last executing test programs:

2m20.081088181s ago: executing program 4 (id=35):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000000010104070000000000000002000000240001801400018008000100e000000108000200e00000010c0002800500010000000000100005800a"], 0x48}}, 0x0)

2m19.755479459s ago: executing program 4 (id=40):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000280)=ANY=[@ANYBLOB="1b0204"], 0x18)
setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000140)=@fragment={0xb6, 0x0, 0x92, 0x0, 0x0, 0x1b, 0x65}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x400c0, &(0x7f0000000040)={0xa, 0xcaa1, 0xffffff7c, @empty, 0xd}, 0x1c)

2m19.45869576s ago: executing program 4 (id=44):
syz_mount_image$xfs(&(0x7f0000009800), &(0x7f00000004c0)='./bus\x00', 0x1000000, &(0x7f0000000280)={[{@pqnoenforce}, {@noquota}, {@nouuid}, {@usrquota}, {@pquota}, {@pqnoenforce}, {@nodiscard}]}, 0x1, 0x9895, &(0x7f0000009840)="$eJzs3QXYZHXhsP9nl6UbCwNZGotuDEJBBAEJKSWkJQWUMAARBEQBSUERUKREkBKR7u7u7u7mfy27q+t6g/p/f+8PX+/7vq5n55kzZ85+5/uZc/YZzsPMiossu9DAwCQDwxt5+bcOfenjR2/50kI7HXvdES8uevjiR49YPNbwiyFDR1xONeJy6oGBgUEjtjNo+LLBQ048afDAOAMDg0fd7gTjjj9ogoGBtUZcXWDE5dzDLya8euR6b44WD3TYMAbtOvxr+F86MDAw7rBvnh6YeYVRtzNiXLP8wwOVtuKCiy7yN6u/ug2bvyEjvh/1a6zhXxNeOjAw4SUD/PwY9O4+orf+/kn2Pn+lld/lcfw/0YoLLrrYaP7D9sUxRiybe9g+Pvo+aGz05/nQuW8feQwahAfO/0daccFFlhh4++P8wKpvHLT5m28dNwePNzAwePyBgcETDAwMnnBgYPBEAwODJ363Xer/rHf1yVdVVVXvSgsuNPtCw17vjfbzwDgjf66lnwtXeX2p2wcGBsYcvs7guUa+Fqyqqqqqqqqq/8wWXGj2heH1/yTv9Pr/hFNfmbHX/1VVVVVVVVX/77TYggvNPux1/Giv/yd/p9f/293/woYjfvd/7uH3euPdfRBVVVVVVVVV9Y4t8+W3Xv+PP9rr/6Hv9Pr/ofl3eWDEeiP/u8Hro2xy0Ci/T/DqKMvHGGX9V0ZZPmSU5aOuP9bAwOAhI5a/9rfFg8cbdts/rj94kmHjHrH85VGWz/K3/795yLSjLJ91lOXTj7J8thFjHbZ8hlGWzznK+jP+K3NbVVVVVVVVVVVVVVVVVVX1v9Ubj596xt/e8/2jA6O8f/tf38d9xO8FDDrurKuuetcG+p/RoH/8fYjt3u0x/Z82zHmco4YODGy8/Ls9lHoXerc/r6He3fJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3Fvc/7/r+//P8Xha438f+bnPnT3KSca9b7rj/L9OP+ro37X+m89/z+w/qCBgRG+kwxzXXLBZZabcWBgYKIpdz90joG/3jbPsNvmn2yMEW+QMPxtEKYbwhvebsSnom83YtUR2zjure0v9uYhYwwabRCjNOnJhx223oovzjH65fRv/zgGj/zmfRdvtfDI97IYPNpKb/c8Hbn9kY9ldOcRY59x2Nhn3mKjTWfefOttPrX+Rmusu/a6a28879xzzzPn3HPNO9vM66y/4dqzDP/z7eZs6Ft/TvOvzNnko8/Z4wuOOmejP7a3m7Oh7zxnb21x7L1W22DknI0+tH82Z9O885wNXX/EXzRk6JgDq781N4MGBoZMO+bAVsOuzDr2wMCQ6UasO/mwdT892eCBgT3+9kCHfTf2X5+Dg7Ybts6Kiyy70N8+dv8fP37/bT7PfqzhF0NGTMmQqUZcTj38r5lk4G9PxcFDTjxp8LDH/nfTPMG44w+aYGBgrRFXFxhxOe+IW68Yud7bfM76aAN9621Wdh3+9VePcYd9c8zSE9846nbehuB/ov9f//7/g9c8g/46UYNGfI1YZ7jXgosu9re/661pWGDke8IM+7dlmMn/wcfY/9P+YbxDx3nrTW7fbrzv8L64wx8/PL+mf/Tcof9T74vLx44l3vpz6L9y7Bh452PHGH/79m9L1758itGPHYu//RD/br8YOUdjj7bS2x07Ztx/wW3fOja987FjifVHfNDQ344dgwcGhkwz8tgx7EAy/ZgDewy7MtuwKzOMOXDEsCuzv3Vl3IGzhl2Zac1NNlxr0Ftv2zNiu7MM2+4Ckw1668FfNfOCR4+x95tvTjtiLLOMdmAd8fwYOuq/jwtONnzaRt6XtnvXFsNvm37Edmf9N7Y78r603Xk2G37bDCO2O9to2x3jHbY78r4j94dhq761P8w46O9+8RP230VG238HjTysj3KXkV9jDf+a8NKRnw0F+8u/ddyh/XeSdxjvO3yuFT7fhi3bYcnLT/2f+lwrGu847zzet/sc7rcd7wbjbrXU/8B4B40y3r97nm063/Dnyowjnmdz/hvP35H3Hf04NuZbtw5nmPFfOY4t8A/Hse3HGDza4Efp7X4GWgvWH/795H/d2rxHjjHxyLkfc7Tt/rOfgWZ85+PYJOuPdr9FDh4YRHP+0GOHrTf2P5nzMQf+/mf1kXM+8r7vNOcz/OOcD/qHOZ/nnef8X/25c8Zpht8+xjvM+eCdN19y5JyP9W/O+Qz/7pwvMDAGzfkeBwyft3c6nr7dnI+879/P+ZCBLwwMDEw7Ys6n/1ee57P8zzzPx4P1h39//18XXTzF6buNcowZ9O/M+fT/7pwP/evzfNq3bpt68MBYYw1stcYWW2w26/A/R16dbfiffCx66r7h8/xO/5a+ndHI+77TfjHtv2I09H/G6END/nH9kS86Rl5f/qxjJv3/eyya9t8zGrTIAB+LTrlw+Ly9089FbzfnI+9L/w4OHeX+o7+ue4f3o8THNGzZfvvvc9vITY64W+9H+a/3d0/bkf+Nb/3RD/L131r//d9d/u7yd5e/u/zFvc35/7++//9Dkyz76IgXyWPuOd+6a77b432X+68+/z/C9+/O/6+57nx7DnspOOK2dzw/O3yd/8jzs3MPv5jw6pHrjX5+kAf69udnZ9hrpmUG/nfOz/7/auS++i+8ju/47y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8hf3Nuf/R/6O8tADX79vuxEnQsfcd581X3+3x/su9199/n+E79+d/399zX32HTzw19ve8fz/8HUc5/+XOnDvkwb+g8//j9xXO/9f/6T83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y1/c25z/X2Dk7wHMtdo6u478fYCNZ/3cju/2eN/l/lvP//f5/946/rvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zFjTj/PzDaxzou3fMCg/P//2/3Nv5fyR+z+C+TP2bxXzZ/zOK/XP6YxX/5/DGL/1fzxyz+K+SPWfxXzB+z+K+UP2bxXzl/zOK/Sv6Yxf9r+WMW/6/nj1n8V80fs/ivlj9m8V89f8ziv0b+mMX/G/ljFv8188cs/mvlj1n8184fs/ivkz9m8V83f8ziv17+mMV//fwxi/8388cs/hvkj1n8N8wfs/hvlD9m8d84f8ziv0n+mMV/0/wxi/+38scs/pvlj1n8N88fs/hvkT9m8f92/pjF/zv5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvH/bv6Yxf97+WMW/++P7r/i5v+74/oPzeL/g/Z/zOK/bf6YxX+7/DGL//b5Yxb/H+aPWfx3yB+z+P8of8ziv2P+mMV/p/wxi/+P88cs/jvnj1n8d8kfs/jvmj9m8f9J/pjFf7f8MYv/T/PHLP4/yx+z+O+eP2bx3yN/zOK/Z/6Yxf/n+WMW/73yxyz+e+ePWfz3yR+z+O+bP2bx3y9/zOK/f/6Yxf8X+WMW/wPyxyz+B+aPWfx/mT9m8f9V/pjF/6D8MYv/r/PHLP4H549Z/A/JH7P4H5o/ZvH/Tf6Yxf+3+WMW/8Pyxyz+v8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/9/nj1n8j8kfs/j/IX/M4n9s/pjF/7j8MYv/H/PHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/0/5Yxb/U/LHLP5/zh+z+J+aP2bx/0v+mMX/tPwxi//p+WMW/zPyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/hfnT9m8b8mf8zif23+mMX/uvwxi//1+WMW/xvyxyz+N+aPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/g/mj1n8H8ofs/g/nD9m8X8kf8zi/2j+mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljFv838scs/m/mj0n8Bw3kj1n8B+WPWfwH549Z/MfIH7P4D8kfs/iPmT9m8R8rf8ziP3b+mMV/nPwxi/+4+WMW//Hyxyz+4+ePWfwnyB+z+E+YP2bxnyh/zOI/cf6YxX+S/DGL/6T5Yxb/yfLHLP7vyR+z+L83f8zi/778MYv/+/PHLP4fyB+z+E+eP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bxnyJ/zOL/0fwxi/+U+WMW/6H5Yxb/qfLHLP5T549Z/KfJH7P4T5s/ZvGfLn/M4j99/pjFf4b8MYv/jPljFv+P5Y9Z/D+eP2bx/0T+mMX/k/ljFv9P5Y9Z/GfKH7P4z5w/ZvGfJX/M4j9r/pjFf7b8MYv/7PljFv858scs/nPmj1n858ofs/jPnT9m8Z8nf8ziP2/+mMV/vvwxi//8+WMW/0/nj1n8P5M/ZvH/bP6Yxf9z+WMW/wXyxyz+C+aPWfwXyh+z+C+cP2bx/3z+mMX/C/ljFv9F8scs/ovmj1n8v5g/ZvFfLH/M4v+l/DGL/+L5Yxb/JfLHLP5fzh+z+C+ZP2bxXyp/zOK/dP6Yxf8r+WMW/2Xyxyz+y+aPWfyXyx+z+C+fP2bx/2r+mMV/hfwxi/+K+WMW/5Xyxyz+K+ePWfxXyR+z+H8tf8zi//X8MYv/qvljFv/V8scs/qvnj1n818gfs/h/I3/M4r9m/pjFf638MYv/2vljFv918scs/uvmj1n818sfs/ivnz9m8f9m/pjFf4P8MYv/hvljFv+N8scs/hvnj1n8N8kfs/hvmj9m8f9W/pjFf7P8MYv/5vljFv8t8scs/t/OH7P4fyd/zOK/Zf6YxX+r/DGL/9b5Yxb/bfLHLP7fzR+z+H8vf8zi//38MYv/D/LHLP7b5o9Z/LfLH7P4b58/ZvH/Yf6YxX+H/DGL/4/yxyz+O+aPWfx3yh+z+P84f8ziv3P+mMV/l/wxi/+u+WMW/5/kj1n8d8sfs/j/NH/M4v+z/DGL/+75Yxb/PfLHLP575o9Z/H+eP2bx3yt/zOK/d/6YxX+f/DGL/775Yxb//fLHLP77549Z/H+RP2bxPyB/zOJ/YP6Yxf+X+WMW/1/lj1n8D8ofs/j/On/M4n9w/pjF/5D8MYv/ofljFv/f5I9Z/H+bP2bxPyx/zOL/u/wxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bx/33+mMX/mPwxi/8f8scs/sfmj1n8j8sfs/j/MX/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8/5Q/ZvE/JX/M4v/n/DGL/6n5Yxb/v+SPWfxPyx+z+J+eP2bxPyN/zOJ/Zv6Yxf+s/DGL/9n5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4n9h/pjF/6L8MYv/xfljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/4y3/sd+tUf3HZvG/s/0fs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+D+SPWfwfzB+z+D+UP2bxfzh/zOL/SP6Yxf/R/DGL/2P5Yxb/x/PHLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+T+L/1bf7/mMV/UP6YxX9w/pjFf4z8MYv/kPwxi/+Y+WMW/7Hyxyz+Y+ePWfzHyR+z+I+bP2bxHy9/zOI/fv6YxX+C/DGL/4T5Yxb/ifLHLP4T549Z/CfJH7P4T5o/ZvGfLH/M4v+e/DGL/3vzxyz+78sfs/i/P3/M4v+B/DGL/+T5Yxb/D+aPWfw/lD9m8f9w/pjF/yP5Yxb/KfLHLP4fzR+z+E+ZP2bxH5o/ZvGfKn/M4j91/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9Y/pjF/+P5Yxb/T+SPWfw/mT9m8f9U/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8Z8sfs/jPnj9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bx/3T+mMX/M/ljFv/P5o9Z/D+XP2bxXyB/zOK/YP6YxX+h/DGL/8L5Yxb/z+ePWfy/kD9m8V8kf8ziv2j+mMX/i/ljFv/F8scs/l/KH7P4L54/ZvFfIn/M4v/l/DGL/5L5Yxb/pfLHLP5L549Z/L+SP2bxXyZ/zOK/bP6YxX+5/DGL//L5Yxb/r+aPWfxXyB+z+K+YP2bxXyl/zOK/cv6YxX+V/DGL/9fyxyz+X88fs/ivmj9m8V8tf8ziv3r+mMV/jfwxi/838scs/mvmj1n818ofs/ivnT9m8V8nf8ziv27+mMV/vfwxi//6+WMW/2/mj/2d/8Tv9mj+B3ob/w3yxyz7/4b5Yxb/jfLHLP4b549Z/DfJH7P4b5o/ZvH/Vv6YxX+z/DGL/+b5Yxb/LfLHLP7fzh+z+H8nf8ziv2X+mMV/q/wxi//W+WMW/23yxyz+380fs/h/L3/M4v/9/DGL/w/yxyz+2+aPWfy3yx+z+G+fP2bx/2H+mMV/h/wxi/+P8scs/jvmj1n8d8ofs/j/OH/M4r9z/pjFf5f8MYv/rvljFv+f5I9Z/HfLH7P4/zR/zOL/s/wxi//u+WMW/z3yxyz+e+aPWfx/nj9m8d8rf8ziv3f+mMV/n/wxi/+++WMW//3yxyz+++ePWfx/kT9m8T8gf8zif2D+mMX/l/ljFv9f5Y9Z/A/KH7P4/zp/zOJ/cP6Yxf+Q/DGL/6H5Yxb/3+SPWfx/mz9m8T8sf8zi/7v8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8f99/pjF/5j8MYv/H/LHLP7H5o9Z/I/LH7P4/zF/zOJ/fP6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/P+UP2bxPyV/zOL/5/wxi/+p+WMW/7/kj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/rPwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOJ/Yf6Yxf+i/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/1fljFv9r8scs/tfmj1n8r8sfs/hfnz9m8b8hf8zif2P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/6Yxf+u/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+WMW/2fyxyz+z+aPWfyfyx+z+D+fP2bxfyF/zOL/Yv6Yxf+l/DGL/8v5Yxb/V/LHLP6v5o9Z/F/LH7P4v54/ZvF/I3/M4v9m/pjEf4yB/DGL/6D8MYv/4Pwxi/8Y+WMW/yH5Yxb/MfPHLP5j5Y9Z/MfOH7P4j5M/ZvEfN3/M4j9e/pjFf/z8MYv/BPljFv8J88cs/hPlj1n8J84fs/hPkj9m8Z80f8ziP1n+mMX/PfljFv/35o9Z/N+XP2bxf3/+mMX/A/ljFv/J88cs/h/MH7P4fyh/zOL/4fwxi/9H8scs/lPkj1n8P5o/ZvGfMn/M4j80f8ziP1X+mMV/6vwxi/80+WMW/2nzxyz+0+WPWfynzx+z+M+QP2bxnzF/zOL/sfwxi//H88cs/p/IH7P4fzJ/zOL/qfwxi/9M+WMW/5nzxyz+s+SPWfxnzR+z+M+WP2bxnz1/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4v/p/DGL/2fyxyz+n80fs/h/Ln/M4r9A/pjFf8H8MYv/QvljFv+F88cs/p/PH7P4fyF/zOK/SP6YxX/R/DGL/xfzxyz+i+WPWfy/lD9m8V88f8ziv0T+mMX/y/ljFv8l88cs/kvlj1n8l84fs/h/5W/+r7w5vHdleP9pWfyXaf/HLP7L5o9Z/JfLH7P4L58/ZvH/av6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/FfJH7P4fy1/zOL/9fwxi/+q+WMW/9Xyxyz+q+ePWfzXyB+z+H8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfzXyx+z+K+fP2bx/2b+mMV/g/wxi/+G+WMW/43yxyz+G+ePWfw3yR+z+G+aP2bx/1b+mMV/s/wxi//m+WMW/y3yxyz+384fs/h/J3/M4r9l/pjFf6v8MYv/1vljFv9t8scs/t/NH7P4fy9/zOL//fwxi/8P8scs/tvmj1n8t8sfs/hvnz9m8f9h/pjFf4f8MYv/j/LHLP475o9Z/HfKH7P4/zh/zOK/c/6YxX+X/DGL/675Yxb/n+SPWfx3yx+z+P80f8zi/7P8MYv/7vljFv898scs/nvmj1n8f54/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8f5E/ZvE/IH/M4n9g/pjF/5f5Yxb/X+WPWfwPyh+z+P86f8zif3D+mMX/kPwxi/+h+WMW/9/kj1n8f5s/ZvE/LH/M4v+7/DGL/+H5Yxb/I/LHLP5H5o9Z/I/KH7P4H50/ZvH/ff6Yxf+Y/DGL/x/yxyz+x+aPWfyPyx+z+P8xf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfz/lD9m8T8lf8zi/+f8MYv/qfljFv+/5I9Z/E/LH7P4n54/ZvE/I3/M4n9m/pjF/6z8MYv/2fljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zif2H+mMX/ovwxi//F+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P271H/edb7b4P2H1/ydZ/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+T+A8ZyB+z+A/KH7P4D84fs/iPkT9m8R+SP2bxHzN/zOI/Vv6YxX/s/DGL/zj5Yxb/cfPHLP7j5Y9Z/MfPH7P4T5A/ZvGfMH/M4j9R/pjFf+L8MYv/JPljFv9J88cs/pPlj1n835M/ZvF/b/6Yxf99+WMW//fnj1n8P5A/ZvGfPH/M4v/B/DGL/4fyxyz+H84fs/h/JH/M4j9F/pjF/6P5Yxb/KfPHLP5D88cs/lPlj1n8p84fs/hPkz9m8Z82f8ziP13+mMV/+vwxi/8M+WMW/xnzxyz+H8sfs/h/PH/M4v+J/DGL/yfzxyz+n8ofs/jPlD9m8Z85f8ziP0v+mMV/1vwxi/9s+WMW/9nzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP6fzh+z+H8mf8zi/9n8MYv/5/LHLP4L5I9Z/BfMH7P4L5Q/ZvFfOH/M4v/5/DGL/xfyxyz+i+SPWfwXzR+z+H8xf8ziv1j+mMX/S/ljFv/F88cs/kvkj1n8v5w/ZvFfMn/M4r9U/pjFf+n8MYv/V/LHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4v/V/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4r5I/ZvH/Wv6Yxf/r+WMW/1Xzxyz+q+WPWfxXzx+z+K+RP2bx/0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+K+XP2bxXz9/zOL/zfwxi/8G+WMW/w3zxyz+G+WPWfw3zh+z+G+SP2bx3zR/zOL/rfwxi/9m+WMW/83zxyz+W+SPWfy/nT9m8f9O/pjFf8v8MYv/VvljFv+t88cs/tvkj1n8v5s/ZvH/Xv6Yxf/7+WMW/x/kj1n8t80fs/hvlz9m8d8+f8zi/8P8MYv/DvljFv8f5Y9Z/HfMH7P475Q/ZvH/cf6YxX/n/DGL/y75Yxb/XfPHLP4/yR+z+O+WP2bx/2n+mMX/Z/ljFv/d88cs/nvkj1n898wfs/j/PH/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/j/In/M4n9A/pjF/8D8MYv/L/PHLP6/yh+z+B+UP2bx/3X+mMX/4Pwxi/8h+WMW/0Pzxyz+v8kfs/j/Nn/M4n9Y/pjF/3f5Yxb/w/PHLP5H5I9Z/I/MH7P4H5U/ZvE/On/M4v/7/DGL/zH5Yxb/P+SPWfyPzR+z+B+XP2bx/2P+mMX/+Pwxi/8J+WMW/xPzxyz+J+WPWfxPzh+z+P8pf8zif0r+mMX/z/ljFv9T88cs/n/JH7P4n5Y/ZvE/PX/M4n9G/pjF/8z8MYv/WfljFv+z88cs/ufkj1n8z80fs/iflz9m8T8/f8zif0H+mMX/wvwxi/9F+WMW/4vzxyz+l+SPWfwvzR+z+F+WP2bxvzx/zOJ/Rf6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6Yxf/N/DGJ/5gD+WMW/0H5Yxb/wfljFv8x8scs/kPyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/bv6YxX+8/DGL//j5Yxb/CfLHLP4T5o9Z/CfKH7P4T5w/ZvGfJH/M4j9p/pjFf7L8MYv/e/LHLP7vzR+z+L8vf8zi//78MYv/B/LHLP6T549Z/D+YP2bx/1D+mMX/w/ljFv+P5I9Z/KfIH7P4fzR/zOI/Zf6YxX9o/pjFf6r8MYv/1PljFv9p8scs/tPmj1n8p8sfs/hPnz9m8Z8hf8ziP2P+mMX/Y/ljFv+P549Z/D+RP2bx/2T+mMX/U/ljFv+Z8scs/jPnj1n8Z8kfs/jPmj9m8Z8tf8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6Yxf/T+WMW/8/kj1n8P5s/ZvH/XP6YxX+B/DGL/4L5Yxb/hfLHLP4L549Z/D+fP2bx/0L+mMV/kfwxi/+i+WMW/y/mj1n8F8sfs/h/KX/M4r94/pjFf4n8MYv/l/PHLP5L5o9Z/JfKH7P4L50/ZvH/Sv6YxX+Z/DGL/7L5Yxb/5fLHLP7L549Z/L+aP2bxXyF/zOK/Yv6YxX+l/DGL/8r5Yxb/VfLHLP5fyx+z+H89f8ziv2r+mMV/tfwxi//q+WMW/zXyxyz+38gfs/ivmT9m8V8rf8ziv3b+mMV/nfwxi/+6+WMW//Xyxyz+6+ePWfy/mT9m8d8gf8ziv2H+mMV/o/wxi//G+WMW/03yxyz+m+aPWfy/lT9m8d8sf8ziv3n+mMV/i/wxi/+388cs/t/JH7P4b5k/ZvHfKn/M4r91/pjFf5v8MYv/d/PHLP7fyx+z+H8/f8zi/4P8MYv/tvljFv/t8scs/tvnj1n8f5g/ZvHfIX/M4v+j/DGL/475Yxb/nfLHLP4/zh+z+O+cP2bx3yV/zOK/a/6Yxf8n+WMW/93yxyz+P80fs/j/LH/M4r97/pjFf4/8MYv/nvljFv+f549Z/PfKH7P4750/ZvHfJ3/M4r9v/pjFf7/8MYv//vljFv9f5I9Z/A/IH7P4H5g/ZvH/Zf6Yxf9X+WMW/4Pyxyz+v84fs/gfnD9m8T8kf8zif2j+mMX/N/ljFv/f5o9Z/A/LH7P4/y5/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/H+fP2bxPyZ/zOL/h/wxi/+x+WMW/+Pyxyz+f8wfs/gfnz9m8T8hf8zif2L+mMX/pPwxi//J+WMW/z/lj1n8T8kfs/j/OX/M4n9q/pjF/y/5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxi/+r+WMW/9fyxyz+r+ePWfzfyB+z+L+ZPybxH2sgf8ziPyh/zOI/OH/M4j9G/pjFf0j+mMV/zPwxi/9Y+WMW/7Hzxyz+4+SPWfzHzR+z+I+XP2bxHz9/zOI/Qf6YxX/C/DGL/0T5Yxb/ifPHLP6T5I9Z/CfNH7P4T5Y/ZvF/T/6Yxf+9+WMW//flj1n8358/ZvH/QP6YxX/y/DGL/wfzxyz+H8ofs/h/OH/M4v+R/DGL/xT5Yxb/j+aPWfynzB+z+A/NH7P4T5U/ZvGfOn/M4j9N/pjFf9r8MYv/dPljFv/p88cs/jPkj1n8Z8wfs/h/LH/M4v/x/DGL/yfyxyz+n8wfs/h/Kn/M4j9T/pjFf+b8MYv/LPljFv9Z88cs/rPlj1n8Z88fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+8+WPWfznzx+z+H86f8zi/5n8MYv/Z/PHLP6fyx+z+C+QP2bxXzB/zOK/UP6YxX/h/DGL/+fzxyz+X8gfs/gvkj9m8V80f8zi/8X8MYv/YvljFv8v5Y9Z/BfPH7P4L5E/ZvH/cv6YxX/J/DGL/1L5Yxb/pfPHLP5fyR+z+C+TP2bxXzZ/zOK/XP6YxX/5/DGL/1fzxyz+K+SPWfxXzB+z+K+UP2bxXzl/zOK/Sv6Yxf9r+WMW/6/nj1n8V80fs/ivlj9m8V89f8ziv0b+mMX/G/ljFv8188cs/mvlj1n8184fs/ivkz9m8V83f8ziv17+mMV//fwxi/8388cs/hvkj1n8N8wfs/hvlD9m8d84f8ziv0n+mMV/0/wxi/+38scs/pvlj1n8N88fs/hvkT9m8f92/pjF/zv5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvH/bv6Yxf97+WMW/+/nj1n8f5A/ZvHfNn/M4r9d/pjFf/v8MYv/D/PHLP475I9Z/H+UP2bx3zF/zOK/U/6Yxf/H+WMW/53zxyz+u+SPWfx3zR+z+P8kf8ziv1v+mMX/p/ljFv+f5Y9Z/HfPH7P475E/ZvHfM3/M4v/z/DGL/175Yxb/vfPHLP775I9Z/PfNH7P475c/ZvHfP3/M4v+L/DGL/wH5Yxb/A/PHLP6/zB+z+P8qf8zif1D+mMX/1/ljFv+D88cs/ofkj1n8D80fs/j/Jn/M4v/b/DGL/2H5Yxb/3+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/+/zxyz+x+SPWfz/kD9m8T82f8zif1z+mMX/j/ljFv/j88cs/ifkj1n8T8wfs/iflD9m8T85f8zi/6f8MYv/KfljFv8/549Z/E/NH7P4/yV/zOJ/Wv6Yxf/0/DGL/xn5Yxb/M/PHLP5n5Y9Z/M/OH7P4n5M/ZvE/N3/M4n9e/pjF//z8MYv/BfljFv8L88cs/hflj1n8L84fs/hfkj9m8b80f8zif1n+mMX/8vwxi/8V+WMW/yvzxyz+V+WPWfyvzh+z+F+TP2bxvzZ/zOJ/Xf6Yxf/6/DGL/w35Yxb/G/PHLP435Y9Z/G/OH7P435I/ZvG/NX/M4n9b/pjF//b8MYv/HfljFv8788cs/nflj1n8784fs/jfkz9m8b83f8zif1/+mMX//vwxi/8D+WMW/wfzxyz+D+n8n931X1nL4v+wzv9fy+L/SP6Yxf/R/DGL/2P5Yxb/x/PHLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+T+I89kD9m8R+UP2bxH5w/ZvEfI3/M4j8kf8ziP2b+mMV/rPwxi//Y+WMW/3Hyxyz+4+aPWfzHyx+z+I+fP2bxnyB/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/CfLH7P4vyd/zOL/3vwxi//78scs/u/PH7P4fyB/zOI/ef6Yxf+D+WMW/w/lj1n8P5w/ZvH/SP6YxX+K/DGL/0fzxyz+U+aPWfyH5o9Z/KfKH7P4T50/ZvGfJn/M4j9t/pjFf7r8MYv/9PljFv8Z8scs/jPmj1n8P5Y/ZvH/eP6Yxf8T+WMW/0/mj1n8P5U/ZvGfKX/M4j9z/pjFf5b8MYv/rPljFv/Z8scs/rPnj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfw/nT9m8f9M/pjF/7P5Yxb/z+WPWfwXyB+z+C+YP2bxXyh/zOK/cP6Yxf/z+WMW/y/kj1n8F8kfs/gvmj9m8f9i/pjFf7H8MYv/l/LHLP6L549Z/JfIH7P4fzl/zOK/ZP6YxX+p/DGL/9L5Yxb/r+SPWfyXyR+z+C+bP2bxXy5/zOK/fP6Yxf+r+WMW/xXyxyz+K+aPWfxXyh+z+K+cP2bxXyV/zOL/tfwxi//X88cs/qvmj1n8V8sfs/ivnj9m8V8jf8zi/438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8V8vf8ziv37+mMX/m/ljFv8N8scs/hvmj1n8N8ofs/hvnD9m8d8kf8ziv2n+mMX/W/ljFv/N8scs/pvnj1n8t8gfs/h/O3/M4v+d/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4fzd/zOL/vfwxi//388cs/j/IH7P4b5s/ZvHfLn/M4r99/pjF/4f5Yxb/HfLHLP4/yh+z+O+YP2bx3yl/zOL/4/wxi//O+WMW/13yxyz+u+aPWfx/kj9m8d8tf8zi/9P8MYv/z/LHLP67549Z/PfIH7P475k/ZvH/ef6YxX+v/DGL/975Yxb/ffLHLP775o9Z/PfLH7P4758/ZvH/Rf6Yxf+A/DGL/4H5Yxb/X+aPWfx/lT9m8T8of8zi/+v8MYv/wfljFv9D8scs/ofmj1n8f5M/ZvH/bf6Yxf+w/DGL/+/yxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf/3+WMW/2Pyxyz+f8gfs/gfmz9m8T8uf8zi/8f8MYv/8fljFv8T8scs/ifmj1n8T8ofs/ifnD9m8f9T/pjF/5T8MYv/n/PHLP6n5o9Z/P+SP2bxPy1/zOJ/ev6Yxf+M/DGL/5n5Yxb/s/LHLP5n549Z/M/JH7P4n5s/ZvE/L3/M4n9+/pjF/4L8MYv/hfljFv+L8scs/hfnj1n8L8kfs/hfmj9m8b8sf8zif3n+mMX/ivwxi/+V+WMW/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfs/i/mj9m8X8tf8zi/3r+mMX/jfwxi/+b+WMS/3EG8scs/oPyxyz+g/PHLP5j5I9Z/Ifkj1n8x8wfs/iPlT9m8R87f8ziP07+mMV/3Pwxi/94+WMW//Hzxyz+E+SPWfwnzB+z+E+UP2bxnzh/zOI/Sf6YxX/S/DGL/2T5Yxb/9+SPWfzfmz9m8X9f/pjF//35Yxb/D+SPWfwnzx+z+H8wf8zi/6H8MYv/h/PHLP4fyR+z+E+RP2bx/2j+mMV/yvwxi//Q/DGL/1T5Yxb/qfPHLP7T5I9Z/KfNH7P4T5c/ZvGfPn/M4j9D/pjFf8b8MYv/x/LHLP4fzx+z+H8if8zi/8n8MYv/p/LHLP4z5Y9Z/GfOH7P4z5I/ZvGfNX/M4j9b/pjFf/b8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz9m8Z83f8ziP1/+mMV//vwxi/+n88cs/p/JH7P4fzZ/zOL/ufwxi/8C+WMW/wXzxyz+C+WPWfwXzh+z+H8+f8zi/4X8MYv/IvljFv9F88cs/l/MH7P4L5Y/ZvH/Uv6YxX/x/DGL/xL5Yxb/L+ePWfyXzB+z+C+VP2bxXzp/zOL/lfwxi/8y+WMW/2Xzxyz+y+WPWfyXzx+z+H81f8ziv0L+mMV/xfwxi/9K+WMW/5Xzxyz+q+SPWfy/lj9m8f96/pjFf9X8MYv/avljFv/V88cs/mvkj1n8v5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/uvlj1n8188fs/h/M3/M4r9B/pjFf8P8MYv/RvljFv+N88cs/pvkj1n8N80fs/h/K3/M4r9Z/pjFf/P8MYv/FvljFv9v549Z/L+TP2bx3zJ/zOK/Vf6YxX/r/DGL/zb5Yxb/7+aPWfy/lz9m8f9+/pjF/wf5Yxb/bfPHLP7b5Y9Z/LfPH7P4/zB/zOK/Q/6Yxf9H+WMW/x3zxyz+O+WPWfx//M/9t/u/Oq7/0Cz+O7f/Yxb/XfLHLP675o9Z/H+SP2bx3y1/zOL/0/wxi//P8scs/rvnj1n898gfs/jvmT9m8f95/pjFf6/8MYv/3vljFv998scs/vvmj1n898sfs/jvnz9m8f9F/pjF/4D8MYv/gfljFv9f5o9Z/H+VP2bxPyh/zOL/6/wxi//B+WMW/0Pyxyz+h+aPWfx/kz9m8f9t/pjF/7D8MYv/7/LHLP6H549Z/I/IH7P4H5k/ZvE/Kn/M4n90/pjF//f5Yxb/Y/LHLP5/yB+z+B+bP2bxPy5/zOL/x/wxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bx/1P+mMX/lPwxi/+f88cs/qfmj1n8/5I/ZvE/LX/M4n96/pjF/4z8MYv/mfljFv+z8scs/mfnj1n8z8kfs/ifmz9m8T8vf8zif37+mMX/gvwxi/+F+WMW/4vyxyz+F+ePWfwvyR+z+F+aP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP5X549Z/K/JH7P4X5s/ZvG/Ln/M4n99/pjF/4b8MYv/jfljFv+b8scs/jfnj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+d+WMW/7vyxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+L+WMW/5fyxyz+L+ePWfxfyR+z+L+aP2bxfy1/zOL/ev6Yxf+N/DGL/5v5YxL/cQfyxyz+g/LHLP6D88cs/mPkj1n8h+SPWfzHzB+z+I+VP2bxHzt/zOI/Tv6YxX/c/DGL/3j5Yxb/8fPHLP4T5I9Z/CfMH7P4T5Q/ZvGfOH/M4j9J/pjFf9L8MYv/ZPljFv/35I9Z/N+bP2bxf1/+mMX//fljFv8P5I9Z/CfPH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P4T5E/ZvH/aP6YxX/K/DGL/9D8MYv/VPljFv+p88cs/tPkj1n8p80fs/hPlz9m8Z8+f8ziP0P+mMV/xvwxi//H8scs/h/PH7P4fyJ/zOL/yfwxi/+n8scs/jPlj1n8Z84fs/jPkj9m8Z81f8ziP1v+mMV/9vwxi/8c+WMW/znzxyz+c+WPWfznzh+z+M+TP2bxnzd/zOI/X/6YxX/+/DGL/6fzxyz+n8kfs/h/Nn/M4v+5/DGL/wL5Yxb/BfPHLP4L5Y9Z/BfOH7P4fz5/zOL/hfwxi/8i+WMW/0Xzxyz+X8wfs/gvlj9m8f/Sv+I/+P/iuP5Ds/gv3v6PWfyXyB+z+H85f8ziv2T+mMV/qfwxi//S+WMW/6/kj1n8l8kfs/gvmz9m8V8uf8ziv3z+mMX/q/ljFv8V8scs/ivmj1n8V8ofs/ivnD9m8V8lf8zi/7X8MYv/1/PHLP6r5o9Z/FfLH7P4r54/ZvFfI3/M4v+N/DGL/5r5Yxb/tfLHLP5r549Z/NfJH7P4r5s/ZvFfL3/M4r9+/pjF/5v5Yxb/DfLHLP4b5o9Z/DfKH7P4b5w/ZvHfJH/M4r9p/pjF/1v5Yxb/zfLHLP6b549Z/LfIH7P4fzt/zOL/nfwxi/+W+WMW/63yx/5L/d+iHtV/6/yx/1L/txrVf5v8MYv/d/PHLP7fyx+z+H8/f8zi/4P8MYv/tvljFv/t8scs/tvnj1n8f5g/ZvHfIX/M4v+j/DGL/475Yxb/nfLHLP4/zh+z+O+cP2bx3yV/zOK/a/6Yxf8n+WMW/93yxyz+P80fs/j/LH/M4r97/pjFf4/8MYv/nvljFv+f549Z/PfKH7P4750/ZvHfJ3/M4r9v/pjFf7/8MYv//vljFv9fvKO/95lh8T9Arfz2WfwPzB+z+P8yf8zi/6v8MYv/QfljFv9f549Z/A/OH7P4H5I/ZvE/NH/M4v+b/DGL/2/zxyz+h+WPWfx/lz9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+v88fs/gfkz9m8f9D/pjF/9j8MYv/cfljFv8/5o9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/n/LHLP6n5I9Z/P+cP2bxPzV/zOL/l/wxi/9p+WMW/9Pzxyz+Z+SPWfzPzB+z+J+VP2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8r8wfs/hflT9m8b86f8zif03+mMX/2vwxi/91+WMW/+vzxyz+N+SPWfxvzB+z+N+UP2bxvzl/zOJ/S/6Yxf/W/DGL/235Yxb/2/PHLP535I9Z/O/MH7P435U/ZvG/O3/M4n9P/pjF/978MYv/ffljFv/788cs/g/kj1n8H8wfs/g/lD9m8X84f8zi/0j+mMX/0fwxi/9j+WMW/8fzxyz+T+SPWfyfzB+z+D+VP2bxfzp/zOL/TP6Yxf/Z/DGL/3P5Yxb/5/PHLP4v5I9Z/F/MH7P4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljFv/X88cs/m/kj1n838wfk/iPN5A/ZvEflD9m8R+cP2bxHyN/zOI/JH/M4j9m/pjFf6z8MYv/2PljFv9x8scs/uPmj1n8x8sfs/iPnz9m8Z8gf8ziP2H+mMV/ovwxi//E+WMW/0nyxyz+k+aPWfwnyx+z+L8nf8zi/978MYv/+/LHLP7vzx+z+H8gf8ziP3n+mMX/g/ljFv8P5Y9Z/D+cP2bx/0j+mMV/ivwxi/9H88cs/lPmj1n8h+aPWfynyh+z+E+dP2bxnyZ/zOI/bf6YxX+6/DGL//T5Yxb/GfLHLP4z5o9Z/D+WP2bx/3j+mMX/E/ljFv9P5o9Z/D+VP2bxnyl/zOI/c/6YxX+W/DGL/6z5Yxb/2fLHLP6z549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8P50/ZvH/TP6Yxf+z+WMW/8/lj1n8F8gfs/gvmD9m8V8of8ziv3D+mMX/8/ljFv8v5I9Z/BfJH7P4L5o/ZvH/Yv6YxX+x/DGL/5fyxyz+i+ePWfyXyB+z+H85f8ziv2T+mMV/qfwxi//S+WMW/6/kj1n8l8kfs/gvmz9m8V8uf8ziv3z+mMX/q/ljFv8V8scs/ivmj1n8V8ofs/ivnD9m8V8lf8zi/7X8MYv/1/PHLP6r5o9Z/FfLH7P4r54/ZvFfI3/M4v+N/DGL/5r5Yxb/tfLHLP5r549Z/NfJH7P4r5s/ZvFfL3/M4r9+/pjF/5v5Yxb/DfLHLP4b5o9Z/DfKH7P4b5w/ZvHfJH/M4r9p/pjF/1v5Yxb/zfLHLP6b549Z/LfIH7P4fzt/zOL/nfwxi/+W+WMW/63yxyz+W+ePWfy3yR+z+H83f8zi/738MYv/9/PHLP4/yB+z+G+bP2bx3y5/zOK/ff6Yxf+H+WMW/x3yxyz+P8ofs/jvmD9m8d8pf8zi/+P8MYv/zvljFv9d8scs/rvmj1n8f5I/ZvHfLX/M4v/T/DGL/8/yxyz+u+ePWfz3yB+z+O+ZP2bx/3n+mMV/r/wxi//e+WMW/33yxyz+++aPWfz3yx+z+O+fP2bx/0X+mMX/gPwxi/+B+WMW/1/mj1n8f5U/ZvE/KH/M4v/r/DGL/8H5Yxb/Q/LHLP6H5o9Z/H+TP2bx/23+mMX/sPwxi//v8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/9/ljFv9j8scs/n8Q+o/xL6xj8T9W6P+vZPE/Ln/M4v/H/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvH/U/6Yxf+U/DGL/5/zxyz+p+aPWfz/kj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL/4X5Yxb/i/LHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv+r8scs/lfnj1n8r8kfs/hfmz9m8b8uf8zif33+mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH7P4v5o/ZvF/LX/M4v96/pjF/438MYv/m/ljEv/xB/LHLP6D8scs/oPzxyz+Y+SPWfyH5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv/x88cs/hPkj1n8J8wfs/hPlD9m8Z84f8ziP0n+mMV/0vwxi/9k+WMW//fkj1n835s/ZvF/X/6Yxf/9+WMW/w/kj1n8J88fs/h/MH/M4v+h/DGL/4fzxyz+H8kfs/hPkT9m8f9o/pjFf8r8MYv/0Pwxi/9U+WMW/6nzxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/8fyxyz+H88fs/h/In/M4v/J/DGL/6fyxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOI/W/6YxX/2/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/p/PHLP6fyR+z+H82f8zi/7n8MYv/AvljFv8F88cs/gvlj1n8F84fs/h/Pn/M4v+F/DGL/yL5Yxb/RfPHLP5fzB+z+C+WP2bx/1L+mMV/8fwxi/8S+WMW/y/nj1n8l8wfs/gvlT9m8V86f8zi/5X8MYv/MvljFv9l88cs/svlj1n8l88fs/h/NX/M4r9C/pjFf8X8MYv/SvljFv+V88cs/qvkj1n8v5Y/ZvH/ev6YxX/V/DGL/2r5Yxb/1fPHLP5r5I9Z/L+RP2bxXzN/zOK/Vv6YxX/t/DGL/zr5Yxb/dfPHLP7r5Y9Z/NfPH7P4fzN/zOK/Qf6YxX/D/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4fyt/zOK/Wf6YxX/z/DGL/xb5Yxb/b+ePWfy/kz9m8d8yf8ziv1X+mMV/6/wxi/82+WMW/+/mj1n8v5c/ZvH/fv6Yxf8H+WMW/23zxyz+2+WPWfy3zx+z+P8wf8ziv0P+mMX/R/ljFv8d88cs/jvlj1n8f5w/ZvHfOX/M4r9L/pjFf9f8MYv/T/LHLP675Y9Z/H+aP2bx/1n+mMV/9/wxi/8e+WMW/z3zxyz+P88fs/jvlT9m8d87f8ziv0/+mMV/3/wxi/9++WMW//3zxyz+v8gfs/gfkD9m8T8wf8zi/8v8MYv/r/LHLP4H5Y9Z/H+dP2bxPzh/zOJ/SP6Yxf/Q/DGL/2/yxyz+v80fs/gflj9m8f9d/pjF//D8MYv/EfljFv8j88cs/kflj1n8j84fs/j/Pn/M4n9M/pjF/w/5Yxb/Y/PHLP7H5Y9Z/P+YP2bxPz5/zOJ/Qv6Yxf/E/DGL/0n5Yxb/k/PHLP5/yh+z+J+SP2bx/3P+mMX/1Pwxi/9f8scs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvG/Mn/M4n9V/pjF/+r8MYv/NfljFv9r88cs/tflj1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/lj1n8H88fs/g/kT9m8X8yf8zi/1T+mMX/6fwxi/8z+WMW/2fzxyz+z+WPWfyfzx+z+L+QP2bxfzF/zOL/Uv6Yxf/l/DGL/yv5Yxb/V/PHLP6v5Y9Z/F/PH7P4v5E/ZvF/M39M4j/BQP6YxX9Q/pjFf3D+mMV/jPwxi/+Q/DGL/5j5Yxb/sfLHLP5j549Z/MfJH7P4j6v3H4xLLf7j6f05i//4+WMW/wnyxyz+E+aPWfwnyh+z+E+cP2bxnyR/zOI/af6YxX+y/DGL/3vyxyz+780fs/i/L3/M4v/+/DGL/wfyxyz+k+ePWfw/mD9m8f9Q/pjF/8P5Yxb/j+SPWfynyB+z+H80f8ziP2X+mMV/aP6YxX+q/DGL/9T5Yxb/afLHLP7T5o9Z/KfLH7P4T58/ZvGfIX/M4j9j/pjF/2P5Yxb/j+ePWfw/kT9m8f9k/pjF/1P5Yxb/mfLHLP4z549Z/GfJH7P4z5o/ZvGfLX/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMX/0/ljFv/P5I9Z/D+bP2bx/1z+mMV/gfwxi/+C+WMW/4Xyxyz+C+ePWfw/nz9m8f9C/pjFf5H8MYv/ovljFv8v5o9Z/BfLH7P4fyl/zOK/eP6YxX+J/DGL/5fzxyz+S+aPWfyXyh+z+C+dP2bx/0r+mMV/mfwxi/+y+WMW/+Xyxyz+y+ePWfy/mj9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1Xyxyz+X8sfs/h/PX/M4r9q/pjFf7X8MYv/6vljFv818scs/t/IH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv/18scs/uvnj1n8v5k/ZvHfIH/M4r9h/pjFf6P8MYv/xvljFv9N8scs/pvmj1n8v5U/ZvHfLH/M4r95/pjFf4v8MYv/t/PHLP7fyR+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/3fzxyz+38sfs/h/P3/M4v+D/DGL/7b5Yxb/7fLHLP7b549Z/H+YP2bx3yF/zOL/o/wxi/+O+WMW/53yxyz+P84fs/jvnD9m8d8lf8ziv2v+mMX/J/ljFv/d8scs/j/NH7P4/yx/zOK/e/6YxX+P/DGL/575Yxb/n+ePWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/X+SPWfwPyB+z+B+YP2bx/2X+mMX/V/ljFv+D8scs/r/OH7P4H5w/ZvE/JH/M4n9o/pjF/zf5Yxb/3+aPWfwPyx+z+P8uf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfx/nz9m8T8mf8zi/4f8MYv/sfljFv/j8scs/n/MH7P4H58/9jf/cQf+m/1PyB+z7P8n5o9Z/E/KH7P4n5w/ZvH/U/6Yxf+U/DGL/5/zxyz+p+aPWfz/kj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzP+af+b/zfHdd/aBb/c9v/MYv/efljFv/z88cs/hfkj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88cs/nfkj1n878wfs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+D+SPWfwfzB+z+D+UP2bxfzh/zOL/SP6Yxf/R/DGL/2P5Yxb/x/PHLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+T+E84kD9m8R+UP2bxH5w/ZvEfI3/M4j8kf8ziP2b+mMV/rPwxi//Y+WMW/3Hyxyz+4+aPWfzHyx+z+I+fP2bxnyB/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/CfLH7P4vyd/zOL/3vwxi//78scs/u/PH7P4fyB/zOI/ef6Yxf+D+WMW/w/lj1n8P5w/ZvH/SP6YxX+K/DGL/0fzxyz+U+aPWfyH5o9Z/KfKH7P4T50/ZvGfJn/M4j9t/pjFf7r8MYv/9PljFv8Z8scs/jPmj1n8P5Y/ZvH/eP6Yxf8T+WMW/0/mj1n8P5U/ZvGfKX/M4j9z/pjFf5b8MYv/rPljFv/Z8scs/rPnj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfw/nT9m8f9M/pjF/7P5Yxb/z/0z/yH/l8f1H5rFf4H2f8ziv2D+mMV/ofwxi//C+WMW/8/nj1n8v5A/ZvFfJH/M4r9o/pjF/4v5Yxb/xfLHLP5fyh+z+C+eP2bxXyJ/zOL/5fwxi/+S+WMW/6Xyxyz+S+ePWfy/kj9m8V8mf8ziv2z+mMV/ufwxi//y+WMW/6/mj1n8V8gfs/ivmD9m8V8pf8ziv3L+mMV/lfwxi//X8scs/l/PH7P4r5o/ZvFfLX/M4r96/pjFf438MYv/N/LHLP5r5o9Z/NfKH7P4r50/ZvFfJ3/M4r9u/pjFf738MYv/+vljFv9v5o9Z/DfIH7P4b5g/ZvHfKH/M4r9x/pjFf5P8MYv/pvljFv9v5Y9Z/DfLH7P4b54/ZvHfIn/M4v/t/DGL/3fyxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOL/3fwxi//38scs/t/PH7P4/yB/zOK/bf6YxX+7/DGL//b5Yxb/H+aPWfx3yB+z+P8of8ziv2P+mMV/p/wxi/+P88cs/jvnj1n8d8kfs/jvmj9m8f9J/pjFf7f8MYv/T/PHLP4/yx+z+O+eP2bx3yN/zOK/Z/6Yxf/n+WMW/73yxyz+e+ePWfz3yR+z+O+bP2bx3y9/zOK/f/6Yxf8X+WMW/wPyxyz+B+aPWfx/mT9m8f9V/pjF/6D8MYv/r/PHLP4H54/9N/oPGhjYbmA0/0Pyx/4b/Wn/PzR/zOL/m/wxi/9v88cs/oflj1n8f5c/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/r/PH7P4H5M/ZvH/Q/6Yxf/Y/DGL/3H5Yxb/P+aPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/5/yxyz+p+SPWfz/nD9m8T81f8zi/5f8MYv/afljFv/T88cs/mfkj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/zz/4L/C/O67/0Cz+97b/Yxb/+/LHLP73549Z/B/IH7P4P5g/ZvF/KH/M4v9w/pjF/5H8MYv/o/ljFv/H8scs/o/nj1n8n8gfs/g/mT9m8X8qf8zi/3T+mMX/mfwxi/+z+WMW/+fyxyz+z+ePWfxfyB+z+L+YP2bxfyl/zOL/cv6Yxf+V/DGL/6v5Yxb/1/LHLP6v549Z/N/IH7P4v5k/JvGfaCB/zOI/KH/M4j84f8ziP0b+mMV/SP6YxX/M/DGL/1j5Yxb/sfPHLP7j5I9Z/MfNH7P4j5c/ZvEfP3/M4j9B/pjFf8L8MYv/RPljFv+J88cs/pPkj1n8J80fs/hPlj9m8X9P/pjF/735Yxb/9+WPWfzfnz9m8f9A/pjFf/L8MYv/B/PHLP4fyh+z+H84f8zi/5H8MYv/FPljFv+P5o9Z/KfMH7P4D80fs/hPlT9m8Z86f8ziP03+mMV/2vwxi/90+WMW/+nzxyz+M+SPWfxnzB+z+H8sf8zi//H8MYv/J/LHLP6fzB+z+H8qf8ziP1P+mMV/5vwxi/8s+WMW/1nzxyz+s+WPWfxnzx+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4fzp/zOL/mfwxi/9n88cs/p/LH7P4L5A/ZvFfMH/M4r9Q/pjFf+H8MYv/5/PHLP5fyB+z+C+SP2bxXzR/zOL/xfwxi/9i+WMW/y/lj1n8F88fs/gvkT9m8f9y/pjFf8n8MYv/UvljFv+l88cs/l/JH7P4L5M/ZvFfNn/M4r9c/pjFf/n8MYv/V/PHLP4r5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjF/2v5Yxb/r+ePWfxXzR+z+K+WP2bxXz1/zOK/Rv6Yxf8b+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOK/Xv6YxX/9/DGL/zfzxyz+G+SPWfw3zB+z+G+UP2bx3zh/zOK/Sf6YxX/T/DGL/7fyxyz+m+WPWfw3zx+z+G+RP2bx/3b+mMX/O/ljFv8t88cs/lvlj1n8t84fs/hvkz9m8f9u/pjF/3v5Yxb/7+ePWfx/kD9m8d82f8ziv13+mMV/+/wxi/8P88cs/jvkj1n8f5Q/ZvHfMX/M4r9T/pjF/8f5Yxb/nfPHLP675I9Z/HfNH7P4/yR/zOK/W/6Yxf+n+WMW/5/lj1n8d88fs/jvkT9m8d8zf8zi//P8MYv/XvljFv+988cs/vvkj1n8980fs/jvlz9m8d8/f8zi/4v8MYv/AfljFv8D88cs/r/MH7P4/yp/zOJ/UP6Yxf/X+WMW/4Pzxyz+h+SPWfwPzR+z+P8mf8zi/9v8MYv/YfljFv/f5Y9Z/A/PH7P4H5E/Npr/8f+t/kfmj1n2/6Pyxyz+R+ePWfx/nz9m8T8mf8zi/4f8MYv/sfljFv/j8scs/n/MH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/yfljFv8/5Y9Z/E/JH7P4/zl/zOJ/av6Yxf8v+WMW/9Pyxyz+p+ePWfzPyB+z+J+ZP2bxPyt/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4X5g/ZvG/KH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT8m8Z94IH/M4j8of8ziPzh/zOI/Rv6YxX9I/pjFf8z8MYv/WPljFv+x/z927j7c67q+4/gX+ICICjpXCw0jEEVTQVCRzBu01CNwtBtLSVBSvJmgTCnQlZLdWFs5y1WurTRvUmdq6ay5pqOcc7psVlTbbIzNHGuFy3LiVsmuA+cQ5/T2XJ4v33294v14/ME5v9/p/Ut5XlcvfofrpH8oS//h+oey9N9W/1CW/iP0D2Xpv53+oSz9t9c/lKX/DvqHsvQfqX8oS/9R+oey9N9R/1CW/jvpH8rS/zf0D2Xpv7P+oSz9f1P/UJb+L9E/lKX/S/UPZen/W/qHsvR/mf6hLP1H6x/K0n8X/UNZ+u+qfyhL/5frH8rSf4z+oSz9d9M/lKX/K/QPZek/Vv9Qlv6v1D+Upf84/UNZ+o/XP5Sl/+76h7L0n6B/KEv/PfQPZem/p/6hLP0n6h/K0n8v/UNZ+u+tfyhL/1fpH8rSfx/9Q1n676t/KEv//fQPZek/Sf9Qlv6T9Q9l6b+//qEs/afoH9ra+w/b+OmoqfqHtvb+3UYdoH8oS/8D9Q9l6X+Q/qEs/afpH8rS/2D9Q1n6T9c/lKX/q/UPZel/iP6hLP1fo38oS/9D9Q9l6X+Y/qEs/Q/XP5Sl/xH6h7L0n6F/KEv/I/UPZel/lP6hLP1fq38oS//X6R/K0v9o/UNZ+h+jfyhL/2P1D2Xp36F/KEv/4/QPZek/U/9Qlv6z9A9l6T9b/1CW/p36h7L0P17/UJb+J+gfytL/9fqHsvR/g/6hLP3fqH8oS/836R/K0v9E/UNZ+r9Z/1CW/m/RP5Sl/0n6h7L0P1n/UJb+c/QPZen/Vv1DWfqfon8oS/+5+oey9J+nfyhL/1P1D2Xpf5r+oSz95+sfytL/bfqHsvQ/Xf9Qlv5n6B/K0n+B/qEs/c/UP5Sl/1n6h7L0P1v/UJb+5+gfytL/t/UPZel/rv6hLP0X6h/K0n+R/qEs/c/TP5Sl//n6h7L0X6x/KEv/39E/lKX/BfqHsvS/UP9Qlv5L9A9l6f92/UNZ+r9D/1CW/kv1D2Xpv0z/UJb+F+kfytL/Yv1DWfr/rv6hLP3fqX8oS/936R/K0v8S/UNZ+l+qfyhL/+X6h7L0f7f+oSz9L9M/lKX/e/QPZen/Xv1DWfq/T/9Qlv7v1z+Upf/l+oey9P+A/qEs/T+ofyhL/9/TP5Sl/+/rH8rS/0P6h7L0/7D+oSz9r9A/lKX/H+gfytL/Sv1DWfp/RP9Qlv4f1T+Upf9V+oey9P9D/UNZ+n9M/1CW/h/XP5Sl/yf0D2Xpf7X+oSz9/0j/UJb+n9Q/lKX/H+sfytL/T/QPZen/Kf1DWfp/Wv9Qlv7X6B/K0v9a/UNZ+n9G/1CW/tfpH8rS/3r9Q1n636B/KEv/G/UPZen/Wf1DWfrfpH8oS/+b9Q9l6X+L/qEs/f9U/1CW/rfqH8rS/3P6h7L0v03/UJb+t+sfytL/Dv1DWfp/Xv9Qlv5f0D+Upf+d+oey9L9L/1CW/n+mfyhL/7v1D2Xp/0X9Q1n6f0n/UJb+f65/KEv/e/QPZen/F/qHsvT/sv6hLP3/Uv9Qlv736h/K0v8+/UNZ+v+V/qEs/VfoH8rS/yv6h7L0/6r+oSz979c/lKX/X+sfytL/Af1DWfr/jf6hLP0f1D+Upf/f6h/K0v8h/UNZ+j+sfyhL/7/TP5Sl/9f0D2Xp/4j+oSz9v65/KEv/v9c/lKX/o/qHsvT/hv6hLP2/qX8oS/9v6R/K0n+l/qEs/b+tfyhL/+/oH8rS/7v6h7L0/wf9Q1n6/6P+oSz9/0n/UJb+j+kfytL/e/qHsvT/Z/1DWfqv0j+Upf+/6B/K0n+1/qEs/f9V/1CW/v+mfyhL/8f1D2Xp/339Q1n6P6F/KEv/f9c/lKX/Gv1DWfr/h/6hLP1/oH8oS///1D+Upf8P9Q9l6f8j/UNZ+q/VP5Sl/5P6h7L0/y/9Q1n6/1j/UJb+T+kfytL/J/qHsvT/qf6hLP2f1j+Upf9/6x/K0v8Z/UNZ+q/TP5Sl/7P6h7L0/x/9Q1n6/6/+oSz9f6Z/KEv/n+sfytL/F/qHsvR/Tv9Qlv7r9Q8l6b9jpX8oS/9B+oey9B+sfyhL/yH6h7L0L/qHsvQfqn8oS/9h+oey9N9G/1CW/sP1D2Xpv63+oSz9R+gfytJ/O/1DWfpvr38oS/8d9A9l6T9S/1CW/qP0D211/QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAquronLF2yKBeTw3Z/MGYRxZs+HjAupPOvvHGL+7U87H7yzODlxy8+YP169evH/x09bXuh9tUVdX137Zj9+PhfY+7Xv/SGVdP3PiojL3u2b1vXfrske+/Y+XN6465aeatQzc8O7Q67cxzFi6YPLiqyvih1bKuB/sPqqqyx9Dqyq4HU7oe7Dm0urnrwdQND7atVnQ92O/08xee0fXExNq/ZwDw666jc3k1pNdiV73+NLD5/l86467lPR/7ecmeVytV9/7fc+fO7+jztR7Ps/89r19e2Xf/B/wvCAD8ioHt//1jez7285K/8v5/9nkfXxl97fn3v+f1yzj7DwDNC77/32uj+37fv8/3/6M/B2y6P/fUq7bp2v+b1p24pPup8kK+///L1y/j++7/4F7f/x9UVWX3nu//b1NVZcIW/nYAQAodne9e29/7//73v+zS52bQ5vu/020rTuza/1Uj7nhp91NDB7j/u/f3/v/oPv+sAMAL09H5mfV93v8PYP+rPYKX3LT/Ry176CVd+/+NVd8fu9nXBrL/E/ru/6QlixZPuvCii/c9Z9H8sxacteC86dOmHXzgtIOmT5m04TsCG3/dwt8UANjKbdn7/2pEn5tBVfXEpvsP3Tvmoa79n/LJY8/ufmr4APd/j37f/4/1/h8Aehk3uBo2rFo2f8mSC/bf+GvPwykbf934Hwv2fwB//z++54foen5mcFBVvWzTfeeFHxjctf/Xj9/l3u6nhg1w//fsd/+P6P2zigDAC7OF7//P6HPTa/9HDblletf+Hzdhr8u7nxro3/9P7Hf/r/X+HwDq6Ois/l/fRHft/2Xb/+KaetdlLz//BwDNa2P/nxzznnH1rsve9h8AmtfG/i84fIe7612XV9l/AGheG/v/YMdVc+tdl33sPwA0r439n3XumIfrXZd97T8ANK+N/R978elL612X/ew/ADSvjf2/9aS1q+tdl0n2HwCa18b+nzJ81VP1rstk+w8AzWtj/7+79wln1rsu+9t/AGheG/v/5UP2e6zedZli/wGgeW3s/+TR186qd12m2n8AaF4b+//R8w+7od51OcD+A0Dz2tj/0bM/P7XedTnQ/gNA89rY/7ef8vUr6l2Xg+w/ADSvjf1/7pIjRte7LtPsPwA0r439X/HgbnPqXZeD7T8ANK+N/Z/5xJWP1Lsu0+0/ADSvjf3f8+knF9e7Lq+2/wDQvDb2/3PfOW1NvetyiP0HgOa1sf8jr31uVL3r8hr7DwDNa2P/33fZ4qvrXZdD7T8ANK+N/f/BVSMn1Lsuh9l/AGheG/v/ti8sv7PedTnc/gNA89rY/28+PnVmvetyhP0HgOa1sf8nf+Xe79W7LjPsPwA0r439P/DR++fXuy5H2n8AaF4b+3/fT2Y/U++6HGX/AaB5bez/y9/7rd3qXZfX2n8AaF4b+/+Jz879YL3r8jr7DwDNa2P/f/al8QfUuy5H238AaF4b+7/4Y7ddX++6HGP/AaB5bex/5z4/XV3vuhxr/wGgeW3s/wMj37W03nXpsP8A0Lw29v+WVwx5uN51Oc7+A0Dz2tj/cYd+eG696zLT/gNA89rY/+Uzd7673nWZZf8BoHlt7P9253xqXL3rMtv+A0Dz2tj/s5Y9fk2969Jp/wGgeW3s/4/mLBpe77ocb/8BoHlt7P+uI+aNrnddTrD/ANC8Nvb/yomPXlHvurze/gNA89rY/59Pv31qvevyBvsPAM1rY/+X7jr2hnrX5Y32HwCa18b+f3vRfbPqXZc32X8AaF4b+z/v+MmP1bsuJ9p/AGheG/s/ZV7nmfWuy5vtPwA0r439v+edK56qd13eYv8BoHlt7P/lD3z6znrX5ST7DwDNa2P/t1+z44R61+Vk+w8AzWtj/0975ryr612XOfYfAJrXxv7/cOXqUfWuy1vtPwA0r43977jukjX1rssp9h8AmtfG/n91+Y8X17suc+0/ADSvjf2//SNXPFLvusyz/wDQvDb2f8Jd1Zx61+VU+w8AzbvwoovPnb9w4YILfOITn/hk0ycv9v8yAQAATfvlH/pf7H8SAAAAAAAAAAAAAAAAAAAAyKuN/zuxF/vfEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP9jBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAAEH+1isMUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXwEAAP//JTHa4g==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mmap(&(0x7f00000e8000/0x3000)=nil, 0x3000, 0x1, 0x13, r0, 0x0)
ftruncate(r0, 0x8979)

