last executing test programs:

10m44.767522327s ago: executing program 3 (id=481):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b80)={0x2, 0x2, &(0x7f0000000000)=ANY=[@ANYBLOB="85000000ae0000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, 0x2a}, 0x94)

10m44.043897066s ago: executing program 3 (id=485):
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000008"], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
pselect6(0x2000, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x300}, 0x0, &(0x7f0000000100)={0x8}, 0x0, 0x0)

10m43.136580007s ago: executing program 3 (id=489):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000100000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = epoll_create1(0x80000)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000000c0)={0xe000001a})
pread64(r3, &(0x7f0000001240)=""/102387, 0x18ff3, 0xffffffff8)
finit_module(r3, 0x0, 0x3)
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000))

10m42.256232409s ago: executing program 3 (id=493):
prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='\x00\x00\x00\x00\x00')
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e4000000000000000805000400030000000900020073797a3100000000050005000200000014000300686173683a69702c706f72742c6970000500010007"], 0x4c}, 0x1, 0x0, 0x0, 0x20044095}, 0x8042)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r2, &(0x7f00000001c0)={0x27, 0x0, 0x0, 0x2, 0x0, 0x49, "c46e9fd1a84b7fa0bf2cca6beb9363a680b652a86bcf56a1b9ca5386103a5ccbe47b7b9aa6d8d701a3ba00000000b97800001022f987617c318500", 0x3a}, 0x60)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x48810)
recvmsg(r3, &(0x7f000000c1c0)={0x0, 0x0, &(0x7f000000c080)=[{&(0x7f000000acc0)=""/4089, 0xff9}, {&(0x7f000000bcc0)=""/63, 0x3f}], 0x2}, 0x20)

10m41.55742277s ago: executing program 3 (id=496):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x3c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x3c}}, 0x0)

10m40.668522104s ago: executing program 3 (id=501):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x248}, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r0, 0x6, 0x9, 0x0, &(0x7f0000000040))
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="160000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000bc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r4}, 0x9)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000000)='ceph\x00', 0x0, 0x0, 0x0, r6)

10m25.401303833s ago: executing program 32 (id=501):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x248}, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r0, 0x6, 0x9, 0x0, &(0x7f0000000040))
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="160000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000bc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r4}, 0x9)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000000)='ceph\x00', 0x0, 0x0, 0x0, r6)

5m42.903581665s ago: executing program 5 (id=1744):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000007c0)={0x74, 0x0, &(0x7f0000000600)=[@free_buffer, @decrefs, @reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0xc638d415a1d9549f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40}, @acquire_done], 0x0, 0x0, 0x0})

5m40.671362671s ago: executing program 5 (id=1750):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000100000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = epoll_create1(0x80000)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)={0xe000001a})
pread64(r2, &(0x7f0000001240)=""/102387, 0x18ff3, 0xffffffff8)
finit_module(r2, 0x0, 0x3)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000))

5m33.264660358s ago: executing program 5 (id=1756):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r4=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
pipe(0x0)
io_setup(0x3ff, 0x0)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
close(r0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"})

5m32.368566681s ago: executing program 5 (id=1761):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x8000010}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="662700000000000024001280090001007866726d0000000014000280040003"], 0x44}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

5m31.332640739s ago: executing program 5 (id=1766):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000100000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = epoll_create1(0x80000)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)={0xe000001a})
pread64(r2, &(0x7f0000001240)=""/102387, 0x18ff3, 0xffffffff8)
finit_module(r2, 0x0, 0x3)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000))

5m30.419320942s ago: executing program 5 (id=1770):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$igmp6(0xa, 0x3, 0x2)
clock_nanosleep(0xfffffff2, 0x1, &(0x7f0000000340)={0x0, 0x989680}, 0x0)

5m14.787589491s ago: executing program 33 (id=1770):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$igmp6(0xa, 0x3, 0x2)
clock_nanosleep(0xfffffff2, 0x1, &(0x7f0000000340)={0x0, 0x989680}, 0x0)

