][ T5872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.223249][ T5872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.236324][ T5872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.256113][ T5872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.278493][ T5872] batman_adv: batadv0: Interface activated: batadv_slave_0
[  146.305554][ T5872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.343624][ T5872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.363126][ T5872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.385584][ T5872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.408345][ T5872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.433974][ T5872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.460145][ T5872] batman_adv: batadv0: Interface activated: batadv_slave_1
[  146.500298][ T5872] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.523875][ T5872] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.558172][ T5872] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  146.566939][ T5872] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  146.686094][ T5900] veth0_vlan: entered promiscuous mode
[  146.688126][ T6149] loop1: detected capacity change from 0 to 128
[  146.718408][ T6119] loop2: detected capacity change from 0 to 40427
[  146.732531][ T6149] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  146.767816][ T6119] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  146.796095][ T5900] veth1_vlan: entered promiscuous mode
[  146.811422][ T6119] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  146.824325][ T6149] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  146.852757][ T6119] F2FS-fs (loop2): invalid crc value
[  146.890720][ T6119] F2FS-fs (loop2): Found nat_bits in checkpoint
[  146.908828][ T2837] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  146.923725][ T2837] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.021671][ T2842] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.025172][ T5900] veth0_macvtap: entered promiscuous mode
[  147.037104][ T2842] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.045824][ T6159] loop1: detected capacity change from 0 to 8
[  147.065786][ T5900] veth1_macvtap: entered promiscuous mode
[  147.103241][ T6119] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  147.128691][ T6119] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  147.169472][ T6159] SQUASHFS error: Failed to read block 0x4e8: -5
[  147.268903][   T29] audit: type=1800 audit(1717731638.598:386): pid=6159 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.1" name="file1" dev="loop1" ino=5 res=0 errno=0
[  147.292027][ T5109] syz-executor.2: attempt to access beyond end of device
[  147.292027][ T5109] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  147.321314][ T5109] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  147.426466][ T5900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.442865][ T5900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.452849][ T5900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.463462][ T5900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.473888][ T5900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.484501][ T5900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.494573][ T5900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.505412][ T5900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.525474][ T5900] batman_adv: batadv0: Interface activated: batadv_slave_0
[  147.676178][ T5900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.735187][ T5900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.790934][ T5900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.846642][ T5900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.882453][ T5900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.941441][ T5900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.978072][ T6170] loop1: detected capacity change from 0 to 40427
[  147.983754][ T5900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.995772][ T6170] F2FS-fs (loop1): Wrong SIT boundary, start(1536) end(50334208) blocks(1024)
[  148.004763][ T6170] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  148.026522][ T6170] F2FS-fs (loop1): invalid crc value
[  148.027355][ T5900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.050759][ T6170] F2FS-fs (loop1): Found nat_bits in checkpoint
[  148.052761][ T5900] batman_adv: batadv0: Interface activated: batadv_slave_1
[  148.115473][ T5900] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.139460][ T6170] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  148.146684][ T6170] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  148.178540][ T5900] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.204225][ T5900] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.221931][ T5900] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.958500][ T6185] Invalid ELF header len 1
[  149.100917][ T1051] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.158687][ T1051] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.176943][ T6187] loop2: detected capacity change from 0 to 256
[  149.233532][ T6187] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  149.311005][ T6187] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  149.380567][ T2842] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.397440][ T2842] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.454820][   T29] audit: type=1326 audit(1717731640.788:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6192 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ad267cf69 code=0x7ffc0000
[  149.523303][   T29] audit: type=1326 audit(1717731640.818:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6192 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ad267cf69 code=0x7ffc0000
[  149.603558][   T29] audit: type=1326 audit(1717731640.818:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6192 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ad267cf69 code=0x7ffc0000
[  149.655600][   T29] audit: type=1326 audit(1717731640.818:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6192 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ad267cf69 code=0x7ffc0000
[  149.737055][   T29] audit: type=1326 audit(1717731640.818:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6192 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f0ad267cf69 code=0x7ffc0000
[  149.792735][   T29] audit: type=1326 audit(1717731640.828:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6192 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ad267cf69 code=0x7ffc0000
[  149.872335][   T29] audit: type=1326 audit(1717731640.828:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6192 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ad267cf69 code=0x7ffc0000
[  149.935090][ T6199] UBIFS error (pid: 6199): cannot open "./file0", error -22
[  150.569017][ T6191] loop3: detected capacity change from 0 to 40427
[  150.643591][ T6191] F2FS-fs (loop3): Found nat_bits in checkpoint
[  150.977226][ T6191] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  151.078626][ T6228] loop1: detected capacity change from 0 to 40427
[  151.087500][ T6228] F2FS-fs (loop1): Wrong SIT boundary, start(1536) end(50334208) blocks(1024)
[  151.096603][ T6228] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  151.116805][ T6228] F2FS-fs (loop1): invalid crc value
[  151.132149][ T6228] F2FS-fs (loop1): Found nat_bits in checkpoint
[  151.203793][ T6228] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  151.210996][ T6228] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  151.278227][ T6191] syz-executor.3: attempt to access beyond end of device
[  151.278227][ T6191] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  151.419136][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  151.419155][   T29] audit: type=1326 audit(1717731642.738:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6190 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a167cf69 code=0x7ffc0000
[  151.510551][   T29] audit: type=1326 audit(1717731642.808:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6190 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46a167cf69 code=0x7ffc0000
[  151.537476][   T29] audit: type=1326 audit(1717731642.808:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6190 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a167cf69 code=0x7ffc0000
[  151.568599][   T29] audit: type=1326 audit(1717731642.808:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6190 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a167cf69 code=0x7ffc0000
[  151.602270][   T29] audit: type=1326 audit(1717731642.828:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6190 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7f46a167cf69 code=0x7ffc0000
[  152.080559][   T29] audit: type=1326 audit(1717731642.828:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6190 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a167cf69 code=0x7ffc0000
[  152.214426][   T29] audit: type=1326 audit(1717731642.828:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6190 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a167cf69 code=0x7ffc0000
[  152.262884][ T5872] syz-executor.3: attempt to access beyond end of device
[  152.262884][ T5872] loop3: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  152.381767][ T5872] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  152.426400][ T5872] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  152.691527][ T6266] loop0: detected capacity change from 0 to 256
[  152.712340][ T6265] loop2: detected capacity change from 0 to 512
[  152.833115][ T6265] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000800000000 r/w without journal. Quota mode: writeback.
[  152.885233][ T6273] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  152.894243][ T6273] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  152.907724][ T6265] ext4 filesystem being mounted at /root/syzkaller-testdir4025018160/syzkaller.dsDgPv/83/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.979852][ T5109] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000800000000.
[  153.112859][ T6279] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  153.119959][ T6279] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  153.171277][ T6286] loop1: detected capacity change from 0 to 1024
[  153.176535][ T6279] vhci_hcd vhci_hcd.0: Device attached
[  153.187811][ T6287] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(6)
[  153.194381][ T6287] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  153.235648][ T6279] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(5)
[  153.242228][ T6279] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  153.268974][ T6279] vhci_hcd vhci_hcd.0: Device attached
[  153.275498][ T6287] vhci_hcd vhci_hcd.0: Device attached
[  153.301666][ T6280] vhci_hcd: connection closed
[  153.301925][ T6288] vhci_hcd: connection closed
[  153.305761][ T6293] vhci_hcd: connection closed
[  153.314203][ T3933] vhci_hcd: stop threads
[  153.330506][ T3933] vhci_hcd: release socket
[  153.345516][ T3933] vhci_hcd: disconnect device
[  153.362539][ T3933] vhci_hcd: stop threads
[  153.376746][ T3933] vhci_hcd: release socket
[  153.390994][ T3933] vhci_hcd: disconnect device
[  153.391004][ T5222] vhci_hcd: vhci_device speed not set
[  153.407514][ T3933] vhci_hcd: stop threads
[  153.421068][ T3933] vhci_hcd: release socket
[  153.433957][ T3933] vhci_hcd: disconnect device
[  153.466721][ T2842] hfsplus: b-tree write err: -5, ino 4
[  153.563901][ T6300] loop3: detected capacity change from 0 to 2048
[  153.604855][ T6300] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.626134][   T29] audit: type=1326 audit(1717731644.938:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6302 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c9247cf69 code=0x7ffc0000
[  153.669496][   T29] audit: type=1326 audit(1717731644.938:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6302 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c9247cf69 code=0x7ffc0000
[  153.694394][   T29] audit: type=1326 audit(1717731644.948:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6302 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c9247cf69 code=0x7ffc0000
[  154.729809][ T2788] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 234: padding at end of block bitmap is not set
[  154.779897][ T2788] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 117
[  154.840772][ T2788] EXT4-fs (loop3): This should not happen!! Data will be lost
[  154.840772][ T2788] 
[  154.893143][ T5872] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.117526][    T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  155.189325][ T6334] loop3: detected capacity change from 0 to 2048
[  155.240873][ T6335] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  155.331477][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  155.356388][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.370732][    T9] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  155.388737][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.403071][    T9] usb 5-1: config 0 descriptor??