2m17.329677105s ago: executing program 4 (id=64):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x800700, &(0x7f0000000200)={[{@usrjquota}, {@init_itable_val={'init_itable', 0x3d, 0xa6}}, {@journal_dev={'journal_dev', 0x3d, 0xdcc}}, {@bsdgroups}, {@resgid}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@data_err_ignore}, {@dioread_lock}]}, 0x3, 0x45c, &(0x7f0000000880)="$eJzs289vFFUcAPDvzLag/GpF/AGiVomx8UdLCyoHLxpNPGA00QMea1sIYaGG1kQIkWoMXkwMUc/Go4l/gTcvRj2ZeNW7ISHKBfRUM7MzsLvsLi1sd5H9fJJt35t52/e+ffNm3szbDWBgjWU/kogtEfF7RIzUso0Fxmq/rlw6M/vPpTOzSaysvPVXkpe7fOnMbFm0fN/mIjOeRqSfJEUljRZPnT42U63Onyzyk0vH35tcPHX62aPHZ47MH5k/MX3gwP59Uy88P/1ch9ZvXHWcWVyXd324sHvna++cf3320Pl3f/4ua++WYn99HN0ylgX+90qubvMX2Y8nul1Zn22tSydDfWwIa1KJiKy7hvPxPxKVuNZ5I/Hqx31tHLCusmtTh6vo8gpwB0ui3y0A+qO80Gf3v+WrR1OP28LFl2o3QFncV4pXbc9QpEWZ4ab7224ai4hDy/9+nb1inZ5DAADU+2z2q4PxTKv5Xxr315XbVqyhjEbEPRGxPSLujYgdEXFfRF72gYh4sG1NG1pubV4aun7+k1646eBWIZv/vVisbTXO/8rZX2W0UuS25vEPJ4ePVuf3Fv+T8RjemOWnOtTxwyu/fd5uX/38L3tl9ZdzwaIdF4aaHtDNzSzN5JPSLrj4UcSuoVbxJ1dXApKI2BkRu9b2p7eViaNPfbu7XaEbx99BF9aZVr6JeLLW/8vRFH8p6bw+OXlXVOf3TpZHxfV++fXcm+3qv6X4uyDr/02Nx39zkdGkfr12ce11nPvj07b3NDd7/G9I3s77pTyrfDCztHRyKmJDcjDPN2yfvvbeMl+Wz+If39N6/G8v3pPV81BEZAfxwxHxSEQ8WrT9sYh4PCL2dIj/p5fb77sd+n+u5fnv6vHf1P9rT1SO/fh9u/pX1//789R4sSU//93Aaht4K/87AAAA+L9I88/AJ+nE1XSaTkzUPsO/Izal1YXFpacPL7x/Yq72WfnRGE7LJ10jdc9Dp5Ll4i/W8tPFs+Jy/77iufGXlbvz/MTsQnWuz7HDoNvcZvxn/qz0u3XAumu1jjbder0WuMM0j/+0MXv2jV42Bugp39eGwXWD8Z/2qh1A77n+w+BqNf7PNuWtBcCdyfUfBpfxD4PL+IfBZfzDQLqV7/UPciI7Zd4GzaiOFP3Y+9oj7XfsEuuZ6POJCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+CwAA///clepZ")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0)

2m15.273785685s ago: executing program 4 (id=75):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xfb, 0x323, &(0x7f0000006680))
r0 = gettid()
r1 = getpid()
rt_tgsigqueueinfo(r1, r0, 0x11, &(0x7f0000000000)={0x23, 0x0, 0xa})

2m13.596204385s ago: executing program 4 (id=83):
unshare(0x22000600)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x162e02, 0x0)
r1 = dup(r0)
fallocate(r1, 0x0, 0x0, 0x70800)

2m13.463166165s ago: executing program 32 (id=83):
unshare(0x22000600)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x162e02, 0x0)
r1 = dup(r0)
fallocate(r1, 0x0, 0x0, 0x70800)

1m30.737012375s ago: executing program 2 (id=330):
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000001500)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c71e68558b677156e22e13d8e509274ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRES16, @ANYRES32, @ANYRES64, @ANYRESDEC, @ANYRES8], 0x1, 0x11ef, &(0x7f0000003980)="$eJzs3M+LG2UYB/Cna7tbd90faq22IL7gRS9DswdB9BJkC9KA0jZCexCm7kRDxiRkwkI8WD159e/w7E2Q3vSyF/8Gb3vx2IM4QqK2KakQC6Ysn88lDzzvN3lfAgPvMO+cvPvt571OlXXycaydORNrw4h0P0WKtfjbV/HmOz/9/OqNW7evNVutg+spXW3ebLyVUtp57cdzEXFvvPXR9zs/bMTx3scnv+3/enzx+NLJHzc/61apW6X+YJzydGcwGOd3yiIddqteltKHZZFXRer2q2I01++Ug+FwkvL+4fbmcFRUVcr7k9QrJmk8SOPRJOWf5t1+yrIsbW8GT6L93f26riPq+lysR13X9bOxGVvxXGzHTuzGXjwfL8SLcSFeiovxcrwSl6ajVj1vAAAAAAAAAAAAAAAAAAAAOF2c/wcAAAAAAAAAAAAAAAAAAIDVu3Hr9rVmq3VwPaXzEeU3R+2j9uxz1m92ohtlFHElduP3mJ7+n5nVV99vHVxJU3vxdXn3r/zdo/Yz8/nG9HUCC/ONWT7N5zdi8+H8fuzGhcX5/YX58/HG6w/ls9iNXz6JQZRxGBH34kH+y0ZK733QeiR/eToOAAAAToMs/WPh/j3LHtef5Ze4P/DI/vpsXD672rUTUU2+6OVlWYz+S7E2F9+IiAWD1+NJfkJxGor1p2MaiiWKVV+Z+D88+NNXPRMAAAAAAAAAAACWscSDgW9HxGNaW//6PateIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCf7MCxAAAAAIAwf+s0OjYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvgoAAP//4kjMlQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0)

1m29.356607788s ago: executing program 2 (id=345):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x10050, &(0x7f0000000800)={[{@jqfmt_vfsv1}, {@nouid32}, {@jqfmt_vfsv0}, {@norecovery}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
readlink(&(0x7f00000000c0)='./file2\x00', &(0x7f0000000880)=""/202, 0xca)
readlink(&(0x7f0000000700)='./file2\x00', &(0x7f0000000b00)=""/233, 0xe9)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000000)=@filename='./file2\x00', 0x0, &(0x7f0000000100)='./file2\x00')

1m27.401296218s ago: executing program 2 (id=363):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000070000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0c000280050009"], 0x24}}, 0x20040014)

