last executing test programs:

1m27.688534365s ago: executing program 1 (id=77):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000080)=@base={0x12, 0x41, 0x8, 0x2}, 0x50)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r0, &(0x7f00000004c0), &(0x7f0000000400)=@udp6=r1}, 0x3f)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000640)={r0, &(0x7f00000005c0), &(0x7f0000000600)=""/40}, 0x20)

1m27.30355476s ago: executing program 1 (id=81):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x6}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540)

1m26.958987948s ago: executing program 1 (id=84):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_mount_image$jfs(&(0x7f0000000700), &(0x7f0000000300)='./bus\x00', 0x2000002, &(0x7f0000000100)=ANY=[], 0xfe, 0x60a1, &(0x7f00000076c0)="$eJzs3c1vHGcdB/Df7K7XL6Wt1UNVKoTclLdSmtcSAgWaHuDAhQPKFSVy3SrCBZQElFYRceULB/4IEBJHhDhy4g/ogSs3/gAiJUignhg03ueJZye7WQfHO2vP5yM5s795ZtbP5LuzL56ZfQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiB98/0fnioi4+ss0Yz3iM9GP6EWsVvVGRKxurOflBxHxUuw1x4sRsbQcUa2/98/zEW9GxCfPRdx/cGezmn3+gP343p/+/vsfP/PDv/1x6cx//nyr/9a05W7f/s2//3L3cNsMAAAAXVOWZVmkj/kvp8/3vbY7BQDMRX79L5M8/zjUw9p2LEJ/1Oq9Yrg/YyH6o55jvb1Sn9N+f9TqR+u6crK79SIidurrVO8ZHI4HgGNmJz5tuwu0SP6dNoiIZ9ruBLDQirY7wJG4/+DOZpHyLeqvBxuj9nwuyFj+O8XD6zumTWdpnmMyr8fXbvTjhSn9WZ1THxZJzr/XzP/qqD0fWzvq/OdlWv7D0aVPnZPz7zfzbzg5+fcm5t9VOf/BE+Xflz8AAAAAACyw/Pf/9ZaP/y4fflMO5HHHfzcOdheXn3afAAAAAAAAAOCwDjv+30PG/wMAAICFVX1Wr/z2uf15076LrZp/pYh4trE80DHpYpm1tvsBAAAAAAAAAAAAAF0yGJ3De6WIWIqIZ9fWyrKsfuqa9ZM67PrHXde3H7qs7Sd5AAAY+eS5xrX8RcRKRFxJ3/W3tLa2VpYrq2vlWrm6nN/PDpdXytXa59o8reYtDw/whngwLKs7W6mtVzfr8/Ks9ub9Vb9rWPYP0LH5aDFwAIiI0avRfa9IJ0xZPh9tv8vheLD/nzz2fw6i7ccpAAAAcPTKsiyL9HXeL6dj/r22OwUAzEV+/W8eF1Cr1Wq1Wn3y6rpysrv1IiJ26utU7xkMxw8Ax8xOfNp2F2iR/DttEBEvtd0JYKEVbXeAI3H/wZ3NIuVb1F8P0vju+VyQsfx3ir318vqTprM0zzGZ1+NrN/rxwpT+vDinPiySnH+vmf/VUfswLTeWTzE99wPmXzT+jDg30/KvtnO9hf60Leffb+bfcNT7/7zsRm9i/l2V8x88Uf59+QMAAAAAwALLf/9fd/w3bzIAAAAAAAAAHDv3H9zZzNe95uP/n5uwnOs/T6acfyH/Tsr59xr5f6WxXL92+947+/n/68GdzT/c+udn8/Sg+S/nG0V6ZBXpEVGk31QM0vQwW/eo3aX+cLStozveiIhy6b24HtuxFWfHlu2l/4/99nNj7VVPl8baz4+1Dx5pvzDWvpS+d6Bcze2nYzN+Ftvx7l571bY8Y/tXZrSXM9pz/n37fyfl/Ae1nyr/tdReNKaVex/3Htnv69NJv+fy9c//+uzRb85Mu9F/uG111fadaqE/e/8nzwzjFze3bpy+fe3WrRvnIk3G5p6PNHnKcv5L6efh8/+ro/b8vF/fX+99PHzi/BfFbgym5v9q7Xa1va/NuW9tyPkP00/O/93UPnn/P875T9//X2+hPwAAAAAAAAAAAAAAAPA4ZVnuXSJ6OSIuput/2ro2EwCYr/z6XyZ5vlqtVqvV6pNX15WTvV0vIuKv9XWq9wy/mnRnAMAi+29E/KPtTtAa+XdY/r6/wf438gIdcfPDj35ybXt768bNiJW2OwMAAAAAAAAA/F/y+J8btfGfvxAR643lxsZ/fSc2Djv+5yDfeDjA6FMe6HuK3d6w36sNN/5KPH7871Px+PG/BzN+39KM9uGM9llnZc06Z2PihR41Of9XauOdV/m/3Bh+vQvjvzbHvO+CnP+p2uO5yv/LjeXq+Ze/O87598byP3Prg5+fufnhR29c/+Da+1vvb/30wrlzZy9cvHjp0qUz713f3jo7+rfFHh+tnH8e+zrnTzfk/HPm8u+WnP8XUy3/bsn5fynV8u+WnH9+vyf/bsn5588+8u+WnP9rqZZ/t+T8v5pq+XdLzv/1VMu/W3L+X0u1/Lsl5/9Gqg+Wf//I+8V85PxPp9r+3y05/zOpln+35PzzES75d0vOP5/ZIP9uyfmfT7X8uyXnfyHV8u+WnP+bqZZ/t+T8v55q+XdLzv9iquXfLTn/b6Ra/t2S87+Uavl3S87/m6mWf7fk/L+Vavl3S87/rVTLv1ty/t9Otfy7Jef/nVRPyN/B/hMs5//dVNv/uyXn/3aq5d8t+9//74Ybx+VGROwsQDdO9I22n5kAAAAAAAAAAAAAgKY5na0NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/I8dOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWHv3mLkqu87gJ9d79prE4ITCDXUkLVxjDELu77gS1oXhxBCIZdyS0Mv2K53bTbxZfHaDVAkOyJpkOKoUZW2vLS5CLW8VLGqPKQVjXjoRZEqhfYhfYlSVcoDqkhEIlVKo5at5sz//9+Z2bns4tn1zDmfjwQ/vHNmzpkz/5nd75rvDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPWPTB6e+MJBlWeWf/F/rs+wdlf9eO7o+/9r7r/QRAgAAAJfr//J/v3lN+sLBRVypZpt/vvl735qbm5vLPrnqT4a/MjeXLhjNsuE1WZZfFl36z8cHarcJns9GBgZr/jzYYferOlw+1OHy4Q6Xr+5w+ZoOl490uHzBCVhgbfX3MfmNbcn/c331lGbXZcP5ZVuaXOv5gTWDg/F3ObmB/Dpzw8ey6exENpVN1G1f3XYg3/6VTZV93Z/FfQ3W7GtjZYX89Lmj8RgGwjneUrev+duMfvyBbPRnP33u6F+efeOGZrPjaai7vepxbttcOc7Pha9Uj3UgW5POSTzOwZrj3NjkMVlVd5wD+fUq/914nG8u8jhXzR/mimp8zEeywfy/X8vP01Dtr/XSedoYvvbzW7IsuzB/2I3bLNhXNpitq/vK4PzjM1JdkZXbqCyld2dDS1qnmxaxTitzckv9Om18TsTHf1O43lCLY6h9mH782dULHvelrtOocq9bPVca12C3nyu9sgbjungtv9MvNF2DW8L9f25r6zXYdO00WYPpfteswc1pDa5tfsyDq1flx5wehIH8OvNrcEfd9qvyPQ3k8/Wt7dfg+NmTM+Ozzzx7x/TJI8enjk+d2rVjx8SuPXv27ds3fmz6xNRE9d9v61z3g3XZYHoObA7nLj4Hbm3Ytnapzn29e8/DkTbPw/UN23b7eTjUeOcGVuYJuXBNV58bj1ZO+sjFwazFcyx/fLZf/vMw3e+a5+FQzfeCpt9TmjwPhxbxPKxsM7N9cT+zDNX80+wYlut7wfqaNdj480jjGuz2zyO9sgZHwrr4wfbW3ws2huN9YWypP4+sWrAG090Nrz2Vr6Sf90f25aPZuryxcsFVq7Nzs1Nn7nz6yNmzZ3ZkYayIa2vWSuN6XVdzn7IF63Vwyev14PTNL9zY5Ovrw7kauaPyr5GWj1Vlm913tn+s8u9uzc9n3Vd3ZmF02Uqfz2bfzSvnM2XJNuezss3nxi//Z/GUS2tef4dbvP7G3P9WdX/ppp5fNTxUff6uSmdnuO71uP6hGspfuwbyfb85vrjX4+Hwz0q/Hl/X5vV4Q8O23X49Hm68c/H1eKDTbzsuT+PjORLWyYmJ9q/HlW027Fzqmhxq+3p8S5gD4fzfFpJCykU1a6fVuk37GhoaDvdrKO6hfp3uqtt+OGSzyr5e3vn21um2W6q3tSrdu3krtU5HG7bt9jpNr1et1ulAp9++vT2Nj+dIWBfX7Wq/TivbvLr78l87U0qsee1c3WkNDq9aXTnm4bQIq6/3c2vjGrwzO5qdzk5kk/mlq/P1VE2kY3ctbg2uDv+s9GvlhjZrcFvDtt1eg+n7WKu1NzC08M53QePjORLWxYt3tV+DlW3u3dvdn123ha+kbWp+dm38/Vqr33nd2HCalvN3XpXj/Ie97X83W9nmxL6l5sz25+n28JWrmpynxudvq+fUZLYy52lDOM439rU+T5XjqWzzlf2LXE8Hsyw7/9Q9+e97w9+v/M2573+r7u9dmv2dzvmn7vnJ1cf+aSnHD0D/e6s61lW/19X8zdRi/v4fAAAA6Asx9w+Gmcj/AAAAUBgx98f/KzyR/wEAAKAwYu4fCjMpSf7fcO8b02+dz1Izfy6Il6fT8EB1u9hxnQh/Hp2bV/n6PS9N/fffnV/cvgezLPvfB/6g6fYbHojHVTUajvPSh+q/vvCK5xe1/8OPzW9X21//Wrj9eH8WuwyaVXAnsix75Zov5fsZffxiPl994HA+H77wwvOVbd7cX/1zvP7r11a3//NQ/j147Ejd9V8P5+FHYU482Px8xOt98+JtG/d+Yn5/8XoDm9+Z3+0Xn6jebnyfnC8/X90+nudWx//3X3z5m5Xtn35f8+M/P9j8+F8Ot/tSmP9zU3X72seg8ud4vc+H44/7i9e78xvfaXr8l75Q3X7mvjemK0/nw/eFdRr2vy38eUvl8hpPDxypu1/Zh6vbxf1PfP+P8svj7c3c1/z4Rw5drDsfjevj1X+r3s54w/bx63E/0d827L9yO7XrM+7/5T88XHeeO+3/0sOv31S53cb9396w3cxT2/P9z99e/Ts2/cXnv9R0f/F4Dv71TN39OfhQeB6H/b/4RFiP4fJfXKreXuO7Kxx+qP71J27/tfXn6+5PdP/Pqvu/dPfxfK4ZWbvuqndc/c4L762cuyx77ZHq7XXa//Gvnq47/q9fXz0f8fLY0W/cfytx/2c+M3bq9Oy56cmas5q/d85HqscTj/ea8Nra+OdDp88+OXVmdGJ0IstGi/sWem/bN8L8SXVcWOr1tz8WHs8b/+yVdVv/9Yvx6//+aPXrFx+sft+6NWz35fD19eHxu9z9v7jp+vz5PfBq/sfhbG7h+wVfjo1b/mvfojYM97/x54K43mfe82R+HiqX5d834vO6/vjr3/94EX44Wb2db4fzOhfemXnz9fP7q90+vjfCxUeqz/fL3X98mYuP61+Fx/ujP6refjyueH9/GH6O+c6G+te7uD6+fX6w8fbzd/G4EF5PsgvVy+NW8XxffPP6pocX34cku3BD/uc/Trdzw5LuZiuzz8yOn5g+de7p8bNTs2fHZ5959tDJ0+dOnT2Uv5fnoU91uv7869O6/PVpcmrP7ix/tTpdHcvsSh//zGN3Z1m2dXLq2JFzx84+NjN15vjR2dmjU5OzW48cOzb1mU7Xn548sGPn/l17d44dn548sG///l37x6ZPna4cRvWgOtgz8emxU2cO5VeZPbB7/4677to9MXby9OTUgb0TE2PnOl0//940Vrn274+dmTpx5Oz0yamx2elnpw7s2L9nz86O7wZ4cubY7Oj4mXOnxs/NTp0Zr96X0bP5lyvf+zpdn2Ka/Y/qz7ONBqpvxJd9/PY96f1ZK176bMubqm7S8Aaib4T3ovnuu2b2LebPMfcPh5mUJP8DAABAGcTcvzrMRP4HAACAwoi5f02YifwPAAAAhRFz/0iYSUnyv/6//n9R+/9vndf/b7V//X/9/yIrWP9/6f31DvT/O9D/1/+/rP7/0cm9Ez3Z/59r/N7ajP4/y6HX+v8x96/NslLmfwAAACiDmPvXhZnI/wAAAFAYMfdfFWYi/wMAAEBhxNz/jjCTkuR//X/9f/1//X/9/+b71//vT/r/7en/d6D/r/9fzP6/z//nium1/n/M/VeHmZQk/wMAAEAZxNz/zjAT+R8AAAAKI+b+a8JM5H8AAAAojJj714eZlCT/6//r/+v/6//r/zffv/5/f3ob/fuf11bEe7f/v3apN9WU/n8H+v/6//r/+v90Va/1/2Puf1eYSUnyPwAAAJRBzP3vDjOR/wEAAKAwYu6/NsxE/gcAAIDCiLn/ujCTkuR//X/9f/1//X/9/+b71//vT2X9/P/Vi7x9/f/W8g31//X/9f/1/+mqXuv/x9z/njCTkuR/AAAAKIOY+68PM5H/AQAAoDBi7v+lMBP5HwAAAAoj5v4NYSYlyf/6//r/+v/6//r/zfev/9+flrH/nzcSe7X/v1j6/x3o/+v/6//r/9NVvdb/j7n/hjCTkuR/AAAAKIOY+28MM5H/AQAAoDBi7v/lMBP5HwAAAAoj5v6NYSYlyf/6/13t/99WW8zS/9f/b1gf+v/6//r/K6Csn/+/WPr/Hej/6//r/+v/01W91v+Puf+mMJOS5H8AAAAog5j7bw4zkf8BAACgMGLuf2+YifwPAAAAhRFz/2iY2epwQUnyv/6/z//X/9f/1/9vvn/9//6k/9+e/n8Hy93/r/7gqf+/TK708ev/6/+zUK/1/2Pu3xRmUpL8DwAAAGUQc//mMBP5HwAAAAoj5v5bwkzkfwAAACiMmPu3hJmUJP/3af9/sPUd0v/P9P/1/zvsX/9f/7/Ierf/3+w7xUL6/wXv//v8/2V1pY9/Gfv/361Z7i3p/9OLeq3/H3P/+8JMSpL/AQAAoAxi7t8aZiL/AwAAQGHE3H9rmIn8DwAAAIURc/+2MJOS5P8+7f+3uUP6/5n+//L3/7d/tXpF/X/9f/3/ntO7/f/F0f/X/9f/79/j9/n/+v8s1Gv9/5j7bwszKUn+BwAAgDKIuX97mIn8DwAAAIURc//tYSbyPwAAABRGzP1jYSYlyf/6//r/+v8+/1//v/n+9f/7k/5/e/r/Hej/6/+3PP6rO+5f/1//n4V6rf8fc/8dYSYlyf8AAABQBjH33xlmIv8DAABAYcTcPx5mIv8DAABAYcTcPxFmUpL8v9L9/5ozrP+v/6//r/+v/6//33X6/+1duf5/s++UC+n/6//38/Hr/+v/s1Cv9f9j7t8RZvqJriT5HwAAAMog5v6dYSbyPwAAABRGzP27wkzkfwAAACiMmPt3h5mUJP/7/H/9f/1//X/9/+b71//vD40Fe/3/9nz+fwf6//r/+v/6/3RVr/X/Y+6/K8ykJPkfAAAAyiDm/j1hJvI/AAAAFEbM/XvDTOR/AAAAKIyY+/eFmZQk/+v/6//r/+v/6/8337/+f3/S/2+vLP3/SP9/aa50f77fj1//X/+fhXqt/x9z//4wk5LkfwAAACiDmPvfH2Yi/wMAAEBhxNz/K2Em8j8AAAAURsz9vxpmUpL8r/+v/6//f2X7/xf0//X/9f+7Sv+/vbL0/5fn8/9H9P870P/X/9f/p1Gv9f9j7j8QZlKS/A8AAABlEHP/r4WZyP8AAABQGDH33x1mIv8DAABAYcTcfzDMpCT5X/9f/1//3+f/6/8337/+f3/S/2+vd/v/8ZnVy/1/n//f6fr6//r/+v806rX+f8z9HwgzKUn+BwAAgDKIuf+eMJOF+X9w5Y4KAAAA6KaY+z8YZuLv/wEAAKAwYu6/N8ykJPlf/1//v2X/v/Jg6//r/+v/J/r//UH/v73e7f9X9fbn/+v/d7q+/r/+v/4/jXqt/x9z/4fCTEqS/wEAAKAMYu6/L8xE/gcAAIDCiLn/w2Em8j8AAAAURsz994eZlCT/6//r//v8/xXr/09k+v+F7/83vobW0v9fGfr/7en/d6D/r/+v/6//T1f1Wv8/5v5fDzMpSf4HAACAMoi5/4EwE/kfAAAACiPm/gfDTOR/AAAAKIyY+z8SZlKS/K//r/+v/+/z//X/m+/f5//3J/3/9vT/O9D/1//X/9f/p6t6rf8fc/9Hw0xKkv8BAACgDGLu/1iYifwPAAAAhRFz/8fDTOR/AAAAKIyY+38jzKQk+V//X/9f/1//X/+/+f71//uT/n97+v8d6P/r/+v/6//TVb3W/4+5/6Ewk5LkfwAAACiDmPsfDjOR/wEAAKAwYu5/JMxE/gcAAIDCiLn/0TCTkuR//X/9f/1//X/9/+b71//vT/r/7dX1/38x0npD/X/9f/1//X/9f7qg1/r/Mfc/FmZSkvwPAAAAZRBz/yfCTOR/AAAAKIyY+38zzET+BwAAgMKIuf+TYSYlyf/6//r/+v/6//r/zfev/9+f9P/b8/n/Hej/6//r/+v/01W91v+Puf/xMJOS5H8AAAAog5j7fyvMRP4HAACAwoi5/7fDTOR/AAAAKIyY+38nzKQk+V//X/9f/1//X/+/+f71//uT/n97+v8d6P/r/+v/6//TVb3W/4+5/3fDTEqS/wEAAKAMYu5/IsxE/gcAAIDCiLn/UJiJ/A8AAACFEXP/4TCTkuR//X/9f/3/Hu3//+nmf/nB9z52eIf+v/6//v+S6P+3p//fgf6//r/+v/4/XdVr/f+Y+4+EmZQk/wMAAEAZxNz/e2Em8j8AAAAURsz9R8NM5H8AAAAojJj7J8NMSpL/9f/1//X/e7T/7/P/E/1//f+l0P9vT/+/A/1//X/9f/1/umrJ/f/RljfVlf5/zP1TYSYlyf8AAABQBjH3Hwszkf8BAACgMGLuPx5mIv8DAABAYcTc/2SYSUnyv/6//r/+v/6//n/z/ev/9yf9//b0/zvQ/9f/1//X/6ereu3z/2Punw4zKUn+BwAAgDKIuf9TYSbyPwAAABRGzP2fDjOR/wEAAKAwYu4/EWZSkvyv/6//r/+/DP3/f2y+PvT/9f/1/5ef/n97+v8d6P/r/+v/6//TVd3p/89l3er/x9x/MsykJPkfAAAAyiDm/lNhJvI/AAAAFEbM/afDTOR/AAAAKIyY+2fCTEqS//X/9f/1/33+v/5/8/3r//cn/f/29P870P//f/bu4+ezuorj+DOREQwLjRsXLtz4B7hnw8oEE/8C41J3GhXsBey99967iIIi9t6wotg7FhQVFQsqLgzMOWcyz/zm3il3Zu79ntdrc0KGZ+5vavLJ5J2r/9f/6/9Z1Nre/5+7/+FxS5P9DwAAAB3k7n9E3GL/AwAAwDBy918ct9j/AAAAMIzc/ZfELU32v/5f/3/2+v8D5+j/9f/6f/3/0obt//f/wThJ+v8Z+v8G/f+x/zDp//X/LG9t/X/u/kfGLU32PwAAAHSQu/9RcYv9DwAAAMPI3f/ouMX+BwAAgGHk7n9M3NJk/+v/9f/e/6//1//vfr7+f5uG7f8X0qn/v/j68x96y9X3vOZEnq//79D/n77Pr//X/3O0tfX/ufsfG7c02f8AAADQQe7+x8Ut9j8AAAAMI3f/4+MW+x8AAACGkbv/CXFLk/2v/9f/6//1//r/3c/X/2+T/n9ap/7/ZJ6v/9f/6//1/yxrbf1/7v4nxi1N9j8AAAB0kLv/SXGL/Q8AAADDyN1/adxi/wMAAMAwcvdfFrc02f/6f/2//l//r//f/Xz9/zatqP8/qP/X/+v/9f/6/0se8rAHn6v/b2xt/X/u/ifHrdNk/wMAAEAHufufErfY/wAAADCM3P1PjVvsfwAAABhG7v6nxS1N9r/+X/+v/9f/6/93P1//v03z/f/dL5r6eu//D/p//b/+X//v/f8sYG39f+7+p8ctTfY/AAAAdJC7/xlxi/0PAAAAw8jd/8y4xf4HAACAYeTuf1bc0mT/6/9PT/+fvaL+X/+/p/8//PtS/6//PwNW9P7/k3q+/l//r//f7ufX/+v/Odra+v/c/c+OW5rsfwAAAOggd/9z4hb7HwAAAIaRu/+5cYv9DwAAAMPI3f+8uKXJ/tf/e/+//l//r//f/Xz9/zbp/6fp/2fo//X/+n/9P4taW/+fu//5cUuT/Q8AAAAd5O5/Qdxi/wMAAMAwcve/MG6x/wEAAGAYuftfFLc02f9L9P+X6f/1//s+v/5/9+8P/b/+X/9/+un/p+n/Z+j/9f/6f/0/i1pb/5+7/8VxS5P9DwAAAB3k7n9J3GL/AwAAwDBy9780brH/AQAAYBi5+18Wt8zu/1sXLvLOjiP7/wPe/6//1//v6f/1/4fo/7dJ/z9N/z9D/6//X0X/f4X+n2Gsrf/P3f/yuMW//wMAAMAwcve/Im6x/wEAAGAYuftfGbfY/wAAADCM3P2vilua7P8l3v8/cP9/nv5f/9+i/7/9B6D/1/8PYrn+/9531f/r//f3/wf3/Tzo/4+k//f+/+Pq/8+Z+54Yydr6/9z9r45bmux/AAAA6CB3/2viFvsfAAAAhpG7/7Vxi/0PAAAAw8jd/7q4pcn+1/97/7/+f539/6Xe/1/0//r/E+H9/9NOqv/f0/97/7/+X//v/f+cnLX1/7n7Xx+3NNn/AAAA0EHu/jfELfY/AAAADCN3/xvjFvsfAAAAhpG7/01xS5P9v2j/f/tX6f+L/l//v//3x2rf/6//3/l8/f826f+nef//DP2//l//r/9nUWvr/3P3vzluabL/AQAAoIPc/W+JW+x/AAAAGEbu/rfGLfY/AAAADCN3/9vilib73/v/9+6l/9f/6//1/7uer//fJv3/NP3/DP2//l//r/9nUWvr/3P3vz1uabL/AQAAoIPc/e+IW+x/AAAAGEbu/nfGLfY/AAAADCN3/7vilib7X/9/yu//vyMB1v8f+fmP0f/XT5P+/8j/X/9/iP5f/78E/f80/f8M/b/+X/+v/2dRa+v/c/e/O25psv8BAACgg9z974lb7H8AAAAYRu7+98Yt9j8AAAAMI3f/++KWJvtf/3/K/f8dRuv/7xSduff/6//1/4e/X/3/Nuj/p+n/Z+j/9f/6f/0/i1pb/5+7//K4pcn+BwAAgA5y978/brH/AQAAYBi5+6+IW+x/AAAAGEbu/g/ELU32v/5f/38G3/+v/9f/6//1/6ed/n+a/n9vb+/KiQ+g/9f/6//1/yxqbf1/7v4Pxi1N9j8AAAB0kLv/yrjF/gcAAIBh5O6/Km6x/wEAAGAYufs/FLc02f/6f/2//l//r//f/Xz9/zb17v+zlj82/f8M/b/+X/+v/2dRa+v/c/d/OG5psv8BAACgg9z9V8ct9j8AAAAMI3f/R+IW+x8AAACGkbv/mrilyf4/ov/PqFX/r/8/jf3/bSfR/x+Mb9P/L9f/X7Tj+fp//f8Ievf/8/T/M+526K8E/b/+X/+v/2cZa+v/c/d/NG65cN8wBAAAADYrd//H4pYm//4PAAAAHeTu/3jcYv8DAADAMHL3fyJuabL/vf9f/+/9/z37f+//1/+PSv8/Tf8/w/v/9f/6f/0/i1pb/5+7/5NxS5P9DwAAAB3k7v9U3GL/AwAAwDBy9386brH/AQAAYBi5+z8TtzTZ//p//b/+X/+v/9/9fP3/Nun/p+n/Z+j/9f/6f/0/i1pb/5+7/7NxS5P9DwAAAB3k7v9c3GL/AwAAwDBy938+brH/AQAAYBi5+78QtzTZ//p//b/+X/+v/9/9fP3/Nun/p+n/Z+j/9f/6f/0/i1pb/5+7/4txS5P9DwAAAB3k7v9S3GL/AwAAwDBy9385brH/AQAAYBi5+78StzTZ//p//b/+X/+v/9/9fP3/Nun/p+n/Z+j/9f/6f/0/i1pb/5+7/6txS5P9DwAAAB3k7r82brH/AQAAYBi5+78Wt9j/AAAAMIzc/V+PW5rsf/2//l//P2r/f5djPl//r/8f2Vr6/wsuuN91+n/9v/5f/6//1/93t7b+P3f/N+KWYw6/W+9/HD9MAAAAYEVy938zbmny7/8AAADQQe7+b8Ut9j8AAAAMI3f/t+OWJvtf/6//1/+P2v8f+fz76v/1/02spf/3/v+T+/z6f/3/lj+//l//z9HW1v/n7r8ubmmy/wEAAKCD3P3fiVvsfwAAABhG7v7vxi32PwAAAAwjd//1cUuT/a//n+r/76z/1/8P0//v6f/1/01suv8/T/+v/z+b/f+FZ7Cfv3GBz3uU/GtZ/6//Z0XW1v/n7v9e3NJk/wMAAEAHufu/H7fY/wAAADCM3P0/iFvsfwAAABhG7v4fxi1N9r/+3/v/9f/6f/3/7ufr/7dp0/2/9//r/73/f9OfX/+v/+doa+v/c/f/KG5psv8BAACgg9z9P45b7H8AAAAYRu7+n8Qt9j8AAAAMI3f/T+OWJvtf/6//1//r//X/u5+v/98m/f80/f8M/b/+X/+v/2dRa+v/c/f/LG5psv8BAACgg9z9P49b7H8AAAAYRu7+X8Qt9j8AAAAMI3f/L+OWJvtf/6//1//r//X/u5+v/98m/f80/f8M/b/+X/+v/2dRa+v/c/f/Km5psv8BAACgg9z9N8Qt9j8AAAAMI3f/r+MW+x8AAACGkbv/N3FLk/3fsv8/oP8/gf7/hpsOfVPj/v/wr67+X/9/Jvr/A/r/U6L/n6b/n6H/1//PfP6DE18/fP9/zvTXz/X/M1/OoNbW/+fu/23c0mT/AwAAQAe5+38Xt9j/AAAAMIzc/TfGLfY/AAAADCN3/+/jlib7v2X/7/3/3v/v/f/6/xX3/97/f2r0/9POZv9/83E8Vv+v/9/y5x++/5/h/f/ssrb+P3f/H+KWJvsfAAAAOsjdf1PcYv8DAADAMHL3/zFusf8BAABgGLn7/xS3NNn/+n/9v/5f/6//3/18/f826f+nef//DP2//l//r/9nUWvr/3P3/zluabL/AQAAoIPc/TfHLfY/AAAADCN3/1/iFvsfAAAAhpG7/69xS5P9r/9fSf8fH0L/r//X/59I/3+P8y+79gEPuupy/T+H6f+n6f9nLNf/P/A++n/9v/5f/8+Z6v/PO97+P3f/3+KWJvsfAAAAOsjdf0vcYv8DAADAMHL3/z1usf8BAABgGLn7/xG3NNn/+v+V9P/xNfp//f+q+/9zj/x+z37/7/3/+v+j6f+n6f9nHG//f/tfHN7/fxT9v/5f/89+Z6j/P2bvv/+/c/f/M25psv8BAACgg9z9/4pb7H8AAAAYRu7+W+MW+x8AAACGkbv/33FLk/2v/9f/6//1/9t9//9p6//v+CXV/2+T/n+a/n/Gcu//1//r//X/+n9W2P/n7v9P3NJk/wMAAEAHufv/G7fY/wAAADCM3P23xS32PwAAAAwjd///4pYm+1//r//X/+v/9f+7n6//3yb9/zT9/wz9v/5f/6//Z1Fr6/9z9/8/AAD//4wxavM=")
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
rmdir(&(0x7f0000000100)='./control\x00')