[  155.450970][ T6335] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  155.469196][ T6335] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4)
[  155.496901][ T6335] Remounting filesystem read-only
[  155.508079][ T2842] NILFS (loop3): discard dirty page: offset=0, ino=6
[  155.524701][ T2842] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  155.562168][ T2842] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  155.587230][ T2842] NILFS (loop3): discard dirty block: blocknr=37, size=1024
[  155.605576][ T2842] NILFS (loop3): discard dirty block: blocknr=38, size=1024
[  155.640698][ T2842] NILFS (loop3): discard dirty page: offset=0, ino=12
[  155.666434][ T2842] NILFS (loop3): discard dirty block: blocknr=17, size=1024
[  155.723328][ T2842] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  155.743676][ T2842] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  155.788907][ T2842] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  155.807580][ T2842] NILFS (loop3): discard dirty page: offset=0, ino=5
[  155.823362][ T2842] NILFS (loop3): discard dirty block: blocknr=41, size=1024
[  155.857852][ T2842] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  155.867174][ T2842] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  155.876458][ T2842] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  155.879165][    T9] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  155.893187][ T5872] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer
[  155.907828][ T5872] NILFS (loop3): discard dirty page: offset=0, ino=2
[  155.914652][    T9] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  155.929082][ T5872] NILFS (loop3): discard dirty block: blocknr=18, size=1024
[  155.936480][    T9] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  155.947566][ T5872] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  155.960925][    T9] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  155.968108][    T9] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  155.971801][ T5872] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  155.975287][ T6321] loop2: detected capacity change from 0 to 40427
[  155.990598][    T9] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  155.997736][    T9] isku 0003:1E7D:319C.0001: unknown main item tag 0x0
[  156.013241][ T5872] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  156.023598][    T9] isku 0003:1E7D:319C.0001: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.4-1/input0
[  156.039402][ T6321] F2FS-fs (loop2): Wrong NAT boundary, start(2560) end(3584) blocks(15872)
[  156.051792][ T5872] NILFS (loop3): discard dirty page: offset=0, ino=4
[  156.067336][ T6321] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  156.075907][ T5872] NILFS (loop3): discard dirty block: blocknr=40, size=1024
[  156.099025][ T5872] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  156.100054][ T6321] F2FS-fs (loop2): heap/no_heap options were deprecated
[  156.109961][ T5872] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  156.124497][ T5872] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  156.133972][ T5872] NILFS (loop3): discard dirty page: offset=0, ino=3
[  156.140964][ T5872] NILFS (loop3): discard dirty block: blocknr=42, size=1024
[  156.153065][ T5872] NILFS (loop3): discard dirty block: blocknr=43, size=1024
[  156.161875][ T5872] NILFS (loop3): discard dirty block: blocknr=44, size=1024
[  156.169009][ T6321] F2FS-fs (loop2): Found nat_bits in checkpoint
[  156.172005][ T5872] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  156.185194][ T5872] NILFS (loop3): discard dirty page: offset=131072, ino=3
[  156.195500][ T5872] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  156.206013][ T5872] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  156.227086][ T5872] NILFS (loop3): discard dirty block: blocknr=46, size=1024
[  156.235538][ T5872] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  156.269231][    T9] usb 5-1: USB disconnect, device number 5
[  156.295068][ T6321] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  156.318493][ T6321] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  156.331354][ T6352] loop0: detected capacity change from 0 to 2048
[  156.373576][ T6352] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.414078][ T5109] syz-executor.2: attempt to access beyond end of device
[  156.414078][ T5109] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  156.433911][ T5109] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  157.355399][ T6363] loop3: detected capacity change from 0 to 256
[  158.056391][ T6269] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  158.081986][ T6363] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  158.143115][ T6362] FAT-fs (loop3): FAT read failed (blocknr 64)
[  158.241557][ T2788] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 117
[  158.365155][ T2788] EXT4-fs (loop0): This should not happen!! Data will be lost
[  158.365155][ T2788] 
[  158.445179][ T5111] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.492847][ T6366] UBIFS error (pid: 6366): cannot open "./file0", error -22
[  158.569706][ T6367] loop1: detected capacity change from 0 to 2048
[  158.655697][ T6374] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  158.794373][ T6378] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  159.172211][ T6394] loop0: detected capacity change from 0 to 2048
[  159.258370][ T6394] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.237685][ T6399] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  160.398487][ T6391] loop1: detected capacity change from 0 to 32768
[  160.427216][ T3933] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  160.498917][ T3933] EXT4-fs (loop0): This should not happen!! Data will be lost
[  160.498917][ T3933] 
[  160.577413][ T3933] EXT4-fs (loop0): Total free blocks count 0
[  160.583474][ T3933] EXT4-fs (loop0): Free/Dirty block details
[  160.637491][ T3933] EXT4-fs (loop0): free_blocks=0
[  160.642614][ T3933] EXT4-fs (loop0): dirty_blocks=16
[  160.647928][ T3933] EXT4-fs (loop0): Block reservation details
[  160.655324][ T3933] EXT4-fs (loop0): i_reserved_data_blocks=1
[  160.668568][ T5111] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.735924][ T6391] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  160.750039][ T6391] bcachefs (loop1): recovering from clean shutdown, journal seq 10
[  160.826631][ T6391] bcachefs (loop1): alloc_read... done
[  160.834701][ T6391] bcachefs (loop1): stripes_read... done
[  160.857992][ T6391] bcachefs (loop1): snapshots_read... done
[  160.899205][ T6391] bcachefs (loop1): journal_replay... done
[  160.905345][ T6391] bcachefs (loop1): resume_logged_ops... done
[  160.928069][ T6430] loop0: detected capacity change from 0 to 512
[  160.934717][ T6391] bcachefs (loop1): going read-write
[  160.973870][ T6391] bcachefs (loop1): done starting filesystem
[  161.012297][ T6430] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.030384][ T6430] ext4 filesystem being mounted at /root/syzkaller-testdir4262080638/syzkaller.aPvyWi/79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.104520][ T6439] tun0: tun_chr_ioctl cmd 1074025677
[  161.122541][ T6439] tun0: linktype set to 780
[  161.145273][   T29] kauditd_printk_skb: 18 callbacks suppressed
[  161.145292][   T29] audit: type=1804 audit(1717731652.468:429): pid=6391 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3000957956/syzkaller.WAl64o/90/file0/bus" dev="loop1" ino=4098 res=1 errno=0
[  161.342357][ T6388] loop4: detected capacity change from 0 to 40427
[  161.380532][ T6388] F2FS-fs (loop4): Wrong NAT boundary, start(2560) end(3584) blocks(15872)
[  161.411327][ T6388] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  161.435432][   T29] audit: type=1804 audit(1717731652.768:430): pid=6440 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir3000957956/syzkaller.WAl64o/90/file0/bus" dev="loop1" ino=4098 res=1 errno=0
[  161.451134][ T6391] syz-executor.1 (6391) used greatest stack depth: 12088 bytes left
[  161.468199][ T6388] F2FS-fs (loop4): heap/no_heap options were deprecated
[  161.512311][ T5111] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.515805][   T29] audit: type=1800 audit(1717731652.848:431): pid=6442 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="loop1" ino=4098 res=0 errno=0
[  161.580327][ T6388] F2FS-fs (loop4): Found nat_bits in checkpoint
[  161.713445][ T5107] bcachefs (loop1): shutting down
[  161.720396][ T5107] bcachefs (loop1): going read-only
[  161.734883][ T6452] loop3: detected capacity change from 0 to 512
[  161.738797][ T5107] bcachefs (loop1): finished waiting for writes to stop
[  161.758084][ T6388] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  161.769000][ T5107] bcachefs (loop1): flushing journal and stopping allocators, journal seq 12
[  161.792214][ T6388] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  161.822070][ T5107] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 14
[  161.868842][ T6452] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.891479][ T6452] ext4 filesystem being mounted at /root/syzkaller-testdir477279702/syzkaller.25MF3a/20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.922163][ T5107] bcachefs (loop1): shutdown complete, journal seq 15
[  161.943985][ T5107] bcachefs (loop1): marking filesystem clean
[  162.059972][   T29] audit: type=1800 audit(1717731653.388:432): pid=6450 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1965 res=0 errno=0