1m26.792599353s ago: executing program 2 (id=371):
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000040)='./file1\x00', 0x1010006, &(0x7f0000000140)={[{@gid}, {@errors_remount}, {@discard_size={'discard', 0x3d, 0x1}}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@noquota}, {}, {@errors_continue}, {@errors_remount}, {@uid}]}, 0x24, 0x6220, &(0x7f0000006840)="$eJzs3c1vHGcdB/DfvvolNIl6qEqEkNuGl1Ka1xICBdoe4MCFA8oVJXLdKiIFlASUVhFx5QsS/BEgJI4IceTEH9ADV278AURKkEA9oE419vM44+2u147jnXWez0dyZn77zHifyXdnXzwz+wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PdyLi6q/SDScjPhe9iG7EUl2vRMTSysnmOs/HZnM8FxGDhYh6/c1/TkS8FhEfHY948PDuan3zhT324/t/+ecff3LsR//48+Ds//56u/f6pOXu3Pndf/927/G3FwAAAEpUVVXVSR/zT0VEP322BwCefvn1v0ry7eq5q9fnrD9qtVqtPoJ1UzXevWYREevNder3DA7HA8ARsx4ft90FWiT/ovUj4ljbnQDmWqftDnAoHjy8u9pJ+XaarwcrW+35XJAd+a93tq/vmDSdZvQck1k9vjaiF89O6M/SjPowT3L+3dH8r261D9Nyh53/rEzKf7h16VNxcv690fxHPD35d8fmX6qcf39f+ffkDwAAAAAAcyz//f9ky8d/Fw6+KXuy2/HflRn1AQAAAAAAAACetP2O/9cfGf9vm/H/AAAAYG7Vn9Vrvz/+6LZJ38VW336lE/HMyPJAYdLFMstt9wMAAAAAAAAAAAAAStLfOof3SidiEBHPLC9XVVX/NI3W+3XQ9Y+60rcfStb2kzwAAGz56PjItfydiMWIuJK+62+wvLxcVYtLy9VytbSQ388OFxarpcbn2jytb1sY7uENcX9Y1b9ssbFe07TPy9PaR39ffV/DqreHjs1Gi4EDQERsvRo9mPSK9H+vV0dTVZ2Ilt/kcETssv9zRNn/2Yu2H6cAAADA4auqquqkr/M+lY75d9vuFAAwE/n1f/S4gFqtVqvV6qevbqrGu9csImK9uU79nsFw/ABwxKzHx213gRbJv2j9iHi+7U4Ac63Tdgc4FA8e3l3tpHw7zdeDNL57PhdkR/7rnc318vrjptOMnmMyq8fXRvTi2Qn9eW5GfZgnOf/uaP5Xt9qHabmD51/t+DNhW+cYTcq/3s6TLfSnbTn/3mj+Iw57/5+VjeiOzb9UOf/+vvLvyR8AAAAAAOZY/vv/ybk6/jt83M2Zarfjvytj1zi8vgAAAAAAAADAk/Lg4d3VfN1rPv7/hTHLuf7z6ZTz78i/SDn/7kj+Xx1ZrteYv//Wo/z/8/Du6p9u//vzebrX/BfyTCc9sjrpEdFJ99Tpp+lBtu6zNga9YX1Pg06310/n/FSDd+J63Ii1OLdj2W76/3jUfn5He93TwWZ71dtqv7Cjvb/dnte/uKN9kM4uqpZy+5lYjZ/HjXh7s71uW5iy/YtT2qsp7Tn/nv2/SDn/fuOnzn85tXdGprX7H3Y/s983p+Pu583rX/zNucPfnKk2ore9bU319r3YQn82/0+ODeOXt9Zunrlz7fbtm+cjTXbceiHS5AnL+Q/Sz/bz/0tb7fl5v7m/3v9wuO/858VG9Cfm/1Jjvt7el2fctzbk/IfpJ+f/dmofv/8f5fwn7/+vtNAfAAAAAAAAAAAAAAAA2E1VVZuXiL4ZEZfS9T9tXZsJAMxWfv2vknz7rOrejO9PrT7idWfO+jPT+pNqvvqjVh/Fuqka741mERF/b65Tv2f49bhfBgDMs08i4l9td4LWyL9g+fv+6unptjsDzNSt9z/46bUbN9Zu3mq7JwAAAAAAAADA48rjf640xn8+XVXVvZHldoz/+lasHHT8z36e2R5gdMJA1b39b9NuNrrDXrcx3PgLMWn878H23G7jf/en3N9gSvtwSvvClPbFKe1jL/RoyPm/0Bjv/HREnBoZfr2E8V9Hx7wvQc7/xcbjuc7/KyPLNfOv/nCU8+/uyP/s7fd+cfbW+x+8ev29a++uvbv2s4vnz5+7eOnS5cuXz75z/cbaua1/W+zx4cr557GvnQdalpx/zlz+Zcn5fynV8i9Lzv/LqZZ/WXL++f2e/MuS88+ffeRflpz/y6mWf1ly/l9LtfzLkvN/JdXyL0vO/+upln9Zcv6vplr+Zcn5n0m1/MuS8z+b6j3mv3TY/WI2cv75CJf9vyw5/3xmg/zLkvO/kGr5lyXnfzHV8i9Lzv+1VMu/LDn/b6Ra/mXJ+V9KtfzLkvP/ZqrlX5ac/+VUy78sOf9vpVr+Zcn5fzvV8i9Lzv/1VMu/LDn/76Ra/mXJ+X831fIvS87/e6mWf1ly/m+kWv5lefT9/web+e2JJ/N7zBQ7M5iPbpjZmmn7mQkAAAAAAAAAAAAAGDWL04nb3kYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4lB04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYe/uYuQ66/uBn9k3r52QGAj5O/kb2DgmhGSTXduJX2hTTHhteCuBUOgLtutdmwW/4bVLoJFsGiiRMCqqaBsu2gJCbW4qcsEFrQDlArVCqkTaC3qDqFC5iKqAAlIlWkG2mnOe59mZ2dmZXXuyPnPO5yPZP+/MmTlnzpw5u99df3cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDVLW+Y/0wjy7Lmn/yvrVl2bfPfm6e25pe99mpvIQAAAHClfpX//dz16YKDa7hRyzL//IrvfX1paWkpe//on49/YWkpXTGVZeObsiy/LnryRx9otC4TPJpNNkZaPh7ps/rRPteP9bl+vM/1E32u39Tn+sk+16/YAStsLr4fk9/ZzvyfW4tdmt2QjefX7exyq0cbm0ZG4vdyco38Nkvjx7KF7EQ2n822LV8s28iX/+YtzXW9NYvrGmlZ1/bmEfKzR47GbWiEfbyzbV3L9xn95PXZ1M9/9sjRvz337E3dZt/d0HZ/xXbevqO5nZ8KlxTb2sg2pX0St3OkZTu3d3lORtu2s5Hfrvnvzu18bo3bObq8mRuq8zmfzEbyfz+d76ex1m/rpf20PVz2i1uzLLu4vNmdy6xYVzaSbWm7ZGT5+ZksjsjmfTQPpZdkY+s6Tm9Zw3HanHM724/TztdEfP5vCbcbW2UbWp+mn3xyouV5/+XS5RynUfNRr/Za6TwGB/1aKcsxGI+Lp/MH/VjXY3BnePyP3Lb6Mdj12OlyDKbH3XIM7uh3DI5MjObbnJ6ERn6b5WNwV9vyo/maGvl85rbex+DMuZNnZhY//om7Fk4eOT5/fP7Unl27Zvfs3bt///6ZYwsn5meLvy9zb5fflmwkvQZ2hH0XXwOv7li29VBd+vLEivPv5b4OJ3u8Drd2LDvo1+FY54NrbMwLcuUxXbw23tvc6ZOXRrJVXmP583PHlb8O0+NueR2OtbwOu35O6fI6HFvD67C5zJk71vY1y1jLn27bsPrngis7Bre2HIOdX490HoOD/nqkLMfgZDgufnDH6p8LtoftfWx6vV+PjK44BtPDDeee5iXp6/3J/fnodlze3Lzimons/OL82bsfPnLu3NldWRgb4qUtx0rn8bql5TFlK47XkXUfrwcXXvHYzV0u3xr21eRdzb8mV32umsvcc3fv5yr/7NZ9f7ZdujsLY8A2en92+2ze3J8TWfbF73zywW898sU3rLo/m3nzUzNX/rV4yqUt59/xVc6/Mfc/X6wv3dWjo+Njxet3NO2d8bbzcftTNZafuxr5up+bWdv5eDz82ejz8Q09zsfbOpYd9Pl4vPPBxfNxo993O65M5/M5GY6TE7O9z8fNZbbtXu8xOdbzfHxrmI2w/18TkkLKRS3HzmrHbVrX2Nh4eFxjcQ3tx+metuXHQzZrruuJ3eGLwrSVaztOb7+1WH605XbRRh2nUx3LDvo4Td/7Wu04bfT77tvl6Xw+J8NxccOe3sdpc5mn7rnyc+fm+M+Wc+dEv2NwfHSiuc3j6SDMz/fZ0uZ4DN6dHc1OZyeyufzaifx4auTrmr53befKifBno8+V23ocg7d3LDvoYzB9Hlvt2GuMrXzwA9D5fE6G4+Lxe3sfg81l3rhvsF+73h4uScu0fO3a+f211b7ndXPHbnqhjpWxsJ3f2df7e7PNZU7sX2/O7L2f7gyXXNNlP3W+fld7Tc1lG7OftoXtfHb/6vupuT3NZb5wYI3H08Esyy589P78+73h5ysXzn//620/d+n2M50LH73/py869k/r2X4Aht/zxdhSfK5r+cnUWn7+DwAAAFx9/f6Devoe92T4Gab8DwAAAFUUc3/8X+GJ/A8AAACVEXP/WJhJFfL/H/dfZNsbn114/kKWmvlLQbw+7YYHiuVix3U2fDy1tKx5+f1fnf/vf7ywts0bybLslw/8Udfltz0Qt6swFbbzyTe1X77C1+9a07oPP3Qhrbe1v/6lcP/x8az1MOhWwZ3Nsuyb138uX8/UBy7l86kHDufzwYuPPdpc5rkDxcfx9s+8tFj+r8L/XTl47Ejb7Z8J++HHYc6+rfv+iLf72qXXbN/3vuX1xds1dlyXP+zHP1jcb/w9OZ9/tFg+7ufVtv9bn33ia83lH35V9+2/MNJ9+58I9/vVMP/n5cXyrc9B8+N4u0+H7Y/ri7e7+yvf7rr9T36mWP7Mm4vlDocZ1397+Hjnm59daN1fDzeOtD2u7C3FcnH9s9//0/z6eH/x/ju3f/LQpbb90Xl8PPVvxf3MdCwfL4/rif6hY/3N+2k9PuP6n/iTw237ud/6n3zwmZc377dz/Xd2LHfmo3fk61++v/bf2PTXn/5c1/XF7Tn492faHs/Bd4fXcVj/4x8Mx2O4/n+fLO6v87crHH53+/knLv+lrRfaHk/01p8X63/ydcfzuWly85Zrrn3RdRff1dx3Wfb0puL++q3/+N+cbtv+L99Y7I94ffwvZp3rX83FVxbrP/ux6VOnF88vzKW9+sj1+e/OeXuxPXF7rw/n1s6PD50+96H5s1OzU7NZNlXdX6F32b4S5k+LcbH30ksrzqB3PBSez5v/8ptbbvvXz8bL//29xeWX3lZ83np1WO7z4fKt4flb3/pXevyWG/PXd+OpsIVLK39f8JXYvvO/9q9pwfD4O78uiMf7mZd9KN8PzevyzxvxdX2F2//DueJ+vhH261L4zcw7blxeX+vy8XcjXHpP8Xq/4v0XTnPxef278Hy/48fF/cftio/3h+HrmG9vaz/fxePjGxdGOu8//y0eF8P5JLtYXB+Xivv70nM3dt28+HtIsos35R//Wbqfm9b1MFez+PHFmRMLp84/PHNufvHczOLHP3Ho5Onzp84dyn+X56EP97v98vlpS35+mpvfe0+Wn61OF+MFdrW3/8xDR+f2zd42N3/syPlj5x46M3/2+NHFxaPzc4u3HTl2bP5j/W6/MHffrt0H9uzbPX18Ye6+/QcO7DkwvXDqdHMzio3qY+/sR6ZPnT2U32TxvnsO7Lr33ntmp0+enpu/b9/s7PT5frfPPzdNN2/9h9Nn508cObdwcn56ceET8/ftOrB37+6+vw3w5Jlji1MzZ8+fmjm/OH92pngsU+fyi5uf+/rdnmpa/I/i69lOjeIX8WXvunNv+v2sTV/95Kp3VSzS8QtEnw2/i+a7Lz6zfy0fx9w/HmZShfwPAAAA5GLunwgzkf8BAACgMmLu3xRmIv8DAABAZcTcPxlm+i8BNcn/lev/b7uwpvXr/+v/t+4v/f+a9P9D//7p95St/1+cL/T/B+NK+/f6/4H+v/6//r/+v/4/A1C2/n/M/ZuzzM//AQAAoKJi7t8SZiL/AwAAQGXE3H9NmIn8DwAAAJURc/+1YSY1yf/6//r/+v/6//r/3dev/z+c9P970//vQ/9/JqtX///iILf/KvT/N7d+oP9PGZWt/x9z/4vCTGqS/wEAAKAOYu6/LsxE/gcAAIDKiLn/+jAT+R8AAAAqI+b+rWEmNcn/+v9X1P9PnSv9//bt1/9vp/8fjgf9f/3/DaD/35v+fx/6/97/f7j6/230/ymjsvX/Y+5/cZhJTfI/AAAA1EHM/S8JM5H/AQAAoHzGLu9mMfe/NMxkRf6/zBUAAAAAV13M/TdkHUXwmvz8X//f+//r/+v/6/93X//a+/+jmf5/eej/96b/34f+v/6//r/+PwNVtv5/nvuzyexlYSY1yf8AAABQBzH33xhmIv8DAABAZcTc///CTOR/AAAAqIyY+7eFmdQk/+v/V6b//4vWp07/X/+/1/r1/73/f5Xp//em/9+H/r/+v/6//j8DVbb+f8z9N4WZ1CT/AwAAQB3E3H9zmIn8DwAAAJURc///DzOR/wEAAKAyYu7fHmZSk/yv/1/y/n9sjnr/f/1//f9S9v8n9f9LR/+/N/3/PtbS/79W/381+v/6//r/dCpb/z/m/peHmdQk/wMAAEAdxNz/ijAT+R8AAAAqI+b+V4aZyP8AAABQGTH3T4WZ1CT/r6f/37io/7+aF/j9/yfW8P7/bfT/9f97rV//3/v/V5n+f2/6/314/3/9f/1//X8Gqmz9/5j7bwkzqUn+BwAAgDqIuX9HmIn8DwAAAJURc/+tYSbyPwAAAFRGzP07w0xqkv+9//9Q9P8z/X/9f/1//X/9/7XR/+9N/78P/X/9f/1//X8Gqmz9/5j7XxVmUpP8DwAAAHUQc/9tYSbyPwAAAFRGzP2vDjOR/wEAAKAyYu6/PcykJvlf/1//X/9f/1//v/v69f+Hk/5/b/r/fej/6//r/+v/M1Bl6//H3P+aMJOa5H8AAACog5j77wgzkf8BAACgMmLuvzPMRP4HAACAyoi5fzrMpCb5X/9f/1//X/9f/7/7+vX/h5P+f2/6/33o/+v/6//r/zNQZev/x9x/V5hJTfI/AAAA1EHM/XeHmcj/AAAAUBkx98+Emcj/AAAAUBkx98+GmdQk/+v/6//r/+v/r6v//8rl+9X/L+j/l4v+f2/6/33o/+v/X/X+/7j+P5VStv5/zP27wkxqkv8BAACgDmLu3x1mIv8DAABAZcTcvyfMRP4HAACAyoi5/54wk5rkf/1//X/9f/1/7//fff36/8NJ/7+3wff/40PU/9f/1//3/v/6/6xUtv5/zP33hpnUJP8DAABAHcTcvzfMRP4HAACAyoi5f1+YifwPAAAAlRFz//4wk5rkf/1//X/9f/1//f/u69f/H076/715//8+9P/1/4e4/988tvT/KZuy9f9j7j8QZlKT/A8AAAB1EHP/a8NM5H8AAACojJj7fy3MRP4HAACAyoi5/9fDTGqS//X/9f/1//X/y97/n9D/1/9fB/3/3vT/+9D/1/8f4v6/9/+njMrW/4+5/74wk5rkfwAAAKiDmPt/I8xE/gcAAIDKiLn/dWEm8j8AAABURsz9B8NMapL/9f83qP8fL9T/1//X//f+//r/Lyj9/970//vQ/9f/1//X/2egytb/j7n/9WEmNcn/AAAAUAcx998fZiL/AwAAQGXE3P+GMBP5HwAAACoj5v43hpnUJP/r/3v//6vf/x9v23b9/+Xb6f8X9P/1/9dD/783/f8+9P/1//X/9f8ZqLL1/2Puf1OYSU3yPwAAANRBzP1vDjOR/wEAAKAyYu5/S5iJ/A8AAACVEXP/W8NMapL/9f/1/69+/9/7/+v/F/T/9f8HQf+/N/3/PvT/9f/1//X/Gaiy9f9j7v/NMJOa5H8AAACog5j7Hwgzkf8BAACgMmLuf1uYifwPAAAAlRFz/9vDTGqS//X/9f/1//X/9f+7r1//fzjp//c2ZP3/X10XLtf/L+j/l3v719v/H+v4+AXp//9otf7/0qbO2+v/80IoW/8/5v53hJnUJP8DAABAHcTc/84wE/kfAAAAKiPm/neFmcj/AAAAUBkx9/9WmElN8r/+f3M7ltvL+v/6//kF+v/6//r/Q0v/v7ch6/97//8O+v/l3n7v/6//z0pl6//H3P/uMJOa5H8AAACog5j7Hwwzkf8BAACgMmLuf0+YifwPAAAAlRFz/3vDTGqS//X/vf+//r/+v/5/9/Xr/w8n/f/e9P/70P/X/y9b//8/9f8ZbmXr/8fc/1CYSU3yPwAAANRBzP3vCzOR/wEAAKAyYu7/7TAT+R8AAAAqI+b+94eZ1CT/6/8PS/9/Sv9/nf3/iXCZ/r/+v/5/vej/96b/34f+v/5/2fr/3v+fIVe2/n/M/R8IM1l7/p9c85IAAADAVRFz/++EmdTk5/8AAABQBzH3/26YifwPAAAAlRFz/++FmdQk/+v/D0v/3/v/Z97/X/+/4/Ho/+v/d7Nx/f945tH/1//X/4/0//X/9f/pVLb+f8z9vx9mUpP8DwAAAHUQc/8Hw0zkfwAAABgK3f5PdqeY+w+Fmcj/AAAAUBkx9x8OM6lJ/tf/1//X/y9p//8vdvzLD773zsO79P/1//X/12VD3/+/+eL3/v/6//r/if6//r/+P53K1v+Puf9ImMly8Hu7N/gHAACA4RZz/x+EmdTk5/8AAABQBzH3Hw0zkf8BAACgMmLunwszqUn+1//X/9f/L2n/f4jf/z/uj2Hq/09vGqL+fzzp6v93taH9//ct98T1/9fb/5/oemln/7+h/99G/3/d2//dLMv0//X/uYrK1v+PuX8+zKQm+R8AAADqIOT+kWPFXL5C/gcAAIDKiLn/eJiJ/A8AAACVEXP/h8JMapL/9f/1//X/9f+9/3/39Ze2/+/9/3vS/++tPP3/7rz/v/7/MG+//r/+PyuVrf8fc/9CmElN8j8AAADUQcz9Hw4zkf8BAACgMmLu/0iYifwPAAAAlRFz/4kwk5rkf/1//X/9f/1//f/u69f/H076/73p//eh/6//r/+v/89Ala3/H3P/yTCTmuR/AOD/2LuPJ0vLso/jZ3gbZqaoesudCxey909gIWvduXHBxoVWWS5AxZwYxBww54BZDJhQxIQ5gQnFLCrmHDCj1ljMXNc109NPP6d7+nSf57nvz2fxXtBDc868NcX4m57vPABAD3L3XxK32P8AAADQjNz9l8Yt9j8AAAA0I3f/Q+OWTva//l//32z/f2/9/3avr//X/7dM/z9O/7+E/l//r//X/7NSU+v/c/c/LG7pZP8DAABAD3L3Pzxusf8BAACgGbn7L4tb7H8AAABoRu7+R8Qtnez/M/r/Q4v19P/nbXlfB9v/Z8ar/2+p//f8/21fX/+v/2/Zwfb/V9z1Xz79v/5f/x/0//p//T9nmlr/n7v/kXFLJ/sfAAAAepC7/1Fxi/0PAAAAzcjd/+i4xf4HAACAZuTuf0zc0sn+9/x/z//X/+v/9f/Dr6//nyfP/x/XU/9/2a3nX3LH9fe4YTevr//X/+v/9f+s1tT6/9z9j41bOtn/AAAA0IPc/Y+LW+x/AAAAaEbu/sfHLfY/AAAAzNDRwY/m7n9C3NLJ/tf/6//1/9H/H9H/6//1/y3Q/4/rqf8/m9fX/+v/9f/6f1Zrav1/7v4nxi2d7H8AAADoQe7+J8Ut9j8AAABM19BvxB6Ru//yuMX+BwAAgGbk7j8Wt3Sy//X/+9///1f/P4/+3/P/9f/6/ybo/8fp/5fQ/+v/9f/6f1Zqav1/7v4r4pZO9j8AAAD0IHf/k+MW+x8AAACakbv/yrjF/gcAAIBm5O5/StzSyf7X/3v+v/5f/6//H359/f88Tbv/31j6+vp//f/M+/9z9f/6f/0/p9tl/3/nyH+2V9L/5+5/atzSyf4HAACAHuTuf1rcYv8DAABAM3L3Pz1usf8BAACgGbn7nxG3dLL/9f/6f/2//v+s+/+tP/RO0P8P0/8fjGn3/8t10/8fGv6zEPT/s+//Pf9f/6//Z5OpPf8/d/8z45ZO9j8AAAD0IHf/s+KWkf2/61/MBwAAANYqd/+z4xZf/wcAAIDZy+osd/9z4pZO9r/+X/+v/9f/e/7/8OuP9f83nPb+9P/Tov8fN5n+fxv6f/3/nN+//l//z1ZT6/9z9z83bulk/wMAAEAPcvdfFbfY/wAAANCM3P3Pi1vsfwAAAGhG7v7nxy2d7P/h/v/Ut+v/d0b/v/n96/+Hf3ysqv/Pf6P+f7T/v8jz//uk/x+n/19iU/9/v43FQv+v/9f/R/9/dNnn6/8ZMrX+P3f/C+KWTvY/AAAA9CB3/wvjFvsfAAAAmpG7/0Vxi/0PAAAAzcjd/+K4pZP97/n/+n/9//z6f8//P2mdz/9fHHj/v6H/3yH9/zj9/xKe/6//1/+PP/9/5E8B0P8zZGr9f+7+l8Qtnex/AAAA6EHu/pfGLfY/AAAAzMPpv3fgzN9QGnL3vyxusf8BAACgGbn7Xx63tLP/R5/Vqf/X/+v/9f/6/+HXn1b/7/n/O6X/H6f/X0L/vx/9/EZj/f/V233+FPr/y/e7/x+h/2fIpv7/xlMfX1f/n7v/FXFLO/sfAAAAupe7/5Vxi/0PAAAAzcjd/6q4xf4HAACAZuTuf3Xc0sn+3/f+f+RPH9D/6//1//p//b/+f9X0/+P0/0vo/z3/3/P/9f+s1Kb+/zTr6v9z978mbulk/wMAAEAPcve/Nm6x/wEAAKAZufuvjlvsfwAAAGhG7v7XxS2d7H/P/9f/6//1//r/4dfX/8/Tnvr7c/T/Rf+v/9f/6//1/6zA1Pr/3P2vj1s62f8AAADQg9z9b4hb7H8AAACYk8Nj35i7/41xi/0PAAAAzcjd/6a4pZP9r//f3/4/P67/1/8v9P/6f/3/gej2+f+Hhn4m2mqb/v/mBx+77+aP6P/1//p//b/+nx2628i3TaL/P37qf13m7n9z3NLJ/gcAAIAe5O5/S9xi/wMAAEAzcve/NW6x/wEAAKAZufuviVt2uf/Hmocp0/97/r/+X/+v/x9+ff3/PHXb/++Q5/8vof/X/+v/9f+s1CT6/9P+Pnf/2+IWX/8HAACAZuTuf3vcYv8DAABAM3L3vyNusf8BAACgGbn73xm3dLL/9f/6f/2//l//P/z6+v950v+P0/8vMaf+/5o99P8bwx9edz+/V+t+//p//T9bTa3/z91/bdzSyf4HAACAHuTuf1fcYv8DAABAM3L3vztusf8BAACgGbn73xO3dLL/9f/6f/2//l//P/z6+v950v+P0/8vFov3jbyBof7/+OFp9v+e/z+596//1/+z1dT6/9z9741bOtn/AAAA0IELjp44R+KXgu1/AAAAaFHu/uviFvsfAAAAmpG7//1xSyf7X/+v/9f/n+r/63ui/9f/6/9nS/8/Tv+/xJye/6//n9z71//r/9lqav1/7v4PxC2d7H8AAADoQe7+6+MW+x8AAACakbv/g3GL/Q8AAADNyN1/Q9zSyf7X/+v/9f+e/6//H359/f887V//v9D/6//1/0vo//X/+n/ONLX+P3f/h+KWTvY/AAAA9CB3/4fjFvsfAAAAmpG7/yNxi/0PAAAAzcjd/9G4pZP9r//X/+v/9f/6/+HX1//Pk+f/j9P/L6H/1//r//X/rNRw/3/52vr/3P0fi1s62f8AAADQg9z9N8Yt9j8AAAA0I3f/x+MW+x8AAACakbv/E3FLJ/tf/6//39z/Lxb6f/3/zvv/K/T/e+v/jyz0/yun/x+n/19C/99m/3/OoqH+/+i2n6//Z4qm9vz/3P2fjFs62f8AAADQg9z9n4pb7H8AAABoRu7+T8ct9j8AAAA0I3f/Z+KWTva//l//7/n/+n/P/x9+fc//nyf9/zj9/xL6/z31//nz8eT6f8//1/+zNlPr/3P3fzZu6WT/AwAAQA9y938ubrH/AQAAoBm5+z8ft9j/AAAA0Izc/V+IWzrZ//p//b/+X/+v/x9+ff3/POn/x+n/l9D/t/n8/z76/6ML/T8TNLX+P3f/F+OWTvY/AAAA9CB3/01xi/0PAAAAzcjdf3PcYv8DAABAM3L3fylu6WT/6//1//r/efb/R/T/+n/9/6Cp9P8XXnifW/T/+n/9v/7f8//1/72bWv+fu//LcUsn+x8AAAB6kLv/K3GL/Q8AAADNyN3/1bjF/gcAAIBm5O7/WtzSyf7f2v+fuzhZqJ401P9Hozb7/v/wae8j6f/1/yc+MIP+f6H/1//r/wdNpf/3/P+ze//6f/3/nN//rvr/C7Z+vv6fFk2t/8/df0vc0sn+BwAAgB7k7v963GL/AwAAQDNy938jbrH/AQAAoBm5+2+NWzrZ/57/r//X/+v/9f/Dr6//nyf9/zj9/xL6f/2/5/9f+sD/0/+zOlPr/3P3fzNu6WT/AwAAQA9y938rbrH/AQAAoBm5+78dt9j/AAAA0Izc/d+JWzrZ//r/g+n//z8+pv/X/+v/9f/6//2l/x+n/y9nftdO6qf/PzL0wXX383u17vffTP/v+f+s0NT6/9z9341bOtn/AAAA0IPc/d+LW+x/AAAAaEbu/u/HLfY/AAAANCN3/w/ilk72v/6/m+f/335et/3/A/T/Z7y+/l//3zL9f/6MPkz/v0Q//f+gdffzc3//+n/9P1tNrf/P3X9b3NLJ/gcAAIAe5O7/Ydxi/wMAAEAzcvf/KG6x/wEAAKAZuft/HLd0sv/1/930/1eefJ899v+e/6//1//3RP8/Tv+/hP5f/99+/3/edp+v/2c/TK3/z91/+6GNLvc/AAAAzNX97/WQ23b6z95+4v8eWfwkbrlocXyHX8YGAAAAJu6u3X9oY7H46Ym/8/V/AAAAaFHu/p/FLZ3sf/1/X/1/n8//1//r//X/PdH/j9P/L6H/1/+33/9vS//Pfpha/5+7/+dxy2nDb2PX30sAAABgSnL3/yJu6eTr/wAAANCD3P2/jFu27H9/HCAAAADMVe7+X8UtnXz9X/8/8f5/sU/9f/xz+v+T9P/6/6HX1//Pk/5/3B77/+OH9P/6/xH6f/2//p8zTa3/z93/67ilk/0PAAAAjdr0Kwq5+38Tt9j/AAAA0Izc/b+NW+x/AAAAaEbu/t/FLZ3sf/3/Pvf/d/0LNvfzmarv4/P/j9Zfef5/5/3/VUcGX1//r/9vmf5/nOf/L6H/b6X/P6z/1/8zDVPr/3P3/z5u6WT/AwAAQA9y9/8hbrH/AQAAoBm5+/8Yt9j/AAAA0Izc/X+KWzrZ//r/iT///6z6/x08/1//30f/v83rt9P/3/38Yzdd/KDrrtX/c8pB9v/5Y0H/r//X/580of7f8//1/0zE6vv/jU0f3G3/n7v/z3FLJ/sfAAAAepC7/464xf4HAACAZuTu/0vcYv8DAABAM3L3/zVu6WT/6//1/1Pp//P/12vo/4+ddf9/dLFYrKX/z6a49/7f8//1/1t5/v84/f8S+n/9v/5f/89Krb7/3/zB3fb/ufv/Frd0sv8BAACgB7n7/x635P4/tOtfugcAAAAmJnf/P+IWX/8HAACAZuTu/2fc0sn+1//r/6fS/yfP/z/1eW09///iilP77P/vWX+l/99f+v9x+v8l9P/6f/2//p+Vmlr/n7v/X3FLJ/sfAAAAepC7/864xf4HAACAZuTu/3fcYv8DAABAM3L3/ydu6WT/6/9b7f+ziNf/6/+n0v97/r/n/x8M/f84/f8S+n/9v/5f/89KTa3/z93/vwAAAP//UZdnLg==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000200)='./file0/file0\x00')
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)

1m25.244128876s ago: executing program 2 (id=386):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000d40)=@bridge_delneigh={0x34, 0x1c, 0x1, 0x2, 0x0, {0x7, 0x0, 0x0, r2, 0x3, 0x4, 0x6}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, @NDA_FDB_EXT_ATTRS={0xc, 0xe, 0x0, 0x1, [@NFEA_ACTIVITY_NOTIFY={0x5, 0x1, 0x5}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x20040051}, 0x40c0)

1m24.322016843s ago: executing program 2 (id=390):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=@ipmr_getroute={0x1c, 0x1a, 0x111, 0x70bd28, 0x25dfdbfc, {0x80, 0x10, 0x20, 0x4, 0xfe, 0x3, 0x0, 0x6, 0x1000}}, 0x1c}, 0x1, 0x0, 0x0, 0x20008084}, 0x0)

1m23.601350337s ago: executing program 33 (id=390):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=@ipmr_getroute={0x1c, 0x1a, 0x111, 0x70bd28, 0x25dfdbfc, {0x80, 0x10, 0x20, 0x4, 0xfe, 0x3, 0x0, 0x6, 0x1000}}, 0x1c}, 0x1, 0x0, 0x0, 0x20008084}, 0x0)

51.886063824s ago: executing program 7 (id=582):
unshare(0x2040600)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/time_for_children\x00')
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x67, 0x2, 0x0, 0x1, @void}}}, @IFLA_NET_NS_FD={0x8, 0x1c, r1}]}, 0x3c}}, 0x0)

51.552379108s ago: executing program 7 (id=585):
r0 = socket$kcm(0x15, 0x5, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001080)='net/netstat\x00')
read$char_usb(r1, &(0x7f0000000040)=""/4109, 0x100d)
sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f0000000080)=@rc={0xa, @none, 0xff}, 0x80, 0x0}, 0x0)

51.252480976s ago: executing program 7 (id=589):
socket$kcm(0x2, 0xa, 0x2)
socket$packet(0x11, 0x3, 0x300)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r0, &(0x7f0000000440)=[{&(0x7f0000000140)=""/187, 0xbb}], 0x1, 0xe1, 0x6)

50.902708494s ago: executing program 7 (id=592):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0xfe, 0x46c, &(0x7f0000001380)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQWamhNhBCtHvBoSLwb/wvjSS9GvWjiVe+GhBguoF7WzM4MLMtu2aXbLrCfTzLd55l5us/znZln95l5djeAvjWW/Uki/hcRv0fESJ69ucBY/nDtyvmZv6+cn0miWn3rr6RW7uqV8zNl0fL/tuSZarXIb2hS74V3I6YrlbkzRX5i6dQHE4tnz70wf2r6xNyJudNTR44cPLB7+PDUoa7EmcV1defHC7t2HH3n4hszxy6+91OSRh53NMTRLWP53m3q6W5X1mNb69LJYP2WPb/cSDc7E+ilgYjIDtdQrf+PxEBsur5tJF77rKeNA9ZUtVqtrvCqvFwF7mNJ9LoFQG+Ub/TZ9W+5rNPQ465w+eX8AiiL+1qx5FsGI80Te4Yarm+7aSwiji3/81W2xBrdhwAAqPddNv55vtn4L42H88Rw9uf/xRzKaEQ8EBHbIuLBiNgeEQ9F1Mo+EhGPdlh/4wzJreOf9NIdB9eGbPz3UjG3dfP4Ly2LjA4Uua21+IeS4/OVuf3FPtkXQxuOzydzkyvU8f2rv33Ralv9+C9bsvrLsWDRjkuDDTfoZqeXplcTc73Ln0bsHGwWfxLlNE4SETsiYucd1jH/7GDLbbePfwWtn7Zt1a8jnsmP/3I0xF9KWs5PTr54eOrQxMaozO2fKM+KW/3864U3W9W/qvi7IDv+m5ue/9fjH002RiyePXeyNl+72HkdF/74vOU1TYfn/9Gtxfk/nLxdWzFcbPhoemnpzGTEcPL6reunbjxbmS/LZ/Hv29u8/2+LG3visYjYFRG7I+Lx7KKwaPsTEfFkROxdIf4fX3nq/c7jX5+50iz+2dsd/6g//p0nBk7+8O3t498YEa2O/8Faal+xpp3Xv3YbuJp9BwAAAPeK/DPwSTp+PZ2m4+P5Z/i3x+a0srC49NzxhQ9Pz+aflR+NobS80zVSdz90srg3XOanGvIHivvGXw5squXHZxYqs70OHvrclhb9P/PnQK9bB6y5LsyjAfco/R/6l/4P/SnR/6Gv6f/Qv5r1/09alh7/Zk0bA6wr7//Qv9ro/8v5Q+tRAXBv8v4P/Uv/h77U8rvx6aq+8r/uiX+L3zO8W9pz/ycivSuacf8nBtv+MYsOEtWRvP9nazY0LdPrVyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+C8AAP//F0nluw==")
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f00000000c0)='./file0/../file0/../file0/file0\x00')
lstat(&(0x7f0000000540)='./file0/../file0/../file0\x00', &(0x7f0000000580))

50.518351927s ago: executing program 7 (id=595):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x58, r2, 0x1, 0x70bd2d, 0xffffffff, {0x1, 0x6c00000000000000}, [{{0x8, 0x1, r1}, {0xfffffffffffffd35, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xddf}}}]}}]}, 0x58}, 0x1, 0xf000, 0x0, 0x20004850}, 0x0)

