last executing test programs:

16.118092659s ago: executing program 4 (id=1286):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000ebffff130101c0"])

15.792185557s ago: executing program 4 (id=1291):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)={0x8c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x59, 0xe, {{{}, {}, @device_a, @device_b, @initial, {0x0, 0x3}}, 0x0, @default, 0x0, @void, @void, @void, @val={0x4, 0x6, {0x7}}, @void, @void, @val={0x25, 0x3}, @void, @void, @val={0x2d, 0x1a}, @val={0x72, 0x6}, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @crypto_settings=[@NL80211_ATTR_PMK={0x4}]]}, 0x8c}, 0x1, 0x0, 0x0, 0xfe3685db0afff645}, 0x0)

15.610900122s ago: executing program 4 (id=1294):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000010c0)={[{@nobh}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noquota}, {@dioread_nolock}, {@init_itable_val={'init_itable', 0x3d, 0x85c5}}, {@nojournal_checksum}, {@jqfmt_vfsv1}]}, 0xfe, 0x576, &(0x7f00000024c0)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRdBlNOtY62PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH3yJ3PSmzdqk6bK41ubzgbudc+9Nzj0553t6Tm5CAhhYY9k/hYhXI+KbJOJoy7HhyA+OrZ638uTmdLYlUa9/9mcSSb6veX6S/384z7wSEb9+FXG6sLnc6tLyXKlcThfy/Hht/tp4dWn5zJX50mw6m16dnJo6987U5Pvvvdu3ur558e/vP33w0bmvT6589/OjY/eSOB9H8mOt9XgOt1szYzGWvyYjcX7DiRN9KGw3SXb6AujJUB7nI5GNAUdjKI96YO+7FRF1YEAl4h8GVHMe0Fzbb7EO3pNLvMcfri6ANtd/ePW9kTjQWBsdWkmeWhllL8ZoH8rPyvjlj/v3si369z4EQFe370TE2eHhzeNfko9/vTu7jXM2lmH8gxfnQTb/eavd/KewNv+JNvOfw21itxfd47/wqA/FdJTN/z5oO/9du2k1OpTnXmrM+UaSy1fKaTa2vRwRp2Jkf5bf6n7OuZWH9U7HWud/2ZaV35wL5tfxaHj/04+ZKdVKz1PnVo/vRLzWdv6brLV/0qb9s9fj4jbLOJHef73Tse71b+vgNovuqv5TxBtt2399uZNsfX9yvNEfxpu9YrO/7p74rVP5G+f/kef7Vb9usvY/tHX9R5PW+7XVZy/jxwP/pJ2O9dr/9yWfN9L78n03SrXawkTEvuSTzfsn1x/bzDfPz+p/6uTW41+7/p91wC+2Wf+7x+92PLXH/t83Wf1n1to/29Ot/dcTyaY97RMPP/7yh+aT1ev1W89W/6z9326kTuV7tjP+bee6euvNAAAAAAAAsHsVIuJIJIXiWrpQKBZXP99xPA4VypVq7fTlyuLVmWh8V3Y0RgrNO91HWz4PMZF/HraZn9yQn4qIYxHx7dDBRr44XSnP7HTlAQAAAAAAAAAAAAAAAAAAYJc4HHGg3ff/M78P7fTVAf85P/kNg6tz/OdH+vFLT8Cu5O8/DC7xD4NL/MPgEv8wuMQ/DC7xD4NL/MPgEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQVxcvXMi2+sqTm9NZfub60uJc5fqZmbQ6V5xfnC5OVxauFWcrldlyWpyuzHd7vnKlcm1iMhZvjNfSam28urR8ab6yeLV26cp8aTa9lI68kFoBAAAAAAAAAAAAAAAAAADA/0t16XyUyuV0obq0PCch8cyJ4d1xGXsoUc/t7GXs9MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOv+DQAA//+HxTdZ")
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
unshare(0x22020600)
unshare(0x22020600)
readlink(&(0x7f0000000240)='./file1\x00', &(0x7f0000000780)=""/245, 0xf5)

15.221681636s ago: executing program 4 (id=1296):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x2c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8}]}, 0x2c}}, 0x0)

15.061773309s ago: executing program 4 (id=1297):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB='quota,iocharset=cp437,noquota,errors=continue,discard=0x00000\x00\x00000000004,errors=continue,quota,discard,grpquota,\x00'], 0x1, 0x60b9, &(0x7f0000013cc0)="$eJzs3UuPHFfZB/Cn+jaXvEmsLKK8FkKTxFxCiK/BGALEWcCCDQvkLbI1mUQWDiDbICey8ESzYcGHACGxRIglKz5AFmzZ8QGwZCOBskqhmjlnXNPpdo8zma6eOb+fNK56+lRNn/K/qy9TVX0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIgf/uDH56qIuPqrdMOJiP+LfkQvYqWp1yJiZe1EXn4QES/EdnM8HxHDpYhm/e1/no14PSI+eibiwcO7683N5/fZj+//+R9/+MlTP/r7n4Zn/vuX2/03pi13585v//PXewfbZgAAAChNXdd1lT7mn0yf73tddwoAmIv8+l8n+Xb1wtWbC9YftVqtVh/Buq2e7F67iIjN9jrNewaH4wHgiNmMj7vuAh2Sf9EGEfFU150AFlrVdQc4FA8e3l2vUr5V+/Vgbac9nwuyJ//Navf6jmnTWcbPMZnX42sr+vHclP6szKkPiyTn3xvP/+pO+ygtd9j5z8u0/Ec7lz4VJ+ffH89/zPHJvzcx/1Ll/AdPlH9f/gAAAAAAsMDy3/9PdHz8d+ngm7Ivjzv+uzanPgAAAAAAAADA5+2g4//tMv4fAAAALKzms3rjd888um3ad7E1t1+pIp4eWx4oTLpYZrXrfgAAAAAAAAAAAABASQY75/BeqSKGEfH06mpd181P23j9pA66/lFX+vZDybp+kgcAgB0fPTN2LX8VsRwRV9J3/Q1XV1frenlltV6tV5by+9nR0nK90vpcm6fNbUujfbwhHozq5pctt9Zrm/V5eVb7+O9r7mtU9/fRsfnoMHAAiIidV6MHXpGOmbp+Nrp+l8PRYP8/fuz/7EfXj1MAAADg8NV1XVfp67xPpmP+va47BQDMRX79Hz8uoFar1Wq1+vjVbfVk99pFRGy212neMxiOHwCOmM34uOsu0CH5F20QES903QlgoVVdd4BD8eDh3fUq5Vu1Xw/S+O75XJA9+W9W2+vl9SdNZxk/x2Rej6+t6MdzU/rz/Jz6sEhy/r3x/K/utI/Scoed/7xMy7/ZzhMd9KdrOf/+eP5jjk/+vYn5lyrnP3ii/PvyBwAAAACABZb//n9ioY7/jj7r5sz0uOO/a4d2rwAAAAAAAABwuB48vLuer3vNx/+/MGE5138eTzn/Sv5Fyvn3xvL/6thy/db8/bce5f/vh3fX/3j7X/+fp/vNfynPVOmRVaVHRJXuqRqk6UG27tO2hv1Rc0/DqtcfpHN+6uE7cT1uxEac3bNsL/1/PGo/t6e96elwu73u77Sf39M+2G3P61/Y0z5MZzrVK7n9dKzHz+NGvL3d3rQtzdj+5Rnt9Yz2nH/f/l+knP+g9dPkv5raq7Fp4/6HvU/t9+3ppPu5fP2Lvzl7+Jsz01b0d7etrdm+lzroz/b/yVOj+OWtjZun71y7ffvmuUiTPbeejzT5nOX8h+ln9/n/5Z32/Lzf3l/vfzh64vwXxVYMpub/cmu+2d5X5ty3LuT8R+kn5/92ap+8/x/l/Kfv/6920B8AAAAAAAAAAAAAAAB4nLquty8RvRwRF9P1P11dmwkAzNfl9JUbdZJvn1fdn/P9qdVHvK4WrD9zrT+pF6s/avVRrNvqyd5sFxHxt/Y6FyPi15N+GQCwyD6JiH923Qk6I/+C5e/7a6anuu4MMFe33v/gp9du3Ni4eavrngAAAAAAAAAAn1Ue/3OtNf7zqbqu740tt2f817di7aDjfw7yzO4Ao1MGqu4/+TY9zlZv1O+1hht/MaaN/z3cnXvc+N+DGfc3nNE+mtG+NKN9eUb7xAs9WnL+L7bGOz8VESfHhl8vYfzX8THvS5Dzf6n1eG7y/8rYcu38698f5fx7e/I/c/u9X5y59f4Hr11/79q7G+9u/OzCuXNnL1y8eOnSpTPvXL+xcXbn3w57fLhy/nnsa+eBliXnnzOXf1ly/l9KtfzLkvP/cqrlX5acf36/J/+y5PzzZx/5lyXn/0qq5V+WnP/XUi3/suT8X021/MuS8/96quVflpz/a6mWf1ly/qdTLf+y5PzPpHqf+a8cdr+Yj5x/PsJl/y9Lzj+f2SD/suT8z6da/mXJ+V9ItfzLkvN/PdXyL0vO/xupln9Zcv4XUy3/suT8v5lq+Zcl538p1fIvS87/W6mWf1ly/t9OtfzLkvN/I9XyL0vO/zupln9Zcv7fTbX8y5Lz/16q5V+WnP+bqZZ/WR59/78ZM2bM5Jmun5kAAAAAAAAAAAAAgHHzOJ24620EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4HztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwt69xsh11vcDP3v12rkZCPk7+RtYO8YYZ5NdX+ILrYsJ14Zbya2kl9iud+0s+BavXZI0kh0FSiSMiirahhdtAUVt3lRYVV7QKqC8QK0qVSLtC/oGUaHyIqoCCkiV2ipkqznzPM/OzJ6d2bUn9sw5n48U/7wzZ+acOXPm7H7X+c4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA02vD+mS8OZFlW+y//Y22WXVv7++rxtfll77naWwgAAABcrl/mf756Q7pg/zJu1LDMP779+8/Pz8/PZ58e+pORr87PpyvGs2xkVZbl10UXf/zgQOMywVPZ2MBgw9eDHVY/1OH64Q7Xj3S4frTD9as6XD/W4fpFO2CR1fXfx+R3tin/69r6Ls1uzEby6zYV3OqpgVWDg/F3ObmB/DbzI0ey2exYNpNNNS1fX3YgX/6FDbV1fSSL6xpsWNf62hHy8ycOx20YCPt4U9O6Fu4z+un7svFf/PyJw3915pWbi2bH3dB0f/Xt3LKxtp2fD5fUt3UgW5X2SdzOwYbtXF/wnAw1bedAfrva31u389VlbufQwmZeUa3P+Vg2mP/9pXw/DTf+Wi/tp/Xhsv++Ncuy8wub3brMonVlg9mapksGF56fsfoRWbuP2qH05mx4RcfphmUcp7U5van5OG19TcTnf0O43fAS29D4NP30ydGG5/21+Us5TqPao17qtdJ6DHb7tdIrx2A8Ll7KH/TThcfgpvD4n9i89DFYeOwUHIPpcTccgxs7HYODo0P5NqcnYSC/zcIxuK1p+aF8TQP5fHlz+2Nw8szxU5Nzjz1+++zxQ0dnjs6c2LFt29SOXbv27NkzeWT22MxU/c9L3Nu9b002mF4DG8O+i6+Bd7Us23iozn9jdNH591Jfh2NtXodrW5bt9utwuPXBDVyZF+TiY7r+2rivttPHLgxmS7zG8udn6+W/DtPjbngdDje8Dgu/pxS8DoeX8TqsLXNq6/J+Zhlu+K9oG5b+XnB5x+DahmOw9eeR1mOw2z+P9MoxOBaOix9uXfp7wfqwvU9PrPTnkaFFx2B6uOHcU7sk/bw/ticfRcflLbUrrhnNzs7NnL7j0UNnzpzeloVxRbyl4VhpPV7XNDymbNHxOrji43X/7NufvqXg8rVhX43dXvtjbMnnqrbMzjvaP1f5d7fi/dl06fYsjC670vuz6Lt5bX+OZtnXvvfkPd954mvvX3J/1vLm5ycv/2fxlEsbzr8jS5x/Y+5/vb6+dFdPDY0M11+/Q2nvjDSdj5ufquH83DWQr/vVyeWdj0fCf1f6fHxjm/PxupZlu30+Hml9cPF8PNDptx2Xp/X5HAvHybGp9ufj2jLrtq/0mBxuez6+NcyBsP/fHZJCykUNx85Sx21a1/DwSHhcw3ENzcfpjqblR0I2q63rue2XdpxuubV+X0Pp0S24UsfpeMuy3T5O0+++ljpOBzr99u3StD6fY+G4uHFH++O0tsyLOy//3Lk6/rXh3Dna6RgcGRqtbfNIOgjz8302vzoeg3dkh7OT2bFsOr92ND+eBvJ1Tdy5vGNwNPx3pc+V69ocg1talu32MZi+jy117A0ML37wXdD6fI6F4+KZO9sfg7VlPrC7uz+7bgmXpGUafnZt/f3aUr/zuqVlN71Rx8pw2M7v7W7/u9naMsf2rDRntt9Pt4VLrinYT62v36VeU9PZldlP68J2vrJn6f1U257aMl/du8zjaX+WZeceuSv/fW/495W/PfuD55v+3aXo33TOPXLXz6478g8r2X4A+t/r9bGm/r2u4V+mlvPv/wAAAEBfiLl/MMxE/gcAAIDSiLk//l/hifwPAAAApRFz/3CYSUXy/7oPvDL7+rksNfPng3h92g1315eLHdep8PX4/ILa5Xc9O/Nff39ueesezLLstbv/oHD5dXfH7aobD9t58YPNly/y/O3LWvfB+8+l9Tb2178e7j8+nuUeBkUV3Kksy1644cv5esYfvJDPF+8+mM97zj/9VG2ZV/fWv463f/kt9eX/PJR/9x851HT7l8N++EmYUx8t3h/xdt+68O71ux9YWF+83cDG6/OH/cxD9fuN75Pzlafqy8f9vNT2f+dLz32rtvyj7yze/nODxdv/XLjfZ8P8n7fVl298Dmpfx9t9IWx/XF+83R3f/G7h9l/8Yn35Ux+qL3cwzLj+LeHrTR96ZbZxfz06cKjpcWUfri8X1z/1gz/Kr4/3F++/dfvHDlxo2h+tx8eL/1q/n8mW5ePlcT3R37Wsv3Y/jcdnXP9zf3iwaT93Wv/Fe15+W+1+W9d/W8typx7Zmq9/4f6a37HpL77w5cL1xe3Z/zenmh7P/k+F13FY/zMPheMxXP+/F+v31/ruCgc/1Xz+ict/fe25pscTfeQX9fVffO/RfK4aW73mmmuvu/78O2r7LsteWlW/v07rP/qXJ5u2/xs31fdHvD529FvXv5S4/tOfmzhxcu7s7HTaq0/ckL93zsfq2xO394Zwbm39+sDJMw/PnB6fGp/KsvHyvoXeJftmmD+rj/Ptl55fdAbden94Pm/5sxfWbP6XL8XL/+2++uUXPlr/vvWusNxXwuVrw/O3svUv9syGm/LX98CLYQvnF79f8OVYv+k/9yxrwfD4W38uiMf7qbc+nO+H2nX59434ur7M7f/RdP1+vh3263x4Z+aNNy2sr3H5+N4IF+6tv94ve/+F01x8Xv86PN8f/0n9/uN2xcf7o/BzzHfXNZ/v4vHx7XODrfefv4vH+XA+yc7Xr49Lxf194dWbCjcvvg9Jdv7m/Os/Tvdz84oe5lLmHpubPDZ74uyjk2dm5s5Mzj32+IHjJ8+eOHMgfy/PA5/pdPuF89Oa/Pw0PbNrZ5afrU7Wxxvsam//qfsPT++e2jw9c+TQ2SNn7j81c/ro4bm5wzPTc5sPHTky87lOt5+d3rdt+94du7dPHJ2d3rdn794deydmT5ysbUZ9ozrYNfXZiROnD+Q3mdu3c++2O+/cOTVx/OT0zL7dU1MTZzvdPv/eNFG79e9PnJ45dujM7PGZibnZx2f2bdu7a9f2ju8GePzUkbnxydNnT0yenZs5PVl/LONn8otr3/s63Z5ymvv3+s+zrQbqb8SXffK2Xen9WWuefXLJu6ov0vIGoq+E96L5pzed2rOcr2PuHwkzqUj+BwAAgCqIuX80zET+BwAAgNKIuX9VmIn8DwAAAKURc/9YmElF8n/p+v/rzi1r/fr/+v+N+0v/v2L9/3t7rf9fP1/o/3fH5fbv9f8D/X/9f/1//X/9f7qg1/r/MfevzrJK5n8AAACogpj714SZyP8AAABQGjH3XxNmIv8DAABAacTcf22YSUXyv/6//r/+v/6//n/x+vX/+5P+f3v6/x3o/09m1er/n+/m9uv/6/+zWK/1/2Puvy7MpCL5HwAAAKog5v7rw0zkfwAAACiNmPtvCDOR/wEAAKA0Yu5fG2ZSkfyv/6//r/+v/6//X7x+/f/+pP/fnv5/B/r/Pv9f/1//n67qtf5/zP1vCjOpSP4HAACAKoi5/81hJvI/AAAA9J7hS7tZzP1vCTNZlP8vcQUAAADAVRdz/41ZSxG8Iv/+r/+v/6//r/+v/1+8/uX3/4cy/f/eof/fnv5/B/r/+v/6//r/dFWv9f/z3J+NZW8NM6lI/gcAAIAqiLn/pjAT+R8AAABKI+b+/xdmIv8DAABAacTcvy7MpCL5X/9f/1//X/9f/794/T7/vz/p/7en/9+B/r/+v/6//j9d1Wv9/5j7bw4zqUj+BwAAgCqIuf+WMBP5HwAAAEoj5v7/H2Yi/wMAAEBpxNy/PsykIvlf/7/H+/+xOar/r/+v/6//r/+/LPr/7en/d6D/r/+v/6//T1f1Wv8/5v63hZlUJP8DAABAFcTc//YwE/kfAAAASiPm/neEmcj/AAAAUBox94+HmVQk/+v/93j/3+f/6//r/+v/6/+viP5/e/r/Hej/6//r/+v/01W91v+PuX9DmElF8j8AAABUQcz9G8NM5H8AAAAojZj7bw0zkf8BAACgNGLu3xRmUpH8r/+v/6//r/+v/1+8fv3//qT/357+fwf6//r/+v/6/3RVr/X/Y+5/Z5hJRfI/AAAAVEHM/ZvDTOR/AAAAKI2Y+98VZiL/AwAAQGnE3L8lzKQi+V//X/9f/1//X/+/eP36//1J/789/f8O9P/1//X/9f/pql7r/8fc/+4wk4rkfwAAAKiCmPu3hpnI/wAAAFAaMfffFmYi/wMAAEBpxNw/EWZSkfyv/6//r/+v/6//X7x+/f/+pP/fnv5/B/r/+v/6//r/dFWv9f9j7r89zKQi+R8AAACqIOb+O8JM5H8AAAAojZj7J8NM5H8AAAAojZj7p8JMKpL/9f/1//X/9f9X1P9/x8L96v/X6f/3Fv3/9vT/O9D/1/+/6v3/Ef1/SqXX+v8x928LM6lI/gcAAIAqiLl/e5iJ/A8AAAClEXP/jjAT+R8AAABKI+b+nWEmFcn/+v/6//r/+v8+/794/fr//Un/v73u9//jQ9T/1//X//f5//r/LNZr/f+Y++8MM6lI/gcAAIAqiLl/V5iJ/A8AAAClEXP/7jAT+R8AAABKI+b+PWEmFcn/+v/6//r/+v/6/8Xr1//vT/r/7fn8/w70//X/9f/1/+mqXuv/x9y/N8ykIvkfAAAAqiDm/veEmcj/AAAAUBox9/9KmIn8DwAAAKURc/+vhplUJP/r/+v/6//r/+v/F69f/78/6f+3p//fgf6//r/+v/4/XdVr/f+Y+/eFmVQk/wMAAEAVxNz/a2Em8j8AAACURsz97w0zkf8BAACgNGLu3x9mUpH8r/+v/6//r/+v/1+8fv3//qT/357+fwf6//r/+v/6/3RVr/X/Y+5/X5hJRfI/AAAAVEHM/XeFmcj/AAAAUBox978/zET+BwAAgNKIuf8DYSYVyf/6//r/+v/6//r/xevX/+9P+v/t6f93oP+v/6//r/9PV/Va/z/m/g+GmVQk/wMAAEAVxNz/oTAT+R8AAABKI+b+D4eZyP8AAABQGjH3fyTMpCL5X/9f/1//X/9f/794/fr//Un/vz39/w70/0vW/x+/Tv9f/583SlECWuzS+v/XvrbkCi+z/x9z/6+HmVQk/wMAAEAVxNx/d5iJ/A8AAAClEXP/R8NM5H8AAAAojZj7PxZmUpH8r/+v/6//r/+v/1+8fv3//qT/316f9f9/eX24XP+/Tv+/t7e/J/v/P16q/z+/qvX2+v+8ES6t/1+oK/3/mPs/HmZSkfwPAAAAVRBz/yfCTOR/AAAAKI2Y+z8ZZiL/AwAAQGnE3P8bYSYVyf/6/7XtWGgv6//r/+cX6P/r/+v/9y39//b6rP/v8/9b6P/39vb3ZP/f5/9zlfVa/z/m/k+FmVQk/wMAAEAVxNx/T5iJ/A8AAAClEXP/vWEm8j8AAACURsz994WZVCT/6//7/H/9f/1//f/i9ev/9yf9//b0/zvQ/9f/77X+/3/o/9Pfeq3/H3P//WEmFcn/AAAAUAUx9z8QZiL/AwAAQGnE3P+bYSbyPwAAAJRGzP2fDjOpSP7X/++X/v+4/r/+v/5/y+PR/9f/L6L/357+fwf6//r/vdb/9/n/9Lle6//H3P9gmMny8//YspcEAAAAroqY+38rzKQi//4PAAAAVRBz/2+Hmcj/AAAAUBox9/9OmElF8r/+f7/0/33+f6b/r//f8nj0//X/i1y5/n888+j/6//r/0f6//r/+v+06rX+f8z9vxtmUpH8DwAAAFUQc/9DYSbyPwAAAPSFov8nu1XM/QfCTOR/AAAAKI2Y+w+GmVQk/+v/6//r//do//9PN/7zD7//iYPb9P/1//X/V+SKfv5/7cXv8//1//X/E/1//X/9f1r1Wv8/5v5DYSYVyf8AAABQBTH3/16YifwPAAAApRFz/+EwE/kfAAAASiPm/ukwk4rkf/1//X/9/x7t//fx5//H/aH/36xr/f940tX/L3RF+/8PLPTE9f9X2v8fLbxU/1//v5+3X/9f/5/Feq3/H3P/TJhJRfI/AAAAVEHI/YNH6nPhCvkfAAAASiPm/qNhJvI/AAAAlEbM/Q+HmVQk/+v/6//r/+v/+/z/4vX3bP/f5/+3pf/fXu/0/4vp/+v/9/P26//r/7NYr/X/Y+6fDTOpSP4HAACAKoi5/zNhJvI/AAAAlEbM/Z8NM5H/AQAAoDRi7j8WZlKR/K//r/+v/6//r/9fvH79//6k/9+e/n8H+v/6//r/+v90Va/1/2PuPx5mUpH8DwAAAFUQc/+JMBP5HwAAAEoj5v6TYSbyPwAAAJRGzP2nwkz+j737aN6rLv84fuf/D2MyPAAXbtj7EFjoWh+ACzcudMZxoaPYG8FesfeCvWMBRWzYG9hQ7GLvigU76sRxcl1X8kvO79xJvJOc871er82lwXiiw4Af4T3fJvtf/6//H7b/v5v+f7/v6//1/yPT/8/T/2+h/9f/6//1/+zU0vr/3P0Pjlua7H8AAADoIHf/Q+IW+x8AAACGkbv/srjF/gcAAIBh5O5/aNzSZP+f1P8f2PTs/zPj1f+P1P97/3/f7+v/9f8jO7/9/xX//SOf/l//r/8P+n/9v/6fky2t/8/d/7C4pcn+BwAAgA5y9z88brH/AQAAYBi5+x8Rt9j/AAAAMIzc/Y+MW5rsf+//e/9f/6//1/9Pf1//v07e/5/Xqf+/7JaLH3j7dXe5/ky+r//X/+v/9f/s1tL6/9z9j4pbmux/AAAA6CB3/6PjFvsfAAAAhpG7/zFxi/0PAAAAw8jd/9i4pcn+1//r//X/+n/9//T39f/rpP+f16n/P5vv6//1//p//T+7tbT+P3f/4+KWJvsfAAAAOsjd//i4xf4HAACAYeTuvzxusf8BAABgGLn7j8QtTfa//v/c9///1v/r/+Pq//X/+v9zT/8/T/+/hf5f/6//1/+zU0vr/3P3XxG3NNn/AAAA0EHu/ifELfY/AAAADCN3/xPjFvsfAAAAhpG7/0lxS5P9r//3/r/+X/+v/5/+vv5/nfT/885//z/1Z8j96f9X3/9fpP/X/+v/OdEZ9v93zPxheyf9f+7+J8ctTfY/AAAAdJC7/ylxi/0PAAAAw8jd/9S4xf4HAACAYeTuf1rc0mT/6//1//p//b/+f/r7+v910v/PW8z7/wcOTv6w/n/1/b/3//X/+n/2WNr7/7n7nx63NNn/AAAA0EHu/mfELfY/AAAADCN3/zPjFvsfAAAAhpG7/1lxS5P9r//X/+v/9f/6/+nvz/X/15/w69P/L4v+f95i+v996P/1/2v+9ev/9f+camn9f+7+Z8ctTfY/AAAAdJC7/8q4xf4HAACAYeTuf07cYv8DAADAMHL3PzduabL/p/v/479d/3969P97f/36/+nfP3bV/+e/o/5/tv+/u/f/e9L/z9P/b6H/1//r//fr/w9v+/n6f6Ysrf/P3f+8uKXJ/gcAAIAOcvc/P26x/wEAAGAYuftfELfY/wAAADCM3P0vjFua7H/v/+v/9f/r6/+9/3/MhXz/f3Pe+/+D+v/TpP+fp//fQv+v/9f/e/+fnVpa/5+7/0VxS5P9DwAAAB3k7n9x3GL/AwAAwDqc+PcOnPw3lIbc/S+JW+x/AAAAGEbu/pfGLU32v/5f/6//1//37v8PraT/9/7/6dL/z9P/b3Fh+/8Dg/b/Bwfr/6/a7+cvof+/XP/Pwuzp/284/uMXqv/P3f+yuKXJ/gcAAIAOcve/PG6x/wEAAGAYuftfEbfY/wAAADCM3P2vjFua7P9z3v8f3v/b+n/9v/5f/3/h+/+1vP+v/z9d+v95+v8tvP/v/X/v/+v/2ak9/f8JLlT/n7v/VXFLk/0PAAAAHeTuf3XcYv8DAADAMHL3XxW32P8AAAAwjNz9r4lbmux/7//r//X/+n/9//T39f/rpP+fp//fQv+v/9f/6//ZqaX1/7n7Xxu3NNn/AAAA0EHu/tfFLfY/AAAADCN3/+vjFvsfAAAAhpG7/w1xS5P9r/8/t/1//rj+X/+/0f/r//X/50Xb/v/A1J+JTrVP/3/T/Y/cc++P6P/1//p//b/+nx1YRP9/9Pj/uszd/8a4pcn+BwAAgA5y978pbrH/AQAAYBi5+98ct9j/AAAAMIzc/W+JWwbZ/4e2/Hb9v/f/9f/6f/3/9Pf1/+vUtv8/Td7/30L/r//X/+v/2alF9P8n/PPc/W+NWwbZ/wAAAMCmdv/b4hb7HwAAAIaRu//tcYv9DwAAAMPI3f+OuKXJ/tf/6//1//p//f/09/X/66T/n6f/30L/r//X/+v/2aml9f+5+6+OW5rsfwAAAOggd/874xb7HwAAAIaRu/9dcYv9DwAAAMPI3f/uuKXJ/tf/6//1//p//f/09/X/66T/n6f/32w218z8Aqb6/6N30v/r//X/+n/O0tL6/9z974lbmux/AAAA6CB3/zVxi/0PAAAAw8jdf23cYv8DAADAMHL3vzduabL/9f/6f/2//l//P/19/f866f/n6f+38P6//l//r/9np5bW/+fuf1/c0mT/AwAAQAe5+6+LW+x/AAAAGEbu/vfHLfY/AAAADCN3//VxS5P9r//X/+v/9f/6/+nv6//X6dz1/xv9v/5f/7+F/l//r//nZEvr/3P3fyBuabL/AQAAoIPc/R+MW+x/AAAAGEbu/g/FLfY/AAAADCN3/4fjlib7X/+v/9f/6//1/9Pf1/+vk/f/5+n/t9D/6//1//p/dmpp/X/u/o/ELU32PwAAAHSQu/+GuMX+BwAAgGHk7v9o3GL/AwAAwDBy938sbmmy//X/+v+9/f9mo//X/+v/jzkP/f+hjf5/5/T/8/T/W+j/x+z//28zUP9/eN+fr/9niZbW/+fu/3jc0mT/AwAAQAe5+z8Rt9j/AAAAMIzc/Z+MW+x/AAAAGEbu/k/FLU32v/5f/+/9f/2//n/6+97/Xyf9/zz9/xb6/zH7f+//6/+5YJbW/+fu/3Tc0mT/AwAAQAe5+z8Tt9j/AAAAMIzc/Z+NW+x/AAAAGEbu/s/FLU32v/5f/6//1//r/6e/r/9fJ/3/PP3/Fvp//b/+X//PTi2t/8/d//m4pcn+BwAAgA5y998Yt9j/AAAAMIzc/TfFLfY/AAAADCN3/xfilib7X/+v/9f/r7P/P6T/1//r/yctpf+/9NJ73Kz/1//r//X/+n/9f3dL6/9z938xbmmy/wEAAKCD3P1filvsfwAAABhG7v4vxy32PwAAAAwjd/9X4pYm+//U/v+izbFC9Zip/j8aNf3/CfT/e3/9+v/p3z+8/6//1/+fe0vp/73/f3a/fv2//n/Nv/4z6v8vOfXn6/8Z0dL6/9z9N8ctTfY/AAAAdJC7/6txi/0PAAAAw8jd/7W4xf4HAACAYeTuvyVuabL/vf+v/9f/6//1/9Pf1/+vk/5/nv5/C/2//t/7/w+67//r/9mdpfX/ufu/Hrc02f8AAADQQe7+b8Qt9j8AAAAMI3f/N+MW+x8AAACGkbv/W3FLk/2v/9f/6//1//r/6e/r/9dJ/z9P/7+F/l//r//3/j87tbT+P3f/t+OWJvsfAAAAOsjd/524xf4HAACAYeTu/27cYv8DAADAMHL3fy9uabL/d9//X6L/D/r/pfT/99H/n/R9/b/+f2T6//wz+jT9/xb6f/2//l//z04trf/P3X9r3NJk/wMAAEAHufu/H7fY/wAAADCM3P0/iFvsfwAAABhG7v4fxi1N9r/3/3v1/wc2Hft/7//r//X/nej/5+n/t9D/6//1//p/dmpp/X/u/h/FLU32PwAAAKzVve76gFtP91+bu//HcYv9DwAAAMPI3f+TuMX+BwAAgGHk7v9p3NJk/+v/e/X/Pd//1//r//X/nej/5+n/t9D/6//1//p/dmpp/X/u/p/FLScMv4Nn/J8SAAAAWJLc/T+PW5r89X8AAADoIHf/L+KWU/b/0dP8u9oBAACApcnd/8u4pclf/9f/L7z/34zf/9+20f/r/4/R/+v/d0H/P+9/7P+PHtD/6/9n6P/1//p/Tra0/j93/6/ilib7HwAAAAa15/9RyN3/67jF/gcAAIBh5O7/Tdxi/wMAAMAwcvf/Nm5psv/1/wvv/8/q/f/D9Y/W0P97//8c9v9XHpr8vv5f/z8y/f887/9vof/X/+v/9f/s1NL6/9z9t8UtTfY/AAAAdJC7/3dxi/0PAAAAw8jd//u4xf4HAACAYeTu/0Pc0mT/6/9H7P/X9f6//t/7/2ff/9/54iM33vt+116t/+e489n/5+8L+n/9v/7/GP2//l//z8mW1v/n7v9j3NJk/wMAAEAHuftvj1vsfwAAABhG7v4/xS32PwAAAAwjd/+f45Ym+1//r/9fSv+f/11fgP7/yPr6/2yKu/f/3v/X/5/K+//z9P9b6P/1//p//T87tbT+P3f/X+KWJvsfAAAAOsjd/9e4xf4HAACAYeTu/1vcYv8DAADAMHL3/z1uabL/9f/6/6X0/8n7/8d/nvf/j9H/6//PhP5/nv5/C/2//l//r/9np5bW/+fu/0fc0mT/AwAAQAe5+++IW+x/AAAAGEbu/n/GLfY/AAAADCN3/7/ilib7X/+v/9f/6//1/9Pf1/+vk/5/nv5/C/2//l//r/9np5bW/+fu/08AAAD//6cRdCE=")
chdir(&(0x7f0000000100)='./file0\x00')
link(&(0x7f0000001240)='./file0\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
pwritev2(r0, &(0x7f0000000200)=[{&(0x7f0000001280)='*', 0x1}], 0x1, 0x0, 0x0, 0x6)