[  162.105832][ T5107] bcachefs (loop1): shutdown complete
[  162.131954][ T5900] syz-executor.4: attempt to access beyond end of device
[  162.131954][ T5900] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  162.163908][ T5872] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.170215][ T5900] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  162.414546][ T6462] loop3: detected capacity change from 0 to 256
[  162.724245][ T6467] loop0: detected capacity change from 0 to 256
[  162.772068][ T6467] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  162.834216][ T6432] syz-executor.2 (6432): drop_caches: 2
[  163.030093][   T53] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  163.040230][   T53] Bluetooth: hci2: Injecting HCI hardware error event
[  163.050223][   T53] Bluetooth: hci2: hardware error 0x00
[  163.450814][ T6481] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  163.486476][ T6481] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  163.595924][ T6485] loop0: detected capacity change from 0 to 512
[  163.675605][ T6485] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.701649][ T6485] ext4 filesystem being mounted at /root/syzkaller-testdir4262080638/syzkaller.aPvyWi/87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.902569][ T5111] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.316237][ T5113] Bluetooth: Frame is too long (len 18, expected len 4)
[  164.368609][ T6479] loop4: detected capacity change from 0 to 32768
[  164.627615][ T5113] Bluetooth: hci2: unexpected event for opcode 0x203b
[  164.773133][ T6479] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  164.827550][ T6479] bcachefs (loop4): recovering from clean shutdown, journal seq 10
[  164.961971][ T6479] bcachefs (loop4): alloc_read... done
[  164.990623][ T6479] bcachefs (loop4): stripes_read... done
[  165.006611][ T6479] bcachefs (loop4): snapshots_read... done
[  165.030556][ T6479] bcachefs (loop4): journal_replay... done
[  165.045876][ T6479] bcachefs (loop4): resume_logged_ops... done
[  165.052811][ T5119] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  165.057516][ T6479] bcachefs (loop4): going read-write
[  165.072678][ T5119] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  165.082647][ T5119] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  165.097120][ T5119] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  165.105646][ T5119] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  165.106101][ T6479] bcachefs (loop4): done starting filesystem
[  165.120389][ T5119] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  165.188860][   T53] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  165.287081][ T6496] loop3: detected capacity change from 0 to 32768
[  165.310053][ T6496] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (6496)
[  165.377802][ T6496] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  165.398732][   T29] audit: type=1804 audit(1717731656.738:433): pid=6479 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2552162761/syzkaller.GzcBBI/18/file0/bus" dev="loop4" ino=1073741829 res=1 errno=0
[  165.401994][ T6496] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  165.468879][ T6496] BTRFS info (device loop3): using free-space-tree
[  165.592101][   T29] audit: type=1804 audit(1717731656.928:434): pid=6527 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir2552162761/syzkaller.GzcBBI/18/file0/bus" dev="loop4" ino=1073741829 res=1 errno=0
[  165.619116][   T29] audit: type=1804 audit(1717731656.948:435): pid=6542 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2552162761/syzkaller.GzcBBI/18/file0/bus" dev="loop4" ino=1073741829 res=1 errno=0
[  165.765038][ T6520] chnl_net:caif_netlink_parms(): no params data found
[  165.943647][ T6550] loop0: detected capacity change from 0 to 2048
[  165.990263][ T5900] bcachefs (loop4): shutting down
[  165.995418][ T5900] bcachefs (loop4): going read-only
[  166.019132][ T5900] bcachefs (loop4): finished waiting for writes to stop
[  166.052665][ T6550] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.074355][ T5900] bcachefs (loop4): flushing journal and stopping allocators, journal seq 13
[  166.094291][ T5872] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  166.123006][ T5900] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 14
[  166.151866][ T5900] bcachefs (loop4): shutdown complete, journal seq 15
[  166.162040][ T6520] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.174075][ T6520] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.178609][ T5900] bcachefs (loop4): marking filesystem clean
[  166.182881][ T6520] bridge_slave_0: entered allmulticast mode
[  166.185878][ T6520] bridge_slave_0: entered promiscuous mode
[  166.207076][ T6520] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.214887][ T6520] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.222368][ T6520] bridge_slave_1: entered allmulticast mode
[  166.249734][ T6520] bridge_slave_1: entered promiscuous mode
[  166.454395][ T5900] bcachefs (loop4): shutdown complete
[  166.490716][ T6520] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  166.649327][ T6520] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  167.100408][ T6520] team0: Port device team_slave_0 added
[  167.160007][ T6520] team0: Port device team_slave_1 added
[  167.190209][ T5119] Bluetooth: hci1: command tx timeout
[  167.212226][ T2809] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:7: bg 0: block 234: padding at end of block bitmap is not set
[  167.272119][ T2809] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 117
[  167.326120][ T2809] EXT4-fs (loop0): This should not happen!! Data will be lost
[  167.326120][ T2809] 
[  167.362383][ T5111] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.363621][ T6520] batman_adv: batadv0: Adding interface: batadv_slave_0
[  167.387506][ T6520] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.434763][ T6520] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  167.461391][ T6520] batman_adv: batadv0: Adding interface: batadv_slave_1
[  167.472269][ T6520] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.503445][ T6520] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  167.669110][ T6520] hsr_slave_0: entered promiscuous mode
[  167.728466][ T6520] hsr_slave_1: entered promiscuous mode
[  167.740196][ T6520] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  167.760789][ T6520] Cannot create hsr debugfs directory
[  167.897759][ T5119] Bluetooth: Frame is too long (len 18, expected len 4)
[  168.435261][ T6586] loop2: detected capacity change from 0 to 2048
[  168.475162][ T6586] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  168.518820][ T6520] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.557868][ T6595] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  168.692208][ T6599] loop4: detected capacity change from 0 to 512
[  168.746519][ T6520] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.801810][ T6599] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.898364][ T6599] ext4 filesystem being mounted at /root/syzkaller-testdir2552162761/syzkaller.GzcBBI/19/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.929784][ T6520] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.102386][ T5900] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.191397][ T6520] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.220656][ T5119] Bluetooth: Frame is too long (len 18, expected len 4)
[  169.267800][ T5119] Bluetooth: hci1: command tx timeout
[  169.421150][ T6622] ip6gretap0: entered promiscuous mode
[  169.436465][ T6622] macsec1: entered allmulticast mode
[  169.446010][ T6622] ip6gretap0: entered allmulticast mode
[  169.461983][ T6622] ip6gretap0: left allmulticast mode
[  169.483035][ T6622] ip6gretap0: left promiscuous mode
[  169.646426][ T6520] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  169.665298][ T6520] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  169.702950][ T6520] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  169.754709][ T6520] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  169.795809][ T6637] loop3: detected capacity change from 0 to 512
[  169.842538][ T6637] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  169.947965][ T6637] EXT4-fs error (device loop3): ext4_orphan_get:1394: inode #15: comm syz-executor.3: iget: bad i_size value: -67835469387268086
[  169.986584][ T6637] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117)
[  170.027409][ T6637] EXT4-fs (loop3): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.041792][ T6637] ext2 filesystem being mounted at /root/syzkaller-testdir477279702/syzkaller.25MF3a/35/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  170.181024][ T6649] kvm: emulating exchange as write
[  170.218851][ T6520] 8021q: adding VLAN 0 to HW filter on device bond0
[  170.338460][ T6520] 8021q: adding VLAN 0 to HW filter on device team0
[  170.389423][ T5222] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.396651][ T5222] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.443649][ T5222] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.450871][ T5222] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.574074][ T6520] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  170.595967][ T6520] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  170.814318][ T5872] EXT4-fs (loop3): unmounting filesystem f7ff0000-0000-0000-0000-000000000000.