49.412091183s ago: executing program 7 (id=606):
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0)
syz_usb_control_io$uac1(r0, &(0x7f0000000140)={0x14, 0x0, &(0x7f00000002c0)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000002540)=[{&(0x7f0000000540)="850de1458d7130294c628cb3b83fe7ad49aea9f4458b97436ad5c945aec5564afba3d71696f58d222a50203fa566a4d481d64bc0e048883101a5e6db1aede6b34699af3e12c6d4de029ea3b27ef2f21cbacf3a0ac202686c3cbe8c2190168f5b9dea04f77a4670cb7f97d7ea1c9156bb65c8180cb721442965185eb47878b0d944a08e2fd9d39435d3d02bac45fe9cec23cb76f1a2b4cef1b28b39a9bb4f72997449c10504abcd3171c9d499d493be6851aa909219a7e1aab4e42fdcadb5065cb2fed0ef8405de6bea6441ccd21f4d33b6e7ba515cb1ea67603a5d2c8b2a6c6fb681849fd2c49298ff402841975f5f01591766bb585bd3d1bd49d8716e4a59f5a15b8da6a29ccb2e7b8b13e853565907482a76b86014eb28f6abba4cce09136d00ac5bb72130b5fba246972ee8d626c52a4d4dde1c2026e6cf1eba05ee0de24dc4d4dec8f86b3305e4354770369f8c62707fa7fd62fe35698c62b8c39a68d6d898dd04070c1fb88414cf3867f785340be5c74129c1363e3edeff2866db3373b055c9aa22574eac8e1e245edf51fac9b1601089ea2cd4eb222972120b7572ad75756450e2892fc6f23338bb8fdc4a6e97734f50ee2f30fedf769651dcd61db882266558a00d22c72a0d5c844d4215181b4677e35807094f6607989c3a358523e14f3cf0cea3e8141eba3801a28d4dec1401d7f9bc21c949958fe67af816faa254f3a7589200da0e14e0f518afd020eee919661fe96c56365a0bf5901b0337a6fd7fc718570957347240c99ade1de55ec835eafbe35e9ce271d04bfa832c476ec5d44c3a48b4a125bcd4cb4cb3dd726a1f9cd2dc62ed97de2ab03ce8bee336d3126f52c4346e922881cb1815700282151f8742d14992a4622259dd15e62d4ecf30aebcded71e4e59698eff3fcdcc7f08f586a18a8b6be080ae33050079cd37ae104a104e9bb000b3eec1cd2590fd688f6744af6f13e5f19c03b0c0594ca56ca50c827847ca359ffb7d764d806e6d2cd91d4b3e7110c2524b2d436c11fdc6f2ef5dbcd4a7bc2b9c3e23373345e138d27146acc52e938272d9c7a9f4e2bdf200e6605dc3dcfd68eefbbb5f647f4e8cd463f4ff8339723ae185c2f810d2c665d77ca1e7e956a4ef4bc220bf4cc1633a506a5de43a197408f3be94ad9ef525098a55154ab989cda7f134e2b2f88c91e38b48c8dc3b0892a38772e306ac3cbafe36670c7b2a787efeb8c559b5c4253b143c3d1b3ce60a25495abb1e2d8564e47a15ef16cce2f9f37a479f04", 0x388}], 0x1)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f0000000080)=ANY=[])

49.015865738s ago: executing program 34 (id=606):
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0)
syz_usb_control_io$uac1(r0, &(0x7f0000000140)={0x14, 0x0, &(0x7f00000002c0)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000002540)=[{&(0x7f0000000540)="850de1458d7130294c628cb3b83fe7ad49aea9f4458b97436ad5c945aec5564afba3d71696f58d222a50203fa566a4d481d64bc0e048883101a5e6db1aede6b34699af3e12c6d4de029ea3b27ef2f21cbacf3a0ac202686c3cbe8c2190168f5b9dea04f77a4670cb7f97d7ea1c9156bb65c8180cb721442965185eb47878b0d944a08e2fd9d39435d3d02bac45fe9cec23cb76f1a2b4cef1b28b39a9bb4f72997449c10504abcd3171c9d499d493be6851aa909219a7e1aab4e42fdcadb5065cb2fed0ef8405de6bea6441ccd21f4d33b6e7ba515cb1ea67603a5d2c8b2a6c6fb681849fd2c49298ff402841975f5f01591766bb585bd3d1bd49d8716e4a59f5a15b8da6a29ccb2e7b8b13e853565907482a76b86014eb28f6abba4cce09136d00ac5bb72130b5fba246972ee8d626c52a4d4dde1c2026e6cf1eba05ee0de24dc4d4dec8f86b3305e4354770369f8c62707fa7fd62fe35698c62b8c39a68d6d898dd04070c1fb88414cf3867f785340be5c74129c1363e3edeff2866db3373b055c9aa22574eac8e1e245edf51fac9b1601089ea2cd4eb222972120b7572ad75756450e2892fc6f23338bb8fdc4a6e97734f50ee2f30fedf769651dcd61db882266558a00d22c72a0d5c844d4215181b4677e35807094f6607989c3a358523e14f3cf0cea3e8141eba3801a28d4dec1401d7f9bc21c949958fe67af816faa254f3a7589200da0e14e0f518afd020eee919661fe96c56365a0bf5901b0337a6fd7fc718570957347240c99ade1de55ec835eafbe35e9ce271d04bfa832c476ec5d44c3a48b4a125bcd4cb4cb3dd726a1f9cd2dc62ed97de2ab03ce8bee336d3126f52c4346e922881cb1815700282151f8742d14992a4622259dd15e62d4ecf30aebcded71e4e59698eff3fcdcc7f08f586a18a8b6be080ae33050079cd37ae104a104e9bb000b3eec1cd2590fd688f6744af6f13e5f19c03b0c0594ca56ca50c827847ca359ffb7d764d806e6d2cd91d4b3e7110c2524b2d436c11fdc6f2ef5dbcd4a7bc2b9c3e23373345e138d27146acc52e938272d9c7a9f4e2bdf200e6605dc3dcfd68eefbbb5f647f4e8cd463f4ff8339723ae185c2f810d2c665d77ca1e7e956a4ef4bc220bf4cc1633a506a5de43a197408f3be94ad9ef525098a55154ab989cda7f134e2b2f88c91e38b48c8dc3b0892a38772e306ac3cbafe36670c7b2a787efeb8c559b5c4253b143c3d1b3ce60a25495abb1e2d8564e47a15ef16cce2f9f37a479f04", 0x388}], 0x1)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f0000000080)=ANY=[])

7.003373814s ago: executing program 6 (id=941):
r0 = memfd_create(&(0x7f0000000300)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2A7:n\x8c\xa7P\x1a\x87\xd9c\xecR\xd6\xe8\xf3Y\x12\"p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x19M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xff\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\bB\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fl\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \x90\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2o\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xff\x0f\x00\x00\x00\x00\x00\x00Li\r\x95Z\x89\"_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa5\xed\x05\x12\x0f\x0eu\xe5 \xfe\xcdMX\xb5X\x838\xf5\x18x\xc9\xb9\x03\t\x06\x96g\x8a5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0\x1f\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b)\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca\x00\x00\x00\x00\x00\x03\xfcWZ!<\x16a5ZL.\xe6\x15]\xebY\xaa\xbea\x8e\xdc\xc52r\"\xea\x9e\x03\x11&\xc3JU\xa7\xd6\x8a\xf8\xae>S\xde', 0x0)
write(r0, &(0x7f0000000140)='/', 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x100000c, 0x11, r0, 0x0)
openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000002fc0)={0x0, 0x0, 0x21}, 0x18)

6.802853665s ago: executing program 6 (id=943):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180))
munmap(&(0x7f0000ff7000/0x4000)=nil, 0x4000)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ff8000/0x3000)=nil, 0x3000}, 0x6})

6.540590711s ago: executing program 6 (id=947):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, 0xffffffffffffffff)

6.339121588s ago: executing program 6 (id=950):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000400000009"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xd, 0x5, 0x4, 0x1, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r1}, &(0x7f0000000840), &(0x7f0000000880)=r0}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e80)={r1, &(0x7f0000000240)="b384", 0x0}, 0x20)

6.067180697s ago: executing program 6 (id=954):
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x200414, &(0x7f0000000400)=ANY=[@ANYRES16], 0xff, 0x5aab, &(0x7f0000006400)="$eJzs3X+QHNV9IPDXM7Pa2V39WAkcZDCrRUYJwbG14lf5RyqWc4mdAoeSyynH4mTDAisiWxIq/Qggk1jkwGcd2GWnyCU4+YNQmDuM4uIKEqNQJvw4ibOxVSQOdYWps++w//AV4VAFUKiUj03tTL/Zmd7p7dnZWUnA51PS9vSbN9/37e43Pf3ezO4EAAAA3hIO37Lr2KWn/+Z3/2ji1c//1t9uuykMlWvl1VhhOF1ef6Iy5Hjqr6ysLbP94pc+942fjl7169+5f/Drrx26+qzNP/yNU656+DMXH7zjzx97ZcmDrz9fFDf2p3On15MXkxCq3z76J1849NRpU2XJ0qmfpX0hLE9WPLY8aY3wL3/fyDGEsDIT/4FXz988tbzp1v6W8mWZevr7W9vUcZ7qWHuPXfeu8KMPbbz5+6u++Vd9B17YN10lqTb1pxCWXtH8+L4QwkD6P6R9MTT1x9hpN4QQBpse996CvN7ZYf5rc9bPSJeL0uVQQZx4/+rMeilTL7se9WWWgwXtzVdeHt3Uqz3jV/z1rHUWZ9aTDtvvVF6esXx5uvxWujx3jvHL6TaUk1BKQqWR/tZkuo+EpuOWhKR2LKuN9VLj2IZ0+zPrSWa9lFkv92W2q9Zu2tHKSdJaHutlyuPpuJKWn9V8rm7j4znlb0+X1fSJ+lpcD9kbdUMzbjS2qybmdXSWXI6HUtM5qF1548CnB2MoLRtKVsx4zGQb8b5DG29bU970+OHh9mk0mhmq9aS5x9/7veWLP33f/j3Z1/VGA1eU0vilruL/+JIjL122/66v5cb/Soxf7ir+eY8MvnjJE7esztk/ITmapPErs8evtDYW7xt//skvrTr1ygO5+d8Z41e7yn/9wSP9S4498mhu/mNx/wx0Ff+5D3z4J/c+89ALufFDjD/YVfxNB3d8uX/k2Dm58R+N+2eou/7z8oGLnh0Z+dloXvynY/wlXcW/Z98d77972a0X5x7fDXH/DHcV/6NnP3zz4mMPnZl37kzu7PQVFoB2Tkmvsb6Yrnc7zpyvpvHCn41W6hdoi9P/S3rZUObic6qdpb2MDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhLe963985P98YvjFSrren954rlRfxvJFISQDIYRdu8d37t6y/ZrRz1y7Z+f28a2j47tHJ7bv3nnD6AW/MrpzYsfW8Rum7h179/n1x60ISX2ZnDmj7YEwOVkabi2L7f27sw/8aM17/+8/hTD2th+MVHLzX3vHtrtPbfMzI1k/+cFtey79wYV/mW7XcJrXcJu8JicnJ0NOXv/vkz+/+4+P/vScEMZ+Yba8nnzu1/6ukVA1FkzHSZX6Qz2h/mSwbR6NrNN84v6qbN6ydWJs9v079fhyznb8+8+98K+br//qz+v7t5q7HR3u34H1k1tLf7rxo///T2+sFxTldaKOe9H+jlsR84v7r5ru76Xpdi3N2a5Kznbd8v1Hn/n26fvzd3TBdvWlHaAveXtH7catG0yWt5RX0/oxkfi4tbu37Vi764a9796ybfyaiWsmtr9v3QXrLhq78KIL19a2fG1vtv+VfWGs8vKqwRDb/8UOt78X/Wkg++yb0e6y39/3rfizs/7UmteiOe+PqbyK90dzRnnPv8GPf+H2993xxKX1gqJ+Hms3zifpcnDqOK8LTf1t5r5qt11FxyeEMNpuP7z0ysXhtP+55eai81DzkWn+mZGsn3xq9T//5Xv/YuWv1guOy3m+OaEuz/ONrKfzqe2vano8Jk/S/dsfyul2DbXNa91TT/Tddvif/qCR36JF4frx3bt3rqv/XJxmujg5o21e2dK4XatqP8sh3S2h0U3b9NcpfaGeX/b8GaufmWljKL1vKFnRdruy4n2HNt62przp8cN5ezq5v97iQFhSXybvyKm5NfPAciPhdu2frM+/ov4x8pG/ePATD/7NBTP6x3n1n0XbleRs1zefuef2r3/1P/5N77brI792ZPif/9fvrakXnPTnlXI9kUbWaT5J83nlvBCKnn+rQvvtaDz//nM5xk0zar89Rc+/bDvT9dvHG82sD4VyV8/X8x4ZfPGSJ25Znft8PTrb87V5Y29seVy54Pl6svSf7PMrqbTmsXDPr5aOkqyf/M4XT9n32Oc3nF4vKHq9bNRu16/P72D80X674gXcP/buvPGNX3ng8h+Or//DekH3xz3m0pvjXk33bzVn/zayjuPO5v37nquu3Xp1vbxoP5+46990WTD+iaeSXTfs/ez41q0TO3d1tl2dvp7GdrJ7udvX03h2W1GwXaUZ27VwNzrZXznPt/B3lz07cu3of/jH7P66uuv91fp8GwpJV68Le7+3fPGn79u/Z3jGo9KGriil8Utdxf/xJUdeumz/XV/Ljf+VGL/SVfzx55/80qpTrzyQG//OJI1f7Sr++oNH+pcce+TR3PhjMf+BruI/94EP/+TeZx56ITd+iPGHutv/Lx+46NmRkZ/lxn86SduZukYK4YFXz99cX09CX/p8i3n0teQVsutJZr2UWS83r5fii1DaQDlJWstT8fZZTbm087s55fEqrLqyvnwtrofsjdnLTzalpnN/u/Ki61QAgDe7+P5/vAaN7/9PpBdK+TMNMG2+47CVOXHjOGx6Pqf1PdaVafz4+DgPOPKeMDa1vGm0fqE/1/cR4vMhO88Z2znnna0xCuc5J2vtz5jnLJp/X51Zj3nV58srTePQ1MxxTSV0MP++OhOmaP49s/nF72eNfnFGWqNN81bZ49eXzpi1+7xDaN0vlakIef0jOy8WP88xsjRsqLXXYf/Ifo4mHofs52hiO6dnTpzdfo4mr38Mz9wPLXnF/hHrzdI/aikXvx858/iFWfbv9PFrHy17/OZwvKsh/Le74spCvT/bg3nDtqe0TuYN+9u0EO/rfN5wYd8PMy+ZEz99gnUwb/j6spbHHZ95w1KmPG5HJS0vmk/8RE55r+YT4+ki5nV0llyOB/OJwJtVHP/H14ip8f/UBfi/ZOoVjVOyV40xXu7n9Mrt8ykad2SvzofCYFev45sO7vhy/8ixc3Kvcx7t9HN6O1rWBgs+91O0H9dk1gv3Y84ETdF4L9tO0X7Pfi5jKCzpar/fs++O99+97NaLc/f7hvoLafF+v71lbUnBfl/oz3N2PV7oO1k+Z2C80Db+G+RzDEXzZyfscwzpB58WajzyOznlcx2PDM640diumpN3PDL9QtrfOoEHANBWHP833j9Lx///O1ZIryOKxq3nZtZjvNxxa871Sd649bfT5fWZ+kPpb1TM9br5o2c/fPPiYw+dmTtuubPTceh/bVkbLhyHzm/cnDuO2NCbz4vnjiMa46z5jRNz82+ME+c3Ts95m7ZpnD6/cXTu/mmMo1vnAW4/0ln8+L5hbvzGPEAPx7mvT1c6fuPcgvm6TGNxtdP5uhMyjl7aup0LMo5Of312ocbRH88pn+s4emjGjcZ21Zy84+jWcuNoAODNKo7/42VcHP8/kak33/fZc8cFPbpuz/49kEb8pxdkXDkdv0efFy0e9y30uDVvXJ/sa9dKvLfzcf1Cz0u80d//Xeh5oeHaH/BM469b2mH8TufJTtj7yyfLuDht1LgYAICTWRz/D6Tr+eP/+Y1PZozf+uqXkNPjkzfe+Ly53okbn/fqfXfj87bxO33fOif+yTP/tbCfk3nLj//jero6afwPAMBJKI7/4689xr//99/T9ezfrV/4cfpc40+ml6QL9D56uj+M043Twyzj9A/m/L5HvL/zcXqP59li/ObPAZgHOL6fjx+Yrm8eAACAE6GvNlKa+Xv2n0qX2d+zz/u9/Mty6td08DdRK+nl8ZW7d05MXL5nx9Xjuycu337t1RO7Lr9u55bduye21+vNd9yYO25Jk+wLlXR/tK+XHbctSycGluX8PYRs/Rj2jNqNmX8PIdvsQMHfEZg+fp3lm3f8SrPUb9c/8o53XvzfzakfNY7/Vb933uWbd12+ZfuW3VvGt27ZO9EafWpHDM7hezOT9P+cvi/1yef+0+EQ6rdq35qZUZr793fGwzPHPFp+zHgilab2SJJ7/KfySDJ5LE8zWZ73/Qc5eX/37//498+e/Pm9IYy9rfyOuebdGnL95F9/cuK3dx/+wY6p/Euz5t+omeZV9H2l2fpxeypbr921+12br92zPfuNkt2J8xmlxvoCzWekT/9yh/MTm3LK5/r7++UZN05OHc9PTPnQlccvMQCAk1x8/z9ez8b3D7+aXkDF8s7H6fULx27fP84dp491Nk7Pfi9Z0Tg9Wz9ub6fj9Oo8x+nZ9vPH6QO59duN0/PG3Xnxfyen/lx13k+6+H2MOPy8b/+e3H5yRbafDLStl/0+g6J+kq0/136SzLOfZNsvms9pV79dP8k77nnxP5ZTP09Rf6g0+sP8fn8mtz98pbPzxi9n1ov6Q7b+XPtDaZ79Idt+UX9oV79df8g7vnnxL82p36nW/jHVMWr9YuLy667d+dmmegv9/Rdh5kcyOslv0fRj5/19ge3zu2J+XyzW+f5d2M99zT//ENbXSvLyX9jPlc0//6L9P4ff/1oaZnyuLDf/p3NOID3Pf2G/3yUjr/rMxx+v+dr0TFD0+bOiedyNOeVzncddNOPGyWlO87hAT8Xxf3y7J47/b02XvX4baKGvkxb+e9J8j1nb+D36HrOi65i33Ot59i13r+cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb3z9IfRXVtZuHr5l17FLT//N7/7RxKuf/62/3XbTL33uGz8dverXv3P/4NdfO3T1WZt/+BunXPXwZy4+eMefP/bKkgdff74w9nDtZ+XcdLUaQvJiEkL120f/5AuHnjptqiwJIZST4X0hLE9WPLY8yUQY+9cQwtUx1UrrnQ+8ev7mqeVNt/a3lC/LBMluVxgqx3ya8wzh+sIt4g2omvazvceue1f40Yc23vz9Vd/8q74DL+ybrpJUm/pTCEuvaH58XwhhIP0f6k+ZmpXxwelyQwhhsOlx7y3I650d5r82Z/2MdLkoXQ4VxIn3r86slzL1sutRX2Y5WNDefOXl0W29Iosz69mT0Xzl5RnLl6fLb6XLc+cYvxz/J6GUhEoj/a3JdB8JTcctCUntWFYb66XGsQ3p9mfWk8x6KbNe7stsV63dtKOVk6S1PNbLlMfTcSUtP6v5XN3Gx3PK354uq+kT9bW4HrI36oZm3GhsV03M6+gsuaT+S3GV7pWazkHtyhsHPj0YQ2nZULJixmMm24j3Hdp425rypscPD+fkkdyfpPGTruLv/d7yxZ++b/+elXnxryil8Utdxf/xJUdeumz/XV/Ljf+VGL/cVfzzHhl88ZInblmdu3+Oxv1T6Sr++PNPfmnVqVceyM3/zhi/2lX89QeP9C859sijufmPxf0z0FX85z7w4Z/c+8xDL+TGDzH+YFfxNx3c8eX+kWPn5MZ/NO6foe76z8sHLnp2ZORno3nxn47xl3QV/559d7z/7mW3Xpx7fDfE/TPcVfyPnv3wzYuPPXRm3rkzubNXr5wAb02npNdYX0zXux1nzlfTeOHPRiv1a77F6f8lvWwoY6qdpQsYHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAN6d/uPGCT33ygx/bWElCSHLqTLYR7ysvWr9+tIt2x59/8kurTr3yQHPZyvZV+7sIDwAAADSJ4/BSo6QaVobrkoFwRtv6cY7gjLiWtJZnlzFO0xxB31zihEycUpt8Sl3EKXe5Xdk4lR7F6etRnEU9ipOddJlznIHQVjZONXSWTzZcc5zKVA/ocLsGZ82n8zhDPYqzuEdxlvQoztIexVnWozjDs8bpvD8v71GcFT2Kc0qP4pw6I87F1ZaoHcZ5W4/y+YUexTmtR3Gyc8pz7YdL0pqn58Wp3SgXxqkk5cYd7ebTT0vbOXOe7QzN2k51csnM1+Ou2hko2J7YzjszjysVt7OvuX61w3Z+ce7ttG5/h+388jzbKRW0E/vt9dn8YjtxrcP+f0OP4uztUZzP9SjOjT2K8wdzidPmPbIY5w97lM/n5xkHoFNx/D893hsO/ZVfDYPpGSc7CxDHu6tqP2e+3uWdkGK8d2TKFxXFyw7UM/FWzTW/7ARCJt7qTLS+lniVxnhklnjV5nhrMnfOtr0fWN8+t+Z452bK+2eJV5OdWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACABfQPN17wqU9+8GMbQxKm/rU12Ua8r7xo/frRLto9tPG2NeVNjx9uLuuvdBEIAAAAKBTH4X2Nkmror6wL/cmilnrVdB6gmq6Xh+vLkaVhw9QyGS3V1geT5bM+rpI+bu3ubTvW7rph77u3bBu/ZuKaie3vW3fBuovGLrzowrWbt2ydGKv/DKG/IF4IoTb9sOuGvZ8d37p1YueuemE2/5Xp41bWkq39qz1u5D1hbGp5U5r/ioL2SjPaW7gbHR1AAAAAAIB/Y9d+QyWryweAP2dm7sx4dX/OD/+Ni3sd1lWsrNSuoSXeA0GCfxYvQsy1brLkStLVXXRXzCZdSE0pAmVh2fBFGyZp0hv/pET+YcEwS+huEirli3pRaBkqvghl4t6ZM3dm7oxzG8Rdt8/nxTlnnu/z/T7ne15ceM49AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CFabEzP12dm5yaTiGRITnOAbCxfTNPaGHW/8sT2H5Sm3jm9O1YqjLEQAAAAMFLWh090IuUoFfKRjxOXf22MroFY6fsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/PYuN6fn6zOzckUlEMiSnOUA2li+maW2Muq++9dBnX5qa+lt3rDrGOgAAAMBoWR+e60TKUY1TYiI5canz70SzdwPr++a38lZk62xYY17/u4NheaesMe+0NeZ9bETe5vb5pgAAAICPvqz/L3QilSgV1q3qh7P+f1Rfn+Wd3JeXb5/X/q1Acc2ZAAAAwPvL+v9SJ1KNUqHa6dfX2u9v7MvL5o/6v302/9Qh80f9P//S9tn/6QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgo2OxMT1fn5mdyycRyZCc5gDZWL6YprUx6p795OQ/Lt5/+8buWKkwxkIAAADASFkfvtJ6l6NUmIyJOHK575+68N5HvvTIY9MR0Wrzi8W4acuOHdef3TpmeWc9v3/i+8++/u1VeWe1jgdtgwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAdmsTE9X5+ZnTsiiUiG5DQHyMbyxTStjVH3lc9/8S8PvPj4a92x6hjrAAAAAKNlffhK71+OahSjGMcv/+ru9Zfk+uYPe2cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD5u+ObN39iysLD1ehcH56KZjzgEbsOFi96Lg/2XCQAA+KCdHEk0/0snXHaw7xoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgULDam5+szs3PlJCIZktNsNnctHbplY/limtbGqJs+8UJp3TtPPt0dq46xDgAAADBa1oev9P7lqMZETMRxy78GvRNY7v8rH+JNAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIeUxcb0fH1mdm5dEpEMyWkOkI3li2laG6Pu/bv2fu6+o793UXesVBhjIQAAAGCkrA8vdiLlKBU+HqU4qf17oXdCkm+fB78XWJm3vWfa5JrnNbpmFSO/5nl39u2s0N5Na165Hc1XWufOvNrKvFx7Xq1rXjU65WudecsPa3dPtXUj7nPQswcAAIAPS9b/lzqRSpQKpa7+/6c9+RV9LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwxGJjer4+MzuXJBHJkJzmANlYvpimtTHq3vzb/z/qqz+7a2d3rDrGOgAAAMBoWR++0vuXoxob4v9iw3LfH5Xe/Czvn/V377vnX389PeLM4w9MFfqX/VF28etXLniq/xCR683ORRzdrpcMqfeb399z46bmuw9EnHlc/qRV9eL96/UumTYfrW+9dMezB7aPeDgAAABwmMj6/4lOpBKlwnVD+/+s8x7R/3csN+BH37jrF8e2j+2OvG9GrtKulxtS7wubHvrzqef+/fWl/n91vU92rj6999r7ju0p2Ir0SdLmzLU7Nx84Z18u23Wrfr6vfvZcvvyt1/599U13v9uqX45yO76+71Za1VYf+8pH2lzI7Zm75L09jd76hSH7v/13T7/4q/V3vb1U/62TJzv1T4tB9Vs7LwytH0ekzcnL79h93t79m3vrR0RtUP033r4oTvjjNbf173+yb+HuJ9997H8AafP5jW/uO/fe6vm99ZO++tnz//mL9+/+yd3ffSyrn30rcvopa62f66v/3J3H7Hrm1svW99bPDdn/U1e8NLWt9p0/9O//qp5VC0PvIqLn+5okbT54xsNXvrwlvaX/0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABxeFhvT8/WZ2blcEpEMyWkOkI3li2laG6Puqxe/8MYVd/34h92x6hjrAAAAAKNlffhK71+OahSjGJPLff+j9a2X7nj2wPaotEaT9rmwsO2GHZ+4etvO6646SHcOAAAArNWrFyfL/X+hE6lEqbApJtr9/8y1OzcfOGdfLuv/c0vnJCKuvmZh65nRyXvuzmN2PXPrZes77wkilj8LKC/lfWYl78ILXqi8+aevnzow7+yVvOc3vrnv3Hur52d50Z13VnTeTzx4xsNXvrwlvaVzf915n/ratoX264ls3cnL79h93t79m3PZe4z2ebK9bpa3kNszd8l7exq5SpSWxvPtvHJ73wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAaouN6fn6zOxc5COSITnNbu1ANpYvpmltjLqXbPrlbUe98/iG7lipMMZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/YQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgr79RciVdnHAfx5Zmbfnd3Z1V19oa1oXa0o7EIpiKibiorQCKErQ8LSvIiCIKKwi9bQSKzoJsi6kaig2kIwyE0SLdbon3TTRQUF1kUg0kLtIl1k7MxzxtnjnEZnK5A+HxiefZ5zzvf8znmeObMHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA80pvZaTeHtnxyOydF9362VP3zzx5+wcPbbviibd+Gtt086d7+18/ObV5+ZZvb1m66cADayZ3v3L4t8H3/jjWMfjxRrMydashxBMxhOqH0y8+PfX5BXNjMYRQjkPjIQzHJYeHYy5h9e8hhM3NOudv3DdzzZa5dtuu3nnji3Mh+esKtXJWT8PQ/HpbncqHcd6ppnW2dfaxq8L3N63f/uWyd9/pmTg+fnqXOLdPOa2nEBZtbD2+J4TQlz5zstU2kh2c2nUhhP6W467rUNelZ1n/qoL+xan9X2prHXKy7Sty/VJuv3w/05Nr+zucb6GK6uh2v04Gcv38w2ihmnWuaj8+nNr3U7vyHPPL2SeGUgyVZvkPxtNrJLTMWwyxPpfVZr+UzW0lpOvvaTkuhhBz/VKuX+7JXVf9vGmhlWOcP57tlxvPHseVNL689Vndxl0F4xemtpq+qCezfsj/0VA744/mddVldU3/RS3/hlLLM6jdeHPi02TU0lgtLjnjmFNtZNum1j97eXnDR0eGCuqIe2PKj13lb/1ieOCet3c+OlKUv7GU8ktd5f+w9ugvd+989eXC/Bey/HJX+Vcf7D+x9uMdKwrvz3R2fypnlR9TP9t277FPnlv2//sm2s11PX9Pll/tqv4bJ4/2Ds4ePFRY/+rs/vR1lf/dDbf9+ObX+48X5ocsv7+r/A2TDz/fOzp7ZWH+ocZXoVZfoV2sn18nrv1mdPTnsaL8r7L7P9gmP3bMf2N89/WvLd61pnB9rsvuz1DK7zun+u+47MD2gdn9lxQ9O+Oev+uXE+C/aWn6H+uZ1O/0nrlvptT2PXOhWt4XXhqrNH6BBtKn07vhQsydZ9E/mA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7IDByQAAAAAgv6/bkegAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBTAQAA///TUhBx")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
fallocate(r0, 0x20, 0x4000, 0x8000)

3.902646698s ago: executing program 0 (id=973):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f00000000c0), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0xc4c85513, &(0x7f0000000040)={0xb})
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0xc1105511, &(0x7f0000000040))

3.542259295s ago: executing program 1 (id=975):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000240)={@local, @dev, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x3, 0x0, 0x58, 0x0, 0x0, 0xff, 0x2f, 0x0, @rand_addr=0x64010100, @local}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x88a8}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x8}}}}}}}}, 0x0)

3.413297089s ago: executing program 5 (id=976):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0xa8500, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0x1)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

3.341203708s ago: executing program 0 (id=978):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x44, r1, 0x511, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0xd}, @NL80211_ATTR_PMKID={0x14, 0x55, '\x00\x00\x00\x00\x00\x00\b\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0xf56a418c50f17994}, 0x800)

3.080326691s ago: executing program 1 (id=981):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000240)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB='b *:', @ANYRESDEC=0x0], 0x9)

3.078208863s ago: executing program 0 (id=982):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000080)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="00000100000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000440)={0x10, &(0x7f0000000240)={0x40, 0x0, 0x2, '8N'}, 0x0, 0x0})

2.982785289s ago: executing program 6 (id=983):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000008dc0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000008a40)="7c72bf03f7", 0x5}, {&(0x7f0000000180)="14488e48a13e64ccb3ef5cdce0337a169f6b812f93f0de79e38c14b8d4f22db62014aec1ad76fa7de8b86b4ed290311fa546750fbc75175cbe82b5", 0x3b}], 0x2}, 0x0)

2.962579486s ago: executing program 5 (id=984):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001840)=@newtaction={0x18, 0x30, 0x25, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)

2.948724122s ago: executing program 1 (id=985):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000b80)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x40000, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000340)='P', 0x1}], 0x1}}, {{&(0x7f0000000140)={0xa, 0x4e21, 0xd7d, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, 0x1}, 0x1c, &(0x7f0000000ac0)=[{&(0x7f00000004c0)='w', 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r0, 0x1)
setsockopt(r0, 0x84, 0x7d, &(0x7f00000002c0)="1af3050000f2bd5b", 0x8)

2.889911554s ago: executing program 8 (id=986):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000003000)=@abs={0x1, 0x0, 0x4e21}, 0x11)
r1 = socket$kcm(0x10, 0x100000000002, 0x4)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af05e6bc8b382b89e30f180b1dd700d41d5c0200883795c04a31ba377a1b2fc32b38d3", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)

2.686220724s ago: executing program 5 (id=988):
r0 = socket$inet(0x2, 0x2, 0x73)
setsockopt$inet_int(r0, 0x0, 0x2, &(0x7f0000000000)=0xb2, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
sendmmsg$sock(r0, &(0x7f0000001740)=[{{&(0x7f0000000140)=@nl=@unspec, 0x80, 0x0}}], 0x1, 0x0)

2.654664051s ago: executing program 1 (id=989):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000440)=ANY=[], 0x83, 0x1501, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2.634839755s ago: executing program 8 (id=990):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
sendfile(r0, r1, 0x0, 0xffffffff004)

2.582912361s ago: executing program 5 (id=991):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="2e003300d0000f00ffffffffffff08021100000050505050505030000f"], 0x4c}, 0x1, 0x0, 0x0, 0x4841}, 0x0)