1m25.267940553s ago: executing program 1 (id=99):
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000140)='./file1\x00', 0x1010006, &(0x7f0000000640)=ANY=[@ANYBLOB='quota,discard=0x000000000000aff9,iocharset=none,errors=continue,iocharset=cp869,discard=0x0000000000000005,nodiscard,uid=', @ANYRESHEX=0x0, @ANYRES8=0x0, @ANYRESHEX=0x0, @ANYBLOB=',\x00'], 0x22, 0x61b6, &(0x7f000001b700)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtV7BofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+erC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP77/4mWj/8uPf6mHMh+x3/XZtQHAAAAAAAAAHjSDjv+36Ax/t8u4/8BAADA3Ko+q1d+d/zhbZO+i626/XIR8UxjeaBj0sUyq233AwAAAAAAAAAAAAC6ZLBzDu/lImIYEc+srpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJqtVqtVqufvrquHO9uvYiIzfo61XsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rrQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPX8mbOsco0n5V9t5ooX+tC3n32/m33DU+/+sbEVvbP5dlfMfHCr/vvwBAAAAAGCO5b//n5ir47+jR92cqfY7/rs2do2j6wsAAAAAAAAAPCn3H9xZz9e95uP/XxiznOs/n045/0L+nZTz7zXy/2pjuX5t/t7bD/P/94M763+89a/P5+lB81/KM0V6ZBXpEVGkeyoGafo4W/dZW8P+qLqnYdHrD9I5P+Xw3bgW12Mjzu5Ztpf+Px62n9vTXvV0uN1e9nfaz+9pH+y25/Uv7GkfprOLypXcfjrW4+dxPd7Zbq/alqZs//KU9nJKe86/b//vpJz/oPZT5b+a2ovGtHLvo95n9vv6dNz9vHXti785e/SbM9VW9He3ra7avpda6M/2/8mxUfzy5saN07ev3rp141ykyZ5bz0eaPGE5/2H62X3+f3mnPT/v1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl1/8yybfPqu7P+P7U6gWviznrz0zrT8v56o9avYh1XTnem/UiIv5WX6d6z/Drcb8MAJhnn0bEP9vuBK2Rf4fl7/urpqfa7gwwUzc/+PCnV69f37hxs+2eAAAAAAAAAACPKo//uVYb//lUWZZ3G8vtGf/17Vh73PE/B3lmd4DRCQNV9w+/TfvZ6o36vdpw4y/GpPG/h7tz+43/PZhyf8Mp7aMp7UtT2pentI+90KMm5/9ibbzzUxFxsjH8ehfGf22Oed8FOf+Xao/nKv+vNJar51/+fpHz7+3J/8yt939x5uYHH7527f2r7228t/GzC+fOnb1w8eKlS5fOvHvt+sbZnX9b7PHRyvnnsa+dB9otOf+cufy7Jef/pVTLv1ty/l9Otfy7Jeef3+/Jv1ty/vmzj/y7Jef/Sqrl3y05/6+lWv7dkvN/NdXy75ac/9dTLf9uyfm/lmr5d0vO/3Sq5d8tOf8zqT5g/itH3S9mI+efj3DZ/7sl55/PbJB/t+T8z6da/t2S87+Qavl3S87/9VTLv1ty/t9Itfy7Jed/MdXy75ac/zdTLf9uyflfSrX8uyXn/61Uy79bcv7fTrX8uyXn/0aq5d8tOf/vpFr+3ZLz/26q5d8tOf/vpVr+3ZLzfzPV8u+Wh9//b8aMGTN5pu1nJgAAAAAAAAAAAACgaRanE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl989qBxEDI38nfwMYxISSb7NpO/EKbYsJrw1sJhEJfsF3v2iz4Da9dAo1k00CJhFFRRdtw0RYQanNTkQsuaAUoF6gVUiVoL+gNokLlIqoCCkiVaAXZas55nmdnZmdndu3x+sw5n4+U/LIzZ+acOXPm7H53850BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoNWtr5//dCPLsuY/+b+2ZtkLmv+9eWprftlrrvUWAgAAAFfqV/m/n7shXXBwDTdqWeafX/7dry0tLS1l7xv98/HPLy2lK6aybHxTluXXRU/96P2N1mWCx7LJxkjL1yN9Vj/a5/qxPteP97l+os/1m/pcP9nn+hU7YIXNxe9j8jvbmf/n1mKXZjdm4/l1O7vc6rHGppGR+LucXCO/zdL4sWwhO5HNZ7NtyxfLNvLlv3Frc11vyeK6RlrWtb15hPzs0aNxGxphH+9sW9fyfUY/eV029fOfPXr0b889e3O32Xc3tN1fsZ137Ghu5yfDJcW2NrJNaZ/E7Rxp2c7tXZ6T0bbtbOS3a/5353Y+t8btHF3ezA3V+ZxPZiP5f38v309jrb/WS/tpe7jsF7dlWXZxebM7l1mxrmwk29J2ycjy8zNZHJHN+2geSi/OxtZ1nN66huO0Oed2th+nna+J+PzfGm43tso2tD5NP/nERMvz/sulyzlOo+ajXu210nkMDvq1UpZjMB4X38sf9ONdj8Gd4fE/evvqx2DXY6fLMZged8sxuKPfMTgyMZpvc3oSGvltlo/BXW3Lj+ZrauTzmdt7H4Mz506emVn82MfvXjh55Pj88flTe3btmt2zd+/+/ftnji2cmJ8t/n2Ze7v8tmQj6TWwI+y7+Bp4VceyrYfq0pcmVpx/L/d1ONnjdbi1Y9lBvw7HOh9cY2NekCuP6eK18Z7mTp+8NJKt8hrLn587r/x1mB53y+twrOV12PV7SpfX4dgaXofNZc7cubafWcZa/um2Dat/L7iyY3BryzHY+fNI5zE46J9HynIMTobj4gd3rv69YHvY3sen1/vzyOiKYzA93HDuaV6Sft6f3J+PbsflLc0rrpvIzi/On73nkSPnzp3dlYWxIV7Scqx0Hq9bWh5TtuJ4HVn38Xpw4eWP39Ll8q1hX03e3fzX5KrPVXOZe+/p/Vzl392678+2S3dnYQzYRu/Pbt/Nm/tzIsu+8O1PPPTNR7/w+lX3ZzNvfnLmyn8WT7m05fw7vsr5N+b+54v1pbt6bHR8rHj9jqa9M952Pm5/qsbyc1cjX/dzM2s7H4+Hfzb6fHxjj/Pxto5lB30+Hu98cPF83Oj3244r0/l8Tobj5MRs7/Nxc5ltu9d7TI71PB/fFmYj7P9Xh6SQclHLsbPacZvWNTY2Hh7XWFxD+3G6p2358ZDNmut6cnf4oTBt5dqO0ztuK5YfbbldtFHH6VTHsoM+TtPvvlY7Thv9fvt2eTqfz8lwXNy4p/dx2lzm6Xuv/Ny5Of5ny7lzot8xOD460dzm8XQQ5uf7bGlzPAbvyY5mp7MT2Vx+7UR+PDXydU3ft7Zz5UT4Z6PPldt6HIN3dCw76GMwfR9b7dhrjK188APQ+XxOhuPiift6H4PNZd6wb7A/u94RLknLtPzs2vn7tdV+53VLx266WsfKWNjOb+/r/bvZ5jIn9q83Z/beT3eFS67rsp86X7+rvabmso3ZT9vCdj67f/X91Nye5jKfP7DG4+lglmUXPvJA/vve8PeVC+e//7W2v7t0+5vOhY888NMXHvun9Ww/AMPv+WJsKb7Xtfxlai1//wcAAACGQsz9I2Em8j8AAABURsz98f8KT+R/AAAAqIyY+8fCTKqQ//+4/yLb3vDswvMXstTMXwri9Wk3PFgsFzuus+HrqaVlzcsf+Mr8f//jhbVt3kiWZb988I+6Lr/twbhdhamwnU+9sf3yFb5295rWffjhC2m9rf31L4b7j49nrYdBtwrubJZl37jhs/l6pt5/KZ9PP3g4nw9dfPyx5jLPHSi+jrd/5iXF8n8Vyr8Hjx1pu/0zYT/8OMzZt3bfH/F2X7306u373ru8vni7xo7r84f9xAeK+43vk/O5x4rl435ebfu/+Zknv9pc/pFXdt/+CyPdt//JcL9fCfN/XlYs3/ocNL+Ot/tU2P64vni7e778ra7b/9Sni+XPvKlY7nCYcf13hK93vunZhdb99UjjSNvjyt5cLBfXP/v9P82vj/cX779z+ycPXWrbH53Hx9P/VtzPTMfy8fK4nugfOtbfvJ/W4zOu/8k/Ody2n/ut/6mHnnlZ8347139Xx3JnPnJnvv7l+2t/x6a//tRnu64vbs/Bvz/T9ngOviu8jsP6n/hAOB7D9f/7VHF/ne+ucPhd7eefuPwXt15oezzRW35erP+p1x7P56bJzVuue8ELr7/4iua+y7LvbSrur9/6j//N6bbt/9JNxf6I18eOfuf6VxPXf/aj06dOL55fmEt79dEb8vfOeVuxPXF7bwjn1s6vD50+98H5s1OzU7NZNlXdt9C7bF8O86fFuNh76aUVZ9A7Hw7P5y1/+Y0tt//rZ+Ll//6e4vJLby2+b70qLPe5cPnW8Pytb/0rPXHrTfnru/F02MKlle8XfCW27/yv/WtaMDz+zp8L4vF+5qUfzPdD87r8+0Z8XV/h9v9wrrifr4f9uhTemXnHTcvra10+vjfCpXcXr/cr3n/hNBef178Lz/fbf1zcf9yu+Hh/GH6O+da29vNdPD6+fmGk8/7zd/G4GM4n2cXi+rhU3N+Xnrup6+bF9yHJLt6cf/1n6X5uXtfDXM3ixxZnTiycOv/IzLn5xXMzix/7+KGTp8+fOncofy/PQx/qd/vl89OW/Pw0N7/33iw/W50uxlV2rbf/zMNH5/bN3j43f+zI+WPnHj4zf/b40cXFo/Nzi7cfOXZs/qP9br8wd/+u3Qf27Ns9fXxh7v79Bw7sOTC9cOp0czOKjepj7+yHp0+dPZTfZPH+ew/suu++e2enT56em79/3+zs9Pl+t8+/N003b/2H02fnTxw5t3Byfnpx4ePz9+86sHfv7r7vBnjyzLHFqZmz50/NnF+cPztTPJapc/nFze99/W5PNS3+R/HzbKdG8UZ82Tvv2pven7XpK59Y9a6KRTreQPTZ8F4033nRmf1r+Trm/vEwkyrkfwAAACAXc/9EmIn8DwAAAJURc/+mMBP5HwAAACoj5v7JMNP/ElCT/F+5/v+2C2tav/6//n/r/tL/r1n//91l6/8X5wv9/8G40v69/n+g/6//r/+v/6//zwCUrf8fc//mLPP3fwAAAKiomPu3hJnI/wAAAFAZMfdfF2Yi/wMAAEBlxNz/gjCTmuR//X/9f/1//X/9/+7r1/8fTvr/ven/96H/P5PVq/9/cZDbfw36/5tbv9D/p4zK1v+Puf+FYSY1yf8AAABQBzH3Xx9mIv8DAABAZcTcf0OYifwPAAAAlRFz/9Ywk5rkf/3/K+r/p86V/n/79uv/t9P/D8eD/r/+/wbQ/+9N/78P/X+f/z9c/f82+v+UUdn6/zH3vyjMpCb5HwAAAOog5v4Xh5nI/wAAAFA+Y5d3s5j7XxJmsiL/X+YKAAAAgGsu5v4bs44ieE3+/q//7/P/9f/1//X/u69/7f3/0Uz/vzz0/3vT/+9D/1//X/9f/5+BKlv/P8/92WT20jCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7v9/YSbyPwAAAFRGzP3bwkxqkv/1/yvT//9F61On/6//32v9+v8+/7/K9P970//vQ/9f/1//X/+fgSpb/z/m/pvDTGqS/wEAAKAOYu6/JcxE/gcAAIDKiLn//4eZyP8AAABQGTH3bw8zqUn+1/8vef8/Nkd9/r/+v/5/Kfv/k/r/paP/35v+fx/6//r/+v/6/wxU2fr/Mfe/LMykJvkfAAAA6iDm/peHmcj/AAAAUBkx978izET+BwAAgMqIuX8qzKQm+X89/f/GRf3/1Vzlz/+fWMPn/7fR/9f/77V+/X+f/19l+v+96f/3of+v/6//r//PQJWt/x9z/61hJjXJ/wAAAFAHMffvCDOR/wEAAKAyYu6/LcxE/gcAAIDKiLl/Z5hJTfK/z/8fiv5/pv+v/6//r/+v/782+v+96f/3of+v/6//r//PQJWt/x9z/yvDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/VWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dfv/7/cNL/703/vw/9f/1//X/9fwaqbP3/mPtfHWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx90+HmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j77w4zqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6ZMBP5HwAAACoj5v7ZMJOa5H/9f/1//X/9/3X1/1+xfL/6/wX9/3LR/+9N/78P/X/9/2ve/x/X/6dSytb/j7l/V5hJTfI/AAAA1EHM/bvDTOR/AAAAqIyY+/eEmcj/AAAAUBkx998bZlKT/K//r/+v/6//7/P/u69f/3846f/3Nvj+f3yI+v/6//r/Pv9f/5+Vytb/j7n/vjCTmuR/AAAAqIOY+/eGmcj/AAAAUBkx9+8LM5H/AQAAoDJi7t8fZlKT/K//r/+v/6//r//fff36/8NJ/783n//fh/6//v8Q9/+bx5b+P2VTtv5/zP0Hwkxqkv8BAACgDmLuf02YifwPAAAAlRFz/6+Fmcj/AAAAUBkx9/96mElN8r/+v/6//r/+f9n7/xP6//r/66D/35v+fx/6//r/Q9z/9/n/lFHZ+v8x998fZlKT/A8AAAB1EHP/b4SZyP8AAABQGTH3vzbMRP4HAACAyoi5/2CYSU3yv/7/BvX/44X6//r/+v8+/1///6rS/+9N/78P/X/9f/1//X8Gqmz9/5j7XxdmUpP8DwAAAHUQc/8DYSbyPwAAAFRGzP2vDzOR/wEAAKAyYu5/Q5hJTfK//r/P/7/2/f/xtm3X/1++nf5/Qf9f/3899P970//vQ/9f/1//X/+fgSpb/z/m/jeGmdQk/wMAAEAdxNz/pjAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMpCb5X/9f///a9/99/r/+f0H/X/9/EPT/e9P/70P/X/9f/1//n4EqW/8/5v7fDDOpSf4HAACAOoi5/8EwE/kfAAAAKiPm/reGmcj/AAAAUBkx978tzKQm+V//X/9f/1//X/+/+/r1/4eT/n9vQ9b//9X14XL9/4L+f7m3f739/7GOr69K//9Hq/X/lzZ13l7/n6uhbP3/mPvfHmZSk/wPAAAAdRBz/zvCTOR/AAAAqIyY+98ZZiL/AwAAQGXE3P9bYSY1yf/6/83tWG4v6//r/+cX6P/r/+v/Dy39/96GrP/v8/876P+Xe/t9/r/+PyuVrf8fc/+7wkxqkv8BAACgDmLufyjMRP4HAACAyoi5/91hJvI/AAAAVEbM/e8JM6lJ/tf/9/n/+v/6//r/3dev/z+c9P970//vQ/9f/79s/f//1P9nuJWt/x9z/8NhJjXJ/wAAAFAHMfe/N8xE/gcAAIDKiLn/t8NM5H8AAACojJj73xdmUpP8r/8/LP3/Kf3/dfb/J8Jl+v/6//r/9aL/35v+fx/6//r/Zev/+/x/hlzZ+v8x978/zGTt+X9yzUsCAAAA10TM/b8TZlKTv/8DAABAHcTc/7thJvI/AAAAVEbM/b8XZlKT/K//Pyz9f5//n/n8f/3/jsej/6//383G9f/jmUf/X/9f/z/S/9f/1/+nU9n6/zH3/36YSU3yPwAAANRBzP0fCDOR/wEAAGAodPt/sjvF3H8ozET+BwAAgMqIuf9wmElN8r/+v/6//n9J+/9/seNffvDddxzepf+v/6//vy4b+vn/zRe/z//X/9f/T/T/9f/1/+lUtv5/zP1HwkyWg9/bfMA/AAAADLeY+/8gzKQmf/8HAACAOoi5/2iYifwPAAAAlRFz/1yYSU3yv/6//r/+f0n7/0P8+f9xfwxT/3960xD1/+NJV/+/qw3t/793uSeu/7/e/v9E10s7+/8N/f82+v/r3v7vZFmm/6//zzVUtv5/zP3zYSY1yf8AAABQByH3jxwr5vIV8j8AAABURsz9x8NM5H8AAACojJj7PxhmUpP8r/+v/6//r//v8/+7r7+0/X+f/9+T/n9v5en/d+fz//X/h3n79f/1/1mpbP3/mPsXwkxqkv8BAACgDmLu/1CYifwPAAAAlRFz/4fDTOR/AAAAqIyY+0+EmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j7T4aZ1CT/AwAAQB3E3H8qzOT/2LuPJsvq847jt3FTzBQb77zwwt77JbAwa/sFeMHGC7vK5YWxjXNicI4454BtJRRQAAmhhHICJSSUhSSUc0AZSTUqmOd5Znr69LndM7e7z/0/n89CDzSMzkU1BfrRfDn2PwAAAAwjd//NcYv9DwAAAMPI3f/LcUuT/a//1/8P2///pP7/oOfr//X/I9P/z9P/r6H/1//r//X/bNTS+v/c/b8StzTZ/wAAANBB7v5fjVvsfwAAABhG7v5b4hb7HwAAAIaRu//X4pYm+/+y/n9n1bP/z4xX/z9S/+/9/wc+X/+v/x/Zyfb/tz3xZz79v/5f/x/0//p//T+XW1r/n7v/1+OWJvsfAAAAOsjd/xtxi/0PAAAAw8jd/5txi/0PAAAAw8jd/1txS5P97/3/3v+v/9f/6/+nn6//307e/z+vU/9/y8PX/9Jj9/7ofUd5vv5f/6//1/+zWUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+383brH/AQAAYAudnfxq7v7fi1ua7H/9v/5f/x/9/xn9v/5f/z8C/f+8Tv3/lTxf/6//1//r/9mspfX/uft/P25psv8BAACgg9z9fxC32P8AAACwXFP/IPaM3P23xi32PwAAAAwjd/+5uKXJ/tf/H3///339/3b0/97/r//X/w9B/z9P/7+G/l//r//X/7NRS+v/c/ffFrc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/3/+v/9f/6/+nn6/+3k/5/nv5/Df3/1fbz1+r/9f/6fy51xP7/8Zk/bW+k/8/d/ydxS5P9DwAAAB3k7v/TuMX+BwAAgGHk7v+zuMX+BwAAgGHk7v/zuKXJ/tf/6//1//r/K+7/9//Ue5L+f5r+/2To/+ctpv/f2Z38sv5/6/t/7//X/+v/2WNp7//P3f8XcUuT/Q8AAAAd5O7/y7hlZv8f+W/mAwAAAKcqd/9fxS2+/w8AAABbL6uz3P1/Hbc02f/6f/2//l//7/3/08+f6//vu+Tz6f+XRf8/bzH9/wH0//r/bf78+n/9P/strf/P3f83cUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/Nm6x/wEAAGAYufv/Lm5psv+n+/+Lv13/fzj6/72fX/8//fNjU/1//jfq/2f7/xu9/78n/f88/f8a+n/9v/7/oP7/7Lofr/9nytL6/9z9fx+3NNn/AAAA0EHu/n+IW+x/AAAAGEbu/n+MW+x/AAAAGEbu/n+KW5rsf+//1//r/7ev//f+/wtO8/3/qxPv/3f1/4ek/5+n/19D/6//1//Pv/9/5t8CoP9nytL6/9z9/xy3NNn/AAAA0EHu/n+JW+x/AAAA2A6X/rMDl/8DpSF3/7/GLfY/AAAADCN3/7/FLePs/9l3der/9f/6f/2//n/6+cvq/73//7D0//P0/2vo/4+jn98drP+/46Afv4T+/9bj7v9n6P+Zsqf/v//i10+r/8/d/+9xyzj7HwAAANrL3f8fcYv9DwAAAMPI3f+fcYv9DwAAAMPI3f9fcUuT/X/s/f/Mv31A/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9LnFb/n7v/v+OWJvsfAAAAOsjd/z9xi/0PAAAAw8jdf0fcYv8DAADAMHL3/2/c0mT/e/+//l//r//X/08/X/+/na6qv79G/1/0//p//b/+X//PBiyt/8/d/39xS5P9DwAAAB3k7v//uMX+BwAAgGHk7n9K3GL/AwAAwDBy9z81bmmy//X/x9v/59f1//r/lf5f/6//PxFt3/+/M/VXov0O6P8f/IVzP733K/p//b/+X/+v/+eQfnjmty2i/z9/8f9d5u5/WtzSZP8DAABAB7n7nx632P8AAAAwjNz9z4hb7H8AAAAYRu7+O+OWI+7/ueZhyfT/3v+v/9f/6/+nn6//305t+/9D8v7/NfT/+n/9v/6fjVpE/3/Jr+fuf2bc4vv/AAAAMIzc/c+KW+x/AAAAGEbu/mfHLfY/AAAADCN3/3Pilib7X/+v/9f/6//1/9PP1/9vJ/3/PP3/GtvU/995Ff3/7vSXT7ufv1qn/fn1//p/9lta/5+7/664pcn+BwAAgA5y9z83brH/AQAAYBi5+58Xt9j/AAAAMIzc/c+PW5rsf/2//l//r//X/08/X/+/nfT/8/T/q9Xq7pkPMNX/n79umf2/9/8v7vPr//X/7Le0/j93/wvilib7HwAAADrI3X933GL/AwAAwDBy998Tt9j/AAAAMIzc/S+MW5rsf/2//l//r//X/08/X/+/nfT/8/T/a2zT+//1/4v7/Pp//T/7La3/z93/orilyf4HAACADnL33xu32P8AAAAwjNz9L45b7H8AAAAYRu7+++KWJvtf/6//1//r//X/08/X/2+n4+v/V/p//b/+fw39v/5f/8/lltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/p5+v/99O3v8/T/+/hv5f/6//1/+zUdP9/62n1v/n7n9F3NJk/wMAAEAHufvvj1vsfwAAABhG7v5Xxi32PwAAAAwjd/+r4pYm+1//r//f2/+vVvp//b/+/4IT6P/PrPT/G6f/n6f/X0P/P2b/f81qoP7/7IE/Xv/PEi3t/f+5+18dtzTZ/wAAANBB7v7XxC32PwAAAAwjd/9r4xb7HwAAAIaRu/91cUuT/a//1/97/7/+X/8//Xzv/99O+v95+v819P9j9v/e/6//59Qsrf/P3f/6uKXJ/gcAAIAOcve/IW6x/wEAAGAYufvfGLfY/wAAADCM3P1vilua7H/9v/5f/6//1/9PP1//v530//P0/2vo//X/+n/9Pxu1tP4/d/+b45Ym+x8AAAA6yN3/QNxi/wMAAMAwcvc/GLfY/wAAADCM3P1viVua7H/9v/5f/7+d/f8Z/b/+X/8/aSn9/w03/NRD+n/9v/5f/6//1/93t7T+P3f/W+OWJvsfAAAAOsjd/7a4xf4HAACAYeTuf3vcYv8DAADAMHL3vyNuabL/9/f/164uFKoXTPX/0ajp/y+h/9/7+fX/0z8/vP9f/6//P35L6f+9///KPr/+X/+/zZ//SP3/j+//8fp/RrS0/j93/0NxS5P9DwAAAB3k7n9n3GL/AwAAwDBy978rbrH/AQAAYBi5+x+OW5rsf+//1//r//X/+v/p5+v/t5P+f57+fw39v/7f+/9v/rkf0v+zOUvr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAGEbu/vfGLfY/AAAADCN3//vilib7X/+v/9f/6//1/9PP1/9vJ/3/PP1/ufwP7YI+/f+ZqS+edj9/tU778w/T/3v/Pxu0tP4/d//745Ym+x8AAAA6yN3/gbjF/gcAAIBh5O7/YNxi/wMAAMAwcvd/KG5psv/1//r/8fv/n9X/X/Z8/b/+f2T6//wr+jT9/xp9+v9Jp93Pb/vn1//r/9lvaf1/7v5H4pYm+x8AAAA6yN3/4bjF/gcAAIBh5O7/SNxi/wMAAMAwcvd/NG5psv/1/736/51Vx/7f+//1//r/TvT/8/T/a+j/9f/6f/0/G7W0/j93/6M7uy33PwAAAGyrn/mJX3zksL/vo0/+55nVx+KWG1fnD/ltbAAAAGDhntj9O7ur1cef/DXf/wcAAIAR5e7/RNzSZP/r/3v1/z3f/6//1//r/zvR/8/T/6+h/9f/6//1/2zU0vr/3P2fjFsuGX67R/6jBAAAAJYkd/+n4pYm3/8HAACADnL3fzpu2bf//esAAQAAYFvl7v9M3NLk+//6/4X3/6tj6v/j99P/X6D/1/9PPV//v530//Ousv8/v6P/1//P0P/r//X/XG5p/X/u/s/GLU32PwAAAAxqz99RyN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwcvd/IW5psv/1/yfe/2eqfozv/z9bv+T9/837/9vPTD5f/6//H5n+f573/6+h/x+l/79O/6//ZxmW1v/n7v9i3NJk/wMAAEAHufu/FLfY/wAAADCM3P1fjlvsfwAAABhG7v6vxC1N9r/+f+Hv/7+i/v8Q7//X//fo/w94/jj9/49cf+6Bm37+nrv0/1x0kv1//lzQ/+v/9f8XLKj/9/5//T8Lsfn+f3fPF4/a/+fu/2rc0mT/AwAAQAe5+x+LW+x/AAAAGEbu/q/FLfY/AAAADCN3/9fjlib7X/+v/19K/5//W59C/3/uivv/s6vV6lT6/2yKu/f/3v+v/9/P+//n6f/X0P/r//X/+n82avP9/94vHrX/z93/jbilyf4HAACADnL3fzNuyf2/c+S/dQ8AAAAsTO7+b8Utvv8PAAAAw8jd/+24pcn+1//r/5fS/yfv/7/448Z6//9NFaf27P9/rH5J/3+89P/z9P9r6P/1//p//T8btbT+P3f/d+KWJvsfAAAAOsjd/3jcYv8DAADAMHL3fzdusf8BAABgGLn7vxe3NNn/+v9R+/8s4vX/+v+l9P/e/+/9/ydD/z9P/7+G/l//r//X/7NRS+v/c/f/IAAA//9GqnSo")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000000)=""/41, 0x29)

1m23.711641815s ago: executing program 4 (id=113):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000800), 0xffffffffffffffff)
unshare(0x400)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000ec0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000408001d00", @ANYRES32=0x0, @ANYBLOB="080001"], 0x24}}, 0x0)

1m23.421962507s ago: executing program 4 (id=116):
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/pm_async', 0x80802, 0x0)
sendfile(r0, r0, 0x0, 0x6)

1m23.200611276s ago: executing program 4 (id=118):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f0000000440)={[{@resgid}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@delalloc}]}, 0x2, 0xbe0, &(0x7f0000001f40)="$eJzs3M1rHOcZAPBnRquVZKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKFVp/IKm4knVYtf9Av86FXgJJTEIO8dmXhOSaS2JfE3IImKBYCYSQKMx+SBtrV5LjXY0j/37w7rzvvLN6nkfD7swLuxvAM2s8e0gjjkfEpSSi1NyfRkSx3huOqDWO21hfnflkfXUmic3NP3yYRBIRD9dXZ1p/K2lujzYHwxHx1q+T+M4/dsZdXF6Zn65WKwvN8amlqzdOLS6v/Gzu6vSVypXKtckzv5g6PXVm4uxUz2r99N3zdz7+0W/fr332wue3P/rPc0mcj9HmXHsdvTIe41v/k3aFiJjudbCcDDTraa8zKezxpLTPSQEA0FXadg/3vSjFQGzfvJXitbdzTQ4AAADoic2BiE0AAADgkEus/wEAAOCQa30O4OH66kyr5fuJhIP14EJEjDXq32i2xkwhavXtcAxGxJGHSbR/rTVpPO2JjUfEe/fPvpy16NP3kHdTW4uI73c6/0m9/rH6t7h31p9GxEQP4o8/Mv4m1X++B/Hzrh+AZ9PdC40L2c7rX7p1/xMdrn+FDteuryPv61/r/m9jx/3fdv0DXe7/fr/PGLee/9/NbnNZ/b+885uXWi2Ln22fqKjH8GAt4geFTvUnW/UnXeq/tM8YpS9uVrrN5V3/5v8jTkTn+luS3X+f6NTsXLUy0XjsGGPtzakXu8XPu/7s/B/pUn/r95+6nf8b+4zxp4sXX9mx8/52d/f60w+KyR/rvWJzz9+ml5YWJiOKye927j+9ey6tY1p/I6v/5I93f/13qj97T6g1/w/ZWmCtuc3Gf38k5q9u33q1Wz6t9V+e5/9yl/PfXv8bhZ3n/5/7jPGT1/99sttc+/o3a1n81loYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrSiBiNJC1v9dO0XI44GhHfjSNp9fri0k9nr//12uVsLmIsBtPZuWplIiJKjXGSjSfr/e3x6UfGP4+IYxHx39JIfVyeuV69nHfxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbDkaEaORpOWISCNio5Sm5XLeWQEAAAA9N5Z3AgAAAEDfWf8DAADA4Wf9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJ8d++Hde0lE1M6N1Fum2JwbzDUzoN/SvBMAcjOQdwJAbgp5JwDk5jHX+G4X4BBK9pgf7joz1PNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh6nTh+914SEbVzI/WWKTbnBnPNDOi3tK2f5JgHcPCG6o9/6TxZONhcgIPlJQ7PLmt8YK+1/3DjmJGIqH11ZqifaQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwlBmttyQtR0Sxua9cjvhWRIzFYDI7V61MRMS3I+Kd0uBQNp7MOWcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB6b3F5ZX66Wq0sZJ00mp2tPX3oDDQj9zFEfzpJI+9ap2MKEZF/hoepM/SvvY75czxhiGI8FZUeQGc4Ih73WXm+KwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkJfF5ZX56Wq1srCYdyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3haXV+anq9XKQh87edcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB+vgwAAP//IOcDTA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file3\x00', 0x0, 0x44)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000200)={0x1, 0x2, 0x2000, 0x1, &(0x7f0000000040)="f9", 0x0, 0x0, 0x0})