[  170.881687][ T6520] 8021q: adding VLAN 0 to HW filter on device batadv0
[  171.047821][ T6673] loop4: detected capacity change from 0 to 256
[  171.088231][ T6520] veth0_vlan: entered promiscuous mode
[  171.143993][ T6520] veth1_vlan: entered promiscuous mode
[  171.274413][ T6520] veth0_macvtap: entered promiscuous mode
[  171.319503][ T6520] veth1_macvtap: entered promiscuous mode
[  171.347776][ T5119] Bluetooth: hci1: command tx timeout
[  171.466890][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.521090][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.563017][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.609310][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.646989][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.688614][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.724517][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.745645][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.763918][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.789642][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.826867][ T6655] loop2: detected capacity change from 0 to 32768
[  171.839868][ T6520] batman_adv: batadv0: Interface activated: batadv_slave_0
[  171.869729][ T6655] btrfs: Deprecated parameter 'usebackuproot'
[  171.876123][ T6655] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  171.885652][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.910138][ T6677] loop0: detected capacity change from 0 to 256
[  171.918459][ T6655] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (6655)
[  171.928520][ T6677] exfat: Deprecated parameter 'utf8'
[  171.936968][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.948040][ T6677] exfat: Deprecated parameter 'utf8'
[  171.954224][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.973947][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.999043][ T6677] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  172.018086][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.039504][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.093848][   T29] audit: type=1800 audit(1717731663.428:436): pid=6677 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="loop0" ino=1048629 res=0 errno=0
[  172.126864][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.190363][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.207565][ T6520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.209366][ T6655] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  172.227468][ T6520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.276994][ T6520] batman_adv: batadv0: Interface activated: batadv_slave_1
[  172.397829][ T6655] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  172.587747][ T6655] BTRFS info (device loop2): using free-space-tree
[  172.623340][ T6520] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  172.987550][ T6520] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.015074][ T6520] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.046794][ T6520] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  173.154209][ T6696] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  173.179423][ T6696] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[  173.220169][ T6655] btrfs: Deprecated parameter 'usebackuproot'
[  173.229941][ T6655] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  173.230708][ T6696] macvlan1: entered allmulticast mode
[  173.248785][ T6655] BTRFS info (device loop2 state M): rebuilding free space tree
[  173.254035][ T6696] veth1_vlan: entered allmulticast mode
[  173.264371][ T6696] bridge0: port 3(macvlan1) entered blocking state
[  173.284679][ T6696] bridge0: port 3(macvlan1) entered disabled state
[  173.302931][ T6696] macvlan1: entered promiscuous mode
[  173.312757][ T6674] loop3: detected capacity change from 0 to 40427
[  173.322810][ T6696] bridge0: port 3(macvlan1) entered blocking state
[  173.329411][ T6655] BTRFS info (device loop2 state M): force clearing of disk cache
[  173.337386][ T6696] bridge0: port 3(macvlan1) entered forwarding state
[  173.346505][ T6655] BTRFS info (device loop2 state M): trying to use backup root at mount time
[  173.409685][ T6674] F2FS-fs (loop3): Found nat_bits in checkpoint
[  173.428852][ T5119] Bluetooth: hci1: command tx timeout
[  173.440613][ T5109] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  173.502810][ T2816] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.543064][ T2816] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.628577][ T2788] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.639281][ T2788] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.695654][ T6674] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  173.772886][   T29] audit: type=1800 audit(1717731665.108:437): pid=6674 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=10 res=0 errno=0
[  173.811769][ T6674] syz-executor.3: attempt to access beyond end of device
[  173.811769][ T6674] loop3: rw=2049, sector=53256, nr_sectors = 8 limit=40427
[  173.838789][   T29] audit: type=1800 audit(1717731665.128:438): pid=6674 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=10 res=0 errno=0
[  173.845347][ T6674] syz-executor.3: attempt to access beyond end of device
[  173.845347][ T6674] loop3: rw=0, sector=53264, nr_sectors = 8 limit=40427
[  173.902548][ T6674] syz-executor.3: attempt to access beyond end of device
[  173.902548][ T6674] loop3: rw=0, sector=53264, nr_sectors = 8 limit=40427
[  174.004150][ T6718] loop2: detected capacity change from 0 to 1024
[  174.021219][ T5872] syz-executor.3: attempt to access beyond end of device
[  174.021219][ T5872] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  174.026235][ T6718] hfsplus: failed to load root directory
[  174.063952][ T5872] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  174.303559][ T6721] ip6gretap0: entered promiscuous mode
[  174.311013][ T6721] macsec1: entered allmulticast mode
[  174.324542][ T6721] ip6gretap0: entered allmulticast mode
[  174.347120][ T6721] ip6gretap0: left allmulticast mode
[  174.353474][ T6721] ip6gretap0: left promiscuous mode
[  175.829674][ T6753] ip6gretap0: entered promiscuous mode
[  175.849897][ T6753] macsec1: entered allmulticast mode
[  175.865567][ T6753] ip6gretap0: entered allmulticast mode
[  175.903988][ T6753] ip6gretap0: left allmulticast mode
[  175.944061][ T6753] ip6gretap0: left promiscuous mode
[  176.110176][ T6730] loop4: detected capacity change from 0 to 32768
[  176.141369][ T6730] btrfs: Deprecated parameter 'usebackuproot'
[  176.172159][ T6730] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  176.227038][ T6730] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (6730)
[  176.237224][ T6757] loop2: detected capacity change from 0 to 64
[  176.302024][ T6730] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  176.342208][ T6730] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  176.381475][ T6730] BTRFS info (device loop4): using free-space-tree
[  176.605830][ T6730] btrfs: Deprecated parameter 'usebackuproot'
[  176.612297][ T6730] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  176.622053][ T6730] BTRFS info (device loop4 state M): rebuilding free space tree
[  176.659765][ T6730] BTRFS info (device loop4 state M): force clearing of disk cache
[  176.714671][ T6730] BTRFS info (device loop4 state M): trying to use backup root at mount time
[  176.869163][ T5900] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  177.248152][ T6745] loop0: detected capacity change from 0 to 32768
[  177.276658][ T6745] gfs2: fsid=(œ[{{{+: Trying to join cluster "lock_nolock", "(œ[{{{+"
[  177.287189][ T6745] gfs2: fsid=(œ[{{{+: Now mounting FS (format 0)...
[  177.354477][ T6752] loop1: detected capacity change from 0 to 32768
[  177.435899][ T6745] gfs2: fsid=(œ[{{{+.0: journal 0 mapped with 22 extents in 0ms
[  177.500975][ T5162] gfs2: fsid=(œ[{{{+.0: jid=0, already locked for use
[  177.510164][ T6752] ERROR: (device loop1): dbAllocNext: Corrupt dmap page
[  177.510164][ T6752] 
[  177.537745][ T5162] gfs2: fsid=(œ[{{{+.0: jid=0: Looking at journal...