13.513234931s ago: executing program 4 (id=1300):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f0000000c80)={[{@lazytime}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@mblk_io_submit}, {@grpquota}, {@barrier_val}, {@grpjquota}, {}, {}, {@usrjquota}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ftruncate(r0, 0xc17a)
write$cgroup_int(r0, &(0x7f0000000340), 0x12)

6.667010893s ago: executing program 0 (id=1323):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x74, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x38, 0xe, {{{}, {}, @device_b, @device_b, @from_mac}, 0x0, @default, 0x0, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6}}}, @NL80211_ATTR_BEACON_TAIL={0xe, 0xf, [@gcr_ga={0xbd, 0x6, @device_b}, @supported_rates]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0x74}}, 0x80)

5.786839438s ago: executing program 0 (id=1326):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
symlink(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus\x00')
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="66113006e73914c23324b7b035aebe6c66b1956649e6dabdd6a266d5c56b3ee905000000000000002a561709dfe16bf5d28387233e630c25ada26531627d73e5e03df328ccb20eeedbe1e5edf2582bf74ed14b4d", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

5.744475082s ago: executing program 2 (id=1327):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
dup(r0)

4.561422432s ago: executing program 3 (id=1329):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000240)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, 0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_RMFB(r0, 0xc00464af, &(0x7f0000000300)=r2)

4.384452217s ago: executing program 3 (id=1330):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
getpeername$netrom(r1, 0x0, &(0x7f0000002f00))

4.325602043s ago: executing program 3 (id=1331):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fcb602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9", @ANYBLOB="3db1bd3c9389ce300f92cc8091d7dfbdcfffeed8bb90e543382e29209562d6483c6fcfdf79d0b465e6bc8ea70762049054a683ca4394e098765d85fa3b798fc191119debc7d45cce724609d275eabc974abf88d2270db005808488efc289084aff3069b2b0a78cdfa1f780c10f6c51d7c9ced6ab3e8a7aa716d5ebe1e8cb6255366a32ca4bfad14e3b1315ec", @ANYRESHEX, @ANYRES64, @ANYRES16, @ANYRES64], 0x1, 0x620f, &(0x7f000000cb40)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgCYsmKB8iCLTseAEs2EiirFKqZc8Y1nW73+DJdPT6/nzSu+vpUTZ/yv6svU1V9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIH/7gx2eqiLj0q3TDsYjPRT+iF7HS1GsRsbJ2LC8/iIgXYrs5no+I4VJElRufjXg9Ij4+GnH33q315qaz++zH9//yzz/85MiP/vGn4an//fVG/41py928+dv//u32o28vAAAAlKiu67pKH/OPp8/3va47BQDMRX79r5N8u3rh6s0F649arVarD2HdVk92u11ExGZ7neY9g8PxAHDIbMYnXXeBDsm/aIOIONJ1J4CFVnXdAQ7E3Xu31quUb9V+PVjbac/nguzJf7Pavb5j2nSW8XNM5vX42op+PDelPytz6sMiyfn3xvO/tNM+SssddP7zMi3/0c6lT8XJ+ffH8x/z9OTfm5h/qXL+g4fKvy9/AAAAAABYYPnv/8c6Pv679Pibsi8POv67Nqc+AAAAAAAAAMCT9rjj/+2qjP8HAAAAi6r5rN743dH7t037Lrbm9otVxDNjywOFSRfLrHbdDwAAAAAAAAAAAAAoyWDnHN6LVcQwIp5ZXa3ruvlpG68f1uOuf9iVvv1Qsq6f5AEAYMfHR8eu5a8iliPiYvquv+Hq6mpdL6+s1qv1ylJ+PztaWq5XWp9r87S5bWm0jzfEg1Hd/LLl1nptsz4vz2of/33NfY3q/j46Nh8dBg4AEbHzanTXK9JTpq6fja7f5XA4TNr/+908bHlC7P/sR9ePUwAAAODg1XVdV+nrvI+nY/69rjsFAMxFfv0fPy6gVqvVarX66avb6slut4uI2Gyv07xnMBw/ABwym/FJ112gQ/Iv2iAiXui6E8BCq7ruAAfi7r1b61XKt2q/HqTx3fO5IHvy36y218vrT5rOMn6OybweX1vRj+em9Of5OfVhkeT8e+P5X9ppH6XlDjr/eZmWf7OdxzroT9dy/v3x/Mc8Pfn3JuZfqpz/4KHy78sfAAAAAAAWWP77/7GFOv47etTNmelBx3/XDuxeAQAAAAAAAOBg3b13az1f95qP/39hwnKu/3w65fwr+Rcp598by/+rY8u1xwO+8/b9/P9z79b6H2/8+/N5ut/8l/JMlR5ZVXpEVOmeqkGaPs7WfdbWsD9q7mlY9fqDdM5PPXw3rsTV2IjTe5btpf+P++1n9rQ3PR1ut9f9nfaze9oHu+15/XN72ofpTKd6JbefjPX4eVyNd7bbm7alGdu/PKO9ntGe8+/b/4uU8x+0fpr8V1N7NTZt3Pmo95n9vj2ddD9vXfnib04f/ObMtBX93W1ra7bvpQ76s/1/cmQUv7y+ce3kzcs3blw7E2my59azkSZPWM5/mH52n/9f3mnPz/vt/fXOR6OHzn9RbMVgav4vt+ab7X1lzn3rQs5/lH5y/u+k9sn7/2HOf/r+/2oH/QEAAAAAAAAAAAAAAIAHqet6+xLRtyLifLr+p6trMwGA+cqv/3WSb59X3X/U9f+8dzu66r9aPee6WrD+zLX+tF6s/qjVh7Fuqyd7s11ExN/b6zTvGX496ZcBAIvs04j4V9edoDPyL1j+vr9meqLrzgBzdf2DD396+erVjWvXu+4JAAAAAAAAAPCo8vifa63xn0/UdX17bLk947++HWuPO/7nIM/sDjA6ZaDq/sNv04Ns9Ub9Xmu48Rdj2vjfw925B43/PZhxf8MZ7aMZ7Usz2pdntE+80KMl5/9ia7zzExFxfGz49RLGfx0f874EOf+XWo/nJv+vjC3Xzr/+/WHOv7cn/1M33v/FqesffPjalfcvv7fx3sbPzp05c/rc+fMXLlw49e6Vqxund/7tsMcHK+efx752HmhZcv45c/mXJef/pVTLvyw5/y+nWv5lyfnn93vyL0vOP3/2kX9Zcv6vpFr+Zcn5fy3V8i9Lzv/VVMu/LDn/r6da/mXJ+b+WavmXJed/MtXyL0vO/1Sq95n/ykH3i/nI+ecjXPb/suT885kN8i9Lzv9squVflpz/uVTLvyw5/9dTLf+y5Py/kWr5lyXnfz7V8i9Lzv+bqZZ/WXL+F1It/7Lk/L+VavmXJef/7VTLvyw5/zdSLf+y5Py/k2r5lyXn/91Uy78sOf/vpVr+Zcn5v5lq+Zfl/vf/mzFjxkye6fqZCQAAAAAAAAAAAAAYN4/TibveRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+D87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsLe3cXIddb3Az+zb147kBgI+Tv5m7B2jDHOJrt+iV9oXUx4bXgrCaHQF2zXuzYLfsNrl0Cj2lGgRMKoqKJtuGgLCLW5qbAqLmgFKBeoVaVKpL2gN4gKlYuoCiggVaIVZKuZ8zzPzszOzqy9482Zcz4fify8M2fmnDnzzOx+bb47AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GzLm2Y/U8uyrFar5RdszLKX1Of6iY2NS17/4h4fAAAAsHq/bPz3+VvSBYdXcKOmbf7pzu9+fWFhYSH7wPCfjn5hYSFdMZFlo+uyrHFddPWHH6w1bxM8no3Xhpq+Huqx++Ee14/0uH60x/VjPa5f1+P68R7XLzkBS6zPaunOtjX+uDE/pdmt2Wjjum0dbvV4bd1Q/dyl22a1xm0WRk9kc9mpbDabbtk+37bW2P6bW+r7ensW9zXUtK/N9RXy00ePx2OohXO8rWVfi/cZ/fiN2cTPfvro8b++8NztnWbP09Byf/lx7thaP85PhUvyY61l69I5icc51HScmzs8J8Mtx1lr3K7+5/bjfH6Fxzm8eJhrqv05H8+GGn9+pnGeRmpZh/O0OVz287uyLLu8eNjt2yzZVzaUbWi5ZGjx+RnPV2T9PupL6eXZyDWt0y0rWKf1ObOtdZ22vybi878l3G5kmWNofpp+/NhY0/P+i4XrWadR/VEv91ppX4P9fq0UZQ3GdfFM40E/0XENbguP/9Hty6/BjmunwxpMj7tpDW7ttQaHxoYbx5yehFrjNotrcFfL9sONPdUa89nt3dfg1IXT56bmP/HJe+ZOHzs5e3L2zJ5du6b37Nt34MCBqRNzp2an8/9e59kuvg3ZUHoNbA3nLr4GXtu2bfNSXfjy2JL33+t9HY53eR1ubNu236/DkfYHV1ubF+TSNZ2/Nt5XP+njV4ayZV5jjedn5+pfh+lxN70OR5pehx2/p3R4HY6s4HVY3+bczpX9zDLS9L9Ox7D894LVrcGNTWuw/eeR9jXY759HirIGx8O6+P7O5b8XbA7H+8Tktf48MrxkDaaHG9576pekn/fHDzRGp3V5R/2Km8ayi/Oz5+995NiFC+d3ZWGsiVc0rZX29bqh6TFlS9br0DWv18Nzdz5xR4fLN4ZzNX5P/T/jyz5X9W323tv9uWp8d+t8Plsu3Z2F0WdrfT47fTevn8+xLPvidx578FuPfvFNy57Pet781NTqfxZPubTp/Xd0mfffmPtfyPeX7urx4dGR/PU7nM7OaMv7cetTNdJ476o19v381Mrej0fD/9b6/fjWLu/Hm9q27ff78Wj7g4vvx7Vef9uxOu3P53hYJ6emu78f17fZtPta1+RI1/fju8KshfP/upAUUi5qWjvLrdu0r5GR0fC4RuIeWtfpnpbt43qr7+up3de3Tnfcld/XcHp0i9ZqnU60bdvvdZr+7mu5dVrr9bdv16f9+RwP6+LWPd3XaX2bp/eu/r1zffxj03vnWK81ODo8Vj/m0bQIG+/32cL6uAbvzY5nZ7NT2Uzj2rHGeqo19jV538rW4Fj431q/V27qsgZ3tG3b7zWYvo8tt/ZqI0sffB+0P5/jYV08eV/3NVjf5s37+/uz645wSdqm6WfX9r9fW+7vvO5oO003aq2MhOP8zv7ufzdb3+bUgWvNmd3P093hkps6nKf21+9yr6mZbG3O06ZwnM8dWP481Y+nvs0XDq5wPR3OsuzSx+5v/H1v+PeVv7v4va+3/LtLp3/TufSx+3/y0hP/eC3HD8DgeyEfG/LvdU3/MrWSf/8HAAAABkLM/UNhJvI/AAAAlEbM/fH/FZ7I/wAAAFAaMfePhJlUJP9vevNzcy9cylIzfyGI16fT8EC+Xey4ToevJxYW1S+//6uz//0Pl1a276Esy37xwB903H7TA/G4chPhOK++pfXyJb5+z4r2ffThS2m/zf31L4X7j49npcugUwV3Osuyb97yucZ+Jj54pTGffuBoYz54+YnH69s8fzD/Ot7+2Vfk2/9FKP8ePnGs5fbPhvPwozCn39H5fMTbfe3K6zbvf//i/uLtaltvbjzsJz+U32/8PTmffzzfPp7n5Y7/W5996mv17R95TefjvzTU+fifCvf71TD/51X59s3PQf3reLtPh+OP+4u3u/cr3+54/Fc/k29/7q35dkfDjPvfEb7e9tbn5prP1yO1Yy2PK3tbvl3c//T3/rhxfby/eP/txz9+5ErL+WhfH0//W34/U23bx8vjfqK/b9t//X6a12fc/1N/dLTlPPfa/9UHn31V/X7b939323bnPrazsf/F+2v9jU1/+enPddxfPJ7Df3uu5fEcfm94HYf9P/mhsB7D9f97Nb+/9t+ucPS9re8/cfsvbbzU8niit/8s3//VN5xszHXj6zfc9JKX3nz51fVzl2XPrMvvr9f+T/7V2Zbj//Jt+fmI18eOfvv+lxP3f/7jk2fOzl+cm0ln9dFbGr8755358cTjvSW8t7Z/feTshQ/Pnp+YnpjOsony/gq96/aVMH+Sj8vdt15Y8g668+HwfN7x59/csP1fPxsv//f35ZdfeUf+feu1YbvPh8s3hufv2va/1JNbbmu8vmtPhyNcWPr7gldj87b/OrCiDcPjb/+5IK73c6/8cOM81K9rfN+Ir+tVHv8PZvL7+UY4rwvhNzNvvW1xf83bx9+NcOWh/PW+6vMX3ubi8/o34fl+14/y+4/HFR/vD8LPMd/e1Pp+F9fHNy4Ntd9/47d4XA7vJ9nl/Pq4VTzfV56/rePhxd9Dkl2+vfH1n6T7uf2aHuZy5j8xP3Vq7szFR6YuzM5fmJr/xCePnD578cyFI43f5XnkI71uv/j+tKHx/jQzu29v1ni3OpuPG+zFPv5zDx+f2T+9fWb2xLGLJy48fG72/Mnj8/PHZ2fmtx87cWL2471uPzdzaNfug3v27548OTdz6MDBg3sOTs6dOVs/jPygetg3/dHJM+ePNG4yf2jvwV333bd3evL02ZnZQ/unpycv9rp943vTZP3Wvz95fvbUsQtzp2cn5+c+OXto18F9+3b3/G2Ap8+dmJ+YOn/xzNTF+dnzU/ljmbjQuLj+va/X7Smn+f/If55tV8t/EV/2nrv3pd/PWvfVx5a9q3yTtl8g+lz4XTT//LJzB1bydcz9o2EmFcn/AAAAUAUx94+Fmcj/AAAAUBox968LM5H/AQAAoDRi7h8PM6lI/i9d/3/TpRXtX/9f/7/5fOn/V6z//1DR+v/5+4X+f3+stn+v/x/o/+v/6//r/+v/0wdF6//H3L8+yyqZ/wEAAKAKYu7fEGYi/wMAAEBpxNx/U5iJ/A8AAAClEXP/S8JMKpL/9f/1//X/9f/1/zvvX/9/MOn/d6f/34P+/1RWrf7/5X4ev/6//j9LFa3/H3P/S8NMKpL/AQAAoApi7r85zET+BwAAgNKIuf+WMBP5HwAAAEoj5v6NYSYVyf/6//r/+v/6//r/nfev/z+Y9P+70//vQf/f5//r/+v/01dF6//H3P+yMJOK5H8AAACogpj7Xx5mIv8DAABA8Yxc381i7n9FmMmS/H+dOwAAAABedDH335q1FcEr8u//+v/6/8Xv/69L1+n/6/9nhez/D2f6/8Wh/9+d/n8P+v/6//r/+v/0VdH6/43cn41nrwwzqUj+BwAAgCqIuf+2MBP5HwAAAEoj5v7/F2Yi/wMAAEBpxNy/KcykIvlf/1//v/j9f5//r/9f9P6/z/8vEv3/7vT/e9D/1//X/9f/p6+K1v+Puf/2MJOK5H8AAACogpj77wgzkf8BAACgNGLu//9hJvI/AAAAlEbM/ZvDTCqS//X/C97/j81R/X/9f/1//X/9/xXR/+9O/78H/X/9f/1//X/6qmj9/5j7XxVmUpH8DwAAAFUQc/+dYSbyPwAAAJRGzP2vDjOR/wEAAKA0Yu6fCDOpSP7X/y94/z/vwY/5/H/9f/1//X/9/5XR/+9O/78H/X/9/770/xcu6f/r/5MrWv8/5v4tYSYVyf8AAABQBTH3bw0zkf8BAACgNGLuvyvMRP4HAACA0oi5f1uYSUXyv/7/QPT/M/1//X/9f/1//f+V0f/vTv+/B/1//X+f/6//T18Vrf8fc/9rwkwqkv8BAACgCmLu3x5mIv8DAABAacTc/9owE/kfAAAASiPm/h1hJhXJ//r/+v/6//r/+v+d96//P5j0/7vT/+9B/1//X/9f/5++Klr/P+b+14WZVCT/AwAAQBXE3L8zzET+BwAAgNKIuf/uMBP5HwAAAEoj5v7JMJOK5H/9f/1//X/9f/3/zvvX/x9M+v/d6f/3oP/fr/78sP6//r/+P1kB+/8x998TZlKR/A8AAABVEHP/vWEm8j8AAACURsz9U2Em8j8AAACURsz902EmFcn/+v/6/6vu/zc9eP3/CvT/X714v/r/Of3/YtH/707/v4f+9f9Hsmr3/33+/3X3/0f1/ymVovX/Y+7fFWZSkfwPAAAAVRBz/+4wE/kfAAAASiPm/j1hJvI/AAAAlEbM/XvDTCqS//X/9f99/r/+v8//77x//f/BpP/fXf/7//Eh6v/7/H/9f5//r//PUkXr/8fcf1+YSUXyPwAAAFRBzP37wkzkfwAAACiNmPv3h5nI/wAAAFAaMfcfCDOpSP7X/9f/1//X/9f/77x//f/BpP/fXdU//39jrwPQ/9f/1//X/2eVHvrD5q+K1v+Puf9gmElF8j8AAABUQcz9rw8zkf8BAACgNGLu/5UwE/kfAAAASiPm/l8NMylL/u/RPNT/1//X/9f/1//vvH/9/8Gk/99d1fv/Pen/6//r/+v/01dF6//H3H8ozKQs+R8AAABIuf/XwkzkfwAAACiNmPvfEGYi/wMAAEBpxNx/OMykIvlf/1//X/9f/1//v/P+17r/PxbvV/9/VfT/u9P/70H/X/9f/1//n74qWv8/5v43hplUJP8DAABAFcTcf3+YifwPAAAApRFz/5vCTOR/AAAAKI2Y+98cZlKR/K//r/+v/6//r//fef8+/38w6f93txb9/2H9f/1//X/9f/1/gqL1/2Puf0uYSUXyPwAAAFRBzP1vDTOR/wEAAKA0Yu5/W5iJ/A8AAAClEXP/28NMKpL/9f/1//X/9f/1/zvvX/9/MOn/d+fz/3vQ/9f/1//X/6evitb/j7n/18NMKpL/AQAAoApi7n8gzET+BwAAgNKIuf8dYSbyPwAAAJRGzP3vDDOpSP7X/9f/1//X/9f/77x//f/BpP/f3YD1/395c7hc/z+n/1/s47/W/v9I29c3pP//w+X6/wvr2m+v/8+NULT+f8z97wozqUj+BwAAgCqIuf/dYSbyPwAAAJRGzP3vCTOR/wEAAKA0Yu7/jTCTiuR//f/6cSy2l/X/y9r/H9L/1//X/68I/f/uBqz/7/P/2+j/F/v4ff6//j9LFa3/H3P/e8NMKpL/AQAAoApi7n8wzET+BwAAgNKIuf+hMBP5HwAAAEoj5v73hZlUJP/r//v8/2r0/33+f6b/r/9fEfr/3en/96D/r/9ftP7/f+r/M9iK1v+Puf/hMJOK5H8AAACogpj73x9mIv8DAABAacTc/5thJvI/AAAAlEbM/R8IM6lI/tf/H5T+/8SA9v8f0/+/gf3/O2/Ot9P/1/9nkf5/d/r/Pej/6/8Xrf/v8/8ZcEXr/8fc/8Ewk5Xn//EVbwkAAAC8KGLu/60wk4r8+z8AAABUQcz9vx1mIv8DAABAacTc/zthJhXJ//r/N6T/3/jS5//7/P/29eHz//X/9f9vvLXr/8d3Hv1//X/9/0j/v0D9/4v6/xRD0fr/Mff/bphJRfI/AAAAVEHM/R8KM5H/AQAAYCB0+ky2djH3Hwkzkf8BAACgNGLuPxpmUpH8r/8/KJ//r/+fVa3//2db/+X733330V36//r/+v/XZE0//7/+4vf5//r/+v+J/n+B+v8+/5+CKFr/P+b+Y2EmFcn/AAAAUAUx9/9emIn8DwAAAKURc//xMBP5HwAAAEoj5v6ZMJOK5H/9f/1//f+C9v8H+PP/4/nQ/2/Vt/5/fNPV/+8o79+nVXRj+//vX+yJ6/9fa/9/rOOl+v/6/4N8/Pr/+v8sVbT+f8z9s2EmFcn/AAAAUAUh9w+dyOfiFfI/AAAAlEbM/SfDTOR/AAAAKI2Y+z8cZlKR/K//r/+v/6//7/P/O++/W/+/NuLz/4sq9e9/3nih6P+3KU7/vzP9f/3/QT5+/X/9f5YqWv8/5v65MJOK5H8AAACogpj7PxJmIv8DAABAacTc/9EwE/kfAAAASiPm/lNhJhXJ//r/+v/6//r/+v+d91/Yz//X/+9qtf17/f9A/1//X/9f/1//nz4oWv8/5v7TYSYVyf8AAABQBTH3nwkzkf8B/o+9O2myqz7vOH47SKVWwSK7LLJJVZZ5CSySdfICssgmi6QqlUVIQhIyIzKPJNjGs43B84AHMBhjGzwP4Akbz2Abz/OAJ4xNyUX38zxS3z59bnfrdvc5///ns+CJOjT3Qqkk/dT6+gAAQDNy918Vt9j/AAAA0Izc/X8at3Sy//X/+v9m+//f1P/v9fr6f/1/y/T/4/T/K+j/9f/6f/0/azW1/j93/5/FLZ3sfwAAAOhB7v4/j1vsfwAAAGhG7v6r4xb7HwAAAJqRu/8v4pZO9v9S/7+xmFj/n33tEff/+TL6/5b6f8//3/P19f/6/5Ydb/9/3ZM/8un/9f/6/6D/31f/f2avz9f/06Kp9f+5+/8ybulk/wMAAEAPcvf/Vdxi/wMAAEAzcvdfE7fY/wAAANCM3P1/Hbd0sv/X9/z/s1sf9/z/C/T/+v/l7x/6f/2//v/oef7/uJ76/6sfvPxPHr3zV+86yOvr//X/nv+v/2e9ptb/5+7/m7ilk/0PAAAAPcjd/7dxi/0PAAAAzcjd/3dxi/0PAAAAzcjd//dxSyf7f339/9E8/z/p//X/C/2//n/p30f/r/8fov8fN/X+/7Tn/+v/Z/z+9f/6f3abWv+fu/8f4pZO9j8AAAD0IHf/P8Yt9j8AAAA0I3f/tXGL/Q8AAADNyN1/Lm7pZP/r/4++/39C/6//j6v/1//r/4+e/n/c1Pv/dT7//zCvr//X/+v/9f+s19T6/9z918Utnex/AAAA6EHu/n+KW+x/AAAAaEbu/n+OW+x/AAAAaEbu/n+JWzrZ//p/z//X/+v/9f/Dr6//nyf9/zj9/wr6/0vt50/r//X/+n8udsD+//GRH7bX0v/n7v/XuKWT/Q8AAAA9yN3/b3GL/Q8AAADNyN3/73GL/Q8AAADNyN3/H3FLJ/tf/6//1//r/w/d/+/+rrdF/z9M/3889P/jJtP/b5wa/HC3/f9j22+0gf7f8//1//p/dpja8/9z9/9n3NLJ/gcAAIAe5O7/r7hlZP8f+DfzAQAAgBOVu/+/4xZf/wcAAIDZy+osd///xC2d7H/9v/5f/6//9/z/4dcf6//vuuj96f+nRf8/bjL9/x667f8XF96v/n++71//r/9nt6n1/7n7/zdu6WT/AwAAQA9y918ft9j/AAAA0Izc/f8Xt9j/AAAA0Izc/f8ft3Sy/4f7/wv/f/3//uj/d75//f/w94919f/5T9T/j/b/v+X5/33S/487/v7/jP5/5z9f/3+ETvr9N97/n131+fp/hkyt/8/df0Pc0sn+BwAAgB7k7n9K3GL/AwAAQDNy9z81brH/AQAAoBm5+58Wt3Sy/z3/X/+v/59f/7/8/P+k/992HM//Xxx7/39K/79P+v9xnv+/gv5f/6//9/x/1mpq/X/u/hvjlk72PwAAAPTgxscWW7v/6YuF/Q8AAABzdPGfHVj+A6Uhd/8z4hb7HwAAAJqRu/+ZcUsn+1//r//X/8+///f8/x76f8//3y/9/zj9/wr6/6Po50811v/ftNfnT6H/v1b/z8Ts6P/vufDxk+r/c/c/K27pZP8DAABAD3L3Pztusf8BAACgGbn7nxO32P8AAADQjNz9z41bOtn/R97/n937tfX/+n/9v/5f/6//Xzf9/zj9/wr6f8//9/x//T9rtaP/v8hJ9f+5+58Xt3Sy/wEAAKAHufufH7fY/wAAANCM3P03xS32PwAAADQjd/8L4pZO9r/n/+v/9f/6f/3/8Ovr/+dJ/z9O/7+C/l//r//X/7NWU+v/c/ffHLd0sv8BAACgB7n7b4lb7H8AAABoRu7+F8Yt9j8AAAA0I3f/i+KWTva//v9o+//8uP5f/7/Q/+v/9f/Hotv+f2PoZ6Ld9uj/7/+jc7+z8yP6f/2//l//r/9nDSbR/5+/8KvL3P0vjls62f8AAADQg9z9L4lb7H8AAABoRu7+l8Yt9j8AAAA0I3f/y+KWA+7/X17ruzo++n/P/9f/6//1/8Ovr/+fp9n1/6d3ftPz//X/+v/5vn/9v/6f3SbR/1/07dz9L49bfP0fAAAAmpG7/xVxi/0PAAAAzcjd/8q4xf4HAACAZuTuf1Xc0sn+1//r//X/+n/9//DrH7b/31wM0/8fj9n1/0v0//p//f9837/+X//PblPr/3P33xq3dLL/AQAAoAe5+18dt9j/AAAA0Izc/a+JW+x/AAAAaEbu/tfGLZ3sf/2//l//r//X/w+/vuf/z5P+f5z+f7FY3DbyBob6//Nn9P/6f/2//p9Dmlr/n7v/dXFLJ/sfAAAAepC7/7a4xf4HAACAZuTuvz1usf8BAACgGbn7Xx+3dLL/9f/6f/2//l//P/z6+v950v+P0/+v4Pn/+n/9v/6ftZpa/5+7/464pZP9DwAAAD3I3X9n3GL/AwAAQDNy978hbrH/AQAAoBm5+++KWzrZ//p//b/+X/9/JP3/Of3/Mv3/8Ti6/n+h/9f/6/9X0P/r//X/LDuu/v/x+PF+Vf+fu/+NcUsn+x8AAAB6kLv/7rjF/gcAAIBm5O5/U9xi/wMAAEAzcve/OW7pZP/r//X/+n/9v+f/D7++/n+ePP9/nP5/Bf2//l//r/9nrY6r/9+r91/+du7+t8Qtnex/AAAA6EHu/nviFvsfAAAAmpG7/964xf4HAACAZuTuf2vc0sn+1//r/3f2/4uF/l//r//fdgz9/+ZC/792+v9x+v8V9P9t9v+/tGio/z+75+fr/5miqfX/ufvfFrd0sv8BAACgB7n73x632P8AAADQjNz974hb7H8AAABoRu7+d8YtLe3/J/ZO3+bf/59Z+kT9/2KxeOgaz//X/4+8vv5/Mv1//VfV/6+P/n+c/n8F/X+b/b/n/+v/OTFT6/9z978rbmlp/wMAAEDncve/O26x/wEAAKAZufvfE7fY/wAAANCM3P3vjVs62f/z7/+XP1H/v7ik5//r/7c+oP/X/+v/Z+tS+/ubN+PnNP2//l//P9jPb+zx656F/l//r/9nwNT6/9z974tbOtn/AAAA0IPc/ffFLfY/AAAANCN3//1xi/0PAAAAzcjd//64pZP9r//X/+v/59n/b+r/9f/6/0F79vdX7O/z1/X8/yuv/O0H9P/6/xb7/zH6f/2//p9lU+v/c/d/IG7pZP8DAABAD3L3fzBusf8BAACgGbn7PxS32P8AAADQjNz9H45bOtn/u/v/04vtQnXbUP8fjZr+/yL6/53vX/8//P3D8//1//r/o3epz99fV//v+f+He//6f/3/nN//gfr/X9v9+fp/WjS1/j93/wNxy8jw2/stAQAAAFOUu/8jcUsnX/8HAACAHuTu/2jcYv8DAABAM3L3Pxi3dLL/Pf9f/6//1//r/4dfX/8/T/r/cfr/FfT/+n/P/7/qDy7T/7M+U+v/c/d/LG7ZGn6/fsUh/zUBAACACcnd//G4pZOv/wMAAEAPcvd/Im6x/wEAAKAZufs/Gbd0sv/1//p//b/+X/8//Pr6/3nS/4/T/6/QT/+/OfTBk+7nL9VJv/9m+n/P/2eNptb/5+7/VNzSyf4HAACAHuTu/3TcYv8DAABAM3L3fyZusf8BAACgGbn7H4pbOtn/+n/9f/v9/+/r/5deX/+v/2+Z/j9/Rh+m/1+hn/5/0En383N///r/sf7/4D8e0oap9f+5+x+OWzrZ/wAAANCD3P2fjVvsfwAAAGhG7v7PxS32PwAAADQjd//n45ZO9r/+v6/+f2PRY//v+f/6f/1/T+bT/99yauijnv+v/9f/z/f96/89/5/dptb/5+5/ZONUl/sfAAAA5up3f+OPH97v3/vI1l83F1+IW+x/AAAAaEbu/i/GLfY/AAAANCN3/5filk72v/6/r/6/z+f/6//1//r/nsyn/x+m/9f/6//n+/71//p/dpta/5+7/8txy0XDb/B/oAcAAACYjdz9X4lbOvn6PwAAAPQgd/9X45Zd+//8Pv9UOwAAADA1ufu/Frd08vV//f/E+//FEfX/8ffp/7fp//X/Q6+v/58n/f+4S+z/z2/o//X/I/T/+n/9P8um1v/n7r/7jkWX+x8AAAAateN3FL6+9dfNxTfiFvsfAAAAmpG7/5txi/0PAAAAzcjd/624pZP9r/+feP9/qOf/n63/y/P/O+//r98cfH39v/6/Zfr/cZ7/v4L+X/+v/9f/s1YH6P+3BulR9/+5+78dt3Sy/wEAAKAHufu/E7fY/wAAANCM3P3fjVvsfwAAAGhG7v7vxS2d7H/9/wn0/zecWSyOtP/fx/P/9f999P97vH47/f+vXH7uvt/7w9tv1f9zwXH2//l9Qf+v/9f/b9P/6//1/yyb2vP/c/d/P27pZP8DAABAD3L3Pxq32P8AAADQjNz9P4hbntz/957UuwIAAADWKXf/D+OWTr7+r/9v8fn/8+z/87/1CfT/5+bX/2dT3Hv/7/n/+v/dPP9/nP5/Bf2//l//r/9nrabW/+fu/1Hc0sn+BwAAgB7k7v9x3JL7f+PAv3UPAAAATEzu/p/ELb7+DwAAAM3I3f9Y3NLJ/tf/6/8P2/+f9fx/z//X/2/R/0+L/n+c/n8F/b/+X/+v/2etptb/5+7/adzSyf4HAACAHuTufzxusf8BAACgGbn7fxa32P8AAADQjNz9P49bOtn/+n/9/1Se/5/0/xc+T/+/Tf+v/z8I/f+4g/T/lw38ukD/r/8fo//X/+v/WTa1/j93/y8CAAD//zJLcR4=")
chdir(&(0x7f0000000000)='./file0\x00')
r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
renameat2(r0, &(0x7f0000000180)='./file1\x00', r0, &(0x7f00000001c0)='./file0\x00', 0x0)
truncate(&(0x7f00000000c0)='./file0\x00', 0x9)