1m22.788845511s ago: executing program 1 (id=122):
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r1 = dup2(r0, r0)
ioctl$BLKTRACESETUP(r1, 0x127f, 0x0)

1m22.263210222s ago: executing program 4 (id=124):
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x808080, &(0x7f0000000000), 0x2c, 0x516, &(0x7f0000000740)="$eJzs3c9vG1kdAPCvnV9umm6ysIcFAVuWhYKq2om7G632wnJBQqvVIi2cEGqjxI2i2HEUO6UJkUjPXJGoxAn+BA5IHJB64s4NblzKAalABWqQEPJq7HGbOHFiNXHcxp+PNPJ7MxN/v8/SvBc/2/MCGFpXI2I3IsYj4nZETKf7M+kWH7a25LynT3YW957sLGai0fj0n6PpmTuL7fPbLqfPmYv4JKlPHBG3trW9ulAulzbSeqFeWS/UtrZvrFQWlkvLpbVicX5ufvb9m+8Vz6ytb1V++/i7Kx/98A+///KjP+1+66dJzt9OjyVtO7NA+7Rel7GY2rcveeU+6kewARhJ2zM+6ER4IdmI+FxEvJ2Wn8kNLicAoL8ajeloTO+vd5fp4RwA4OWXvOefikw2n77/n4psNp9vzuHl3ojJbLlaq1+/U91cW4rmHNZMjGXvrJRLs+lc4UyMZZL6XLP8vF7sqN+MiNcj4hcTl5r1/GK1vDSof3oAYMhd7hj//zPRGv974BMCAHiVGckBYPgcHv/HBpIHAHB+vP8HgOGzb/w/6re6AMAFlOv47T8AcPGdOP//Zvzsx+eTCgBwTnz+DwBD5fsff5xsjb30/tdLd7c2V6t3byyVaqv5yuZifrG6sZ5frlaXm/fsqZz0fOVqdX3u3di8V6iXavVCbWv7VqW6uVa/1byv962SHxYAwOC9/tbDv2QiYveDS80t2ms5+EIAXHgucxheI4NOABiY0UEnAAyM+Xggc8Lxrl8RetD9by6dIh+g/659ocv8//H/G/y/cT7pAX1k/h+G1+nm/80ewKvM/D8Mr0YjYz1/ABgyPbyD9xVBuOBe+PN/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGGJTzS2TzadrgU9FNpvPR1yJiJkYy9xZKZdmI+K1iPjzxNhEUp8bdNIAwCll/55J1/+6Nv3OVOfR8cx/J5qPEfGTX336y3sL9frGXLL/X8/21x+k+4tHBpjofxsAgH1GO3e0x+n2ON5e3/fpk53F9naeCT7+Tmtx0STuXrq1U28ln4uxiJj8d+ZAYzJntDDx7v2IeLOz/dlnx2fSlU874yexr/QtfjRbOHUgfvZA/GzzWOsxeS0+fwa5wLB5mPQ/Hx51/WXjavMxvf4yBzvTXPz8cOf6Atr9316js/9rXe+fXMk1+5qj+r+rvcZ494/f63rs/kjji6MRe4f63/aK0Llm6aj47/QY/69f+srb3Y41fh1xLY6L3yoV6pX1Qm1r+8ZKZWG5tFxaKxbn5+Zn37/5XrHQnKMutGeqD/vHB9df697+iMku8XMntP/rPbb/N/+7/aOvHhP/m187Kn423jgmfjImfqPH+AuTv+u6fHcSf6lL+0cPxB8/8HfJvus9xn/0t+2lHk8FAM5BbWt7daFcLm0onLaQ69czX35JGqhwTGEkyu35qJcin1MXBtwxAX33/KIfdCYAAAAAAAAAAAAAAEA3tR+kt/zr44/hBt1GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALq7PAgAA//+iDcmp")
r0 = fsopen(&(0x7f0000000100)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x6, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)

1m21.627222158s ago: executing program 1 (id=128):
r0 = syz_usb_connect(0x3, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000bde5a44070275290f515010203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000840)={0x84, &(0x7f0000000180)={0x40, 0x14}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

1m20.839290813s ago: executing program 32 (id=128):
r0 = syz_usb_connect(0x3, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000bde5a44070275290f515010203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000840)={0x84, &(0x7f0000000180)={0x40, 0x14}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

1m20.819546697s ago: executing program 4 (id=134):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @a}})
lsetxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f0000000540)=ANY=[@ANYBLOB="02000000"], 0x4, 0x0)

1m20.047538515s ago: executing program 4 (id=139):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}})
splice(r2, 0x0, r1, 0x0, 0xffffffffffff8000, 0x0)

1m19.018775565s ago: executing program 33 (id=139):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}})
splice(r2, 0x0, r1, 0x0, 0xffffffffffff8000, 0x0)

4.535311173s ago: executing program 2 (id=794):
pipe(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x161b01, 0x0)
write$binfmt_misc(r1, &(0x7f0000000200), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x100000006, 0x0)

4.182217834s ago: executing program 5 (id=800):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0xb, 0x8, 0x22}, 0x50)
r1 = socket(0x1, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f0000000240), &(0x7f0000000180)=@tcp=r1}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r0, &(0x7f0000000440), &(0x7f0000000380)=@udp=r1, 0x1}, 0x20)

3.998615233s ago: executing program 5 (id=802):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e6f626172726965722c6e6f657874656e745f63616368652c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474720000693a653d3078303030303030303030303030303766662c736d61636b6673726f6f080000006673f52b00e58abba2d0cc27be339f6f4fe5ad35a724e1531a622f050000008586eb5ba3614d2c24abf5a2614c0f111e057112dafd66336a5e3b6512b81cda80be6e9a34ccc2b88c0100008000000000e3f5def862b95c20ee847008000b0c22653d2ff39b36732e46b56357afe57094f42ba61c5e8b4e184d7dd50000000000000000c0469264c247cd3c7fcb39043dda97538456bc294ae31e525d3b664cf8e83b52b1885b866b58698b3f132aced62a4fc7c8c400b805173d7488a35708d2523190c0014689f57be6ee3f5d28935a0000000000000000000000000000000000000059c1403d010001008ab61fa90695a8b268c277645c1e357ec9316354f659d4244fe126a8364eaa0de6bf4ba21c767782a04bdbb8c86d0cc7e3f03f8ef15c0ee311768cccb8affb0ae5d7cd0000000097676c046a6c754c98dd5f400ad99a588d983ae6e07b4e0e0907266aca53b30a815a84295fb5eab2f263613d36994dc15562892c33ed149270907e9c2e4d0cac7dd9735621a0c6768d4f70c664699157854bb1b85ce3f6ea44456e4f1ae1575315d77f2b995ce4d6ce21b17ca891c155ddd9916e997c32e78231e8d54675e4edf480980023b9736180ff98cf93f888eb70abb728b7e91a5d75b7e43e54f92b6e679249576f12533bef1c93aa993977f15c0a7b595423444db6e87480c46c408f6d48afa1ba"], 0x1, 0x5514, &(0x7f0000005d80)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmy67aK3qrv4gV3KqgdPmiZpyG6SKU2a1p48eBQPnv0nRMGTR/8GD569iQfFm6BkZqpbP8ClSWPb3w8mz7xv3jzzvGFZeGZKAjiz5pNffirFtbgUEbMRcTUiOy8VR2Y1D89FxPWImHnsKBXzf0ycj4jLEXFtlDzPWSre+vTm8MbKj2/8/PW3F85d+fyr76a3a2Dano+I7lZ+vtvNY9rK48NivjZsZ7G7PCxi/kb3UTFO87jb3Mgy7NYO1tWyeLuVr0+3dvqjuNmp1Uex1d7M5rd6+QX7w9ZBnuwDD2vb2bjR3Mhiu59msbWf17W3n//ftt8f5HkaRb4PsvQxGBzEfL6518z3s/Uoi/XeoJjP86aN5t4oDotYXC7qaaeR1bFxlG/6/+3Ndm9nLxk2t/vttJesVKovVKp3ytXttNEcNJfLtW7jznKy0OqMlpUHzVp3tZWmrU6zUk+7i8lCq14vV6vJwt3mRrvWS6rVyu3KrfLKYnF2M3n1/jtJp5EsjOLL7d7OoN3pJ5vpdpJ/YjFZqtx+cTG5UU3eWltP1h/cu7e2/vZ7d9+9/9La668Ui/5WVrKwdGtpqVy9VV6qLp6h/X9UFD3G/cORlJ5s+YVJ1QFwguj/gWmYXP+//SBi8v1/6P/H4kT1vxPr/z87s/uHI3nC/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNPj+7kvXstO5vPxlWL+qWLqmWJcioiZiPjtH8zG+UM5Z4s8c/+yfu4vNXxTiizD6BoXiuNyRKwWx69PT/pbAAAAgNPryw+vf5J36/nL/LQL4jjlN21mrr4/pnyliJib/2FM2WZGL8+OKVn27/tc7I0pW3YD6+KYkuW33M6NK9t/MnsoXHwslPIwc6zlAAAAx+JwJ3C8XQgAAADH6eNpF8B0lOLgUebBs+DsL+//fCB46dAIAAAAOIFK0y4AAAAAmLis//f7fwAAAHC65b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7lpA1EcgJ8NLvSfiqru26N0B8foEbrssuIAvQRHoFfIBTgD2eUIEUR4HBSiJIrisa2Q75PMMBb8/IzwYmakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALp0Wa0X//9+/9c2Z7dv54WX/dG2bgAAAHgLttV6Ub+Zpf7H5vzn5tTXpl9ERBkRD43dR/HuJHPU5FSPfL66V8NFRJ1wuMakOT5ExM/muP7S9a8AAAAA52uzXM3TaD29zIYuiD6lSZvy069MeUVEVLOrTGnlIe9bprD6/z2OP5nS6gmsaaawNOU2zpX2LPXjfpy1m95pitSUT38/270DAAA9Gp00/Y5CAAAA6NPvoQtgGEXcLmUelwInqWmW996f9AAAAIBXqBi6AAAAAKBz9fjf/n8AAABw3tL+fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRpW60Xm+Vq3jZnt28nz90AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9tCoAgEIbBrezrX3j/w8YLeoYIZkB42EVBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBH7hnLOLXO2BJPVbVME3vGvaqOrBJnVokrF/p4sPUPfwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMvO/bzGUcUBAH8zs7NJq+IaZQ8RseBBLzbd1tbexIMSPPgnCCHd1titP9ocbClCLt4k515EjyKCEm/9H3puoZd662EPFTxX5lcy+XFYhZ3ZZD8fePO+Mwzzvm8WQr77XgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsM/5wL06yQ6+I4/Law2d317P+0YE+c3/78XLWsjhqMunj4Y36SdSvnSw2nwwAAADzIanq+xDCk3RnNevjXl7/p9U9Wc3/00tFXNXzB+v+qq9q/6z9+cfT13YH6hXjZA+9ujEanjucSmd6s5xhz1+e4KZO/ubz716S/AOJP9l6dZzm7zP64cGDj7p5uDD9dAGA/+ds1ZdB9ftQ1g/aTAyAudGpFd5V/Z/02s0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAnjrfBCFUchhOXOXpx59Ozu+lH9/e3Hy1W7dO/edv2Z2SPSEMLVjdHwXFhscDaz7dbtO9fXRqPhzeaDN0MIbY3+QTn9659NcHMIU0rjTEtvfs6CuPywZyWf4xG0+EMJAIATKS1bVtc/SXdWs2vRUgjPf95f/79di8OE9f/Tzy89rI9Vr/8Hjc1w9q1s3vh65dbtO+9u3Fi7Nrw2/PK984P3BxcuX7x4eSX/rqQ4tp0mAAAAx1i3bPX6P146vP5/uhaHCev/b34cfFcfK1H/H2lv0a/tTAAAAObbK2f++Ts64nrU7YZv1zY3bw6K4+75+eLYQqr/2ULZ6vV/stR2VgAAAEATxlvRvvX/K7U4TLj+/+Ivr/9Wf2YSQjhVrv+fXf9qdKW56cy0qfzx8EL5cDsLAAAAKOvxUwfW/9N8/3+8u+UhDiG881YRl/8GcKL6P/n4+1/rY9X3/19oboozKe4X7yPv+yF0+m1nBAAAwEm2mLdeXv//le6sfvH76U+79v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANO3fAAAA///FdTwZ")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x4)
fadvise64(r0, 0x5, 0x8, 0x4)

3.727304125s ago: executing program 7 (id=806):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f0000001a00)=ANY=[@ANYBLOB='nobarrier,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6465636f6d706f73652c666f7263652c666f7263652c756d61736b3d30303030303030303030303030303030303030303031302c6e6c733d64656661756c742c00d4023937168c6a03faba6a3338c76bbb2cc123a1966858d8147d2c8f6696a3afb73a4233a7d6d17cbf793d9f3d5dc088fadadfdb7688c6a99fb22e09bb9b1fbe01fd94fae1e35f93fdbc2d26ac49430c71a16ad073e2416238a4b5f8c9877c553b2690fd7148fad9a9579680000d1a5caad58758c05f80c742dfc96510890d6ab62c3d6bc97ea00353e76f0f436500c88ef1b3ec52d6d1b6189c2c09e76160176ee4c21e9bcebdcac3565569f673575a04183f4095c2743d1547baa170a07fb5b39c0af610bbf13953ecb5e354858f41aa5b7bf2fbde", @ANYRESDEC, @ANYBLOB="3a0aa43997961fb35642d7fc49340ba7330b0be70418efc3702ffac5c93acc0d485cbbe1ec6c3e3d2ac3687f3ef0b57a3df15c3fbebd60f51547f02964a408a4c74a745737cfa10dde2b5121113c1d18b62fe3eb600442e56dbc07f3dfa98890bc79274c63d458dfa69d96bee6aa59471d4be17ddd6c0d1d71da57800f6897a341eba44b256a9bfd56b597f66aec3b46aa4d5289673ee3d138043d2a180bf1b27c48de056d144456736cc2033afb7f300019f197a8416cf7da0b1f8b78277423cd13c22c996c31ef469bebf8ecb9bebe22506c0ef054c89414"], 0x44, 0x6f7, &(0x7f0000001f80)="$eJzs3U1sHGcZAOB31uu1N5XcbZu0BSHFakQEDSS2l5IgIREqhHyoUCQuvS6J01heu5HtIidCxAUKRzihHDgUIXPoCfWABOKAKGckJK4o90jcIw4smtmZ9f7Y693GP0n6PNJ4vpn5ft55O/Pt7myjDeAza/HtmNyOJBYvvLWVbj/YqTcf7NRXi3JETEVEKaLcXkWyFpF8EnE12kt8Lt2Zd5fsN84bD//0m/P3P6q3t8r5ktUvDWu3qzVkhO18idmImMjXYyrv19/1eHOgv3tjdZ104k4Tdq5IHJy01oDtcZqPcN8CT7p7EROTe+yvRZyKiOn8fUDks0PpmMM7dGPNcgAAAPBkmjiowvOP4lFsxczxhAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPhqT9m4FJvpSK8mwkxe//V/J9qUrlhOMd7isHHP/g5jEFAgAAAAAAAABH4uP8i/uzj+JRbMVMsb+VZN/5v5ZtnM7+PhfvxUYsxXpcjK1oxGZsxnrMR0zOdHVY2Wpsbq7PD7b8daQtW63WvbzlQkTUBlouHMNJAwAAAAAAAMCz6yexGDMnHQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRLIibaq2w5XZRrUSpHxHREVNJ62xF/KcpPuuqQY389xjgAAADghBQfjWeS/7ULrST7zP9y9rl/Ot6LtdiM5diMZizFjexZQPtTf+mf2/Xmg536aroMdvzt/4wVR9ZjREzE+/uMPJfVONNpsRjfje/HhZiNa7Eey/HDaMRmLMVsVNOTiEYkUau2n17Uijj3jvdqz9a1/tjO9m2/mkVSjZuxnMV2Ma5Xov3YJDuHdMxXu0b7YyWib8T30+wk38qNmKMbXf+9fpU/l8m1nh+xj6NRy858spORuTT3eTZeGJ77Ma+T/pHmo9R5BnV6d5R0s3+kIuc/GCfnp/J1muuf9+b8sI35KK0/EwtRyq++iJd7c377i/df7G385X/97dqt0trKrZsbF47wlB7H7EEVJotCfybqXZl4ZfjVl2eimWZie/RMTPbvmB615dGq5NnIpqIRZ8vvZKVGvNZ1Cb4bN2IpLsdczMeVmItvxELUO1dYupzpyWu5vtqbk+xeKw3Ob8OexJ77UlelXxxQ+XileXmhK6/dM10tO5bvufrLmOu6+l4cfvWN/SqQjv/5vJyO8dPOK86ToCcT+dxcRPfS8Ez8tpX+3Wiurazfatwecbzz+Tq9bT/onZt/N3rU/a/uhyG9XtIZt5xtZTmpFtdLeuylTrS9+ark37i025UGjp3pHKvFTCzH9/a9Uyv5e7jBntrHXuk+9u/dmbOSv78pjvW8y4l3o5m9C+lz4FQNwDE79fqpSvVh9R/VD6s/q96qvjX95tSVqS9UYvLv5T9P/KH0+9I3k9fjw/hxzJx0pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CzYuHN3pdFsLq13CjHdv+dxC5V9xxpeiNKBdXaeG63DqEUMHyvJC5XDPfensVCNvj3FLyw9bs8fR8SQOpXHDj4Z+xobu5Dm4VA6LH44LdvTmhijeblotXedcmxMx0ojKe9xx03t3gVRW2k0/9vqaV6NrlsGeMZd2ly9fWnjzt2vLq823ll6Z2lt4crlK5frX5//2qWby82lufbfk44SOAobd+5OnHQMAAAAAAAAAAAAwHjy//t/81P/Y4byAXUq6xt7j3z2uE8VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeEotvh2T25HE/NzFuXT7wU69mS5FebdmOSJKEZH8KCL5JOJqtJeodXWX7DfOGw+jdP7+R/XdvspF/dKwdqPZzpeYjYiJfH2wqT26Gezveld/258qvKRzhmnCzhWJg5P2/wAAAP//vnbzsA==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
link(&(0x7f0000000ac0)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

3.470074832s ago: executing program 2 (id=808):
syz_mount_image$ext4(&(0x7f0000001f80)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000000c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@discard}, {@nodelalloc}, {@jqfmt_vfsv1}, {@quota}]}, 0x1, 0x251, &(0x7f0000000240)="$eJzs3T1oJGUcBvBnZnc9c7fIqY0gfoCIaCCcnWBzNgoHchwiggonIjbKRYgJdlkrGwutVVLZBLEzWkqaYKMIVlFTxEbQYGGw0GJldxKJyfqVjTNH5veD2ZnZ+fi/w87zzjbvboDWOp/kYpJOktkkvSTFwR3urqbze6srMxtXk+HwiZ+K8X7VemX/uHNJBkkeSrJeFnmpmyytPbP9y+Zj97252Lv3/bWnZ2q9yD0721uP7753+Y2PLj249MVXP1wucjH9P13XySsmvNctklv+j2LXiaLbdAv4N6689uHXo9zfmuSecf57KVN9eG8t3LDeywPv/tWxb//45e11thU4ecNhb/QMHAyB1imT9FOUc0mq5bKcm6u+w3/TOVu+PL/w6uyL84vXXmi6pwJOSj/ZevSTMx+fO5T/7ztV/oHTa5T/J6+sfjta3u003RqgFndUs1H+Z59bvj/yD60j/9Be8g/tJf/QXvIP7SX/0F7yD6dYb39hMHGz/EN7VfmvhuHJP7SL5z+018H8AwDtMjzzt6OD6xuIDNSu6f4HAAAAAAAAAAAAAAAAAAA4amVm4+r+VFfNz95Jdh5J0p1UvzP+P+LkxvHr2Z+L0W5/KKrDpvLsXVOeYEofNDz6+qbvmq3/+Z3N1l++lgxeT3Kh2z16/xV799/x3fwP23vPT1ngPyoOrT/8VL31D/tttdn6lzaTT0f9z4VJ/U+Z28bzyf1P/+BPLB/TK79OeQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABq83sAAAD//3oobDA=")
r0 = creat(&(0x7f00000000c0)='./file1\x00', 0x1)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)={0x20052f9, 0xfffffff8, 0x100802, 0x2, 0x8})
link(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

3.395967505s ago: executing program 7 (id=809):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$xdp(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)="68a3", 0x2}, {&(0x7f0000000180)="4189efd8", 0x4}], 0x2}, 0x0)

3.00818204s ago: executing program 7 (id=813):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0003bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)
write(r0, &(0x7f0000000040)="2400000021002551241c0165ff00fc020200000003100f000ee1000c08000b0000000000", 0x24)

3.007274004s ago: executing program 0 (id=814):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in=@remote, 0x4e22, 0xeb, 0x4e20, 0x1, 0xa, 0x80, 0x120, 0x73}, {0x5, 0x9, 0x0, 0xeb, 0x70000, 0x5, 0x4, 0x3}, {0x8, 0x7, 0x80000001, 0x400}, 0x6, 0x0, 0x0, 0x1, 0x2, 0x3}, {{@in=@rand_addr=0x64010101, 0x4d5, 0x33}, 0x2, @in=@private=0xa010102, 0x3502, 0x4, 0x2, 0x1, 0x201, 0x9, 0xb03}}, 0xe8)
syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0)

3.001659556s ago: executing program 2 (id=815):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0xa4, 0x24, 0xf0b, 0x70bd28, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x2}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x1, [0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1], 0x0, [0x8, 0x4, 0x2, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x3], [0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0xff20, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}]}}]}, 0xa4}}, 0x0)

2.656542794s ago: executing program 6 (id=817):
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r2=>0x0)
io_submit(r2, 0x2, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x4e}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x4, 0x6, r1, &(0x7f00000001c0)='m', 0x1, 0x1}])

2.612171305s ago: executing program 2 (id=818):
r0 = gettid()
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffbfffff5]}, 0x8, 0x0)
readv(r1, &(0x7f0000002940)=[{&(0x7f0000000000)=""/93, 0x5d}, {0x0, 0x3c}], 0x2)
tkill(r0, 0x8)

2.597769465s ago: executing program 0 (id=819):
r0 = socket(0x10, 0x3, 0x2)
bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
connect$netlink(r0, &(0x7f0000000100)=@proc={0x10, 0x0, 0x1}, 0xc)
write(r0, &(0x7f0000000000)='\"', 0xfdef)

2.596891224s ago: executing program 5 (id=820):
r0 = openat$rfkill(0xffffff9c, &(0x7f0000000040), 0x8080, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x80001001})
epoll_wait(r1, &(0x7f0000001940)=[{}], 0x1, 0x1)

2.532790409s ago: executing program 0 (id=821):
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
r0 = syz_io_uring_setup(0x3aec, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff86})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

2.048736084s ago: executing program 7 (id=822):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket(0x200000000000011, 0x2, 0x1)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0xfdef, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@response={0x2, 0x0, 0x0, "82d18160f7d8dda36479a6b179161b4bbff2d0508977b3928ebd2dee05607d17", "0194bd7b1b0303c5ba7f602606a285b3", {"30da2d58da817f8a5f77a23de36a2164", "3b33cfa231a427159c7b9f0eceb155f0"}}}}}}}, 0x0)