[  177.766772][ T5162] gfs2: fsid=(œ[{{{+.0: jid=0: Journal head lookup took 229ms
[  177.774815][ T5162] gfs2: fsid=(œ[{{{+.0: jid=0: Done
[  177.784181][ T6745] gfs2: fsid=(œ[{{{+.0: first mount done, others may mount
[  177.918756][ T6800] usb usb8: usbfs: process 6800 (syz-executor.3) did not claim interface 0 before use
[  178.220477][ T6805] loop1: detected capacity change from 0 to 256
[  178.266531][ T6805] exFAT-fs (loop1): Invalid boot checksum (boot checksum : 0x1119abd0, checksum : 0x1171afb0)
[  178.287443][ T6805] exFAT-fs (loop1): invalid boot region
[  178.300054][ T6805] exFAT-fs (loop1): failed to recognize exfat type
[  178.530281][ T6793] loop2: detected capacity change from 0 to 32768
[  178.587847][ T6793] bcachefs (/dev/loop2): error reading default superblock: checksum error, type crc32c_nonzero: got f6a5b872 should be 29d2fb78
[  178.896774][ T6821] loop3: detected capacity change from 0 to 512
[  178.908114][ T6821] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  178.930483][ T6817] overlayfs: failed to resolve './file0': -2
[  178.946253][ T6821] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  178.971893][ T6796] loop4: detected capacity change from 0 to 32768
[  178.988272][ T6821] EXT4-fs (loop3): Remounting filesystem read-only
[  179.009467][ T6821] EXT4-fs (loop3): 1 truncate cleaned up
[  179.025366][ T6821] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.025723][ T6793] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=compression=lz4,nojournal_transaction_names
[  179.059102][ T6796] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  179.067984][ T6793] bcachefs (loop2): recovering from clean shutdown, journal seq 7
[  179.135974][ T5872] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.183015][ T6793] bcachefs (loop2): alloc_read... done
[  179.199392][ T6793] bcachefs (loop2): stripes_read... done
[  179.207493][ T6793] bcachefs (loop2): snapshots_read... done
[  179.238296][ T6796] XFS (loop4): Ending clean mount
[  179.241527][ T6793] bcachefs (loop2): going read-write
[  179.272918][ T6793] bcachefs (loop2): journal_replay... done
[  179.358370][ T6793] bcachefs (loop2): resume_logged_ops... done
[  179.364632][ T6793] bcachefs (loop2): delete_dead_inodes... done
[  179.424715][ T6793] bcachefs (loop2): done starting filesystem
[  179.493530][   T29] audit: type=1800 audit(1717731670.828:439): pid=6793 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=4100 res=0 errno=0
[  179.501401][ T5900] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  179.515811][ T6838] loop1: detected capacity change from 0 to 1024
[  179.555487][ T6842] loop3: detected capacity change from 0 to 764
[  179.582663][ T5109] bcachefs (loop2): shutting down
[  179.591164][ T5109] bcachefs (loop2): going read-only
[  179.624872][ T5109] bcachefs (loop2): finished waiting for writes to stop
[  179.656643][ T5109] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12
[  179.717511][ T5109] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 13
[  179.747660][ T5109] bcachefs (loop2): shutdown complete, journal seq 14
[  179.769002][ T5109] bcachefs (loop2): marking filesystem clean
[  179.783745][ T6838] hfsplus: catalog searching failed
[  179.896027][ T5109] bcachefs (loop2): shutdown complete
[  181.133727][ T6846] loop0: detected capacity change from 0 to 32768
[  181.171657][ T6846] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (6846)
[  181.193855][   T29] audit: type=1326 audit(1717731672.518:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6863 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f629887cf69 code=0x0
[  181.244328][ T6846] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  181.258434][ T6846] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  181.277380][ T6846] BTRFS info (device loop0): using free-space-tree
[  181.406407][ T3933] BTRFS warning (device loop0): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0x7d497b1c level 0
[  181.483979][ T6846] BTRFS error (device loop0): failed to read chunk root
[  181.569617][ T6853] loop3: detected capacity change from 0 to 32768
[  181.605066][ T6853] gfs2: fsid=(œ[{{{+: Trying to join cluster "lock_nolock", "(œ[{{{+"
[  181.614146][ T6853] gfs2: fsid=(œ[{{{+: Now mounting FS (format 0)...
[  181.653988][ T6853] gfs2: fsid=(œ[{{{+.0: journal 0 mapped with 22 extents in 0ms
[  181.694890][    T9] gfs2: fsid=(œ[{{{+.0: jid=0, already locked for use
[  181.721960][    T9] gfs2: fsid=(œ[{{{+.0: jid=0: Looking at journal...
[  181.858984][ T6846] BTRFS error (device loop0): open_ctree failed
[  181.907684][    T9] gfs2: fsid=(œ[{{{+.0: jid=0: Journal head lookup took 185ms
[  181.915319][    T9] gfs2: fsid=(œ[{{{+.0: jid=0: Done
[  181.926744][ T6853] gfs2: fsid=(œ[{{{+.0: first mount done, others may mount
[  182.020895][ T6888] loop1: detected capacity change from 0 to 256
[  182.308952][   T29] audit: type=1804 audit(1717731673.618:441): pid=6888 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name=2F726F6F742F73797A6B616C6C65722D746573746469723337303132373136382F73797A6B616C6C65722E7334523337572F392F66696C65302FE91F7189591E9233614B dev="overlay" ino=1966 res=1 errno=0
[  182.383985][ T6888] Process accounting resumed
[  182.389157][   T29] audit: type=1326 audit(1717731673.718:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6899 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe0c407cf69 code=0x0
[  182.805445][ T6906] loop3: detected capacity change from 0 to 2048
[  182.893093][ T6906] UDF-fs: warning (device loop3): udf_fill_super: No fileset found
[  182.896772][ T2842] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.080364][ T2842] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.285906][ T2842] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.317351][   T53] Bluetooth: Wrong link type (-71)
[  183.467821][ T2842] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.595765][ T6902] loop2: detected capacity change from 0 to 32768
[  183.635936][ T6902] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (6902)
[  183.673971][ T6915] loop4: detected capacity change from 0 to 512
[  183.716261][ T6902] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  183.734551][ T6902] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  183.771521][ T6915] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  183.772045][ T6904] loop0: detected capacity change from 0 to 32768
[  183.797574][ T6902] BTRFS info (device loop2): using free-space-tree
[  183.828990][ T2842] bridge_slave_1: left allmulticast mode
[  183.835015][ T2842] bridge_slave_1: left promiscuous mode
[  183.842202][ T6915] EXT4-fs (loop4): Remounting filesystem read-only
[  183.850108][ T6915] EXT4-fs (loop4): 1 truncate cleaned up
[  183.856638][ T2842] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.882339][ T6915] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.890968][ T6904] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  183.921474][ T2842] bridge_slave_0: left allmulticast mode
[  183.933128][ T2842] bridge_slave_0: left promiscuous mode
[  183.947567][ T5119] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  183.957769][ T5119] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  183.963231][ T2842] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.116039][ T5119] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  184.129280][ T5119] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  184.144073][ T5119] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  184.160026][ T5119] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  184.807645][ T6939] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  185.028625][ T6904] XFS (loop0): Ending clean mount
[  185.059392][ T6904] XFS (loop0): Quotacheck needed: Please wait.
[  185.096591][ T5109] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  185.183145][ T6904] XFS (loop0): Quotacheck: Done.
[  185.470634][ T5111] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  186.113767][ T2842] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  186.146241][ T2842] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  186.173654][ T2842] bond0 (unregistering): Released all slaves
[  186.233068][   T53] Bluetooth: hci1: command tx timeout
[  186.286609][ T5900] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.295847][ T6968] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (7664372734 ns) > initial count (4194304 ns). Using initial count to start timer.
[  186.314637][ T6962] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  186.679141][ T6957] loop2: detected capacity change from 0 to 32768
[  186.749650][ T6957] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz"
[  186.758861][ T6957] dlm: no local IP address has been set
[  186.769324][ T6957] dlm: cannot start dlm midcomms -107
[  186.775240][ T6957] gfs2: fsid=syz:syz: dlm_new_lockspace error -107
[  186.787884][    T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  186.987887][    T9] usb 5-1: Using ep0 maxpacket: 8
[  187.005697][    T9] usb 5-1: New USB device found, idVendor=10b8, idProduct=0bb9, bcdDevice=2f.2a
[  187.037809][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.079484][    T9] usb 5-1: config 0 descriptor??
[  187.101250][    T9] dvb-usb: found a 'DiBcom USB1.1 DVB-T reference design (MOD3000)' in warm state.