4m39.084829346s ago: executing program 0 (id=1895):
syz_mount_image$hpfs(&(0x7f0000009e00), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000680)={[{@chkdsk_always}, {@chkdsk_errors}, {@case_asis}, {@chkdsk_no}, {@err_ro}, {@check_normal}, {@chkdsk_errors}, {@umask={'umask', 0x3d, 0x2}}, {@eas_ro}], [{@euid_lt}, {@appraise}, {@fowner_lt}]}, 0x1, 0x9dc3, &(0x7f0000013cc0)="$eJwEwAMAbQUAwNBs27aXbdu2bS/3ro1s27Zt27a/0blvgPcP8IEBPjjAhwb48AAfGeCjA3xsgI8P8IkBPjnApwb49ACfGeCzA3xugM8P8IUBvjjAlwb48gBfGeCrA3xtgK8P8I0BvjnAtwb49gDfGeC7A3xvgO8P8IMBfjjAjwb48QA/GeCnA/xsgJ8P8IsBfjnArwb49QC/GeC3A/xugN8P8IcB/jjAnwb48wB/GeCvA/xtgL8P8I8B/jnAvwb49wD/GeC/A/xvgEMGOHSAwwY4fIAjBjhygKMGOHqAYwY4doDjBDhugOMFOH6AEwQ4YYATBThxgJMEOGmAkwU4eYBTBDhlgFMFOHWA0wQ4bYDTBTh9gDMEOGOAMwU4c4CzBDhrgLMFOHuAcwQ4Z4BzBTh3gPMEOG+A8wU4f4ALBLhggAsFuHCAiwS4aICLBbh4gEsEuGSASwW4dIDLBEiAywa4XIDLB7hCgCsGuFKAKwe4SoCrBrhagKsHuEaAawa4VoBrB7hOgOsGuF6A6we4QYAbBrhRgBsHuEmAmwa4WYCbB7hFgFsGuFWAWwe4TYDbBrhdgNsHuEOAOwa4U4A7B7hLgLsGuFuAuwe4R4B7BrhXgHsHuE+A+wa4X4D7B3hAgAcGeFCABwd4SICHBnhYgIcHeESARwZ4VIBHB3hMgMcGeFyAxwd4QoAnBnhSgCcHeEqApwZogKcFeHqAZwR4ZoBnBXh2gOcEeG6AgwCDAMMAowDjAJMA0wCzAPMAiwDLAKsA6wCbANsAuwD7AM8L8PwALwjwwgAvCvDiAC8J8NIALwvw8gCvCPDKAK8K8OoArwnw2gCvC/D6AG8I8MYAbwrw5gBvCfDWAG8L8PYA7wjwzgDvCvDuAO8J8N4A7wvw/gAfCPDBAB8K8OEAHwnw0QAfC/DxAJ8I8MkAnwrw6QCfCfDZAJ8L8PkAXwjwxQBfCvDlAF8J8NUAXwvw9QDfCPDNAN8K8O0A3wnw3QDfC/D9AD8I8MMAPwrw4wA/CfDTAD8L8PMAvwjwywC/CvDrAL8J8NsAvwvw+wB/CPDHAH8K8OcAfwnw1wB/C/D3AP8I8M8A/wrw7wD/CfDfAP8LcEiAQwMcFuDwAEcEODLAUQGODnBMgGMDHCfEcUMcL8TxQ5wgxAlDnCjEiUOcJMRJQ5wsxMlDnCLEKUOcKsSpQ5wmxGlDnC7E6UOcIcQZQ5wpxJlDnCXEWUOcLcTZQ5wjxDlDnCvEuUOcJ8R5Q5wvxPlDXCDEBUNcKMSFQ1wkxEVDXCzExUNcIsQlQ1wqxKVDXCZEQlw2xOVCXD7EFUJcMcSVQlw5xFVCXDXE1UJcPcQ1QlwzxLVCXDvEdUJcN8T1Qlw/xA1C3DDEjULcOMRNQtw0xM1C3DzELULcMsStQtw6xG1C3DbE7ULcPsQdQtwxxJ1C3DnEXULcNcTdQtw9xD1C3DPEvULcO8R9Qtw3xP1C3D/EA0I8MMSDQjw4xENCPDTEw0I8PMQjQjwyxKNCPDrEY0I8NsTjQjw+xBNCPDHEk0I8OcRTQjw1REM8LcTTQzwjxDNDPCvEs0M8J8RzQxyEGIQYhhiFGIeYhJiGmIWYh1iEWIZYhViH2ITYhtiF2Id4Xojnh3hBiBeGeFGIF4d4SYiXhnhZiJeHeEWIV4Z4VYhXh3hNiNeGeF2I14d4Q4g3hnhTiDeHeEuIt4Z4W4i3h3hHiHeGeFeId4d4T4j3hnhfiPeH+ECID4b4UIgPh/hIiI+G+FiIj4f4RIhPhvhUiE+H+EyIz4b4XIjPh/hCiC+G+FKIL4f4SoivhvhaiK+H+EaIb4b4Vohvh/hOiO+G+F6I74f4QYgfhvhRiB+H+EmIn4b4WYifh/hFiF+G+FWIX4f4TYjfhvhdiN+H+EOIP4b4U4g/h/hLiL+G+FuIv4f4R4h/hvhXiH+H+E+I/4b4X4hDQhwa4rAQh4c4IsSRIY4KcXSIY0IcG+I4EY4b4XgRjh/hBBFOGOFEEU4c4SQRThrhZBFOHuEUEU4Z4VQRTh3hNBFOG+F0EU4f4QwRzhjhTBHOHOEsEc4a4WwRzh7hHBHOGeFcEc4d4TwRzhvhfBHOH+ECES4Y4UIRLhzhIhEuGuFiES4e4RIRLhnhUhEuHeEyERLhshEuF+HyEa4Q4YoRrhThyhGuEuGqEa4W4eoRrhHhmhGuFeHaEa4T4boRrhfh+hFuEOGGEW4U4cYRbhLhphFuFuHmEW4R4ZYRbhXh1hFuE+G2EW4X4fYR7hDhjhHuFOHOEe4S4a4R7hbh7hHuEeGeEe4V4d4R7hPhvhHuF+H+ER4Q4YERHhThwREeEuGhER4W4eERHhHhkREeFeHRER4T4bERHhfh8RGeEOGJEZ4U4ckRnhLhqREa4WkRnh7hGRGeGeFZEZ4d4TkRnhvhIMIgwjDCKMI4wiTCNMIswjzCIsIywirCOsImwjbCLsI+wvMiPD/CCyK8MMKLIrw4wksivDTCyyK8PMIrIrwywqsivDrCayK8NsLrIrw+whsivDHCmyK8OcJbIrw1wtsivD3COyK8M8K7Irw7wnsivDfC+yK8P8IHInwwwocifDjCRyJ8NMLHInw8wicifDLCpyJ8OsJnInw2wucifD7CFyJ8McKXInw5wlcifDXC1yJ8PcI3InwzwrcifDvCdyJ8N8L3Inw/wg8i/DDCjyL8OMJPIvw0ws8i/DzCLyL8MsKvIvw6wm8i/DbC7yL8PsIfIvwxwp8i/DnCXyL8NcLfIvw9wj8i/DPCvyL8O8J/Ivw3wv8iHBLh0AiHRTg8whERjoxwVISjIxwT4dgIx4lx3BjHi3H8GCeIccIYJ4px4hgniXHSGCeLcfIYp4hxyhininHqGKeJcdoYp4tx+hhniHHGGGeKceYYZ4lx1hhni3H2GOeIcc4Y54px7hjniXHeGOeLcf4YF4hxwRgXinHhGBeJcdEYF4tx8RiXiHHJGJeKcekYl4mRGJeNcbkYl49xhRhXjHGlGFeOcZUYV41xtRhXj3GNGNeMca0Y145xnRjXjXG9GNePcYMYN4xxoxg3jnGTGDeNcbMYN49xixi3jHGrGLeOcZsYt41xuxi3j3GHGHeMcacYd45xlxh3jXG3GHePcY8Y94xxrxj3jnGfGPeNcb8Y94/xgBgPjPGgGA+O8ZAYD43xsBgPj/GIGI+M8agYj47xmBiPjfG4GI+P8YQYT4zxpBhPjvGUGE+N0RhPi/H0GM+I8cwYz4rx7BjPifHcGAcxBjGGMUYxxjEmMaYxZjHmMRYxljFWMdYxNjG2MXYx9jGeF+P5MV4Q44UxXhTjxTFeEuOlMV4W4+UxXhHjlTFeFePVMV4T47UxXhfj9THeEOONMd4U480x3hLjrTHeFuPtMd4R450x3hXj3THeE+O9Md4X4/0xPhDjgzE+FOPDMT4S46MxPhbj4zE+EeOTMT4V49MxPhPjszE+F+PzMb4Q44sxvhTjyzG+EuOrMb4W4+sxvhHjmzG+FePbMb4T47sxvhfj+zF+EOOHMX4U48cxfhLjpzF+FuPnMX4R45cxfhXj1zF+E+O3MX4X4/cx/hDjjzH+FOPPMf4S468x/hbj7zH+EeOfMf4V498x/hPjvzH+F+OQGIfGOCzG4TGOiHFkjKNiHB3jmBjHxjhOguMmOF6C4yc4QYITJjhRghMnOEmCkyY4WYKTJzhFglMmOFWCUyc4TYLTJjhdgtMnOEOCMyY4U4IzJzhLgrMmOFuCsyc4R4JzJjhXgnMnOE+C8yY4X4LzJ7hAggsmuFCCCye4SIKLJrhYgosnuESCSya4VIJLJ7hMgiS4bILLJbh8giskuGKCKyW4coKrJLhqgqsluHqCayS4ZoJrJbh2guskuG6C6yW4foIbJLhhghsluHGCmyS4aYKbJbh5glskuGWCWyW4dYLbJLhtgtsluH2COyS4Y4I7JbhzgrskuGuCuyW4e4J7JLhngnsluHeC+yS4b4L7Jbh/ggckeGCCByV4cIKHJHhogocleHiCRyR4ZIJHJXh0gsckeGyCxyV4fIInJHhigicleHKCpyR4aoImeFqCpyd4RoJnJnhWgmcneE6C5yY4SDBIMEwwSjBOMEkwTTBLME+wSLBMsEqwTrBJsE2wS7BP8LwEz0/wggQvTPCiBC9O8JIEL03wsgQvT/CKBK9M8KoEr07wmgSvTfC6BK9P8IYEb0zwpgRvTvCWBG9N8LYEb0/wjgTvTPCuBO9O8J4E703wvgTvT/CBBB9M8KEEH07wkQQfTfCxBB9P8IkEn0zwqQSfTvCZBJ9N8LkEn0/whQRfTPClBF9O8JUEX03wtQRfT/CNBN9M8K0E307wnQTfTfC9BN9P8IMEP0zwowQ/TvCTBD9N8LMEP0/wiwS/TPCrBL9O8JsEv03wuwS/T/CHBH9M8KcEf07wlwR/TfC3BH9P8I8E/0zwrwT/TvCfBP9N8L8EhyQ4NMFhCQ5PcESCIxMcleDoBMckODbBcVIcN8XxUhw/xQlSnDDFiVKcOMVJUpw0xclSnDzFKVKcMsWpUpw6xWlSnDbF6VKcPsUZUpwxxZlSnDnFWVKcNcXZUpw9xTlSnDPFuVKcO8V5Upw3xflSnD/FBVJcMMWFUlw4xUVSXDTFxVJcPMUlUlwyxaVSXDrFZVIkxWVTXC7F5VNcIcUVU1wpxZVTXCXFVVNcLcXVU1wjxTVTXCvFtVNcJ8V1U1wvxfVT3CDFDVPcKMWNU9wkxU1T3CzFzVPcIsUtU9wqxa1T3CbFbVPcLsXtU9whxR1T3CnFnVPcJcVdU9wtxd1T3CPFPVPcK8W9U9wnxX1T3C/F/VM8IMUDUzwoxYNTPCTFQ1M8LMXDUzwixSNTPCrFo1M8JsVjUzwuxeNTPCHFE1M8KcWTUzwlxVNTNMXTUjw9xTNSPDPFs1I8O8VzUjw3xUGKQYphilGKcYpJimmKWYp5ikWKZYpVinWKTYptil2KfYrnpXh+ihekeGGKF6V4cYqXpHhpipeleHmKV6R4ZYpXpXh1itekeG2K16V4fYo3pHhjijeleHOKt6R4a4q3pXh7inekeGeKd6V4d4r3pHhviveleH+KD6T4YIoPpfhwio+k+GiKj6X4eIpPpPhkik+l+HSKz6T4bIrPpfh8ii+k+GKKL6X4coqvpPhqiq+l+HqKb6T4Zopvpfh2iu+k+G6K76X4foofpPhhih+l+HGKn6T4aYqfpfh5il+k+GWKX6X4dYrfpPhtit+l+H2KP6T4Y4o/pfhzir+k+GuKv6X4e4p/pPhnin+l+HeK/6T4b4r/pTgkxaEpDktxeIojUhyZ4qgUR6c4JsWxKY6T4bgZjpfh+BlOkOGEGU6U4cQZTpLhpBlOluHkGU6R4ZQZTpXh1BlOk+G0GU6X4fQZzpDhjBnOlOHMGc6S4awZzpbh7BnOkeGcGc6V4dwZzpPhvBnOl+H8GS6Q4YIZLpThwhkukuGiGS6W4eIZLpHhkhkuleHSGS6TIRkum+FyGS6f4QoZrpjhShmunOEqGa6a4WoZrp7hGhmumeFaGa6d4ToZrpvhehmun+EGGW6Y4UYZbpzhJhlumuFmGW6e4RYZbpnhVhluneE2GW6b4XYZbp/hDhnumOFOGe6c4S4Z7prhbhnunuEeGe6Z4V4Z7p3hPhnum+F+Ge6f4QEZHpjhQRkenOEhGR6a4WEZHp7hERkemeFRGR6d4TEZHpvhcRken+EJGZ6Y4UkZnpzhKRmemqEZnpbh6RmekeGZGZ6V4dkZnpPhuRkOMgwyDDOMMowzTDJMM8wyzDMsMiwzrDKsM2wybDPsMuwzPC/D8zO8IMMLM7wow4szvCTDSzO8LMPLM7wiwyszvCrDqzO8JsNrM7wuw+szvCHDGzO8KcObM7wlw1szvC3D2zO8I8M7M7wrw7szvCfDezO8L8P7M3wgwwczfCjDhzN8JMNHM3wsw8czfCLDJzN8KsOnM3wmw2czfC7D5zN8IcMXM3wpw5czfCXDVzN8LcPXM3wjwzczfCvDtzN8J8N3M3wvw/cz/CDDDzP8KMOPM/wkw08z/CzDzzP8IsMvM/wqw68z/CbDbzP8LsPvM/whwx8z/CnDnzP8JcNfM/wtw98z/CPDPzP8