1.968745858s ago: executing program 2 (id=823):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x5599, &(0x7f0000005680)="$eJzs3X1oVecdB/BzTaKhFpPV1alY6RSqdGVTW5DNUeNLZjvfkhq0NTXGaWudrViZW9qJCwliOi2NSh2jrjhkRVtWApO+iFPXoUM2psikszLnim44ahZ1gh2Tjdx7n+u955rk1nVNXz6fknvuc3/nec5zD+eP+731OTcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAKIoSm289OevImvqxM8fNeeA/j7y669ljk5aNPnL25/N3TCuqWv1U3fSGlrq5UzqaKxfPP3p1/aEoSqT6pfsvnHzfA4/OWTizNAxYX53alpd3ecjk4+lUo2/Oi539cv8WRVFUEhugKL2tLMpqJ+IHiFblD9it6k1X3lxWM/XtxssXJg6vHbU3/63TqbS3J9Bb0tfVmWvXUkXysU9sj0w769JL5Fyiqf7xC+4jeRMAwAcypiq5yXwcTX/EzbQb4/VYuyLWbo21wyeE1uzGjUiN27ered4er/fSPCtSUaFfl/OM1dPnP9OuivePtWNR4wPMM3fXdKQp7WqeK2P13ponAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMfJu5PmXZgy/cXLfSfV7hiy4a+z+mxcv+9UbfVLd+2sPrHujf61ddMbWurmTulorlw8/+jV9YeiqDzZL5Hqnnhj08Kn+tbNfHDzQ2srZ0w49FpRetywLc7aOfpjePLVsij6VlblTBj23IAoqsotJJvRj/MLy5JP7g8FAAAAPk2GJB/7ZNqpOFiS004k02Qi+V+QCovVm668uaxm6tuNly9MHF47au+Nj1fVxXgV1x0v0y6/9pfICsYh/sbHu1YPu67KG6d78RHjef7YtHdmnBlRf27rlfNNTWsv7h534K73tkw93/zNd/av6Hf/cyPy8n959/k/nDn5HwAAgP+F/B8fp3s95f+3ZlfOaPvDvT/6/biv/31o9cZ3m/YmVg09vmLkd+ZNPPXa869fzcv/t+ccMi//hxmH/N8nurH8DwAAAB9n/+/8X5E3Tvd6yv/PHDwxdM+ogzWN0furyv6VOLhk36nnvtZ8ec29216oPDvrsf55+X9MYfm/OHva4cXfhQkvL4uiMYWfVAAAACBH+P/u175aCHk99c1BPK+/PP7FnRdLZxYvKf7yrl3bnl5TevcdA5fWLn5l9EtDnjg8/9nVefm/orD8X/LRvF0AAACgAIs23L100D/mjd+2pH32rVePVg66Z/vRO25un7G6Zv2kFbec/kpe/q8qLP/36523AwAAAFzHsfmPLFrxt9071v16xOQxpe9PGTn7e3WX9hwe++9RNR0vjP/GW3n5v76w/H9Tepte+ZDqdCj8K4QtZVFU2vlkZarwm6h1YqYAAAAAfEhCTm/44eylDZuf2fbPizV3vtJ8y8utf374C+V3bpz2s+9vOT63adO+vPy/svv7/4c7HYT1/zn3/8tb/59VSN31b4IbAwAAAPBZlL+eP9weP/XLBV39/n6h6/8fe3r4o1u/+5Olv7itfHfitpNPfumJ5ocrfzpwYHvL6JHNRYNL8vJ/Y2H5vyh7+2H+/h8AAADcgE/a7/89lDdO93q6//+0BesOL2gf+/kDLe3Pjxn02znFDy7Y+af2m/c/Oax9/7nzLcPy8n9rYfk/bPtnv70D4fw0l0XR4M4n6bsJ7grTXR4rtJVkFVInPtZjTuiRLrT1yyokrYz1GFcWRV/sfNIYK3wuFFpjhY4B6cL2WOFIKKSvh0zh1VjhQLjStg5ITzdeeD0U0gss2sIKiv6ZJRGxHpe66tFZuG6Pk5mDAwAAfKaE8JzOsiW5zSgeZdsSPe1wU0879Olph6KediiO7RDfsavXo/rcQnj9L6dXv/f48l/WTmi4Z+7kPcOOP37f2bE/+PbaX83uv6XxxKUpTXn5f3th+T+cir6pTVfr/6Ow/j/9u4aZ9f/1oVAeK7SFQlX8jgFV4RipsLshHKO8Kt2jY3CmAAAAAJ9q4XuBol6eBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBf9u49Sq6qThTw7nd30uk0OI6AykSdJEZMdydBlICLPERUjHQYZFTGPEg65NEkIQ8kwYWBsBwUdQLBxDvDXQS4WYCixDgEERgSlcC9RHnNMAzyFLiBUSFc3nCZ3NV9aleqzulKV0wa0tzv+6NrV/3289Sja59zah8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPj/w+BDv7LgilOeuWnkC3936imNC59+bsxlB3/kiPqb5h48/PUtd8+6fcrxZ10w5eSJO1YeO+Mrd7/591tDaO8uV5EUr/j5RVOX1U6Z9KWLv3zOsZ8/auum2ly9uXgY2PWnMnfn/Njqk4NCuKEihOp0YGRjEqjJ3W+M9b2vMYQDwq5AvkTHgKREuuFwW0MI68KuQL6qGxtCaCwInHTvL2/9blfikoYQhoYQ6tJtPFyXtNGQDgyrTQID0oEF1UnglZ2JfODnlUkA9lp8M+Rf9BvaizM091yuxOuvZp917O2VHl5VTDSXzven8X3cqQK16Qfa9+ppy1RHn8i8PTZ7t/WDd1tmO6/ytBV+kcp9Q9m5K1QXKmd2zJq+tHNJfKQytLRUlaqpj57nh5//+ow9Sfeb12HsQPM+eR1W7dh+59mNn7pu9aD1r64ce+WWve3mQwWbtDDd1+pC7jXXb57HaJzPk37w9st8SxriS1cI4V9vqNv26hcuf/nTa7ZcPem8v13zzIjTW9veuO+F6yctWLXg+v/+i8z8v3n38//4co63lUW5Y6tvNCVz8/hIY0w815TMzQEAAKDf6A97Tac+NOvF4b/5xD9PvvHR7YOO/5tFqw/+de2Wdz34VOX4Z285ecT81zLz/yHlHf+Ph/wbC0e7OYRx3YmVg0M4qPvxJHBN7M6pg0P4QHeqvTgwPhXYHMLB3YkR+apSJepjiSGpwPamXGBcKrA1BtpTgfUxsCoVOD8GNqQCM2JgcyowIQbCnOJxfKQpN46yAw0xMC3ZiBviWQgvNMXWUtvqd/mqAAAA9pHc7LCm+G7BuQ57myFOLzc09JYhnoFdMkNdqob0DDY/rSpZQ3VvNVT2VkN+3Ct2P/xMzRW91Zw5DaOiOMPSb/7h/rFfXDW3euj22sNemnfczN8d8/41O1s++uPanT8cd9fahsz8v2338/+6HjpSkTn+H8Lk7r8xd2Uu0pmPT2svygAAAADshdETP/ZPl733l9fdcuLnfzv4jiOv2PjDqbVjv/XK0nt+uGLCudt+dEFm/j+uvPP/4z6RqoLMYVvcDTFvcAhtxYGk2qOygeSo98BcAAAAAPqD/PH4/LHwObnb5BTt9Hw6m799D/PHA//jesw//pC/fmzDf8z99k8nTjli7TmPzd9+1+EfrWn7m+cf/tIF86Z947JvZub/7eWd/z+g+DbpxNbYi9WDQ6gvCNwee9kV6DYkBh47pjiQG//WuAEujFXlTkzIV3VhLDEtBtpSgXWlStydL3FQcSD3ZOUbX5kfx5xciYIAAAAAvOXi7oB4XD6e/3/fgg/PPmpb3aG3rKr46V/uuKZz4vVtNc+M/VXT61/4whNff63xzMz8f9qenf/fPQ/OnN7fOTCE1uoQqtI/DNg2IFkYMAYaK3KJWwYkdVWlqzp3QAhHdw0sXdXjufX/q9NrDN7bkFQVAwd98Ornh3UlrmwIobUwcP8pl3+sK7EkFcg3/sWGEP6qa7Tpxq+vTxqvSTe+tj6EQwsC+apOrQ+hq7HadFW/rMtdxyBd1XV1IbyrIJCv6oi6EJYFAPqp+K90ZuGDi5ctnze9s7NjUR8m4j78hjBrTmdHy4wFnTPrSvRpZqrPRcsYnZsdU8nlkFLiEkWr7lk7tJx0/neCbYV9ye3Hz5w4mLsfvwvVdI9zdE3R3THpIX/4Q9kmQsE3qbdryAMKK9n1JGbqj/lrw8BQv3Rxx6KWs6YvWbJoVPK33Oyjk79xUMm2GpXeVgN66tt+8PIYXlhJ65LTF7YuXrZ85JzTp5/WcVrH/NFtYw5vO3LMqCM+3to1qrbkby9DHd5T1amh7rz8rR/qIdUFlbwVnxoSEhL9LfE/zjj95DuOnPOpE+5d+oGj1oybcPaNh89qXXPb9ZPWT3ts8I9GXZKZ/y/c/fw/furET/7c+gyljv83x8P8yeO7DvNPi4F15R7/by51ND9/YsCQVGBFDKxwmB8AAIB3hrg7Mu52jHutH6q74qrDL3329C2jJn7tzOaRv57wwXEHfvqML99x3H/+3/d/7xN//N+Z+f+K8n7/v4/W/88vXf+5Usv8j4gl2kqt/59e5j+//v+KUuv/p5f5z6//v+5tWP9/aT6Q2iQvWP8fAAB4J3jr1v/vdXn/9AUCMhl6Xd4/fYGATIZel/Ev9wIBe7z+/5PHXPv0B97/TPvPrr/j8ekXn3HOx9fUD9uxrL7l9m//+y9u/MqpgzLz/1Xlzf8t3A8AAAD7j2uPffLfjr3q+7ec3Pjsj2sWzT7/5vNuahz2WsWsjfMnDJh8zez/ysz/15U3/3/r1/8Lpc7/H1Iq0F5qYUDr/wEAANBPlVr/b/tP6i+9sHHHuk0bXv/ske9+/Tt3fOdrry34wQ8+89H3zV48adyEmzPz/w3lzf/jaReVRbljb95oSta0C+k17Z5ryv9kAAAAAPqHytDSUlNm3qKVUcf/+W3GpUB3ly504nE//WT70HffPufaKa3/cN99Ha2H3NnUsH7+zi+d8PTyp05YeWVm/r+5vPl/0e8yqnZsv/Psxk9d98bqQetfXTn2yi27jv8DAAAAfafc/RIAAAAAAAAAAAAAAMDb770Lxoy/t+Xxd1+0evn5zdddcfmbm1q3fPUfL6na/uHZf7hg7uiGzO//w+TucqV+/x+v+xd/X/AXRbljq72v/5e7f9LxP1nWvWThtqYQPlQYmHfevANC7tr8wwsDt351xHu6EuelS9z8yISnuhJT04HPjDzw5a7E0anAtLhI4sHpQLyq4suDUoG4vOJ96UDcHhvSgdpc4FuDknFUpLfVM43JtqpIb6sHG0MYXBDIb6sbGpM2KtIDvCQVyA/wjHQgDvALuUBlulc/GZj0KgYaY9HLBia9AgBgvxW/BdaEWXM6O9riV/h4e0h18W1UtGTZudlqq8psPi5NtuqetUPLSVelv4vuutZ4TajrGsKozNfVwiwV3aPcN7X0sun+osSQe1vtra82XW3pETUkI2qZsaBzZk2vAx/Te5bR1b1mGZWZ7BRmqezepGXUUkZfyhhRmdumjC7H+5WhpaUqlWtsDDaHIr29Isr9vX5Pa/6VekV0+cSXb/rD41ubPn3Ye9pPO/+eyvff+6sDr3jxQ688dN1hm/7bR9b++urM/L+5vPl/XeG4Xs5dDGBFvLLeUYNDmFbmiAAAAOCdb/b8Ry6+4FcXbX+sfdhTC1ovuvWBZT9YXt10zfnHPnjzmS+d8r2pexu/9skTfvvAb3+0cdj4WxaOGfDEWVdedtw9d92xetvxb95w2P8ZOePRzPx/SHnz/7hjLHcoONnbsTle/3/l4BC6L63fnASuicM9dXAIH+hOtccSyQX1PxdLtCWBa+IOkxGxxLT24qrqY2BDKrC9KRfYnApsjYHcXoqrQ25XzkVNIXysOzW5uMTCWKI5FTghBoakAi0x0JYKDIqBcanAHwflAu2pwJ0xEOYUb6ufDcptKwAAgD2Rm2fVFN8N6XnehureMlT0lmFAbxkqe8tQ11uGUqOI9zfGDDWFx+NzGeJDNelaG1K1ZDLEi+Hvcb8yGcLdxTnTBTNN588kaS7OGTN8+x8f/OT0lx6+YemP3hh+4rmf/PH3tm16be4Tp40cPO3VsfNGfPuPmfl/W3nz/wHFt0nrW+P8f9f1/5LA7bF7q+Op40Ni4LFjigO5HQNb42T3wnxV7bkSuUn7hbHEuBgYkgosjIFxqcC0ybnAuvcUB3Iz7XzjK/ONz8mVKAgAAADAWy7uIIi7aeL8/9K/mz353O+0dqyc9dWnps0Y+ukDL33fpcfcNOk3c9cedOCpd14zLzP/H1fe/D+2N7CwsfNjb54cFMINFbt6kw+MbEwCcT9GY/x5/PsaQzigYAdHvkTHgKREbarhcFtD8gv12nRVNzYkawzE+yfd+8tbv9uVuKQhhKEFe1/ybTxcl7TRkA4Mq00CA9KBBdVJIO75yQd+XpkEYK/l9wrGF1TuVJe85p7LlXj9vVOuCZoeXmYfaA/5evrNVV+pSz+Q26eat2dPW6Y6+kTm7bHZu60/vtuavdsKv0jlvqHs3BWqC5UzO2ZNX9q5JD5S+EvWjD56nnv6Jevu0vvgdbjiz+9t7+rSHWhLfXy09Vyu59dhRayuasf2O89u/NR1qwetf3Xl2Cu3lN2NEuIm/cuvjR/2UMHm7Wt1Ifea63efJ+0+T/rjv4EhnrYQwqbnvlF/5okn/tsB/7Rw0/cf/a/mV7/1zTs2blzW1HJz1ZpJF3722sz8v728+X916rbba3FjLh4cwocLNu62uPknDk4+BwsCyafku7KB5JD7E00lPzkBAABgX8vv7sjvL5iTu01OCE/Pk7P52/cwf9xfMa7H/OX2+4TP3/0vf7vid6u/uGX9AxW/+f3GK04YM3XhYwvvu3jiP/+v31/16I2Z+f+03c//61PddPzf8X/6iOP/Pdrfd0XXpx9YsVe7ojPV0Scc/+/R/v5uc/y/R47/O/7fE8f/e+H4f4/296ct8y1poS9dIYSnn/2XC//hgmUnPfTqu4+4+IE/PTjx7IobOv9j+kPPdLzx0Vdm3XpoZv6/sLz5v/X/el60L7/+37RS6/8tLLX+3wrr/wEAAH2qxEJz6XleZvW+TIb06n2ZDL0uENjrEoPW/9vj9f82nFz9+1/P/ffvf+6+pw+vnHr/f46eP++m4UcdM+KqNU+t+NcX2lsy8/8V5c3/48thYGHr/WX9vyGTS1S1KgYWWhgQAACA/VGpHQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8vcaceedL33lh+2G3Lrlt5cnj/3r1qV//7NEH/+zKnZ/YHL7x4vKX7ply/FkXTDl54o6Vx874yt1v/v3WEOZ0l6tIilf8/KKpy2qnTPrSxV8+59jPH7V1U12u3prc7XuLcsdW32gKYV3BI40x8VxT151dgZOO/8my6q7EtqYQPlQYmHfevAO6EuubQhheGLj1qyPe05U4L13i5kcmPNWVmJoOfGbkgS93JY7OBSrS3b10UNLdinR3vzsohMEFgXx35w4qrirfxnG5QGW6jasakzZioDEW/UFj0kYMdMYSc+pDaK0OoSpd1f+sS6qqSlf1i7qkqqp0VefUhXB0CKE6XdUjtUlV1emR31WbVBUDB33w6ueHdSXW1YbQWhi4/5TLP9aVOCMVyDd+Ym0If9X1kkk3vrEmabwm3fglNSEcGkKoTZd4sTopUZsu8Xh1CO8qCOQbn10dwrLAO0L88JlZ+ODiZcvnTe/s7FjUh4naXFsNYdaczo6WGQs6Z9al+lRKRUF657nZeGWZY3/4+a/P6Lpddc/aoeWkq3Plarq7PLqm6O6YfdX7ij7qfezXgMJKdj0fmfpj/towMNQvXdyxqOWs6UuWLBqV/C03++jkb1UummyrUftqW5Xrz91WwwsraV1y+sLWxcuWj5xz+vTTOk7rmD+6bczhbUeOGXXEx1u7RtWW/N0XQ708G6/q46EeUl1QyVvxASAhIdHfEpVFn25t+/u/7MwX/V0drQl13R/QmWlFYZaK7lHui0GP3318Xw46MyXJjGhUZuKQyTK69yxjMpOJXVkakizd3+syk8PCmiq7N2m8XxlaWkr+p2suvlu4+f7Uw+YtV9x05aYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+H/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuBQAAP//CAsM0g==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0xb7d4, 0x1001f0)
fallocate(r0, 0x3, 0x4, 0x11600)

1.843633658s ago: executing program 0 (id=825):
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x48e01)
r0 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x11100, 0x3, 0x179}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f0000000440)=[{&(0x7f0000000140)="8d37", 0x2}], 0x1, 0x0, 0x1})
io_uring_enter(r0, 0x4d10, 0x2, 0x2, 0x0, 0x0)

1.722817632s ago: executing program 7 (id=826):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setresuid(0xee00, 0xee00, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$setlease(r0, 0x400, 0x2)

1.566749993s ago: executing program 0 (id=827):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000002680)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)="18", 0x1}], 0x1}}], 0x1, 0x0)
shutdown(r0, 0x1)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000004c0)={0x9, 0xff, 0x204, 0x5, 0xb7b, 0x2, 0x2, 0x2}, 0x20)

1.511567921s ago: executing program 3 (id=828):
r0 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r1)
socket$inet(0x2, 0x2, 0x1)

1.471413617s ago: executing program 7 (id=829):
r0 = syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
gettid()
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="043e0d05"], 0x10)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="0000099584"])

1.402502771s ago: executing program 0 (id=830):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f00000000c0)='./file4\x00', 0x0, &(0x7f0000000a40)=ANY=[], 0x21, 0x555d, &(0x7f000000a780)="$eJzs3E1vG1UXAODjpGnffrwlQizYdVCFlEi1Vacfgl2BVny2qgosWIFju5Zb2xPFrhu66oIlYsE/QSCxYslvYMGaHWIBYgUSyHMnLW2pVOgkps3zSOMz986dM/eOkkhnJnIAe9Zy9uvPtTgaByNiMSKORBT7tXIrnEvh+Yg4FhELf9lqZf+djv0RcSgijs6Sp5y18tDnJ6bHz/z01i/ffHdg3+Evvv5+fqsG5u3FiBhupP2bwxTzXorXyv7WtF/E4elpGdOB4fWynad4s7teZLjZ2h7XKuKpXhqfb9wYz+LVQas9i73+1aJ/Y5QuOJ72tvMUJ1xrbRbtTne9iP1xXsTerTSvrVvpb9ut8STl6ZT5Pi7Sx2SyHVN/d6ub1rNxvYjt0STiwN17kXe6W7M4LWN5uWjng04xj/V/fZv/6154pz+6sZVNu5vjfj7KzjSaLzWaZ+vNzbzTnXRP11vDztnT2UpvMBtWn3Rbw3O9PO8Nuo12PlzNVnrtdr3ZzFbOd9f7rdHtZrNxqnGyfmY1S3snstcvvZ8NOtnKLL7aH92Y9Afj7Gq+maUzVrO1xqmXV7Pjzezdi5ezy1cuXLh4+b0Pz39w6ZWLb75WDnpgWtnK2sm1tXrzZH2tufpPl/zbPa1K15/t8Po/KSf9WOuHCtXmPQGAJ4/6H5iHnav/N69EPFj/L1Rc/8fj1v9Ff8q7h+v/J6v+raT+t36ojPofAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDP+mHpyzeKneXUPlz2/7/serZs1yJiISL++BuLsf+enItlnqWHjF+6bw7f1qLIMLvGgXI7FBHnyu33Z3b6LgAAAMDT66vbxz5L1Xr6WH6ksw7u8KzYJemhzcKRjyrKV4uIpeUfK8q2MPt4rqJkxc/3vtiqKFvxAOt/FSVLj9z2VZXtkRS/7m+ncGclRailsHD/GZWtFgAAmJvFe8LuViEAAADspk8feuT6rs6DXVaL7VeZ2++Ci/+8v/uy72Bqe/UHAAAAT67avCcAAAAA7Lii/vf9fwAAAPB0S9//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/snM/N2oDURyAn40dSEIUFOWeVnKDMlJCjjlGFJAmKIG0kAaogdxSQgQrPF60rNhdWI9Bu/o+yR5smZ/H/DnMjPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD79rZez3z+//Oqas9l2k+dpAAAAgGPW9XLWvJik4/ft+Q/tqU/tcRERZUQcG7sP4s1B5qDNqR+4vr7Xhz8RTcLuHsN2ezeO+BrNto2PfX8KAAAA8CpVu91qvpim0XraTa7dKzo74ztMkzbl+FumWxcRUU/+ZUord3mfM4U1v+8qfmRKayawRpnC0pRblSvtJM3ffT9rN7rTFKkpH39/tmcHAAAuaHDQXHYUAgAAwCV9v3YH6MPbJ68o4nYpc78UOEzN6CDCYh8AAAC8XMW1OwAAAAD0rhn/n1P/L06p/1dlqv8X+/p/8V/9PwAAAHi2VP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPq3r5Ww1X0y75my23eR5GgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAG/bnHQVCIAzCYO/6zmTuf1hp0NTUpAqEj78xGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42J+XFAiBIIiCOeN/J33/w0qCnkGECGh4VFGLBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42Lmf1ziqOADgb2d2tmlVXKPkEBEFD3qx221t7U09KMGDf4IQ0m2N3fqjzcGWIuTiTXLuRfQoIijx1n/AU29CC73UWw97iCCCl5WZnclOfoATJTNr8vnAm/fdyWTe981AyHfeJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAYfT2NI7TTXcSR/m++1u3V9L+wa4+dXfj4WLa0rhVZ9L/Dy+UP8w1lwcAAADHSFzU9yGER8nmUtpH3az+T4pj0pr/m6cmcVHP7677i76o/dP280+Pn9seqDsZJz3p5dXh4MzeVNqHN8vZ9vQ/HtHOrnz27CXObkj03vqzoyS7nq2v7t17p5OFJ+rIFgD4N04XfR4Uvw+lfb/JxAA4Ntqlwjuv//+Muw0nBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCD0Xp4oohbIYTF9jROPdi6vbJff3fj4WLRLty5s1E+Z3qKJIRweXU4OFPjXGbdjZu3ri4Ph4Pr9QcvhhCaGv3NfPpXP6hwcAiNXJ/DCv4aj8cH+q65agd3Qv3TeavKwVF+syucsNP43ZmZoMEfSgAAHElJ3tK6/lGyuZTua82HMP52Z/3/SikOFev/xx9euF8eq1z/92ub4ezrrV37tHfj5q3XVq8tXxlcGXz8+tn+G/1zF8+fv9jLnpX0PDEBAADgv+nkrVz/R/N71/9PleJQsf7/7Ov+F9ORfs226v+9pot+TWcCAABwvD3z0h+/t/bZ3+p0wufLa2vX+5Pt9uezk20DqR7YibyV6/94vumsAAAAgDqM1ls71v8vleJQcf3/ye+e/6F8zjiEcDJf/z+98snwUn3TmWl1/Dlx03MEAACgWSfzVl7/T7L3/6PtVx6iEMKrL0/i/N8AVqr/43e//L48Vlx6//9cfVOcSdHC5Hpk/UII7YUdX/6lscQAAAA4kubylhb7vyWbSx/9eOr9jvf/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOr2dwAAAP//t3xCfw==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r0, &(0x7f0000000180), 0x40010)

1.396640801s ago: executing program 6 (id=831):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f00000000c0)={0xa456, 0x10000, 0x6, 0x9e9e, 0xd3, "098204ffffffff00", 0xfffffffe, 0x6})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)

1.293759083s ago: executing program 3 (id=832):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x400)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f00000002c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r1, 0xc02064a4, &(0x7f00000007c0)={r2, 0x0, 0x0, 0x0, 0x0})

1.042810666s ago: executing program 6 (id=833):
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000200)='./file0\x00', 0xa00010, &(0x7f0000000840)=ANY=[@ANYBLOB='nodecompose,decompose,nobarrier,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6c733d69736f383835392d310000000072726965722c00bcd0f0b5c4e2957974ff5d7ea3c3dcee087e4983684e8a4c4e4e87b134e30ce77162b12885b964b3506ff3eae0f3599447b17861d19be78079e5dd7bdc7f1eb36e31ac14de48349767164f5f6431bbdeaef96a4f2bce64b5cfa76ce3a2c4302374bc5535d7e2eb8dfb2e5d58a37b7e37836597c21f51bcdf6df4cad825cfd9ef5ee9e89e04b15cd3cea9e152d67b9a7eedc5dfe6d85a3ce7c342da8cc969b552197cb8bcc4a1009f38f4a85b7c742101ba5bc03115feca2b994c699812"], 0x6, 0x635, &(0x7f0000000c80)="$eJzs3c1rHOcdB/DvrFZryQVHSezELYGKGNJSUVsvKK16iVtK0SGUkB56FrYcC6+VIClFCaWo79BTD/kD0oNuPRV6N6Tn9parjoFCLznppjKzs9LaWil6s1ZqPx/z7PM888w888xvZ2Zndi0mwP+t+Yk0n6TI/MTb62V9a3OmvbU5c6Vubicpy42k2clSLCfFZ8nddFK+Xk6s5y8OWs8nS3Pvfv7l1hedWrNO1fyNw5Y7mo06ZTzJUJ0/o/Wn4/Q33CmU/dzr398xFLtbWAbsVjdwMGg7+2wcZ/FTHrfARVB0Pjf3GUuuJhmprwNSnx0a5zu6s3essxwAAABcUi9sZzvruTbocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBlUj//v6hTo1seT9F9/n+rnpa6fKk9GfQAAAAAAAAAAOAMfHM721nPtW59p6h+83+9qlyvXr+WD7OaxazkdtazkLWsZSVTScZ6OmqtL6ytrUwdYcnpvktOn8/2AgAAAAAAAMD/qN9kfu/3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGKShOi86xaJO17vlsTSaSUaStMr5NpJ/dcuXRNFv4pPzHwcAAACcysgJlnlhO9tZz7Vufaeo7vlfqe6XR/JhlrOWpaylncXcr++hy7v+xtbmTHtrc+Zxmfb3+8P/HGsYVY+7X0P0W/PNao7RPMhSNeV27lWDuZ9GtWTpZnc8/cf163JMxVu1I47sfp2XK/vzQd8iDMRYFZHh3YhM1mMro/Hi4ZH4yneneeiaptLY/ebn+nOI+dU6L7fnDxcz5o1UkZju2fteOTwSybf+/tefP2wvP3r4YHXi4mzSCT27T8z0ROLVSx2J5jHnn6wicWO3Pp+f5GeZyHjeyUqW8ossZC2L2anbF+r9uXwdOzxSd5+qvfNVI2nV70vnLHqUMY3nx1VpIa9Xy17LUoq8n/tZzJvVv+lM5XuZzWzmet7hGweOu9q26qhvHO+ov/XtujCa5I91Pmidj9Qyri/2xLX3nDtWtfVO2YvSS2d/bmx+oy6U6/htnV8Mz0ZiqicSLx8eib9Ux8Zqe/nRysOFDw7of+OZ+ht1Xu5xv79QnxLl/vJSRuozydN7R9n28u5Z5ul4tepfXDptjX1tN6q2ougeqT898Eht1ddw+3uartpe7ds2U7Xd7Gl76nor76e9ez0EwAV29TtXW6P/Hv3n6Kejvxt9OPr2yI+ufP/Ka60M/2P4B83JoTcarxV/y6f51d79PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHKrH338aKHdXlzpX2gc3HS2haJ+kM95rEth0IXuQwRP3eHdC7E5l7owlKRfU/0WneThosClcGft8Qd3Vj/6+LtLjxfeW3xvcXl4dnZucm72zZk7D5bai5Od10GPEnge9j70+7cXF+oBmwAAAAAAAAAAAECO9vc2O/X//zvxXxoMehsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy21+Is0nKTI1eXuyrG9tzrTL1C3vzdlM0mgkxS+T4rPkbjopYz3dFW8dsJ5Plube/fzLrS/2+mpW85ed1vkpbNQp40mG6vys+rt36v6K3S0sA3arGzgYtP8GAAD//+IHAOM=")
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a00)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='freezer.parent_freezing\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x6]}})

979.674641ms ago: executing program 3 (id=834):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="a03700002d00010026bd7000fcdbdf250400000005000b00", @ANYRES32=r0, @ANYBLOB="81120c"], 0x37a0}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)

933.041825ms ago: executing program 2 (id=835):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x17, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xa7}, {}, {}, [@printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffffffff}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf475, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
r0 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0)

835.69537ms ago: executing program 5 (id=836):
r0 = fsopen(&(0x7f00000000c0)='nfsd\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x8b)
fsconfig$FSCONFIG_SET_PATH(r0, 0x3, &(0x7f0000000000)='ro\x00', &(0x7f0000000080)='./file0\x00', r1)

629.159061ms ago: executing program 6 (id=837):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x6, 0x8, 0x8, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000004d18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000180)="74fa40b249c0d585699ce70fac7b", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

620.389038ms ago: executing program 5 (id=838):
syz_mount_image$erofs(&(0x7f0000000280), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000200)=ANY=[@ANYRES16=0x0, @ANYBLOB="fcdf5883c81a6c1f703ca4d658f2464326cfe486a0970f633f6977"], 0x0, 0x1ca, &(0x7f00000008c0)="$eJzsmb+uEkEUxr+Z3QvcG2NiY2GjiTfxmlyW3UUNjQU+gQn4r5PIStAFDGwBJBbExsbH8BUsqCzs7Gy1UBMTCymt18xw2B35J8QQSTy/hNlvZs7MnDnAVwAYhvlv+frl5+dXt0rVUwBncIwsjX+30hhpxH/Kkfj4+l377PPx/H4CQBxvfr4N4G3ZQkT9OP599TE9q5CJvgOJq6TvQcAh/RASd0kHEHhA+omhO4ckwsB51Anrj5th4KrGU42vmuJ8fpORQB1AjvITxnxvMHxaC8OgOy8O4tk5C1Pbij/Uz56UJW4a9VPv1/2XL0aqP6uNa9TPg4RHugiBCukSsnAcJy2Jcf8Ldrq/tcn990Gcy6+LOd2DDFn8AyGMkUMl1Bc6GTk/Gb9fXPVtl4ld2u2VQZ69MPXh6O92zpAJLI1J/VNZ7hXDn2zYiX8UotazQm8wzDdbtUbQCNq+X7zhXnPd635BG9G0XeN/Oe1PR8b+BytiMyKDfi2Kul4fiLpe0venreG4lTedH3qN1P4ncXJ5uof6qOhrZ5efIegl9VOpE2tl8gzDMAzDMAzDMAzDMAzDMFtxEUL/Ckp/VMUr8G/r6F8BAAD///ckZMc=")
mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000240)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)

520.395385ms ago: executing program 3 (id=839):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000080), 0x0}, 0x20)

343.431946ms ago: executing program 6 (id=840):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000004c0)={0x38, r2, 0x101, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random="b3"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}], @NL80211_ATTR_BSS_BASIC_RATES={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x48081}, 0x4850)

245.897648ms ago: executing program 5 (id=841):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000007000)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x5b4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c, &(0x7f0000000400)=[{&(0x7f0000000040)="df756633", 0x4}], 0x1}}, {{&(0x7f0000000500)={0xa, 0x4e20, 0x3384, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xd}, 0x1c, &(0x7f0000000880)=[{&(0x7f0000000540)="b43c255171", 0x5}], 0x1}}], 0x2, 0x0)
shutdown(r0, 0x1)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)='\x00\x00@\x00\x00\x00\x00\x00', 0x8)

227.288149ms ago: executing program 3 (id=842):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x10}, 0x50)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r1, @ANYBLOB="01000000000000000000170000000c00060001000000010000000c01308014000400976f1044852bca665354bd217b6b9037200001800c0005000400000200000200080001000300000005000200030000000500020008000000240003"], 0x12c}, 0x1, 0x0, 0x0, 0x24004821}, 0x0)

103.66816ms ago: executing program 6 (id=843):
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[], &(0x7f0000000000)=""/140, 0x1a, 0x8c, 0x1}, 0x28)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', 0x0, 0x400, 0x0)

0s ago: executing program 3 (id=844):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000200)='source', &(0x7f00000002c0)='\\/\xe9\x838\x9d<\f\x91\a\xd4$\xae$\x91&6n @\xf4M\xba\xf2<\xd6A\xdb\xd7\xbeY@g\xcc\xca\n@\x06\xa3\xfe%\x02\x96\xb7b\xa7\x15R.\xa3`fd\xdc\x8b\x18rBl{\x82\xda\xbeA\x17\n\f\xcd=\'\x11\x1bZ\x8e\xa1\xc3j$v\xefw\x96/\xff\xa2\xfc\xe3\xb8\xc7\x0f\xaaQ\x98F*T\xd5\xcd4g+\xbd\xd1\xe0R\x9d\x18\x19a:\xa2\xdf\xbe\x8b\x89\x81', 0x0)

kernel console output (not intermixed with test programs):