2.51259714s ago: executing program 5 (id=993):
syz_mount_image$jfs(&(0x7f0000000180), &(0x7f0000000140)='./file2\x00', 0x0, &(0x7f0000000000)=ANY=[], 0xfd, 0x609c, &(0x7f0000011b00)="$eJzs3UuPHFfZB/CnL9NzyRvbil5ZxmLhOBASQny3IdzisGABSCAhr7E1mUQGB5BtEIksPJEXiAWXjwCbbFjki4Qda8QHwJLNKhKEQjVzjl3d0zM9jme6uuf8flK76ulT1X3K/6np7qmqPgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxHe+/cOznYi4+st0x5GI/4teRDdiua5PRD1zOS/fj4hjG0tFHI2I3mJEvf7GP4cjLkTER4ciHjy8s1rffW6X/bh45vbNT777rb//5g/3jv34zR99MNr+g/8//+Fv70Yc+f5rH35yd082HQAAAIpRVVXVSR/zj6fP9922OwUATEV+/a+SfL9arVar97T+fXe2+qMutG6qxrvbLCJivblO/Z7B4XgAmDPr8XHbXaBF8i9aPyKeabsTwEzrtN0B9sWDh3dWOynfTvP14MRme/475VD+651H13dsN51k9ByTaf183YtePLdNf5an1IdZkvPvjuZ/dbN9kJbb7/ynZbv8B5EuaipMzr83mv+Iofz/GBFzm393bP6lyvn3nyT/9d4c7//yBwAAAADg4Mt//z/S8vHfxafflF3Z6fjviSn1AQAAAAAAAAD22qcc/2/jePnR5gMZ/w8AAABmVv1ZvfanQ4/v60T87fCYZeuP+Fc6Ec+OLA8UJl0ss9J2PwAAAAAAAAAAAACgJP3Nc3ivdCIWIuLZlZWqqupb02j9pJ52/XlX+vZDydr+JQ8AAJs+OpSu5b+/tHlHJ6Keu5K+629hZWWlqpaWV6qVankxv58dLC5Vy43PtXla37c42MUb4v6gqh9sqbFe06TPy5PaRx+vfq5B1dtFx6aj7dQBKN3mq9EDr0gHTFUdjrbf5TAf7P8Hj/2f3Wj75xQAAADYf1VVVZ30dd7H0zH/btudAgCmYSm//o8eF1Cr1Wq1Wn3w6qZqvLvNIiLWm+vU7xkMxw8Ac2Y9Pm67C7RI/kXrR8SxtjsBzLRO2x1gXzx4eGe1k/LtNF8P0vju+VyQofzXOxvr5fXHTScZPcdkWj9f96IXz23Tn6NT6sMsyfl3R/O/utk+SMvtd/7Tsl3+9XYeaaE/bcv590bzH3Fw8u+Ozb9UOf/+E+Xfkz8AAAAAAMyw/Pf/I47/5k0GAAAAAAAAgLnz4OGd1Xzdaz7+/9kxy3Wac67/PDBy/p1d5+/634Mk598dzX/khJxeY/7+G4/z/9fDO6sf3P7nZ/J05vNf6A3q517odHv9dM5PtfBWXI8bsRZntizfH2o/u6V9Yaj93IT281vaB3X7cm4/Favxs7gRbz5qX5xwYtTShPZqQnvOv2f/L1LOv9+41fmvpPbOyLR2//3ulv2+OR33PJf/8p8Xt+5de20wcYl70Xu0bU319p3clz7tbOP/5JlB/OLW2s1Tv7p2+/bNs5EmQ/eeizTZYzn/hXTL+b/0wmZ7/r3f3F/vvz944vxnxb3ob5v/C435entfnnLf2pDzH6Rbzj+/Ao3f/+c5/+33/1da6A8AAAAAAAAAAAAAAADspKqqjUtEL0fEpXT9T1vXZgIAU/W776WZKgm1Wq1Wq9V7VfdnrD9DqvFebxaxNLzOpYj49bgHAwBm2X8j4h9td4LWyL9g+fv+6unn2u4MMFW33n3vJ9du3Fi7eavtngAAAAAAAAAAn1Ye//NEY/znjfOARsaNHhr/9Y04Mbfjf3YHvY2xztMGPR87j/99MnYe/7s/4fkWJrRPGrF4cUL70oT2sRd6NOT8n08Z5/yPpw0rafzXl1roT9ty/ifTWM85/y+MLNfMv/rzPOffHcr/9O13fn761rvvvXr9nWtvr7299tOzZy5dOH/xwvmLF0+/df3G2pnNf1vs8f7K+eexr50HWpacf85c/mXJ+X8+1fIvS87/xVTLvyw5//x+T/5lyfnnzz7yL0vO/+VUy78sOf8vplr+Zcn5v5Jq+Zcl5/+lVMu/LDn/V1Mt/7Lk/E+lWv5lyfmfTrX8y5Lzz0e45F+WnH8+s0H+Zcn5n0u1/MuS8z+favmXJed/IdXyL0vO/2Kq5V+WnP+lVMu/LDn/L6da/mXJ+X8l1fIvS87/tVTLvyw5/6+mWv5lyfl/LdXyL0vO/+upln9Zcv7fSLX8y5Lz/2aq5V+WnP/rqZZ/WR5//7+ZKc/8+68RM9CN/ZipqqqagW6YeYqZtn8zAQAAAAAAAAAAAACjpnE6cdvbCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9iBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuN0aOs74D+Nw/++wE4pIQQjDk7DjBkIvvzv8SE0wcIDQNLU0DodCGOsY+Owb/q8+GJIqaS5O2QURqpPZF+qIUEEVIbZUIIZVKKYpUpPZd8woUVUKtlBeWmlQmgla0JFfNzvM8t7u3t3u27+zZmc8nin++29nd52Zn9+571ncHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLbhI9N/MpBlWf5/4491WXZ5/vc12Z78w9mdl3qFAAAAwIV6o/Hn316RPrFnCVdq2uaf3/Ov35ubm5vLPv/6mTf/bG4uXTCWZUOrs6xxWfQvv/j5XPM2wRPZ6MBg08eDPe5+qMflwz0uH+lx+aoel6/ucfloj8sX7IAF1hS/j2nc2KbGX9cVuzS7KhtpXLapw7WeGFg9OBh/l9Mw0LjO3MjB7HB2JJvOJhdcZ6DxX5a9sCG/r7uyeF+DTfe1Psuysz99dH9cw0DYx5uyljtraH7sXrsjG3v9p4/u//apV9/ZafbcDQtWmmWbN+brfDLL5n9dlQ1kq9M+iescbFrn+g7rHGpZ50Djevnf29d5donrjF/3aFjnS13WuT587qHrsyybzRbdpt0T2WC2tu1e0/4eLY6I/Dbyh/Jt2fA5HScblnCc5Nd55frW46T9mIz7f0PYJ8OLrKH54Xjt8VUL9vv5Hif5V12GYzW/7XvyOx0dbf7Vasuxmm/z6A2LHwMdH7sOx0A6lpuOgY29joHBVUONY2Bwfs0bW46BqQXXGcwGGvd15obux8DEqaMnJmYefuTmw0f3HZo+NH1sanLn9m07tm/bsWPi4OEj05PFn+e2S/vI2mwwHYMbw2tNPAbf27Zt8yE5943lex6MluR5kH/tn7oxX9Dlg9kix3i+zZObL/x5kL7vNz0PhpueBx1fUzs8D4aX8DzItzm7eWnfM4eb/u+0hpV6LVzXdAxcyu+H+X3e/77FXwvXh3U99f5z/X44tOAYiF/WQHju5Z9JP++N3hr2y8Lj4tr8gstWZadnpk9ueWjfqVMnp7IwLoormx6r9uNlbdPXlC04XgbP+XjZ8ze/vPHaDp9fF/bV6E3dH6t8m+3j3R+rxqt76/5clRX7s+WzW7MwltnF3p+dvpvl+zNliS77M9/myZsv/GfBlEuaXv9Ger3+DY0MF69/Q2lvjLS8/i18aIYaK8uyszcv7fVvJPx/sV//rirJ61++r+7f0v0YyLd5auJcj4Hhrq9/14c5ENbzvpAYRpty/5uNy2eLw7Tpsex53AwPj4TjZjjeY+txs23BdfJby+978+T5HTebr299rFp+bqngcZPvqz+f7H7c5Nu8OHXhrx1r4l+bXjtW9ToGRoZW5esdSQdB8Xo3tyYeA1uy/dnx7Eh2IF0nf5Tz+xrfurRjYFX4/2K/dlxTkmMg31fPbu1+DOTb/HDb8v7stDl8Jm3T9LNT++8XFsv81w7P3177blvuzJ+v86M/+kT6XKcMkW/z6vZzzRnd99NN4TOXddhP7c+fxY7pA9nF2U/XhHUe2dH9d1P5NlftXOLxtCfLspenXm78viv8fve7p3/0vZbf+3b6nfLLUy/fPXHvj89l/QAAnL83G3/Orip+1mz6F+ul/Ps/AAAA0Bdi7h8MM5H/AQAAoDJi7h8KM5H/AQAAoDJi7h8OM6lJ/n/w1l3PvfFYlt4NcC6Il8fdcM+Hiu1ix3s2fDw2Ny///Ie/NfLcVx5b2n0PZln2y7vf1XH7Bz8U11U4Edf5gdbPL3DNdUu6/wfum9+u+f0Tzu4qbj9+PUs9DGJX+YWJrY3bHXt4qjFfvDtrzHtnn3qiuP3i47j9mW3F9n8Z3rRkz8GBlutvDuvZFOZYeE+Ze/bM74d8xus9t/49/3Tlp+fvL15vYONbG1/ms39Q3G58j6hnriy2j1/3Yuv/x69+57l8+4du6Lz+xwY7r/9MuN1XwvzF7mL75n3+lab1/1FYf7y/eL0t3/xBx/U//45i++fDcfH1MNvXf8efvvuNTo9XvJ89txXXi/c/+d/bG9eLtxdvv339o49NteyP9tt/8fXidnZ/6WdDzdvHz8f7iR64rfX4HgiPb0uPPMuy7/xx1rKfsw8W1/uHtvXH2ztxW+f139S2zhMD1zWuP//1rGv5ur7211s7fr1xPXv+bl3L1/PMnWH/vT7xw/x2z9wbjsdw+f++VNxe+3uZPn9n6+tN3P7r64rnbby9ibb1P9O2/tnr8n3Xe/13vV6s//nbV7esf8/HwvF0VzF7rf/QX13Rcv1vfLt4PE5+efzY8ZnThw807dXm5/Hq0TVrL7v8LW+9IryWtn+89/ipB6dPjk2OTWbZWB++ZeBKr/+bYf5XMWaX/x4KP/5Zcdw9/fHi+9Z7f158/Ez4/APh8YzfH7/2FyMtx2v74z57ezEvdP3vD+tYqnd89T+uW9KGZz73wum//8NX238uiF/PibePNr6+Zzdc3bhs4MXi8vbXq17+/e2tz+ufDE825vfDfp0L78y88eri/tpvP743ydOfLJ6/8Se5eP2s7f1E1g21fh0Xuv6fhJ9jfnBN6+tfPD6+/1jbuzmvywbyJcyG14dstrg8bhX399Nnr+54f/F9eLLZd57LMhc18/DMxJHDx04/NHFqeubUxMzDj+w9evz0sVN7G+9duvcLva4///xe23h+H5jeuT1rPNuPF2OFXer1n7hv/4FbJm88MH1w3+mDp+47MX3y0P6Zmf3TB2Zu3Hfw4PSXe13/8IHdU1t3bbtl6/ihwwd237pr17Zd44ePHc+XUSyqh52TXxw/dnJv4yozu7fvmtqxY/vk+NHjB6Z33zI5OX661/Ub35vG82t/afzk9JF9pw4fnR6fOfzI9O6pXTt3bu357o9HTxycGZs4efrYxOmZ6ZMTxdcydqrx6fx7X6/rUw8zx8PrXZuB8NP5Z2/amd4fN/etxxe9qWKT1h9Ps9fCe0HF72+9Po65fyTMpCb5HwAAAOog5v7wxv/zF8j/AAAAUBkx968OM5H/AQAAoDJi7i+S/2g6/Xtd8v9y9f8f1/9v0P/X/8/0/xP9f/3/TP9f/78H/X/9/35ev/6//j+9la3/H3J/tibL/Ps/AAAAVFTM/WvDTOR/AAAAqIyY+y8LM5H/AQAAoDJi7r88zKQm+d/5//X/9f+79f/jtvr/mf5/Gfr/m/5T/38B/X/9/0z//7xd6v58v6+/hP3/Nfr/lE3Z+v8x978lzKQm+R8AAADqIOb+t4aZyP8AAABQGTH3XxFmIv8DAABAZcTcvy7MpCb5X/9f/1//3/n/9f/7pv/v/P8d6P/r/2f6/+dtkf58/kOh/n9/9v+d/5/SKVv/P+b+XwkzqUn+BwAAgDqIuf9tYSbyPwAAAFRGzP1XhpnI/wAAAFAZMfdfFWZSk/xfz/7/K1mW6f9n+v/6/23r1P/X/18J+v/6/93o/5ey/+/8//r/+v8sm7L1/2Puf3uYSU3yPwAAANRBzP1Xh5nI/wAAAFAZMfe/I8xE/gcAAIDKiLn/mjCTmuT/evb/nf9f/7+g/9+6Tv1//f+VoP+v/9+N/r/+fz+vX/9f/5/eytb/j7n/nWEmNcn/AAAAUAcx918bZiL/AwAAQGXE3P+uMBP5HwAAACoj5v71YSY1yf/6//r/+v/6//r/+v8rqb/6/4OLXqL/X9D/b7V8/f/Z+QXo//fN+vX/9f/prWz9/5j73x1mUpP8DwAAAHUQc/97wkzkfwAAAKiMmPuvCzOR/wEAAKAyYu4fCzOpSf7X/9f/1//X/9f/1/9fSf3V/1+c/n9B/7/V0vr/A8PzC3D+/+V0qdev/6//T29l6//H3L8hzKQm+R8AAADqIOb+jWEm8j8AAABURsz914eZyP8AAABQGTH3bwozqUn+1//X/9f/1//X/9f/X0n6//r/3dSj/9+8AP3/5XSp16//r/9Pb2Xr/8fcf0OYSU3yPwAAANRBzP03hpnI/wAAAFAZMfe/N8xE/gcAAIDKiLl/c5hJTfK//r/+v/5/H/f/h/T/M/3/0tP/1//vRv+/XP3/Yf1//X/9f5ZZ2fr/Mfe/L8ykJvkfAAAA6iDm/veHmcj/AAAAUBkx998UZiL/AwAAQGXE3D8eZlKT/K//r/+v/9/H/X/n/29Z/zL0/0eaP6//vzz0//X/u9H/L1f/3/n/9f/1/1luZev/x9x/c5hJTfI/AAAA1EHM/VvCTOR/AAAAqIyY+yfCTOR/AAAAqIyY+yfDTKqQ///tbM9N9P8vZv+/sY/1//X/9f/D5SXs/zv//wrQ/9f/70b/X/+/n9ev/6//T29l6//H3D8VZlKF/A8AAAA0xNy/NcxE/gcAAIDKiLl/W5iJ/A8AAACVEXP/9jCTmuT/Pun/b0kFqL7u/zv/v/6//n8t+v//E14U9f8b9P/1/7vR/9f/7+f1X4L+/3DzB/r/lM1gh8+Vrf8fc/+OMJOa5H8AAACog5j7d4aZyP8AAABQGTH33xJmIv8DAABAZcTcf2uYSU3yf5/0/yty/n/9f/1//f9a9P8D5/8v6P/r/3ej/6//38/rP7f+/2fav905/z+1ULb+f8z9u8JMapL/AQAAoA5i7v9AmIn8DwAAAJURc/9tYSbyPwAAAPSVTuchjGLu/2CYSU3yv/5/1fv/c6v1//X/9f+7r1//f2Xp/+v/d6P/r//fz+u/BOf/b6H/Tz8oW/8/5v7dYSY1yf8AAABQBzH3fyjMRP4HAACAyoi5//YwE/kfAAAAKiPm/j1hJjXJ//r/Ve//1+b8/43L9f/1//X/y0f/X/+/G/3//uz/hx9b9P9L1P/PjyH9f8qobP3/mPvvCDOpSf4HAACAOoi5/8NhJvI/AAAAVEbM/R8JM5H/AQAAoDJi7v9omElN8r/+v/5/Rfr/zv+v/6//X1L6/yvW/2+8FOr/Fxbt/6/R/+9mvj9/hfP/93n/3/n/Kauy9f9j7r8zzKQm+R8AAADqIOb+j4WZyP8AAABQGTH3/2qYifwPAAAAlRFz/11hJjXJ//r/+v/6//r/+v/6/ytJ/9/5/7tx/v+y9P8vTX++39ev/6//T29l6//H3P9rYSY1yf8AAABQBzH33x1mIv8DAABAZcTc//EwE/kfAAAA+syqRS+Juf/Xw0xqkv/7r/8/1pf9/8F0+/r/+v/6//r/+v/LSf9f/z/T/z9vl7o/3+/r1//X/6e3svX/Y+7/jTCTmuR/AAAAqIOY+z8RZiL/AwAAQGXE3P+bYSbyPwAAAFRGzP33hJnUJP8vd/+//frdOP+//n+m/6//r/+v/3+B+qn/P6L/v4D+v/5/P69f/1//n97K1v+Puf+3wkxqkv8BAACgDmLuvzfMRP4HAACAknrwnK8Rc/8nw0zkfwAAAKiMmPs/FWZSk/zff+f/77/+f377+v/6/5n+v/5/017V/18+/dT/d/7/hfT/9f/7ef36//r/9Fa2/n/M/feFmdQk/wMAAEAdxNz/6TAT+R8AAAAqI+b+3w4zkf8BAACgMmLu/0yYSU3yv/6/8//r/+v/6//r/68k/f+F/f/8NUz/v6D/r//fz+vX/9f/p7ey9f9j7v9smElN8j8AAADUQcz9vxNmIv8DAABAZcTc/7thJvI/AAAAVEbM/feHmdQk/+v/6//r/+v/6//r/68k/X/n/+9G/1//v5/Xr/+v/09vZev/x9z/uTCTmuR/AAAAqIOY+38vzET+BwAAgMqIuX9vmIn8DwAAAJURc/8DYSY1yf/6//r/+v/17f+vblun/r/+/0rQ/9f/70b/X/+/n9ev/6//T29l6//H3L8vzGRP690AAAAA/Svm/s+HmdTk3/8BAACgDmLu3x9mIv8DAABAZcTcfyDMpCb5X/9f/1//v779f+f/L+j/ryz9f/3/bvT/9f/7ef36//r/9Hax+//x+8Bi/f+Y+6ezrJb5HwAAAOog5v6DYSbyPwAAAFRGzP2HwkzkfwAAAKiMmPsfDDOpSf7X/9f/1/+vbf//pe+2rVP/X/9/Jej/6/93o/+v/9/P69f/1/+nt7Kd/z/m/sNhJjXJ/wAAAFAHMfd/IcxE/gcAAIDKiLn/i2Em8j8AAABURsz9R8JMapL/9f/1//X/z6v//39z/d//X9r5/9fM36/+v/7/+dD/1//vRv9f/7+f16//r/9Pb2Xr/8fcfzTMpCb5HwAAAOog5v5jYSbyPwAAAFRGzP3Hw0zkfwAAAKiMmPtPhJnUJP/r/59b/39gkW6g/n/n9Ve4/99Qi/5/E/1//f/zof+v/9/NRej/v9l8Ff3/Vpe6P9/v69f/1/+nt1L0/0fmP465//fDTGqS/wEAAKAOYu4/GWYi/wMAAPD/7N1Xs6V1lcfxPYduGmqKmrfA1VzPXHnpS/A1WMU7MGcwY1bMWRFzQswYMOecE+aIKCoG1Cqs7rPWavp0n2fv7t67z/P81+dz4Rqa9DDTTM2v4Dt/hpG7/0Fxi/0PAAAAw8jd/+C4pcn+P7P/P6b/9/6//l//r/8P+v/t0P/r/6d4/1//v+Tv1//r/1lvFv3/fX45d/9D4pYm+x8AAAA6yN3/0LjF/gcAAIBh5O5/WNxi/wMAAMAwcvc/PG5psv+9/6//1//r//X/+v9d0v/r/w+T/7tI/6//X+r36//1/6w3t/4/d/8j4pYm+x8AAAA6yN3/yLjF/gcAAIBh5O5/VNxi/wMAAMAwcvc/Om5psv/1//p//b/+X/9/zv7/bv3/duj/9f9TvP+v/1/y9+v/z7//P7buD8pw5tb/5+5/TNzSZP8DAABAB7n7Hxu32P8AAAAwjNz9j4tb7H8AAAAYRu7+a+OWFvv/mP5f/6//X2L/f0z/7/3/5dD/6/+n6P/1/0f3/VetViv9v/f/2bW59f+5+6+LW1rsfwAAAOghd//j4xb7HwAAABZgb6PfKnf/E+IW+x8AAACGkbv/iXFLk/2v/9f/6/8X2P97/1//vyD6//H7///R/+v/F9n/e/9f/8+lMLf+P3f/k+KWJvsfAAAAOsjd/+S4xf4HAACAYeTuf0rcYv8DAADAMHL3PzVuabL/9f/6f/2//l//r//fJf3/+P3/6lz9/InNvkf/r/9f8vfr//X/rLfz/v8B15+6m/b/ufuvj1ua7H8AAADoIHf/0+IW+x8AAACGkbv/6XGL/Q8AAADDyN3/jLilyf7X/+v/T/f/9/6X/l//r/8//eP6/+3Q/zft/zek/9f/L/n79f/6f9bbef+/pvc/+Mu5+58ZtzTZ/wAAANBB7v5nxS32PwAAAAwjd/+z4xb7HwAAAIaRu/85cUuT/a//1/97/1//r//X/++S/n+2/f/Bv/XOpP/fiP5f/39Y/3//Db5f/08Hc+v/c/c/N25psv8BAACgg9z9z4tb7H8AAAAYRu7+G+IW+x8AAACGkbv/+XFLk/3fpv8/kPPp//fp//X/q7P6/72W/f/JH9P/74b+f7b9/zT9/0b0//p/7//r/5k2t/4/d/8L4pYm+x8AAAA6yN3/wrjF/gcAAIBh5O5/Udxi/wMAAMAwcve/OG5psv/b9P8H6P/3XXT/f0L/P17/f57v/182Rv/v/f/d0f/r/6fo//X/S/5+/b/+n/Xm1v/n7n9J3NJk/wMAAMDw9la1+18at9j/AAAAMIzc/S+LW+x/AAAAGEbu/pfHLU32v/5f/+/9f/3/RfX/g7z/r//fHf2//n/Kpv3/Sv9ffy36//l8v/5f/896c+v/c/e/Im5psv8BAACgg9z9r4xb7H8AAAAYRu7+V8Ut9j8AAAAMI3f/q+OWJvtf/6//1//r//X/+v9d0v/r/6d4/1//v+Tv1//r/1lvbv1/7v7XxC1N9j8AAAB0kLv/tXGL/Q8AAADDyN1/Y9xi/wMAAMAwcve/Lm45uP/3LuVXXTr6f/2//l//r//X/++S/l//P2Xk/v/eExfe/19xyJ9P/7/h999yXP+/w/4//57S/7OJufX/uftvilv8838AAAAYRu7+18ct9j8AAAAMI3f/G+IW+x8AAACGkbv/jXFLk/1/WP9/13/v/3r9/2b0/+f+fv2//n/T/v+e20//fvp//f/50P/r/1cz7f+9/+/9/3W//1L7/6T/ZxNz6/9z978pbmmy/wEAAKCD3P1vjlvsfwAAABhG7v63xC32PwAAAAwjd/9b45Ym+3/77/9frf/X/+v/4+r/vf+v/9f/6/+n6f/1/0v+fv2//p/1ttP/X7baVv+fu/9tcUuT/Q8AAAAd5O5/e9xi/wMAAMAwcve/I26x/wEAAGAYufvfGbc02f/b7/+9/6//P8/+f69Z/3/jbfr/+PX6f/3/Nuj/9f8r/f8FO+p+funfr//X/7Pe3N7/z91/86mp12//AwAAQAc3n/rPK1bvilvsfwAAABhG7v5b4hb7HwAAAIaRu//dcUuT/a//1/8fef/v/f+i/4//uer/9f/nQf+v/1/p/y/YUffzS/9+/b/+n/Xm1v/n7n9P3NJk/wMAAEAHufvfG7fY/wAAADCM2P37//K7/Q8AAABDet+p/7xi9f64pcn+b9z/X32x/f+V9/mv9f/n/n79/1b6/5sP/tzT/+v/l0T/r/+fov/X/y/5++fT/8cPXKv/Z37m1v/n7v9A3NJk/wMAAEAHufs/GLfY/wAAADCM3P23xi32PwAAAAwjd/+H4pYm+79x/z/I+/8PvDO+QP8/bv/v/f+4i+r/79L/J/2//n+K/l//v+Tvn0//7/1/5mtu/X/u/g/HLU32PwAAAHSQu/8jcYv9DwAAAMPI3f/RuMX+BwAAgGHk7r8tbmmy//X/S+//vf+v/9f/z7L/9/5/0f/r/6fo//dO/V8i+v9lfr/+X//PenPr/3P3fyxuabL/AQAAoIPc/R+PW+x/AAAAGEbu/k/ELfY/AAAADCN3/yfjlib7X/+v/99V/3/yT6L/b9L/X6f/X+n/D6X/1/9P0f97/3/J36//1/+z3tz6/9z9n4pbmux/AAAA6CB3/6fjFvsfAAAAhpG7/zNxi/0PAAAAw8jd/9m44f+vOrpP2q7jh/x49Ob6/9Vq7z7xsf7f+//6f+//J/3/duj/9f9T9P/6/yV/v/5f/896c+v/c/d/Lm7xz/8BAABgGLn7Px+32P8AAAAwjNz9X4hb7H8AAAAYRu7+L8YtTfa//t/7//r/xfb/V+r/z/x+/f886f/1/1P0//r/JX+//l//z3pz6/9z938pbmmy/wEAAKCD3P1fjlvsfwAAABhG7v6vxC32PwAAAAwjd/9X45Ym+1//r//X/y+2//f+/4Hv1//Pk/5f/z9F/6//X/L36//1/6w3t/4/d//X4pYm+x8AAAA6yN3/9bjF/gcAAIBh5O7/Rtxi/wMAAMAwcvd/M25psv/1//p//b/+X/+v/98l/f94/f/Jvwf0//v0/7Po//Onif5f/88Mza3/z93/rbilyf4HAACADnL3fztusf8BAABg7g7+652Hyt3/nbjF/gcAAIBh5O7/btzSZP+P3P9P/Wb6/336f/3/Sv+v/98x/f94/b/3/0/bpP8/4/8DgP5/q476+/X/+n/Wm1v/n7v/e3FLk/0PAAAAHeTu/37cYv8DAADAMHL3/yBusf8BAABgGLn7fxi3NNn/I/f/U/T/+/T/+v+V/l//v2P6f/3/lA79/xn0/1t11N+v/9f/s94R9f/HV4f0/7n7fxS3NNn/AAAA0EHu/tvjFvsfAAAAhpG7/8dxi/0PAAAAw8jd/5O4ZZz9f82tE79S/7/1/v/UTyL9v/5/pf/X/+v/T9H/6/+n6P/1/0v+fv2//p/15vb+f+7+n8Yt4+x/AAAAaC93/8/iFvsfAAAAhpG7/+dxi/0PAAAAw8jd/4u4pcn+n2v/f/C//Qvq/y/o/f/8Bv2//n/H/f9lK/2//v8S0//r/6csp/8/ds4f1f/r//X/+n+mza3/z93/y7ilyf4HAACADnL3/ypusf8BAABgGLn7fx232P8AAAAwjNz9v4lbmuz/ufb/C37//4L6/4t7//90Pa3/P8r+f++sP/4M+3/v/+v/Lzn9v/5/ynL6/3PT/+v/7/d//3tN/rzT/+v/Odvc+v/c/b+NW5rsfwAAAOggd//v4hb7HwAAAIaRu/+OuMX+BwAAgGHk7v993NJk/+v/R+j/vf8/j/7/7D++/n93/f/JH9P/L4P+X/8/Rf+v/1/y93v/X//PenPr/3P33xm3NNn/AAAA0EHu/j/ELfY/AAAADCN3/x/jltj/lx/JVwEAAADblLv/rrilyT//1//r/4fs/0/07f/vaNL/e/9/OfT/+v8p+n/9/5K/X/+v/2e9ufX/ufv/FLc02f8AAADQQe7+P8ct9j8AAAAMI3f/X+IW+x8AAACGkbv/7rilyf7X/+v/z7//P15/3bPt/73/r//X/8/GuP3/5fp//f9F9/833LT/w/r/ZX6//l//z3pz6/9z9/81bmmy/wEAAKCD3P1/i1vsfwAAABhG7v6/xy32PwAAAAwjd/8/4pYm+1//r/8f8v1//b/+X/8/G+P2/97/1/97///i+vm9hX+//l//zybm1v/n7r8nbmmy/wEAAKCD3P3/jFvsfwAAABhG7v5/xS32PwAAAAwjd/+/45Ym+1//r//X/+v/9f/6/13S/+v/p+j/O/f/y/9+/b/+n/Xm1v/n7v9PAAAA//9AODfC")
link(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f00000006c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x102004, 0x0, 0x1, 0x0, &(0x7f0000000040))
openat$dir(0xffffffffffffff9c, 0x0, 0x101000, 0x108)

1.986794317s ago: executing program 1 (id=996):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f0000000c80)={[{@lazytime}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@jqfmt_vfsold}, {@grpquota}, {@barrier_val}, {@grpjquota}, {}, {}, {@usrjquota}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628)

1.572673671s ago: executing program 8 (id=998):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01000000000000ffffff9900000008000300", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a80"], 0x4c}}, 0x0)

1.476112067s ago: executing program 3 (id=999):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)

1.263252897s ago: executing program 3 (id=1000):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x4, 0x2, 0xa9f}}]}, 0x38}, 0x1, 0x0, 0x0, 0x90}, 0x44080)

1.183984796s ago: executing program 0 (id=1001):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = dup2(r0, r0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000040)=0x2, 0x4)
getsockopt$SO_TIMESTAMP(r1, 0x1, 0x1d, 0x0, &(0x7f0000001700))

1.083272553s ago: executing program 3 (id=1002):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x8c000003, 0x0, {[0x3]}}, 0x0, 0x8, &(0x7f0000000440))
r0 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r0, 0x0, 0x400000000000000, 0x7)

1.081378334s ago: executing program 5 (id=1003):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
unshare(0x2c060000)
unshare(0x2c020400)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)=@generic={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x18)

1.030861905s ago: executing program 0 (id=1004):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000000c0)={0xfffc}, 0x8)
sendto$inet6(r0, &(0x7f00000004c0)='W', 0x1, 0x44011, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @loopback, 0xb}, 0x1c)
ioctl$F2FS_IOC_DEFRAGMENT(r0, 0xc010f508, 0x0)

904.070118ms ago: executing program 8 (id=1005):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x3810082, &(0x7f0000001880)={[{@noadinicb}, {@gid}, {@dmode={'dmode', 0x3d, 0x4}}, {@rootdir={'rootdir', 0x3d, 0x400}}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {@gid_forget}, {@gid_ignore}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@longad}]}, 0xfd, 0xc32, &(0x7f0000001a40)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=")
syz_mount_image$fuse(0x0, &(0x7f0000000200)='./file1\x00', 0x4000, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000ac0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@uuid_off}]})

882.535507ms ago: executing program 3 (id=1006):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000080)={0xc, {"a2e3ad214fc752f91b25470987f70e06d038e7ff7fc6e5539b3245078b089b3b083868060890e0878f0e1ac6e70a9b3368959b6c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31350d095d0936cd3b78130daa61f8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d16993428807789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e17f907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c330600d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a9740600000000f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b303db4d7bec6b6a97dbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x80080)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$SNDRV_PCM_IOCTL_STATUS64(r0, 0x40044103, &(0x7f0000000080))

642.078908ms ago: executing program 3 (id=1007):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x80e1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x123c}]}}}, @IFLA_IFNAME={0x14, 0x3, 'nicvf0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0xc845}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

595.597526ms ago: executing program 8 (id=1008):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000a80), r0)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f0000000b00)={0x24, r2, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x38}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x28040011}, 0x404c000)

516.07584ms ago: executing program 1 (id=1009):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x4002})
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000080)="0bc3ff", 0xd}, {&(0x7f0000000000)='G', 0x1}, {&(0x7f0000000240)="d336bd75243cb9a6418e", 0xa}], 0x1000000000000041)

417.902648ms ago: executing program 3 (id=1010):
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f00000004c0)='./file1\x00', 0x1804810, &(0x7f0000000140)=ANY=[], 0xfb, 0x69d, &(0x7f0000000640)="$eJzs3c1vHGcdB/DvrDd2Ni0hSZM2oEq1GgkQEYkTKy3mQkAI5VBVVTlwthKnseKkxXGRWyHi8HrtoX9AOeSCOCFx4hKpcOBCb70hH5GQuJQD4cKimZ211971Zt0mXpt+PtHs8zrPPPObl32xognwuXXlbJoPUuTK2VdWy/L6/dml9fuztzr5V5tJppKsJWW2kaT4d7vd/jC5nBQbwxTb0j7vL869/vEn63/vlJr1UvVvDFtvm7rf2rbqtW7ddJKJOv0Mtox39TOPV2zM/HKSM3UKY3coSXuLH/3l6Y2WHq1Bax/ekzkCT1bRed/scyw5Ul/o5eeA7jtvY29nN7qpEftt/wQBAAAAB031HbjZV72l5osP8zCrxdE9nBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcaGubz/8v6qXRzU+n6D7/f7KuS53fX17YXfcHT2oeAAAAAAAAALCHXniYh1nN0W65XVR/83+xKpysXp/K27mThSznXFYzn5WsZDkXkhzrGWhydX5lZapbGrbmxUFrLl98xES7Q7cew04DAAAAAAAAwP+fn+XK5t//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgPyiSiU6S4l5P9bE0mkkOJ5ksK9aSj7r5g+zBuCcAAAAAe2AqeZjVHO2W20VOJnm2+g3gcN7O7axkMStZykKuVb8LdL71N9bvzy6t35+9VS79437nn7uaRjViOr89DN7y6apHK9ezWNWcy9W8maVcS6Nas3S6nk931G3zulfOqfh27eXRZnatTss9f69O+9zd1c7uZJc/phyrInKoE5GJZKaeWxmN490jM/gI7fLobNlSFnIhjY3Jnty2pcmtO7M15ptDNoZt70idlvvzq51iPhadSPy33bGQiz1n37PDY5589Q+/++FMnd8/uzSaiTptV6+t/nNiticSz40SiRtLt2/euH7n7EGLRJ+ZKhKnNspX8v38IGczndeynMX8OPNZyUKm870qN18f/KLnkt8hUpe3lF571Ewm6zO0c7B2N6cXq3WPZjGv5s1cy0Jeqv5dzIW8nEu5lLmeI3xq+BGurvpG/1VfaX9h4OTPfK3OtJL8uk73hzKux3viunnWz1TxPr6lZjNKJ0aI0oB74zDNL9eZchs/f9SNdE9tj8SFnkg8MzwSv6luK3eWbt9cvjH/1mibO/FenSmvo18m0/vnRlKeLyfKg1WVpracHWXbMxttW+NVtp3caGv0tZ3KH9NsdreymLUdr9TJ+jNc/0gXq7bnBrbNVm2ne9oGfd4CYN878vUjk61/tP7a+qD1i9aN1iuHvzv1zannJ3PoT4e+1ZyZ+Erj+eL3+SA/3fz+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfHp33nn35vzS0sLytky73b770eCmETPd59V8ytW3Z7pPhRqhc6b/9lTZdUDTRNp3d2h6UpkvPZ3s1bb2b+Y/7Xa7ril26PPbP28P1FTGFLr6OX/tfRG6MWXGdksC9sj5lVtvnb/zzrvfWLw1/8bCGwu35y5dmpuZu/TS7Pnri0sLM53Xcc8SeBI23/THPRMAAAAAAAAAAABgVI/5/wysDWoa9z4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB9uVs2k+SJELM+dmyvL6/dmlcunmN3s2kzSSFD9Jig+Ty+ksOdYzXLHTdt5fnHv940/W/9XuqMer+jeGrTeatXrJdJKJTnrvcY13tU6HKobtQrGxh2XAznQDB+P2vwAAAP//eL8QGw==")
link(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
sync()
unlink(&(0x7f0000000300)='./file1\x00')

46.533699ms ago: executing program 8 (id=1011):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000280), 0x80a00, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000180)={0x80000001, "0600000000000000c64c3b6e6ff82a75e5318fca4288c2ffbdbec772020acd2c", <r1=>0xffffffffffffffff})
r2 = dup3(r1, r0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

0s ago: executing program 0 (id=1012):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'xfrm0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="640000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="01050400000000003c0012800b00010067726574617000002c00028008000100", @ANYRES32=r1], 0x64}}, 0x0)

kernel console output (not intermixed with test programs):