K8O/M/wnw38z/C/DIRkOzXBYhsMzHJHhyAxHZTg6wzEZjs1wnBzHzXG8HMfPcYIcJ8xxohwnznGSHCfNcbIcJ89xihynzHGqHKfOcZocp81xuhynz3GGHGfMcaYcZ85xlhxnzXG2HGfPcY4c58xxrhznznGeHOfNcb4c589xgRwXzHGhHBfOcZEcF81xsRwXz3GJHJfMcakcl85xmRzJcdkcl8tx+RxXyHHFHFfKceUcV8lx1RxXy3H1HNfIcc0c18px7RzXyXHdHNfLcf0cN8hxwxw3ynHjHDfJcdMcN8tx8xy3yHHLHLfKcesct8lx2xy3y3H7HHfIccccd8px5xx3yXHXHHfLcfcc98hxzxz3ynHvHPfJcd8c98tx/xwPyPHAHA/K8eAcD8nx0BwPy/HwHI/I8cgcj8rx6ByPyfHYHI/L8fgcT8jxxBxPyvHkHE/J8dQczfG0HE/P8Ywcz8zxrBzPzvGcHM/NcZBjkGOYY5RjnGOSY5pjlmOeY5FjmWOVY51jk2ObY5djn+N5OZ6f4wU5XpjjRTlenOMlOV6a42U5Xp7jFTlemeNVOV6d4zU5XpvjdTlen+MNOd6Y40053pzjLTnemuNtOd6e4x053pnjXTneneM9Od6b43053p/jAzk+mONDOT6c4yM5PprjYzk+nuMTOT6Z41M5Pp3jMzk+m+NzOT6f4ws5vpjjSzm+nOMrOb6a42s5vp7jGzm+meNbOb6d4zs5vpvjezm+n+MHOX6Y40c5fpzjJzl+muNnOX6e4xc5fpnjVzl+neM3OX6b43c5fp/jDzn+mONPOf6c4y85/prjbzn+nuMfOf6Z4185/p3jPzn+m+N/OQ7JcWiOw3IcnuOIHEfmOCrH0TmOyXFsjuMUOG6B4xU4foETFDhhgRMVOHGBkxQ4aYGTFTh5gVMUOGWBUxU4dYHTFDhtgdMVOH2BMxQ4Y4EzFThzgbMUOGuBsxU4e4FzFDhngXMVOHeB8xQ4b4HzFTh/gQsUuGCBCxW4cIGLFLhogYsVuHiBSxS4ZIFLFbh0gcsUSIHLFrhcgcsXuEKBKxa4UoErF7hKgasWuFqBqxe4RoFrFrhWgWsXuE6B6xa4XoHrF7hBgRsWuFGBGxe4SYGbFrhZgZsXuEWBWxa4VYFbF7hNgdsWuF2B2xe4Q4E7FrhTgTsXuEuBuxa4W4G7F7hHgXsWuFeBexe4T4H7FrhfgfsXeECBBxZ4UIEHF3hIgYcWeFiBhxd4RIFHFnhUgUcXeEyBxxZ4XIHHF3hCgScWeFKBJxd4SoGnFmiBpxV4eoFnFHhmgWcVeHaB5xR4boGDAoMCwwKjAuMCkwLTArMC8wKLAssCqwLrApsC2wK7AvsCzyvw/AIvKPDCAi8q8OICLynw0gIvK/DyAq8o8MoCryrw6gKvKfDaAq8r8PoCbyjwxgJvKvDmAm8p8NYCbyvw9gLvKPDOAu8q8O4C7ynw3gLvK/D+Ah8o8MECHyrw4QIfKfDRAh8r8PECnyjwyQKfKvDpAp8p8NkCnyvw+QJfKPDFAl8q8OUCXynw1QJfK/D1At8o8M0C3yrw7QLfKfDdAt8r8P0CPyjwwwI/KvDjAj8p8NMCPyvw8wK/KPDLAr8q8OsCvynw2wK/K/D7An8o8McCfyrw5wJ/KfDXAn8r8PcC/yjwzwL/KvDvAv8p8N8C/ytwSIFDCxxW4PACRxQ4ssBRBY4ucEyBYwscp8RxSxyvxPFLnKDECUucqMSJS5ykxElLnKzEyUucosQpS5yqxKlLnKbEaUucrsTpS5yhxBlLnKnEmUucpcRZS5ytxNlLnKPEOUucq8S5S5ynxHlLnK/E+UtcoMQFS1yoxIVLXKTERUtcrMTFS1yixCVLXKrEpUtcpkRKXLbE5UpcvsQVSlyxxJVKXLnEVUpctcTVSly9xDVKXLPEtUpcu8R1Sly3xPVKXL/EDUrcsMSNSty4xE1K3LTEzUrcvMQtStyyxK1K3LrEbUrctsTtSty+xB1K3LHEnUrcucRdSty1xN1K3L3EPUrcs8S9Sty7xH1K3LfE/Urcv8QDSjywxINKPLjEQ0o8tMTDSjy8xCNKPLLEo0o8usRjSjy2xONKPL7EE0o8scSTSjy5xFNKPLVESzytxNNLPKPEM0s8q8SzSzynxHNLHJQYlBiWGJUYl5iUmJaYlZiXWJRYlliVWJfYlNiW2JXYl3heieeXeEGJF5Z4UYkXl3hJiZeWeFmJl5d4RYlXlnhViVeXeE2J15Z4XYnXl3hDiTeWeFOJN5d4S4m3lnhbibeXeEeJd5Z4V4l3l3hPifeWeF+J95f4QIkPlvhQiQ+X+EiJj5b4WImPl/hEiU+W+FSJT5f4TInPlvhcic+X+EKJL5b4Uokvl/hKia+W+FqJr5f4RolvlvhWiW+X+E6J75b4Xonvl/hBiR+W+FGJH5f4SYmflvhZiZ+X+EWJX5b4VYlfl/hNid+W+F2J35f4Q4k/lvhTiT+X+EuJv5b4W4m/l/hHiX+W+FeJf5f4T4n/lvhfiUNKHFrisBKHlziixJEljipxdIljShxb4jgVjlvheBWOX+EEFU5Y4UQVTlzhJBVOWuFkFU5e4RQVTlnhVBVOXeE0FU5b4XQVTl/hDBXOWOFMFc5c4SwVzlrhbBXOXuEcFc5Z4VwVzl3hPBXOW+F8Fc5f4QIVLljhQhUuXOEiFS5a4WIVLl7hEhUuWeFSFS5d4TIVUuGyFS5X4fIVrlDhihWuVOHKFa5S4aoVrlbh6hWuUeGaFa5V4doVrlPhuhWuV+H6FW5Q4YYVblThxhVuUuGmFW5W4eYVblHhlhVuVeHWFW5T4bYVblfh9hXuUOGOFe5U4c4V7lLhrhXuVuHuFe5R4Z4V7lXh3hXuU+G+Fe5X4f4VHlDhgRUeVOHBFR5S4aEVHlbh4RUeUeGRFR5V4dEVHlPhsRUeV+HxFZ5Q4YkVnlThyRWeUuGpFVrhaRWeXuEZFZ5Z4VkVnl3hORWeW+GgwqDCsMKowrjCpMK0wqzCvMKiwrLCqsK6wqbCtsKuwr7C8yo8v8ILKrywwosqvLjCSyq8tMLLKry8wisqvLLCqyq8usJrKry2wusqvL7CGyq8scKbKry5wlsqvLXC2yq8vcI7KryzwrsqvLvCeyq8t8L7Kry/wgcqfLDChyp8uMJHKny0wscqfLzCJyp8ssKnKny6wmcqfLbC5yp8vsIXKnyxwpcqfLnCVyp8tcLXKny9wjcqfLPCtyp8u8J3Kny3wvcqfL/CDyr8sMKPKvy4wk8q/LTCzyr8vMIvKvyywq8q/LrCbyr8tsLvKvy+wh8q/LHCnyr8ucJfKvy1wt8q/L3CPyr8s8K/Kvy7wn8q/LfC/yocUuHQCodVOLzCERWOrHBUhaMrHFPh2ArHqXHcGsercfwaJ6hxwhonqnHiGiepcdIaJ6tx8hqnqHHKGqeqceoap6lx2hqnq3H6GmeoccYaZ6px5hpnqXHWGmercfYa56hxzhrnqnHuGuepcd4a56tx/hoXqHHBGheqceEaF6lx0RoXq3HxGpeocckal6px6RqXqZEal61xuRqXr3GFGlescaUaV65xlRpXrXG1GlevcY0a16xxrRrXrnGdGtetcb0a169xgxo3rHGjGjeucZMaN61xsxo3r3GLGrescasat65xmxq3rXG7GrevcYcad6xxpxp3rnGXGnetcbcad69xjxr3rHGvGveucZ8a961xvxr3r/GAGg+s8aAaD67xkBoPrfGwGg+v8Ygaj6zxqBqPrvGYGo+t8bgaj6/xhBpPrPGkGk+u8ZQaT63RGk+r8fQaz6jxzBrPqvHsGs+p8dwaBzUGNYY1RjXGNSY1pjVmNeY1FjWWNVY11jU2NbY1djX2NZ5X4/k1XlDjhTVeVOPFNV5S46U1Xlbj5TVeUeOVNV5V49U1XlPjtTVeV+P1Nd5Q44013lTjzTXeUuOtNd5W4+013lHjnTXeVePdNd5T47013lfj/TU+UOODNT5U48M1PlLjozU+VuPjNT5R45M1PlXj0zU+U+OzNT5X4/M1vlDjizW+VOPLNb5S46s1vlbj6zW+UeObNb5V49s1vlPjuzW+V+P7NX5Q44c1flTjxzV+UuOnNX5W4+c1flHjlzV+VePXNX5T47c1flfj9zX+UOOPNf5U4881/lLjrzX+VuPvNf5R4581/lXj3zX+U+O/Nf5X45Aah9Y4rMbhNY6ocWSNo2ocXeOYGsfWOE6D4zY4XoPjNzhBgxM2OFGDEzc4SYOTNjhZg5M3OEWDUzY4VYNTNzhNg9M2OF2D0zc4Q4MzNjhTgzM3OEuDszY4W4OzNzhHg3