4.262643648s ago: executing program 1 (id=1332):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000280)=""/48, 0x30}, {&(0x7f0000000b40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/38, 0x26}], 0x3}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)

4.064430545s ago: executing program 2 (id=1333):
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x2000c8, &(0x7f00000006c0)=ANY=[@ANYBLOB='codepage=874,nodots,dots,tz=UTC,dots,dots,dots,dots,dots,check=strict,allow_utime=00000000000000001000001,codepage=936,nodots,nodots,sys_immutable,dots,nodots,nodots\x00\x00\x00\x00s,usefree,codepage=850,nodots,nodots,quiet,\x00'], 0xfd, 0x1bf, &(0x7f0000000940)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r1 = openat(r0, &(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r1, 0x40047211, &(0x7f0000000000))
openat$cgroup_ro(r1, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)

3.957873964s ago: executing program 1 (id=1334):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
symlink(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus\x00')
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="66113006e73914c23324b7b035aebe6c66b1956649e6dabdd6a266d5c56b3ee905000000000000002a561709dfe16bf5d28387233e630c25ada26531627d73e5e03df328ccb20eeedbe1e5edf2582bf74ed14b4d", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

3.840895074s ago: executing program 2 (id=1335):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r2}, 0x18)
connect$can_j1939(r0, &(0x7f0000000100)={0x1d, r2, 0x2, {0x0, 0x0, 0x4}}, 0x18)

2.970878488s ago: executing program 0 (id=1336):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x3, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r2, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8a85009a10d943a, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc45, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffff81, 0x14, 0x0, 0x0, 0xffffffffffffff47, 0x10, 0x8, 0x0, 0x0}}, 0x64)

2.796309063s ago: executing program 2 (id=1338):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
symlink(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus\x00')
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="66113006e73914c23324b7b035aebe6c66b1956649e6dabdd6a266d5c56b3ee905000000000000002a561709dfe16bf5d28387233e630c25ada26531627d73e5e03df328ccb20eeedbe1e5edf2582bf74ed14b4d", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10)

2.778957554s ago: executing program 1 (id=1339):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={0x30, r1, 0xa05, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "12e7ee6b09830dfa49f5a985f4e3cf35"}]}, 0x30}}, 0x0)

2.692441192s ago: executing program 3 (id=1340):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
tee(r3, r1, 0x5, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
process_vm_writev(r2, 0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000000440)=""/4096, 0x1000}, {0x0}, {0x0}, {0x0}], 0x4, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x20000023896)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x80ffffffffffff, 0x13, r0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

1.633200171s ago: executing program 0 (id=1341):
syz_mount_image$hfs(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x4004, &(0x7f0000000240)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030303031302c636f6465706167653d63703835352c696f636861727365743d6370313235302c0065fcfac35652d2119752177b83dd62bd1f7de553835128ed9475d69a7ff68815d149e3d770260f87adedaaa6166f2883a669eadf2fc703841d76d28addf20312d9c8fc5b9c22b6ded1166f95bc118305a3ee7ebad510e9785ba1b21c76ac0d23979366134009b2e8055dfdb125c12135913b94b66581"], 0x1, 0x2f2, &(0x7f0000000580)="$eJzs3b1uE0sYxvFn1nbsfChnT5KjI9GAApGgiQhQIBoj5JaeCgG2I0VYiUiCBDQERIm4AHpugYugAXEDUFHRk4pBMx4762S9jgn2JuH/k2ytZ2d23/Xsx7yrOCsAf61btS/vrn5zLyMVVJB0Q4okVaSipP/0f+Xx+vbadqvZyFpQwbdwL6N2S3OgTn29mdbUtfMtgth9KmomWYbRsNbe/Jp3EMidP/pTRFI5HId+fmXMcY3KjnQ27xjGLdnBZle7eqLZHMMBABwD4fofhcvEjC8yiiJpKVz2T9X1f/f0bIpzrXWgyGY2SFz//ejOGte///hZe/meT+Hc/KiTJR4mmNK+zxNq71k9A0wzKKv0sUSTq2tFLddfqBHppapBotqCf2+0d92OAdEupuSmGfovraTbU+2t8SPK/Tohra61mmU3kRL//HBrPDrzwXwyd02st2p0x39Fa1w3+Z6K9/VUVHLxX+6/xGnfytVSSPur1WrUU+Vfv5IzYQ3BgK2spGckyWV2bhDsdCPIitOve069txXaW7cyoNV8Wqu4+6lPq4WeVoWwJyzXN1qZt1JGo7OJ5o25Yxb1Xe9VS4z/IxffkhJHZtb50fiaYc+ob+intRPpNYu+ZnzgdLt3uJzrRhCUh942SEPeLXutB7qu2a2nzx4WWq3mppu4nzLxaGbThJLSKym1zugnCsqoo529Eus8t/awS7ZHCMwM+jYuDV7Oj8Ov1J0/uiXu8Emr7I6ybkn0B755a3Lo7kET5bz2wzBR+6isHfLkTFgr9Zk1svMUjpEt0+n0UDCZc0AYNzfuMu38z4/kw6jOp0juLc4Yp2cnmepZ4ko3g+sdCs7596mhMrjp/hlcYo1X+uSMPuc6f1G6kCg0ylxjHOI8JUxNn3WP+/8AAAAAAAAAAAAAAAAAAAAnTfij/85PNkfyS4OcNxEAAAAAAAAAAAAAAAAAAAAAgBPvt57/m/Y/4v3zf+NxP//XDvUgJwA9fgUAAP//11V3YA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_cpus\x00', 0x275a, 0x0)

1.632915111s ago: executing program 1 (id=1342):
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f00000001c0)='./bus\x00', 0x1200c86, &(0x7f00000008c0)=ANY=[@ANYBLOB='codepage=euc-jp,umask=00000000000000000000000,iocharset=cp932,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c66696c655f756d61736b3d30303030303030303030303030303030303030303430312c00c994e48a9982fd053a91804fd916d456fbdad755abc919da7043fe4b61596d3ff66315b84278e675ecc2703026dae370642e1e144299773d50b3e346959705c70300e831d95fbcaf24ffda352e6218b6df10ccfa7bd138ca492d5ccd6443fee65a368969318ca163c876cf2ea518", @ANYBLOB="524559d5ca64b9614ac790f92544507b49ca6d8740b726ec1b465f8280b7ec7752b1e6cefd04cb2ac2dff2c10d60eba946fd70998a8314bddf512cafa839ea2a9fa7f9cd98e15227ddf1d04b5a1d490af9975077d4e5b9a8d1100aef24b06909cdf88974a899100f74a452914470c6", @ANYRES16, @ANYRESOCT], 0x1, 0x286, &(0x7f0000000200)="$eJzs3c9qE1EUx/HfnaRtakud/pGCy2rBldi6ETeK9CFciKhNhGKooBXUlbgWcSe4d+dafAE3rsQX0JUrHyC7kXtnkkzi/Gs0uU38fiAhOvfcOaczydwTSCIA/60be9/fX/5pb0aqqSbpqhRIakh1SWe02XhyeHRw1G41iyaquQh7M4ojzR9j9g9bWaE2zkUkQvuvupbT/4fxiKIo+uE7CXjnnv0ZAmkheXa67Y2JZzYeL3wn4JnpqKOnWvGdBwDAr+T6HyTX+eVk/R4E0nZy2Z+p63/HdwKepa7/rsuKjD2+p92mfr/nWji7Peh2iQUz5m6ZV3xmDSwwTVlX6XIJFu8ftFsX9x+2m4Fe6loiNWzD3TfjU7erJNutgmQzlNeeZ8nVMGdr2M3Jf32UPb49fio95ov5am6bUO/U7K3/6pGxh8kdqdAdqbAXEOd/KX9GV2UYj8qpctXt5GyyB336UKHKRnZHou4ZtarBNwjCbp5v5gui1oai4up28qtzUeuZUbslURvDUf2zOT9ydDllDzGvzU2zpV/6qL3U+j+wf+1tVXlm2jFuZHJmFNZTdyPDCokFldJHVXOFW1/pnq5o5fGz5w/uttutR1PxoHYy0pj4g7omsa/uCXMiSp7tB/rreWpa0FhTLXrxWPyXr1PwqH/QtXnLdzLwwa67TNz/pfqV626b7ZNCt06fU9Y6PSqbPDXjTk5vsObuTx2rg1vK7+Cq9lznLkjnC/b4eXDaMMlzRpg9fdMd3v8HAAAAAAAAAAAAAAAAAACYNtU+D7CQjB7t4wSeSwQAAAAAAAAAAAAAAAAAAAAAYOqN//d/U9/qXf77v+5buvn9X2AyfgcAAP//C8h7PA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)