[  187.123754][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  187.181985][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  187.200341][    T9] dvbdev: DVB: registering new adapter (DiBcom USB1.1 DVB-T reference design (MOD3000))
[  187.212046][    T9] usb 5-1: media controller created
[  187.254792][ T2842] hsr_slave_0: left promiscuous mode
[  187.256945][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  187.301615][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  187.311027][ T2842] hsr_slave_1: left promiscuous mode
[  187.317588][    T9] dvb-usb: no frontend was attached by 'DiBcom USB1.1 DVB-T reference design (MOD3000)'
[  187.331898][ T2842] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  187.338945][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input8
[  187.368243][ T2842] batman_adv: batadv0: Removing interface: batadv_slave_0
[  187.384266][    T9] dvb-usb: schedule remote query interval to 150 msecs.
[  187.392997][ T2842] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  187.399498][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  187.413290][ T2842] batman_adv: batadv0: Removing interface: batadv_slave_1
[  187.455172][ T2842] veth1_macvtap: left promiscuous mode
[  187.455984][    T9] dvb-usb: DiBcom USB1.1 DVB-T reference design (MOD3000) successfully initialized and connected.
[  187.464792][ T2842] veth0_macvtap: left promiscuous mode
[  187.492366][ T2842] veth1_vlan: left promiscuous mode
[  187.506565][ T2842] veth0_vlan: left promiscuous mode
[  187.507593][    T9] usb 5-1: USB disconnect, device number 6
[  187.626069][    T9] dvb-usb: DiBcom USB1.1 DVB-T reference design (M successfully deinitialized and disconnected.
[  187.921974][ T6996] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  188.309018][   T53] Bluetooth: hci1: command tx timeout
[  188.836027][ T2842] team0 (unregistering): Port device team_slave_1 removed
[  188.937012][ T2842] team0 (unregistering): Port device team_slave_0 removed
[  189.464809][ T7012] loop3: detected capacity change from 0 to 32768
[  189.564225][ T7012] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  189.688776][ T7033] loop4: detected capacity change from 0 to 512
[  189.699374][ T7012] XFS (loop3): Ending clean mount
[  189.787017][ T7033] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.811976][ T7033] ext4 filesystem being mounted at /root/syzkaller-testdir2552162761/syzkaller.GzcBBI/49/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.025441][ T5872] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  190.385815][ T6933] chnl_net:caif_netlink_parms(): no params data found
[  190.397488][   T53] Bluetooth: hci1: command tx timeout
[  190.418279][ T5900] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.436885][ T7045] loop0: detected capacity change from 0 to 8
[  190.452451][ T7045] SQUASHFS error: lzo decompression failed, data probably corrupt
[  190.461117][ T7045] SQUASHFS error: Failed to read block 0x91: -5
[  190.467644][ T7045] SQUASHFS error: Unable to read metadata cache entry [8f]
[  190.476695][ T7045] SQUASHFS error: Unable to read inode 0x11f
[  190.493733][ T7043] loop3: detected capacity change from 0 to 2048
[  190.570416][ T7045] loop0: detected capacity change from 0 to 512
[  190.580408][ T7045] EXT4-fs: Ignoring removed nomblk_io_submit option
[  190.589185][ T7043] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.609724][ T7045] EXT4-fs: Invalid want_extra_isize 256
[  190.631889][   T29] audit: type=1800 audit(1717731681.968:443): pid=7043 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=18 res=0 errno=0
[  190.714259][ T6933] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.726479][ T5872] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.739785][ T6933] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.772291][ T6933] bridge_slave_0: entered allmulticast mode
[  190.789228][ T6933] bridge_slave_0: entered promiscuous mode
[  190.808826][ T6933] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.815989][ T6933] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.842325][ T6933] bridge_slave_1: entered allmulticast mode
[  190.868508][ T6933] bridge_slave_1: entered promiscuous mode
[  190.963993][ T6933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  190.993806][ T6933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.133089][ T6933] team0: Port device team_slave_0 added
[  191.154823][ T6933] team0: Port device team_slave_1 added
[  191.242815][ T6933] batman_adv: batadv0: Adding interface: batadv_slave_0
[  191.262753][ T6933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.300599][ T6933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  191.354816][ T6933] batman_adv: batadv0: Adding interface: batadv_slave_1
[  191.362296][ T6933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.401126][ T6933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  191.502288][ T6933] hsr_slave_0: entered promiscuous mode
[  191.520345][ T6933] hsr_slave_1: entered promiscuous mode
[  191.540825][ T6933] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  191.589608][ T6933] Cannot create hsr debugfs directory
[  191.738662][ T7081] loop0: detected capacity change from 0 to 64
[  191.821101][ T7084] loop4: detected capacity change from 0 to 256
[  191.830105][ T7084] FAT-fs (loop4): bogus logical sector size 0
[  191.836288][ T7084] FAT-fs (loop4): Can't find a valid FAT filesystem
[  192.232288][ T7075] loop2: detected capacity change from 0 to 32768
[  192.280259][ T7075] bcachefs (/dev/loop2): error reading default superblock: checksum error, type crc32c_nonzero: got 46c1343f should be 29d2fb78
[  192.468104][   T53] Bluetooth: hci1: command tx timeout
[  192.530541][ T7075] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=compression=lz4,nojournal_transaction_names
[  192.567160][ T7075] bcachefs (loop2): recovering from clean shutdown, journal seq 7
[  192.644794][ T7075] bcachefs (loop2): alloc_read... done
[  192.663249][ T6933] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  192.668676][ T7075] bcachefs (loop2): stripes_read... done
[  192.690028][ T6933] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  192.693108][ T7075] bcachefs (loop2): snapshots_read... done
[  192.729988][ T6933] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  192.736598][ T7075] bcachefs (loop2): journal_replay... done
[  192.751820][ T6933] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  192.763462][ T7075] bcachefs (loop2): resume_logged_ops... done
[  192.783100][ T7075] bcachefs (loop2): going read-write
[  192.817135][ T7075] bcachefs (loop2): done starting filesystem
[  192.951705][ T7075] bcachefs (loop2): going read-only
[  192.956987][ T7075] bcachefs (loop2): finished waiting for writes to stop
[  192.972734][ T6933] 8021q: adding VLAN 0 to HW filter on device bond0
[  192.997104][ T7075] bcachefs (loop2): flushing journal and stopping allocators, journal seq 7
[  193.016467][ T6933] 8021q: adding VLAN 0 to HW filter on device team0
[  193.025361][ T7075] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 7
[  193.075182][ T7075] bcachefs (loop2): shutdown complete, journal seq 8
[  193.093774][ T5172] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.101113][ T5172] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.101581][ T7075] bcachefs (loop2): marking filesystem clean
[  193.124173][ T5172] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.131476][ T5172] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.298104][ T5109] bcachefs (loop2): shutting down
[  193.385405][ T5109] bcachefs (loop2): shutdown complete
[  193.701221][ T6933] 8021q: adding VLAN 0 to HW filter on device batadv0
[  193.759911][ T7127] loop0: detected capacity change from 0 to 8
[  193.876515][ T6933] veth0_vlan: entered promiscuous mode
[  193.920643][ T6933] veth1_vlan: entered promiscuous mode
[  194.015885][ T6933] veth0_macvtap: entered promiscuous mode
[  194.061018][ T6933] veth1_macvtap: entered promiscuous mode
[  194.123563][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.143303][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.154750][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.166217][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.187315][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.207398][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.239040][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.259941][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.290645][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.321884][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.361795][ T6933] batman_adv: batadv0: Interface activated: batadv_slave_0
[  194.392501][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.430697][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.461954][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.488534][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.509532][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.531953][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.554813][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  194.561014][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.571510][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  194.587392][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.606761][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.645496][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.697820][ T6933] batman_adv: batadv0: Interface activated: batadv_slave_1
[  194.762197][ T6933] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  194.792469][ T6933] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  194.815426][ T7113] loop3: detected capacity change from 0 to 65536
[  194.819085][ T6933] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  194.836961][ T6933] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  194.870677][ T7113] XFS (loop3): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  194.975678][ T7113] XFS (loop3): Ending clean mount
[  194.989219][ T7113] XFS (loop3): Quotacheck needed: Please wait.