57-406a-8241-57ec7d4412cf
[  166.111697][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.129448][ T7342] batman_adv: batadv0: Adding interface: batadv_slave_0
[  166.148132][ T7342] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.184657][ T7422] BTRFS info (device loop5): using crc32c (crc32c-x86_64) checksum algorithm
[  166.213130][ T7422] BTRFS info (device loop5): using free-space-tree
[  166.236154][    T9] usb 2-1: config 0 descriptor??
[  166.244682][ T7342] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.366670][ T7342] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.373666][ T7342] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.436678][ T5838] Bluetooth: hci3: command tx timeout
[  166.457576][ T7342] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.684329][    T9] holtek_kbd 0003:04D9:A055.0004: unbalanced delimiter at end of report description
[  166.743714][    T9] holtek_kbd 0003:04D9:A055.0004: probe with driver holtek_kbd failed with error -22
[  166.910170][ T5991] usb 2-1: USB disconnect, device number 3
[  167.080178][ T7494] loop0: detected capacity change from 0 to 2048
[  167.131043][ T5831] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  167.178583][ T7342] hsr_slave_0: entered promiscuous mode
[  167.202914][ T7342] hsr_slave_1: entered promiscuous mode
[  167.218641][ T7494] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  167.257545][ T7342] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  167.287191][ T7342] Cannot create hsr debugfs directory
[  167.760075][ T7504] netlink: 12 bytes leftover after parsing attributes in process `syz.1.429'.
[  168.055987][ T7513] process 'syz.1.432' launched './file0' with NULL argv: empty string added
[  168.355467][ T7524] loop5: detected capacity change from 0 to 512
[  168.388963][ T7342] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  168.462381][ T7342] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  168.503052][ T7524] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.520070][ T5838] Bluetooth: hci3: command tx timeout
[  168.539228][ T7342] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  168.541976][ T7534] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  168.555068][ T7524] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.626718][ T7524] EXT4-fs (loop5): shut down requested (2)
[  168.654673][ T7342] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  168.742245][ T7538] netlink: 8 bytes leftover after parsing attributes in process `syz.3.439'.
[  168.867407][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.150206][ T7548] loop5: detected capacity change from 0 to 1024
[  169.196031][ T7540] loop1: detected capacity change from 0 to 8192
[  169.212894][ T7503] loop6: detected capacity change from 0 to 32768
[  169.255684][ T7503] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.431 (7503)
[  169.296344][ T7342] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.389483][ T7503] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  169.429692][ T7342] 8021q: adding VLAN 0 to HW filter on device team0
[  169.468121][ T7503] BTRFS info (device loop6): using sha256 (sha256-ni) checksum algorithm
[  169.530560][ T6927] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.538228][ T6927] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.543136][ T7503] BTRFS info (device loop6): using free-space-tree
[  169.609130][ T6927] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.616371][ T6927] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.638378][ T7558] input: syz0 as /devices/virtual/input/input10
[  169.933552][ T7342] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  169.966327][ T7342] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  170.280763][ T6185] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  170.585321][ T5838] Bluetooth: hci3: command tx timeout
[  170.859735][ T7342] 8021q: adding VLAN 0 to HW filter on device batadv0
[  171.045042][    T9] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  171.275989][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  171.318772][    T9] usb 2-1: no configurations
[  171.344780][    T9] usb 2-1: can't read configurations, error -22
[  171.399792][ T7613] loop6: detected capacity change from 0 to 2048
[  171.459131][ T7613] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  171.515056][ T7613] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  171.547418][ T7613] UDF-fs: Scanning with blocksize 512 failed
[  171.557428][ T7579] loop5: detected capacity change from 0 to 32768
[  171.587675][ T7613] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  171.644833][   T30] audit: type=1800 audit(1744151494.629:35): pid=7579 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.445" name="file1" dev="loop5" ino=4 res=0 errno=0
[  171.834641][ T5898] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  172.036267][ T5898] usb 1-1: Using ep0 maxpacket: 8
[  172.051937][ T5898] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  172.104126][ T7342] veth0_vlan: entered promiscuous mode
[  172.117690][ T5898] usb 1-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  172.171201][ T7342] veth1_vlan: entered promiscuous mode
[  172.172319][ T5898] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.252164][ T5898] usb 1-1: config 0 descriptor??
[  172.309140][ T5898] gspca_main: vc032x-2.14.0 probing 046d:0892
[  172.333483][ T7342] veth0_macvtap: entered promiscuous mode
[  172.438203][ T7342] veth1_macvtap: entered promiscuous mode
[  172.501439][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.525126][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.570648][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.611956][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.655149][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.705907][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.736956][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.795028][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.823796][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.864922][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.913076][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.964859][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.031051][ T7655] loop9: detected capacity change from 0 to 4
[  173.079145][ T7655] Dev loop9: unable to read RDB block 4
[  173.095208][ T7655]  loop9: unable to read partition table
[  173.117837][ T5898] gspca_vc032x: reg_w err -71
[  173.126779][ T5898] vc032x 1-1:0.0: probe with driver vc032x failed with error -71
[  173.143754][ T7655] loop9: partition table beyond EOD, truncated
[  173.170607][ T5898] usb 1-1: USB disconnect, device number 4
[  173.184952][ T7655] loop_reread_partitions: partition scan of loop9 (þ被xüÿÿÿÿÿÿÿ ) failed (rc=-5)
[  173.199053][ T7342] batman_adv: batadv0: Interface activated: batadv_slave_0
[  173.259487][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.332789][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.383959][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.485081][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.514775][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.532583][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.543013][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.553942][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.611631][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.650919][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.676942][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.744831][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.776511][ T7342] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.866152][ T7342] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.900196][ T7646] loop3: detected capacity change from 0 to 32768
[  173.950997][ T7342] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.968596][ T7646] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.463 (7646)
[  173.994857][ T7342] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.003640][ T7342] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.047350][ T7646] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  174.063008][ T7639] loop6: detected capacity change from 0 to 32768
[  174.089654][ T7646] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  174.115992][ T7646] BTRFS info (device loop3): using free-space-tree
[  174.173020][ T7639] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  174.593037][ T7639] XFS (loop6): Ending clean mount
[  174.646148][ T7639] XFS (loop6): Quotacheck needed: Please wait.
[  174.657440][ T6282] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.706995][ T6282] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.736869][ T5833] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  174.777691][ T7698] vlan2: entered allmulticast mode
[  174.809956][ T7698] batadv0: entered allmulticast mode
[  174.816451][ T7639] XFS (loop6): Quotacheck: Done.
[  174.922642][   T30] audit: type=1800 audit(1744151497.909:36): pid=7639 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.460" name="file1" dev="loop6" ino=9286 res=0 errno=0
[  175.145041][ T7704] netlink: 4 bytes leftover after parsing attributes in process `syz.0.476'.
[  175.165456][ T6185] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  175.203073][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.226711][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.450812][ T7708] netlink: 20 bytes leftover after parsing attributes in process `syz.1.479'.
[  175.939248][ T7722] loop7: detected capacity change from 0 to 256
[  176.705226][ T5898] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  176.890776][ T5898] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  176.922621][ T5898] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  176.942714][ T7712] loop3: detected capacity change from 0 to 32768
[  176.944865][ T5898] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  176.980468][ T7712] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.473 (7712)
[  177.002182][ T5898] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.062412][ T7730] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  177.080455][ T5898] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  177.094978][ T7712] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  177.123170][ T7712] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  177.379415][ T7712] BTRFS info (device loop3): rebuilding free space tree
[  177.428665][ T7712] BTRFS info (device loop3): disabling free space tree
[  177.456697][ T5968] usb 7-1: USB disconnect, device number 3
[  177.465401][ T7712] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  177.504971][ T7712] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  177.635515][   T30] audit: type=1800 audit(1744151500.619:37): pid=7712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.473" name="file2" dev="loop3" ino=261 res=0 errno=0
[  177.659664][ T7765] loop1: detected capacity change from 0 to 4096
[  177.728060][   T30] audit: type=1800 audit(1744151500.669:38): pid=7712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.473" name="bus" dev="loop3" ino=263 res=0 errno=0
[  177.911543][ T5833] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  178.187770][ T7739] loop7: detected capacity change from 0 to 32768
[  178.266657][   T30] audit: type=1800 audit(1744151501.259:39): pid=7739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.491" name="file1" dev="loop7" ino=4 res=0 errno=0
[  178.302902][ T7746] loop5: detected capacity change from 0 to 32768
[  178.339416][ T7746] XFS: ikeep mount option is deprecated.
[  178.357055][ T7746] XFS: noikeep mount option is deprecated.
[  178.420771][ T7746] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  178.497320][ T7774] loop6: detected capacity change from 0 to 4096
[  178.518390][ T7774] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  178.643540][ T7746] XFS (loop5): Ending clean mount
[  178.665158][   T55] Bluetooth: hci6: command 0xfc11 tx timeout
[  178.672571][ T5838] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  178.712054][ T7746] XFS (loop5): Quotacheck needed: Please wait.
[  178.744073][ T7774] ntfs3(loop6): ino=19, mi_enum_attr
[  178.803101][ T7774] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  178.804997][ T7746] XFS (loop5): Quotacheck: Done.
[  178.946011][   T30] audit: type=1800 audit(1744151501.939:40): pid=7746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.494" name="file0" dev="loop5" ino=1060 res=0 errno=0
[  178.955307][ T7781] input input11: cannot allocate more than FF_MAX_EFFECTS effects
[  179.016915][   T30] audit: type=1800 audit(1744151502.009:41): pid=7774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.498" name="file2" dev="loop6" ino=31 res=0 errno=0
[  179.303927][ T5831] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  179.636747][ T7787] loop6: detected capacity change from 0 to 2048
[  179.697738][ T7767] loop1: detected capacity change from 0 to 40427
[  179.725499][ T7787] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  179.754853][ T7787] UDF-fs: Scanning with blocksize 512 failed
[  179.760619][ T7767] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x7
[  179.793044][ T7787] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  179.827500][ T7767] F2FS-fs (loop1): invalid crc value
[  180.118133][ T7800] loop5: detected capacity change from 0 to 1024
[  180.226030][ T7800] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  180.254849][ T7800] hfsplus: xattr searching failed
[  180.315021][ T7767] F2FS-fs (loop1): Start checkpoint disabled!
[  180.357359][ T7767] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  180.390460][ T6282] hfsplus: b-tree write err: -5, ino 4
[  180.650507][ T7816] loop0: detected capacity change from 0 to 1024
[  181.005201][ T7821] loop6: detected capacity change from 0 to 256
[  181.141112][ T7822] loop0: detected capacity change from 0 to 512
[  181.173549][ T7822] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  181.237932][ T7822] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.355059][ T7822] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  181.388268][ T7822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.763593][ T7817] loop3: detected capacity change from 0 to 40427
[  181.820604][ T7817] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x3fffff
[  181.884456][ T7817] F2FS-fs (loop3): invalid crc value
[  181.911815][ T7834] loop0: detected capacity change from 0 to 256
[  182.018789][ T7834] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  182.258814][ T7817] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  182.429043][ T7828] loop6: detected capacity change from 0 to 32768
[  182.479783][ T5833] syz-executor: attempt to access beyond end of device
[  182.479783][ T5833] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  182.583339][ T5833] CPU: 1 UID: 0 PID: 5833 Comm: syz-executor Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  182.583378][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  182.583395][ T5833] Call Trace:
[  182.583404][ T5833]  <TASK>
[  182.583415][ T5833]  dump_stack_lvl+0x241/0x360
[  182.583464][ T5833]  ? __pfx_dump_stack_lvl+0x10/0x10
[  182.583502][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  182.583533][ T5833]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  182.583563][ T5833]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  182.583592][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  182.583621][ T5833]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  182.583664][ T5833]  f2fs_handle_critical_error+0x392/0x5a0
[  182.583712][ T5833]  f2fs_write_end_io+0x563/0x790
[  182.583767][ T5833]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  182.583812][ T5833]  ? bio_endio+0x7e4/0x890
[  182.583846][ T5833]  ? bio_endio+0x82a/0x890
[  182.583880][ T5833]  __submit_merged_bio+0x2a9/0x710
[  182.583910][ T5833]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  182.583952][ T5833]  f2fs_submit_merged_write_cond+0x29f/0x380
[  182.584000][ T5833]  f2fs_write_data_pages+0x2f99/0x38d0
[  182.584084][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  182.584181][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  182.584211][ T5833]  ? do_raw_spin_unlock+0x13c/0x8b0
[  182.584273][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  182.584301][ T5833]  ? __lock_acquire+0xad5/0xd80
[  182.584334][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  182.584362][ T5833]  ? do_raw_spin_lock+0x151/0x370
[  182.584410][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  182.584439][ T5833]  ? do_raw_spin_unlock+0x13c/0x8b0
[  182.584481][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  182.584523][ T5833]  do_writepages+0x366/0x890
[  182.584561][ T5833]  ? __pfx_do_writepages+0x10/0x10
[  182.584584][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  182.584614][ T5833]  ? __lock_acquire+0xad5/0xd80
[  182.584645][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  182.584675][ T5833]  ? do_raw_spin_lock+0x151/0x370
[  182.584731][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  182.584765][ T5833]  ? do_raw_spin_unlock+0x13c/0x8b0
[  182.584813][ T5833]  filemap_fdatawrite+0x1f2/0x2a0
[  182.584846][ T5833]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  182.584870][ T5833]  ? mlock_drain_local+0x79/0x490
[  182.584949][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  182.584979][ T5833]  ? do_raw_spin_unlock+0x13c/0x8b0
[  182.585028][ T5833]  f2fs_sync_dirty_inodes+0x34f/0x860
[  182.585089][ T5833]  f2fs_write_checkpoint+0x857/0x1da0
[  182.585140][ T5833]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  182.585214][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  182.585244][ T5833]  ? kfree+0x198/0x430
[  182.585275][ T5833]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  182.585305][ T5833]  ? kill_f2fs_super+0x290/0x6d0
[  182.585335][ T5833]  kill_f2fs_super+0x2b8/0x6d0
[  182.585369][ T5833]  ? __pfx_kill_f2fs_super+0x10/0x10
[  182.585403][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  182.585432][ T5833]  ? shrinker_free+0x2ca/0x3d0
[  182.585470][ T5833]  deactivate_locked_super+0xc6/0x130
[  182.585502][ T5833]  cleanup_mnt+0x422/0x4c0
[  182.585531][ T5833]  ? lockdep_hardirqs_on+0x9d/0x150
[  182.585567][ T5833]  task_work_run+0x253/0x310
[  182.585616][ T5833]  ? __pfx_task_work_run+0x10/0x10
[  182.585663][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  182.585698][ T5833]  syscall_exit_to_user_mode+0x13f/0x340
[  182.585734][ T5833]  do_syscall_64+0x100/0x230
[  182.585779][ T5833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.585805][ T5833] RIP: 0033:0x7f111a18e497
[  182.585828][ T5833] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  182.585850][ T5833] RSP: 002b:00007ffed3f20f28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  182.585877][ T5833] RAX: 0000000000000000 RBX: 00007f111a20e08c RCX: 00007f111a18e497
[  182.585896][ T5833] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed3f20fe0
[  182.585912][ T5833] RBP: 00007ffed3f20fe0 R08: 0000000000000000 R09: 0000000000000000
[  182.585928][ T5833] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffed3f22070
[  182.585946][ T5833] R13: 00007f111a20e08c R14: 000000000002c849 R15: 00007ffed3f220b0
[  182.585985][ T5833]  </TASK>
[  183.035026][ T5833] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  183.136390][ T7823] loop7: detected capacity change from 0 to 40427
[  183.175017][ T7828] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  183.232164][ T7823] F2FS-fs (loop7): build fault injection attr: rate: 690, type: 0x3fffff
[  183.275268][ T7823] F2FS-fs (loop7): Image doesn't support compression
[  183.282047][ T7823] F2FS-fs (loop7): Image doesn't support compression
[  183.331872][ T7850] loop0: detected capacity change from 0 to 32768
[  183.340084][ T7850] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.525 (7850)
[  183.374456][ T7828] XFS (loop6): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  183.422993][ T7823] F2FS-fs (loop7): invalid crc value
[  183.429247][ T7850] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  183.485156][ T7850] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  183.504506][ T7850] BTRFS info (device loop0): using free-space-tree
[  183.542849][ T7828] XFS (loop6): Starting recovery (logdev: internal)
[  183.571045][ T7828] XFS (loop6): Ending recovery (logdev: internal)
[  183.832602][ T7823] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  183.961124][ T6185] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  184.371339][ T7886] loop5: detected capacity change from 0 to 128
[  184.468962][ T7886] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  184.555573][ T7886] ext4 filesystem being mounted at /95/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  184.888862][ T5831] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  184.923170][ T5836] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  185.409585][ T7900] sctp: [Deprecated]: syz.1.538 (pid 7900) Use of int in maxseg socket option.
[  185.409585][ T7900] Use struct sctp_assoc_value instead
[  186.089615][ T7916] pim6reg: entered allmulticast mode
[  186.142159][ T7915] pim6reg: left allmulticast mode
[  186.193671][ T7918] loop5: detected capacity change from 0 to 2048
[  186.200319][ T7889] loop6: detected capacity change from 0 to 32768
[  186.341759][ T7889] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  186.357220][ T7918] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.581903][   T12] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  186.616509][ T7889] XFS (loop6): Ending clean mount
[  186.643415][   T12] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 65793 with max blocks 1 with error 28
[  186.666830][   T12] EXT4-fs (loop5): This should not happen!! Data will be lost
[  186.666830][   T12] 
[  186.697799][   T12] EXT4-fs (loop5): Total free blocks count 0
[  186.703876][   T12] EXT4-fs (loop5): Free/Dirty block details
[  186.741847][   T12] EXT4-fs (loop5): free_blocks=66060288
[  186.783189][   T12] EXT4-fs (loop5): dirty_blocks=16
[  186.805131][   T12] EXT4-fs (loop5): Block reservation details
[  186.830853][   T12] EXT4-fs (loop5): i_reserved_data_blocks=1
[  186.886951][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.896688][ T6185] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  187.366207][ T7949] netlink: 56 bytes leftover after parsing attributes in process `syz.5.553'.
[  188.111564][ T7962] loop7: detected capacity change from 0 to 128
[  188.142236][ T7962] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  188.171743][ T7962] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  188.194460][ T7938] loop3: detected capacity change from 0 to 32768
[  188.241661][   T30] audit: type=1326 audit(1744151511.229:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f088a78d169 code=0x7ffc0000
[  188.361048][   T30] audit: type=1326 audit(1744151511.229:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f088a78d169 code=0x7ffc0000
[  188.371898][ T7962] UDF-fs: error (device loop7): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  188.482791][   T30] audit: type=1326 audit(1744151511.229:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f088a78d169 code=0x7ffc0000
[  188.505056][ T7946] loop0: detected capacity change from 0 to 32768
[  188.586502][   T30] audit: type=1326 audit(1744151511.229:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f088a78d169 code=0x7ffc0000
[  188.608891][   T30] audit: type=1326 audit(1744151511.229:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7f088a78d169 code=0x7ffc0000
[  188.624981][ T7946] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  188.631686][   T30] audit: type=1326 audit(1744151511.229:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f088a78d169 code=0x7ffc0000
[  188.662964][   T30] audit: type=1326 audit(1744151511.229:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f088a78d169 code=0x7ffc0000
[  188.685543][   T30] audit: type=1326 audit(1744151511.259:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f088a78d169 code=0x7ffc0000
[  188.728511][   T30] audit: type=1326 audit(1744151511.259:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.5.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f088a78d169 code=0x7ffc0000
[  188.820465][   T30] audit: type=1800 audit(1744151511.299:51): pid=7962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.558" name="file1" dev="loop7" ino=94 res=0 errno=0
[  188.917367][ T7946] XFS (loop0): Ending clean mount
[  188.927432][ T7946] XFS (loop0): Quotacheck needed: Please wait.
[  189.070189][ T7954] loop6: detected capacity change from 0 to 32768
[  189.115781][ T7946] XFS (loop0): Quotacheck: Done.
[  189.204615][ T7954] JBD2: Ignoring recovery information on journal
[  189.236689][ T7960] loop1: detected capacity change from 0 to 32768
[  189.340391][ T7954] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  189.450121][ T5836] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  189.675319][ T6185] ocfs2: Unmounting device (7,6) on (node local)
[  189.983004][ T7996] IPVS: ip_vs_add_dest(): server weight less than zero
[  190.145628][ T5967] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  190.250914][ T7998] loop0: detected capacity change from 0 to 1024
[  190.323486][ T5967] usb 6-1: config 0 has an invalid interface number: 117 but max is 0
[  190.345009][ T5967] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  190.406345][ T7998] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  190.419857][ T5967] usb 6-1: config 0 has no interface number 0
[  190.434899][ T5967] usb 6-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  190.473788][ T5967] usb 6-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  190.497215][ T7998] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  190.538648][ T7998] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  190.573880][ T5967] usb 6-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  190.644846][ T5967] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.655225][ T7998] EXT4-fs error (device loop0): ext4_get_journal_inode:5798: inode #5: comm syz.0.571: unexpected bad inode w/o EXT4_IGET_BAD
[  190.686911][ T5967] usb 6-1: Product: syz
[  190.691227][ T5967] usb 6-1: Manufacturer: syz
[  190.716680][ T5967] usb 6-1: SerialNumber: syz
[  190.732768][ T7998] EXT4-fs (loop0): no journal found
[  190.771325][ T7998] EXT4-fs (loop0): can't get journal size
[  190.788057][ T5967] usb 6-1: config 0 descriptor??
[  190.794259][ T7998] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  190.908402][ T5836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.240273][ T5967] usbtouchscreen 6-1:0.117: probe with driver usbtouchscreen failed with error -71
[  191.254352][ T8017] loop6: detected capacity change from 0 to 4096
[  191.287073][ T8017] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  191.336183][ T5967] usb 6-1: USB disconnect, device number 6
[  191.414589][ T8027] netlink: 48 bytes leftover after parsing attributes in process `syz.0.581'.
[  191.465266][ T8017] ntfs3(loop6): ino=1a, mi_enum_attr
[  191.486386][ T8017] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  191.526196][ T8017] ntfs3(loop6): Failed to initialize $Extend/$ObjId.
[  191.583642][ T8029] netlink: 4 bytes leftover after parsing attributes in process `syz.7.582'.
[  191.691152][ T8033] loop0: detected capacity change from 0 to 256
[  191.750948][ T8033] FAT-fs (loop0): Directory bread(block 64) failed
[  191.764968][ T8033] FAT-fs (loop0): Directory bread(block 65) failed
[  191.825546][ T8033] FAT-fs (loop0): Directory bread(block 66) failed
[  191.889266][ T8033] FAT-fs (loop0): Directory bread(block 67) failed
[  191.915318][ T8033] FAT-fs (loop0): Directory bread(block 68) failed
[  191.921933][ T8033] FAT-fs (loop0): Directory bread(block 69) failed
[  191.965289][ T8033] FAT-fs (loop0): Directory bread(block 70) failed
[  191.971944][ T8033] FAT-fs (loop0): Directory bread(block 71) failed
[  192.028937][ T8033] FAT-fs (loop0): Directory bread(block 72) failed
[  192.068144][ T8033] FAT-fs (loop0): Directory bread(block 73) failed
[  192.076595][ T8037] Zero length message leads to an empty skb
[  192.216632][ T8043] syz.7.589 uses obsolete (PF_INET,SOCK_PACKET)
[  192.481113][ T8050] loop7: detected capacity change from 0 to 512
[  192.515973][ T8050] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  192.528258][ T8021] loop1: detected capacity change from 0 to 32768
[  192.552862][ T8050] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  192.586347][ T8050] EXT4-fs error (device loop7): ext4_iget_extra_inode:4692: inode #15: comm syz.7.592: corrupted in-inode xattr: e_value size too large
[  192.622389][ T8021] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  192.631441][ T5898] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  192.649556][ T8050] EXT4-fs error (device loop7): ext4_orphan_get:1395: comm syz.7.592: couldn't read orphan inode 15 (err -117)
[  192.706488][ T8050] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.769942][ T8064] loop5: detected capacity change from 0 to 2048
[  192.809576][ T7342] EXT4-fs error (device loop7): ext4_lookup:1789: inode #14: comm syz-executor: invalid fast symlink length 39
[  192.831027][ T5898] usb 4-1: Using ep0 maxpacket: 32
[  192.838474][ T8021] XFS (loop1): Ending clean mount
[  192.854218][ T5898] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.878336][ T8064] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  192.893985][ T5898] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  192.895569][ T7342] EXT4-fs error (device loop7): ext4_lookup:1789: inode #14: comm syz-executor: invalid fast symlink length 39
[  192.911121][ T5898] usb 4-1: New USB device found, idVendor=056e, idProduct=00fc, bcdDevice= 0.00
[  192.961094][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.992521][ T8064] UDF-fs: Scanning with blocksize 512 failed
[  193.017031][ T5898] usb 4-1: config 0 descriptor??
[  193.056599][ T5832] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  193.082266][ T8064] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  193.206777][ T7982] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.495376][ T8046] loop3: detected capacity change from 0 to 128
[  193.617870][ T8046] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[  193.672167][ T5898] elecom 0003:056E:00FC.0005: collection stack underflow
[  193.702098][ T5898] elecom 0003:056E:00FC.0005: item 0 0 0 12 parsing failed
[  193.748835][ T5898] elecom 0003:056E:00FC.0005: probe with driver elecom failed with error -22
[  193.969173][ T2146] usb 4-1: USB disconnect, device number 2
[  194.385423][ T8096] loop5: detected capacity change from 0 to 512
[  194.416072][ T8096] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  194.461032][ T8096] EXT4-fs (loop5): invalid journal inode
[  194.485147][ T8096] EXT4-fs (loop5): can't get journal size
[  194.589427][ T8096] EXT4-fs (loop5): 1 truncate cleaned up
[  194.654478][ T8096] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.928405][ T8106] syz.6.615: attempt to access beyond end of device
[  194.928405][ T8106] nbd6: rw=0, sector=64, nr_sectors = 1 limit=0
[  194.930580][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.005512][ T8106] syz.6.615: attempt to access beyond end of device
[  195.005512][ T8106] nbd6: rw=0, sector=256, nr_sectors = 1 limit=0
[  195.087638][ T8106] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256
[  195.128560][ T8106] syz.6.615: attempt to access beyond end of device
[  195.128560][ T8106] nbd6: rw=0, sector=512, nr_sectors = 1 limit=0
[  195.199725][ T8106] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512
[  195.251185][ T8106] UDF-fs: warning (device nbd6): udf_load_vrs: No anchor found
[  195.260293][   T55] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  195.282556][   T55] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  195.290808][ T8106] UDF-fs: Scanning with blocksize 512 failed
[  195.297164][   T55] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  195.306908][   T55] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  195.318902][   T55] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  195.332535][ T8106] syz.6.615: attempt to access beyond end of device
[  195.332535][ T8106] nbd6: rw=0, sector=64, nr_sectors = 2 limit=0
[  195.355520][ T8106] syz.6.615: attempt to access beyond end of device
[  195.355520][ T8106] nbd6: rw=0, sector=512, nr_sectors = 2 limit=0
[  195.421681][ T8115] loop0: detected capacity change from 0 to 64
[  195.447333][ T8106] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256
[  195.496888][ T8106] syz.6.615: attempt to access beyond end of device
[  195.496888][ T8106] nbd6: rw=0, sector=1024, nr_sectors = 2 limit=0
[  195.530918][ T8098] loop1: detected capacity change from 0 to 32768
[  195.561225][ T8098] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  195.570250][ T8106] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512
[  195.583317][ T8106] UDF-fs: warning (device nbd6): udf_load_vrs: No anchor found
[  195.658871][ T8106] UDF-fs: Scanning with blocksize 1024 failed
[  195.665906][ T8106] syz.6.615: attempt to access beyond end of device
[  195.665906][ T8106] nbd6: rw=0, sector=64, nr_sectors = 4 limit=0
[  195.679728][ T8106] syz.6.615: attempt to access beyond end of device
[  195.679728][ T8106] nbd6: rw=0, sector=1024, nr_sectors = 4 limit=0
[  195.694251][ T8106] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256
[  195.711422][ T8106] syz.6.615: attempt to access beyond end of device
[  195.711422][ T8106] nbd6: rw=0, sector=2048, nr_sectors = 4 limit=0
[  195.736438][ T8106] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512
[  195.755516][ T8098] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  195.766764][ T8106] UDF-fs: warning (device nbd6): udf_load_vrs: No anchor found
[  195.766798][ T8106] UDF-fs: Scanning with blocksize 2048 failed
[  195.767565][ T8106] syz.6.615: attempt to access beyond end of device
[  195.767565][ T8106] nbd6: rw=0, sector=64, nr_sectors = 8 limit=0
[  195.870417][ T8098] XFS (loop1): Starting recovery (logdev: internal)
[  195.880706][ T8106] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256
[  195.930745][ T8098] XFS (loop1): Ending recovery (logdev: internal)
[  195.956318][ T8104] loop3: detected capacity change from 0 to 32768
[  195.975735][ T8106] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512
[  195.995736][ T8106] UDF-fs: warning (device nbd6): udf_load_vrs: No anchor found
[  196.040017][ T8106] UDF-fs: Scanning with blocksize 4096 failed
[  196.056714][ T8106] UDF-fs: warning (device nbd6): udf_fill_super: No partition found (1)
[  196.058676][ T8104] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  196.222364][ T8140] loop0: detected capacity change from 0 to 256
[  196.372629][ T5832] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  196.477778][ T8104] XFS (loop3): Ending clean mount
[  196.487200][ T8112] chnl_net:caif_netlink_parms(): no params data found
[  196.526383][ T8104] XFS (loop3): Quotacheck needed: Please wait.
[  196.650505][ T8104] XFS (loop3): Quotacheck: Done.
[  197.014483][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  197.014508][   T30] audit: type=1326 audit(1744151519.969:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837e58d169 code=0x7ffc0000
[  197.102119][ T2146] hid-generic 0000:0004:0000.0006: unknown main item tag 0x0
[  197.111621][ T2146] hid-generic 0000:0004:0000.0006: unknown main item tag 0x0
[  197.119536][ T2146] hid-generic 0000:0004:0000.0006: unknown main item tag 0x0
[  197.135009][ T2146] hid-generic 0000:0004:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  197.146766][   T30] audit: type=1326 audit(1744151519.969:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837e58d169 code=0x7ffc0000
[  197.147337][ T5833] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  197.214437][ T8155] loop0: detected capacity change from 0 to 4096
[  197.222566][   T30] audit: type=1326 audit(1744151519.979:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f837e58d169 code=0x7ffc0000
[  197.260352][   T30] audit: type=1326 audit(1744151519.979:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837e58d169 code=0x7ffc0000
[  197.283819][   T30] audit: type=1326 audit(1744151519.979:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837e58d169 code=0x7ffc0000
[  197.307393][   T30] audit: type=1326 audit(1744151519.979:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=445 compat=0 ip=0x7f837e58d169 code=0x7ffc0000
[  197.330129][    T9] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  197.345931][   T30] audit: type=1326 audit(1744151519.979:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837e58d169 code=0x7ffc0000
[  197.371706][   T30] audit: type=1326 audit(1744151519.979:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837e58d169 code=0x7ffc0000
[  197.401741][   T55] Bluetooth: hci3: command tx timeout
[  197.447827][ T8112] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.455358][ T8112] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.463387][ T8112] bridge_slave_0: entered allmulticast mode
[  197.503489][ T8112] bridge_slave_0: entered promiscuous mode
[  197.515029][    T9] usb 6-1: Using ep0 maxpacket: 32
[  197.583901][ T8112] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.585691][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  197.624100][ T8112] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.645407][ T8112] bridge_slave_1: entered allmulticast mode
[  197.666188][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  197.687962][ T8112] bridge_slave_1: entered promiscuous mode
[  197.701558][    T9] usb 6-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[  197.724781][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.771764][    T9] usb 6-1: config 0 descriptor??
[  197.825334][   T24] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  197.930809][ T8112] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  197.977895][ T8112] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.004872][   T24] usb 7-1: Using ep0 maxpacket: 8
[  198.026906][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  198.064772][   T24] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  198.099006][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.140428][   T24] usb 7-1: config 0 descriptor??
[  198.178066][ T8112] team0: Port device team_slave_0 added
[  198.224185][ T8112] team0: Port device team_slave_1 added
[  198.306298][    T9] input: HID 054c:03d5 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:054C:03D5.0007/input/input15
[  198.395203][    T9] sony 0003:054C:03D5.0007: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.5-1/input0
[  198.425317][ T8112] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.453977][    T9] usb 6-1: USB disconnect, device number 7
[  198.457521][ T8112] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.582699][   T24] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  198.617144][ T8112] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.661467][   T24] usb 7-1: USB disconnect, device number 4
[  198.747809][ T8112] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.771339][ T8112] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.834300][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  198.834769][ T8112] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  198.841258][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  199.086599][ T8112] hsr_slave_0: entered promiscuous mode