1.629478542s ago: executing program 2 (id=1343):
r0 = socket(0x40000000015, 0x5, 0x0)
syz_mount_image$jfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x8000, &(0x7f0000006580)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0, @ANYBLOB=',resize,nodiscard,usrquota,errors=remount-ro,discard,resize=0x0000000000000000,gid=', @ANYRESHEX=r0, @ANYBLOB=',errors=continue,iocharset=macgaelic,uid=', @ANYRESHEX=0x0, @ANYBLOB=',noquota,grpquota,nointegrity,uid=', @ANYRESDEC=0x0, @ANYBLOB=',smackfstraYsmute=noquota,uid=', @ANYRESDEC=0x0, @ANYBLOB=',permit_directio,id=\x00\x00', @ANYRESDEC=0xee01, @ANYBLOB="2c6f626a5f757365723df326265b275d242c412c00"], 0x1, 0x61ac, &(0x7f00000003c0)="$eJzs3UtvHWf9B/DfnJsv+TeNuqj6jxBy23AppbmWECjQZAELNixQtihR6lYRKaAkoLSKiCtvWPAiQEgsEWLJihfQBVt2vAAi2UigrjpofJ7HGU/OybHr+ozt+XwkZ+Z3nhmfZ/I9cy6emfMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA//MGPLxQRceNX6YZTEf8X/YhexFJVr0TE0sqpvPwgIl6KreZ4MSKGCxHV+lv/PB/xZkR8fDLdFrF2cZf9+P6f//GHn5z40d//NDz337/c7781bbkHD377n78+2s8WAwAAQPeUZVkW6WP+6fT5vtd2pwCAuciv/2WSb1er1Wq1Wn386rpyskf1IiLW6utU7xkcjgeAI2YtPmm7C7RI/p02iIgTbXcCONSKtjvAgdjYfHirSPkW9deDlXF7PhdkR/5rxdZ6ef1J01ma55jM6/G1Hv14YUp/lubUh8Mk599r5n9j3D5Kyx10/vMyLf/R+NKnzsn595v5Nxyf/HsT8++qnP9gT/n35Q8AAAAAAIdY/vv/qZaP/y7sf1N25VnHf1fm1AcAAAAAAAAA+Lztd/y/bY3x//J5AMb/AwAAgPZVn9Urvzv55LZp38VW3X69iHiusTzQMelimeW2+wEAAAAAAAAAAAAAXTIYn8N7vYgYRsRzy8tlWVY/dc16r/a7/lHX9e2HLmv7SR4AAMY+Ptm4lr+IWIyI6+m7/obLy8tlubi0XC6XSwv5/exoYbFcqn2uzdPqtoXRLt4QD0Zl9csWa+vVzfq8PKu9+fuq+xqV/V10bD5aDBwAImL8arThFemYKcvno+13ORwNT+3/xdSvAOOIsP+zG20/TgEAAICDV5ZlWaSv8z6djvn32u4UADAX+fW/eVxArVar1Wr18avryske1YuIWKuvU71nMBw/ABwxa/FJ212gRfLvtEFEvNR2J4BDzQVBx9PG5sNbRcq3qL8epPHd87kgO/JfK7bWy+tPms7SPMdkXo+v9ejHC1P68+Kc+nCY5Px7zfxvjNtHabmDzn9epuVfbeepFvrTto3Na4Mq234z/4bjk39vYv5dlff/wZ7y7+86/ytT7lf+AAAAAABwcPLf/08dquO/o8+6OTM96/jvyoHdKwAAAAAAAAAcrI3Nh7fyda/5+P8XJizn+s/jKedfyL+Tcv69Rv5fbSzXr80/vvYk/39vPrz1x/v/+v883W3+C3mmSI+sIj0iinRPxSBN97N1T1sf9kfVPQ2LXn+Qzvkph+/G7bgTq3F+x7K99P/xpP3Cjvaqp8Ot9rI/br+4o32w3Z7Xv7SjfZjOdCqXcvvZuBU/jzvxzlZ71bYwY/sXZ7SXM9pz/n37fyfl/Ae1nyr/5dReNKaVxx/1ntrv69NJ93P19hd/c/7gN2em9ehvb1tdtX2vtNCfrf+TE6P45b3Vu2cf3Lx//+6FSJMdt16MNPmc5fyH6Wf7+f/VcXt+3q/vr48/Gu05/8NiPQZT83+1Nl9t72tz7lsbcv6j9JPzfye1T97/j3L+0/f/11voDwAAAAAAAAAAAAAAADxLWZZbl4he7UVcTtf/tHVtJgAwX1dj/PpfJvn2edX9Od+fWn3E6+KQ9Weu9afl4eqPWn0U67pysrfrRUT8rb5O9Z7h15N+GQBwmH0aEf9suxO0Rv4dlr/vr5qeabszwFzd++DDn968c2f17r22ewIAAAAAAAAAfFZ5/M+V2vjPZ8qyfNRYbsf4r9diZb/jfw7yzPYAo1MGqu7vfZueZb036vdqw42/HNPG/x5uzz1r/O/BjPsbzmgfzWhfmNG+OKN94oUeNTn/l2vjnZ+JiNON4de7MP5rc8z7Lsj5v1J7PFf5f6WxXD3/8vdHOf/ejvzP3X//F+fuffDhG7ffv/ne6nurP7t04cL5S5cvX7ly5dy7t++snh//22KPD1bOP4997TzQbsn558zl3y05/y+lWv7dkvP/cqrl3y05//x+T/7dkvPPn33k3y05/9dSLf9uyfl/LdXy75ac/+upln+35Py/nmr5d0vO/41Uy79bcv5nUy3/bsn5n0v1LvNfOuh+MR8bmw+3jrDnI1z2/27J+38+s0H+3ZLzv5hq+XdLzv9SquXfLTn/N1Mt/27J+X8j1fLvlpz/5VTLv1ty/t9Mtfy7Jed/JdXy75ac/7dSLf9uyfl/O9Xy75ac/1upln+35Py/k2r5d0vO/7upln+35Py/l2r5d0vO/+1Uy79bnnz/vxkzZszkmbafmQAAAAAAAAAAAACApnmcTtz2NgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb17jZHrrO8HfmZvXjshMRDyd/I3sHaMMc4mu77EF1oXE64NtxIIhV6wXe/aLPiG1y6BRrJRoETCqKiibXjRFhBq86bCqnhBq4DyArWqVIm0leANoqrEi6gKKCBVaivIVnPmeZ6dmT07s+sd2zPnfD5S/PPOnplz5swzs/td57sDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADTb8qbZz9WyLKv/l/+xMcturf99/cTG/LLX3+wjBAAAANbql/mfL9yeLji8gis1bfOPr/reNxcWFhayDw7/yeiXFhbSJyaybHRdluWfi67+x4dqzdsEj2fjtaGmj4e67H64y+dHunx+tMvnx7p8fl2Xz493+fySE7DE+sbPY/Ib25b/dWPjlGZ3ZKP557YVXOvx2rqhofiznFwtv87C6IlsLjuVzWbTLds3tq3l2z+9pb6vt2dxX0NN+9pcXyE/e+x4PIZaOMfbWva1eJvRT96YTfz8Z48d/6sLz99VNLuehpbbaxznjq314/xMuKRxrLVsXTon8TiHmo5zc8FjMtxynLX8evW/tx/nCys8zuHFw7yh2h/z8Wwo//uz+Xkaaf6xXjpPm8Nl/31PlmWXFw+7fZsl+8qGsg0tlwwtPj7jjRVZv436UnpZNrKqdbplBeu0Pme2ta7T9udEfPy3hOuNLHMMzQ/TTz491vS4/2LhWtZpVL/Xyz1X2tdgr58r/bIG47p4Nr/TTxSuwW3h/j+2ffk1WLh2CtZgut9Na3BrtzU4NDacH3N6EGr5dRbX4K6W7YfzPdXy+dz2zmtw6sLpc1Pzn/zUfXOnj52cPTl7Zs+uXdN79u07cODA1Im5U7PTjT+v8Wz3vw3ZUHoObA3nLj4HXtu2bfNSXfjq2JLX32t9Ho53eB5ubNu218/DkfY7V7sxT8ila7rx3Hh//aSPXxnKlnmO5Y/PzrU/D9P9bnoejjQ9Dwu/phQ8D0dW8Dysb3Nu58q+Zxlp+q/oGJb/WrC2NbixaQ22fz/SvgZ7/f1Iv6zB8bAufrhz+a8Fm8PxPjG52u9HhpeswXR3w2tP/ZL0/f74gXwUrcu765+4ZSy7OD97/v5Hj124cH5XFsYN8fKmtdK+Xjc03adsyXodWvV6PTz3qifuLrh8YzhX4/fV/xhf9rGqb7P3/s6PVf7Vrfh8tly6Owujx270+Sz6al4/n2NZ9uXvfvrhbz/25Tctez7refMzU2v/Xjzl0qbX39FlXn9j7n+xsb90U48Pj440nr/D6eyMtrwetz5UI/lrVy3f9wtTK3s9Hg3/3ejX4zs6vB5vatu216/Ho+13Lr4e17r9tGNt2h/P8bBOTk13fj2ub7Np92rX5EjH1+N7wqyF8/+6kBRSLmpaO8ut27SvkZHRcL9G4h5a1+melu1HQzar7+up3de2Tnfc07it4XTvFt2odTrRtm2v12n62ddy67TW7adv16b98RwP6+KOPZ3XaX2bZ/au/bVzffxr02vnWLc1ODo8Vj/m0bQI89f7bGF9XIP3Z8ezs9mpbCb/7Fi+nmr5viYfWNkaHAv/3ejXyk0d1uCOtm17vQbT17Hl1l5tZOmd74H2x3M8rIsnH+i8BuvbvHn/atbgQtfvXXeES9I2Td+7bmn6AXann3nd3XaartdaGQnH+d39nX82W9/m1IHV5szO5+necMktBeep/fm73HNqJlvpeaqt+TlVP87nDyx/nurHU9/mSwdXuJ4OZ1l26eMP5j/vDf++8rcXv//Nln93Kfo3nUsff/CnLznxD6s5fgAG34uNsaHxta7pX6ZW8u//AAAAwECIuX8ozET+BwAAgNKIuT/+X+GJ/A8AAAClEXP/SJhJRfL/pjc/P/fipSw18xeC+Pl0Gh5qbBc7rtPh44mFRfXLH/z67H/9/aWV7Xsoy7JfPPQHhdtveigeV8NEOM6rb2m9fIlv3reifR995FLab3N//Svh9uP9WekyKKrgTmdZ9vTtX8j3M/GhK/l85qGj+Xz48hOP17d54WDj43j9517e2P7PQ/n38IljLdd/LpyHH4c5/Y7i8xGv940rr9u8/wOL+4vXq229Lb/bT364cbvx9+R88fHG9vE8L3f83/78U9+ob//oa4qP/9JQ8fE/FW7362H+zysb2zc/BvWP4/U+G44/7i9e7/6vfafw+K9+rrH9ubc2tjsaZtz/jvDxtrc+P9d8vh6tHWu5X9nbGtvF/U9//4/yz8fbi7fffvzjR660nI/29fHMvzZuZ6pt+3h53E/0d237r99O8/qM+3/qD4+2nOdu+7/68HOvrN9u+/7vbdvu3Md35vtfvL3W39j0F5/9QuH+4vEc/ptzLffn8HvD8zjs/8kPh/UYPv+/Vxu31/7bFY6+t/X1J27/lY2XWu5P9PafN/Z/9Q0n87lufP2GW259yW2XX10/d1n27LrG7XXb/8m/PNty/F+9s3E+4udjR799/8uJ+z//ickzZ+cvzs2ks/rY7fnvznln43ji8d4eXlvbPz5y9sJHZs9PTE9MZ9lEeX+F3jX7Wpg/bYzLq73+zkfC43n3nz29Yfu/fD5e/oP3Ny6/8o7G163Xhu2+GC7fGB6/te7/yS135s/v2jONj1t67D2wedt/HljRhuH+t39fENf7uVd8JD8P9c/lXzfi83qNx/+jmcbtfCuc14Xwm5m33rm4v+bt4+9GuPK+xvN9zecvvMzFx/Wvw+P9rh83bj8eV7y/Pwrfx3xnU+vrXVwf37o01H77+W/xuBxeT7LLjc/HreL5vvLCnYWHF38PSXb5rvzjP063c9eq7uZy5j85P3Vq7szFR6cuzM5fmJr/5KeOnD578cyFI/nv8jzy0W7XX3x92pC/Ps3M7tub5a9WZxvjOrvZx3/ukeMz+6e3z8yeOHbxxIVHzs2eP3l8fv747Mz89mMnTsx+otv152YO7dp9cM/+3ZMn52YOHTh4cM/BybkzZ+uH0TioLvZNf2zyzPkj+VXmD+09uOuBB/ZOT54+OzN7aP/09OTFbtfPvzZN1q/9+5PnZ08duzB3enZyfu5Ts4d2Hdy3b3fX3wZ4+tyJ+Ymp8xfPTF2cnz0/1bgvExfyi+tf+7pdn3Ka//fG97Ptao1fxJe959596fez1n3908veVGOTtl8g+nz4XTT/9NJzB1byccz9o2EmFcn/AAAAUAUx94+Fmcj/AAAAUBox968LM5H/AQAAoDRi7h8PM6lI/i9d/3/TpRXtX/9f/7/5fOn/V6z//75+6/83Xi/0/3tD/78z/f8u9P+vpT8/Fv+i/6//r/9Pu37r/8fcvz7LKpn/AQAAoApi7t8QZiL/AwAAQGnE3H9LmMmq8v/CrT0+LAAAAKCHYu6/NcykIv/+r/+v/6//r/+v/1+8f/3/waT/35n+fxf6/1NZtd7//3Ivj1//X/+fpfqt/x9z/0vCTCqS/wEAAKAKYu6/LcxE/gcAAIDSiLn/9jAT+R8AAABKI+b+jWEmFcn/+v/6//r/+v/6/8X71/8fTPr/nen/d6H/f1PfP3/Qj1//X/+fpfqt/x9z/0vDTCqS/wEAAKAKYu5/WZiJ/A8AAAD9Z+TarhZz/8vDTJbk/2vcAQAAAHDTxdx/R9ZWBK/Iv//r/+v/6//r/+v/F+9/5f3/4Uz/v3/o/3em/9+F/r/+v/6//j891W/9/zz3Z+PZK8JMKpL/AQAAoApi7r8zzET+BwAAgNKIuf//hZnI/wAAAFAaMfdvCjOpSP7X/9f/1//X/9f/L96/9/8fTPr/nen/d6H/r/9f/v7/6x9e5vr6/1wP/db/j7n/rjCTiuR/AAAAqIKY++8OM5H/AQAAoDRi7v//YSbyPwAAAJRGzP2bw0wqkv/1//X/9f/1//X/i/ev/z+Y9P870//vQv9f/7/8/f9l6f9zPfRb/z/m/leGmVQk/wMAAEAVxNz/qjAT+R8AAABKI+b+V4eZyP8AAABQGjH3T4SZVCT/6//r/+v/6//r/xfv//r3/9els6r/3zv6/53p/3eh/6//r/+v/09P9Vv/P+b+LWEmFcn/AAAAUAUx928NM5H/AQAAoE+tW/U1Yu6/J8xE/gcAAIDSiLl/W5hJRfK//r/+v/6//r/+f/H+vf//YNL/70z/vwv9f/1//X/9f3qq3/r/Mfe/JsykIvkfAAAAqiDm/u1hJvI/AAAAlEbM/a8NM5H/AQAAoDRi7t8RZlKR/K//r/+v/6//r/9fvH/9/8Gk/9+Z/n8X+v/6//r/+v/0VL/1/2Puf12YSUXyPwAAAFRBzP07w0zkfwAAACiNmPvvDTOR/wEAAKA0Yu6fDDOpSP7X/9f/1//X/9f/L96//v9g0v/vTP+/C/1//X/9f/1/eqrf+v8x998XZlKR/A8AAABVEHP//WEm8j8AAACURsz9U2Em8j8AAACURsz902EmFcn/+v/6//r/+v+r6v+/evF29f8b9P/7i/5/Z8v3/9sOVf9f/1///yb1/0f1/ymVfuv/x9y/K8ykIvkfAAAAqiDm/t1hJvI/AAAAlEbM/XvCTOR/AAAAKI2Y+/eGmVQk/+v/6/9Xsv//A/1/7/+v/19W+v+d9f79/+Nd1P/X/9f/9/7/+v8s1W/9/5j7HwgzqUj+BwAAgCqIuX9fmIn8DwAAAKURc//+MBP5HwAAAEoj5v4DYSYVyf/6//r/lez/e/9//X/9/9LS/++s9/1/7/+v/79I/1//X/+fdv3W/4+5/2CYSUXyPwAAAFRBzP2vDzOR/wEAAKA0Yu7/lTAT+R8AAAAGz2jxxTH3/2qYSUXyv/6//r/+v/6//n/x/vX/B5P+f2f6/12suP//b5n+/1L6//r/+v+067f+f8z9h8JMKpL/AQAAoApi7v+1MBP5HwAAAEoj5v43hJnI/wAAAFAaMfcfDjOpSP7X/9f/1//X/9f/L97/Tez/H870/6+Z/n9n+v9deP9//X/9f/1/eqrf+v8x978xzKQi+R8AAACqIOb+B8NM5H8AAAAojZj73xRmIv8DAABAacTc/+Ywkyrk//rd1f/X/9f/1//X/y/cv/f/H0z6/53p/3eh/6//r/+v/09P9Vv/P+b+t4SZVCH/AwAAwECaWPU1Yu5/a5iJ/A8AAAClEXP/28JM5H8AAAAojZj73x5mUpH87/3/9f/1//X/9f+L96//P5jW2L9fqGWZ/n+m/6//r/+v/6//T2/0W/8/5v5fDzOpSP4HAACAKoi5/6EwE/kfAAAASiPm/neEmcj/AAAAUBox978zzKQi+V//X/9f/1//X/+/eP/6/4PJ+/93NmD9/1/eFi7X/2/Q/+/v4x+s/v/Cuvbr6/9zPfRb/z/m/neFmVQk/wMAAEAVxNz/7jAT+R8AAABKI+b+94SZyP8AAABQGjH3/0aYSUXyv/5//TgW28v6//r/+QX6//r/+v8DS/+/swHr/3v//zb6//19/IPV/1+qW/9/fZfr6/9TpN/6/zH3vzfMpCL5HwAAAKog5v6Hw0zkfwAAACiNmPvfF2Yi/wMAAEBpxNz//jCTiuR//X/v/6//r/+v/1+8f/3/waT/35n+fxf6//r/+v/e/5+e6rf+f8z9j4SZVCT/AwAAQBXE3P+BMBP5HwAAAEoj5v7fDDOR/wEAAKA0Yu7/YJhJRfK//v+g9P8n9P/1//X/2+6P/r/+fxH9/870/7vQ/9f/1//X/6en+q3/H3P/h8JMKpL/AQAAoApi7v+tMBP5HwAAAEoj5v7fDjOR/wEAAKA0Yu7/nTCTiuR//f9B6f97//9M/1//v+3+6P/r/xe5cf3/+Mqj/6//X9r+f31X+v9l7/+PLv5V/5/rod/6/zH3/26YSUXyPwAAAFRBzP0fDjOR/wEAAGAgFP0/2e1i7j8SZiL/AwAAQGnE3H80zKQi+V//X/9f/79P+/9/uvWff/i9dx/dpf+v/6//vyo39P3/60/+a37///WFl+r/6//3Uf/f+/9Xof/fRP+f66Hf+v8x9x8LM6lI/gcAAIAqiLn/98JM5H8AAAAojZj7j4eZyP8AAABQGjH3z4SZVCT/6//r/+v/92n/f4Df/z+ejwHo/w/f+P7/8Nr7//FFV/+/0A3t/39gsSfu/f9X2/8fK7xU/1//f5CPX/9f/5+l+q3/H3P/bJhJRfI/AAAAVEHI/UMnGnPxE/I/AAAAlEbM/SfDTOR/AAAAKI2Y+z8SZlKR/K//r/+v/6//7/3/i/fv/f8Hk/5/Z/3T/y+m/6//P8jHr/+v/89S/db/j7l/LsykIvkfAAAAqiDm/o+Gmcj/AAAAUBox938szET+BwAAgNKIuf9UmElF8r/+v/6//r/+v/5/8f71/weT/n9n+v9d6P/r/+v/6//TU/3W/4+5/3SYSUXyPwAAAFRBzP1nwkzkfwD+j707a7asPus4fhoburt4AV54470vgYvmWl+AF3hhFVpleSEq4qyA84jzPKDirGgCCSETmSfIRELmkHmeQ8hEUtUp+jzP02dYZ+1zuvfuXvv/fD43jx44rC11hPzS/a0FAMAwcvffFrfY/wAAADCM3P0/Gbc02f/6f/3/Cfv/O85sS/9/Xv9/1PP1//r/ken/5+n/V9D/6//1//p/1mpp/X/u/p+KW5rsfwAAAOggd/9Pxy32PwAAAAwjd//tcYv9DwAAAMPI3f8zcUuT/X+g/z+107P/z4xX/+/9//p//b/+f8td3f7/7mf/ybeR/v/W+P9z/f/u1/X/u/T/y/78+n/9P4ctrf/P3X9H3NJk/wMAAEAHuft/Nm6x/wEAAGAYuft/Lm6x/wEAAGAYuft/Pm5psv+9/9/7//X/+n/9//Tz9f/byfv/53Xq/29/4safeOqh73n4JM/fVP9/+tJfX/+/Qdf68+v/9f8ctrT+P3f/L8QtTfY/AAAAdJC7/xfjFvsfAAAAhpG7/5fiFvsfAAAAhpG7/5fjlib7X/+v/9f/6//1/9PP1/9vJ/3/vE79/+U83/v/9f8rP/+Zo79f/6//57Cl9f+5+38lbmmy/wEAAKCD3P2/GrfY/wAAADCM3P13xi32PwAAAAwjd/9dcUuT/a//1//r//X/+v/p5+v/t5P+f57+fwX9v/7f+//1/6zV0vr/3P13xy1N9j8AAAB0kLv/1+IW+x8AAACGkbv/1+MW+x8AAACGkbv/N+KWJvtf/6//1//r//X/08/X/28n/f88/f8K+v8r7eev1//r//X/7HXC/v+ZmX9sr6X/z93/m3FLk/0PAAAAHeTu/624xf4HAACAYeTu/+24xf4HAACAYeTu/524pcn+1//r//X/+n/9//Tz9f/bSf8/bzH9/6nTk1/W/299/+/9//p//T/7LO39/7n7fzduabL/AQAAoIPc/b8Xt9j/AAAAMIzc/b8ft9j/AAAAMIzc/X8QtzTZ/5vs/w82vAfp//X/+v9R+v8b9n29Q///8J7Pp/9fFv3/vMX0/0fQ/+v/t/nz6//1/xy2tP4/d/8fxi1N9j8AAAB0kLv/nrjF/gcAAIBh5O7/o7jF/gcAAIBh5O7/47ilyf6f7v8v/XHv/z8e/f/+z6//n/75WFf/n3/FTff/z9ri9//f7P3/Pen/5+n/V9D/6//1/0f1/+dWfb/+nylL6/9z9/9J3NJk/wMAAEAHufv/NG6x/wEAAGAYufv/LG6x/wEAAGAYufv/PG5psv83+f7/VfT/+v9m/X9l7eO9/3+/hfT/G33//85V7/9P6/+PSf8/T/+/gv5f/6//9/5/1mpp/X/u/r+IW5rsfwAAAOggd/9fxi32PwAAAGyHvb934OBvKA25+/8qbrH/AQAAYBi7u7/q3Ut/oMn+1//r//X/2/f+f/3/rl79v/f/H5f+f57+fwX9/yb6+dOD9f/3HvX9S+j/79T/szD7+v9HLn39WvX/f33xu87u/E3c0mT/AwAAQAe5+/82brH/AQAAYBi5+/8ubrH/AQAAYBi5+/8+bmmy/zfe/587+tn6f/2//l//r//X/6/bQP3/xR8R/f/u1/X/u7a0//f+f+//1/83tq//3+Na9f+5+/8hbmmy/wEAAKCD3P3/GLfY/wAAADCM3P33xi32PwAAAAwjd/8/xS1N9r/3/+v/9f/6f/3/9PP1/9tpoP7/Iv3/7tf1/7v0/8v+/Pp//T+HLa3/z93/z3FLk/0PAAAAHeTu/5e4xf4HAACAYeTuvy9usf8BAABgGLn7/zVuabL/9f+b7f/z6/p//f+O/v84/f/N+n/9/5Vq2/+fmvo30WFH9P+P/dhdP7D/K336//1/4/T/+n/9v/6ftVpE/3/h0n+6zN3/b3FLk/0PAAAAgzgz9wdz9/973GL/AwAAwDBy9/9H3GL/AwAAwDBy9/9n3NJk/+v/vf9f/6//X1D/7/3/+v8r1rb/Pybv/19B/6//1//r/1mrRfT/e/733P3/Fbc02f8AAADQQe7+/45b7H8AAAAYRu7+/4lb7H8AAAAYRu7+/41bmux//b/+X/+v/9f/Tz9f/7+d9P/z9P8r6P/1//p//T9rtbT+P3f//XFLk/0PAAAAHeTu/7+4xf4HAACAYeTu//+4xf4HAACAYeTuf07c0mT/6//1//p//b/+f/r5+v/tpP+fp//f2dl5YOYDTPX/F87o//X/+n/9P5dpaf1/7v7nxi1N9j8AAAB0kLv/gbjF/gcAAIBh5O5/MG6x/wEAAGAYufufF7c02f/6f/2//l//r/+ffr7+fzvp/+fp/1cY/f3/K34i9/bzT995y3n9v/5f/8+VWlr/n7v/+XFLk/0PAAAAHeTufyhusf8BAABgGLn7XxC32P8AAAAwjNz9D8ctTfa//l//r//X/+v/p5+v/99Om+v/d/T/Lfr/Gy6eYfv/Fa51P3+VPv/5TX1+/b/+n8OW1v/n7n9h3NJk/wMAAEAHuftfFLfY/wAAADCM3P0vjlvsfwAAABhG7v6XxC1N9r/+X/+v/9f/6/+nn6//307e/z9P/7/C6O//X6FJ/7+xz6//1/9z2NL6/9z9L41bmux/AAAA6CB3/yNxi/0PAAAAw8jd/7K4xf4HAACAYeTuf3nc0mT/r+j/L/0N0f/P0v/v//z6/+mfD/2//v9A/392R/+/dvr/efr/FfT/Y/b/1+0M1P+fO/L7r27/f/bQ9+v/mbK0/j93/yvilib7HwAAADrI3f/KuMX+BwAAgGHk7n9V3GL/AwAAwDBy9786bmmy/73/X/+v/9f/6/+nn+/9/9tJ/z9P/7+C/n/M/t/7/73/n2tmaf1/7v7XxC1N9j8AAAB0kLv/tXGL/Q8AAABbYvVvu8vd/7q4xf4HAACAYeTuf33c0mT/6//1//p//b/+f/r5+v/tpP+fp/9fQf+v/9f/6/9Zq6X1/7n73xC3NNn/AAAA0EHu/kfjFvsfAAAAhpG7/7G4xf4HAACAYeTuf2Pc0mT/6//1//r/7ez/z+r/9f/6/0lL6f9vuun7H9f/z33++26d+qr+X/+/zZ9f/6//57CN9f/xDSft/3P3vyluabL/AQAAoIPc/W+OW+x/AAAAWLzzx/zzcve/JW6x/wEAAGAYufvfGrc02f+H+//rd3YL1V1T/X80avr/PfT/+z+//n/658P7//X/+v/NW0r/7/3/l/f59f/6/23+/Cfq/7/38Pfr/xnR0t7/n7v/8bilyf4HAACADnL3vy1usf8BAABgGLn73x632P8AAAAwjNz9T8QtTfa/9//r//X/+n/9//Tz9f/bSf8/T/+/gv5f/+/9/7f9yHfp/1mfpfX/ufvfEbccY/hdt/pPAQAAABYgd/8745bp/T/1y7wAAADAwuXuf1fc0uT3/wMAAEAHufvfHbc02f/6f/2//l//r/+ffr7+fzvp/+fp/1fQ/+v/9f/e/89aLa3/z93/nrilyf4HAACADnL3vzdusf8BAABgGLn73xe32P8AAAAwjNz9749bmux//b/+f/z+/4f1/weer//X/49M/5//Rp+m/19B/6//1//r/1mrpfX/ufufjFua7H8AAADoIHf/B+IW+x8AAACGkbv/g3GL/Q8AAADDyN3/obilyf7X//fq/0/tdOz/vf9f/6//70T/P0//v4L+X/+v/9f/s1ZL6/9z9384bmmy/wEAAGBb/eD3/fiTx/1zc/d/JG6x/wEAAGAYufs/GrfY/wAAADCM3P0fi1ua7H/9f6/+v+f7//X/+n/9fyf6/3n6/xX0//p//b/+n7VaWv+fu//jccue4Xf6xP9XAgAAAEuSu/8TcUuTX/8HAACADnL3fzJuObT/Lxzzd7UDAAAAS5O7/1NxS5Nf/9f/L7z/39H/6//1//p//f9J6P/nXWH/f+GU/l//P0P/r//X/3PQ0vr/3P2fjlua7H8AAAAY1L7/RiF3/2fiFvsfAAAAhpG7/7Nxi/0PAAAAw8jd/7m4pcn+1/8vvP+/rPf/n6v/Sf/fvP+/5+zk8/X/+v+R6f/nef//Cvp//f+G+/8fmnmxuP6fES2t/8/d//m4pcn+BwAAgA5y938hbpnb/2c2/akAAACAdcrd/8W4xa//AwAAwDBy938pbmmy//X/I/b/3v+v/59//jj9/3ffeNejt/zog/fr/7nkavb/+bOg/9f/6/936f+9/1//z0FL6/9z9385bmmy/wEAAKCD3P1PxS32PwAAAAwjd/9X4hb7HwAAAIaRu//puKXJ/tf/6//1/9vY/2dT3L3/9/5//f9h3v8/T/+/gv5f/6//1/+zVkvr/3P3fzVuabL/AQAAoIPc/V+LW+x/AAAAGEbu/q/HLfY/AAAADCN3/zfilib7X/+v/9f/L7X/P+X9/0H/r/8/Cf3/PP3/Cvp//b/+X//PWi2t/8/d/824pcn+BwAAgA5y9z8Tt9j/AAAAMIzc/d+KW+x/AAAAGEbu/m/HLU32v/5f/7+O/n/nwOfX/0//fKzv/f/6/x39v/7/CPr/efr/FfT/+n/9v/6ftVpa/5+7/zsBAAD//wkKcjU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000180)='./bus\x00', 0x0)
renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f0000000200)='./bus/file0\x00', 0x0)

1.497429843s ago: executing program 0 (id=1344):
syz_mount_image$reiserfs(&(0x7f0000000100), &(0x7f00000002c0)='./file1\x00', 0x98, &(0x7f0000000440), 0x1, 0x10f8, &(0x7f0000001140)="$eJzs2L9qFEEcB/Dv7K5pVyb9EtDCQkLC+QIpFK6xsLYLVnZepeRxfBxJZS95gBSCfWT3bvUQwT93KByfDyy782VmfrPlbwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACjLjlKctwkdc6aJCUZhuvlTZJhzu9/aJuUvHi1XD19s3i2Wk/LmDUp46ppXM8f1Lqoi3penxxfPKyrt+9et1sly91m9Px2r78y1m73uiMAAAAchrud9dvbdf++PgAAAPAre71MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhRnT+aJCUZhuvlTZLh/x4LAAAA2FFJk5f9z/L1NcB3j/OxL1M++1LGOWd53ydH86LfNW1+72+PDQAAAAenbPXjj9J968vH7CRdTk/X480rtxdJm+Tsh/760+ery+k5ubr8k1YdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOArO3AgAwAAACDM3zqP9gMAAAAAAAAAAAAAAMBVAQAA//+rl887")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ftruncate(r0, 0x1362001)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000500)='b', 0x1}], 0x1, 0xfff, 0x1, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)