[  195.147730][ T7113] XFS (loop3): Quotacheck: Done.
[  195.212708][ T2788] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  195.233495][ T2788] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  195.312659][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  195.343652][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  195.410296][ T5872] XFS (loop3): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  195.549714][ T7152] xt_bpf: check failed: parse error
[  300.667255][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  300.674338][    C0] rcu: 	1-...!: (1 GPs behind) idle=8d6c/1/0x4000000000000000 softirq=19089/19090 fqs=716
[  300.686087][    C0] rcu: 	(detected by 0, t=10505 jiffies, g=24677, q=357 ncpus=2)
[  300.693887][    C0] Sending NMI from CPU 0 to CPUs 1:
[  300.699124][    C1] NMI backtrace for cpu 1
[  300.699149][    C1] CPU: 1 PID: 7151 Comm: syz-executor.2 Not tainted 6.10.0-rc2-syzkaller-00235-g8a92980606e3 #0
[  300.699167][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  300.699178][    C1] RIP: 0010:kasan_check_range+0x8c/0x290
[  300.699204][    C1] Code: 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd 41 80 3b 00 0f 85 c9 01 00 00 <49> ff c3 48 ff c5 75 ee e9 1e 01 00 00 45 89 dc 41 83 e4 07 0f 84
[  300.699218][    C1] RSP: 0018:ffffc90000a18b30 EFLAGS: 00000046
[  300.699234][    C1] RAX: 0000000000000001 RBX: 1ffffffff1f583ed RCX: ffffffff81726464
[  300.699247][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8fac1f68
[  300.699259][    C1] RBP: ffffffffffffffff R08: ffffffff8fac1f6f R09: 1ffffffff1f583ed
[  300.699272][    C1] R10: dffffc0000000000 R11: fffffbfff1f583ed R12: 1ffff92000143174
[  300.699285][    C1] R13: dffffc0000000000 R14: dffffc0000000001 R15: fffffbfff1f583ee
[  300.699298][    C1] FS:  0000555565a28480(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  300.699313][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  300.699325][    C1] CR2: 00000000200029c0 CR3: 000000002e114000 CR4: 00000000003526f0
[  300.699340][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  300.699351][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  300.699361][    C1] Call Trace:
[  300.699371][    C1]  <NMI>
[  300.699379][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  300.699412][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  300.699433][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  300.699457][    C1]  ? nmi_handle+0x2a/0x5a0
[  300.699492][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  300.699512][    C1]  ? nmi_handle+0x14f/0x5a0
[  300.699537][    C1]  ? nmi_handle+0x2a/0x5a0
[  300.699563][    C1]  ? kasan_check_range+0x8c/0x290
[  300.699580][    C1]  ? default_do_nmi+0x63/0x160
[  300.699606][    C1]  ? exc_nmi+0x123/0x1f0
[  300.699630][    C1]  ? end_repeat_nmi+0xf/0x53
[  300.699655][    C1]  ? lock_acquire+0xd4/0x550
[  300.699673][    C1]  ? kasan_check_range+0x8c/0x290
[  300.699692][    C1]  ? kasan_check_range+0x8c/0x290
[  300.699711][    C1]  ? kasan_check_range+0x8c/0x290
[  300.699728][    C1]  </NMI>
[  300.699734][    C1]  <IRQ>
[  300.699742][    C1]  lock_acquire+0xd4/0x550
[  300.699759][    C1]  ? advance_sched+0xa02/0xca0
[  300.699783][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  300.699805][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  300.699830][    C1]  ? taprio_set_budgets+0x333/0x370
[  300.699853][    C1]  ? advance_sched+0xa02/0xca0
[  300.699873][    C1]  ? advance_sched+0xa02/0xca0
[  300.699898][    C1]  _raw_spin_lock_irq+0xd3/0x120
[  300.699919][    C1]  ? __hrtimer_run_queues+0x670/0xd50
[  300.699944][    C1]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[  300.699972][    C1]  __hrtimer_run_queues+0x670/0xd50
[  300.699996][    C1]  ? ktime_get_update_offsets_now+0x3c/0x250
[  300.700026][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  300.700051][    C1]  ? ktime_get_update_offsets_now+0x22d/0x250
[  300.700074][    C1]  hrtimer_interrupt+0x396/0x990
[  300.700120][    C1]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[  300.700148][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  300.700168][    C1]  </IRQ>
[  300.700174][    C1]  <TASK>
[  300.700180][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  300.700201][    C1] RIP: 0010:unwind_next_frame+0xa34/0x2a00
[  300.700226][    C1] Code: 0f b6 04 28 84 c0 0f 85 90 1c 00 00 0f b6 1b 31 ff 89 de e8 0e 2f 55 00 85 db 0f 84 3c 05 00 00 e8 01 2c 55 00 e9 61 05 00 00 <e8> f7 2b 55 00 48 8b 04 24 48 8d 58 40 48 89 d8 48 c1 e8 03 42 80
[  300.700240][    C1] RSP: 0018:ffffc9000cfcf6e8 EFLAGS: 00000246
[  300.700254][    C1] RAX: 0000000000000000 RBX: ffffc9000cfcf7f8 RCX: ffff888029f30000
[  300.700266][    C1] RDX: 0000000000000008 RSI: ffffffff8e1a1380 RDI: 0000000000000004
[  300.700277][    C1] RBP: 0000000000000004 R08: 0000000000000005 R09: ffffffff8140f71e
[  300.700288][    C1] R10: 0000000000000008 R11: ffff888029f30000 R12: ffffffff9024ce7c
[  300.700300][    C1] R13: dffffc0000000000 R14: ffffc9000cfcf810 R15: 1ffff920019f9ef8
[  300.700317][    C1]  ? unwind_next_frame+0x7be/0x2a00
[  300.700345][    C1]  ? unwind_next_frame+0x7be/0x2a00
[  300.700374][    C1]  ? do_syscall_64+0xf3/0x230
[  300.700393][    C1]  ? do_syscall_64+0xf3/0x230
[  300.700414][    C1]  ? __kernel_text_address+0xd/0x40
[  300.700437][    C1]  ? do_syscall_64+0xf3/0x230
[  300.700456][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  300.700475][    C1]  arch_stack_walk+0x151/0x1b0
[  300.700504][    C1]  ? do_syscall_64+0xf3/0x230
[  300.700528][    C1]  stack_trace_save+0x118/0x1d0
[  300.700546][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  300.700564][    C1]  ? __lock_acquire+0x1346/0x1fd0
[  300.700585][    C1]  ? __pfx___d_free+0x10/0x10
[  300.700603][    C1]  kasan_save_stack+0x3f/0x60
[  300.700627][    C1]  ? kasan_save_stack+0x3f/0x60
[  300.700650][    C1]  ? __kasan_record_aux_stack+0xac/0xc0
[  300.700670][    C1]  ? call_rcu+0x167/0xa70
[  300.700689][    C1]  ? __dentry_kill+0x497/0x630
[  300.700709][    C1]  ? dput+0x19f/0x2b0
[  300.700726][    C1]  ? simple_recursive_removal+0x2bd/0x8e0
[  300.700748][    C1]  ? debugfs_remove+0x49/0x70
[  300.700767][    C1]  ? kvm_put_kvm+0x12f/0x1300
[  300.700783][    C1]  ? kvm_vcpu_release+0x57/0x70
[  300.700802][    C1]  ? __fput+0x406/0x8b0
[  300.700823][    C1]  ? __x64_sys_close+0x7f/0x110
[  300.700844][    C1]  ? do_syscall_64+0xf3/0x230
[  300.700886][    C1]  ? __phys_addr+0xba/0x170
[  300.700910][    C1]  __kasan_record_aux_stack+0xac/0xc0
[  300.700934][    C1]  call_rcu+0x167/0xa70
[  300.700956][    C1]  ? __dentry_kill+0x482/0x630
[  300.700975][    C1]  ? do_raw_spin_lock+0x14f/0x370
[  300.700999][    C1]  ? __pfx_lock_release+0x10/0x10
[  300.701017][    C1]  ? __pfx_call_rcu+0x10/0x10
[  300.701039][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  300.701069][    C1]  __dentry_kill+0x497/0x630
[  300.701092][    C1]  ? dput+0x37/0x2b0
[  300.701115][    C1]  dput+0x19f/0x2b0
[  300.701134][    C1]  simple_recursive_removal+0x2bd/0x8e0