[  199.105728][ T8112] hsr_slave_1: entered promiscuous mode
[  199.129097][ T8112] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  199.191247][ T8112] Cannot create hsr debugfs directory
[  199.465784][   T55] Bluetooth: hci3: command tx timeout
[  199.569224][ T8178] loop1: detected capacity change from 0 to 40427
[  199.622900][ T8178] F2FS-fs (loop1): invalid crc value
[  199.984450][ T8202] loop6: detected capacity change from 0 to 1024
[  199.995132][ T8178] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  200.080049][ T8202] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.113204][ T8178] bio_check_eod: 2 callbacks suppressed
[  200.113230][ T8178] syz.1.636: attempt to access beyond end of device
[  200.113230][ T8178] loop1: rw=2049, sector=53248, nr_sectors = 128 limit=40427
[  200.139167][ T8112] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  200.171747][ T8112] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  200.219360][ T8112] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  200.221791][ T8202] EXT4-fs error (device loop6): ext4_xattr_inode_iget:437: inode #11: comm syz.6.646: missing EA_INODE flag
[  200.270523][ T8112] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  200.333507][ T8202] EXT4-fs (loop6): Remounting filesystem read-only
[  200.426930][ T5832] syz-executor: attempt to access beyond end of device
[  200.426930][ T5832] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  200.495191][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: syz-executor Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  200.495230][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  200.495245][ T5832] Call Trace:
[  200.495255][ T5832]  <TASK>
[  200.495265][ T5832]  dump_stack_lvl+0x241/0x360
[  200.495312][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  200.495351][ T5832]  ? srso_alias_return_thunk+0x5/0xfbef5
[  200.495380][ T5832]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  200.495409][ T5832]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  200.495438][ T5832]  ? srso_alias_return_thunk+0x5/0xfbef5
[  200.495467][ T5832]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  200.495510][ T5832]  f2fs_handle_critical_error+0x392/0x5a0
[  200.495556][ T5832]  f2fs_write_end_io+0x563/0x790
[  200.495605][ T5832]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  200.495650][ T5832]  ? bio_endio+0x7e4/0x890
[  200.495683][ T5832]  ? bio_endio+0x82a/0x890
[  200.495717][ T5832]  __submit_merged_bio+0x2a9/0x710
[  200.495748][ T5832]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  200.495800][ T5832]  f2fs_submit_merged_write_cond+0x29f/0x380
[  200.495848][ T5832]  f2fs_write_data_pages+0x2f99/0x38d0
[  200.495939][ T5832]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  200.495977][ T5832]  ? 0xffffffffa0004840
[  200.496014][ T5832]  ? __kernel_text_address+0xd/0x40
[  200.496074][ T5832]  ? srso_alias_return_thunk+0x5/0xfbef5
[  200.496103][ T5832]  ? __mod_memcg_lruvec_state+0x301/0x4f0
[  200.496150][ T5832]  ? __pfx___mod_memcg_lruvec_state+0x10/0x10
[  200.496193][ T5832]  ? srso_alias_return_thunk+0x5/0xfbef5
[  200.496241][ T5832]  ? __mod_zone_page_state+0xda/0x150
[  200.496270][ T5832]  ? srso_alias_return_thunk+0x5/0xfbef5
[  200.496298][ T5832]  ? folios_put_refs+0x711/0x800
[  200.496346][ T5832]  ? lockdep_hardirqs_on+0x9d/0x150
[  200.496379][ T5832]  ? __pfx_folios_put_refs+0x10/0x10
[  200.496413][ T5832]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  200.496440][ T5832]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  200.496481][ T5832]  do_writepages+0x366/0x890
[  200.496519][ T5832]  ? __pfx_do_writepages+0x10/0x10
[  200.496542][ T5832]  ? srso_alias_return_thunk+0x5/0xfbef5
[  200.496569][ T5832]  ? __lock_acquire+0xad5/0xd80
[  200.496602][ T5832]  ? srso_alias_return_thunk+0x5/0xfbef5
[  200.496631][ T5832]  ? do_raw_spin_lock+0x151/0x370
[  200.496683][ T5832]  ? srso_alias_return_thunk+0x5/0xfbef5
[  200.496711][ T5832]  ? do_raw_spin_unlock+0x13c/0x8b0
[  200.496759][ T5832]  filemap_fdatawrite+0x1f2/0x2a0
[  200.496800][ T5832]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  200.496824][ T5832]  ? mlock_drain_local+0x79/0x490
[  200.496903][ T5832]  ? srso_alias_return_thunk+0x5/0xfbef5
[  200.496932][ T5832]  ? do_raw_spin_unlock+0x13c/0x8b0
[  200.496980][ T5832]  f2fs_sync_dirty_inodes+0x34f/0x860
[  200.497040][ T5832]  f2fs_write_checkpoint+0x857/0x1da0
[  200.497091][ T5832]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  200.497171][ T5832]  ? srso_alias_return_thunk+0x5/0xfbef5
[  200.497200][ T5832]  ? kill_f2fs_super+0x290/0x6d0
[  200.497231][ T5832]  kill_f2fs_super+0x2b8/0x6d0
[  200.497264][ T5832]  ? __pfx_kill_f2fs_super+0x10/0x10
[  200.497298][ T5832]  ? srso_alias_return_thunk+0x5/0xfbef5
[  200.497326][ T5832]  ? shrinker_free+0x2ca/0x3d0
[  200.497363][ T5832]  deactivate_locked_super+0xc6/0x130
[  200.497395][ T5832]  cleanup_mnt+0x422/0x4c0
[  200.497424][ T5832]  ? lockdep_hardirqs_on+0x9d/0x150
[  200.497459][ T5832]  task_work_run+0x253/0x310
[  200.497508][ T5832]  ? __pfx_task_work_run+0x10/0x10
[  200.497553][ T5832]  ? srso_alias_return_thunk+0x5/0xfbef5
[  200.497588][ T5832]  syscall_exit_to_user_mode+0x13f/0x340
[  200.497624][ T5832]  do_syscall_64+0x100/0x230
[  200.497664][ T5832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.497689][ T5832] RIP: 0033:0x7f837e58e497
[  200.497710][ T5832] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  200.497732][ T5832] RSP: 002b:00007ffdbddaf2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  200.497760][ T5832] RAX: 0000000000000000 RBX: 00007f837e60e08c RCX: 00007f837e58e497
[  200.497778][ T5832] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdbddaf3b0
[  200.497798][ T5832] RBP: 00007ffdbddaf3b0 R08: 0000000000000000 R09: 0000000000000000
[  200.497813][ T5832] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdbddb0440
[  200.497830][ T5832] R13: 00007f837e60e08c R14: 0000000000030e35 R15: 00007ffdbddb0480
[  200.497868][ T5832]  </TASK>
[  200.497879][ T5832] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  200.636292][ T8112] 8021q: adding VLAN 0 to HW filter on device bond0
[  200.964289][ T6185] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.979573][ T8112] 8021q: adding VLAN 0 to HW filter on device team0
[  201.025767][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.032908][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  201.127154][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.134382][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  201.377184][ T8112] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  201.544942][   T55] Bluetooth: hci3: command tx timeout
[  202.002624][ T8210] loop3: detected capacity change from 0 to 40427
[  202.074811][ T8210] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  202.100864][ T8210] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  202.121643][ T8112] 8021q: adding VLAN 0 to HW filter on device batadv0
[  202.424179][ T8210] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  202.465131][ T8210] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  202.582250][   T30] audit: type=1800 audit(1744151525.569:61): pid=8210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.648" name="bus" dev="loop3" ino=10 res=0 errno=0
[  202.617130][ T8218] loop6: detected capacity change from 0 to 32768
[  202.638349][ T8216] loop5: detected capacity change from 0 to 40427
[  202.700885][ T8218] XFS (loop6): DAX unsupported by block device. Turning off DAX.
[  202.718128][ T8218] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  202.752810][ T8216] F2FS-fs (loop5): invalid crc value
[  202.769867][ T5833] syz-executor: attempt to access beyond end of device
[  202.769867][ T5833] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  202.827971][ T5833] CPU: 1 UID: 0 PID: 5833 Comm: syz-executor Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  202.828012][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  202.828029][ T5833] Call Trace:
[  202.828039][ T5833]  <TASK>
[  202.828050][ T5833]  dump_stack_lvl+0x241/0x360
[  202.828105][ T5833]  ? __pfx_dump_stack_lvl+0x10/0x10
[  202.828143][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  202.828173][ T5833]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  202.828202][ T5833]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  202.828234][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  202.828262][ T5833]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  202.828306][ T5833]  f2fs_handle_critical_error+0x392/0x5a0
[  202.828353][ T5833]  f2fs_write_end_io+0x563/0x790
[  202.828404][ T5833]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  202.828451][ T5833]  ? bio_endio+0x7e4/0x890
[  202.828485][ T5833]  ? bio_endio+0x82a/0x890
[  202.828521][ T5833]  __submit_merged_bio+0x2a9/0x710
[  202.828562][ T5833]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  202.828606][ T5833]  f2fs_submit_merged_write_cond+0x29f/0x380
[  202.828658][ T5833]  f2fs_write_data_pages+0x2f99/0x38d0
[  202.828754][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  202.828866][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  202.828894][ T5833]  ? do_raw_spin_unlock+0x13c/0x8b0
[  202.828974][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  202.829002][ T5833]  ? folios_put_refs+0x70a/0x800
[  202.829060][ T5833]  ? __pfx_folios_put_refs+0x10/0x10
[  202.829094][ T5833]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  202.829119][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  202.829161][ T5833]  do_writepages+0x366/0x890
[  202.829200][ T5833]  ? __pfx_do_writepages+0x10/0x10
[  202.829223][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  202.829251][ T5833]  ? __lock_acquire+0xad5/0xd80
[  202.829286][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  202.829315][ T5833]  ? do_raw_spin_lock+0x151/0x370
[  202.829371][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  202.829400][ T5833]  ? do_raw_spin_unlock+0x13c/0x8b0
[  202.829453][ T5833]  filemap_fdatawrite+0x1f2/0x2a0
[  202.829488][ T5833]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  202.829513][ T5833]  ? mlock_drain_local+0x79/0x490
[  202.829613][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  202.829642][ T5833]  ? do_raw_spin_unlock+0x13c/0x8b0
[  202.829692][ T5833]  f2fs_sync_dirty_inodes+0x34f/0x860
[  202.829757][ T5833]  f2fs_write_checkpoint+0x857/0x1da0
[  202.829813][ T5833]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  202.829906][ T5833]  ? kill_f2fs_super+0x290/0x6d0
[  202.829935][ T5833]  kill_f2fs_super+0x2b8/0x6d0
[  202.829964][ T5833]  ? __pfx_kill_f2fs_super+0x10/0x10
[  202.829995][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  202.830019][ T5833]  ? shrinker_free+0x2ca/0x3d0
[  202.830053][ T5833]  deactivate_locked_super+0xc6/0x130
[  202.830081][ T5833]  cleanup_mnt+0x422/0x4c0
[  202.830105][ T5833]  ? lockdep_hardirqs_on+0x9d/0x150
[  202.830138][ T5833]  task_work_run+0x253/0x310
[  202.830184][ T5833]  ? __pfx_task_work_run+0x10/0x10
[  202.830227][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  202.830259][ T5833]  syscall_exit_to_user_mode+0x13f/0x340
[  202.830293][ T5833]  do_syscall_64+0x100/0x230
[  202.830329][ T5833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.830351][ T5833] RIP: 0033:0x7f111a18e497
[  202.830371][ T5833] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  202.830391][ T5833] RSP: 002b:00007ffed3f20f28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  202.830418][ T5833] RAX: 0000000000000000 RBX: 00007f111a20e08c RCX: 00007f111a18e497
[  202.830435][ T5833] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed3f20fe0
[  202.830451][ T5833] RBP: 00007ffed3f20fe0 R08: 0000000000000000 R09: 0000000000000000
[  202.830467][ T5833] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffed3f22070
[  202.830484][ T5833] R13: 00007f111a20e08c R14: 0000000000031779 R15: 00007ffed3f220b0
[  202.830537][ T5833]  </TASK>
[  202.830547][ T5833] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  203.007676][ T8218] XFS (loop6): Ending clean mount
[  203.345175][ T8249] netlink: 8 bytes leftover after parsing attributes in process `syz.1.657'.
[  203.361683][ T8218] XFS (loop6): Quotacheck needed: Please wait.
[  203.364488][ T8249] netlink: 12 bytes leftover after parsing attributes in process `syz.1.657'.
[  203.455233][ T8218] XFS (loop6): Quotacheck: Done.
[  203.523752][ T8216] F2FS-fs (loop5): Start checkpoint disabled!
[  203.550274][ T8216] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  203.599814][ T8112] veth0_vlan: entered promiscuous mode
[  203.626096][   T55] Bluetooth: hci3: command tx timeout
[  203.661365][ T8112] veth1_vlan: entered promiscuous mode
[  203.694455][ T6185] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  203.743933][ T8112] veth0_macvtap: entered promiscuous mode
[  203.809701][ T8112] veth1_macvtap: entered promiscuous mode
[  203.929737][   T12] kworker/u8:0: attempt to access beyond end of device
[  203.929737][   T12] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  203.967741][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.025654][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  204.025694][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  204.025711][   T12] Workqueue: writeback wb_workfn (flush-7:5)
[  204.025759][   T12] Call Trace:
[  204.025768][   T12]  <TASK>
[  204.025778][   T12]  dump_stack_lvl+0x241/0x360
[  204.025823][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[  204.025860][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  204.025892][   T12]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  204.025920][   T12]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  204.025949][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  204.025978][   T12]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  204.026020][   T12]  f2fs_handle_critical_error+0x392/0x5a0
[  204.026067][   T12]  f2fs_write_end_io+0x563/0x790
[  204.026116][   T12]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  204.026161][   T12]  ? bio_endio+0x7e4/0x890
[  204.026194][   T12]  ? bio_endio+0x82a/0x890
[  204.026228][   T12]  __submit_merged_bio+0x2a9/0x710
[  204.026260][   T12]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  204.026300][   T12]  f2fs_submit_merged_write_cond+0x29f/0x380
[  204.026347][   T12]  f2fs_write_data_pages+0x2f99/0x38d0
[  204.026429][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  204.026484][   T12]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  204.026540][   T12]  ? __lock_acquire+0xad5/0xd80
[  204.026576][   T12]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  204.026628][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  204.026658][   T12]  ? trace_f2fs_writepages+0x8c/0x220
[  204.026695][   T12]  ? f2fs_write_node_pages+0x4ba/0x730
[  204.026741][   T12]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  204.026773][   T12]  ? __lock_acquire+0xad5/0xd80
[  204.026807][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  204.026836][   T12]  ? has_not_enough_free_secs+0xc26/0x1490
[  204.026878][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  204.026921][   T12]  do_writepages+0x366/0x890
[  204.026958][   T12]  ? __pfx_do_writepages+0x10/0x10
[  204.026980][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  204.027009][   T12]  ? __lock_acquire+0xad5/0xd80
[  204.027041][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  204.027070][   T12]  ? __lock_acquire+0xad5/0xd80
[  204.027106][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  204.027134][   T12]  ? reacquire_held_locks+0x12a/0x1e0
[  204.027166][   T12]  ? writeback_sb_inodes+0x43f/0x1360
[  204.027211][   T12]  __writeback_single_inode+0x14f/0x10d0
[  204.027254][   T12]  writeback_sb_inodes+0x822/0x1360
[  204.027314][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  204.027353][   T12]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  204.027431][   T12]  ? rcu_is_watching+0x15/0xb0
[  204.027464][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  204.027493][   T12]  ? queue_io+0x3d9/0x5a0
[  204.027534][   T12]  wb_writeback+0x415/0xb90
[  204.027574][   T12]  ? queue_io+0x2f1/0x5a0
[  204.027607][   T12]  ? __pfx_wb_writeback+0x10/0x10
[  204.027661][   T12]  wb_workfn+0x412/0x10b0
[  204.027713][   T12]  ? __pfx_wb_workfn+0x10/0x10
[  204.027743][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  204.027771][   T12]  ? register_lock_class+0x54/0x330
[  204.027804][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  204.027833][   T12]  ? __lock_acquire+0xad5/0xd80
[  204.027863][   T12]  ? lockdep_hardirqs_on+0x9d/0x150
[  204.027903][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  204.027945][   T12]  ? process_scheduled_works+0x9cb/0x18e0
[  204.027975][   T12]  process_scheduled_works+0xac5/0x18e0
[  204.028040][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  204.028083][   T12]  ? assign_work+0x367/0x3d0
[  204.028124][   T12]  worker_thread+0x870/0xd50
[  204.028174][   T12]  ? __kthread_parkme+0x1a8/0x200
[  204.028211][   T12]  ? __pfx_worker_thread+0x10/0x10
[  204.028242][   T12]  kthread+0x7b9/0x940
[  204.028280][   T12]  ? __pfx_worker_thread+0x10/0x10
[  204.028312][   T12]  ? __pfx_kthread+0x10/0x10
[  204.028350][   T12]  ? __pfx_kthread+0x10/0x10
[  204.028385][   T12]  ? __pfx_kthread+0x10/0x10
[  204.028424][   T12]  ? __pfx_kthread+0x10/0x10
[  204.028460][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  204.028488][   T12]  ? lockdep_hardirqs_on+0x9d/0x150
[  204.028517][   T12]  ? __pfx_kthread+0x10/0x10
[  204.028555][   T12]  ret_from_fork+0x4d/0x80
[  204.028582][   T12]  ? __pfx_kthread+0x10/0x10
[  204.028618][   T12]  ret_from_fork_asm+0x1a/0x30
[  204.028662][   T12]  </TASK>
[  204.028672][   T12] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  204.034735][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.496026][ T5898] IPVS: starting estimator thread 0...
[  204.497836][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.512924][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.523028][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.534625][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.545052][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.555718][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.565612][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.576161][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.588866][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.599380][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.609512][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.614943][ T8263] IPVS: using max 23 ests per chain, 55200 per kthread
[  204.620731][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.650701][ T8112] batman_adv: batadv0: Interface activated: batadv_slave_0
[  204.680089][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.753030][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.764749][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.811105][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.844404][ T8265] loop0: detected capacity change from 0 to 2048
[  204.866212][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.890157][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.920462][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.941425][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.964783][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  205.034199][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  205.074874][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  205.094988][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  205.099367][ T8274] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  205.112076][ T8112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  205.147665][   T55] Bluetooth: hci1: connection err: -111
[  205.165067][ T8112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  205.193667][ T8112] batman_adv: batadv0: Interface activated: batadv_slave_1
[  205.201797][ T8277] loop3: detected capacity change from 0 to 256
[  205.385189][ T8112] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  205.394080][ T8112] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.486034][ T8112] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.508697][ T8112] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.966467][ T6927] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  205.999208][ T6927] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  206.162449][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  206.181115][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  206.202603][ T8298] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  206.248271][ T8298] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.257948][ T8298] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.674520][ T8311] loop6: detected capacity change from 0 to 512
[  206.724356][ T8311] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  206.886393][ T8310] loop0: detected capacity change from 0 to 4096
[  206.908929][ T8311] EXT4-fs (loop6): 1 truncate cleaned up
[  206.917104][ T8311] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  206.924821][ T8310] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  207.172637][ T8310] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  207.283855][   T30] audit: type=1800 audit(1744151530.269:62): pid=8310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.681" name="bus" dev="loop0" ino=33 res=0 errno=0
[  207.384591][   T30] audit: type=1800 audit(1744151530.299:63): pid=8310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.681" name="bus" dev="loop0" ino=33 res=0 errno=0
[  207.530354][ T8328] loop5: detected capacity change from 0 to 512
[  207.609604][ T8328] EXT4-fs error (device loop5): ext4_orphan_get:1390: inode #15: comm syz.5.686: casefold flag without casefold feature
[  207.674760][ T8328] EXT4-fs (loop5): Remounting filesystem read-only
[  207.702739][ T8328] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.869733][ T8328] EXT4-fs (loop5): shut down requested (0)
[  207.899997][ T8337] loop3: detected capacity change from 0 to 64
[  207.916732][ T8335] loop0: detected capacity change from 0 to 128
[  207.970296][ T8335] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  207.992037][ T8335] ext4 filesystem being mounted at /139/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  208.004112][ T6185] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.144553][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.334923][ T5892] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  208.523108][ T5892] usb 2-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  208.533485][ T8320] loop8: detected capacity change from 0 to 32768
[  208.574358][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.609646][ T5892] usb 2-1: Product: syz
[  208.613882][ T5892] usb 2-1: Manufacturer: syz
[  208.629175][ T5892] usb 2-1: SerialNumber: syz
[  208.644225][ T5892] usb 2-1: config 0 descriptor??
[  208.667976][ T5898] kernel write not supported for file /vcs (pid: 5898 comm: kworker/0:6)
[  208.676279][ T5836] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  208.679007][ T8320] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  209.016803][ T8112] ocfs2: Unmounting device (7,8) on (node local)
[  209.139598][ T5892] airspy 2-1:0.0: Board ID: 00
[  209.176217][ T5892] airspy 2-1:0.0: Firmware version: 
[  209.530579][ T5892] airspy 2-1:0.0: usb_control_msg() failed -71 request 0e
[  209.591110][ T5892] airspy 2-1:0.0: Registered as swradio24
[  209.617753][ T5892] airspy 2-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  209.675178][ T5892] usb 2-1: USB disconnect, device number 6
[  210.581030][ T8388] loop8: detected capacity change from 0 to 512
[  210.676899][ T8388] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  210.737321][ T8393] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  210.787959][ T8388] EXT4-fs (loop8): 1 orphan inode deleted
[  210.793765][ T8388] EXT4-fs (loop8): 1 truncate cleaned up
[  210.800257][ T8393] netdevsim netdevsim1 netdevsim0: left allmulticast mode
[  210.833625][ T8388] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.896226][ T8388] EXT4-fs error (device loop8): ext4_search_dir:1476: inode #12: block 7: comm syz.8.710: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0
[  211.000929][ T8399] netlink: 24 bytes leftover after parsing attributes in process `syz.5.715'.
[  211.009274][ T8388] EXT4-fs (loop8): Remounting filesystem read-only
[  211.112705][ T8400] EXT4-fs warning (device loop8): empty_inline_dir:1792: bad inline directory (dir #12) - inode 13, rec_len 784, name_len 5inline size 60
[  211.359627][ T8112] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.730157][ T8385] loop0: detected capacity change from 0 to 32768
[  211.798486][ T8385] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  211.885809][ T8385] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  212.073946][ T8426] loop5: detected capacity change from 0 to 2048
[  212.100112][ T8385] syz.0.709 (8385) used greatest stack depth: 18824 bytes left
[  212.183918][ T8426] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  212.234807][ T8426] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  212.268228][ T5836] ocfs2: Unmounting device (7,0) on (node local)
[  212.296683][ T8426] UDF-fs: Scanning with blocksize 512 failed
[  212.376157][ T8426] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  213.563210][ T8459] netlink: 'syz.5.742': attribute type 25 has an invalid length.
[  213.923584][ T8467] netlink: 4 bytes leftover after parsing attributes in process `syz.0.745'.
[  213.976300][ T5967] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  214.005492][ T8440] loop3: detected capacity change from 0 to 32768
[  214.038458][ T8440] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.734 (8440)
[  214.133076][ T8440] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  214.175671][ T5967] usb 7-1: Using ep0 maxpacket: 32
[  214.208825][ T8440] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  214.257702][ T5967] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[  214.274888][ T5967] usb 7-1: config 0 has no interface number 0
[  214.314870][ T5967] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  214.334626][ T5967] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.342811][ T5967] usb 7-1: Product: syz
[  214.347220][ T5967] usb 7-1: Manufacturer: syz
[  214.351839][ T5967] usb 7-1: SerialNumber: syz
[  214.352370][ T8440] BTRFS info (device loop3): using free-space-tree
[  214.417727][ T5967] usb 7-1: config 0 descriptor??
[  214.435563][ T5967] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  214.435950][ T8476] loop0: detected capacity change from 0 to 1024
[  214.601929][ T8476] EXT4-fs: Ignoring removed orlov option
[  214.683144][ T8476] EXT4-fs: Ignoring removed nomblk_io_submit option
[  214.750104][ T5967] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  214.780710][ T5967] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  214.928339][ T8495] loop1: detected capacity change from 0 to 4096
[  214.962391][    C1] quatech-serial ttyUSB0: qt2_process_read_urb - unsupported command 115
[  214.997323][ T8495] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  214.997470][ T8499] loop5: detected capacity change from 0 to 4096
[  215.016208][ T8476] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.145462][ T8499] NILFS (loop5): invalid segment: Checksum error in segment payload
[  215.153727][ T8499] NILFS (loop5): trying rollback from an earlier position
[  215.162482][   T30] audit: type=1800 audit(1744151538.149:64): pid=8440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.734" name="bus" dev="loop3" ino=263 res=0 errno=0
[  215.187177][    C1] usb 7-1: qt2_read_bulk_callback - non-zero urb status: -71
[  215.198685][   T24] usb 7-1: USB disconnect, device number 5
[  215.235320][   T24] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  215.367135][ T8499] NILFS (loop5): recovery complete
[  215.417790][ T8495] ntfs3(loop1): Failed to initialize $Extend/$ObjId.
[  215.473242][   T24] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  215.494619][ T8505] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  215.522940][   T24] quatech2 7-1:0.51: device disconnected
[  215.576611][ T8495] ntfs3(loop1): ino=5, "/" indx_read
[  215.593681][ T8495] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  215.696156][ T5833] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  215.963909][ T5836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.207776][ T8516] Â: renamed from pim6reg1
[  216.269677][ T5144] Bluetooth: hci0: command 0x0406 tx timeout
[  216.275792][ T5856] Bluetooth: hci2: command 0x0406 tx timeout
[  216.344969][ T5144] Bluetooth: hci1: command 0x0406 tx timeout
[  216.954766][ T6491] udevd[6491]: failed to send result of seq 14184 to main daemon: Connection refused
[  217.215707][ T8540] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  217.243434][ T8533] loop5: detected capacity change from 0 to 8192
[  217.598151][ T8552] loop0: detected capacity change from 0 to 64
[  217.754508][ T8556] loop3: detected capacity change from 0 to 512
[  217.811848][ T8556] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  218.070683][ T8556] EXT4-fs (loop3): failed to open journal device unknown-block(11,131) -6
[  218.194984][ T5968] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  218.334499][ T8583] loop1: detected capacity change from 0 to 64
[  218.375926][ T5968] usb 7-1: Using ep0 maxpacket: 32
[  218.395535][ T5968] usb 7-1: config 9 has an invalid interface number: 184 but max is 0
[  218.434571][ T5968] usb 7-1: config 9 has no interface number 0
[  218.444865][ T5968] usb 7-1: config 9 interface 184 has no altsetting 0
[  218.473615][ T8583] hfs: keylen 94 too large
[  218.488926][ T5968] usb 7-1: New USB device found, idVendor=1410, idProduct=b001, bcdDevice=81.db
[  218.516449][ T8583] hfs: request for non-existent node 1818584064 in B*Tree
[  218.524097][ T8583] hfs: request for non-existent node 1818584064 in B*Tree
[  218.534256][ T5968] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.563108][ T5968] usb 7-1: Product: syz
[  218.573243][ T5968] usb 7-1: Manufacturer: syz
[  218.588848][ T5968] usb 7-1: SerialNumber: syz
[  218.616769][ T8588] hfs: keylen 94 too large
[  218.659740][ T8588] hfs: inconsistency in B*Tree (1,0,1,0,3)
[  219.060949][ T5968] qmi_wwan 7-1:9.184: bogus CDC Union: master=0, slave=1
[  219.080146][ T6282] tipc: Subscription rejected, illegal request
[  219.094310][ T8603] sctp: [Deprecated]: syz.1.794 (pid 8603) Use of int in maxseg socket option.
[  219.094310][ T8603] Use struct sctp_assoc_value instead
[  219.171066][ T8606] loop3: detected capacity change from 0 to 64
[  219.282393][ T5968] qmi_wwan 7-1:9.184: probe with driver qmi_wwan failed with error -22
[  219.380561][ T8613] netlink: 4 bytes leftover after parsing attributes in process `syz.5.798'.
[  219.522283][    T9] usb 7-1: USB disconnect, device number 6
[  219.542769][ T8608] loop8: detected capacity change from 0 to 8192
[  219.892874][ T8624] loop3: detected capacity change from 0 to 512
[  219.918209][ T8624] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  219.988367][ T8624] EXT4-fs (loop3): 1 truncate cleaned up
[  219.996900][ T8624] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.452508][ T8635] loop0: detected capacity change from 0 to 4096
[  220.510800][ T8635] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[  220.599546][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.809419][ T8644] netlink: 'syz.5.813': attribute type 21 has an invalid length.
[  220.845072][ T8644] netlink: 156 bytes leftover after parsing attributes in process `syz.5.813'.
[  220.895677][ T8646] netlink: 'syz.5.813': attribute type 21 has an invalid length.
[  220.910294][ T8646] netlink: 156 bytes leftover after parsing attributes in process `syz.5.813'.
[  221.424669][ T8633] loop1: detected capacity change from 0 to 32768
[  221.448677][ T8633] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.806 (8633)
[  221.473564][ T8666] netlink: 'syz.6.821': attribute type 10 has an invalid length.
[  221.500321][ T8633] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  221.511269][ T8669] loop5: detected capacity change from 0 to 64
[  221.514018][ T8666] netlink: 40 bytes leftover after parsing attributes in process `syz.6.821'.
[  221.540298][ T8633] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm
[  221.564204][ T8633] BTRFS info (device loop1): using free-space-tree
[  221.663810][ T8666] team0: Port device geneve0 added
[  221.887803][ T8633] BTRFS info (device loop1): rebuilding free space tree
[  222.013372][ T8692] loop0: detected capacity change from 0 to 512
[  222.060548][ T8692] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  222.158523][ T8692] EXT4-fs (loop0): 1 truncate cleaned up
[  222.195235][ T8698] netlink: 'syz.5.828': attribute type 10 has an invalid length.
[  222.205885][ T8692] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.307667][ T8698] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  222.520141][ T8657] loop8: detected capacity change from 0 to 32768
[  222.555403][ T8657] XFS: ikeep mount option is deprecated.
[  222.556745][ T5832] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  222.565094][ T8657] XFS: noikeep mount option is deprecated.
[  222.687519][ T8657] XFS (loop8): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  222.874052][ T8715] loop5: detected capacity change from 0 to 256
[  222.894366][ T8715] exfat: Deprecated parameter 'utf8'
[  222.911117][ T8715] exfat: Deprecated parameter 'utf8'
[  222.917581][ T8657] XFS (loop8): Ending clean mount
[  222.923837][ T5898] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  222.963096][ T8657] XFS (loop8): Quotacheck needed: Please wait.
[  222.970822][ T5836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.015908][ T8715] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d)
[  223.086656][ T8657] XFS (loop8): Quotacheck: Done.
[  223.114375][   T30] audit: type=1800 audit(1744151546.099:65): pid=8715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.833" name="file2" dev="loop5" ino=16 res=0 errno=0
[  223.166930][ T5898] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  223.177609][ T5898] usb 7-1: config 0 interface 0 has no altsetting 0
[  223.187658][ T5898] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  223.197600][ T5898] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  223.212474][ T5898] usb 7-1: Product: syz
[  223.227488][ T5898] usb 7-1: Manufacturer: syz
[  223.234653][   T30] audit: type=1800 audit(1744151546.219:66): pid=8657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.817" name="file0" dev="loop8" ino=1060 res=0 errno=0
[  223.260950][ T5898] usb 7-1: SerialNumber: syz
[  223.283281][ T5898] usb 7-1: config 0 descriptor??
[  223.327950][ T5898] usb 7-1: selecting invalid altsetting 0
[  223.383033][   T30] audit: type=1326 audit(1744151546.369:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8716 comm="syz.0.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f1b8d169 code=0x7ffc0000
[  223.506583][   T30] audit: type=1326 audit(1744151546.449:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8716 comm="syz.0.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f06f1b8d169 code=0x7ffc0000
[  223.585459][   T30] audit: type=1326 audit(1744151546.449:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8716 comm="syz.0.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f1b8d169 code=0x7ffc0000
[  223.637832][ T5898] usb 7-1: USB disconnect, device number 7
[  223.670374][ T8112] XFS (loop8): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  224.587854][ T8744] netlink: 20 bytes leftover after parsing attributes in process `syz.5.846'.
[  224.841702][ T8754] loop5: detected capacity change from 0 to 1024
[  224.859909][   T24] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  224.943718][   T30] audit: type=1800 audit(1744151547.929:70): pid=8754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.852" name="file1" dev="loop5" ino=20 res=0 errno=0
[  225.006235][ T8758] loop0: detected capacity change from 0 to 16
[  225.065626][   T24] usb 7-1: Using ep0 maxpacket: 32
[  225.080502][   T24] usb 7-1: unable to get BOS descriptor or descriptor too short
[  225.100074][ T8758] erofs (device loop0): mounted with root inode @ nid 36.
[  225.122033][   T24] usb 7-1: config 127 has an invalid interface number: 25 but max is 0
[  225.135135][   T24] usb 7-1: config 127 has no interface number 0
[  225.141475][   T24] usb 7-1: config 127 interface 25 has no altsetting 0
[  225.167683][   T24] usb 7-1: New USB device found, idVendor=1110, idProduct=9000, bcdDevice=f4.11
[  225.180052][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.202507][   T24] usb 7-1: Product: syz
[  225.211966][   T24] usb 7-1: Manufacturer: syz
[  225.222130][   T24] usb 7-1: SerialNumber: syz
[  225.365447][ T8738] loop1: detected capacity change from 0 to 32768
[  225.451991][   T24] usb 7-1: [ueagle-atm] ADSL device founded vid (0X1110) pid (0X9000) Rev (0XF411): ADI930
[  225.499128][   T30] audit: type=1800 audit(1744151548.489:71): pid=8738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.843" name="file1" dev="loop1" ino=4 res=0 errno=0
[  225.641247][ T8768] loop8: detected capacity change from 0 to 64
[  225.684958][ T8768] hfs: unable to locate alternate MDB
[  225.715196][ T8768] hfs: continuing without an alternate MDB
[  225.785979][   T30] audit: type=1800 audit(1744151548.759:72): pid=8768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.858" name="file1" dev="loop8" ino=18 res=0 errno=0
[  225.818764][ T8750] loop3: detected capacity change from 0 to 32768
[  225.873090][ T8750] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.849 (8750)
[  225.961966][ T8772] loop0: detected capacity change from 0 to 32768
[  225.989430][ T8774] netlink: 272 bytes leftover after parsing attributes in process `syz.5.862'.
[  225.990044][ T8750] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  226.038578][   T24] usb 7-1: reset high-speed USB device number 8 using dummy_hcd
[  226.049819][   T24] usb 7-1: device reset changed ep0 maxpacket size!
[  226.062533][   T24] ueagle-atm 7-1:127.25: usbatm_usb_probe: bind failed: -19!
[  226.072600][   T24] usb 7-1: USB disconnect, device number 8
[  226.072986][ T8750] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  226.145350][ T8750] BTRFS info (device loop3): using free-space-tree
[  226.207722][ T8772] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=gzip,erasure_code,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow
[  226.228077][ T8772] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  226.237104][ T8772] bcachefs (loop0): Version upgrade required:
[  226.237104][ T8772] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  226.237104][ T8772] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.25: extent_flags
[  226.237104][ T8772]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  226.308493][ T8772] bcachefs (loop0): dropping and reconstructing all alloc info
[  226.347371][ T8772] bcachefs (loop0): running explicit recovery pass check_topology (2), currently at recovery_pass_empty (0)