1.437848438s ago: executing program 1 (id=1345):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
recvmmsg(r1, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

271.564727ms ago: executing program 3 (id=1346):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000480)="1a00000002000000", 0x8)

140.307039ms ago: executing program 0 (id=1347):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
symlink(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus\x00')
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="66113006e73914c23324b7b035aebe6c66b1956649e6dabdd6a266d5c56b3ee905000000000000002a561709dfe16bf5d28387233e630c25ada26531627d73e5e03df328ccb20eeedbe1e5edf2582bf74ed14b4d", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

140.071228ms ago: executing program 1 (id=1348):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
symlink(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus\x00')
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="66113006e73914c23324b7b035aebe6c66b1956649e6dabdd6a266d5c56b3ee905000000000000002a561709dfe16bf5d28387233e630c25ada26531627d73e5e03df328ccb20eeedbe1e5edf2582bf74ed14b4d", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

81.517863ms ago: executing program 3 (id=1349):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000f40)={0x64, r2, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_KEYS={0x30, 0x51, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "e9ff000a06a03d543f77fa2c31"}, @NL80211_KEY_IDX={0x5}, @NL80211_KEY_DEFAULT_TYPES={0x8, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_KEY_DEFAULT={0x4}]}]}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x96c}]]}, 0x64}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

0s ago: executing program 2 (id=1350):
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELTABLE={0x14}], {0x14}}, 0xa4}}, 0x0)

kernel console output (not intermixed with test programs):