M2OFeDczc4T4PzNjhfg/M3uECDCza4UIMLN7hIg4s2uFiDize4RINLNrhUg0s3uEyDNLhsg8s1uHyDKzS4YoMrNbhyg6s0uGqDqzW4eoNrNLhmg2s1uHaD6zS4boPrNbh+gxs0uGGDGzW4cYObNLhpg5s1uHmDWzS4ZYNbNbh1g9s0uG2D2zW4fYM7NLhjgzs1uHODuzS4a4O7Nbh7g3s0uGeDezW4d4P7NLhvg/s1uH+DBzR4YIMHNXhwg4c0eGiDhzV4eINHNHhkg0c1eHSDxzR4bIPHNXh8gyc0eGKDJzV4coOnNHhqgzZ4WoOnN3hGg2c2eFaDZzd4ToPnNjhoMGgwbDBqMG4waTBtMGswb7BosGywarBusGmwbbBrsG/wvAbPb/CCBi9s8KIGL27wkgYvbfCyBi9v8IoGr2zwqgavbvCaBq9t8LoGr2/whgZvbPCmBm9u8JYGb23wtgZvb/COBu9s8K4G727wngbvbfC+Bu9v8IEGH2zwoQYfbvCRBh9t8LEGH2/wiQafbPCpBp9u8JkGn23wuQafb/CFBl9s8KUGX27wlQZfbfC1Bl9v8I0G32zwrQbfbvCdBt9t8L0G32/wgwY/bPCjBj9u8JMGP23wswY/b/CLBr9s8KsGv27wmwa/bfC7Br9v8IcGf2zwpwZ/bvCXBn9t8LcGf2/wjwb/bPCvBv9u8J8G/23wvwaHNDi0wWENDm9wRIMjGxzV4OgGxzQ4tsFxWhy3xfFaHL/FCVqcsMWJWpy4xUlanLTFyVqcvMUpWpyyxalanLrFaVqctsXpWpy+xRlanLHFmVqcucVZWpy1xdlanL3FOVqcs8W5Wpy7xXlanLfF+Vqcv8UFWlywxYVaXLjFRVpctMXFWly8xSVaXLLFpVpcusVlWqTFZVtcrsXlW1yhxRVbXKnFlVtcpcVVW1ytxdVbXKPFNVtcq8W1W1ynxXVbXK/F9VvcoMUNW9yoxY1b3KTFTVvcrMXNW9yixS1b3KrFrVvcpsVtW9yuxe1b3KHFHVvcqcWdW9ylxV1b3K3F3Vvco8U9W9yrxb1b3KfFfVvcr8X9WzygxQNbPKjFg1s8pMVDWzysxcNbPKLFI1s8qsWjWzymxWNbPK7F41s8ocUTWzypxZNbPKXFU1u0xdNaPL3FM1o8s8WzWjy7xXNaPLfFQYtBi2GLUYtxi0mLaYtZi3mLRYtli1WLdYtNi22LXYt9i+e1eH6LF7R4YYsXtXhxi5e0eGmLl7V4eYtXtHhli1e1eHWL17R4bYvXtXh9ize0eGOLN7V4c4u3tHhri7e1eHuLd7R4Z4t3tXh3i/e0eG+L97V4f4sPtPhgiw+1+HCLj7T4aIuPtfh4i0+0+GSLT7X4dIvPtPhsi8+1+HyLL7T4Yosvtfhyi6+0+GqLr7X4eotvtPhmi2+1+HaL77T4bovvtfh+ix+0+GGLH7X4cYuftPhpi5+1+HmLX7T4ZYtftfh1i9+0+G2L37X4fYs/tPhjiz+1+HOLv7T4a4u/tfh7i3+0+GeLf7X4d4v/tPhvi/+1OKTFoS0Oa3F4iyNaHNniqBZHtzimxbEtjtPhuB2O1+H4HU7Q4YQdTtThxB1O0uGkHU7W4eQdTtHhlB1O1eHUHU7T4bQdTtfh9B3O0OGMHc7U4cwdztLhrB3O1uHsHc7R4ZwdztXh3B3O0+G8Hc7X4fwdLtDhgh0u1OHCHS7S4aIdLtbh4h0u0eGSHS7V4dIdLtMhHS7b4XIdLt/hCh2u2OFKHa7c4Sodrtrhah2u3uEaHa7Z4Vodrt3hOh2u2+F6Ha7f4QYdbtjhRh1u3OEmHW7a4WYdbt7hFh1u2eFWHW7d4TYdbtvhdh1u3+EOHe7Y4U4d7tzhLh3u2uFuHe7e4R4d7tnhXh3u3eE+He7b4X4d7t/hAR0e2OFBHR7c4SEdHtrhYR0e3uERHR7Z4VEdHt3hMR0e2+FxHR7f4QkdntjhSR2e3OEpHZ7aoR2e1uHpHZ7R4ZkdntXh2R2e0+G5HQ46DDoMO4w6jDtMOkw7zDrMOyw6LDusOqw7bDpsO+w67Ds8r8PzO7ygwws7vKjDizu8pMNLO7ysw8s7vKLDKzu8qsOrO7ymw2s7vK7D6zu8ocMbO7ypw5s7vKXDWzu8rcPbO7yjwzs7vKvDuzu8p8N7O7