5975] usb 6-1: Manufacturer: syz
[  100.166947][ T5975] usb 6-1: SerialNumber: syz
[  100.195101][ T6039] capability: warning: `syz.3.32' uses deprecated v2 capabilities in a way that may be insecure
[  100.210693][ T5975] usb 6-1: config 0 descriptor??
[  100.408604][ T6013] loop2: detected capacity change from 0 to 32768
[  100.695237][ T5828] usb 6-1: USB disconnect, device number 2
[  100.859068][ T6056] input: syz1 as /devices/virtual/input/input6
[  101.046545][ T6013] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,str_hash=crc64,noinodes_32bit,nocow
[  101.046574][ T6013]   allowing incompatible features above 0.0: (unknown version)
[  101.046589][ T6013]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  101.201297][ T6013] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  101.231106][ T6038] loop0: detected capacity change from 0 to 40427
[  101.266523][ T6013] bcachefs (loop2): initializing new filesystem
[  101.285182][ T6038] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  101.332564][ T6062] openvswitch: netlink: Message has 4 unknown bytes.
[  101.340733][ T6038] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  101.341987][ T6013] bcachefs (loop2): going read-write
[  101.391495][ T6064] netlink: 'syz.3.40': attribute type 11 has an invalid length.
[  101.449640][ T6035] loop1: detected capacity change from 0 to 32768
[  101.470043][ T6064] netlink: 149476 bytes leftover after parsing attributes in process `syz.3.40'.
[  101.503090][ T6013] bcachefs (loop2): marking superblocks
[  101.647283][ T6013] bcachefs (loop2): initializing freespace
[  101.693298][ T6013] bcachefs (loop2): done initializing freespace
[  101.736990][ T6013] bcachefs (loop2): reading snapshots table
[  101.760202][ T6013] bcachefs (loop2): reading snapshots done
[  101.894526][ T6038] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  101.922969][ T6063] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  101.942513][ T6038] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  101.963154][ T6013] bcachefs (loop2):  loop2: Superblock write was silently dropped! (seq 0 expected 42)
[  102.072713][ T6013] bcachefs (loop2): done starting filesystem
[  102.172322][ T6013] syz.2.20 (6013) used greatest stack depth: 16680 bytes left
[  102.187485][ T6082] netlink: 'syz.3.46': attribute type 1 has an invalid length.
[  102.218615][ T5839] bcachefs (loop2): shutting down
[  102.219132][ T6082] netlink: 172 bytes leftover after parsing attributes in process `syz.3.46'.
[  102.224566][ T5839] bcachefs (loop2): going read-only
[  102.239486][ T5839] bcachefs (loop2): finished waiting for writes to stop
[  102.269022][ T5839] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3
[  102.398109][ T5839] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  102.510118][ T5839] bcachefs (loop2): clean shutdown complete, journal seq 4
[  102.554920][ T5839] bcachefs (loop2): marking filesystem clean
[  102.671224][ T6077] loop5: detected capacity change from 0 to 32768
[  102.767680][ T5839] bcachefs (loop2): shutdown complete
[  103.690363][ T6097] Driver unsupported XDP return value 0 on prog  (id 10) dev N/A, expect packet loss!
[  104.014761][ T6091] loop4: detected capacity change from 0 to 131072
[  104.230099][ T6091] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  104.651642][ T6111] netlink: 28 bytes leftover after parsing attributes in process `syz.0.59'.
[  104.731920][ T6093] loop1: detected capacity change from 0 to 32768
[  104.832009][ T6093] =======================================================
[  104.832009][ T6093] WARNING: The mand mount option has been deprecated and
[  104.832009][ T6093]          and is ignored by this kernel. Remove the mand
[  104.832009][ T6093]          option from the mount to silence this warning.
[  104.832009][ T6093] =======================================================
[  104.999889][ T6093] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  105.001934][ T6095] loop3: detected capacity change from 0 to 32768
[  105.122929][ T6123] loop0: detected capacity change from 0 to 2048
[  105.162567][ T6095] XFS (loop3): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  105.212968][ T6123] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  105.556620][ T5825] ocfs2: Unmounting device (7,1) on (node local)
[  105.594379][ T6095] XFS (loop3): Ending clean mount
[  105.780420][ T6135] input: syz1 as /devices/virtual/input/input7
[  105.918704][ T5838] XFS (loop3): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  106.432006][ T6145] loop1: detected capacity change from 0 to 2048
[  106.467306][ T6145] EXT4-fs: inline encryption not supported
[  106.525387][ T6145] EXT4-fs: Ignoring removed i_version option
[  106.639605][ T6145] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.731391][ T6145] EXT4-fs (loop1): shut down requested (2)
[  106.858244][ T5825] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.820318][ T6165] loop0: detected capacity change from 0 to 2048
[  108.178259][ T6171] loop2: detected capacity change from 0 to 2048
[  108.183208][ T6174] loop3: detected capacity change from 0 to 512
[  108.220964][ T6174] EXT4-fs: Ignoring removed i_version option
[  108.252690][ T6178] veth0: entered promiscuous mode
[  108.258102][ T6174] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  108.286083][ T6178] veth0: left promiscuous mode
[  108.288908][ T6171] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.346559][ T6174] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e12c, mo2=0002]
[  108.462542][ T6174] System zones: 1-12
[  108.473849][ T6174] EXT4-fs (loop3): orphan cleanup on readonly fs
[  108.520331][ T6174] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.78: invalid indirect mapped block 12 (level 1)
[  108.553398][ T6171] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  108.602660][ T6174] EXT4-fs (loop3): Remounting filesystem read-only
[  108.609958][ T6174] EXT4-fs (loop3): 1 truncate cleaned up
[  108.633437][ T6171] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 17 with error 28
[  108.675421][ T6174] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  108.702550][ T6171] EXT4-fs (loop2): This should not happen!! Data will be lost
[  108.702550][ T6171] 
[  108.720234][ T6171] EXT4-fs (loop2): Total free blocks count 0
[  108.726731][ T6171] EXT4-fs (loop2): Free/Dirty block details
[  108.727676][ T6158] loop4: detected capacity change from 0 to 40427
[  108.767707][ T6171] EXT4-fs (loop2): free_blocks=2415919104
[  108.781013][ T6171] EXT4-fs (loop2): dirty_blocks=32
[  108.801550][ T6158] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  108.823502][ T6171] EXT4-fs (loop2): Block reservation details
[  108.835741][ T6186] loop5: detected capacity change from 0 to 4096
[  108.844006][ T6158] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  108.872305][ T6171] EXT4-fs (loop2): i_reserved_data_blocks=2
[  108.892307][ T6158] F2FS-fs (loop4): invalid crc value
[  108.935692][ T6186] NILFS (loop5): invalid segment: Checksum error in segment payload
[  108.951139][ T6184] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  108.980768][ T6186] NILFS (loop5): trying rollback from an earlier position
[  109.032986][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  109.116818][ T6186] NILFS (loop5): recovery complete
[  109.308016][ T6158] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  109.326411][ T6158] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  109.348690][ T6198] netlink: 8 bytes leftover after parsing attributes in process `syz.3.86'.
[  109.417171][ T6198] netlink: 8 bytes leftover after parsing attributes in process `syz.3.86'.
[  109.535066][ T6202] loop5: detected capacity change from 0 to 1024
[  109.607450][ T6202] EXT4-fs: Ignoring removed oldalloc option
[  109.644908][ T6202] EXT4-fs: Ignoring removed orlov option
[  109.725191][ T6202] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  109.846607][ T6202] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.945702][ T6202] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.89: Allocating blocks 481-513 which overlap fs metadata
[  110.006192][ T6190] loop1: detected capacity change from 0 to 32768
[  110.101601][ T6190] find_entry called with index = 0
[  110.133181][ T6190] find_entry called with index = 0
[  110.140550][ T6216] find_entry called with index = 0
[  110.166725][ T6216] find_entry called with index = 0
[  110.191642][ T5827] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.415590][ T6220] loop3: detected capacity change from 0 to 128
[  110.554069][ T5907] IPVS: starting estimator thread 0...
[  110.610857][ T6224] ref_ctr_offset mismatch. inode: 0x80 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x4
[  110.682353][ T6225] IPVS: using max 25 ests per chain, 60000 per kthread
[  111.409680][ T6233] loop0: detected capacity change from 0 to 8192
[  111.548478][ T6247] af_packet: tpacket_rcv: packet too big, clamped from 122 to 4294967286. macoff=82
[  111.558660][ T6247] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xf
[  112.050870][ T6258] warning: `syz.2.114' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  112.518429][ T6249] loop1: detected capacity change from 0 to 32768
[  112.741100][ T6268] loop4: detected capacity change from 0 to 4096
[  112.845638][ T5825] read_mapping_page failed!
[  112.901281][ T6268] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.922328][ T5825] ERROR: (device loop1): txCommit: 
[  112.922328][ T5825] 
[  112.951774][ T6276] loop0: detected capacity change from 0 to 128
[  112.987027][ T5825] read_mapping_page failed!
[  112.996075][ T6276] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  113.031163][ T5825] ERROR: (device loop1): txCommit: 
[  113.031163][ T5825] 
[  113.062884][ T6276] ext4 filesystem being mounted at /26/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  113.098807][ T6268] fs-verity: sha512 using implementation "sha512-avx2"
[  113.153386][ T6268] fs-verity (loop4, inode 16): Unsupported log_blocksize: 13
[  113.225610][ T6253] loop5: detected capacity change from 0 to 32768
[  113.283237][ T6253] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.111 (6253)
[  113.387404][ T5835] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  113.399433][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.441058][ T6253] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  113.503684][ T6253] BTRFS info (device loop5): using sha256 (sha256-x86_64) checksum algorithm
[  113.561802][ T6253] BTRFS info (device loop5): using free-space-tree
[  113.777079][ T6292] loop4: detected capacity change from 0 to 512
[  113.923369][ T6253] BTRFS info (device loop5): rebuilding free space tree
[  113.930665][ T6292] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  114.028661][ T6292] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  114.061783][ T1096] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.083183][ T6292] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  114.130568][ T6292] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  114.252370][ T6292] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  114.260512][ T6292] System zones: 0-2, 18-18, 34-35
[  114.293787][ T6272] loop2: detected capacity change from 0 to 32768
[  114.345418][ T6292] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.408664][ T1096] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.590542][ T5836] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz-executor: path /18/file0: bad entry in directory: inode out of bounds - offset=24, inode=134217739, rec_len=20, size=2048 fake=0
[  114.793859][ T5827] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  114.813772][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.865495][ T1096] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.924391][ T6312] loop2: detected capacity change from 0 to 128
[  114.956564][ T6310] loop0: detected capacity change from 0 to 1024
[  114.994805][ T6312] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  115.069592][ T6310] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.080049][ T6312] ext4 filesystem being mounted at /13/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  115.453944][ T5835] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.483636][ T5839] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  115.574546][ T1096] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.167616][ T5145] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  116.183449][ T5145] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  116.191757][ T1096] bridge_slave_1: left allmulticast mode
[  116.199229][ T5145] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  116.211930][ T5145] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  116.225045][ T5145] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  116.264405][ T1096] bridge_slave_1: left promiscuous mode
[  116.271303][ T1096] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.335799][ T6319] loop5: detected capacity change from 0 to 32768
[  116.423966][  T110] ERROR: (device loop5): diUpdatePMap: the inode is not allocated in the working map
[  116.423966][  T110] 
[  116.433493][ T1096] bridge_slave_0: left allmulticast mode
[  116.452704][ T1096] bridge_slave_0: left promiscuous mode
[  116.482286][  T110] ERROR: (device loop5): remounting filesystem as read-only
[  116.493143][ T1096] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.595260][ T6358] netlink: 165 bytes leftover after parsing attributes in process `syz.0.150'.
[  117.701165][ T6363] loop3: detected capacity change from 0 to 512
[  117.801477][ T6363] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.151: casefold flag without casefold feature
[  117.854554][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  117.877096][ T6363] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.151: couldn't read orphan inode 15 (err -117)
[  117.890767][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  117.910768][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  117.931720][ T6363] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.946874][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  117.962313][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  118.166736][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.273151][ T5145] Bluetooth: hci0: command tx timeout
[  118.323949][ T1096] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  118.352117][ T1096] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.375933][ T1096] bond0 (unregistering): Released all slaves
[  118.421570][ T6336] netlink: 36 bytes leftover after parsing attributes in process `syz.2.142'.
[  118.815968][ T6388] netlink: 24 bytes leftover after parsing attributes in process `syz.2.158'.
[  118.888897][ T6391] loop3: detected capacity change from 0 to 1764
[  118.987003][ T6391] iso9660: Corrupted directory entry in block 2 of inode 1920
[  119.018964][ T6395] loop5: detected capacity change from 0 to 1024
[  119.379216][ T5195] udevd[5195]: worker [6014] terminated by signal 33 (Unknown signal 33)
[  119.421715][   T12] hfsplus: b-tree write err: -5, ino 8
[  119.437393][ T5195] udevd[5195]: worker [6014] failed while handling '/devices/virtual/block/loop5'
[  119.646455][ T6403] netlink: 28 bytes leftover after parsing attributes in process `syz.2.166'.
[  119.670127][ T6403] netlink: 28 bytes leftover after parsing attributes in process `syz.2.166'.
[  119.751341][ T6393] loop0: detected capacity change from 0 to 32768
[  119.766274][ T6393] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.161 (6393)
[  119.806932][ T6403] erspan0: entered promiscuous mode
[  119.813622][ T6403] gretap0: entered promiscuous mode
[  119.883808][ T6393] BTRFS info (device loop0): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  119.973467][ T6393] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  120.008046][ T1096] hsr_slave_0: left promiscuous mode
[  120.018377][ T6393] BTRFS info (device loop0): using free-space-tree
[  120.028495][ T1096] hsr_slave_1: left promiscuous mode
[  120.042478][ T5145] Bluetooth: hci3: command tx timeout
[  120.051867][ T1096] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  120.069612][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_0
[  120.094414][ T1096] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  120.112143][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_1
[  120.132995][ T6416] loop2: detected capacity change from 0 to 128
[  120.227929][ T6416] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  120.244894][ T1096] veth1_macvtap: left promiscuous mode
[  120.250672][ T1096] veth0_macvtap: left promiscuous mode
[  120.285554][ T6416] ext4 filesystem being mounted at /19/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  120.295224][ T1096] veth1_vlan: left promiscuous mode
[  120.317307][    C1] vkms_vblank_simulate: vblank timer overrun
[  120.372905][ T5145] Bluetooth: hci0: command tx timeout
[  120.378762][ T1096] veth0_vlan: left promiscuous mode
[  120.545025][ T6398] loop3: detected capacity change from 0 to 32768
[  120.570066][ T5839] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  120.610623][ T6398] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.163 (6398)
[  120.671403][ T6398] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  120.671499][ T6398] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  120.671531][ T6398] BTRFS info (device loop3): using free-space-tree
[  120.688050][ T5835] BTRFS info (device loop0): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  120.932103][ T6398] BTRFS info (device loop3): rebuilding free space tree
[  121.309164][ T6455] input: syz0 as /devices/virtual/input/input8
[  121.467795][ T5838] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  122.112372][ T5145] Bluetooth: hci3: command tx timeout
[  122.433300][ T5145] Bluetooth: hci0: command tx timeout
[  122.709529][ T1096] team0 (unregistering): Port device team_slave_1 removed
[  122.754855][ T1096] team0 (unregistering): Port device team_slave_0 removed
[  122.855307][ T6478] loop3: detected capacity change from 0 to 32768
[  123.451792][ T6465] netlink: 'syz.5.177': attribute type 4 has an invalid length.
[  123.505235][ T6480] ip6gretap0: entered promiscuous mode
[  123.523341][ T6480] macsec1: entered allmulticast mode
[  123.528777][ T6480] ip6gretap0: entered allmulticast mode
[  123.548561][ T6478] find_entry called with index = 0
[  123.555743][ T6478] find_entry called with index = 0
[  123.561415][ T6480] ip6gretap0: left allmulticast mode
[  123.567340][ T6478] find_entry called with index = 0
[  123.573458][ T6478] find_entry called with index = 0
[  123.578586][ T6478] find_entry called with index = 0
[  123.588327][ T6480] ip6gretap0: left promiscuous mode
[  123.921719][ T6493] netlink: 40 bytes leftover after parsing attributes in process `syz.0.188'.
[  124.030988][ T6326] chnl_net:caif_netlink_parms(): no params data found
[  124.062359][   T10] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  124.194453][ T5145] Bluetooth: hci3: command tx timeout
[  124.263819][   T10] usb 6-1: Using ep0 maxpacket: 8
[  124.285666][   T10] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  124.301161][   T10] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  124.327231][   T10] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  124.329164][ T6367] chnl_net:caif_netlink_parms(): no params data found
[  124.340294][   T10] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  124.359858][   T10] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  124.369044][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.513342][ T5145] Bluetooth: hci0: command tx timeout
[  124.563112][ T6507] loop0: detected capacity change from 0 to 4096
[  124.642577][   T10] usb 6-1: usb_control_msg returned -71
[  124.648307][   T10] usbtmc 6-1:16.0: can't read capabilities
[  124.710380][ T6511] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  124.751130][   T10] usb 6-1: USB disconnect, device number 3
[  124.926859][ T6326] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.959626][ T6326] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.965888][ T6516] netlink: 8 bytes leftover after parsing attributes in process `syz.2.197'.
[  124.972053][ T6326] bridge_slave_0: entered allmulticast mode
[  124.987093][ T6326] bridge_slave_0: entered promiscuous mode
[  124.999026][ T6516] netlink: 12 bytes leftover after parsing attributes in process `syz.2.197'.
[  125.019828][ T6326] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.029243][ T6326] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.037242][ T6326] bridge_slave_1: entered allmulticast mode
[  125.045581][ T6326] bridge_slave_1: entered promiscuous mode
[  125.382014][ T6326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  125.426997][ T6326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  125.465732][ T6367] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.477870][ T6367] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.499356][ T6367] bridge_slave_0: entered allmulticast mode
[  125.544997][ T6367] bridge_slave_0: entered promiscuous mode
[  125.568048][ T6367] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.603433][ T6367] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.626225][ T6367] bridge_slave_1: entered allmulticast mode
[  125.659582][ T6367] bridge_slave_1: entered promiscuous mode
[  125.694082][ T6531] loop0: detected capacity change from 0 to 4096
[  125.983697][ T6539] loop2: detected capacity change from 0 to 16
[  125.999517][ T6367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  126.019973][ T6539] erofs (device loop2): mounted with root inode @ nid 36.
[  126.033804][ T6541] process 'syz.5.207' launched './file0' with NULL argv: empty string added
[  126.088517][   T30] audit: type=1800 audit(1751336671.473:4): pid=6539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.208" name="file1" dev="loop2" ino=86 res=0 errno=0
[  126.272269][ T5145] Bluetooth: hci3: command tx timeout
[  126.319762][ T1096] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.350153][ T6545] netlink: 8 bytes leftover after parsing attributes in process `syz.5.211'.
[  126.419939][ T6367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  126.569025][ T6326] team0: Port device team_slave_0 added
[  126.606888][ T6326] team0: Port device team_slave_1 added
[  126.734114][ T1096] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.975729][ T6367] team0: Port device team_slave_0 added
[  127.317692][ T1096] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.447169][ T6537] loop3: detected capacity change from 0 to 32768
[  127.463326][ T6367] team0: Port device team_slave_1 added
[  127.496706][ T6547] loop2: detected capacity change from 0 to 131072
[  127.548639][ T6537] XFS (loop3): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  127.594438][ T6326] batman_adv: batadv0: Adding interface: batadv_slave_0
[  127.650859][ T6326] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.712475][ T6547] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  127.786403][ T6326] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  127.811870][ T6549] loop0: detected capacity change from 0 to 32768
[  127.817795][ T6326] batman_adv: batadv0: Adding interface: batadv_slave_1
[  127.846400][ T6537] XFS (loop3): Starting recovery (logdev: internal)
[  127.867317][ T6326] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.895630][ T6549] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.212 (6549)
[  127.924318][ T6326] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  127.965243][ T6549] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  127.998363][ T6537] XFS (loop3): Ending recovery (logdev: internal)
[  128.007825][ T6549] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  128.019002][ T1096] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.046070][ T6549] BTRFS info (device loop0): using free-space-tree
[  128.114787][   T30] audit: type=1800 audit(1751336673.503:5): pid=6537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.206" name="file2" dev="loop3" ino=7431 res=0 errno=0
[  128.168229][ T6367] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.190763][ T6367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.225182][ T6367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.238786][ T6367] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.245860][ T6367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.317423][ T6367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  128.414366][ T5838] XFS (loop3): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  128.594072][ T6326] hsr_slave_0: entered promiscuous mode
[  128.640075][ T6326] hsr_slave_1: entered promiscuous mode
[  128.739378][ T5835] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  129.097193][ T6367] hsr_slave_0: entered promiscuous mode
[  129.125867][ T6367] hsr_slave_1: entered promiscuous mode
[  129.153425][ T6367] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  129.187164][ T6367] Cannot create hsr debugfs directory
[  129.508588][ T6590] vlan2: entered allmulticast mode
[  129.513877][ T6590] veth1: entered allmulticast mode
[  129.711666][ T6584] loop5: detected capacity change from 0 to 32768
[  129.794337][ T6584] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  130.023752][ T1096] bridge_slave_1: left allmulticast mode
[  130.032990][ T1096] bridge_slave_1: left promiscuous mode
[  130.041473][ T1096] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.074894][ T1096] bridge_slave_0: left allmulticast mode
[  130.080616][ T1096] bridge_slave_0: left promiscuous mode
[  130.097215][ T1096] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.145572][ T6584] XFS (loop5): Ending clean mount
[  130.195737][ T6584] XFS (loop5): Quotacheck needed: Please wait.
[  130.289628][ T6584] XFS (loop5): Quotacheck: Done.
[  130.535185][ T5827] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  130.594779][ T6611] loop0: detected capacity change from 0 to 512
[  130.628393][ T6611] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.224: casefold flag without casefold feature
[  130.657816][ T6611] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.224: couldn't read orphan inode 15 (err -117)
[  130.740377][ T6611] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.928701][ T5835] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.303306][ T1096] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  131.333089][ T1096] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  131.349838][ T1096] bond0 (unregistering): Released all slaves
[  131.589100][ T6624] loop3: detected capacity change from 0 to 128
[  131.915950][ T6624] EXT4-fs (loop3): Test dummy encryption mode enabled
[  131.931508][ T6621] loop5: detected capacity change from 0 to 32768
[  131.981265][ T6624] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  132.033895][ T6624] ext4 filesystem being mounted at /48/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  132.065807][ T6624] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2"
[  132.082761][ T6621] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  132.101307][ T6643] pim6reg0: tun_chr_ioctl cmd 1074812118
[  132.122194][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  132.129841][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  132.207808][ T6621] XFS (loop5): Ending clean mount
[  132.344168][ T5838] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  132.429445][ T5827] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  132.667019][ T1096] hsr_slave_0: left promiscuous mode
[  132.707593][ T1096] hsr_slave_1: left promiscuous mode
[  132.753488][ T1096] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  132.774004][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_0
[  132.817911][ T1096] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.835636][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_1
[  132.895223][ T1096] veth1_macvtap: left promiscuous mode
[  132.908200][ T1096] veth0_macvtap: left promiscuous mode
[  132.919844][ T1096] veth1_vlan: left promiscuous mode
[  132.938485][ T1096] veth0_vlan: left promiscuous mode
[  132.993109][ T5816] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  133.153069][ T5816] usb 4-1: Using ep0 maxpacket: 16
[  133.162549][ T5816] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  133.181909][ T5816] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  133.192025][ T5816] usb 4-1: Product: syz
[  133.207115][ T5816] usb 4-1: Manufacturer: syz
[  133.214170][ T5816] usb 4-1: SerialNumber: syz
[  133.228706][ T5816] usb 4-1: config 0 descriptor??
[  133.491297][ T5816] usb 4-1: USB disconnect, device number 2
[  133.656040][ T6667] netlink: 12 bytes leftover after parsing attributes in process `syz.0.242'.
[  133.758472][ T6661] loop5: detected capacity change from 0 to 32768
[  133.813387][ T6661] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  133.988543][ T6661] XFS (loop5): Ending clean mount
[  133.998613][ T6661] XFS (loop5): Quotacheck needed: Please wait.
[  134.087103][ T6661] XFS (loop5): Quotacheck: Done.
[  134.162744][ T1096] team0 (unregistering): Port device team_slave_1 removed
[  134.187025][ T5827] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  134.221656][ T6679] loop3: detected capacity change from 0 to 2048
[  134.238499][ T1096] team0 (unregistering): Port device team_slave_0 removed
[  134.308023][ T6679] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.496868][ T6679] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  134.594415][ T6683] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  134.656489][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.307905][ T6694] loop3: detected capacity change from 0 to 4096
[  135.336109][ T6367] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  135.410656][ T6367] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  135.423270][ T6694] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  135.512422][ T6694] ntfs3(loop3): Failed to initialize $Extend/$ObjId.
[  135.714568][ T6694] ntfs3(loop3): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" attr_set_size
[  135.884131][ T6702] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  135.950555][ T6367] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  136.294576][ T6367] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  136.297349][ T6709] loop5: detected capacity change from 0 to 512
[  136.325694][ T6709] EXT4-fs (loop5): Test dummy encryption mode enabled
[  136.350264][ T6709] EXT4-fs (loop5): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.388765][ T6709] EXT4-fs error (device loop5): ext4_add_entry:2417: inode #2: comm syz.5.257: Directory hole found for htree leaf block 0
[  136.421697][ T6709] EXT4-fs (loop5): Remounting filesystem read-only
[  136.703399][ T5827] EXT4-fs (loop5): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  136.871968][ T6326] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  136.964739][ T6731] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  136.996043][ T6326] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  137.085422][ T6326] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  137.148845][ T6326] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  137.216446][ T6736] loop5: detected capacity change from 0 to 256
[  137.326116][ T6736] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  137.465081][ T6367] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.644935][ T6367] 8021q: adding VLAN 0 to HW filter on device team0
[  137.694905][ T6752] Zero length message leads to an empty skb
[  137.704567][  T993] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.711736][  T993] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.819151][  T993] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.826472][  T993] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.947193][ T6326] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.085257][ T6326] 8021q: adding VLAN 0 to HW filter on device team0
[  138.144086][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.151326][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.188254][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.195495][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.294687][ T6367] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  138.481099][ T6326] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  138.832556][ T5914] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  138.993197][ T5914] usb 4-1: Using ep0 maxpacket: 32
[  139.010668][ T5914] usb 4-1: config 0 has an invalid interface number: 12 but max is 0
[  139.038025][ T5914] usb 4-1: config 0 has no interface number 0
[  139.073872][ T5914] usb 4-1: config 0 interface 12 has no altsetting 0
[  139.115317][ T5914] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  139.158862][ T5914] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.190612][ T5914] usb 4-1: Product: syz
[  139.215384][ T5914] usb 4-1: Manufacturer: syz
[  139.223170][ T6367] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.255544][ T5914] usb 4-1: SerialNumber: syz
[  139.332849][ T5914] usb 4-1: config 0 descriptor??
[  139.378556][ T6326] 8021q: adding VLAN 0 to HW filter on device batadv0
[  140.147681][ T6789] loop0: detected capacity change from 0 to 32768
[  140.177962][ T5914] f81534 4-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71
[  140.187077][ T5914] f81534 4-1:0.12: f81534_find_config_idx: read failed: -71
[  140.228055][ T5914] f81534 4-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  140.253702][ T5914] f81534 4-1:0.12: probe with driver f81534 failed with error -71
[  140.292537][ T6789] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  140.297082][ T5914] usb 4-1: USB disconnect, device number 3