="syz.3.764" name="bus" dev="loop3" ino=10 res=0 errno=0
[  624.841862][ T7626] syz-executor: attempt to access beyond end of device
[  624.841862][ T7626] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  624.955601][    C1] eth0: bad gso: type: 1, size: 1408
[  624.966950][ T3686] usb 5-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  624.981145][ T3686] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  625.019590][ T3686] usb 5-1: Product: syz
[  625.031070][ T3686] usb 5-1: config 0 descriptor??
[  625.090468][ T3686] usb 5-1: can't set config #0, error -71
[  625.108135][ T8446] loop2: detected capacity change from 0 to 1764
[  625.120168][ T3686] usb 5-1: USB disconnect, device number 17
[  625.490669][ T8453] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  626.159205][ T3743] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  626.443665][ T8453] device batadv_slave_0 entered promiscuous mode
[  626.870776][   T22] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  627.180300][ T8449] loop4: detected capacity change from 0 to 512
[  627.191811][ T8459] iso9660: Corrupted directory entry in block 2 of inode 1920
[  627.201018][ T8460] iso9660: Corrupted directory entry in block 2 of inode 1920
[  627.323189][    C1] eth0: bad gso: type: 1, size: 1408
[  627.363691][ T7761] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  628.278382][ T8462] loop1: detected capacity change from 0 to 1024
[  628.665717][   T22] usb 1-1: unable to read config index 0 descriptor/start: -71
[  628.677092][   T22] usb 1-1: can't read configurations, error -71
[  629.450909][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  629.457500][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  629.668498][ T8483] loop3: detected capacity change from 0 to 8
[  631.052846][ T8496] loop3: detected capacity change from 0 to 1024
[  631.241447][ T8496] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  631.296645][ T8496] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038 (0x7fffffff)
[  631.393207][ T8503] netlink: 'syz.0.779': attribute type 2 has an invalid length.
[  631.401871][ T8503] netlink: 244 bytes leftover after parsing attributes in process `syz.0.779'.
[  631.436586][   T27] audit: type=1326 audit(1724819716.328:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8494 comm="syz.0.779" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f84fd379e79 code=0x0
[  632.777949][ T7626] EXT4-fs (loop3): unmounting filesystem.
[  632.790012][ T8555] loop4: detected capacity change from 0 to 1024
[  632.990725][ T8555] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  633.128986][ T8555] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  633.323180][ T8561] loop3: detected capacity change from 0 to 512
[  633.355238][ T8561] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  633.392397][ T8561] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  633.430909][ T3743] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  633.431482][ T8495] loop2: detected capacity change from 0 to 40427
[  633.481910][ T8495] F2FS-fs (loop2): invalid crc value
[  633.506901][ T8495] F2FS-fs (loop2): Found nat_bits in checkpoint
[  633.513920][ T8561] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.782: invalid indirect mapped block 2683928664 (level 1)
[  633.583655][ T8561] EXT4-fs (loop3): Remounting filesystem read-only
[  633.613537][ T8561] EXT4-fs (loop3): 1 truncate cleaned up
[  633.627212][ T8565] loop1: detected capacity change from 0 to 512
[  633.633394][ T8561] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  633.668065][ T8565] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  633.685191][ T8495] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  633.693575][ T3743] usb 1-1: Using ep0 maxpacket: 16
[  633.718528][ T8561] EXT4-fs (loop3): unmounting filesystem.
[  633.723306][ T8565] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  633.743496][ T8565] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.784: invalid indirect mapped block 2683928664 (level 1)
[  633.760086][ T8565] EXT4-fs (loop1): Remounting filesystem read-only
[  633.956717][ T8565] EXT4-fs (loop1): 1 truncate cleaned up
[  633.969118][ T8565] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  634.110018][ T8565] EXT4-fs (loop1): unmounting filesystem.
[  634.307473][ T8571] input: syz0 as /devices/virtual/input/input18
[  634.690313][   T27] audit: type=1800 audit(1724819719.148:171): pid=8571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.780" name="bus" dev="loop2" ino=10 res=0 errno=0
[  634.821238][ T7749] syz-executor: attempt to access beyond end of device
[  634.821238][ T7749] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  634.930967][ T3743] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  634.940047][ T3743] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  634.958600][ T3743] usb 1-1: Product: syz
[  634.964941][ T3743] usb 1-1: Manufacturer: syz
[  634.969756][ T3743] usb 1-1: SerialNumber: syz
[  634.977812][ T6608] EXT4-fs (loop4): unmounting filesystem.
[  634.989705][ T3743] usb 1-1: config 0 descriptor??
[  635.042190][ T8575] loop4: detected capacity change from 0 to 8
[  635.052590][ T3743] snd-usb-audio: probe of 1-1:0.0 failed with error -22
[  635.095825][ T3685] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  635.234186][    T7] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  635.264004][ T8092] usb 1-1: USB disconnect, device number 15
[  636.085948][   T27] audit: type=1326 audit(1724819720.328:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8574 comm="syz.4.786" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa0d9979e79 code=0x0
[  636.161653][ T3685] usb 4-1: Using ep0 maxpacket: 16
[  636.166949][    T7] usb 2-1: Using ep0 maxpacket: 16
[  636.240644][ T3685] usb 4-1: device descriptor read/all, error -71
[  636.382938][    C1] eth0: bad gso: type: 1, size: 1408
[  636.508677][ T8587] netlink: 8 bytes leftover after parsing attributes in process `syz.4.787'.
[  637.305610][ T8590] loop2: detected capacity change from 0 to 1024
[  637.335015][    C1] eth0: bad gso: type: 1, size: 1408
[  637.352518][    C1] eth0: bad gso: type: 1, size: 1408
[  637.363989][ T8590] EXT4-fs: Ignoring removed orlov option
[  637.391323][ T8590] EXT4-fs: Ignoring removed nomblk_io_submit option
[  637.400760][    T7] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  637.432897][    T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  637.466069][    T7] usb 2-1: config 0 descriptor??
[  637.481895][ T8597] loop1: detected capacity change from 0 to 1024
[  637.490763][    T7] usb 2-1: can't set config #0, error -71
[  637.496346][ T8590] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  637.501167][ T8593] loop4: detected capacity change from 0 to 512
[  637.511661][    T7] usb 2-1: USB disconnect, device number 7
[  637.583206][ T8597] hfsplus: failed to load root directory
[  637.624104][ T8593] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  637.635734][   T27] audit: type=1804 audit(1724819722.528:173): pid=8590 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.789" name="/newroot/20/file1/file1" dev="loop2" ino=15 res=1 errno=0
[  637.682153][ T8593] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038 (0x7fffffff)
[  641.777491][ T7749] EXT4-fs (loop2): unmounting filesystem.
[  641.963477][ T8614] loop2: detected capacity change from 0 to 512
[  642.200141][ T8614] EXT4-fs (loop2): 1 orphan inode deleted
[  642.216402][ T6059] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  642.232553][ T8614] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  642.891598][ T8614] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038 (0x7fffffff)
[  642.900054][ T6059] EXT4-fs error (device loop2): ext4_release_dquot:6800: comm kworker/u4:21: Failed to release dquot type 1
[  643.657494][ T7749] EXT4-fs (loop2): unmounting filesystem.
[  643.794296][ T8634] loop1: detected capacity change from 0 to 512
[  643.871800][ T8634] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  643.913412][ T8634] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  643.931789][ T8634] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.799: invalid indirect mapped block 2683928664 (level 1)
[  643.981625][ T8634] EXT4-fs (loop1): Remounting filesystem read-only
[  643.991712][ T8636] loop2: detected capacity change from 0 to 512
[  643.994339][ T8634] EXT4-fs (loop1): 1 truncate cleaned up
[  644.018461][ T8636] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  644.033488][ T8634] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  644.065637][ T8641] loop3: detected capacity change from 0 to 164
[  644.087528][ T8634] EXT4-fs (loop1): unmounting filesystem.
[  644.104904][ T8641] isofs_fill_super: get root inode failed
[  644.137292][ T8636] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.798: iget: bad i_size value: -67835469387268086
[  644.170638][ T8636] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.798: couldn't read orphan inode 15 (err -117)
[  644.214135][ T8636] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  644.249110][ T8636] ext2 filesystem being mounted at /22/file0 supports timestamps until 2038 (0x7fffffff)
[  644.304811][   T27] audit: type=1326 audit(1724819729.198:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8640 comm="syz.3.800" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdac7979e79 code=0x0
[  644.326427][    C0] vkms_vblank_simulate: vblank timer overrun
[  644.416107][ T8645] ptrace attach of "./syz-executor exec"[7626] was attempted by "./syz-executor exec"[8645]
[  644.824068][ T8649] input: syz0 as /devices/virtual/input/input19
[  644.892120][ T8092] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  645.692646][ T7749] EXT4-fs (loop2): unmounting filesystem.
[  645.797721][ T8653] loop3: detected capacity change from 0 to 512
[  645.850463][ T8653] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  645.874634][ T8653] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  645.874970][ T8653] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.801: invalid indirect mapped block 2683928664 (level 1)
[  645.875352][ T8653] EXT4-fs (loop3): Remounting filesystem read-only
[  645.875573][ T8653] EXT4-fs (loop3): 1 truncate cleaned up
[  645.875591][ T8653] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  645.888436][ T8653] EXT4-fs (loop3): unmounting filesystem.
[  645.890662][ T8092] usb 2-1: Using ep0 maxpacket: 16
[  645.966880][ T8658] 9p: Unknown Cache mode mmap"
[  647.162323][    C1] eth0: bad gso: type: 1, size: 1408
[  647.170798][ T8092] usb 2-1: unable to read config index 0 descriptor/start: -71
[  647.180566][ T8092] usb 2-1: can't read configurations, error -71
[  647.193255][ T6608] EXT4-fs (loop4): unmounting filesystem.
[  647.214424][ T8666] "syz.2.804" (8666) uses obsolete ecb(arc4) skcipher
[  647.250632][ T3681] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  647.393388][ T8667] rtc_cmos 00:00: Alarms can be up to one day in the future
[  647.510722][ T3681] usb 4-1: Using ep0 maxpacket: 16
[  647.603693][   T27] audit: type=1326 audit(1724819732.488:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8669 comm="syz.1.806" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc4a0b79e79 code=0x0
[  648.352615][  T154] rtc_cmos 00:00: Alarms can be up to one day in the future
[  648.361377][  T154] rtc_cmos 00:00: Alarms can be up to one day in the future
[  648.369067][  T154] rtc_cmos 00:00: Alarms can be up to one day in the future
[  648.377604][  T154] rtc_cmos 00:00: Alarms can be up to one day in the future
[  648.386525][  T154] rtc rtc0: __rtc_set_alarm: err=-22
[  648.601074][ T3681] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  648.620618][ T3681] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  648.642015][ T3681] usb 4-1: Product: syz
[  648.646205][ T3681] usb 4-1: Manufacturer: syz
[  648.679810][ T3681] usb 4-1: SerialNumber: syz
[  648.697272][ T3681] usb 4-1: config 0 descriptor??
[  648.790743][ T3681] usb 4-1: can't set config #0, error -71
[  648.810827][ T3681] usb 4-1: USB disconnect, device number 16
[  648.828003][    C1] eth0: bad gso: type: 1, size: 1408
[  648.842128][    C1] eth0: bad gso: type: 1, size: 1408
[  648.915874][ T8691] loop3: detected capacity change from 0 to 512
[  648.956577][ T8690] loop1: detected capacity change from 0 to 2048
[  648.986765][ T8691] EXT4-fs (loop3): 1 orphan inode deleted
[  648.995731][ T8690] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  649.012321][   T56] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  649.124001][   T56] EXT4-fs error (device loop3): ext4_release_dquot:6800: comm kworker/u4:4: Failed to release dquot type 1
[  649.165223][ T8691] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  649.286854][ T8691] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038 (0x7fffffff)
[  649.817334][   T27] audit: type=1107 audit(1724819734.308:176): pid=8689 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='Æ'
[  651.440730][ T8702] loop4: detected capacity change from 0 to 1024
[  651.481984][ T8702] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  651.514911][ T7626] EXT4-fs (loop3): unmounting filesystem.
[  653.808812][ T8722] loop2: detected capacity change from 0 to 256
[  653.815705][ T8722] exfat: Deprecated parameter 'utf8'
[  653.821148][ T8722] exfat: Deprecated parameter 'utf8'
[  655.195940][ T8722] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  655.466168][ T8730] loop1: detected capacity change from 0 to 512
[  655.487441][ T8730] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  655.655343][ T8732] loop4: detected capacity change from 0 to 512
[  655.674735][ T8730] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  655.686848][ T8732] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  656.544052][ T8732] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  656.574932][ T8730] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.817: invalid indirect mapped block 2683928664 (level 1)
[  656.611469][ T8732] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.819: invalid indirect mapped block 2683928664 (level 1)
[  656.621058][ T8730] EXT4-fs (loop1): Remounting filesystem read-only
[  656.650357][ T8730] EXT4-fs (loop1): 1 truncate cleaned up
[  656.656951][ T8730] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  656.833479][ T8732] EXT4-fs (loop4): Remounting filesystem read-only
[  656.846230][ T8730] EXT4-fs (loop1): unmounting filesystem.
[  656.852814][ T8732] EXT4-fs (loop4): 1 truncate cleaned up
[  656.951878][ T8747] devpts: called with bogus options
[  657.556495][ T8732] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  657.601789][ T8732] EXT4-fs (loop4): unmounting filesystem.
[  658.752299][ T8755] loop3: detected capacity change from 0 to 512
[  658.828923][ T3743] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  658.850243][ T8755] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  658.864899][ T8755] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038 (0x7fffffff)
[  658.960734][ T3681] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  659.537478][   T27] audit: type=1800 audit(1724819744.428:177): pid=8770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.825" name="bus" dev="loop3" ino=18 res=0 errno=0
[  659.585373][   T27] audit: type=1804 audit(1724819744.458:178): pid=8770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.825" name="/newroot/32/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  659.607575][ T3681] usb 5-1: Using ep0 maxpacket: 16
[  659.830783][ T3681] usb 5-1: unable to read config index 0 descriptor/all
[  659.840418][ T3681] usb 5-1: can't read configurations, error -71
[  659.888972][    C1] eth0: bad gso: type: 1, size: 1408
[  660.084455][ T8775] loop2: detected capacity change from 0 to 2048
[  660.171072][ T8775] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  660.256841][ T8775] UDF-fs: Scanning with blocksize 512 failed
[  660.521205][ T8775] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 129: 0x7d != 0x7e
[  661.265788][ T8775] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  662.157253][   T27] audit: type=1107 audit(1724819747.048:179): pid=8774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='CK&ú
[  662.157253][   T27] 6z§+1ò�‹¢	î@ë§Ïžs3�ÄY„óúŽùa�Yéírœä³ã?.£s÷‹'
[  662.617503][ T8792] loop2: detected capacity change from 0 to 2048
[  662.767068][ T8792] EXT4-fs error (device loop2): __ext4_fill_super:5399: inode #2: comm syz.2.832: casefold flag without casefold feature
[  662.812351][ T8792] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  662.935877][ T8792] EXT4-fs (loop2): Errors on filesystem, clearing orphan list.
[  662.981474][ T8792] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  663.128166][ T8801] netlink: 8 bytes leftover after parsing attributes in process `syz.1.834'.
[  663.232247][ T7626] EXT4-fs (loop3): unmounting filesystem.
[  663.782088][ T8805] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.832: Directory hole found for htree leaf block 0
[  663.882453][   T27] audit: type=1326 audit(1724819748.778:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8800 comm="syz.1.834" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc4a0b79e79 code=0x0
[  663.950644][ T7749] EXT4-fs (loop2): unmounting filesystem.
[  666.150680][ T3681] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  666.660848][ T3681] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  666.683968][ T3681] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  666.702289][   T22] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  666.722300][ T3681] usb 5-1: config 0 descriptor??
[  667.247199][   T27] audit: type=1326 audit(1724819752.138:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8819 comm="syz.3.838" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdac7979e79 code=0x0
[  667.300679][   T22] usb 1-1: Using ep0 maxpacket: 16
[  667.570685][ T3681] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00
[  667.690599][ T3681] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  667.710817][ T3681] [drm:udl_init] *ERROR* Selecting channel failed
[  667.723225][ T3681] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2
[  667.730783][ T3681] [drm] Initialized udl on minor 2
[  667.750654][ T3681] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  667.758899][ T3681] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  667.792872][ T8844] IPv6: sit1: Disabled Multicast RS
[  668.511060][  T154] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  668.561479][ T3681] usb 5-1: USB disconnect, device number 20
[  668.577011][  T154] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  668.580728][   T22] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  668.607256][  T154] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  668.737547][   T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  669.416554][   T22] usb 1-1: Product: syz
[  669.421904][   T22] usb 1-1: Manufacturer: syz
[  669.426528][   T22] usb 1-1: SerialNumber: syz
[  669.502042][   T22] usb 1-1: config 0 descriptor??
[  669.590803][   T22] usb 1-1: can't set config #0, error -71
[  669.605518][   T22] usb 1-1: USB disconnect, device number 16
[  669.642408][ T8852] loop3: detected capacity change from 0 to 512
[  669.674831][ T8854] loop4: detected capacity change from 0 to 512
[  669.715702][ T8854] EXT4-fs (loop4): can't read group descriptor 0
[  669.739883][ T8852] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  669.749880][ T8852] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038 (0x7fffffff)
[  669.863347][   T27] audit: type=1326 audit(1724819754.758:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8851 comm="syz.3.844" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdac7979e79 code=0x0
[  670.105366][ T3681] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  670.231365][ T8852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.844'.
[  675.321638][ T3681] usb 5-1: device not accepting address 21, error -71
[  675.708043][ T8887] loop1: detected capacity change from 0 to 32768
[  676.436985][ T7626] EXT4-fs (loop3): unmounting filesystem.
[  676.475469][ T8881] I/O error, dev loop1, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  676.491363][ T8893] netlink: 8 bytes leftover after parsing attributes in process `syz.4.852'.
[  677.381207][   T27] audit: type=1326 audit(1724819762.278:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8897 comm="syz.1.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4a0b79e79 code=0x7ffc0000
[  677.408512][ T8898] loop1: detected capacity change from 0 to 256
[  677.432023][ T8901] syz.0.855[8901] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  677.432118][ T8901] syz.0.855[8901] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  677.455652][   T27] audit: type=1326 audit(1724819762.278:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8897 comm="syz.1.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4a0b79e79 code=0x7ffc0000
[  677.679975][ T8898] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001)
[  677.683397][   T27] audit: type=1326 audit(1724819762.278:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8897 comm="syz.1.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc4a0b79e79 code=0x7ffc0000
[  677.833550][ T8908] overlayfs: failed to resolve './file0': -2
[  678.523949][ T3653] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  678.591094][ T8898] FAT-fs (loop1): Filesystem has been set read-only
[  678.616658][   T27] audit: type=1326 audit(1724819762.278:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8897 comm="syz.1.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc4a0b79eb3 code=0x7ffc0000
[  678.638905][   T27] audit: type=1326 audit(1724819762.278:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8897 comm="syz.1.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc4a0b7895f code=0x7ffc0000
[  678.661193][   T27] audit: type=1326 audit(1724819762.298:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8897 comm="syz.1.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fc4a0b79f07 code=0x7ffc0000
[  678.684331][   T27] audit: type=1326 audit(1724819762.298:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8897 comm="syz.1.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc4a0b78810 code=0x7ffc0000
[  678.711659][   T27] audit: type=1326 audit(1724819762.298:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8897 comm="syz.1.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc4a0b79a7b code=0x7ffc0000
[  678.819806][   T27] audit: type=1326 audit(1724819762.408:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8897 comm="syz.1.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc4a0b78b0a code=0x7ffc0000
[  678.843474][   T27] audit: type=1326 audit(1724819762.408:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8897 comm="syz.1.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc4a0b78b0a code=0x7ffc0000
[  679.229660][ T8923] loop3: detected capacity change from 0 to 8
[  682.408319][ T8940] loop1: detected capacity change from 0 to 1024
[  682.433394][ T8940] ext3: Unknown parameter 'measure'
[  682.475772][ T8876] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  683.467330][ T8944] bond_slave_0: mtu less than device minimum
[  683.659920][ T8948] xt_CT: You must specify a L4 protocol and not use inversions on it
[  683.685120][ T8944] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  683.776555][ T8954] loop3: detected capacity change from 0 to 64
[  684.435920][ T8949] xt_CT: No such helper "pptp"
[  684.499430][ T8953] loop1: detected capacity change from 0 to 2048
[  684.510659][ T3653] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  684.519427][ T3653] Bluetooth: hci1: Injecting HCI hardware error event
[  684.531846][ T3651] Bluetooth: hci1: hardware error 0x00
[  684.589401][ T8953] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  684.628672][ T8948] netlink: 'syz.4.863': attribute type 27 has an invalid length.
[  684.650384][ T8948] netlink: 4 bytes leftover after parsing attributes in process `syz.4.863'.
[  685.051953][ T8961] loop3: detected capacity change from 0 to 4096
[  685.080993][ T8961] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  685.308960][   T27] kauditd_printk_skb: 49 callbacks suppressed
[  685.329847][   T27] audit: type=1326 audit(1724819770.198:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8962 comm="syz.2.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f49179e79 code=0x7fc00000
[  685.923203][   T27] audit: type=1326 audit(1724819770.218:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8962 comm="syz.2.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8f49179e79 code=0x7fc00000
[  686.044524][ T8968] loop2: detected capacity change from 0 to 32768
[  686.063307][ T8968] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.866 (8968)
[  686.098323][ T8968] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  686.109160][ T8968] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  686.117998][ T8968] BTRFS info (device loop2): setting nodatacow, compression disabled
[  686.126143][ T8968] BTRFS info (device loop2): enabling auto defrag
[  686.132665][ T8968] BTRFS info (device loop2): max_inline at 0
[  686.141780][ T8968] BTRFS info (device loop2): using free space tree
[  686.339927][ T8986] netlink: 8 bytes leftover after parsing attributes in process `syz.3.868'.
[  686.466888][ T8948] bridge0: port 2(bridge_slave_1) entered disabled state
[  686.474188][ T8948] bridge0: port 1(bridge_slave_0) entered disabled state
[  686.615155][   T27] audit: type=1326 audit(1724819771.458:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8962 comm="syz.2.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f49179e79 code=0x7fc00000
[  686.637772][ T3651] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  686.659021][ T7749] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  686.749063][   T27] audit: type=1326 audit(1724819771.458:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8962 comm="syz.2.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f8f49179e79 code=0x7fc00000
[  686.926812][   T27] audit: type=1326 audit(1724819771.458:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8962 comm="syz.2.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f49179e79 code=0x7fc00000
[  686.961084][   T27] audit: type=1326 audit(1724819771.608:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8984 comm="syz.3.868" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdac7979e79 code=0x0
[  687.532421][ T9002] loop2: detected capacity change from 0 to 1024
[  687.641847][ T9002] hfsplus: xattr searching failed
[  687.670968][ T9002] hfsplus: xattr searching failed
[  687.706350][ T8948] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  687.767734][ T8948] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  687.977581][ T3653] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  687.989757][ T3653] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  687.998282][ T3653] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  688.007185][ T3653] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  688.015184][ T3653] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  688.022529][ T3653] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  688.387978][ T8948] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  688.397589][ T8948] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  688.413051][ T8948] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  688.427655][ T8948] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  688.445378][   T46] hfsplus: b-tree write err: -5, ino 3
[  688.536809][ T9012] loop2: detected capacity change from 0 to 1024
[  688.597490][ T9012] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  688.778919][ T7307] EXT4-fs (loop1): unmounting filesystem.
[  688.817451][   T27] audit: type=1326 audit(1724819773.698:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9011 comm="syz.2.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f49179e79 code=0x7fc00000
[  688.981304][ T9021] loop3: detected capacity change from 0 to 164
[  689.076015][ T9017] input: syz0 as /devices/virtual/input/input23
[  689.170733][   T27] audit: type=1326 audit(1724819774.038:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9011 comm="syz.2.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f8f49179e79 code=0x7fc00000
[  689.327466][   T27] audit: type=1800 audit(1724819774.098:250): pid=9018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.871" name="bus" dev="loop2" ino=18 res=0 errno=0
[  689.470099][   T27] audit: type=1326 audit(1724819774.258:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9011 comm="syz.2.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f49179e79 code=0x7fc00000
[  689.539178][ T9009] chnl_net:caif_netlink_parms(): no params data found
[  689.598572][ T7749] EXT4-fs (loop2): unmounting filesystem.
[  689.702745][ T9009] bridge0: port 1(bridge_slave_0) entered blocking state
[  689.738577][ T9009] bridge0: port 1(bridge_slave_0) entered disabled state
[  689.793589][ T9009] device bridge_slave_0 entered promiscuous mode
[  689.833942][ T9034] loop2: detected capacity change from 0 to 4096
[  689.854766][ T9009] bridge0: port 2(bridge_slave_1) entered blocking state
[  689.894778][ T9009] bridge0: port 2(bridge_slave_1) entered disabled state
[  689.906254][ T9009] device bridge_slave_1 entered promiscuous mode
[  689.920363][ T9034] ntfs: volume version 3.1.
[  689.963265][ T9009] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  690.052857][ T9009] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  690.112335][ T3651] Bluetooth: hci4: command tx timeout
[  691.040134][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  691.051093][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  691.136000][ T9043] loop4: detected capacity change from 0 to 64
[  691.932683][ T9009] team0: Port device team_slave_0 added
[  692.763761][ T3653] Bluetooth: hci4: command tx timeout
[  692.983619][ T9009] team0: Port device team_slave_1 added
[  693.361831][ T9060] loop2: detected capacity change from 0 to 2048
[  695.280978][ T3651] Bluetooth: hci4: command tx timeout
[  695.602860][ T9060] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  695.611982][ T9060] ext4 filesystem being mounted at /42/bus supports timestamps until 2038 (0x7fffffff)
[  695.631124][ T9061] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  695.650971][ T9000] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  695.659006][ T9067] loop3: detected capacity change from 0 to 1764
[  695.669656][ T9009] batman_adv: batadv0: Adding interface: batadv_slave_0
[  695.687368][ T9009] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  695.828407][ T7749] EXT4-fs (loop2): unmounting filesystem.
[  695.900829][ T9009] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  695.930188][ T9009] batman_adv: batadv0: Adding interface: batadv_slave_1
[  695.950673][ T9000] usb 2-1: Using ep0 maxpacket: 16
[  695.972437][ T9009] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  696.052446][ T9072] loop2: detected capacity change from 0 to 128
[  696.120606][ T9009] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  696.203849][ T9072] loop2: detected capacity change from 0 to 2048
[  696.240700][ T9000] usb 2-1: unable to read config index 0 descriptor/all
[  696.247712][ T9000] usb 2-1: can't read configurations, error -71
[  696.262187][ T9072] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  696.333130][ T9072] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  696.576123][   T27] kauditd_printk_skb: 60 callbacks suppressed
[  696.576141][   T27] audit: type=1326 audit(1724819781.468:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9071 comm="syz.2.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f49179e79 code=0x7fc00000
[  696.656785][   T27] audit: type=1326 audit(1724819781.498:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9071 comm="syz.2.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f8f49179e79 code=0x7fc00000
[  696.711129][   T27] audit: type=1326 audit(1724819781.578:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9085 comm="syz.1.891" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc4a0b79e79 code=0x0
[  696.784809][ T9009] device hsr_slave_0 entered promiscuous mode
[  696.809426][ T9009] device hsr_slave_1 entered promiscuous mode
[  696.858345][   T27] audit: type=1326 audit(1724819781.748:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9071 comm="syz.2.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f49179e79 code=0x7fc00000
[  697.254730][ T9009] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.527461][ T9103] loop2: detected capacity change from 0 to 4096
[  697.534491][ T9103] ntfs3: Unknown parameter 'É0'
[  697.669515][ T3651] Bluetooth: hci4: command tx timeout
[  697.720850][ T8876] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  697.823200][ T9009] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.002999][ T9009] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.304130][ T9111] loop3: detected capacity change from 0 to 2048
[  700.350905][ T9111] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  700.360179][ T9111] ext4 filesystem being mounted at /49/bus supports timestamps until 2038 (0x7fffffff)
[  700.435675][ T9009] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  700.537060][ T9114] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  700.573615][ T7626] EXT4-fs (loop3): unmounting filesystem.
[  702.158244][ T9127] devpts: called with bogus options
[  703.396378][ T9009] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  703.447289][ T9009] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  703.593150][ T9009] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  703.612130][ T9009] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  703.624501][ T9131] loop1: detected capacity change from 0 to 128
[  704.175651][ T9131] ADFS-fs (loop1): error: can't find an ADFS filesystem on dev loop1.
[  704.400220][ T9137] loop4: detected capacity change from 0 to 4096
[  704.410605][ T9137] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512)
[  704.425859][ T9137] ntfs3: loop4: Failed to load $MFT.
[  704.484019][ T9009] 8021q: adding VLAN 0 to HW filter on device bond0
[  704.519226][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  704.543456][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  704.580216][ T9009] 8021q: adding VLAN 0 to HW filter on device team0
[  704.624634][ T8546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  704.640241][ T8546] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  704.649057][ T7633] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  704.664622][ T8546] bridge0: port 1(bridge_slave_0) entered blocking state
[  704.671808][ T8546] bridge0: port 1(bridge_slave_0) entered forwarding state
[  704.711683][ T8546] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  704.720901][ T8546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  704.729768][ T8546] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  704.740411][ T8546] bridge0: port 2(bridge_slave_1) entered blocking state
[  704.747580][ T8546] bridge0: port 2(bridge_slave_1) entered forwarding state
[  704.758373][ T8546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  704.767629][ T8546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  704.803321][ T8546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  704.813527][ T8546] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  704.823593][ T8546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  704.834686][ T8546] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  704.843651][ T8546] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  704.868892][ T9009] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  704.926720][ T9009] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  704.953469][ T9147] loop1: detected capacity change from 0 to 64
[  705.596989][ T9149] loop4: detected capacity change from 0 to 64
[  705.610918][ T7633] usb 3-1: Using ep0 maxpacket: 8
[  705.667794][ T3820] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  705.681420][ T3820] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  705.690356][ T3820] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  705.700332][ T3820] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  705.708995][ T3820] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  705.736393][ T7633] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  705.770622][ T7633] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  705.830602][ T7633] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  705.856147][ T7633] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  705.889635][ T7633] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  705.910355][ T7633] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  705.968992][ T7633] usb 3-1: config 0 descriptor??
[  706.146954][ T9141] loop3: detected capacity change from 0 to 32768
[  706.174174][ T9141] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.905 (9141)
[  706.217039][ T7633] usb 3-1: USB disconnect, device number 20
[  706.244722][ T9141] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  706.255840][ T9141] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  706.271282][ T9141] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  706.311689][ T9141] BTRFS info (device loop3): trying to use backup root at mount time
[  706.366199][ T9141] BTRFS info (device loop3): disabling free space tree
[  706.398180][ T9141] BTRFS info (device loop3): turning off barriers
[  706.431535][ T9141] BTRFS info (device loop3): turning on sync discard
[  706.439537][ T9141] BTRFS info (device loop3): turning off discard
[  706.446428][ T9141] BTRFS info (device loop3): doing ref verification
[  706.454725][ T9141] BTRFS error (device loop3): cannot disable free space tree
[  706.467116][ T9141] BTRFS error (device loop3): open_ctree failed
[  706.509733][ T3820] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  706.532408][ T3820] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  706.548990][ T9009] 8021q: adding VLAN 0 to HW filter on device batadv0
[  706.578898][ T3820] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  706.588972][ T3820] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  706.642437][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  706.664561][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  707.569219][ T9009] device veth0_vlan entered promiscuous mode
[  707.587721][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  707.624964][ T9170] netlink: 'syz.2.914': attribute type 1 has an invalid length.
[  707.975388][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  708.601350][ T9009] device veth1_vlan entered promiscuous mode
[  708.640353][ T9009] device veth0_macvtap entered promiscuous mode
[  708.658247][ T9009] device veth1_macvtap entered promiscuous mode
[  708.682366][ T6059] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  708.713663][ T6059] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  708.747267][ T6059] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  708.760434][ T6059] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  708.973053][ T9009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  709.115318][ T9186] netlink: 'syz.3.918': attribute type 2 has an invalid length.
[  709.123082][ T9186] netlink: 244 bytes leftover after parsing attributes in process `syz.3.918'.