[  226.362147][ T8772] bcachefs (loop0): bcachefs (loop0): error validating btree node on loop0 at btree dirents level 0/0
[  226.362186][ T8772]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 281474976710656: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0
[  226.362208][ T8772]   node offset 0/24: incorrect min_key: got 0:0:7 should be POS_MIN, btree topology error: 
[  226.400248][ T8772] bcachefs (loop0): flagging btree dirents lost data
[  226.407385][ T8772] bcachefs (loop0): running explicit recovery pass scan_for_btree_nodes (1), currently at recovery_pass_empty (0)
[  226.423555][ T8772] bcachefs (loop0): error reading btree root btree=dirents level=0: btree_node_read_error, fixing
[  226.437461][   T24] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  226.464838][ T8772] bcachefs (loop0): scan_for_btree_nodes...
[  226.484236][ T8772] bcachefs (loop0): btree node scan found 7 nodes after overwrites
[  226.498770][ T8772]  done
[  226.502949][ T8772] bcachefs (loop0): check_topology...
[  226.505735][ T8772] bcachefs (loop0): btree root dirents unreadable, must recover from scan
[  226.520150][ T8772] bcachefs (loop0): bch2_get_scanned_nodes(): recovery btree=dirents level=0 POS_MIN - SPOS_MAX
[  226.531633][ T8772] bcachefs (loop0): bch2_get_scanned_nodes(): recovering u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key 0:0:7 durability: 1 ptr: 0:41:0 gen 0
[  226.573969][ T8772] bcachefs (loop0): bch2_get_scanned_nodes(): recovery btree=dirents level=0 POS_MIN - 0:0:6
[  226.585603][ T8772] bcachefs (loop0): btree node with incorrect min_key  at btree=dirents level=1:
[  226.585638][ T8772]   parent: u64s 5 type btree_ptr SPOS_MAX len 0 ver 0
[  226.585654][ T8772]   next: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key 0:0:7 durability: 1 ptr: 0:41:0 gen 0, fixing
[  226.617237][ T8772] bcachefs (loop0): set_node_min(): u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key 0:0:7 durability: 1 ptr: 0:41:0 gen 0 -> POS_MIN
[  226.634844][ T8772]  done
[  226.638017][ T8772] bcachefs (loop0): accounting_read... done
[  226.685548][ T8772] bcachefs (loop0): alloc_read... done
[  226.691732][ T8772] bcachefs (loop0): snapshots_read... done
[  226.698446][ T8772] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[  226.709777][ T8772] bcachefs (loop0): done starting filesystem
[  226.735838][   T24] usb 7-1: unable to get BOS descriptor or descriptor too short
[  226.754814][   T24] usb 7-1: unable to read config index 0 descriptor/start: -71
[  226.762446][   T24] usb 7-1: can't read configurations, error -71
[  226.833221][ T8772] bcachefs (loop0): btree_path_down(): fatal error node not found at pos 4096:666187072692914824:U32_MAX within parent node u64s 5 type btree_ptr SPOS_MAX len 0 ver 0
[  226.854428][ T8772] bcachefs (loop0): fatal error - emergency read only
[  226.866536][ T8772] bcachefs (loop0): btree_path_down(): fatal error node not found at pos 4096:666187072692914824:U32_MAX within parent node u64s 5 type btree_ptr SPOS_MAX len 0 ver 0
[  226.980375][ T5836] bcachefs (loop0): shutting down
[  226.989926][ T5833] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  227.276815][ T5836] bcachefs (loop0): shutdown complete
[  227.700906][ T8823] loop1: detected capacity change from 0 to 4096
[  227.776027][ T8823] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  227.839509][ T8823] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096)
[  227.988677][ T8828] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  228.005441][ T8830] dlm: no local IP address has been set
[  228.042009][ T8830] dlm: cannot start dlm midcomms -107
[  228.119812][ T8811] loop8: detected capacity change from 0 to 40427
[  228.169624][ T8811] F2FS-fs (loop8): build fault injection attr: rate: 690, type: 0x3fffff
[  228.198778][ T8811] F2FS-fs (loop8): Image doesn't support compression
[  228.316026][ T8811] F2FS-fs (loop8): invalid crc value
[  228.688577][ T8811] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  228.827716][ T8827] loop6: detected capacity change from 0 to 32768
[  228.835815][ T8811] F2FS-fs (loop8): inject page alloc in f2fs_grab_cache_folio of f2fs_get_read_data_folio+0xe0/0x800
[  228.904167][ T8827] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  228.949527][ T8112] syz-executor: attempt to access beyond end of device
[  228.949527][ T8112] loop8: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  229.026301][ T8112] CPU: 1 UID: 0 PID: 8112 Comm: syz-executor Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  229.026343][ T8112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  229.026360][ T8112] Call Trace:
[  229.026370][ T8112]  <TASK>
[  229.026380][ T8112]  dump_stack_lvl+0x241/0x360
[  229.026428][ T8112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.026467][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.026495][ T8112]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  229.026525][ T8112]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  229.026554][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.026582][ T8112]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  229.026624][ T8112]  f2fs_handle_critical_error+0x392/0x5a0
[  229.026670][ T8112]  f2fs_write_end_io+0x563/0x790
[  229.026717][ T8112]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  229.026766][ T8112]  ? bio_endio+0x7e4/0x890
[  229.026799][ T8112]  ? bio_endio+0x82a/0x890
[  229.026834][ T8112]  __submit_merged_bio+0x2a9/0x710
[  229.026873][ T8112]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  229.026915][ T8112]  f2fs_submit_merged_write_cond+0x29f/0x380
[  229.026964][ T8112]  f2fs_write_data_pages+0x2f99/0x38d0
[  229.027047][ T8112]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  229.027139][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.027169][ T8112]  ? __mod_memcg_lruvec_state+0x301/0x4f0
[  229.027216][ T8112]  ? __pfx___mod_memcg_lruvec_state+0x10/0x10
[  229.027260][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.027305][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.027334][ T8112]  ? __lock_acquire+0xad5/0xd80
[  229.027368][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.027397][ T8112]  ? do_raw_spin_lock+0x151/0x370
[  229.027444][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.027473][ T8112]  ? do_raw_spin_unlock+0x13c/0x8b0
[  229.027516][ T8112]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  229.027559][ T8112]  do_writepages+0x366/0x890
[  229.027596][ T8112]  ? __pfx_do_writepages+0x10/0x10
[  229.027619][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.027648][ T8112]  ? __lock_acquire+0xad5/0xd80
[  229.027681][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.027710][ T8112]  ? do_raw_spin_lock+0x151/0x370
[  229.027761][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.027791][ T8112]  ? do_raw_spin_unlock+0x13c/0x8b0
[  229.027846][ T8112]  filemap_fdatawrite+0x1f2/0x2a0
[  229.027878][ T8112]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  229.027904][ T8112]  ? mlock_drain_local+0x79/0x490
[  229.027983][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.028012][ T8112]  ? do_raw_spin_unlock+0x13c/0x8b0
[  229.028061][ T8112]  f2fs_sync_dirty_inodes+0x34f/0x860
[  229.028122][ T8112]  f2fs_write_checkpoint+0x857/0x1da0
[  229.028172][ T8112]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  229.028256][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.028286][ T8112]  ? kill_f2fs_super+0x290/0x6d0
[  229.028318][ T8112]  kill_f2fs_super+0x2b8/0x6d0
[  229.028354][ T8112]  ? __pfx_kill_f2fs_super+0x10/0x10
[  229.028387][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.028417][ T8112]  ? shrinker_free+0x2ca/0x3d0
[  229.028454][ T8112]  deactivate_locked_super+0xc6/0x130
[  229.028486][ T8112]  cleanup_mnt+0x422/0x4c0
[  229.028514][ T8112]  ? lockdep_hardirqs_on+0x9d/0x150
[  229.028550][ T8112]  task_work_run+0x253/0x310
[  229.028598][ T8112]  ? __pfx_task_work_run+0x10/0x10
[  229.028644][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.028680][ T8112]  syscall_exit_to_user_mode+0x13f/0x340
[  229.028717][ T8112]  do_syscall_64+0x100/0x230
[  229.028756][ T8112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.028781][ T8112] RIP: 0033:0x7f491a38e497
[  229.028804][ T8112] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  229.028825][ T8112] RSP: 002b:00007ffd98c98ae8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  229.028862][ T8112] RAX: 0000000000000000 RBX: 00007f491a40e08c RCX: 00007f491a38e497
[  229.028880][ T8112] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd98c98ba0
[  229.028896][ T8112] RBP: 00007ffd98c98ba0 R08: 0000000000000000 R09: 0000000000000000
[  229.028913][ T8112] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd98c99c30
[  229.028931][ T8112] R13: 00007f491a40e08c R14: 0000000000037dde R15: 00007ffd98c99c70
[  229.028970][ T8112]  </TASK>
[  229.030543][ T8112] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[  229.077303][ T8858] netlink: 8 bytes leftover after parsing attributes in process `syz.3.885'.
[  229.083228][ T8112] CPU: 1 UID: 0 PID: 8112 Comm: syz-executor Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  229.083264][ T8112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  229.083280][ T8112] Call Trace:
[  229.083290][ T8112]  <TASK>
[  229.083301][ T8112]  dump_stack_lvl+0x241/0x360
[  229.083349][ T8112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.083388][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.083416][ T8112]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  229.083445][ T8112]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  229.083474][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.083502][ T8112]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  229.083557][ T8112]  f2fs_handle_critical_error+0x392/0x5a0
[  229.083605][ T8112]  f2fs_write_end_io+0x563/0x790
[  229.083657][ T8112]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  229.083703][ T8112]  ? bio_endio+0x7e4/0x890
[  229.083736][ T8112]  ? bio_endio+0x82a/0x890
[  229.083772][ T8112]  __submit_merged_bio+0x2a9/0x710
[  229.083802][ T8112]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  229.083845][ T8112]  f2fs_submit_merged_write_cond+0x29f/0x380
[  229.083896][ T8112]  f2fs_write_data_pages+0x2f99/0x38d0
[  229.083992][ T8112]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  229.084096][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.084128][ T8112]  ? __mod_memcg_lruvec_state+0x301/0x4f0
[  229.084174][ T8112]  ? __pfx___mod_memcg_lruvec_state+0x10/0x10
[  229.084217][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.084266][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.084293][ T8112]  ? __lock_acquire+0xad5/0xd80
[  229.084327][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.084355][ T8112]  ? do_raw_spin_lock+0x151/0x370
[  229.084403][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.084431][ T8112]  ? do_raw_spin_unlock+0x13c/0x8b0
[  229.084474][ T8112]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  229.084516][ T8112]  do_writepages+0x366/0x890
[  229.084562][ T8112]  ? __pfx_do_writepages+0x10/0x10
[  229.084585][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.084612][ T8112]  ? __lock_acquire+0xad5/0xd80
[  229.084646][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.084677][ T8112]  ? do_raw_spin_lock+0x151/0x370
[  229.084730][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.084758][ T8112]  ? do_raw_spin_unlock+0x13c/0x8b0
[  229.084808][ T8112]  filemap_fdatawrite+0x1f2/0x2a0
[  229.084841][ T8112]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  229.084866][ T8112]  ? mlock_drain_local+0x79/0x490
[  229.084958][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.084986][ T8112]  ? do_raw_spin_unlock+0x13c/0x8b0
[  229.085036][ T8112]  f2fs_sync_dirty_inodes+0x34f/0x860
[  229.085100][ T8112]  f2fs_write_checkpoint+0x857/0x1da0
[  229.085155][ T8112]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  229.085248][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.085277][ T8112]  ? kill_f2fs_super+0x290/0x6d0
[  229.085310][ T8112]  kill_f2fs_super+0x2b8/0x6d0
[  229.085345][ T8112]  ? __pfx_kill_f2fs_super+0x10/0x10
[  229.085381][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.085408][ T8112]  ? shrinker_free+0x2ca/0x3d0
[  229.085446][ T8112]  deactivate_locked_super+0xc6/0x130
[  229.085479][ T8112]  cleanup_mnt+0x422/0x4c0
[  229.085507][ T8112]  ? lockdep_hardirqs_on+0x9d/0x150
[  229.085543][ T8112]  task_work_run+0x253/0x310
[  229.085601][ T8112]  ? __pfx_task_work_run+0x10/0x10
[  229.085647][ T8112]  ? srso_alias_return_thunk+0x5/0xfbef5
[  229.085682][ T8112]  syscall_exit_to_user_mode+0x13f/0x340
[  229.085719][ T8112]  do_syscall_64+0x100/0x230
[  229.085759][ T8112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.085784][ T8112] RIP: 0033:0x7f491a38e497
[  229.085804][ T8112] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  229.085824][ T8112] RSP: 002b:00007ffd98c98ae8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  229.085850][ T8112] RAX: 0000000000000000 RBX: 00007f491a40e08c RCX: 00007f491a38e497
[  229.085868][ T8112] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd98c98ba0
[  229.085884][ T8112] RBP: 00007ffd98c98ba0 R08: 0000000000000000 R09: 0000000000000000
[  229.085899][ T8112] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd98c99c30
[  229.085917][ T8112] R13: 00007f491a40e08c R14: 0000000000037dde R15: 00007ffd98c99c70
[  229.085961][ T8112]  </TASK>
[  229.088040][ T8112] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[  229.269464][ T8834] loop5: detected capacity change from 0 to 32768
[  229.451558][ T8827] XFS (loop6): Ending clean mount
[  229.710432][ T8834] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  229.731878][ T8827] XFS (loop6): Quotacheck needed: Please wait.
[  230.029837][   T30] audit: type=1800 audit(1744151553.019:73): pid=8834 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.880" name="file1" dev="loop5" ino=17058 res=0 errno=0
[  230.103777][ T8827] XFS (loop6): Quotacheck: Done.
[  230.144912][    T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  230.198226][ T5831] ocfs2: Unmounting device (7,5) on (node local)
[  230.316611][    T9] usb 2-1: Using ep0 maxpacket: 8
[  230.332564][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  230.361410][    T9] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  230.388755][    T9] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  230.391222][ T6185] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  230.486905][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  230.508524][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.535516][    T9] usb 2-1: Product: syz
[  230.539761][    T9] usb 2-1: Manufacturer: syz
[  230.544472][    T9] usb 2-1: SerialNumber: syz
[  230.827101][    T9] cdc_ncm 2-1:1.0: bind() failure
[  230.878638][    T9] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  230.912131][ T8877] loop5: detected capacity change from 0 to 512
[  230.918984][    T9] cdc_ncm 2-1:1.1: bind() failure
[  230.929057][ T8877] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  230.979670][    T9] usb 2-1: USB disconnect, device number 7
[  231.041866][ T8877] EXT4-fs (loop5): 1 truncate cleaned up
[  231.067229][ T8877] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.342410][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.074788][   T24] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  232.254796][   T24] usb 6-1: Using ep0 maxpacket: 8
[  232.279862][   T24] usb 6-1: config 0 has no interfaces?
[  232.288179][ T8911] netlink: 'syz.0.908': attribute type 10 has an invalid length.
[  232.316474][   T24] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee
[  232.333976][ T8911] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  232.337346][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.378376][   T24] usb 6-1: Product: syz
[  232.389864][ T8910] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  232.393014][   T24] usb 6-1: Manufacturer: syz
[  232.434817][   T24] usb 6-1: SerialNumber: syz
[  232.461119][   T24] usb 6-1: config 0 descriptor??
[  232.754951][ T8919] netlink: 16 bytes leftover after parsing attributes in process `syz.6.912'.
[  232.767719][ T8900] loop1: detected capacity change from 0 to 32768
[  232.768492][ T5898] usb 6-1: USB disconnect, device number 8
[  232.854116][ T8900] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  232.926985][ T8907] loop8: detected capacity change from 0 to 32768
[  232.975585][ T8907] XFS: ikeep mount option is deprecated.
[  232.978736][ T8931] loop6: detected capacity change from 0 to 128
[  233.006440][ T8931] ufs: You didn't specify the type of your ufs filesystem
[  233.006440][ T8931] 
[  233.006440][ T8931] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  233.006440][ T8931] 
[  233.006440][ T8931] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  233.043196][ T8907] XFS (loop8): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  233.066550][ T8931] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[  233.109315][ T8900] XFS (loop1): Ending clean mount
[  233.140927][ T8900] XFS (loop1): Quotacheck needed: Please wait.
[  233.146873][ T8907] XFS (loop8): Ending clean mount
[  233.158233][ T8907] XFS (loop8): Quotacheck needed: Please wait.
[  233.231093][ T8900] XFS (loop1): Quotacheck: Done.
[  233.246713][ T8907] XFS (loop8): Quotacheck: Done.
[  233.344916][   T30] audit: type=1800 audit(1744151556.329:74): pid=8900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.903" name="file2" dev="loop1" ino=4423 res=0 errno=0
[  233.441741][ T8949] loop6: detected capacity change from 0 to 256
[  233.502283][ T5832] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  233.514994][ T8949] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  233.568772][ T8112] XFS (loop8): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  233.709418][ T8949] exFAT-fs (loop6): error, invalid access to FAT (entry 0xffffffff)
[  233.746071][ T8949] exFAT-fs (loop6): Filesystem has been set read-only
[  233.798269][ T8949] exFAT-fs (loop6): error, invalid access to FAT (entry 0xffffffff)
[  233.853003][ T8949] exFAT-fs (loop6): error, invalid access to FAT (entry 0xffffffff)
[  233.933020][ T8921] loop3: detected capacity change from 0 to 40427
[  233.941655][ T8956] loop0: detected capacity change from 0 to 8
[  233.998414][ T8921] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x3fffff
[  234.064210][ T8921] F2FS-fs (loop3): invalid crc value
[  234.284120][ T8964] Driver unsupported XDP return value 0 on prog  (id 101) dev N/A, expect packet loss!
[  234.365745][ T8921] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  234.578109][ T5833] syz-executor: attempt to access beyond end of device
[  234.578109][ T5833] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  234.663407][ T5833] CPU: 1 UID: 0 PID: 5833 Comm: syz-executor Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  234.663449][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  234.663465][ T5833] Call Trace:
[  234.663475][ T5833]  <TASK>
[  234.663485][ T5833]  dump_stack_lvl+0x241/0x360
[  234.663534][ T5833]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.663580][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.663609][ T5833]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  234.663638][ T5833]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  234.663668][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.663696][ T5833]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  234.663739][ T5833]  f2fs_handle_critical_error+0x392/0x5a0
[  234.663786][ T5833]  f2fs_write_end_io+0x563/0x790
[  234.663835][ T5833]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  234.663879][ T5833]  ? bio_endio+0x7e4/0x890
[  234.663912][ T5833]  ? bio_endio+0x82a/0x890
[  234.663946][ T5833]  __submit_merged_bio+0x2a9/0x710
[  234.663977][ T5833]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  234.664018][ T5833]  f2fs_submit_merged_write_cond+0x29f/0x380
[  234.664067][ T5833]  f2fs_write_data_pages+0x2f99/0x38d0
[  234.664155][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  234.664192][ T5833]  ? 0xffffffffa0004840
[  234.664228][ T5833]  ? __kernel_text_address+0xd/0x40
[  234.664288][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.664317][ T5833]  ? __mod_memcg_lruvec_state+0x301/0x4f0
[  234.664363][ T5833]  ? __pfx___mod_memcg_lruvec_state+0x10/0x10
[  234.664406][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.664449][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.664477][ T5833]  ? __lock_acquire+0xad5/0xd80
[  234.664511][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.664555][ T5833]  ? do_raw_spin_lock+0x151/0x370
[  234.664602][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.664630][ T5833]  ? do_raw_spin_unlock+0x13c/0x8b0
[  234.664676][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  234.664719][ T5833]  do_writepages+0x366/0x890
[  234.664755][ T5833]  ? __pfx_do_writepages+0x10/0x10
[  234.664779][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.664806][ T5833]  ? __lock_acquire+0xad5/0xd80
[  234.664837][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.664865][ T5833]  ? do_raw_spin_lock+0x151/0x370
[  234.664915][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.664943][ T5833]  ? do_raw_spin_unlock+0x13c/0x8b0
[  234.664991][ T5833]  filemap_fdatawrite+0x1f2/0x2a0
[  234.665025][ T5833]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  234.665050][ T5833]  ? mlock_drain_local+0x79/0x490
[  234.665129][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.665158][ T5833]  ? do_raw_spin_unlock+0x13c/0x8b0
[  234.665207][ T5833]  f2fs_sync_dirty_inodes+0x34f/0x860
[  234.665274][ T5833]  f2fs_write_checkpoint+0x857/0x1da0
[  234.665322][ T5833]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  234.665397][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.665426][ T5833]  ? kfree+0x198/0x430
[  234.665457][ T5833]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  234.665485][ T5833]  ? kill_f2fs_super+0x290/0x6d0
[  234.665517][ T5833]  kill_f2fs_super+0x2b8/0x6d0
[  234.665563][ T5833]  ? __pfx_kill_f2fs_super+0x10/0x10
[  234.665596][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.665625][ T5833]  ? shrinker_free+0x2ca/0x3d0
[  234.665661][ T5833]  deactivate_locked_super+0xc6/0x130
[  234.665693][ T5833]  cleanup_mnt+0x422/0x4c0
[  234.665722][ T5833]  ? lockdep_hardirqs_on+0x9d/0x150
[  234.665755][ T5833]  task_work_run+0x253/0x310
[  234.665890][ T5833]  ? __pfx_task_work_run+0x10/0x10
[  234.665959][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  234.665993][ T5833]  syscall_exit_to_user_mode+0x13f/0x340
[  234.666027][ T5833]  do_syscall_64+0x100/0x230
[  234.666062][ T5833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.666085][ T5833] RIP: 0033:0x7f111a18e497
[  234.666107][ T5833] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  234.666126][ T5833] RSP: 002b:00007ffed3f20f28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  234.666150][ T5833] RAX: 0000000000000000 RBX: 00007f111a20e08c RCX: 00007f111a18e497
[  234.666166][ T5833] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed3f20fe0
[  234.666180][ T5833] RBP: 00007ffed3f20fe0 R08: 0000000000000000 R09: 0000000000000000
[  234.666194][ T5833] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffed3f22070
[  234.666209][ T5833] R13: 00007f111a20e08c R14: 00000000000393be R15: 00007ffed3f220b0
[  234.666244][ T5833]  </TASK>
[  235.276579][ T5833] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  235.391929][ T8954] loop5: detected capacity change from 0 to 32768
[  235.405045][ T8954] 
[  235.405045][ T8954]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  235.405045][ T8954] 
[  235.429383][ T8954] read_mapping_page failed!
[  235.434127][ T8954] ERROR: (device loop5): txCommit: 
[  235.434127][ T8954] 
[  235.501617][ T8954] read_mapping_page failed!
[  235.527954][ T8954] ERROR: (device loop5): txCommit: 
[  235.527954][ T8954] 
[  235.701702][   T13] ERROR: (device loop5): diWrite: ixpxd invalid
[  235.701702][   T13] 
[  235.736603][   T13] ERROR: (device loop5): txCommit: 
[  235.736603][   T13] 
[  235.776430][   T13] jfs_write_inode: jfs_commit_inode failed!
[  235.783272][   T13] 
[  235.783272][   T13]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  235.783272][   T13] 
[  235.830090][   T13] 
[  235.830090][   T13]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  235.830090][   T13] 
[  235.844469][ T8990] loop1: detected capacity change from 0 to 128
[  235.866731][  T113] 
[  235.866731][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  235.866731][  T113] 
[  235.901777][ T5831] 
[  235.901777][ T5831]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  235.901777][ T5831] 
[  235.956415][ T5831] 
[  235.956415][ T5831]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  235.956415][ T5831] 
[  236.240123][ T8996] loop1: detected capacity change from 0 to 256
[  236.358527][ T8996] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  236.944624][ T9017] loop1: detected capacity change from 0 to 128
[  237.150507][ T9023] kernel profiling enabled (shift: 17)
[  237.197737][ T8992] loop8: detected capacity change from 0 to 40427
[  237.237632][ T8992] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  237.270229][ T8992] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  237.487607][ T9002] loop0: detected capacity change from 0 to 32768
[  237.526806][ T9002] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.942 (9002)
[  237.572323][ T9002] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  237.601807][ T9002] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  237.635188][ T9002] BTRFS info (device loop0): using free-space-tree
[  237.712738][ T8992] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  237.751453][ T9057] xt_CT: You must specify a L4 protocol and not use inversions on it
[  237.774834][ T8992] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  237.988406][ T9063] netlink: 'syz.3.961': attribute type 1 has an invalid length.
[  238.027727][ T9063] netlink: 'syz.3.961': attribute type 2 has an invalid length.
[  238.067427][ T9069] netlink: 'syz.3.961': attribute type 1 has an invalid length.
[  238.086523][ T9069] netlink: 'syz.3.961': attribute type 2 has an invalid length.
[  238.121971][ T5836] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  238.330889][ T9071] loop5: detected capacity change from 0 to 512
[  238.368214][ T9075] netlink: 'syz.3.967': attribute type 10 has an invalid length.
[  238.382852][ T9075] netlink: 40 bytes leftover after parsing attributes in process `syz.3.967'.
[  238.397309][ T9071] EXT4-fs: Ignoring removed orlov option
[  238.427780][ T9071] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  238.484602][ T9075] team0: Port device geneve0 added
[  238.495413][ T9032] loop6: detected capacity change from 0 to 32768
[  238.585003][ T9071] EXT4-fs (loop5): 1 orphan inode deleted
[  238.590817][ T9071] EXT4-fs (loop5): 1 truncate cleaned up
[  238.657301][ T9071] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.703557][ T9071] EXT4-fs error (device loop5): ext4_check_all_de:659: inode #12: block 7: comm syz.5.964: bad entry in directory: rec_len is too small for name_len - offset=0, inode=13, rec_len=16, size=124 fake=0
[  238.851040][ T9088] EXT4-fs error (device loop5): ext4_lookup:1789: inode #14: comm syz.5.964: invalid fast symlink length 39
[  239.023470][ T9093] loop3: detected capacity change from 0 to 1024
[  239.148133][ T9093] syz.3.969: attempt to access beyond end of device
[  239.148133][ T9093] loop3: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  239.185038][ T9093] buffer_io_error: 25 callbacks suppressed
[  239.185063][ T9093] Buffer I/O error on dev loop3, logical block 2889, async page read
[  239.191698][ T9032] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow
[  239.234521][ T9096] syz.3.969: attempt to access beyond end of device
[  239.234521][ T9096] loop3: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  239.295325][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.342998][ T9093] syz.3.969: attempt to access beyond end of device
[  239.342998][ T9093] loop3: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  239.425248][ T9093] Buffer I/O error on dev loop3, logical block 2889, async page read
[  239.481858][ T9093] hfsplus: can't free extent
[  239.489044][ T9032] bcachefs (loop6): initializing new filesystem
[  239.495456][   T30] audit: type=1800 audit(1744151562.469:75): pid=9093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.969" name="file1" dev="loop3" ino=20 res=0 errno=0
[  239.517862][ T9032] bcachefs (loop6): going read-write
[  239.641479][ T9032] bcachefs (loop6): marking superblocks
[  239.846683][ T9032] bcachefs (loop6): initializing freespace
[  239.886965][ T9032] bcachefs (loop6): done initializing freespace
[  239.917242][ T9032] bcachefs (loop6): reading snapshots table
[  239.923292][ T9032] bcachefs (loop6): reading snapshots done
[  240.061683][ T9032] bcachefs (loop6): done starting filesystem
[  240.306271][ T9032] syz.6.954 (9032) used greatest stack depth: 14576 bytes left
[  240.368882][ T6185] bcachefs (loop6): shutting down
[  240.373988][ T6185] bcachefs (loop6): going read-only
[  240.419671][ T6185] bcachefs (loop6): finished waiting for writes to stop
[  240.486629][ T6185] bcachefs (loop6): flushing journal and stopping allocators, journal seq 14
[  240.655281][    T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  240.666388][ T6185] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 18
[  240.759397][ T6185] bcachefs (loop6): clean shutdown complete, journal seq 19
[  240.824413][    T9] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  240.865261][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.872608][ T9140] loop1: detected capacity change from 0 to 256
[  240.887640][ T6185] bcachefs (loop6): marking filesystem clean
[  240.898330][    T9] usb 1-1: config 0 descriptor??
[  240.900218][ T9140] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  240.920881][    T9] cp210x 1-1:0.0: cp210x converter detected
[  240.958765][ T9140] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  241.073619][ T9140] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  241.151375][ T6185] bcachefs (loop6): shutdown complete
[  241.323553][    T9] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[  241.479090][ T9149] loop1: detected capacity change from 0 to 2048
[  241.540024][    T9] cp210x 1-1:0.0: failed to get vendor val 0x370c size 15: -71
[  241.555184][    T9] cp210x 1-1:0.0: GPIO initialisation failed: -71
[  241.585638][    T9] usb 1-1: cp210x converter now attached to ttyUSB0
[  241.619800][    T9] usb 1-1: USB disconnect, device number 5
[  241.642494][ T9149] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  241.673142][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  241.675587][ T9141] loop5: detected capacity change from 0 to 32768
[  241.688221][    T9] cp210x 1-1:0.0: device disconnected
[  241.796410][ T9141] syz.5.993: attempt to access beyond end of device
[  241.796410][ T9141] loop5: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[  241.902486][ T9141] metapage_write_end_io: I/O error
[  241.910108][ T9141] ERROR: (device loop5): release_metapage: metapage_write_one() failed
[  241.910108][ T9141] 
[  241.940799][ T9141] ERROR: (device loop5): remounting filesystem as read-only
[  241.955497][  T114] blkno = 8ed2c, nblocks = 1
[  241.960331][  T114] ERROR: (device loop5): dbUpdatePMap: blocks are outside the map
[  241.960331][  T114] 
[  241.974767][ T9141] blkno = 8ed2c, nblocks = 1
[  241.979412][ T9141] ERROR: (device loop5): dbUpdatePMap: blocks are outside the map
[  241.979412][ T9141] 
[  242.001385][ T9141] ERROR: (device loop5): dtSearch: DT_GETPAGE: dtree page corrupt
[  242.001385][ T9141] 
[  242.019001][ T9141] jfs_mkdir: dtSearch returned -5
[  242.097141][ T9160] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1000'.
[  242.222759][ T5831] syz-executor: attempt to access beyond end of device
[  242.222759][ T5831] loop5: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[  242.257234][ T5831] metapage_write_end_io: I/O error
[  242.296738][ T5831] JFS: metapage_get_blocks failed
[  242.302010][ T5831] JFS: metapage_get_blocks failed
[  242.311894][ T5831] JFS: metapage_get_blocks failed
[  242.317288][ T5831] JFS: metapage_get_blocks failed
[  242.358954][ T9149] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.996: bg 0: block 234: padding at end of block bitmap is not set
[  242.436952][ T9149] EXT4-fs (loop1): Remounting filesystem read-only
[  242.462882][ T9170] loop8: detected capacity change from 0 to 2048
[  242.478706][ T9170] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  242.531582][ T9170] overlayfs: upper fs needs to support d_type.
[  242.578246][ T9170] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  242.595360][ T9170] overlayfs: failed to set xattr on upper
[  242.605145][ T9170] overlayfs: ...falling back to redirect_dir=nofollow.
[  242.623969][ T9170] overlayfs: ...falling back to index=off.
[  242.714292][ T8112] UDF-fs: error (device loop8): udf_read_inode: (ino 1317) failed !bh
[  242.750023][ T8112] UDF-fs: error (device loop8): udf_read_inode: (ino 1317) failed !bh
[  242.903774][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.096989][ T9177] loop3: detected capacity change from 0 to 1024
[  243.272148][ T9177] ------------[ cut here ]------------
[  243.278031][ T9177] kernel BUG at fs/hfsplus/bnode.c:618!
[  243.324960][ T9177] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[  243.331454][ T9177] CPU: 0 UID: 0 PID: 9177 Comm: syz.3.1010 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  243.343477][ T9177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  243.353755][ T9177] RIP: 0010:hfsplus_bnode_put+0x516/0x520
[  243.359535][ T9177] Code: ff e9 bf fe ff ff 44 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c f3 fe ff ff 4c 89 ef e8 f5 cd 81 ff e9 e6 fe ff ff e8 0b a6 17 ff 90 <0f> 0b e8 03 a6 17 ff 90 0f 0b 90 90 90 90 90 90 90 90 90 90 90 90
[  243.379540][ T9177] RSP: 0018:ffffc90004097350 EFLAGS: 00010283
[  243.385676][ T9177] RAX: ffffffff82abaf65 RBX: ffff888065e4a580 RCX: 0000000000080000
[  243.393656][ T9177] RDX: ffffc9000cb92000 RSI: 0000000000004de9 RDI: 0000000000004dea
[  243.401632][ T9177] RBP: 0000000000000000 R08: ffffffff82abaad0 R09: 1ffff1100cbc94b0
[  243.409609][ T9177] R10: dffffc0000000000 R11: ffffed100cbc94b1 R12: ffff888065e4a500
[  243.417592][ T9177] R13: dffffc0000000000 R14: dffffc0000000000 R15: ffff888029940000
[  243.425850][ T9177] FS:  00007f111afd06c0(0000) GS:ffff888124f96000(0000) knlGS:0000000000000000
[  243.434806][ T9177] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  243.441433][ T9177] CR2: 00007f136de00218 CR3: 00000000296e0000 CR4: 0000000000350ef0
[  243.449428][ T9177] Call Trace:
[  243.452712][ T9177]  <TASK>
[  243.455650][ T9177]  hfsplus_bmap_alloc+0x5d6/0x680
[  243.460714][ T9177]  ? srso_alias_return_thunk+0x5/0xfbef5
[  243.466368][ T9177]  ? __pfx_hfsplus_bmap_alloc+0x10/0x10
[  243.471930][ T9177]  ? __entry_text_end+0xfe0bd/0x1020c9
[  243.477396][ T9177]  ? __asan_memcpy+0x40/0x70
[  243.482001][ T9177]  hfs_bnode_split+0xe5/0x1170
[  243.486782][ T9177]  ? srso_alias_return_thunk+0x5/0xfbef5
[  243.492439][ T9177]  ? hfsplus_bnode_read+0xec/0x1f0
[  243.497564][ T9177]  ? srso_alias_return_thunk+0x5/0xfbef5
[  243.503211][ T9177]  ? __asan_memcpy+0x40/0x70
[  243.507810][ T9177]  ? srso_alias_return_thunk+0x5/0xfbef5
[  243.513570][ T9177]  ? hfsplus_bnode_read+0x1a1/0x1f0
[  243.518879][ T9177]  ? srso_alias_return_thunk+0x5/0xfbef5
[  243.524520][ T9177]  ? hfsplus_bnode_read_u16+0x9b/0x120
[  243.529990][ T9177]  ? __pfx_hfs_bnode_split+0x10/0x10
[  243.535295][ T9177]  ? __pfx_hfs_find_rec_by_key+0x10/0x10
[  243.541049][ T9177]  hfsplus_brec_insert+0x3a9/0xde0
[  243.546276][ T9177]  ? do_raw_spin_unlock+0x13c/0x8b0
[  243.551524][ T9177]  ? __pfx_hfsplus_brec_insert+0x10/0x10
[  243.557180][ T9177]  ? hfsplus_find_init+0x87/0x1d0
[  243.562223][ T9177]  hfsplus_create_cat+0xf62/0x1bd0
[  243.567349][ T9177]  ? __pfx_hfsplus_create_cat+0x10/0x10
[  243.572935][ T9177]  ? __pfx_sprintf+0x10/0x10
[  243.577540][ T9177]  hfsplus_link+0x4c9/0x820
[  243.582066][ T9177]  ? __pfx_hfsplus_link+0x10/0x10
[  243.587103][ T9177]  ? __pfx_down_write+0x10/0x10
[  243.591972][ T9177]  ? srso_alias_return_thunk+0x5/0xfbef5
[  243.597787][ T9177]  ? inode_permission+0xff/0x460
[  243.602744][ T9177]  ? srso_alias_return_thunk+0x5/0xfbef5
[  243.608412][ T9177]  ? srso_alias_return_thunk+0x5/0xfbef5
[  243.614077][ T9177]  ? srso_alias_return_thunk+0x5/0xfbef5
[  243.619738][ T9177]  vfs_link+0x4f2/0x6e0
[  243.623931][ T9177]  do_linkat+0x55b/0x700
[  243.628198][ T9177]  ? __pfx_do_linkat+0x10/0x10
[  243.632981][ T9177]  ? srso_alias_return_thunk+0x5/0xfbef5
[  243.638644][ T9177]  ? strncpy_from_user+0x143/0x280
[  243.643860][ T9177]  ? srso_alias_return_thunk+0x5/0xfbef5
[  243.649513][ T9177]  ? getname_flags+0x1e2/0x530
[  243.654317][ T9177]  __x64_sys_link+0x82/0x90
[  243.658933][ T9177]  do_syscall_64+0xf3/0x230
[  243.663455][ T9177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.669361][ T9177] RIP: 0033:0x7f111a18d169
[  243.673811][ T9177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.693442][ T9177] RSP: 002b:00007f111afd0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[  243.701882][ T9177] RAX: ffffffffffffffda RBX: 00007f111a3a5fa0 RCX: 00007f111a18d169
[  243.709864][ T9177] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 00002000000001c0
[  243.717847][ T9177] RBP: 00007f111a20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  243.725825][ T9177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  243.733809][ T9177] R13: 0000000000000000 R14: 00007f111a3a5fa0 R15: 00007ffed3f21c98
[  243.741893][ T9177]  </TASK>
[  243.744918][ T9177] Modules linked in:
[  243.750717][ T9177] ---[ end trace 0000000000000000 ]---
[  243.780729][ T9186] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1012'.
[  243.790227][ T9186] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1012'.
[  243.807300][ T9186] gretap1: entered promiscuous mode
[  243.828006][ T9177] RIP: 0010:hfsplus_bnode_put+0x516/0x520
[  243.834059][ T9177] Code: ff e9 bf fe ff ff 44 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c f3 fe ff ff 4c 89 ef e8 f5 cd 81 ff e9 e6 fe ff ff e8 0b a6 17 ff 90 <0f> 0b e8 03 a6 17 ff 90 0f 0b 90 90 90 90 90 90 90 90 90 90 90 90
[  243.854925][ T9177] RSP: 0018:ffffc90004097350 EFLAGS: 00010283
[  243.861149][ T9177] RAX: ffffffff82abaf65 RBX: ffff888065e4a580 RCX: 0000000000080000
[  243.869597][ T9177] RDX: ffffc9000cb92000 RSI: 0000000000004de9 RDI: 0000000000004dea
[  243.883182][ T9177] RBP: 0000000000000000 R08: ffffffff82abaad0 R09: 1ffff1100cbc94b0
[  243.899185][ T9177] R10: dffffc0000000000 R11: ffffed100cbc94b1 R12: ffff888065e4a500
[  243.927788][ T9177] R13: dffffc0000000000 R14: dffffc0000000000 R15: ffff888029940000
[  243.975038][ T9177] FS:  00007f111afd06c0(0000) GS:ffff888124f96000(0000) knlGS:0000000000000000
[  243.984062][ T9177] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  244.024742][ T9177] CR2: 00007f088a9762d8 CR3: 00000000296e0000 CR4: 0000000000350ef0
[  244.032984][ T9177] Kernel panic - not syncing: Fatal exception
[  244.039355][ T9177] Kernel Offset: disabled
[  244.043687][ T9177] Rebooting in 86400 seconds..