[  140.367993][ T6367] veth0_vlan: entered promiscuous mode
[  140.417287][ T6789] XFS (loop0): Ending clean mount
[  140.481287][ T6367] veth1_vlan: entered promiscuous mode
[  140.642040][ T6367] veth0_macvtap: entered promiscuous mode
[  140.652515][ T5835] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  140.722732][ T6367] veth1_macvtap: entered promiscuous mode
[  140.780011][ T6326] veth0_vlan: entered promiscuous mode
[  140.829046][ T6326] veth1_vlan: entered promiscuous mode
[  140.838093][ T6830] loop5: detected capacity change from 0 to 2048
[  140.851389][ T6367] batman_adv: batadv0: Interface activated: batadv_slave_0
[  140.876124][ T6830] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  140.937020][ T6367] batman_adv: batadv0: Interface activated: batadv_slave_1
[  141.004474][ T6367] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.020594][ T6367] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.066133][ T6367] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  141.090987][ T6367] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  141.141957][ T6834] netlink: 27 bytes leftover after parsing attributes in process `syz.3.293'.
[  141.320415][ T6326] veth0_macvtap: entered promiscuous mode
[  141.434827][ T6836] loop5: detected capacity change from 0 to 8
[  141.458807][ T6326] veth1_macvtap: entered promiscuous mode
[  141.501286][ T6836] SQUASHFS error: zlib decompression failed, data probably corrupt
[  141.571579][ T6836] SQUASHFS error: Failed to read block 0x9b: -5
[  141.587398][ T6326] batman_adv: batadv0: Interface activated: batadv_slave_0
[  141.604635][ T6836] SQUASHFS error: Unable to read metadata cache entry [99]
[  141.622607][ T6836] SQUASHFS error: Unable to read inode 0x127
[  141.640989][ T6811] loop2: detected capacity change from 0 to 32768
[  141.676317][ T6326] batman_adv: batadv0: Interface activated: batadv_slave_1
[  141.754643][ T6811] 
[  141.754643][ T6811]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  141.754643][ T6811] 
[  141.791993][  T993] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  141.796093][ T6326] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.854333][  T993] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  141.862886][ T6326] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.871599][ T6326] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  141.903553][ T6326] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  141.924288][ T6811] 
[  141.924288][ T6811]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  141.924288][ T6811] 
[  141.940064][ T6844] loop0: detected capacity change from 0 to 128
[  142.018076][ T6811] 
[  142.018076][ T6811]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.018076][ T6811] 
[  142.099071][ T6811] 
[  142.099071][ T6811]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.099071][ T6811] 
[  142.176346][ T6811] 
[  142.176346][ T6811]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.176346][ T6811] 
[  142.195354][ T6811] 
[  142.195354][ T6811]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.195354][ T6811] 
[  142.206778][   T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  142.233202][ T6847] 
[  142.233202][ T6847]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.233202][ T6847] 
[  142.262378][ T6847] 
[  142.262378][ T6847]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.262378][ T6847] 
[  142.262663][   T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  142.276388][ T6847] 
[  142.276388][ T6847]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.276388][ T6847] 
[  142.296755][ T6847] 
[  142.296755][ T6847]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.296755][ T6847] 
[  142.377940][ T6847] 
[  142.377940][ T6847]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.377940][ T6847] 
[  142.403939][ T6847] 
[  142.403939][ T6847]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.403939][ T6847] 
[  142.442542][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  142.459757][  T111] 
[  142.459757][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.459757][  T111] 
[  142.484299][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  142.506600][ T6851] loop5: detected capacity change from 0 to 4096
[  142.583177][ T6851] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  142.612698][ T5828] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  142.660044][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  142.668015][ T6851] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 4096)
[  142.707746][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  142.748341][  T993] 
[  142.748341][  T993]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.748341][  T993] 
[  142.798305][ T6385] udevd[6385]: incorrect nilfs2 checksum on /dev/loop5
[  142.802802][ T5828] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  142.819453][  T993] 
[  142.819453][  T993]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.819453][  T993] 
[  142.831589][ T5828] usb 4-1: config 0 has no interface number 0
[  142.838957][ T6860] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  142.864088][ T5839] 
[  142.864088][ T5839]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.864088][ T5839] 
[  142.897682][ T5828] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  142.923561][  T111] 
[  142.923561][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.923561][  T111] 
[  142.927211][ T5828] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.989760][ T5839] 
[  142.989760][ T5839]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  142.989760][ T5839] 
[  143.052112][ T5828] usb 4-1: Product: syz
[  143.056919][ T5828] usb 4-1: Manufacturer: syz
[  143.061612][ T5828] usb 4-1: SerialNumber: syz
[  143.134847][ T5828] usb 4-1: config 0 descriptor??
[  143.253293][ T6867] netlink: 'syz.7.307': attribute type 7 has an invalid length.
[  143.328578][ T6866] loop6: detected capacity change from 0 to 4096
[  143.335302][ T6863] loop0: detected capacity change from 0 to 4096
[  143.356996][ T5828] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  143.403661][ T6866] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  143.428823][ T5828] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  143.457752][ T5828] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  143.478023][ T6863] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.491875][ T6866] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 4096)
[  143.522346][ T5828] usb 4-1: media controller created
[  143.631289][ T6874] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  143.651140][ T5828] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  143.653565][ T6873] loop5: detected capacity change from 0 to 256
[  143.668674][ T5914] kernel write not supported for file /snd/seq (pid: 5914 comm: kworker/1:5)
[  143.678696][ T6873] exfat: Deprecated parameter 'utf8'
[  143.764898][ T6873] exfat: Deprecated parameter 'utf8'
[  143.808405][ T6873] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  143.992835][ T5835] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.619958][    C1] raw-gadget.0 gadget.3: ignoring, device is not running
[  144.650416][ T5828] i2c i2c-1: ec100: i2c rd failed=-32 reg=33
[  144.838747][ T5816] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  144.888794][ T5828] usb 4-1: USB disconnect, device number 4
[  144.895785][ T6899] loop7: detected capacity change from 0 to 1024
[  144.906047][ T5816] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  145.028116][ T6904] loop6: detected capacity change from 0 to 256
[  145.121389][ T6904] exFAT-fs (loop6): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[  145.425105][ T6909] fido_id[6909]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  146.243754][ T5907] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  146.423321][ T5907] usb 7-1: Using ep0 maxpacket: 32
[  146.446448][ T5907] usb 7-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  146.466611][ T5907] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.514942][ T5907] usb 7-1: config 0 descriptor??
[  146.749097][ T5907] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  146.784563][ T5907] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  146.806035][ T5907] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  146.841943][ T5907] usb 7-1: media controller created
[  146.956244][ T5907] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  147.034374][ T6938] loop7: detected capacity change from 0 to 32768
[  147.054950][ T6938] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.337 (6938)
[  147.190620][ T5907] az6027: usb out operation failed. (-71)
[  147.230056][ T5907] az6027: usb out operation failed. (-71)
[  147.279805][ T5907] stb0899_attach: Driver disabled by Kconfig
[  147.310033][ T5907] az6027: no front-end attached
[  147.310033][ T5907] 
[  147.310767][ T6938] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  147.343200][ T5907] az6027: usb out operation failed. (-71)
[  147.392608][ T6938] BTRFS info (device loop7): using crc32c (crc32c-x86_64) checksum algorithm
[  147.393048][ T5907] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  147.434855][ T6938] BTRFS info (device loop7): using free-space-tree
[  147.499486][ T5907] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.6/usb7/7-1/input/input9
[  147.694384][ T5907] dvb-usb: schedule remote query interval to 400 msecs.
[  147.782548][ T5907] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  147.876915][ T5907] usb 7-1: USB disconnect, device number 2
[  147.937630][ T6966] loop5: detected capacity change from 0 to 4096
[  148.096430][ T6938] BTRFS error (device loop7): balance: invalid convert data profile single
[  148.264338][ T5907] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  148.272426][ T6966] ntfs3(loop5): ino=5, "/" ntfs_readdir
[  148.318852][ T6966] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  148.393424][ T6367] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  148.692353][ T5907] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  148.882441][ T5907] usb 7-1: Using ep0 maxpacket: 32
[  148.923474][ T5907] usb 7-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  148.960087][ T7001] loop2: detected capacity change from 0 to 2048
[  148.972346][ T5907] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.987371][ T6962] loop0: detected capacity change from 0 to 32768
[  149.030481][ T5907] usb 7-1: config 0 descriptor??
[  149.080303][ T7001] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  149.131295][ T7004] netlink: 'syz.3.359': attribute type 10 has an invalid length.
[  149.202407][ T7004] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.211484][ T7004] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.229237][ T7004] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.236659][ T7004] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.246056][ T7004] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.253379][ T7004] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.266948][ T7004] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  149.291331][ T5907] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  149.381905][ T5907] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  149.414825][ T5907] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  149.422046][ T5907] usb 7-1: media controller created
[  149.449945][ T5907] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  149.484761][ T6962] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  149.484793][ T6962]   allowing incompatible features above 0.0: (unknown version)
[  149.484807][ T6962]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  149.545780][ T5907] az6027: usb out operation failed. (-71)
[  149.550582][ T5907] az6027: usb out operation failed. (-71)
[  149.550600][ T5907] stb0899_attach: Driver disabled by Kconfig
[  149.550613][ T5907] az6027: no front-end attached
[  149.550613][ T5907] 
[  149.560660][ T5907] az6027: usb out operation failed. (-71)
[  149.560682][ T5907] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  149.565911][ T5907] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.6/usb7/7-1/input/input10
[  149.569808][ T5907] dvb-usb: schedule remote query interval to 400 msecs.
[  149.569828][ T5907] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  149.573439][ T5907] usb 7-1: USB disconnect, device number 3
[  149.867432][ T7021] loop2: detected capacity change from 0 to 256
[  149.986424][ T7021] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  150.020787][ T6962] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  150.057432][ T5907] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  150.083173][ T6962] bcachefs (loop0): initializing new filesystem
[  150.173024][ T6962] bcachefs (loop0): going read-write
[  150.306489][ T6962] bcachefs (loop0): marking superblocks
[  150.455633][ T6962] bcachefs (loop0): initializing freespace
[  150.529821][ T6962] bcachefs (loop0): done initializing freespace
[  150.546979][ T6962] bcachefs (loop0): reading snapshots table
[  150.576375][ T7040] loop2: detected capacity change from 0 to 8
[  150.630532][ T6962] bcachefs (loop0): reading snapshots done
[  150.779085][ T6962] bcachefs (loop0): done starting filesystem
[  151.033240][ T6962] syz.0.346 (6962) used greatest stack depth: 15864 bytes left
[  151.090333][ T5835] bcachefs (loop0): shutting down
[  151.116897][ T5835] bcachefs (loop0): going read-only
[  151.133269][ T5835] bcachefs (loop0): finished waiting for writes to stop
[  151.188147][ T5835] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[  151.282864][ T5835] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[  151.309812][ T5835] bcachefs (loop0): clean shutdown complete, journal seq 4
[  151.354294][ T5835] bcachefs (loop0): marking filesystem clean
[  151.479464][ T5835] bcachefs (loop0): shutdown complete
[  151.999768][ T7060] loop5: detected capacity change from 0 to 32768
[  152.008598][ T7060] XFS: attr2 mount option is deprecated.
[  152.015095][ T7060] XFS: ikeep mount option is deprecated.
[  152.049450][ T7060] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  152.091773][ T7082] loop2: detected capacity change from 0 to 512
[  152.111358][ T7082] EXT4-fs: inline encryption not supported
[  152.153686][ T7082] EXT4-fs (loop2): Test dummy encryption mode enabled
[  152.182556][ T7082] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  152.241443][ T7082] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  152.287506][ T7082] EXT4-fs (loop2): 1 truncate cleaned up
[  152.296080][ T7082] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.322126][ T7067] loop3: detected capacity change from 0 to 32768
[  152.347362][ T7067] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.381 (7067)
[  152.378902][ T7060] XFS (loop5): Ending clean mount
[  152.417588][ T7067] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  152.437733][ T7060] XFS (loop5): Quotacheck needed: Please wait.
[  152.477859][ T7067] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  152.521618][ T7082] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  152.542793][ T7067] BTRFS info (device loop3): using free-space-tree
[  152.577358][ T7060] XFS (loop5): Quotacheck: Done.
[  152.648035][ T5839] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.769301][   T30] audit: type=1800 audit(1751336698.153:6): pid=7067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.381" name="file1" dev="loop3" ino=260 res=0 errno=0
[  152.819486][ T5827] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.032950][ T7115] loop7: detected capacity change from 0 to 512
[  153.040240][ T7115] EXT4-fs: Ignoring removed oldalloc option
[  153.143864][ T5838] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  153.210070][ T7115] EXT4-fs error (device loop7): ext4_xattr_inode_iget:433: comm syz.7.390: Parent and EA inode have the same ino 15
[  153.302451][ T7115] EXT4-fs (loop7): Remounting filesystem read-only
[  153.309097][ T7115] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  153.365730][ T7115] EXT4-fs (loop7): 1 orphan inode deleted
[  153.403415][ T7115] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.666108][ T6367] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.005843][ T7131] netlink: 'syz.5.389': attribute type 1 has an invalid length.
[  154.062445][ T7131] netlink: 624 bytes leftover after parsing attributes in process `syz.5.389'.
[  154.603431][ T7143] netlink: 4 bytes leftover after parsing attributes in process `syz.6.400'.
[  154.787180][ T7149] loop5: detected capacity change from 0 to 256
[  154.852229][ T7149] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  154.909471][ T7149] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  155.012874][ T7149] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  155.054544][ T7158] input: syz0 as /devices/virtual/input/input11
[  155.771010][ T7139] loop0: detected capacity change from 0 to 32768
[  155.796565][ T7178] netlink: 4 bytes leftover after parsing attributes in process `syz.5.416'.
[  155.804495][ T7139] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.377 (7139)
[  155.890485][ T7139] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  155.922273][ T7139] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  155.960854][ T7139] BTRFS info (device loop0): using free-space-tree
[  156.157134][ T7139] BTRFS info (device loop0): rebuilding free space tree
[  156.203070][ T7203] netlink: 8 bytes leftover after parsing attributes in process `syz.5.420'.
[  156.514138][ T5835] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  156.597626][ T7214] loop5: detected capacity change from 0 to 256
[  156.685875][ T7214] exfat: Deprecated parameter 'utf8'
[  156.691241][ T7214] exfat: Deprecated parameter 'utf8'
[  156.742914][ T7214] exfat: Deprecated parameter 'utf8'
[  156.834652][ T7214] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  157.048683][ T7184] loop6: detected capacity change from 0 to 32768
[  157.135523][ T7184] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.418 (7184)
[  157.306985][ T7184] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  157.362065][ T7184] BTRFS info (device loop6): using crc32c (crc32c-x86_64) checksum algorithm
[  157.424260][ T7184] BTRFS info (device loop6): using free-space-tree
[  157.439545][ T7223] loop0: detected capacity change from 0 to 8192
[  157.489554][ T7233] loop2: detected capacity change from 0 to 512
[  157.510714][ T7233] EXT4-fs: Ignoring removed orlov option
[  157.545953][ T7233] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  157.648745][ T7233] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  157.692342][ T5828] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  157.750664][ T7233] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.435: corrupted in-inode xattr: e_value size too large
[  157.781881][ T7233] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.435: couldn't read orphan inode 15 (err -117)
[  157.796958][ T7184] BTRFS info (device loop6): rebuilding free space tree
[  157.836990][ T7233] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.902670][ T5828] usb 6-1: Using ep0 maxpacket: 32
[  157.920309][ T5828] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  157.952915][ T5828] usb 6-1: config 0 has no interface number 0
[  157.996988][ T5914] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  158.007508][ T5828] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  158.032467][ T5828] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.070248][ T5828] usb 6-1: Product: syz
[  158.087808][ T5828] usb 6-1: Manufacturer: syz
[  158.099311][ T5828] usb 6-1: SerialNumber: syz
[  158.166785][ T5828] usb 6-1: config 0 descriptor??
[  158.169721][ T5839] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.195574][ T5828] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  158.215554][ T5914] usb 4-1: config 0 has an invalid interface number: 186 but max is 1
[  158.237229][ T5914] usb 4-1: config 0 has no interface number 1
[  158.256283][ T5914] usb 4-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice=e5.83
[  158.266467][ T5914] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.286808][ T5914] usb 4-1: Product: syz
[  158.289160][ T6326] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  158.291049][ T5914] usb 4-1: Manufacturer: syz
[  158.319641][ T5914] usb 4-1: SerialNumber: syz
[  158.382696][ T5914] usb 4-1: config 0 descriptor??
[  158.462763][ T5828] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  158.602971][ T5828] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  158.693413][ T5914] usb 4-1: USB disconnect, device number 5
[  158.853015][    C1] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[  158.880191][ T5975] usb 6-1: USB disconnect, device number 4
[  158.943685][ T5975] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  159.028721][ T5975] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  159.075860][ T5975] quatech2 6-1:0.51: device disconnected
[  159.155181][ T6385] udevd[6385]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  159.394707][ T7274] netlink: 4 bytes leftover after parsing attributes in process `syz.2.445'.
[  159.441041][ T7274] netlink: 4 bytes leftover after parsing attributes in process `syz.2.445'.
[  159.482836][ T7231] loop7: detected capacity change from 0 to 32768
[  159.563338][ T7278] [U] 
[  159.566347][ T7278] [U] 
[  159.569065][ T7278] [U] 
[  159.571764][ T7278] [U] 
[  159.617772][ T7278] [U] 
[  159.620544][ T7278] [U] 
[  159.623258][ T7278] [U] 
[  159.625978][ T7278] [U] 
[  159.656094][ T7231] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  159.706546][ T7290] loop2: detected capacity change from 0 to 512
[  159.718131][ T7278] [U] 
[  159.720902][ T7278] [U] 
[  159.723680][ T7278] [U] 
[  159.726383][ T7278] [U] 
[  159.730745][ T7278] [U] 
[  159.733475][ T7278] [U] 
[  159.736200][ T7278] [U] 
[  159.738924][ T7278] [U] 
[  159.747103][ T7278] [U] 
[  159.749860][ T7278] [U] 
[  159.752576][ T7278] [U] 
[  159.755291][ T7278] [U] 
[  159.759056][ T7278] [U] 
[  159.761776][ T7278] [U] 
[  159.764478][ T7278] [U] 
[  159.767185][ T7278] [U] 
[  159.821747][ T7290] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.838914][ T7290] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.857720][ T7277] [U] 
[  159.951814][ T7297] loop6: detected capacity change from 0 to 256
[  160.077846][ T7231] XFS (loop7): Ending clean mount
[  160.100756][ T7231] XFS (loop7): Quotacheck needed: Please wait.
[  160.259664][ T7231] XFS (loop7): Quotacheck: Done.
[  160.579154][ T6367] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  160.639553][ T5839] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.892905][ T7313] netlink: 'syz.2.459': attribute type 1 has an invalid length.
[  160.942443][ T7313] netlink: 'syz.2.459': attribute type 2 has an invalid length.
[  160.990961][ T7313] netlink: 'syz.2.459': attribute type 1 has an invalid length.
[  161.052521][ T7313] netlink: 'syz.2.459': attribute type 2 has an invalid length.
[  161.497468][ T7288] loop5: detected capacity change from 0 to 32768
[  161.597785][ T7288] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  161.708556][ T5914] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  161.725388][ T7288] XFS (loop5): Ending clean mount
[  161.734685][ T7337] loop2: detected capacity change from 0 to 256
[  161.836745][ T7337] exfat: Deprecated parameter 'utf8'
[  161.896528][ T5914] usb 8-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  161.914296][ T7337] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  161.941134][ T5914] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.983375][ T5914] usb 8-1: config 0 descriptor??
[  162.046418][ T5914] cp210x 8-1:0.0: cp210x converter detected
[  162.092492][ T5827] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  162.478750][ T5914] cp210x 8-1:0.0: failed to get vendor val 0x000e size 3: -32
[  162.562859][ T5914] usb 8-1: cp210x converter now attached to ttyUSB0
[  162.632984][ T7353] loop2: detected capacity change from 0 to 512
[  162.693119][ T7352] overlayfs: missing 'lowerdir'
[  162.708026][ T7353] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  162.756099][ T5907] usb 8-1: USB disconnect, device number 2
[  162.786637][ T7353] EXT4-fs (loop2): 1 truncate cleaned up
[  162.814254][ T7353] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.820170][ T5907] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  162.986368][ T5839] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.022634][ T5907] cp210x 8-1:0.0: device disconnected
[  163.382503][ T5914] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  163.552479][ T5914] usb 6-1: Using ep0 maxpacket: 16
[  163.571839][ T5914] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  163.607289][ T5914] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  163.662977][ T5914] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  163.689779][ T5914] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.718969][ T5914] usb 6-1: Product: syz
[  163.739371][ T5914] usb 6-1: Manufacturer: syz
[  163.760664][ T5914] usb 6-1: SerialNumber: syz
[  163.765060][ T7348] loop3: detected capacity change from 0 to 32768
[  163.812611][ T5914] usb 6-1: config 0 descriptor??
[  163.901042][ T7348] XFS (loop3): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  163.947274][ T5914] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  164.058943][ T5914] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class)
[  164.276002][ T7348] XFS (loop3): Starting recovery (logdev: internal)
[  164.370223][ T7348] XFS (loop3): Ending recovery (logdev: internal)
[  164.503505][   T30] audit: type=1800 audit(1751336709.893:7): pid=7348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.472" name="file2" dev="loop3" ino=7431 res=0 errno=0
[  164.525950][ T5914] em28xx 6-1:0.0: chip ID is em2874
[  164.682574][ T5838] XFS (loop3): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  164.735805][ T5907] usb 6-1: USB disconnect, device number 5
[  164.769234][ T5907] em28xx 6-1:0.0: Disconnecting em28xx
[  164.817041][ T5907] em28xx 6-1:0.0: Freeing device
[  165.066660][ T7380] loop7: detected capacity change from 0 to 32768
[  165.273250][ T7380] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  165.325178][ T7409] loop3: detected capacity change from 0 to 64
[  165.631647][ T7414] netlink: 48 bytes leftover after parsing attributes in process `syz.0.493'.
[  165.707112][ T7416] loop2: detected capacity change from 0 to 65
[  165.751980][ T6367] (syz-executor,6367,1):ocfs2_inode_is_valid_to_delete:886 ERROR: Skipping delete of system file 72
[  165.772255][ T7416] BFS-fs: bfs_fill_super(): NOTE: filesystem loop2 was created with 512 inodes, the real maximum is 511, mounting anyway
[  165.797399][ T5828] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  165.811485][ T6367] ocfs2: Unmounting device (7,7) on (node local)
[  165.989413][ T5828] usb 6-1: Using ep0 maxpacket: 16
[  166.003038][ T5828] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  166.028340][ T5828] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  166.031881][ T7422] loop0: detected capacity change from 0 to 2048
[  166.114486][ T7422] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  166.146458][ T5828] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  166.166591][ T5828] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.203907][ T5828] usb 6-1: Product: syz
[  166.208136][ T5828] usb 6-1: Manufacturer: syz
[  166.242636][ T5828] usb 6-1: SerialNumber: syz
[  166.266642][ T5828] usb 6-1: config 0 descriptor??
[  166.286210][ T5828] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  166.320558][ T5828] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class)
[  166.357982][ T7432] netlink: 56 bytes leftover after parsing attributes in process `syz.6.503'.
[  166.402773][ T7432] netlink: 8 bytes leftover after parsing attributes in process `syz.6.503'.
[  166.460429][ T7440] netlink: 'syz.2.506': attribute type 3 has an invalid length.
[  166.904738][ T5828] em28xx 6-1:0.0: chip ID is em2870
[  167.118457][ T5828] usb 6-1: USB disconnect, device number 6
[  167.133730][ T5828] em28xx 6-1:0.0: Disconnecting em28xx
[  167.171218][ T5828] em28xx 6-1:0.0: Freeing device
[  167.202137][ T7468] loop3: detected capacity change from 0 to 512
[  167.233517][ T7468] EXT4-fs: Ignoring removed mblk_io_submit option
[  167.251104][ T7468] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  167.298600][ T7468] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  167.359186][ T7468] System zones: 1-12
[  167.392106][ T7468] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.521: corrupted in-inode xattr: e_value size too large
[  167.412504][ T7456] loop2: detected capacity change from 0 to 32768
[  167.427378][ T7456] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.514 (7456)
[  167.437442][ T7473] sp0: Synchronizing with TNC
[  167.440450][ T7468] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.521: couldn't read orphan inode 15 (err -117)
[  167.470615][ T7468] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.487512][ T7456] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  167.500643][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4
[  167.508684][ T7456] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  167.532501][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2
[  167.540357][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.548385][ T7456] BTRFS info (device loop2): using free-space-tree
[  167.564001][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.582695][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.590394][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.612845][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.625674][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.634802][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.641577][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.643055][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.678585][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.718208][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.764447][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.772381][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.780138][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.790402][ T5907] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[  167.858403][ T5907] hid-generic 0000:3000000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  167.889706][ T7502] loop3: detected capacity change from 0 to 128
[  167.935580][ T7502] EXT4-fs: Ignoring removed nobh option
[  168.054114][ T7502] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  168.092938][ T5828] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  168.111076][ T7502] ext4 filesystem being mounted at /107/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  168.212309][ T5839] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  168.215017][ T7502] fscrypt (loop3, inode 12): Sub-block data units not yet supported with IV_INO_LBLK_32
[  168.262553][ T5828] usb 6-1: Using ep0 maxpacket: 16
[  168.286605][ T5828] usb 6-1: config 0 has no interfaces?
[  168.298301][ T5828] usb 6-1: New USB device found, idVendor=5b8d, idProduct=3fea, bcdDevice=15.fe
[  168.328973][ T5828] usb 6-1: New USB device strings: Mfr=188, Product=138, SerialNumber=0
[  168.339016][ T7509] netlink: 12 bytes leftover after parsing attributes in process `syz.0.533'.
[  168.348943][ T5828] usb 6-1: Product: syz
[  168.367054][ T7509] netlink: 28 bytes leftover after parsing attributes in process `syz.0.533'.
[  168.376347][ T5828] usb 6-1: Manufacturer: syz
[  168.389881][ T5828] usb 6-1: config 0 descriptor??
[  168.427056][ T5838] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  168.440235][ T7509] netlink: 12 bytes leftover after parsing attributes in process `syz.0.533'.
[  168.473339][ T7509] netlink: 28 bytes leftover after parsing attributes in process `syz.0.533'.
[  168.510515][ T7509] netlink: 'syz.0.533': attribute type 6 has an invalid length.
[  168.597058][ T7511] serio: Serial port ttyS3
[  168.637742][   T10] usb 6-1: USB disconnect, device number 7
[  168.856838][ T7516] loop0: detected capacity change from 0 to 256
[  168.911325][ T7507] loop7: detected capacity change from 0 to 32768
[  169.001980][ T7507] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  169.094317][ T6367] ocfs2: Unmounting device (7,7) on (node local)
[  169.321210][ T7528] loop5: detected capacity change from 0 to 2048
[  169.388599][ T7528] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.604515][ T7526] loop6: detected capacity change from 0 to 32768
[  169.642331][ T5827] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.700209][ T7526] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  169.782522][ T7542] loop0: detected capacity change from 0 to 128
[  169.807808][ T6326] (syz-executor,6326,1):ocfs2_inode_is_valid_to_delete:886 ERROR: Skipping delete of system file 72
[  169.836394][ T6326] ocfs2: Unmounting device (7,6) on (node local)
[  169.859946][ T7542] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  169.913489][ T7542] ext4 filesystem being mounted at /112/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  169.978677][ T7548] loop7: detected capacity change from 0 to 1024
[  170.064295][ T7548] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.174977][ T5835] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  170.231786][ T6367] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.532806][ T5828] kernel read not supported for file /dsp (pid: 5828 comm: kworker/1:4)
[  170.875412][ T7581] loop0: detected capacity change from 0 to 1024