[  709.171937][   T27] audit: type=1326 audit(1724819794.058:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9179 comm="syz.3.918" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdac7979e79 code=0x0
[  709.422085][ T9009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  709.750533][ T9009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  710.041138][ T9009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.076108][ T9009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  710.344448][ T9009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.509570][ T9009] batman_adv: batadv0: Interface activated: batadv_slave_0
[  710.550709][ T9233] loop4: detected capacity change from 0 to 4096
[  710.623258][ T9233] ntfs: volume version 3.1.
[  710.632386][ T9233] ntfs: (device loop4): ntfs_attr_find(): Inode is corrupt.  Run chkdsk.
[  710.645494][ T3852] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  710.669867][ T3852] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  710.688982][ T9233] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0x5 as bad.  Run chkdsk.
[  710.705858][ T9009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  710.716499][ T9009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.726749][ T9233] ntfs: (device loop4): load_system_files(): Failed to load root directory.
[  710.735960][ T9009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  710.747951][ T9233] ntfs: (device loop4): ntfs_fill_super(): Failed to load system files.
[  710.765931][ T9009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.799017][ T9009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  710.823686][ T9009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.834100][ T9009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  710.852049][ T9009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.888627][ T9009] batman_adv: batadv0: Interface activated: batadv_slave_1
[  710.907033][ T8553] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  710.910656][ T3684] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  710.918950][ T8553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  710.940681][ T9009] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  710.962033][ T9009] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  710.972570][ T9009] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  710.981568][ T9009] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  711.911309][ T6093] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  712.008376][ T6093] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  712.034804][ T3807] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  712.062250][ T6067] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  712.069798][ T3807] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  712.119017][ T1037] block nbd4: Attempted send on invalid socket
[  712.126009][ T1037] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  712.138776][ T6067] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  712.158039][ T9249] befs: (nbd4): unable to read superblock
[  712.180668][ T3684] usb 4-1: Using ep0 maxpacket: 32
[  712.300731][ T3684] usb 4-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  712.320047][ T3684] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  712.362487][ T3684] usb 4-1: config 0 descriptor??
[  712.411300][ T3684] usb 4-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  712.420803][ T3733] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  712.516707][ T9263] netlink: 96 bytes leftover after parsing attributes in process `syz.4.931'.
[  712.543164][ T3684] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  712.561011][ T3684] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  712.580596][ T3684] usb 4-1: media controller created
[  712.653534][ T3684] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  712.680919][ T3733] usb 2-1: Using ep0 maxpacket: 16
[  712.750844][ T3684] usb 4-1: selecting invalid altsetting 1
[  712.767479][ T3684] set interface failed
[  712.768306][ T3684] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  712.812884][ T3684] error writing reg: 0xff, val: 0x00
[  712.838905][ T3684] dvb_usb_mxl111sf: probe of 4-1:0.0 failed with error -22
[  712.864695][ T3684] usb 4-1: USB disconnect, device number 17
[  713.050807][ T3733] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  713.071044][ T3733] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  713.085643][ T3733] usb 2-1: Product: syz
[  713.094188][ T3733] usb 2-1: Manufacturer: syz
[  713.106333][ T3733] usb 2-1: SerialNumber: syz
[  713.118932][ T3733] r8152-cfgselector 2-1: config 0 descriptor??
[  713.260761][ T8726] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  713.451339][ T3733] r8152-cfgselector 2-1: Unknown version 0x0000
[  713.880786][ T8726] usb 5-1: Using ep0 maxpacket: 8
[  713.881764][ T3733] usbip-host 2-1: 2-1 is not in match_busid table... skip!
[  714.151212][ T8726] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  714.170709][ T8726] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  714.324709][ T9289] netlink: 'syz.2.935': attribute type 2 has an invalid length.
[  714.332569][ T9289] netlink: 244 bytes leftover after parsing attributes in process `syz.2.935'.
[  714.933140][   T27] audit: type=1326 audit(1724819799.258:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.2.935" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8f49179e79 code=0x0
[  714.998713][ T9291] fuse: Unknown parameter 'f0ç9Â3$·°5®¾lf±•fIæÚ½Ö¢fÕÅk>é'
[  715.342919][ T8726] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  715.541356][ T8726] usb 5-1: New USB device found, idVendor=16c0, idProduct=05e1, bcdDevice= 0.40
[  715.550441][ T8726] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=20
[  715.586977][ T9336] mmap: syz.2.939 (9336): VmData 37466112 exceed data ulimit 28. Update limits or use boot option ignore_rlimit_data.
[  715.655823][ T8726] usb 5-1: Product: syz
[  715.855036][ T8726] usb 5-1: Manufacturer: syz
[  715.863098][ T8726] usb 5-1: SerialNumber: syz
[  715.932991][ T8726] usb 5-1: can't set config #1, error -71
[  715.960400][ T8551] usb 2-1: config 0 descriptor??
[  715.963470][ T8726] usb 5-1: USB disconnect, device number 23
[  716.064800][ T3681] usb 2-1: USB disconnect, device number 13
[  716.195711][ T8551] usb 2-1: can't set config #0, error -71
[  716.749052][   T27] audit: type=1326 audit(1724819801.638:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9349 comm="syz.3.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdac7979e79 code=0x7ffc0000
[  716.771763][   T27] audit: type=1326 audit(1724819801.668:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9349 comm="syz.3.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdac7979e79 code=0x7ffc0000
[  716.776146][ T9350] loop3: detected capacity change from 0 to 256
[  716.825002][   T27] audit: type=1326 audit(1724819801.668:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9349 comm="syz.3.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fdac7979e79 code=0x7ffc0000
[  716.990305][   T27] audit: type=1326 audit(1724819801.668:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9349 comm="syz.3.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fdac7979eb3 code=0x7ffc0000
[  717.118665][ T9350] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  717.142717][   T27] audit: type=1326 audit(1724819801.668:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9349 comm="syz.3.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdac797895f code=0x7ffc0000
[  717.241688][ T9350] FAT-fs (loop3): Filesystem has been set read-only
[  717.842676][   T27] audit: type=1326 audit(1724819801.668:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9349 comm="syz.3.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fdac7979f07 code=0x7ffc0000
[  717.895885][   T27] audit: type=1326 audit(1724819801.668:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9349 comm="syz.3.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdac7978810 code=0x7ffc0000
[  717.924989][   T27] audit: type=1326 audit(1724819801.668:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9349 comm="syz.3.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdac7979a7b code=0x7ffc0000
[  718.116798][   T27] audit: type=1326 audit(1724819801.948:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9349 comm="syz.3.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fdac7978b0a code=0x7ffc0000
[  718.571619][ T9375] loop4: detected capacity change from 0 to 4096
[  719.003933][ T9375] ntfs3: Unknown parameter 'É0'
[  719.383611][ T9381] loop3: detected capacity change from 0 to 2048
[  719.476934][ T9381] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  719.637001][ T9364] loop1: detected capacity change from 0 to 32768
[  719.650227][ T9364] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.950 (9364)
[  719.697284][ T9364] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  719.715304][ T9364] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  719.791226][ T9364] BTRFS info (device loop1): using free space tree
[  719.851927][ T9393] input: syz0 as /devices/virtual/input/input24
[  720.734322][ T9364] BTRFS info (device loop1): enabling ssd optimizations
[  720.950028][ T9412] loop2: detected capacity change from 0 to 32768
[  720.967694][ T7307] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  720.978207][ T9412] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by syz.2.963 (9412)
[  721.043325][ T9408] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by udevd (9408)
[  721.463249][ T9433] loop2: detected capacity change from 0 to 32768
[  721.510054][ T9433] XFS: attr2 mount option is deprecated.
[  721.536762][ T9433] XFS: ikeep mount option is deprecated.
[  721.565913][ T9433] XFS: noikeep mount option is deprecated.
[  721.749878][ T9433] XFS (loop2): Mounting V5 Filesystem
[  721.915839][ T9433] XFS (loop2): Ending clean mount
[  722.016545][ T9403] loop4: detected capacity change from 0 to 32768
[  722.109141][ T9433] XFS (loop2): Quotacheck needed: Please wait.
[  722.228344][ T9403] XFS (loop4): Mounting V5 Filesystem
[  722.472959][ T9433] XFS (loop2): Quotacheck: Done.
[  722.607719][ T9473] input: syz0 as /devices/virtual/input/input25
[  723.192709][ T9455] loop3: detected capacity change from 0 to 32768
[  723.209065][ T9403] XFS (loop4): Ending clean mount
[  723.227716][ T9403] XFS (loop4): Quotacheck needed: Please wait.
[  723.265203][ T9455] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.973 (9455)
[  723.368340][ T9455] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  723.393365][ T9403] XFS (loop4): Quotacheck: Done.
[  723.395983][ T9455] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  723.411961][ T7749] XFS (loop2): Unmounting Filesystem
[  723.480689][ T9455] BTRFS info (device loop3): using free space tree
[  723.522651][ T6608] XFS (loop4): Unmounting Filesystem
[  723.897271][ T3653] Bluetooth: Unknown BR/EDR signaling command 0x34
[  723.905612][ T3653] Bluetooth: Wrong link type (-22)
[  724.381115][ T7626] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  725.065910][ T9522] netlink: 'syz.4.976': attribute type 2 has an invalid length.
[  725.073713][ T9522] netlink: 244 bytes leftover after parsing attributes in process `syz.4.976'.
[  725.171025][   T27] kauditd_printk_skb: 22 callbacks suppressed
[  725.171117][   T27] audit: type=1326 audit(1724819809.998:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9510 comm="syz.4.976" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa0d9979e79 code=0x0
[  726.180586][ T3684] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  726.448583][ T9574] input: syz0 as /devices/virtual/input/input26
[  727.063649][ T9579] loop4: detected capacity change from 0 to 64
[  727.286745][ T3684] usb 1-1: Using ep0 maxpacket: 8
[  727.330653][  T152] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  727.410875][ T3684] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  727.438208][ T3684] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  727.465886][ T3684] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  727.490612][ T3684] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  727.590900][ T3684] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  727.600092][ T3684] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  727.600523][  T152] usb 4-1: Using ep0 maxpacket: 32
[  727.627517][ T3684] usb 1-1: SerialNumber: syz
[  727.662735][ T9570] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  727.701546][ T3684] cdc_ether: probe of 1-1:1.0 failed with error -22
[  727.708523][ T3684] usb-storage 1-1:1.0: USB Mass Storage device detected
[  727.768006][ T3684] usb-storage 1-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  727.823975][ T3684] scsi host1: usb-storage 1-1:1.0
[  727.910621][  T152] usb 4-1: New USB device found, idVendor=1ba6, idProduct=0001, bcdDevice=49.88
[  727.930033][  T152] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  727.938168][  T152] usb 4-1: Product: syz
[  727.950537][  T152] usb 4-1: Manufacturer: syz
[  727.955356][  T152] usb 4-1: SerialNumber: syz
[  727.967328][  T152] usb 4-1: config 0 descriptor??
[  728.017884][  T152] as10x_usb: device has been detected
[  728.036711][  T152] dvbdev: DVB: registering new adapter (Abilis Systems DVB-Titan)
[  728.072377][  T152] usb 4-1: DVB: registering adapter 1 frontend 0 (Abilis Systems DVB-Titan)...
[  728.087436][ T9581] loop1: detected capacity change from 0 to 32768
[  728.147262][ T9581] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  728.173165][  T152] as10x_usb: error during firmware upload part1
[  728.179795][ T9581] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  728.179814][  T152] Registered device Abilis Systems DVB-Titan
[  728.298189][ T9581] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  728.300308][ T9586] loop4: detected capacity change from 0 to 32768
[  728.330696][ T9586] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.993 (9586)
[  728.342175][  T152] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  728.361119][  T152] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  728.383947][ T9594] loop2: detected capacity change from 0 to 32768
[  728.416672][ T9594] XFS (loop2): Mounting V5 Filesystem
[  728.463394][ T3686] usb 4-1: USB disconnect, device number 18
[  728.476335][ T9586] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  728.491750][ T9594] XFS (loop2): Ending clean mount
[  728.499616][  T152] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 138ms
[  728.532111][ T9586] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  728.558158][ T9594] XFS (loop2): Quotacheck needed: Please wait.
[  728.566251][ T3686] Unregistered device Abilis Systems DVB-Titan
[  728.570811][ T9586] BTRFS info (device loop4): using free space tree
[  728.580067][ T3686] as10x_usb: device has been disconnected
[  728.595931][  T152] gfs2: fsid=syz:syz.0: jid=0: Done
[  728.615709][ T9581] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  728.747145][ T9594] XFS (loop2): Quotacheck: Done.
[  728.811474][ T9586] BTRFS info (device loop4): enabling ssd optimizations
[  728.826262][ T7749] XFS (loop2): Unmounting Filesystem
[  728.888050][ T9586] BTRFS error (device loop4): balance: mixed groups data and metadata options must be the same
[  728.988291][ T6608] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  729.176093][ T9626] loop1: detected capacity change from 0 to 512
[  729.220695][ T9626] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  729.342250][ T9626] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  729.406803][ T9626] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.996: invalid indirect mapped block 2683928664 (level 1)
[  729.537497][ T9626] EXT4-fs (loop1): Remounting filesystem read-only
[  729.557283][ T9626] EXT4-fs (loop1): 1 truncate cleaned up
[  729.583359][ T9626] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  729.635591][ T9626] EXT4-fs (loop1): unmounting filesystem.
[  729.663004][ T9635] loop4: detected capacity change from 0 to 4096
[  729.733967][ T9635] NILFS (loop4): invalid segment: Checksum error in segment payload
[  729.750605][ T9635] NILFS (loop4): trying rollback from an earlier position
[  729.789690][ T9635] NILFS (loop4): recovery complete
[  729.830643][ T9640] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  729.832582][ T4167] usb 1-1: USB disconnect, device number 17
[  730.150562][ T9436] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  730.399906][ T9633] loop3: detected capacity change from 0 to 32768
[  730.412057][ T9644] loop4: detected capacity change from 0 to 2048
[  730.451816][ T9644] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  730.569363][ T9633] XFS (loop3): Mounting V5 Filesystem
[  730.575199][ T9436] usb 2-1: Using ep0 maxpacket: 16
[  730.716168][ T9633] XFS (loop3): Ending clean mount
[  730.850888][ T9436] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  730.876584][ T9436] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  730.876807][ T7626] XFS (loop3): Unmounting Filesystem
[  730.894884][ T9436] usb 2-1: Product: syz
[  730.910626][ T9436] usb 2-1: Manufacturer: syz
[  730.916286][ T9639] loop2: detected capacity change from 0 to 32768
[  730.925498][ T9436] usb 2-1: SerialNumber: syz
[  730.958162][ T9436] usb 2-1: config 0 descriptor??
[  730.963766][ T9639] XFS: ikeep mount option is deprecated.
[  730.990138][ T9639] XFS: noikeep mount option is deprecated.
[  731.013331][ T9436] snd-usb-audio: probe of 2-1:0.0 failed with error -22
[  731.120913][ T9639] XFS (loop2): Mounting V5 Filesystem
[  731.174393][ T9669] fuse: Unknown parameter 'f0ç9Â3$·°5®¾lf±•fIæÚ½Ö¢fÕÅk>é'
[  732.084410][ T9435] usb 2-1: USB disconnect, device number 14
[  732.165626][    C1] eth0: bad gso: type: 1, size: 1408
[  732.174242][ T9639] XFS (loop2): Ending clean mount
[  732.183682][ T9639] XFS (loop2): Quotacheck needed: Please wait.
[  732.229239][ T9657] loop4: detected capacity change from 0 to 32768
[  732.270658][ T9639] XFS (loop2): Quotacheck: Done.
[  732.354689][ T9657] XFS (loop4): Mounting V5 Filesystem
[  732.377780][ T7749] XFS (loop2): Unmounting Filesystem
[  732.391645][ T9685] loop1: detected capacity change from 0 to 1024
[  732.424111][ T9685] hfsplus: bad catalog entry type
[  732.459190][ T4371] hfsplus: b-tree write err: -5, ino 4
[  732.470507][ T9657] XFS (loop4): Ending clean mount
[  732.736269][ T3686] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  732.769160][ T6608] XFS (loop4): Unmounting Filesystem
[  732.847554][ T9694] devpts: called with bogus options
[  732.981351][ T3686] usb 4-1: Using ep0 maxpacket: 16
[  733.141395][ T3686] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  733.209637][ T3686] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  733.305462][ T3686] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  733.491465][ T3686] usb 4-1: config 0 interface 0 has no altsetting 0
[  733.505911][ T3686] usb 4-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  733.525474][ T3686] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.593271][ T3686] usb 4-1: config 0 descriptor??
[  734.109883][ T9710] fuse: Unknown parameter 'f0ç9Â3$·°5®¾lf±•fIæÚ½Ö¢fÕÅk>é'
[  734.144121][ T3686] hid-generic 0003:045E:05DA.0006: unknown main item tag 0x0
[  734.153859][ T3686] hid-generic 0003:045E:05DA.0006: unknown main item tag 0x0
[  734.174824][ T3686] hid-generic 0003:045E:05DA.0006: unknown main item tag 0x0
[  734.221951][ T3686] hid-generic 0003:045E:05DA.0006: unknown main item tag 0x0
[  734.258446][ T3686] hid-generic 0003:045E:05DA.0006: unknown main item tag 0x0
[  734.292890][ T3686] hid-generic 0003:045E:05DA.0006: unknown main item tag 0x0
[  734.349061][ T3686] hid-generic 0003:045E:05DA.0006: unknown main item tag 0x0
[  734.384146][ T3686] hid-generic 0003:045E:05DA.0006: unknown main item tag 0x0
[  734.419797][ T3686] hid-generic 0003:045E:05DA.0006: unknown main item tag 0x0
[  734.455419][ T3686] hid-generic 0003:045E:05DA.0006: unknown main item tag 0x0
[  734.491344][ T3686] hid-generic 0003:045E:05DA.0006: unknown main item tag 0x0
[  734.572583][ T3686] hid-generic 0003:045E:05DA.0006: hidraw0: USB HID v0.00 Device [HID 045e:05da] on usb-dummy_hcd.3-1/input0
[  734.678460][ T3686] usb 4-1: USB disconnect, device number 19
[  734.978184][ T9712] loop4: detected capacity change from 0 to 256
[  735.061973][ T9704] loop2: detected capacity change from 0 to 32768
[  735.101435][ T9712] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  735.144653][ T9704] XFS (loop2): Mounting V5 Filesystem
[  735.197143][ T9718] loop1: detected capacity change from 0 to 1024
[  735.266530][ T9718] hfsplus: bad catalog entry type
[  735.318548][ T9704] XFS (loop2): Ending clean mount
[  735.351655][ T9704] XFS (loop2): Quotacheck needed: Please wait.
[  735.374410][ T9724] loop4: detected capacity change from 0 to 512
[  735.439979][ T9724] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  735.456447][ T9704] XFS (loop2): Quotacheck: Done.
[  735.540596][ T9731] fuse: Unknown parameter 'f0ç9Â3$·°5®¾lf±•fIæÚ½Ö¢fÕÅk>é'
[  736.407025][ T6093] hfsplus: b-tree write err: -5, ino 4
[  736.453711][ T9724] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  736.469507][ T7749] XFS (loop2): Unmounting Filesystem
[  736.510751][ T4167] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  736.528463][ T9724] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1021: invalid indirect mapped block 2683928664 (level 1)
[  736.585125][ T9724] EXT4-fs (loop4): Remounting filesystem read-only
[  736.596138][ T9724] EXT4-fs (loop4): 1 truncate cleaned up
[  736.614391][ T9724] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  736.652980][ T9724] EXT4-fs (loop4): unmounting filesystem.
[  736.706741][ T4167] usb 1-1: device descriptor read/64, error -71
[  736.850683][ T9435] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  737.000695][ T4167] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  737.080568][ T9436] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  737.090593][ T9435] usb 2-1: Using ep0 maxpacket: 16
[  737.142614][ T9741] loop3: detected capacity change from 0 to 32768
[  737.169883][ T9741] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1028 (9741)
[  737.205784][ T9741] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  737.217423][ T9741] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  737.220764][ T9435] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  737.230488][ T4167] usb 1-1: device descriptor read/64, error -71
[  737.249795][ T9741] BTRFS info (device loop3): setting nodatacow, compression disabled
[  737.258346][ T9741] BTRFS info (device loop3): turning on sync discard
[  737.265291][ T9435] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  737.271554][ T9741] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  737.286424][ T9435] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  737.306790][ T9741] BTRFS info (device loop3): trying to use backup root at mount time
[  737.315120][ T9435] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  737.325500][ T9741] BTRFS info (device loop3): enabling ssd optimizations
[  737.330594][ T9436] usb 5-1: Using ep0 maxpacket: 16
[  737.342921][ T9435] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  737.346480][ T9744] loop2: detected capacity change from 0 to 32768
[  737.360746][ T9741] BTRFS info (device loop3): using spread ssd allocation scheme
[  737.372755][ T9435] usb 2-1: config 0 descriptor??
[  737.375163][ T4167] usb usb1-port1: attempt power cycle
[  737.388326][ T9741] BTRFS info (device loop3): using free space tree
[  737.434246][ T9744] XFS (loop2): Mounting V5 Filesystem
[  737.508425][ T9744] XFS (loop2): Starting recovery (logdev: internal)
[  737.535957][ T9744] XFS (loop2): Ending recovery (logdev: internal)
[  737.595928][ T7749] XFS (loop2): Unmounting Filesystem
[  737.596937][ T7626] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  737.620817][ T9436] usb 5-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  737.631247][ T9436] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  737.639524][ T9436] usb 5-1: Product: syz
[  737.644319][ T9436] usb 5-1: Manufacturer: syz
[  737.648939][ T9436] usb 5-1: SerialNumber: syz
[  737.658990][ T9436] usb 5-1: config 0 descriptor??
[  737.705726][ T9436] snd-usb-audio: probe of 5-1:0.0 failed with error -22
[  737.845824][ T4167] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  737.920732][ T9435] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0007/input/input27
[  737.940754][ T4167] usb 1-1: device descriptor read/8, error -71
[  737.951024][ T9742] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  738.001073][ T9742] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  738.092550][ T3732] usb 5-1: USB disconnect, device number 24
[  738.097257][ T9435] microsoft 0003:045E:07DA.0007: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  738.147580][ T9435] usb 2-1: USB disconnect, device number 15
[  738.240874][ T4167] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  738.288771][ T9780] loop3: detected capacity change from 0 to 512
[  738.316275][ T9780] ext3: Unknown parameter 'uid>00000000000000000000'
[  738.340797][ T4167] usb 1-1: device descriptor read/8, error -71
[  738.361713][ T8876] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  739.648999][ T4167] usb usb1-port1: unable to enumerate USB device
[  739.693088][    C1] eth0: bad gso: type: 1, size: 1408
[  739.959421][    C1] eth0: bad gso: type: 1, size: 1408
[  740.414322][ T9796] loop1: detected capacity change from 0 to 1024
[  740.524855][ T9796] hfsplus: bad catalog entry type
[  740.630318][ T9803] fuse: Unknown parameter 'f0ç9Â3$·°5®¾lf±•fIæÚ½Ö¢fÕÅk>é'
[  741.491679][ T6093] hfsplus: b-tree write err: -5, ino 4
[  741.914008][ T9808] loop1: detected capacity change from 0 to 512
[  741.984114][ T9808] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  742.062271][ T9808] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  742.087599][ T9808] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1038: invalid indirect mapped block 2683928664 (level 1)
[  742.200889][ T9808] EXT4-fs (loop1): Remounting filesystem read-only
[  742.219707][ T9808] EXT4-fs (loop1): 1 truncate cleaned up
[  742.246009][ T9808] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  742.276745][ T9808] EXT4-fs (loop1): unmounting filesystem.
[  742.720549][ T1185] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  742.922261][ T9812] loop4: detected capacity change from 0 to 32768
[  742.970567][ T1185] usb 2-1: Using ep0 maxpacket: 16
[  742.979510][ T9812] XFS (loop4): Mounting V5 Filesystem
[  743.079952][ T9812] XFS (loop4): Ending clean mount
[  743.109367][ T9812] XFS (loop4): Quotacheck needed: Please wait.
[  743.127550][ T9827] loop2: detected capacity change from 0 to 32768
[  743.156783][ T9435] XFS (loop4): Metadata CRC error detected at xfs_agfl_read_verify+0x1ca/0x290, xfs_agfl block 0x3 
[  743.198946][ T9435] XFS (loop4): Unmount and run xfs_repair
[  743.207253][ T9435] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  743.219015][ T9435] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed  XAF.......G...N.
[  743.228654][ T9435] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00  .b..1...........
[  743.241127][ T9435] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08  .;..............
[  743.251188][ T1185] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  743.271958][ T1185] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.280233][ T9435] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c  ................
[  743.293233][ T1185] usb 2-1: Product: syz
[  743.297420][ T1185] usb 2-1: Manufacturer: syz
[  743.303054][ T9435] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  743.314943][ T1185] usb 2-1: SerialNumber: syz
[  743.320051][ T9435] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  743.336827][ T1185] usb 2-1: config 0 descriptor??
[  743.342170][ T9435] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  743.351283][ T9435] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  743.362335][ T3852] XFS (loop4): metadata I/O error in "xfs_alloc_read_agfl+0x250/0x430" at daddr 0x3 len 1 error 74
[  743.380201][ T9827] XFS (loop2): Mounting V5 Filesystem
[  743.384839][ T1185] snd-usb-audio: probe of 2-1:0.0 failed with error -22
[  743.456732][ T9812] XFS (loop4): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  743.540583][ T3732] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  743.547434][ T9827] XFS (loop2): Ending clean mount
[  743.590757][ T1185] usb 2-1: USB disconnect, device number 16
[  743.691252][ T7749] XFS (loop2): Unmounting Filesystem
[  743.748119][ T6608] XFS (loop4): Unmounting Filesystem
[  743.815728][ T3732] usb 1-1: Using ep0 maxpacket: 16
[  743.878171][ T9852] loop3: detected capacity change from 0 to 32768
[  743.930258][ T9852] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop3 scanned by syz.3.1047 (9852)
[  744.017525][ T9852] BTRFS info (device loop3): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  744.029358][ T9852] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  744.041152][ T9852] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[  744.078641][ T9852] BTRFS info (device loop3): use lzo compression, level 0
[  744.097153][ T9852] BTRFS info (device loop3): using free space tree
[  744.150832][ T3732] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  744.168067][ T3732] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  744.183020][ T3732] usb 1-1: Product: syz
[  744.187286][ T3732] usb 1-1: Manufacturer: syz
[  744.219009][ T3732] usb 1-1: SerialNumber: syz
[  744.269864][ T3732] usb 1-1: config 0 descriptor??
[  744.392562][ T3732] snd-usb-audio: probe of 1-1:0.0 failed with error -22
[  744.906702][ T9848] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  745.077901][ T9878] overlayfs: failed to resolve './file0': -2
[  745.871151][ T9848] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  745.896894][ T1185] usb 1-1: USB disconnect, device number 22
[  747.144891][    C1] eth0: bad gso: type: 1, size: 1408
[  747.220700][ T7626] BTRFS info (device loop3): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  747.809703][ T9904] loop1: detected capacity change from 0 to 2048
[  748.114101][ T9904] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  748.210651][ T9904] ext4 filesystem being mounted at /86/bus supports timestamps until 2038 (0x7fffffff)
[  749.180562][ T3732] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  749.260512][ T9000] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  749.347550][ T9915] loop2: detected capacity change from 0 to 40427
[  749.383732][ T9915] F2FS-fs (loop2): invalid crc value
[  749.448403][ T9915] F2FS-fs (loop2): Found nat_bits in checkpoint
[  749.454871][ T3732] usb 1-1: Using ep0 maxpacket: 16
[  749.520639][ T9000] usb 4-1: Using ep0 maxpacket: 32
[  749.555968][ T9915] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1
[  749.597366][ T7307] EXT4-fs (loop1): unmounting filesystem.
[  749.604284][ T9915] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  749.660934][ T9000] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  749.680651][ T9000] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  749.700408][ T9000] usb 4-1: New USB device found, idVendor=0079, idProduct=1801, bcdDevice= 0.00
[  749.710393][ T9000] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  749.719226][ T7749] syz-executor: attempt to access beyond end of device
[  749.719226][ T7749] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  749.735848][ T9000] usb 4-1: config 0 descriptor??
[  749.770210][ T3732] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  749.799794][ T3732] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  749.818223][ T3732] usb 1-1: Product: syz
[  749.822563][ T3732] usb 1-1: Manufacturer: syz
[  749.827172][ T3732] usb 1-1: SerialNumber: syz
[  749.845173][ T3732] usb 1-1: config 0 descriptor??
[  749.892722][ T3732] snd-usb-audio: probe of 1-1:0.0 failed with error -22
[  750.092932][ T8726] usb 1-1: USB disconnect, device number 23
[  750.326503][ T9000] hid_mf 0003:0079:1801.0008: hidraw0: USB HID v0.00 Device [HID 0079:1801] on usb-dummy_hcd.3-1/input0
[  750.343842][ T9000] hid_mf 0003:0079:1801.0008: Invalid report, this should never happen!
[  750.374279][ T9000] hid_mf 0003:0079:1801.0008: Force feedback init failed.
[  751.203475][ T9000] usb 4-1: USB disconnect, device number 20
[  751.290427][ T9938] loop2: detected capacity change from 0 to 512
[  751.317708][ T9931] loop1: detected capacity change from 0 to 32768
[  751.333112][ T9938] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  751.377019][ T9938] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[  751.391574][ T9938] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1064: invalid indirect mapped block 2683928664 (level 1)
[  751.417761][ T9938] EXT4-fs (loop2): Remounting filesystem read-only
[  751.427719][ T9931] XFS (loop1): Mounting V5 Filesystem
[  751.436353][ T9938] EXT4-fs (loop2): 1 truncate cleaned up
[  751.442705][ T9938] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  751.466188][ T9938] EXT4-fs (loop2): unmounting filesystem.
[  751.630823][ T9931] XFS (loop1): Ending clean mount
[  752.377495][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  752.400913][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  752.590210][ T9956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1067'.
[  752.602750][ T7307] XFS (loop1): Unmounting Filesystem
[  752.740584][ T4092] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  753.713624][ T4092] usb 3-1: Using ep0 maxpacket: 16
[  753.736692][ T9964] loop3: detected capacity change from 0 to 256
[  753.783280][ T9966] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1073'.
[  753.793163][ T9966] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1073'.
[  753.819954][ T9964] FAT-fs (loop3): Directory bread(block 64) failed
[  753.850590][ T9964] FAT-fs (loop3): Directory bread(block 65) failed
[  753.871350][ T9964] FAT-fs (loop3): Directory bread(block 66) failed
[  753.898651][ T9964] FAT-fs (loop3): Directory bread(block 67) failed
[  753.910919][ T9964] FAT-fs (loop3): Directory bread(block 68) failed
[  753.917466][ T9964] FAT-fs (loop3): Directory bread(block 69) failed
[  753.952725][ T9964] FAT-fs (loop3): Directory bread(block 70) failed
[  754.060145][ T9964] FAT-fs (loop3): Directory bread(block 71) failed
[  754.137696][ T9964] FAT-fs (loop3): Directory bread(block 72) failed
[  754.148906][ T9964] FAT-fs (loop3): Directory bread(block 73) failed
[  754.155990][ T4092] usb 3-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  754.199233][ T4092] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  754.218152][ T4092] usb 3-1: Product: syz
[  754.228261][ T4092] usb 3-1: Manufacturer: syz
[  754.239436][ T4092] usb 3-1: SerialNumber: syz
[  754.259450][ T4092] usb 3-1: config 0 descriptor??
[  754.334581][    C1] eth0: bad gso: type: 1, size: 1408
[  754.340745][ T4092] usb 3-1: can't set config #0, error -71
[  754.390727][ T4092] usb 3-1: USB disconnect, device number 21
[  755.681108][ T9989] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1082'.
[  756.268191][T10001] loop4: detected capacity change from 0 to 2048
[  756.381376][T10001] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  756.389962][T10001] ext4 filesystem being mounted at /136/bus supports timestamps until 2038 (0x7fffffff)
[  756.427455][ T9974] loop1: detected capacity change from 0 to 32768
[  756.494757][ T6608] EXT4-fs (loop4): unmounting filesystem.
[  756.520994][ T9974] XFS (loop1): Mounting V5 Filesystem
[  756.713103][ T9435] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  756.750568][ T9974] XFS (loop1): Ending clean mount
[  758.430591][T10035] IPv6: sit1: Disabled Multicast RS
[  760.718517][ T9435] usb 1-1: Using ep0 maxpacket: 16
[  760.755051][ T7307] XFS (loop1): Unmounting Filesystem
[  760.916648][ T9435] usb 1-1: device descriptor read/all, error -71
[  760.932880][    C1] eth0: bad gso: type: 1, size: 1408
[  761.391988][T10056] loop4: detected capacity change from 0 to 2048
[  761.447898][T10063] loop3: detected capacity change from 0 to 512
[  761.483855][T10056] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  761.492494][T10056] ext4 filesystem being mounted at /140/bus supports timestamps until 2038 (0x7fffffff)
[  761.529767][T10063] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  761.586696][T10063] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038 (0x7fffffff)
[  761.615233][ T6608] EXT4-fs (loop4): unmounting filesystem.
[  761.736318][ T7626] EXT4-fs (loop3): unmounting filesystem.
[  761.774006][T10073] loop4: detected capacity change from 0 to 16
[  761.791125][T10073] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  761.798760][T10074] overlayfs: failed to resolve './file1': -2
[  762.394904][T10083] loop4: detected capacity change from 0 to 4096
[  762.435618][T10083] NILFS (loop4): invalid segment: Checksum error in segment payload
[  762.460550][T10083] NILFS (loop4): trying rollback from an earlier position
[  762.471208][ T8726] usb 4-1: new full-speed USB device number 21 using dummy_hcd
[  762.489630][T10083] NILFS (loop4): recovery complete
[  762.508983][T10085] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  762.630583][ T3686] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  762.917564][T10097] fuse: Unknown parameter 'f0ç9Â3$·°5®¾lf±•fIæÚ½Ö¢fÕÅk>é'
[  762.934133][ T3686] usb 1-1: Using ep0 maxpacket: 16
[  763.875381][ T8726] usb 4-1: New USB device found, idVendor=0644, idProduct=800f, bcdDevice=8f.45
[  763.894968][ T8726] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  763.938658][ T8726] usb 4-1: Product: syz
[  763.944784][ T8726] usb 4-1: Manufacturer: syz
[  763.949412][ T8726] usb 4-1: SerialNumber: syz
[  763.986328][ T8726] usb 4-1: config 0 descriptor??
[  764.006784][T10102] loop2: detected capacity change from 0 to 4096
[  764.042170][ T3686] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  764.060770][T10102] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
[  764.072499][ T3686] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  764.082168][ T3686] usb 1-1: Product: syz
[  764.086626][ T3686] usb 1-1: Manufacturer: syz
[  764.092901][ T3686] usb 1-1: SerialNumber: syz
[  764.104232][ T3686] usb 1-1: config 0 descriptor??
[  764.120939][T10102] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  764.164423][T10102] ntfs3: loop2: Failed to load $Extend.
[  764.172607][ T3686] snd-usb-audio: probe of 1-1:0.0 failed with error -22
[  764.264249][ T8726] usb 4-1: USB disconnect, device number 21
[  764.398916][T10084] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  764.410939][T10084] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  764.446558][ T4092] usb 1-1: USB disconnect, device number 26
[  764.690660][T10120] loop4: detected capacity change from 0 to 2048
[  764.755477][T10120] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  764.805461][T10108] loop1: detected capacity change from 0 to 40427
[  764.827049][T10108] F2FS-fs (loop1): invalid crc value
[  764.875753][T10108] F2FS-fs (loop1): Found nat_bits in checkpoint
[  764.876933][ T6608] EXT4-fs (loop4): unmounting filesystem.
[  764.937592][T10108] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[  764.967240][T10108] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  765.406661][T10108] syz.1.1119: attempt to access beyond end of device
[  765.406661][T10108] loop1: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  765.949010][ T7307] syz-executor: attempt to access beyond end of device