[  300.701158][    C1]  ? __pfx_remove_one+0x10/0x10
[  300.701180][    C1]  debugfs_remove+0x49/0x70
[  300.701199][    C1]  kvm_put_kvm+0x12f/0x1300
[  300.701216][    C1]  ? do_raw_spin_lock+0x14f/0x370
[  300.701241][    C1]  ? evm_file_release+0x140/0x1d0
[  300.701264][    C1]  kvm_vcpu_release+0x57/0x70
[  300.701283][    C1]  ? __pfx_kvm_vcpu_release+0x10/0x10
[  300.701303][    C1]  __fput+0x406/0x8b0
[  300.701331][    C1]  __x64_sys_close+0x7f/0x110
[  300.701355][    C1]  do_syscall_64+0xf3/0x230
[  300.701376][    C1]  ? clear_bhb_loop+0x35/0x90
[  300.701399][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.701419][    C1] RIP: 0033:0x7f629887be5a
[  300.701439][    C1] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 03 7f 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 63 7f 02 00 8b 44 24
[  300.701453][    C1] RSP: 002b:00007fffd84777c0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  300.701470][    C1] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f629887be5a
[  300.701481][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  300.701509][    C1] RBP: ffffffffffffffff R08: 00007f6298800000 R09: 0000000000000001
[  300.701522][    C1] R10: 0000000000000001 R11: 0000000000000293 R12: 00007f62989b3f80
[  300.701533][    C1] R13: 00007f62989b3f8c R14: 0000000000000032 R15: 00007f62989b5980
[  300.701555][    C1]  </TASK>
[  300.702119][    C0] rcu: rcu_preempt kthread starved for 6925 jiffies! g24677 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  301.422584][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  301.432576][    C0] rcu: RCU grace-period kthread stack dump:
[  301.438476][    C0] task:rcu_preempt     state:R  running task     stack:26128 pid:17    tgid:17    ppid:2      flags:0x00004000
[  301.450240][    C0] Call Trace:
[  301.453548][    C0]  <TASK>
[  301.456495][    C0]  __schedule+0x1796/0x49d0
[  301.461144][    C0]  ? __pfx___schedule+0x10/0x10
[  301.466026][    C0]  ? __pfx_lock_release+0x10/0x10
[  301.471102][    C0]  ? __asan_memset+0x23/0x50
[  301.475722][    C0]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  301.481546][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  301.487945][    C0]  ? schedule+0x90/0x320
[  301.492270][    C0]  schedule+0x14b/0x320
[  301.496466][    C0]  schedule_timeout+0x1be/0x310
[  301.501423][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  301.506897][    C0]  ? __pfx_process_timeout+0x10/0x10
[  301.512231][    C0]  ? prepare_to_swait_event+0x32e/0x350
[  301.517802][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[  301.522691][    C0]  ? __pfx_rcu_implicit_dynticks_qs+0x10/0x10
[  301.528776][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  301.534072][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  301.539996][    C0]  ? finish_swait+0xd4/0x1e0
[  301.544603][    C0]  rcu_gp_kthread+0xa7/0x3b0
[  301.549226][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  301.554434][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  301.560373][    C0]  ? __kthread_parkme+0x169/0x1d0
[  301.565422][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  301.570646][    C0]  kthread+0x2f0/0x390
[  301.574736][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  301.579955][    C0]  ? __pfx_kthread+0x10/0x10
[  301.584575][    C0]  ret_from_fork+0x4b/0x80
[  301.589007][    C0]  ? __pfx_kthread+0x10/0x10
[  301.593615][    C0]  ret_from_fork_asm+0x1a/0x30
[  301.598423][    C0]  </TASK>
[  301.601475][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  301.607802][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.10.0-rc2-syzkaller-00235-g8a92980606e3 #0
[  301.617525][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  301.627604][    C0] RIP: 0010:acpi_safe_halt+0x21/0x30
[  301.632912][    C0] Code: 90 90 90 90 90 90 90 90 90 65 48 8b 04 25 c0 d4 03 00 48 f7 00 08 00 00 00 75 10 66 90 0f 00 2d 25 b2 aa 00 f3 0f 1e fa fb f4 <fa> c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90
[  301.652622][    C0] RSP: 0018:ffffffff8e007ca8 EFLAGS: 00000246
[  301.658709][    C0] RAX: ffffffff8e094680 RBX: ffff88801aefb064 RCX: 00000000000a3419
[  301.666695][    C0] RDX: 0000000000000001 RSI: ffff88801aefb000 RDI: ffff88801aefb064
[  301.674682][    C0] RBP: 000000000003a578 R08: ffff8880b9437d0b R09: 1ffff11017286fa1
[  301.682679][    C0] R10: dffffc0000000000 R11: ffffffff8b7df9f0 R12: ffff88801afa2000
[  301.690675][    C0] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff8eabbda0
[  301.698925][    C0] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  301.707886][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  301.714482][    C0] CR2: 0000000020000080 CR3: 000000001bf84000 CR4: 00000000003526f0
[  301.722475][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  301.730472][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  301.738476][    C0] Call Trace:
[  301.741785][    C0]  <IRQ>
[  301.744659][    C0]  ? rcu_check_gp_kthread_starvation+0x278/0x310
[  301.751037][    C0]  ? print_other_cpu_stall+0x1470/0x15a0
[  301.756713][    C0]  ? __pfx_print_other_cpu_stall+0x10/0x10
[  301.762542][    C0]  ? __pfx_lock_release+0x10/0x10
[  301.767597][    C0]  ? kvm_check_and_clear_guest_paused+0x6a/0xd0
[  301.773859][    C0]  ? rcu_sched_clock_irq+0x9f4/0x10a0
[  301.779259][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  301.784917][    C0]  ? hrtimer_run_queues+0x16c/0x460
[  301.790148][    C0]  ? update_process_times+0x1ce/0x230
[  301.795541][    C0]  ? tick_nohz_handler+0x37c/0x500
[  301.800671][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[  301.806147][    C0]  ? __hrtimer_run_queues+0x551/0xd50
[  301.811555][    C0]  ? ktime_get_update_offsets_now+0x3c/0x250
[  301.817574][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  301.823498][    C0]  ? ktime_get_update_offsets_now+0x22d/0x250
[  301.829704][    C0]  ? hrtimer_interrupt+0x396/0x990
[  301.834871][    C0]  ? __sysvec_apic_timer_interrupt+0x110/0x3f0
[  301.841059][    C0]  ? sysvec_apic_timer_interrupt+0xa1/0xc0
[  301.846903][    C0]  </IRQ>
[  301.849854][    C0]  <TASK>
[  301.852803][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  301.858985][    C0]  ? __pfx_acpi_idle_enter+0x10/0x10
[  301.864306][    C0]  ? acpi_safe_halt+0x21/0x30
[  301.869015][    C0]  acpi_idle_enter+0xe4/0x140
[  301.873727][    C0]  cpuidle_enter_state+0x112/0x480
[  301.878866][    C0]  ? __pfx_menu_select+0x10/0x10
[  301.883830][    C0]  cpuidle_enter+0x5d/0xa0
[  301.888277][    C0]  do_idle+0x375/0x5d0
[  301.892396][    C0]  ? __pfx_do_idle+0x10/0x10
[  301.897021][    C0]  ? do_idle+0x10/0x5d0
[  301.901202][    C0]  ? rest_init+0x31/0x300
[  301.905556][    C0]  cpu_startup_entry+0x42/0x60
[  301.910341][    C0]  rest_init+0x2dc/0x300
[  301.914606][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  301.920190][    C0]  start_kernel+0x47a/0x500
[  301.924729][    C0]  x86_64_start_reservations+0x2a/0x30
[  301.930207][    C0]  x86_64_start_kernel+0x99/0xa0
[  301.935163][    C0]  common_startup_64+0x13e/0x147
[  301.940153][    C0]  </TASK>