[  170.971153][ T7558] loop5: detected capacity change from 0 to 32768
[  170.977721][   T30] audit: type=1800 audit(1751336716.353:8): pid=7581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.561" name="file1" dev="loop0" ino=20 res=0 errno=0
[  171.021835][ T7581] syz.0.561: attempt to access beyond end of device
[  171.021835][ T7581] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  171.051188][ T7558] JBD2: Ignoring recovery information on journal
[  171.106352][ T7558] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  171.317525][ T5827] ocfs2: Unmounting device (7,5) on (node local)
[  171.480107][ T7605] loop6: detected capacity change from 0 to 1024
[  171.516377][ T7601] loop3: detected capacity change from 0 to 4096
[  171.566698][ T7605] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.603563][ T7605] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.642868][ T7601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.695836][   T30] audit: type=1800 audit(1751336717.073:9): pid=7605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.572" name="file2" dev="loop6" ino=16 res=0 errno=0
[  171.754304][ T7601] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.791958][ T7616] loop2: detected capacity change from 0 to 1024
[  171.866079][ T6326] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.874047][ T7618] loop0: detected capacity change from 0 to 1024
[  171.923295][ T7618] EXT4-fs: Ignoring removed nobh option
[  171.932032][ T7618] EXT4-fs: Ignoring removed bh option
[  171.971707][ T7616] hfsplus: xattr searching failed
[  172.039246][ T7618] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.044262][   T49] hfsplus: b-tree write err: -5, ino 3
[  172.265426][ T5835] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.314253][ T7631] netlink: 8 bytes leftover after parsing attributes in process `syz.2.579'.
[  172.522383][ T5962] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  172.692352][   T10] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  172.712899][ T5962] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  172.731420][ T7612] loop7: detected capacity change from 0 to 32768
[  172.752473][ T5962] usb 4-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.00
[  172.772530][ T5962] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.790026][ T7612] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.574 (7612)
[  172.805885][ T5962] usb 4-1: config 0 descriptor??
[  172.852775][   T10] usb 6-1: Using ep0 maxpacket: 16
[  172.858120][ T7612] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  172.879272][   T10] usb 6-1: config 8 has an invalid interface number: 39 but max is 0
[  172.887625][   T10] usb 6-1: config 8 has no interface number 0
[  172.898871][   T10] usb 6-1: config 8 interface 39 altsetting 1 has an endpoint descriptor with address 0xDF, changing to 0x8F
[  172.919440][ T7612] BTRFS info (device loop7): using crc32c (crc32c-x86_64) checksum algorithm
[  172.931139][   T10] usb 6-1: config 8 interface 39 altsetting 1 endpoint 0x8F has invalid wMaxPacketSize 0
[  172.958712][   T10] usb 6-1: config 8 interface 39 altsetting 1 bulk endpoint 0x8F has invalid maxpacket 0
[  172.962300][ T7612] BTRFS info (device loop7): using free-space-tree
[  172.997767][   T10] usb 6-1: config 8 interface 39 has no altsetting 0
[  173.018901][   T10] usb 6-1: New USB device found, idVendor=05ac, idProduct=c704, bcdDevice=62.77
[  173.028379][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.043650][   T10] usb 6-1: Product: syz
[  173.050437][   T10] usb 6-1: Manufacturer: syz
[  173.055210][   T10] usb 6-1: SerialNumber: syz
[  173.144823][ T7612] BTRFS info (device loop7): checking UUID tree
[  173.212330][ T7643] loop0: detected capacity change from 0 to 32768
[  173.257454][ T5962] kye 0003:0458:5012.0003: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  173.279247][ T7643] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  173.296560][ T5962] kye 0003:0458:5012.0003: hidraw0: USB HID v0.00 Device [HID 0458:5012] on usb-dummy_hcd.3-1/input0
[  173.319664][ T5962] kye 0003:0458:5012.0003: tablet-enabling feature report not found
[  173.339120][ T5962] kye 0003:0458:5012.0003: tablet enabling failed
[  173.373932][ T6367] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  173.404487][ T7643] XFS (loop0): Ending clean mount
[  173.442577][ T5914] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  173.450435][ T7643] XFS (loop0): Quotacheck needed: Please wait.
[  173.492483][ T5962] usb 4-1: USB disconnect, device number 6
[  173.548988][ T7643] XFS (loop0): Quotacheck: Done.
[  173.624334][ T5914] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  173.648525][ T5914] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.669154][ T5914] usb 7-1: config 0 descriptor??
[  173.673262][   T10] ipheth 6-1:8.39: ipheth_enable_ncm: usb_control_msg: -71
[  173.679861][ T5914] cp210x 7-1:0.0: cp210x converter detected
[  173.711317][ T7639] loop2: detected capacity change from 0 to 40427
[  173.718315][ T5835] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  173.721184][   T10] ipheth 6-1:8.39: Apple iPhone USB Ethernet device attached
[  173.745178][ T7639] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  173.753613][ T7639] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  173.769727][ T7639] F2FS-fs (loop2): heap/no_heap options were deprecated
[  173.775253][   T10] usb 6-1: USB disconnect, device number 8
[  173.780488][ T7639] F2FS-fs (loop2): build fault injection type: 0x0
[  173.807095][ T7639] F2FS-fs (loop2): invalid crc value
[  173.883275][   T10] ipheth 6-1:8.39: Apple iPhone USB Ethernet now disconnected
[  173.925620][ T7671] loop7: detected capacity change from 0 to 16
[  173.943181][ T7671] MTD: Attempt to mount non-MTD device "/dev/loop7"
[  174.001272][ T7639] F2FS-fs (loop2): Try to recover 1th superblock, ret: -30
[  174.008901][ T7639] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  174.094515][ T5914] cp210x 7-1:0.0: failed to get vendor val 0x000e size 3: -32
[  174.132664][ T5914] usb 7-1: cp210x converter now attached to ttyUSB0
[  174.341399][ T5914] usb 7-1: USB disconnect, device number 4
[  174.379512][ T5914] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  174.412636][ T5914] cp210x 7-1:0.0: device disconnected
[  174.612484][ T7687] netlink: 4 bytes leftover after parsing attributes in process `syz.5.597'.
[  174.759834][ T7688] loop3: detected capacity change from 0 to 4096
[  174.815091][ T7693] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  174.972416][ T5962] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  175.041119][ T7697] random: crng reseeded on system resumption
[  175.163576][ T5962] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  175.202272][ T5962] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  175.231649][ T5962] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  175.261146][ T5962] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  175.291540][ T5962] usb 8-1: SerialNumber: syz
[  175.551978][ T5962] usb 8-1: 0:2 : does not exist
[  175.609823][ T5962] usb 8-1: USB disconnect, device number 3
[  175.737035][ T7723] loop0: detected capacity change from 0 to 64
[  175.830285][ T7725] netlink: 16 bytes leftover after parsing attributes in process `syz.6.614'.
[  175.995803][ T7731] netlink: 200 bytes leftover after parsing attributes in process `syz.0.617'.
[  176.153341][ T7735] loop6: detected capacity change from 0 to 512
[  176.197753][ T7735] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  176.246960][ T7735] EXT4-fs (loop6): 1 truncate cleaned up
[  176.280370][ T7735] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.331601][ T7702] loop3: detected capacity change from 0 to 40427
[  176.377457][ T7702] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  176.377915][ T7749] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  176.396258][ T7702] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  176.428387][ T7702] F2FS-fs (loop3): invalid crc value
[  176.650851][ T7761] loop7: detected capacity change from 0 to 256
[  176.675804][ T6326] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.695254][ T7761] FAT-fs (loop7): Directory bread(block 1285) failed
[  176.738518][ T7761] FAT-fs (loop7): Directory bread(block 1285) failed
[  176.774402][ T7702] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  176.776367][ T7761] FAT-fs (loop7): FAT read failed (blocknr 1281)
[  176.807630][ T7702] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  177.029764][ T7702] syz.3.601: attempt to access beyond end of device
[  177.029764][ T7702] loop3: rw=2049, sector=53248, nr_sectors = 520 limit=40427
[  177.208546][ T5838] syz-executor: attempt to access beyond end of device
[  177.208546][ T5838] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  177.282284][ T5838] CPU: 0 UID: 0 PID: 5838 Comm: syz-executor Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) 
[  177.282319][ T5838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  177.282333][ T5838] Call Trace:
[  177.282342][ T5838]  <TASK>
[  177.282352][ T5838]  dump_stack_lvl+0x189/0x250
[  177.282400][ T5838]  ? __pfx_dump_stack_lvl+0x10/0x10
[  177.282437][ T5838]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  177.282471][ T5838]  ? __pfx_queue_work_on+0x10/0x10
[  177.282495][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  177.282523][ T5838]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  177.282555][ T5838]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  177.282589][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  177.282617][ T5838]  ? f2fs_hw_is_readonly+0x39b/0x470
[  177.282651][ T5838]  f2fs_handle_critical_error+0x37c/0x540
[  177.282689][ T5838]  f2fs_write_end_io+0x495/0x810
[  177.282721][ T5838]  ? blkg_put+0x22/0x240
[  177.282764][ T5838]  __submit_merged_bio+0x27a/0x6a0
[  177.282800][ T5838]  __submit_merged_write_cond+0x255/0x530
[  177.282837][ T5838]  f2fs_write_data_pages+0x261d/0x3000
[  177.282867][ T5838]  ? __lock_acquire+0xab9/0xd20
[  177.282940][ T5838]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  177.283023][ T5838]  ? __mod_zone_page_state+0xd7/0x140
[  177.283063][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  177.283090][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  177.283118][ T5838]  ? __bfs+0x154/0x2a0
[  177.283181][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  177.283208][ T5838]  ? lockdep_unlock+0x89/0x120
[  177.283237][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  177.283274][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  177.283302][ T5838]  ? __lock_acquire+0xab9/0xd20
[  177.283354][ T5838]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  177.283388][ T5838]  do_writepages+0x32e/0x550
[  177.283433][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  177.283466][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  177.283493][ T5838]  ? do_raw_spin_unlock+0x122/0x240
[  177.283527][ T5838]  filemap_fdatawrite+0x191/0x230
[  177.283550][ T5838]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  177.283621][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  177.283654][ T5838]  ? do_raw_spin_unlock+0x122/0x240
[  177.283688][ T5838]  f2fs_sync_dirty_inodes+0x31f/0x830
[  177.283741][ T5838]  f2fs_write_checkpoint+0x94a/0x1de0
[  177.283804][ T5838]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  177.283894][ T5838]  ? kill_f2fs_super+0x298/0x6c0
[  177.283935][ T5838]  kill_f2fs_super+0x2c3/0x6c0
[  177.283978][ T5838]  ? __pfx_kill_f2fs_super+0x10/0x10
[  177.284010][ T5838]  ? radix_tree_delete_item+0x2b6/0x400
[  177.284053][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  177.284080][ T5838]  ? shrinker_free+0x2ce/0x3e0
[  177.284115][ T5838]  deactivate_locked_super+0xbc/0x130
[  177.284153][ T5838]  cleanup_mnt+0x425/0x4c0
[  177.284190][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  177.284218][ T5838]  ? lockdep_hardirqs_on+0x9c/0x150
[  177.284256][ T5838]  task_work_run+0x1d4/0x260
[  177.284292][ T5838]  ? __pfx_task_work_run+0x10/0x10
[  177.284320][ T5838]  ? __x64_sys_umount+0x122/0x160
[  177.284365][ T5838]  ? exit_to_user_mode_loop+0x40/0x110
[  177.284405][ T5838]  exit_to_user_mode_loop+0xec/0x110
[  177.284441][ T5838]  do_syscall_64+0x2bd/0x3b0
[  177.284477][ T5838]  ? lockdep_hardirqs_on+0x9c/0x150
[  177.284512][ T5838]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.284534][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  177.284562][ T5838]  ? exc_page_fault+0x9f/0xf0
[  177.284598][ T5838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.284622][ T5838] RIP: 0033:0x7fb37f58fc57
[  177.284642][ T5838] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  177.284661][ T5838] RSP: 002b:00007fff03b265b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  177.284685][ T5838] RAX: 0000000000000000 RBX: 00007fb37f610925 RCX: 00007fb37f58fc57
[  177.284702][ T5838] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff03b26670
[  177.284716][ T5838] RBP: 00007fff03b26670 R08: 0000000000000000 R09: 0000000000000000
[  177.284731][ T5838] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff03b27700
[  177.284748][ T5838] R13: 00007fb37f610925 R14: 000000000002b3b3 R15: 00007fff03b27740
[  177.284786][ T5838]  </TASK>
[  177.284796][ T5838] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  177.549008][ T7782] loop7: detected capacity change from 0 to 32768
[  177.810748][ T7787] netlink: 32 bytes leftover after parsing attributes in process `syz.2.640'.
[  177.862430][ T5975] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  177.921964][ T7782] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  178.002697][ T7782] XFS (loop7): Ending clean mount
[  178.012538][ T5975] usb 1-1: Using ep0 maxpacket: 16
[  178.043638][ T5975] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  178.059374][ T5975] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.060119][ T6367] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  178.074100][ T5975] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00
[  178.088428][ T5975] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.100248][ T5975] usb 1-1: config 0 descriptor??
[  178.114759][ T5843] Bluetooth: hci3: command 0x0405 tx timeout
[  178.561083][ T5975] konepure 0003:1E7D:2DB4.0004: unknown main item tag 0x0
[  178.615509][ T5975] konepure 0003:1E7D:2DB4.0004: unknown main item tag 0x0
[  178.645853][ T5975] konepure 0003:1E7D:2DB4.0004: unknown main item tag 0x0
[  178.672557][ T5975] konepure 0003:1E7D:2DB4.0004: unknown main item tag 0x0
[  178.739361][ T5975] konepure 0003:1E7D:2DB4.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.0-1/input0
[  178.805386][ T5975] usb 1-1: USB disconnect, device number 2
[  178.809295][ T7808] loop5: detected capacity change from 0 to 1024
[  178.990456][ T7808] hfsplus: xattr search failed
[  179.178017][ T7819] can0: slcan on ttyS3.
[  179.272713][ T7819] can0 (unregistered): slcan off ttyS3.
[  179.282255][ T5914] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  179.335881][ T7822] loop3: detected capacity change from 0 to 4096
[  179.365238][ T7822] ntfs3(loop3): It is recommened to use chkdsk.
[  179.406713][ T7822] ntfs3(loop3): try to read out of volume at offset 0x3fffffc0c00
[  179.425186][ T7822] ntfs3(loop3): try to read out of volume at offset 0x3fffffc0c00
[  179.451067][ T7822] ntfs3(loop3): try to read out of volume at offset 0x3fffffc0c00
[  179.462597][ T5914] usb 8-1: Using ep0 maxpacket: 32
[  179.477471][ T5914] usb 8-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  179.489931][ T7822] ntfs3(loop3): try to read out of volume at offset 0x3fffffc0c00
[  179.510698][ T5914] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.521360][ T7822] ntfs3(loop3): try to read out of volume at offset 0x3fffffc1c00
[  179.531918][ T7822] ntfs3(loop3): try to read out of volume at offset 0x3fffffc2c00
[  179.541375][ T5914] usb 8-1: config 0 descriptor??
[  179.556374][ T7822] ntfs3(loop3): try to read out of volume at offset 0x3fffffc4c00
[  179.564606][ T7822] ntfs3(loop3): try to read out of volume at offset 0x3fffffc8c00
[  179.573157][ T7822] ntfs3(loop3): try to read out of volume at offset 0x3fffffd0c00
[  179.739693][ T7835] loop5: detected capacity change from 0 to 128
[  179.767608][ T7835] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  179.789494][ T5914] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  179.835500][ T5914] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  179.866998][ T5914] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  179.875819][ T5914] usb 8-1: media controller created
[  179.944740][ T5914] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  180.004632][   T30] audit: type=1326 audit(1751336725.383:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.6.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff91538e929 code=0x7ffc0000
[  180.051283][ T5914] az6027: usb out operation failed. (-71)
[  180.061084][ T5914] az6027: usb out operation failed. (-71)
[  180.082213][ T5914] stb0899_attach: Driver disabled by Kconfig
[  180.098801][ T5914] az6027: no front-end attached
[  180.098801][ T5914] 
[  180.102284][   T30] audit: type=1326 audit(1751336725.423:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.6.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff91538e929 code=0x7ffc0000
[  180.109495][ T5914] az6027: usb out operation failed. (-71)
[  180.139091][ T7845] loop5: detected capacity change from 0 to 256
[  180.147463][   T30] audit: type=1326 audit(1751336725.433:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.6.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff91538e929 code=0x7ffc0000
[  180.170400][   T30] audit: type=1326 audit(1751336725.433:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.6.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff91538e929 code=0x7ffc0000
[  180.193628][   T30] audit: type=1326 audit(1751336725.433:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.6.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff91538e929 code=0x7ffc0000
[  180.217013][   T30] audit: type=1326 audit(1751336725.443:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.6.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7ff91538e929 code=0x7ffc0000
[  180.239184][ T5914] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  180.241478][ T5914] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.7/usb8/8-1/input/input14
[  180.246522][   T30] audit: type=1326 audit(1751336725.443:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.6.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff91538e929 code=0x7ffc0000
[  180.331395][ T5914] dvb-usb: schedule remote query interval to 400 msecs.
[  180.339959][ T5914] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  180.390533][ T5914] usb 8-1: USB disconnect, device number 4
[  180.522966][   T30] audit: type=1326 audit(1751336725.443:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.6.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff91538e929 code=0x7ffc0000
[  180.588807][ T7848] xt_CT: No such helper "snmp"
[  180.595524][   T30] audit: type=1326 audit(1751336725.443:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.6.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7ff91538e929 code=0x7ffc0000
[  180.629847][   T30] audit: type=1326 audit(1751336725.453:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.6.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff91538e929 code=0x7ffc0000
[  180.683682][ T5914] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  180.714686][ T7857] loop5: detected capacity change from 0 to 2048
[  180.789548][ T7857] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  180.876558][ T7865] loop6: detected capacity change from 0 to 64
[  181.092262][ T5993] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  181.262352][ T5993] usb 3-1: Using ep0 maxpacket: 32
[  181.303541][ T5993] usb 3-1: config 2 has an invalid interface number: 66 but max is 0
[  181.311726][ T5993] usb 3-1: config 2 has no interface number 0
[  181.332296][ T5993] usb 3-1: config 2 interface 66 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 7
[  181.367936][ T5993] usb 3-1: New USB device found, idVendor=046d, idProduct=08c6, bcdDevice= b.5d
[  181.396533][ T5993] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.422591][ T5993] usb 3-1: Product: syz
[  181.442248][ T5993] usb 3-1: Manufacturer: syz
[  181.452256][ T5993] usb 3-1: SerialNumber: syz
[  181.476639][ T5993] usb 3-1: Found UVC 0.00 device syz (046d:08c6)
[  181.498121][ T5993] usb 3-1: No valid video chain found.
[  181.608774][ T7894] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.684419][ T5962] usb 3-1: USB disconnect, device number 2
[  181.760580][ T7869] loop3: detected capacity change from 0 to 32768
[  181.780476][ T7869] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.672 (7869)
[  181.835669][ T7869] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  181.851107][ T7869] BTRFS info (device loop3): using sha256 (sha256-x86_64) checksum algorithm
[  181.874886][ T7869] BTRFS info (device loop3): using free-space-tree
[  182.205519][ T5838] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  182.411839][ T7928] loop7: detected capacity change from 0 to 64
[  183.266902][ T7963] loop2: detected capacity change from 0 to 128
[  183.291756][ T7959] netlink: del zone limit has 4 unknown bytes
[  183.328951][ T7963] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  183.380420][ T7966] loop7: detected capacity change from 0 to 1024
[  183.380928][ T7963] FAT-fs (loop2): Filesystem has been set read-only
[  183.402356][ T7963] syz.2.709: attempt to access beyond end of device
[  183.402356][ T7963] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  183.423476][ T7966] EXT4-fs: Ignoring removed oldalloc option
[  183.429451][ T7966] EXT4-fs: Ignoring removed bh option
[  183.466899][ T7963] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  183.504849][ T7963] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  183.537474][ T7966] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.600518][ T7963] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  183.669362][ T7963] syz.2.709: attempt to access beyond end of device
[  183.669362][ T7963] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  183.704108][ T6367] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.716209][ T7970] loop0: detected capacity change from 0 to 4096
[  183.739796][ T7963] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  183.740064][ T7968] syz.2.709: attempt to access beyond end of device
[  183.740064][ T7968] loop2: rw=0, sector=2065, nr_sectors = 1 limit=128
[  183.761794][ T7963] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  183.813643][ T7981] netem: incorrect ge model size
[  183.823686][ T7970] ntfs3(loop0): ino=19, mi_enum_attr
[  183.829366][ T7981] netem: change failed
[  183.835089][ T7968] Buffer I/O error on dev loop2, logical block 2065, async page read
[  183.849531][ T7970] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  183.884785][ T7968] syz.2.709: attempt to access beyond end of device
[  183.884785][ T7968] loop2: rw=0, sector=2066, nr_sectors = 1 limit=128
[  183.931551][ T7968] Buffer I/O error on dev loop2, logical block 2066, async page read
[  183.959184][ T7968] syz.2.709: attempt to access beyond end of device
[  183.959184][ T7968] loop2: rw=0, sector=2067, nr_sectors = 1 limit=128
[  183.983488][ T7968] Buffer I/O error on dev loop2, logical block 2067, async page read
[  184.028761][ T7968] syz.2.709: attempt to access beyond end of device
[  184.028761][ T7968] loop2: rw=0, sector=2068, nr_sectors = 1 limit=128
[  184.068568][ T7990] netem: incorrect gi model size
[  184.073900][ T7968] Buffer I/O error on dev loop2, logical block 2068, async page read
[  184.082702][ T7990] netem: change failed
[  184.087124][ T7968] syz.2.709: attempt to access beyond end of device
[  184.087124][ T7968] loop2: rw=0, sector=2069, nr_sectors = 1 limit=128
[  184.139326][ T7968] Buffer I/O error on dev loop2, logical block 2069, async page read
[  184.152308][ T5962] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  184.189522][ T7968] syz.2.709: attempt to access beyond end of device
[  184.189522][ T7968] loop2: rw=0, sector=2070, nr_sectors = 1 limit=128
[  184.250687][ T7968] Buffer I/O error on dev loop2, logical block 2070, async page read
[  184.255019][ T7992] netlink: 108 bytes leftover after parsing attributes in process `syz.3.722'.
[  184.290247][ T7968] syz.2.709: attempt to access beyond end of device
[  184.290247][ T7968] loop2: rw=0, sector=2071, nr_sectors = 1 limit=128
[  184.323412][ T7968] Buffer I/O error on dev loop2, logical block 2071, async page read
[  184.339126][ T5962] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  184.349283][ T7968] syz.2.709: attempt to access beyond end of device
[  184.349283][ T7968] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128
[  184.374124][ T5962] usb 7-1: config 0 interface 0 has no altsetting 0
[  184.380842][ T5962] usb 7-1: New USB device found, idVendor=056a, idProduct=00ba, bcdDevice= 0.00
[  184.393994][ T7968] Buffer I/O error on dev loop2, logical block 2072, async page read
[  184.407025][ T5962] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.424010][ T5962] usb 7-1: config 0 descriptor??
[  184.572606][ T7999] loop0: detected capacity change from 0 to 128
[  184.631267][ T7980] loop5: detected capacity change from 0 to 32768
[  184.761546][ T7980] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  184.761582][ T7980]   allowing incompatible features above 0.0: (unknown version)
[  184.761596][ T7980]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  184.881813][ T7980] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  184.897802][ T7980] bcachefs (loop5): initializing new filesystem
[  184.912473][ T5828] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  184.918353][ T7980] bcachefs (loop5): going read-write
[  184.954105][ T7980] bcachefs (loop5): marking superblocks
[  184.989838][ T7980] bcachefs (loop5): initializing freespace
[  185.047746][ T7980] bcachefs (loop5): done initializing freespace
[  185.058368][ T5975] usb 7-1: USB disconnect, device number 5
[  185.089457][ T7980] bcachefs (loop5): reading snapshots table
[  185.092553][ T5828] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  185.095713][ T7980] bcachefs (loop5): reading snapshots done
[  185.289183][ T5828] usb 4-1: New USB device found, idVendor=1532, idProduct=010d, bcdDevice= 0.00
[  185.301790][ T5828] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.314364][ T7980] bcachefs (loop5): done starting filesystem
[  185.314717][ T5828] usb 4-1: config 0 descriptor??
[  185.575407][ T5827] bcachefs (loop5): shutting down
[  185.582375][ T5827] bcachefs (loop5): going read-only
[  185.587628][ T5827] bcachefs (loop5): finished waiting for writes to stop
[  185.632015][ T5827] bcachefs (loop5): flushing journal and stopping allocators, journal seq 3
[  185.704081][ T5827] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 3
[  185.745755][ T5827] bcachefs (loop5): clean shutdown complete, journal seq 4
[  185.754640][ T5827] bcachefs (loop5): marking filesystem clean
[  185.778146][ T5828] razer 0003:1532:010D.0006: hidraw0: USB HID v0.00 Device [HID 1532:010d] on usb-dummy_hcd.3-1/input0
[  185.871782][ T5827] bcachefs (loop5): shutdown complete
[  185.951927][ T8037] loop0: detected capacity change from 0 to 256
[  186.025353][ T5975] usb 4-1: USB disconnect, device number 7
[  186.097522][ T8043] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  186.316838][ T8049] loop7: detected capacity change from 0 to 512
[  186.335536][ T8049] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  186.370353][ T8049] EXT4-fs (loop7): 1 truncate cleaned up
[  186.388287][ T8049] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.483916][ T8051] loop6: detected capacity change from 0 to 4096
[  186.514950][ T8051] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  186.567004][ T8058] netlink: 40 bytes leftover after parsing attributes in process `syz.0.746'.
[  186.610981][ T6367] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.630542][ T8051] ntfs3(loop6): ino=19, mi_enum_attr
[  186.651433][ T8051] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  186.730472][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  186.730493][   T30] audit: type=1800 audit(1751336732.113:22): pid=8051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.742" name="file2" dev="loop6" ino=31 res=0 errno=0
[  187.026173][ T8069] netlink: 12 bytes leftover after parsing attributes in process `syz.0.753'.
[  187.322791][ T8072] loop6: detected capacity change from 0 to 32768
[  187.381551][ T8053] loop2: detected capacity change from 0 to 32768
[  187.765922][ T8072] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  187.765958][ T8072]   allowing incompatible features above 0.0: (unknown version)
[  187.765973][ T8072]   features: 
[  187.801528][ T8072] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[  187.809966][ T8072] bcachefs (loop6): initializing new filesystem
[  187.823968][ T8072] bcachefs (loop6): going read-write
[  187.846943][ T8072] bcachefs (loop6): marking superblocks
[  187.860832][ T8072] bcachefs (loop6): initializing freespace
[  187.870814][ T8072] bcachefs (loop6): done initializing freespace
[  187.880077][ T8072] bcachefs (loop6): reading snapshots table
[  187.886286][ T8072] bcachefs (loop6): reading snapshots done
[  187.929006][ T8072] bcachefs (loop6): done starting filesystem
[  188.185527][ T8107] netlink: 4 bytes leftover after parsing attributes in process `syz.2.764'.
[  188.226267][ T6326] bcachefs (loop6): shutting down
[  188.248584][ T6326] bcachefs (loop6): going read-only
[  188.270017][ T6326] bcachefs (loop6): finished waiting for writes to stop
[  188.327964][ T6326] bcachefs (loop6): flushing journal and stopping allocators, journal seq 3
[  188.566551][ T6326] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 3
[  188.606362][ T8113] loop3: detected capacity change from 0 to 128
[  188.616000][ T6326] bcachefs (loop6): clean shutdown complete, journal seq 4
[  188.655631][ T6326] bcachefs (loop6): marking filesystem clean
[  188.752279][   T30] audit: type=1800 audit(1751336734.133:23): pid=8113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.768" name="file2" dev="loop3" ino=1048645 res=0 errno=0
[  188.864186][ T8113] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  188.872070][ T8113] FAT-fs (loop3): Filesystem has been set read-only
[  188.887089][ T8113] syz.3.768: attempt to access beyond end of device
[  188.887089][ T8113] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  188.951745][ T8113] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  188.973741][ T8113] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  188.997715][ T6326] bcachefs (loop6): shutdown complete
[  189.056599][ T8113] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  189.092507][ T8113] syz.3.768: attempt to access beyond end of device
[  189.092507][ T8113] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  189.127971][ T8113] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  189.171130][ T8113] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  189.179161][ T8124] syz.3.768: attempt to access beyond end of device
[  189.179161][ T8124] loop3: rw=0, sector=2065, nr_sectors = 1 limit=128
[  189.179203][ T8124] Buffer I/O error on dev loop3, logical block 2065, async page read
[  189.181776][ T8124] syz.3.768: attempt to access beyond end of device
[  189.181776][ T8124] loop3: rw=0, sector=2066, nr_sectors = 1 limit=128
[  189.229266][ T8129] netlink: 16 bytes leftover after parsing attributes in process `syz.2.774'.
[  189.272940][ T8124] Buffer I/O error on dev loop3, logical block 2066, async page read
[  189.302126][ T8124] syz.3.768: attempt to access beyond end of device
[  189.302126][ T8124] loop3: rw=0, sector=2067, nr_sectors = 1 limit=128
[  189.382751][ T8124] Buffer I/O error on dev loop3, logical block 2067, async page read
[  189.398309][ T8124] syz.3.768: attempt to access beyond end of device
[  189.398309][ T8124] loop3: rw=0, sector=2068, nr_sectors = 1 limit=128
[  189.456786][ T8124] Buffer I/O error on dev loop3, logical block 2068, async page read
[  189.477838][ T8135] loop2: detected capacity change from 0 to 128
[  189.512496][ T8124] syz.3.768: attempt to access beyond end of device
[  189.512496][ T8124] loop3: rw=0, sector=2069, nr_sectors = 1 limit=128
[  189.572909][ T8124] Buffer I/O error on dev loop3, logical block 2069, async page read
[  189.581170][ T8124] syz.3.768: attempt to access beyond end of device
[  189.581170][ T8124] loop3: rw=0, sector=2070, nr_sectors = 1 limit=128
[  189.647763][ T8124] Buffer I/O error on dev loop3, logical block 2070, async page read
[  189.692449][ T8124] syz.3.768: attempt to access beyond end of device
[  189.692449][ T8124] loop3: rw=0, sector=2071, nr_sectors = 1 limit=128
[  189.735784][ T8124] Buffer I/O error on dev loop3, logical block 2071, async page read
[  189.789400][ T8124] syz.3.768: attempt to access beyond end of device
[  189.789400][ T8124] loop3: rw=0, sector=2072, nr_sectors = 1 limit=128
[  189.827284][ T8124] Buffer I/O error on dev loop3, logical block 2072, async page read
[  189.894313][ T8140] loop2: detected capacity change from 0 to 2048
[  189.973333][ T8142] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  190.032112][ T8142] NILFS (loop2): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  190.061301][ T8144] loop3: detected capacity change from 0 to 128
[  190.082309][ T8142] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=4)