[  765.949010][ T7307] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  768.982147][T10159] IPv6: sit1: Disabled Multicast RS
[  769.239506][T10166] overlayfs: failed to resolve './file1': -2
[  770.049264][T10174] loop1: detected capacity change from 0 to 2048
[  770.350761][ T4092] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  770.886263][T10174] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  771.060698][ T4092] usb 1-1: Using ep0 maxpacket: 16
[  771.119173][ T7307] EXT4-fs (loop1): unmounting filesystem.
[  771.347631][ T4092] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  771.377225][ T4092] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  771.411750][ T4092] usb 1-1: Product: syz
[  771.426371][ T4092] usb 1-1: Manufacturer: syz
[  771.443530][ T4092] usb 1-1: SerialNumber: syz
[  771.463624][ T4092] usb 1-1: config 0 descriptor??
[  771.501832][T10204] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1151'.
[  771.516318][ T4092] snd-usb-audio: probe of 1-1:0.0 failed with error -22
[  771.804589][ T8726] usb 1-1: USB disconnect, device number 27
[  771.829750][T10215] loop3: detected capacity change from 0 to 1024
[  771.844918][T10215] EXT4-fs: Ignoring removed orlov option
[  771.850755][T10215] EXT4-fs: Ignoring removed nomblk_io_submit option
[  771.870103][T10217] loop1: detected capacity change from 0 to 2048
[  771.897938][T10217] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  771.905534][T10209] loop4: detected capacity change from 0 to 4096
[  771.906543][T10217] ext4 filesystem being mounted at /96/bus supports timestamps until 2038 (0x7fffffff)
[  771.929659][T10209] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  771.944711][T10215] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  771.972900][T10209] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  771.985336][T10209] ntfs3: loop4: Failed to load $BadClus.
[  772.107882][ T7626] EXT4-fs (loop3): unmounting filesystem.
[  772.440648][ T8726] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  772.460727][ T9436] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  772.468407][ T4092] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  772.572818][ T7307] EXT4-fs (loop1): unmounting filesystem.
[  772.706304][ T8726] usb 3-1: Using ep0 maxpacket: 32
[  772.732414][ T9436] usb 5-1: Using ep0 maxpacket: 8
[  772.737659][ T4092] usb 4-1: Using ep0 maxpacket: 8
[  772.830913][ T8726] usb 3-1: config index 0 descriptor too short (expected 156, got 27)
[  772.844799][ T8726] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  772.859652][ T9436] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  772.870690][ T4092] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  772.887932][ T9436] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  772.898034][ T4092] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  772.915508][ T8726] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  772.927406][ T9436] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  772.937737][ T4092] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  772.947991][ T9436] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  772.958476][ T8726] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  772.971979][ T4092] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  772.985402][ T9436] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  772.998804][ T8726] usb 3-1: config 0 interface 0 has no altsetting 0
[  773.005525][ T4092] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  773.015276][ T9436] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  773.031227][ T4092] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  773.040070][ T9436] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  773.171253][ T8726] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  773.180712][ T8726] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  773.189316][ T8726] usb 3-1: Product: syz
[  773.204369][ T8726] usb 3-1: Manufacturer: syz
[  773.214530][ T8726] usb 3-1: SerialNumber: syz
[  773.226427][ T8726] usb 3-1: config 0 descriptor??
[  773.240093][T10238] loop1: detected capacity change from 0 to 32768
[  773.282051][ T8726] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  773.303538][T10238] XFS (loop1): Mounting V5 Filesystem
[  773.310766][ T4092] usb 4-1: GET_CAPABILITIES returned 0
[  773.319898][ T4092] usbtmc 4-1:16.0: can't read capabilities
[  773.330655][ T9436] usb 5-1: GET_CAPABILITIES returned 0
[  773.336181][ T9436] usbtmc 5-1:16.0: can't read capabilities
[  773.349477][ T8726] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  773.439627][T10238] XFS (loop1): Ending clean mount
[  773.500863][ T9436] usb 3-1: USB disconnect, device number 22
[  773.513266][ T9436] ldusb 3-1:0.0: LD USB Device #0 now disconnected
[  773.543115][ T4092] usb 5-1: USB disconnect, device number 25
[  773.550688][ T8726] usb 4-1: USB disconnect, device number 22
[  773.608626][ T7307] XFS (loop1): Unmounting Filesystem
[  773.719188][T10228] ldusb: No device or device unplugged -19
[  773.815030][T10250] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1167'.
[  773.844949][T10250] bridge0: port 1(bridge_slave_0) entered disabled state
[  774.181725][T10261] loop1: detected capacity change from 0 to 128
[  774.315415][T10261] syz.1.1171: attempt to access beyond end of device
[  774.315415][T10261] loop1: rw=2049, sector=145, nr_sectors = 33 limit=128
[  775.907881][T10289] loop2: detected capacity change from 0 to 1024
[  776.009434][T10289] EXT4-fs: Ignoring removed orlov option
[  776.030724][ T3651] Bluetooth: hci4: command tx timeout
[  776.063044][T10289] EXT4-fs (loop2): Test dummy encryption mode enabled
[  776.080670][  T152] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  776.136123][   T11] device hsr_slave_0 left promiscuous mode
[  776.217033][T10299] fuse: Unknown parameter 'f0ç9Â3$·°5®¾lf±•fIæÚ½Ö¢fÕÅk>é'
[  776.253938][T10289] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  776.365916][  T152] usb 1-1: Using ep0 maxpacket: 8
[  777.067681][   T11] device hsr_slave_1 left promiscuous mode
[  777.083757][ T7749] EXT4-fs (loop2): unmounting filesystem.
[  777.159257][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  777.161454][  T152] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  777.293926][  T152] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  777.328656][  T152] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  778.102304][  T152] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  778.109268][T10308] loop1: detected capacity change from 0 to 128
[  778.161566][T10308] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  778.171218][T10308] ext4 filesystem being mounted at /106/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  778.203203][  T152] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  778.217033][  T152] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  778.229121][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  778.257950][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  778.284876][   T11] device bridge_slave_1 left promiscuous mode
[  778.296813][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  778.314816][   T11] device bridge_slave_0 left promiscuous mode
[  778.328757][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  778.484616][   T11] device veth1_macvtap left promiscuous mode
[  778.499808][ T7307] EXT4-fs (loop1): unmounting filesystem.
[  778.512596][   T11] device veth0_macvtap left promiscuous mode
[  778.545329][  T152] usb 1-1: GET_CAPABILITIES returned 0
[  778.554671][  T152] usbtmc 1-1:16.0: can't read capabilities
[  778.561643][   T11] device veth1_vlan left promiscuous mode
[  778.600154][   T11] device veth0_vlan left promiscuous mode
[  778.623266][    C1] eth0: bad gso: type: 1, size: 1408
[  778.768239][  T152] usb 1-1: USB disconnect, device number 28
[  779.077923][T10316] loop4: detected capacity change from 0 to 32768
[  779.104530][T10316] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1191 (10316)
[  779.155750][T10316] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  779.176868][T10316] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  779.200659][T10316] BTRFS info (device loop4): enabling auto defrag
[  779.226472][T10316] BTRFS info (device loop4): max_inline at 0
[  779.258992][T10316] BTRFS info (device loop4): enabling ssd optimizations
[  779.283829][T10316] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8)
[  779.320592][T10316] BTRFS info (device loop4): use lzo compression, level 0
[  779.338093][T10316] BTRFS info (device loop4): using free space tree
[  779.463766][T10318] loop1: detected capacity change from 0 to 32768
[  779.500801][T10318] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1190 (10318)
[  779.541913][T10318] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  779.582593][T10318] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  779.670822][T10318] BTRFS info (device loop1): metadata ratio 4
[  779.692757][T10318] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8)
[  779.730281][T10318] BTRFS info (device loop1): force lzo compression, level 0
[  779.732558][T10323] loop3: detected capacity change from 0 to 32768
[  779.768192][T10318] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  779.806814][T10318] BTRFS info (device loop1): trying to use backup root at mount time
[  779.812055][T10323] XFS: ikeep mount option is deprecated.
[  779.845887][T10318] BTRFS info (device loop1): doing ref verification
[  779.875543][T10318] BTRFS info (device loop1): enabling auto defrag
[  779.882553][T10318] BTRFS info (device loop1): disabling tree log
[  779.901012][T10318] BTRFS info (device loop1): using free space tree
[  779.911043][T10323] XFS (loop3): Mounting V5 Filesystem
[  780.078621][ T6608] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  780.078870][T10323] XFS (loop3): Ending clean mount
[  780.098080][T10323] XFS (loop3): Quotacheck needed: Please wait.
[  780.214504][    T9] BTRFS warning (device loop1): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x26333c6f level 0
[  780.254305][ T8726] usb 1-1: new full-speed USB device number 29 using dummy_hcd
[  780.258236][T10318] BTRFS warning (device loop1): couldn't read tree root
[  780.301274][T10318] BTRFS warning (device loop1): try to load backup roots slot 1
[  780.317473][    T9] BTRFS warning (device loop1): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x78ca8373 level 0
[  780.336224][T10318] BTRFS warning (device loop1): couldn't read tree root
[  780.362473][T10318] BTRFS warning (device loop1): try to load backup roots slot 2
[  780.386190][T10318] BTRFS error (device loop1): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7
[  780.395264][T10323] XFS (loop3): Quotacheck: Done.
[  780.431119][T10318] BTRFS warning (device loop1): couldn't read tree root
[  780.438731][T10318] BTRFS warning (device loop1): try to load backup roots slot 3
[  780.516340][T10318] BTRFS info (device loop1): enabling ssd optimizations
[  780.525560][T10318] BTRFS info (device loop1): rebuilding free space tree
[  780.533075][ T7626] XFS (loop3): Unmounting Filesystem
[  780.552798][   T11] team0 (unregistering): Port device team_slave_1 removed
[  780.630763][ T8726] usb 1-1: New USB device found, idVendor=2040, idProduct=9301, bcdDevice=e4.fb
[  780.659218][ T8726] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  780.697272][ T8726] usb 1-1: config 0 descriptor??
[  780.757601][ T8726] dvb-usb: found a 'Hauppauge WinTV-NOVA-T usb2' in warm state.
[  780.784924][ T8726] dvb-usb: bulk message failed: -22 (3/0)
[  780.796965][   T11] team0 (unregistering): Port device team_slave_0 removed
[  780.801133][T10318] BTRFS info (device loop1): checking UUID tree
[  780.825469][ T8726] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  780.875407][ T8726] dvbdev: DVB: registering new adapter (Hauppauge WinTV-NOVA-T usb2)
[  780.887401][ T8726] usb 1-1: media controller created
[  780.906052][ T8726] dvb-usb: bulk message failed: -22 (5/0)
[  780.912874][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  780.927902][ T8726] dvb-usb: MAC address reading failed.
[  780.956216][ T8726] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  780.988236][ T8726] dvb-usb: bulk message failed: -22 (6/0)
[  781.011108][ T7307] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  781.015977][ T8726] dvb-usb: bulk message failed: -22 (6/0)
[  781.056715][ T8726] dvb-usb: no frontend was attached by 'Hauppauge WinTV-NOVA-T usb2'
[  781.116766][ T8726] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input28
[  781.185258][ T8726] dvb-usb: schedule remote query interval to 100 msecs.
[  781.197800][ T8726] dvb-usb: Hauppauge WinTV-NOVA-T usb2 successfully initialized and connected.
[  781.219440][ T8726] usb 1-1: USB disconnect, device number 29
[  781.416541][T10383] fuse: Unknown parameter 'f0ç9Â3$·°5®¾lf±•fIæÚ½Ö¢fÕÅk>é'
[  781.955342][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  782.111767][ T8726] dvb-usb: Hauppauge WinTV-NOVA-T usb2 successfully deinitialized and disconnected.
[  783.187522][T10396] loop1: detected capacity change from 0 to 512
[  783.214576][T10396] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  783.608770][T10384] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  784.182698][T10396] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  784.200854][T10396] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1202: invalid indirect mapped block 2683928664 (level 1)
[  784.228027][T10396] EXT4-fs (loop1): Remounting filesystem read-only
[  784.241327][T10396] EXT4-fs (loop1): 1 truncate cleaned up
[  784.267515][T10396] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  784.306810][T10396] EXT4-fs (loop1): unmounting filesystem.
[  784.400670][T10384] usb 4-1: Using ep0 maxpacket: 16
[  784.687162][T10384] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  784.710890][T10384] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  784.718912][T10384] usb 4-1: Product: syz
[  784.723555][T10384] usb 4-1: Manufacturer: syz
[  784.728170][T10384] usb 4-1: SerialNumber: syz
[  784.742290][T10384] usb 4-1: config 0 descriptor??
[  784.762012][ T8726] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  784.795626][T10384] snd-usb-audio: probe of 4-1:0.0 failed with error -22
[  784.878034][   T11] bond0 (unregistering): Released all slaves
[  784.992830][T10384] usb 4-1: USB disconnect, device number 23
[  785.040593][ T8726] usb 2-1: Using ep0 maxpacket: 16
[  785.333029][ T8726] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  785.360529][ T8726] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  785.368563][ T8726] usb 2-1: Product: syz
[  785.383827][ T8726] usb 2-1: Manufacturer: syz
[  785.388454][ T8726] usb 2-1: SerialNumber: syz
[  785.420087][ T8726] usb 2-1: config 0 descriptor??
[  785.472654][ T8726] snd-usb-audio: probe of 2-1:0.0 failed with error -22
[  785.679495][T10403] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  785.719946][T10403] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  785.771144][ T8726] usb 2-1: USB disconnect, device number 17
[  785.888798][    C1] eth0: bad gso: type: 1, size: 1408
[  786.003341][T10434] random: crng reseeded on system resumption
[  786.147182][T10411] loop2: detected capacity change from 0 to 40427
[  786.218808][T10411] F2FS-fs (loop2): Found nat_bits in checkpoint
[  786.393118][T10411] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  786.525397][ T7749] syz-executor: attempt to access beyond end of device
[  786.525397][ T7749] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  788.632353][T10438] loop3: detected capacity change from 0 to 32768
[  788.888550][T10438] XFS (loop3): Mounting V5 Filesystem
[  788.902425][T10444] loop1: detected capacity change from 0 to 32768
[  788.951239][T10444] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1219 (10444)
[  788.981652][T10444] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  789.010584][T10444] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  789.017222][T10438] XFS (loop3): Ending clean mount
[  789.026000][T10444] BTRFS info (device loop1): setting nodatacow, compression disabled
[  789.041033][T10444] BTRFS info (device loop1): enabling auto defrag
[  789.067977][T10444] BTRFS info (device loop1): doing ref verification
[  789.118585][T10444] BTRFS info (device loop1): using free space tree
[  789.180282][ T7626] XFS (loop3): Unmounting Filesystem
[  789.278305][T10444] BTRFS error (device loop1): open_ctree failed
[  789.290643][    T7] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  789.543622][T10461] loop2: detected capacity change from 0 to 32768
[  789.560689][    T7] usb 1-1: Using ep0 maxpacket: 16
[  789.619006][T10461] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.1222 (10461)
[  789.733374][T10498] loop1: detected capacity change from 0 to 4096
[  789.747013][T10461] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  789.798532][T10501] syz.4.1232[10501] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  789.798676][T10501] syz.4.1232[10501] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  789.823973][T10461] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  789.864637][T10502] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  789.900806][    T7] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  789.911206][T10461] BTRFS info (device loop2): setting nodatacow, compression disabled
[  789.924609][    T7] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  789.930051][T10461] BTRFS info (device loop2): setting datacow
[  789.961087][T10461] BTRFS info (device loop2): doing ref verification
[  789.964783][    T7] usb 1-1: Product: syz
[  789.994305][    T7] usb 1-1: Manufacturer: syz
[  789.998943][    T7] usb 1-1: SerialNumber: syz
[  790.017245][T10461] BTRFS info (device loop2): force clearing of disk cache
[  790.042828][    T7] usb 1-1: config 0 descriptor??
[  790.065284][T10461] BTRFS info (device loop2): turning off barriers
[  790.094986][T10461] BTRFS info (device loop2): enabling ssd optimizations
[  790.123894][T10461] BTRFS info (device loop2): using spread ssd allocation scheme
[  790.142906][    T7] snd-usb-audio: probe of 1-1:0.0 failed with error -22
[  790.179790][T10461] BTRFS info (device loop2): not using ssd optimizations
[  790.233468][T10461] BTRFS info (device loop2): not using spread ssd allocation scheme
[  790.267720][T10461] BTRFS info (device loop2): using free space tree
[  790.343945][T10475] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  790.373101][T10475] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  790.510310][ T3743] usb 1-1: USB disconnect, device number 30
[  790.593430][T10522] loop3: detected capacity change from 0 to 2048
[  791.267994][T10461] BTRFS info (device loop2): rebuilding free space tree
[  791.279669][T10522] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  791.288393][T10522] ext4 filesystem being mounted at /112/bus supports timestamps until 2038 (0x7fffffff)
[  791.519678][   T27] audit: type=1800 audit(1724819876.408:342): pid=10461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1222" name="file0" dev="loop2" ino=258 res=0 errno=0
[  791.552918][ T7626] EXT4-fs (loop3): unmounting filesystem.
[  791.650863][T10461] BTRFS info (device loop2): setting compat-ro feature flag for VERITY (0x4)
[  791.704456][T10543] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1237'.
[  791.889624][ T7749] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  791.932483][    C1] eth0: bad gso: type: 1, size: 1408
[  792.140655][ T8726] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  792.410736][ T8726] usb 2-1: Using ep0 maxpacket: 16
[  792.530923][ T8726] usb 2-1: config 255 has too many interfaces: 255, using maximum allowed: 32
[  792.550823][ T8726] usb 2-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config
[  792.578885][ T8726] usb 2-1: config 255 has 0 interfaces, different from the descriptor's value: 255
[  792.611034][ T8726] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  792.640776][ T8726] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  792.950465][ T8726] usb 2-1: USB disconnect, device number 18
[  793.120743][ T4167] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  793.420501][ T4167] usb 4-1: Using ep0 maxpacket: 16
[  793.435031][T10588] loop4: detected capacity change from 0 to 512
[  794.054877][T10589] loop2: detected capacity change from 0 to 2048
[  794.713825][T10588] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  794.783806][T10589] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  794.792482][T10589] ext4 filesystem being mounted at /118/bus supports timestamps until 2038 (0x7fffffff)
[  794.824734][T10588] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  794.857640][T10588] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1251: invalid indirect mapped block 2683928664 (level 1)
[  794.872995][ T4167] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  794.892561][ T4167] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  794.930511][ T4167] usb 4-1: Product: syz
[  794.942185][ T4167] usb 4-1: Manufacturer: syz
[  794.955975][ T4167] usb 4-1: SerialNumber: syz
[  794.986694][T10588] EXT4-fs (loop4): Remounting filesystem read-only
[  795.000098][ T4167] usb 4-1: config 0 descriptor??
[  795.020938][T10588] EXT4-fs (loop4): 1 truncate cleaned up
[  795.027396][T10588] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  795.040846][ T7749] EXT4-fs (loop2): unmounting filesystem.
[  795.060656][ T8726] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  795.075834][ T4167] snd-usb-audio: probe of 4-1:0.0 failed with error -22
[  795.098009][T10588] EXT4-fs (loop4): unmounting filesystem.
[  795.277735][ T8994] usb 4-1: USB disconnect, device number 24
[  795.320677][ T8726] usb 2-1: Using ep0 maxpacket: 32
[  795.470844][ T8726] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  795.479592][T10606] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1257'.
[  795.491675][ T4167] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  795.498991][ T8726] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  795.520594][ T8726] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  795.558043][ T8726] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  795.583375][ T8726] usb 2-1: config 0 interface 0 has no altsetting 0
[  795.634017][T10613] random: crng reseeded on system resumption
[  795.750645][ T4167] usb 5-1: Using ep0 maxpacket: 16
[  795.755688][ T8726] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  795.775938][ T8726] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  795.790503][ T8726] usb 2-1: Product: syz
[  795.810510][ T8726] usb 2-1: Manufacturer: syz
[  795.817509][ T8726] usb 2-1: SerialNumber: syz
[  795.851415][ T8726] usb 2-1: config 0 descriptor??
[  795.892074][ T8726] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  795.909783][ T8726] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  796.970745][ T4167] usb 5-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.d7
[  796.998320][ T4167] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.015843][ T8726] usb 2-1: USB disconnect, device number 19
[  797.020109][ T4167] usb 5-1: Product: syz
[  797.030970][    C0] ldusb 2-1:0.0: usb_submit_urb failed (-19)
[  797.037914][T10594] ldusb 2-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71
[  797.062518][ T4167] usb 5-1: config 0 descriptor??
[  797.079470][T10623] ldusb 2-1:0.0: Couldn't submit HID_REQ_SET_REPORT -19
[  797.080652][ T4167] usb 5-1: can't set config #0, error -71
[  797.118083][ T4167] usb 5-1: USB disconnect, device number 26
[  797.132242][    C1] eth0: bad gso: type: 1, size: 1408
[  797.147912][ T8726] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  797.149176][    C1] eth0: bad gso: type: 1, size: 1408
[  797.247283][T10632] loop4: detected capacity change from 0 to 164
[  797.385129][T10637] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1267'.
[  797.796916][T10656] loop3: detected capacity change from 0 to 512
[  797.836026][T10656] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  797.901200][T10656] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  797.917445][T10656] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1275: invalid indirect mapped block 2683928664 (level 1)
[  797.949270][T10656] EXT4-fs (loop3): Remounting filesystem read-only
[  797.957610][T10656] EXT4-fs (loop3): 1 truncate cleaned up
[  797.974568][T10656] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  804.565662][T10656] EXT4-fs (loop3): unmounting filesystem.
[  804.599432][T10667] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1278'.
[  804.668924][T10667] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1278'.
[  804.935927][T10674] loop2: detected capacity change from 0 to 4096
[  805.576873][T10710] loop4: detected capacity change from 0 to 1024
[  805.611066][T10710] EXT4-fs: Ignoring removed nobh option
[  805.621491][T10710] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  805.690543][   T26] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  805.697495][T10714] Bluetooth: MGMT ver 1.22
[  805.711802][T10710] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  805.849907][T10702] loop1: detected capacity change from 0 to 32768
[  805.850006][ T6608] EXT4-fs (loop4): unmounting filesystem.
[  805.881782][T10696] loop3: detected capacity change from 0 to 32768
[  805.949608][   T26] usb 1-1: Using ep0 maxpacket: 32
[  805.965900][T10696] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.1289 (10696)
[  805.995569][ T3682] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  806.044085][T10696] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  806.072531][T10696] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  806.081773][   T26] usb 1-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  806.101972][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  806.113556][T10702] jfs_strtoUCS: char2uni returned -22.
[  806.130547][T10696] BTRFS info (device loop3): using free space tree
[  806.139303][   T26] usb 1-1: config 0 descriptor??
[  806.144795][T10702] charset = cp932, char = 0xfe
[  806.197859][   T26] gspca_main: sunplus-2.14.0 probing 0458:7006
[  806.396070][T10696] BTRFS info (device loop3): enabling ssd optimizations
[  806.416023][ T3682] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  806.423755][T10718] loop4: detected capacity change from 0 to 32768
[  806.466360][ T3682] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  806.549579][T10718] find_entry called with index = 0
[  806.561526][T10718] read_mapping_page failed!
[  806.566096][T10718] ERROR: (device loop4): txCommit: 
[  806.566096][T10718] 
[  806.581701][T10696] BTRFS info (device loop3): scrub: started on devid 1
[  806.611519][ T3682] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  806.638124][ T3682] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  806.772472][T10696] BTRFS info (device loop3): scrub: finished on devid 1 with status: 0
[  807.345547][   T26] gspca_sunplus: reg_w_riv err -71
[  807.351079][   T26] sunplus: probe of 1-1:0.0 failed with error -71
[  807.371439][   T26] usb 1-1: USB disconnect, device number 31
[  807.527717][ T7626] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  807.570070][ T3682] usb 3-1: SerialNumber: syz
[  807.646007][T10746] loop1: detected capacity change from 0 to 64
[  807.895258][ T3682] usb 3-1: 0:2 : does not exist
[  807.900224][ T3682] usb 3-1: unit 5 not found!
[  807.940658][ T3682] usb 3-1: USB disconnect, device number 23
[  808.169093][T10668] udevd[10668]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  809.440639][ T3743] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  809.690634][ T3743] usb 2-1: Using ep0 maxpacket: 8
[  809.810852][ T3743] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  809.824471][ T3743] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  809.849209][ T3743] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  809.873623][ T3743] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  810.070451][ T3743] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  810.160658][ T3743] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  810.169722][ T3743] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  810.480656][ T3743] usb 2-1: GET_CAPABILITIES returned 0
[  810.486346][ T3743] usbtmc 2-1:16.0: can't read capabilities
[  810.663260][T10772] loop3: detected capacity change from 0 to 32768
[  810.690913][T10772] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.1310 (10772)
[  810.742884][T10772] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  810.764166][ T3743] usb 2-1: USB disconnect, device number 20
[  810.825797][T10772] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  810.862355][T10772] BTRFS info (device loop3): using free space tree
[  810.892450][T10781] loop2: detected capacity change from 0 to 32768
[  810.947448][T10781] 
[  810.947448][T10781]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  810.947448][T10781] 
[  811.050617][T10772] BTRFS info (device loop3): enabling ssd optimizations
[  811.051495][T10781] 
[  811.051495][T10781]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  811.051495][T10781] 
[  811.071514][T10781] 
[  811.071514][T10781]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  811.071514][T10781] 
[  811.085061][T10781] 
[  811.085061][T10781]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  811.085061][T10781] 
[  811.097457][T10781] 
[  811.097457][T10781]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  811.097457][T10781] 
[  811.136805][T10781] 
[  811.136805][T10781]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  811.136805][T10781] 
[  811.163183][T10781] 
[  811.163183][T10781]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  811.163183][T10781] 
[  811.190865][T10781] 
[  811.190865][T10781]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  811.190865][T10781] 
[  811.213070][T10781] 
[  811.213070][T10781]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  811.213070][T10781] 
[  811.274312][T10781] 
[  811.274312][T10781]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  811.274312][T10781] 
[  811.384242][ T7749] 
[  811.384242][ T7749]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  811.384242][ T7749] 
[  811.400658][ T7749] 
[  811.400658][ T7749]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  811.400658][ T7749] 
[  812.608314][   T11] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared)
[  812.658447][T10807] loop2: detected capacity change from 0 to 4096
[  812.722358][ T7626] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  813.020849][ T3743] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  813.189648][T10816] netlink: 'syz.0.1317': attribute type 13 has an invalid length.
[  813.221355][T10816] netlink: 24859 bytes leftover after parsing attributes in process `syz.0.1317'.
[  813.284074][ T3743] usb 2-1: Using ep0 maxpacket: 8
[  813.396565][T10826] loop2: detected capacity change from 0 to 64
[  813.403637][ T3743] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  813.416444][ T3743] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  813.465328][ T3743] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  813.789311][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  813.805041][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  813.871959][T10827] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1321'.
[  814.251908][ T3743] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  814.306649][ T3743] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  814.422857][ T3743] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  815.165331][ T3743] usb 2-1: GET_CAPABILITIES returned 0
[  815.179880][ T3743] usbtmc 2-1:16.0: can't read capabilities
[  815.480758][ T9437] usb 2-1: USB disconnect, device number 21
[  816.879713][T10859] netlink: 'syz.1.1332': attribute type 29 has an invalid length.
[  816.925961][T10859] netlink: 'syz.1.1332': attribute type 29 has an invalid length.
[  816.975177][T10860] netlink: 'syz.1.1332': attribute type 29 has an invalid length.
[  817.015649][T10859] netlink: 'syz.1.1332': attribute type 29 has an invalid length.
[  817.047153][T10859] netlink: 'syz.1.1332': attribute type 29 has an invalid length.
[  817.050331][T10862] loop2: detected capacity change from 0 to 256
[  817.964999][T10857] loop3: detected capacity change from 0 to 32768
[  818.031842][T10857] 
[  818.031842][T10857]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  818.031842][T10857] 
[  818.128129][T10857] read_mapping_page failed!
[  818.172029][T10857] ERROR: (device loop3): txCommit: 
[  818.172029][T10857] 
[  818.380237][    T9] 
[  818.380237][    T9]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  818.380237][    T9] 
[  818.432755][    T9] 
[  818.432755][    T9]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  818.432755][    T9] 
[  819.193096][ T3653] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  819.210610][ T3653] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  819.219960][ T3653] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  819.230125][ T3653] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  819.237806][ T3653] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  819.247219][ T3646] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  819.335653][ T7626] 
[  819.335653][ T7626]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  819.335653][ T7626] 
[  819.379657][  T132] 
[  819.379657][  T132]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  819.379657][  T132] 
[  819.428879][ T7626] 
[  819.428879][ T7626]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  819.428879][ T7626] 
[  819.486079][T10885] loop1: detected capacity change from 0 to 64
[  819.849742][T10881] chnl_net:caif_netlink_parms(): no params data found
[  820.864408][T10888] loop2: detected capacity change from 0 to 32768
[  820.864696][T10881] bridge0: port 1(bridge_slave_0) entered blocking state
[  820.884684][T10881] bridge0: port 1(bridge_slave_0) entered disabled state
[  820.912213][T10881] device bridge_slave_0 entered promiscuous mode
[  820.922723][    C1] eth0: bad gso: type: 1, size: 1408
[  820.930013][T10881] bridge0: port 2(bridge_slave_1) entered blocking state
[  820.967219][T10881] bridge0: port 2(bridge_slave_1) entered disabled state
[  820.981532][    C1] eth0: bad gso: type: 1, size: 1408
[  821.009897][T10888] read_mapping_page failed!
[  821.016206][T10881] device bridge_slave_1 entered promiscuous mode
[  821.032658][T10888] ERROR: (device loop2): txCommit: 
[  821.032658][T10888] 
[  821.064200][  T132] BUG at fs/jfs/jfs_txnmgr.c:931 assert(mp->nohomeok > 0)
[  821.071787][  T132] ------------[ cut here ]------------
[  821.077365][  T132] kernel BUG at fs/jfs/jfs_txnmgr.c:931!
[  821.125202][  T132] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  821.131488][  T132] CPU: 1 PID: 132 Comm: jfsCommit Not tainted 6.1.106-syzkaller #0
[  821.139396][  T132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  821.149657][  T132] RIP: 0010:txUnlock+0xc6e/0xca0
[  821.154611][  T132] Code: f8 a2 98 07 0f 0b e8 a1 de 7f fe 48 c7 c7 c0 f8 44 8b 48 c7 c6 b9 f4 44 8b ba a3 03 00 00 48 c7 c1 a0 05 45 8b e8 d2 a2 98 07 <0f> 0b e8 7b de 7f fe 48 c7 c7 c0 f8 44 8b 48 c7 c6 b9 f4 44 8b ba
[  821.174228][  T132] RSP: 0018:ffffc9000262fd08 EFLAGS: 00010246
[  821.180308][  T132] RAX: 0000000000000037 RBX: 0000000000000000 RCX: 6a377155da295000
[  821.188292][  T132] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  821.196265][  T132] RBP: ffff88804d220ba0 R08: ffffffff816e3dfc R09: fffff520004c5f41
[  821.204244][  T132] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888021eb89d0
[  821.212223][  T132] R13: ffff888066ee0a94 R14: ffffc90002882000 R15: dffffc0000000000
[  821.220348][  T132] FS:  0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[  821.229288][  T132] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  821.235882][  T132] CR2: 00007fc4a18f5d58 CR3: 000000007d247000 CR4: 00000000003506e0
[  821.243862][  T132] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  821.251834][  T132] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  821.259805][  T132] Call Trace:
[  821.263082][  T132]  <TASK>
[  821.266016][  T132]  ? __die_body+0x5e/0xa0
[  821.270358][  T132]  ? die+0x83/0xb0
[  821.274085][  T132]  ? do_trap+0x11e/0x350
[  821.278349][  T132]  ? txUnlock+0xc6e/0xca0
[  821.282689][  T132]  ? txUnlock+0xc6e/0xca0
[  821.287029][  T132]  ? do_error_trap+0x13d/0x1e0
[  821.291799][  T132]  ? txUnlock+0xc6e/0xca0
[  821.296134][  T132]  ? do_int3+0x30/0x30
[  821.300215][  T132]  ? report_bug+0x3e0/0x500
[  821.304731][  T132]  ? rcu_is_watching+0x11/0xb0
[  821.309936][  T132]  ? handle_invalid_op+0x2c/0x40
[  821.314878][  T132]  ? txUnlock+0xc6e/0xca0
[  821.319214][  T132]  ? exc_invalid_op+0x2f/0x40
[  821.323896][  T132]  ? asm_exc_invalid_op+0x16/0x20
[  821.328928][  T132]  ? __wake_up_klogd+0xcc/0x100
[  821.333826][  T132]  ? txUnlock+0xc6e/0xca0
[  821.338158][  T132]  ? txUnlock+0xc6e/0xca0
[  821.342491][  T132]  ? lockdep_hardirqs_on+0x94/0x130
[  821.347689][  T132]  jfs_lazycommit+0x5d0/0xb60
[  821.352366][  T132]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  821.358269][  T132]  ? lockdep_hardirqs_on+0x94/0x130
[  821.363478][  T132]  ? txFreelock+0x580/0x580
[  821.367990][  T132]  ? do_task_dead+0xd0/0xd0
[  821.372678][  T132]  ? _raw_spin_unlock+0x40/0x40
[  821.377535][  T132]  ? __kthread_parkme+0x168/0x1c0
[  821.382567][  T132]  kthread+0x28d/0x320
[  821.386636][  T132]  ? txFreelock+0x580/0x580
[  821.391150][  T132]  ? kthread_blkcg+0xd0/0xd0
[  821.395740][  T132]  ret_from_fork+0x1f/0x30
[  821.400168][  T132]  </TASK>
[  821.403184][  T132] Modules linked in:
SYZFAIL: failed to send rpc
fd=3 want=56 sent=0 n=-1 (errno 32: Broken pipe)
[  822.292046][T10881] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  822.327322][T10881] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  822.335123][ T3651] Bluetooth: hci3: command tx timeout
[  822.667485][  T132] ---[ end trace 0000000000000000 ]---
[  822.674863][  T132] RIP: 0010:txUnlock+0xc6e/0xca0
[  822.677585][  T154] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  822.679809][  T132] Code: f8 a2 98 07 0f 0b e8 a1 de 7f fe 48 c7 c7 c0 f8 44 8b 48 c7 c6 b9 f4 44 8b ba a3 03 00 00 48 c7 c1 a0 05 45 8b e8 d2 a2 98 07 <0f> 0b e8 7b de 7f fe 48 c7 c7 c0 f8 44 8b 48 c7 c6 b9 f4 44 8b ba
[  822.715966][  T132] RSP: 0018:ffffc9000262fd08 EFLAGS: 00010246
[  822.736654][  T132] RAX: 0000000000000037 RBX: 0000000000000000 RCX: 6a377155da295000
[  822.756701][  T132] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  822.780293][  T132] RBP: ffff88804d220ba0 R08: ffffffff816e3dfc R09: fffff520004c5f41
[  822.791825][  T132] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888021eb89d0
[  822.801432][  T132] R13: ffff888066ee0a94 R14: ffffc90002882000 R15: dffffc0000000000
[  822.809522][  T132] FS:  0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[  822.818534][  T132] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  822.825791][  T132] CR2: 000056343cb876d8 CR3: 0000000028f50000 CR4: 00000000003506e0
[  822.834192][  T132] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  822.842246][  T132] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  822.850398][  T132] Kernel panic - not syncing: Fatal exception
[  822.856575][  T132] Kernel Offset: disabled
[  822.860885][  T132] Rebooting in 86400 seconds..