[  190.089373][ T8146] netlink: 40 bytes leftover after parsing attributes in process `syz.5.782'.
[  190.124212][ T8142] Remounting filesystem read-only
[  190.136097][ T8144] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  190.168730][ T8131] loop7: detected capacity change from 0 to 32768
[  190.193327][ T8144] ext4 filesystem being mounted at /140/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  190.252437][   T30] audit: type=1800 audit(1751336735.643:24): pid=8131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.775" name="file3" dev="loop7" ino=7 res=0 errno=0
[  190.293136][ T5839] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer
[  190.368907][ T5838] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  190.654403][ T8157] loop0: detected capacity change from 0 to 2048
[  190.733026][ T8157] EXT4-fs (loop0): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.872826][ T8157] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  190.892835][ T8157] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28
[  190.960130][ T8157] EXT4-fs (loop0): This should not happen!! Data will be lost
[  190.960130][ T8157] 
[  190.997503][ T8172] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  191.019000][ T8157] EXT4-fs (loop0): Total free blocks count 0
[  191.055384][ T8172] EXT4-fs (loop0): This should not happen!! Data will be lost
[  191.055384][ T8172] 
[  191.088235][ T8157] EXT4-fs (loop0): Free/Dirty block details
[  191.098781][ T8157] EXT4-fs (loop0): free_blocks=2415919104
[  191.100056][ T8172] EXT4-fs (loop0): Total free blocks count 0
[  191.140602][ T8157] EXT4-fs (loop0): dirty_blocks=48
[  191.310115][ T8183] loop3: detected capacity change from 0 to 16
[  191.325298][ T8183] erofs (device loop3): mounted with root inode @ nid 36.
[  192.007762][ T8203] loop7: detected capacity change from 0 to 1024
[  192.191594][   T12] hfsplus: b-tree write err: -5, ino 4
[  192.203947][ T8209] loop2: detected capacity change from 0 to 128
[  192.216554][ T8210] loop0: detected capacity change from 0 to 512
[  192.270241][ T8209] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  192.340325][ T8210] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.372375][ T8209] ext4 filesystem being mounted at /149/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  192.404358][    C1] vkms_vblank_simulate: vblank timer overrun
[  192.417878][ T8210] ext4 filesystem being mounted at /162/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  192.437604][ T8210] EXT4-fs (loop0): shut down requested (2)
[  192.588657][ T8195] loop5: detected capacity change from 0 to 40427
[  192.620991][ T5835] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.648926][ T5839] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  192.752765][ T8229] netlink: 'syz.7.813': attribute type 4 has an invalid length.
[  192.783485][ T8229] netlink: 17 bytes leftover after parsing attributes in process `syz.7.813'.
[  192.806015][ T8231] netlink: 16 bytes leftover after parsing attributes in process `syz.2.815'.
[  192.861905][ T8236] loop3: detected capacity change from 0 to 256
[  192.902581][ T8195] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  193.041094][ T5827] CPU: 1 UID: 0 PID: 5827 Comm: syz-executor Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) 
[  193.041139][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  193.041154][ T5827] Call Trace:
[  193.041164][ T5827]  <TASK>
[  193.041175][ T5827]  dump_stack_lvl+0x189/0x250
[  193.041224][ T5827]  ? __pfx_dump_stack_lvl+0x10/0x10
[  193.041262][ T5827]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  193.041297][ T5827]  ? __pfx_queue_work_on+0x10/0x10
[  193.041321][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  193.041350][ T5827]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  193.041384][ T5827]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  193.041419][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  193.041447][ T5827]  ? f2fs_hw_is_readonly+0x39b/0x470
[  193.041482][ T5827]  f2fs_handle_critical_error+0x37c/0x540
[  193.041520][ T5827]  f2fs_write_end_io+0x495/0x810
[  193.041553][ T5827]  ? blkg_put+0x22/0x240
[  193.041595][ T5827]  __submit_merged_bio+0x27a/0x6a0
[  193.041630][ T5827]  __submit_merged_write_cond+0x255/0x530
[  193.041667][ T5827]  f2fs_write_data_pages+0x261d/0x3000
[  193.041698][ T5827]  ? __lock_acquire+0xab9/0xd20
[  193.041771][ T5827]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  193.041801][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  193.041885][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  193.041913][ T5827]  ? stack_depot_save_flags+0x40/0x900
[  193.041947][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  193.041990][ T5827]  ? kthread_stop+0x194/0x5f0
[  193.042013][ T5827]  ? kill_f2fs_super+0x137/0x6c0
[  193.042045][ T5827]  ? deactivate_locked_super+0xbc/0x130
[  193.042091][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  193.042119][ T5827]  ? __lock_acquire+0xab9/0xd20
[  193.042183][ T5827]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  193.042218][ T5827]  do_writepages+0x32e/0x550
[  193.042263][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  193.042296][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  193.042323][ T5827]  ? do_raw_spin_unlock+0x122/0x240
[  193.042358][ T5827]  filemap_fdatawrite+0x191/0x230
[  193.042383][ T5827]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  193.042455][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  193.042489][ T5827]  ? do_raw_spin_unlock+0x122/0x240
[  193.042523][ T5827]  f2fs_sync_dirty_inodes+0x31f/0x830
[  193.042577][ T5827]  f2fs_write_checkpoint+0x94a/0x1de0
[  193.042641][ T5827]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  193.042733][ T5827]  ? kill_f2fs_super+0x298/0x6c0
[  193.042775][ T5827]  kill_f2fs_super+0x2c3/0x6c0
[  193.042818][ T5827]  ? __pfx_kill_f2fs_super+0x10/0x10
[  193.042850][ T5827]  ? radix_tree_delete_item+0x2b6/0x400
[  193.042891][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  193.042919][ T5827]  ? shrinker_free+0x2ce/0x3e0
[  193.042953][ T5827]  deactivate_locked_super+0xbc/0x130
[  193.042991][ T5827]  cleanup_mnt+0x425/0x4c0
[  193.043024][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  193.043051][ T5827]  ? lockdep_hardirqs_on+0x9c/0x150
[  193.043091][ T5827]  task_work_run+0x1d4/0x260
[  193.043126][ T5827]  ? __pfx_task_work_run+0x10/0x10
[  193.043161][ T5827]  ? __x64_sys_umount+0x122/0x160
[  193.043207][ T5827]  ? exit_to_user_mode_loop+0x40/0x110
[  193.043248][ T5827]  exit_to_user_mode_loop+0xec/0x110
[  193.043284][ T5827]  do_syscall_64+0x2bd/0x3b0
[  193.043322][ T5827]  ? lockdep_hardirqs_on+0x9c/0x150
[  193.043357][ T5827]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.043380][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  193.043408][ T5827]  ? exc_page_fault+0x9f/0xf0
[  193.043445][ T5827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.043469][ T5827] RIP: 0033:0x7fbf0cd8fc57
[  193.043491][ T5827] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  193.043512][ T5827] RSP: 002b:00007ffc570a5468 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  193.043537][ T5827] RAX: 0000000000000000 RBX: 00007fbf0ce10925 RCX: 00007fbf0cd8fc57
[  193.043554][ T5827] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc570a5520
[  193.043571][ T5827] RBP: 00007ffc570a5520 R08: 0000000000000000 R09: 0000000000000000
[  193.043586][ T5827] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc570a65b0
[  193.043603][ T5827] R13: 00007fbf0ce10925 R14: 000000000002f1a7 R15: 00007ffc570a65f0
[  193.043642][ T5827]  </TASK>
[  193.459720][    C1] vkms_vblank_simulate: vblank timer overrun
[  193.495660][ T5827] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  193.558016][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  193.572733][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  194.160574][ T8253] loop2: detected capacity change from 0 to 32768
[  194.223753][ T8253] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.823 (8253)
[  194.278520][ T8253] BTRFS info (device loop2): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  194.316323][ T8253] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  194.316385][ T8253] BTRFS info (device loop2): using free-space-tree
[  194.482760][ T5914] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  194.654551][ T5914] usb 8-1: Using ep0 maxpacket: 8
[  194.682804][ T8292] netlink: 'syz.3.834': attribute type 12 has an invalid length.
[  194.687405][ T5914] usb 8-1: config 179 has an invalid interface number: 65 but max is 0
[  194.718429][ T8293] loop6: detected capacity change from 0 to 1024
[  194.721935][ T8292] netlink: 9472 bytes leftover after parsing attributes in process `syz.3.834'.
[  194.727951][ T5914] usb 8-1: config 179 has no interface number 0
[  194.763746][ T5914] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  194.769359][ T5839] BTRFS info (device loop2): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  194.818808][ T5914] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  194.885765][ T5914] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  194.914891][ T5914] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  194.988266][ T5914] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  195.042733][ T5914] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  195.051848][ T5914] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.094183][ T8297] loop5: detected capacity change from 0 to 16
[  195.120111][ T8297] erofs (device loop5): mounted with root inode @ nid 36.
[  195.131169][ T8265] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  195.175036][ T8297] overlayfs: failed to get redirect (-117)
[  195.193942][ T8269] loop0: detected capacity change from 0 to 40427
[  195.218230][ T8269] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  195.249991][ T8269] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  195.296640][ T8269] F2FS-fs (loop0): invalid crc value
[  195.499787][ T8308] netlink: 168 bytes leftover after parsing attributes in process `syz.3.842'.
[  195.637736][ T8314] loop6: detected capacity change from 0 to 256
[  195.675386][ T8314] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  195.704834][ T5962] usb 8-1: USB disconnect, device number 5
[  195.704926][    C1] xpad 8-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  195.719118][    C1] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  195.728039][    C1] ==================================================================
[  195.736117][    C1] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x23d/0x290
[  195.739207][ T8314] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  195.743923][    C1] Read of size 4 at addr ffff888031c8805c by task kthreadd/2
[  195.743946][    C1] 
[  195.743961][    C1] CPU: 1 UID: 0 PID: 2 Comm: kthreadd Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) 
[  195.743988][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.744004][    C1] Call Trace:
[  195.744013][    C1]  <IRQ>
[  195.744023][    C1]  dump_stack_lvl+0x189/0x250
[  195.744063][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.744093][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.744121][    C1]  ? __kasan_check_byte+0x12/0x40
[  195.744146][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  195.744183][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.744211][    C1]  ? rcu_is_watching+0x15/0xb0
[  195.744249][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.744278][    C1]  ? lock_release+0x4b/0x3e0
[  195.744314][    C1]  ? __virt_addr_valid+0x1c8/0x5c0
[  195.744339][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.744366][    C1]  ? __virt_addr_valid+0x4a5/0x5c0
[  195.744392][    C1]  print_report+0xd2/0x2b0
[  195.744423][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  195.744449][    C1]  kasan_report+0x118/0x150
[  195.744475][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  195.744506][    C1]  do_raw_spin_lock+0x23d/0x290
[  195.744534][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.744563][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  195.744592][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.744624][    C1]  _raw_spin_lock_irqsave+0xb3/0xf0
[  195.744657][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  195.744687][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.744718][    C1]  ? kcov_remote_stop+0x78/0x6d0
[  195.744752][    C1]  __wake_up_common_lock+0x2f/0x1f0
[  195.744787][    C1]  __usb_hcd_giveback_urb+0x4d7/0x690
[  195.744813][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.744844][    C1]  ? __pfx___usb_hcd_giveback_urb+0x10/0x10
[  195.744871][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.744906][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.744934][    C1]  ? usb_hcd_giveback_urb+0x10e/0x420
[  195.744960][    C1]  dummy_timer+0x862/0x4550
[  195.744984][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.745014][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.745045][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.745079][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.745110][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  195.745146][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.745174][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.745206][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  195.745232][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  195.745255][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  195.745277][    C1]  __hrtimer_run_queues+0x52c/0xc60
[  195.745316][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.745354][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  195.745390][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.745419][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  195.745461][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  195.745486][    C1]  handle_softirqs+0x286/0x870
[  195.745524][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  195.745564][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  195.745603][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.745634][    C1]  __irq_exit_rcu+0xca/0x1f0
[  195.745669][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  195.745708][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.745738][    C1]  irq_exit_rcu+0x9/0x30
[  195.745772][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  195.745806][    C1]  </IRQ>
[  195.745814][    C1]  <TASK>
[  195.745824][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  195.745850][    C1] RIP: 0010:unwind_next_frame+0x1840/0x2390
[  195.745894][    C1] Code: 38 49 8d 7e 08 48 89 f8 48 c1 e8 03 80 3c 28 00 74 05 e8 f3 2e b1 00 4d 8b 6e 08 4d 8d 7e 10 4c 89 f8 48 c1 e8 03 80 3c 28 00 <74> 08 4c 89 ff e8 d6 2e b1 00 49 8b 07 4d 39 e5 0f 96 c1 4c 39 e0
[  195.745915][    C1] RSP: 0018:ffffc900000773b8 EFLAGS: 00000246
[  195.745937][    C1] RAX: 1ffff9200000ee93 RBX: ffffffff902f1401 RCX: 0000000000000001
[  195.745955][    C1] RDX: ffffc900000774c8 RSI: dffffc0000000000 RDI: ffffc90000077490
[  195.745974][    C1] RBP: dffffc0000000000 R08: ffffc90000077f48 R09: ffffc900000774d8
[  195.745992][    C1] R10: dffffc0000000000 R11: fffff5200000ee9d R12: ffffc90000077f58
[  195.746010][    C1] R13: ffffc90000070000 R14: ffffc90000077488 R15: ffffc90000077498
[  195.746041][    C1]  ? unwind_next_frame+0x17c4/0x2390
[  195.746081][    C1]  ? unwind_next_frame+0xa5/0x2390
[  195.746117][    C1]  ? ret_from_fork+0x3fc/0x770
[  195.746154][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  195.746182][    C1]  arch_stack_walk+0x11c/0x150
[  195.746208][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  195.746237][    C1]  stack_trace_save+0x9c/0xe0
[  195.746263][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  195.746290][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.746323][    C1]  kasan_save_track+0x3e/0x80
[  195.746359][    C1]  ? kasan_save_track+0x3e/0x80
[  195.746393][    C1]  ? __kasan_slab_alloc+0x6c/0x80
[  195.746413][    C1]  ? kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  195.746437][    C1]  ? dup_task_struct+0x52/0x860
[  195.746458][    C1]  ? copy_process+0x54b/0x3c00
[  195.746478][    C1]  ? kernel_clone+0x21e/0x870
[  195.746501][    C1]  ? kernel_thread+0x10c/0x160
[  195.746524][    C1]  ? kthreadd+0x575/0x770
[  195.746546][    C1]  ? ret_from_fork+0x3fc/0x770
[  195.746605][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.746635][    C1]  __kasan_slab_alloc+0x6c/0x80
[  195.746659][    C1]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  195.746682][    C1]  ? dup_task_struct+0x52/0x860
[  195.746707][    C1]  dup_task_struct+0x52/0x860
[  195.746729][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.746756][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  195.746791][    C1]  copy_process+0x54b/0x3c00
[  195.746813][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.746845][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.746873][    C1]  ? __switch_to+0x6c0/0x1600
[  195.746907][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.746935][    C1]  ? __lock_acquire+0xab9/0xd20
[  195.746973][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.747003][    C1]  ? __pfx_copy_process+0x10/0x10
[  195.747032][    C1]  ? __pfx_kthread+0x10/0x10
[  195.747057][    C1]  kernel_clone+0x21e/0x870
[  195.747082][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.747110][    C1]  ? rcu_is_watching+0x15/0xb0
[  195.747148][    C1]  ? __pfx_kernel_clone+0x10/0x10
[  195.747171][    C1]  ? __schedule+0x1713/0x4d00
[  195.747215][    C1]  ? __pfx_kthread+0x10/0x10
[  195.747239][    C1]  kernel_thread+0x10c/0x160
[  195.747266][    C1]  ? __pfx_kernel_thread+0x10/0x10
[  195.747290][    C1]  ? __lock_acquire+0xab9/0xd20
[  195.747327][    C1]  ? __pfx_kthread+0x10/0x10
[  195.747357][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.747387][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.747415][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  195.747445][    C1]  kthreadd+0x575/0x770
[  195.747469][    C1]  ? kthreadd+0x30b/0x770
[  195.747493][    C1]  ? __pfx_kthreadd+0x10/0x10
[  195.747517][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.747547][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  195.747578][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.747606][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  195.747638][    C1]  ? __pfx_kthreadd+0x10/0x10
[  195.747662][    C1]  ret_from_fork+0x3fc/0x770
[  195.747698][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  195.747735][    C1]  ? __switch_to_asm+0x39/0x70
[  195.747759][    C1]  ? __switch_to_asm+0x33/0x70
[  195.747783][    C1]  ? __pfx_kthreadd+0x10/0x10
[  195.747807][    C1]  ret_from_fork_asm+0x1a/0x30
[  195.747842][    C1]  </TASK>
[  195.747851][    C1] 
[  196.489387][    C1] Allocated by task 5914:
[  196.493707][    C1]  kasan_save_track+0x3e/0x80
[  196.498397][    C1]  __kasan_kmalloc+0x93/0xb0
[  196.502982][    C1]  __kmalloc_cache_noprof+0x230/0x3d0
[  196.508346][    C1]  xpad_probe+0x428/0x1fc0
[  196.512766][    C1]  usb_probe_interface+0x644/0xbc0
[  196.517870][    C1]  really_probe+0x26d/0x9a0
[  196.522400][    C1]  __driver_probe_device+0x18c/0x2f0
[  196.527681][    C1]  driver_probe_device+0x4f/0x430
[  196.532701][    C1]  __device_attach_driver+0x2ce/0x530
[  196.538157][    C1]  bus_for_each_drv+0x251/0x2e0
[  196.543014][    C1]  __device_attach+0x2b8/0x400
[  196.547773][    C1]  bus_probe_device+0x185/0x260
[  196.552644][    C1]  device_add+0x7b6/0xb50
[  196.556966][    C1]  usb_set_configuration+0x1a87/0x20e0
[  196.562430][    C1]  usb_generic_driver_probe+0x8d/0x150
[  196.567891][    C1]  usb_probe_device+0x1c4/0x390
[  196.572740][    C1]  really_probe+0x26d/0x9a0
[  196.577259][    C1]  __driver_probe_device+0x18c/0x2f0
[  196.582548][    C1]  driver_probe_device+0x4f/0x430
[  196.587567][    C1]  __device_attach_driver+0x2ce/0x530
[  196.592954][    C1]  bus_for_each_drv+0x251/0x2e0
[  196.597808][    C1]  __device_attach+0x2b8/0x400
[  196.602594][    C1]  bus_probe_device+0x185/0x260
[  196.607471][    C1]  device_add+0x7b6/0xb50
[  196.611797][    C1]  usb_new_device+0xa39/0x16c0
[  196.616569][    C1]  hub_event+0x2941/0x4a00
[  196.620997][    C1]  process_scheduled_works+0xae1/0x17b0
[  196.626724][    C1]  worker_thread+0x8a0/0xda0
[  196.631325][    C1]  kthread+0x711/0x8a0
[  196.635394][    C1]  ret_from_fork+0x3fc/0x770
[  196.639993][    C1]  ret_from_fork_asm+0x1a/0x30
[  196.644776][    C1] 
[  196.647086][    C1] Freed by task 5962:
[  196.651048][    C1]  kasan_save_track+0x3e/0x80
[  196.655753][    C1]  kasan_save_free_info+0x46/0x50
[  196.660783][    C1]  __kasan_slab_free+0x62/0x70
[  196.665552][    C1]  kfree+0x18e/0x440
[  196.669457][    C1]  xpad_disconnect+0x350/0x480
[  196.674227][    C1]  usb_unbind_interface+0x26e/0x8f0
[  196.679438][    C1]  device_release_driver_internal+0x4d9/0x7c0
[  196.685505][    C1]  bus_remove_device+0x34d/0x410
[  196.690444][    C1]  device_del+0x511/0x8e0
[  196.694769][    C1]  usb_disable_device+0x3e9/0x8a0
[  196.699798][    C1]  usb_disconnect+0x330/0x910
[  196.704478][    C1]  hub_event+0x1cdb/0x4a00
[  196.708917][    C1]  process_scheduled_works+0xae1/0x17b0
[  196.714480][    C1]  worker_thread+0x8a0/0xda0
[  196.719081][    C1]  kthread+0x711/0x8a0
[  196.723148][    C1]  ret_from_fork+0x3fc/0x770
[  196.727741][    C1]  ret_from_fork_asm+0x1a/0x30
[  196.732501][    C1] 
[  196.734814][    C1] The buggy address belongs to the object at ffff888031c88000
[  196.734814][    C1]  which belongs to the cache kmalloc-1k of size 1024
[  196.748869][    C1] The buggy address is located 92 bytes inside of
[  196.748869][    C1]  freed 1024-byte region [ffff888031c88000, ffff888031c88400)
[  196.762676][    C1] 
[  196.764998][    C1] The buggy address belongs to the physical page:
[  196.771418][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x31c88
[  196.780181][    C1] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  196.788679][    C1] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  196.796312][    C1] page_type: f5(slab)
[  196.800290][    C1] raw: 00fff00000000040 ffff88801a441dc0 dead000000000122 0000000000000000
[  196.808876][    C1] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  196.817469][    C1] head: 00fff00000000040 ffff88801a441dc0 dead000000000122 0000000000000000
[  196.826140][    C1] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  196.834836][    C1] head: 00fff00000000003 ffffea0000c72201 00000000ffffffff 00000000ffffffff
[  196.843507][    C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  196.852172][    C1] page dumped because: kasan: bad access detected
[  196.858591][    C1] page_owner tracks the page as allocated
[  196.864295][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5914, tgid 5914 (kworker/1:5), ts 195160566157, free_ts 195016103717
[  196.885756][    C1]  post_alloc_hook+0x240/0x2a0
[  196.890529][    C1]  get_page_from_freelist+0x21e4/0x22c0
[  196.896083][    C1]  __alloc_frozen_pages_noprof+0x181/0x370
[  196.901900][    C1]  alloc_pages_mpol+0x232/0x4a0
[  196.906754][    C1]  allocate_slab+0x8a/0x3b0
[  196.911263][    C1]  ___slab_alloc+0xbfc/0x1480
[  196.915945][    C1]  __kmalloc_cache_noprof+0x296/0x3d0
[  196.921316][    C1]  xpad_probe+0x428/0x1fc0
[  196.925741][    C1]  usb_probe_interface+0x644/0xbc0
[  196.930850][    C1]  really_probe+0x26d/0x9a0
[  196.935359][    C1]  __driver_probe_device+0x18c/0x2f0
[  196.940665][    C1]  driver_probe_device+0x4f/0x430
[  196.945778][    C1]  __device_attach_driver+0x2ce/0x530
[  196.951151][    C1]  bus_for_each_drv+0x251/0x2e0
[  196.956012][    C1]  __device_attach+0x2b8/0x400
[  196.960775][    C1]  bus_probe_device+0x185/0x260
[  196.965673][    C1] page last free pid 6326 tgid 6326 stack trace:
[  196.971995][    C1]  __free_frozen_pages+0xc71/0xe70
[  196.977115][    C1]  __put_partials+0x161/0x1c0
[  196.981801][    C1]  put_cpu_partial+0x17c/0x250
[  196.986567][    C1]  __slab_free+0x2f7/0x400
[  196.990985][    C1]  qlist_free_all+0x97/0x140
[  196.995617][    C1]  kasan_quarantine_reduce+0x148/0x160
[  197.001097][    C1]  __kasan_slab_alloc+0x22/0x80
[  197.005943][    C1]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  197.011412][    C1]  anon_vma_fork+0xde/0x500
[  197.015920][    C1]  dup_mmap+0x9eb/0x1ac0
[  197.020161][    C1]  copy_mm+0x13c/0x4b0
[  197.024231][    C1]  copy_process+0x1706/0x3c00
[  197.028906][    C1]  kernel_clone+0x21e/0x870
[  197.033405][    C1]  __x64_sys_clone+0x18b/0x1e0
[  197.038166][    C1]  do_syscall_64+0xfa/0x3b0
[  197.042678][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.048570][    C1] 
[  197.050883][    C1] Memory state around the buggy address:
[  197.056507][    C1]  ffff888031c87f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  197.064563][    C1]  ffff888031c87f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  197.072616][    C1] >ffff888031c88000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  197.080667][    C1]                                                     ^
[  197.087599][    C1]  ffff888031c88080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  197.095659][    C1]  ffff888031c88100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  197.103712][    C1] ==================================================================
[  197.112203][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  197.119399][    C1] CPU: 1 UID: 0 PID: 2 Comm: kthreadd Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) 
[  197.130942][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  197.141003][    C1] Call Trace:
[  197.144281][    C1]  <IRQ>
[  197.147121][    C1]  dump_stack_lvl+0x99/0x250
[  197.151725][    C1]  ? __asan_memcpy+0x40/0x70
[  197.156327][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.161539][    C1]  ? __pfx__printk+0x10/0x10
[  197.166141][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.171785][    C1]  panic+0x2db/0x790
[  197.175700][    C1]  ? __pfx_panic+0x10/0x10
[  197.180227][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.185880][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.191518][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  197.197451][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  197.203789][    C1]  ? print_memory_metadata+0x314/0x400
[  197.209256][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  197.214297][    C1]  check_panic_on_warn+0x89/0xb0
[  197.219240][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  197.224268][    C1]  end_report+0x78/0x160
[  197.229211][    C1]  kasan_report+0x129/0x150
[  197.233720][    C1]  ? do_raw_spin_lock+0x23d/0x290
[  197.238759][    C1]  do_raw_spin_lock+0x23d/0x290
[  197.243615][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.249347][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  197.254720][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.260371][    C1]  _raw_spin_lock_irqsave+0xb3/0xf0
[  197.265580][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  197.271487][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.277125][    C1]  ? kcov_remote_stop+0x78/0x6d0
[  197.282076][    C1]  __wake_up_common_lock+0x2f/0x1f0
[  197.287284][    C1]  __usb_hcd_giveback_urb+0x4d7/0x690
[  197.292656][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.298293][    C1]  ? __pfx___usb_hcd_giveback_urb+0x10/0x10
[  197.304189][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.309824][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.315460][    C1]  ? usb_hcd_giveback_urb+0x10e/0x420
[  197.320831][    C1]  dummy_timer+0x862/0x4550
[  197.325343][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.330980][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.336617][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.342257][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.347892][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  197.353301][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.358938][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.364574][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  197.369508][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  197.374441][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  197.379461][    C1]  __hrtimer_run_queues+0x52c/0xc60
[  197.384672][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.390314][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  197.396045][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.401680][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  197.407501][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  197.412613][    C1]  handle_softirqs+0x286/0x870
[  197.417393][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  197.422181][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  197.427489][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.433141][    C1]  __irq_exit_rcu+0xca/0x1f0
[  197.437751][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  197.442966][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.448600][    C1]  irq_exit_rcu+0x9/0x30
[  197.452859][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  197.458542][    C1]  </IRQ>
[  197.461494][    C1]  <TASK>
[  197.464421][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  197.470398][    C1] RIP: 0010:unwind_next_frame+0x1840/0x2390
[  197.476336][    C1] Code: 38 49 8d 7e 08 48 89 f8 48 c1 e8 03 80 3c 28 00 74 05 e8 f3 2e b1 00 4d 8b 6e 08 4d 8d 7e 10 4c 89 f8 48 c1 e8 03 80 3c 28 00 <74> 08 4c 89 ff e8 d6 2e b1 00 49 8b 07 4d 39 e5 0f 96 c1 4c 39 e0
[  197.495970][    C1] RSP: 0018:ffffc900000773b8 EFLAGS: 00000246
[  197.502041][    C1] RAX: 1ffff9200000ee93 RBX: ffffffff902f1401 RCX: 0000000000000001
[  197.510019][    C1] RDX: ffffc900000774c8 RSI: dffffc0000000000 RDI: ffffc90000077490
[  197.517994][    C1] RBP: dffffc0000000000 R08: ffffc90000077f48 R09: ffffc900000774d8
[  197.525969][    C1] R10: dffffc0000000000 R11: fffff5200000ee9d R12: ffffc90000077f58
[  197.533941][    C1] R13: ffffc90000070000 R14: ffffc90000077488 R15: ffffc90000077498
[  197.541925][    C1]  ? unwind_next_frame+0x17c4/0x2390
[  197.547234][    C1]  ? unwind_next_frame+0xa5/0x2390
[  197.552362][    C1]  ? ret_from_fork+0x3fc/0x770
[  197.557142][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  197.563307][    C1]  arch_stack_walk+0x11c/0x150
[  197.568076][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  197.573020][    C1]  stack_trace_save+0x9c/0xe0
[  197.577697][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  197.583159][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.588798][    C1]  kasan_save_track+0x3e/0x80
[  197.593486][    C1]  ? kasan_save_track+0x3e/0x80
[  197.598342][    C1]  ? __kasan_slab_alloc+0x6c/0x80
[  197.603359][    C1]  ? kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  197.609419][    C1]  ? dup_task_struct+0x52/0x860
[  197.614296][    C1]  ? copy_process+0x54b/0x3c00
[  197.619064][    C1]  ? kernel_clone+0x21e/0x870
[  197.623739][    C1]  ? kernel_thread+0x10c/0x160
[  197.628500][    C1]  ? kthreadd+0x575/0x770
[  197.632887][    C1]  ? ret_from_fork+0x3fc/0x770
[  197.637689][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.643411][    C1]  __kasan_slab_alloc+0x6c/0x80
[  197.648262][    C1]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  197.654156][    C1]  ? dup_task_struct+0x52/0x860
[  197.659004][    C1]  dup_task_struct+0x52/0x860
[  197.663674][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.669303][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  197.674509][    C1]  copy_process+0x54b/0x3c00
[  197.679093][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.684730][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.690364][    C1]  ? __switch_to+0x6c0/0x1600
[  197.695063][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.700692][    C1]  ? __lock_acquire+0xab9/0xd20
[  197.705555][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.711192][    C1]  ? __pfx_copy_process+0x10/0x10
[  197.716233][    C1]  ? __pfx_kthread+0x10/0x10
[  197.720830][    C1]  kernel_clone+0x21e/0x870
[  197.725361][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.730996][    C1]  ? rcu_is_watching+0x15/0xb0
[  197.735777][    C1]  ? __pfx_kernel_clone+0x10/0x10
[  197.740797][    C1]  ? __schedule+0x1713/0x4d00
[  197.745493][    C1]  ? __pfx_kthread+0x10/0x10
[  197.750081][    C1]  kernel_thread+0x10c/0x160
[  197.754670][    C1]  ? __pfx_kernel_thread+0x10/0x10
[  197.759778][    C1]  ? __lock_acquire+0xab9/0xd20
[  197.764641][    C1]  ? __pfx_kthread+0x10/0x10
[  197.769231][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.774865][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.780517][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  197.785721][    C1]  kthreadd+0x575/0x770
[  197.789877][    C1]  ? kthreadd+0x30b/0x770
[  197.794206][    C1]  ? __pfx_kthreadd+0x10/0x10
[  197.798877][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.804516][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  197.809719][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  197.815350][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  197.820555][    C1]  ? __pfx_kthreadd+0x10/0x10
[  197.825235][    C1]  ret_from_fork+0x3fc/0x770
[  197.829840][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  197.834970][    C1]  ? __switch_to_asm+0x39/0x70
[  197.839732][    C1]  ? __switch_to_asm+0x33/0x70
[  197.844490][    C1]  ? __pfx_kthreadd+0x10/0x10
[  197.849167][    C1]  ret_from_fork_asm+0x1a/0x30
[  197.853942][    C1]  </TASK>
[  197.857179][    C1] Kernel Offset: disabled
[  197.861507][    C1] Rebooting in 86400 seconds..