yvw/s7fKDDBzt8qMOHO3ykw0c7fKzDxzt8osMnO3yqw6c7fKbDZzt8rsPnO3yhwxc7fKnDlzt8pcNXO3ytw9c7fKPDNzt8q8O3O3ynw3c7fK/D9zv8oMMPO/yow487/KTDTzv8rMPPO/yiwy87/KrDrzv8psNvO/yuw+87/KHDHzv8qcOfO/ylw187/K3D3zv8o8M/O/yrw787/KfDfzv8r8MhHQ7tcFiHwzsc0eHIDkd1OLrDMR2O7XCcHsftcbwex+9xgh4n7HGiHifucZIeJ+1xsh4n73GKHqfscaoep+5xmh6n7XG6HqfvcYYeZ+xxph5n7nGWHmftcbYeZ+9xjh7n7HGuHufucZ4e5+1xvh7n73GBHhfscaEeF+5xkR4X7XGxHhfvcYkel+xxqR6X7nGZHulx2R6X63H5HlfoccUeV+px5R5X6XHVHlfrcfUe1+hxzR7X6nHtHtfpcd0e1+tx/R436HHDHjfqceMeN+lx0x4363HzHrfoccset+px6x636XHbHrfrcfsed+hxxx536nHnHnfpcdced+tx9x736HHPHvfqce8e9+lx3x7363H/Hg/o8cAeD+rx4B4P6fHQHg/r8fAej+jxyB6P6vHoHo/p8dgej+vx+B5P6PHEHk/q8eQeT+nx1B7t8bQeT+/xjB7P7PGsHs/u8Zwez+1x0GPQY9hj1GPcY9Jj2mPWY95j0WPZY9Vj3WPTY9tj12Pf43k9nt/jBT1e2ONFPV7c4yU9XtrjZT1e3uMVPV7Z41U9Xt3jNT1e2+N1PV7f4w093tjjTT3e3OMtPd7a42093t7jHT3e2eNdPd7d4z093tvj/wTAAwBtBQDA0Gzbtpdt27ZtL9t810a2bdu27fpG574B3j/ABwb44AAfGuDDA3xkgI8O8LEBPj7AJwb45ACfGuDTA3xmgM8O8LkBPj/AFwb44gBfGuDLA3xlgK8O8LUBvj7ANwb45gDfGuDbA3xngO8O8L0Bvj/ADwb44QA/GuDHA/xkgJ8O8LMBfj7ALwb45QC/GuDXA/xmgN8O8LsBfj/AHwb44wB/GuDPA/xlgL8O8LcB/j7APwb45wD/GuDfA/xngP8O8L8BDhng0AEOG+DwAY4Y4MgBjhrg6AGOGeDYAY4T4LgBjhfg+AFOEOCEAU4U4MQBThLgpAFOFuDkAU4R4JQBThXg1AFOE+C0AU4X4PQBzhDgjAHOFODMAc4S4KwBzhbg7AHOEeCcAc4V4NwBzhPgvAHOF+D8AS4Q4IIBLhTgwgEuEuCiAS4W4OIBLhHgkgEuFeDSAS4TIAEuG+ByAS4f4AoBrhjgSgGuHOAqAa4a4GoBrh7gGgGuGeBaAa4d4DoBrhvgegGuH+AGAW4Y4EYBbhzgJgFuGuBmAW4e4BYBbhngVgFuHeA2AW4b4HYBbh/gDgHuGOBOAe4c4C4B7hrgbgHuHuAeAe4Z4F4B7h3gPgHuG+B+Ae4f4AEBHhjgQQEeHOAhAR4a4GEBHh7gEQEeGeBRAR4d4DEBHhvgcQEeH+AJAZ4Y4EkBnhzgKQGeGqABnhbg6QGeEeCZAZ4V4NkBnhPguQGeF+D5AV4Q4IUBXhTgxQFeEuClAV4W4OUBXhHglQFeFeDVAV4T4LUBDgIMAgwDjAKMA0wCTAPMAswDLAIsA6wCrANsAmwD7ALsA7wuwOsDvCHAGwO8KcCbA7wlwFsDvC3A2wO8I8A7A7wrwLsDvCfAewO8L8D7A3wgwAcDfCjAhwN8JMBHA3wswMcDfCLAJwN8KsCnA3wmwGcDfC7A5wN8IcAXA3wpwJcDfCXAVwN8LcDXA3wjwDcDfCvAtwN8J8B3A3wvwPcD/CDADwP8KMCPA/wkwE8D/CzAzwP8IsAvA/wqwK8D/CbAbwP8LsDvA/whwB8D/CnAnwP8JcBfA/wtwN8D/CPAPwP8K8C/A/wnwH8D/C/AIQEODXBYgMMDHBHgyABHBTg6wDEBjg1wnBDHDXG8EMcPcYIQJwxxohAnDnGSECcNcbIQJw9xihCnDHGqEKcOcZoQpw1xuhCnD3GGEGcMcaYQZw5xlhBnDXG2EGcPcY4Q5wxxrhDnDnGeEOcNcb4Q5w9xgRAXDHGhEBcOcZEQFw1xsRAXD3GJEJcMcakQlw5xmRAJcdkQlwtx+RBXCHHFEFcKceUQVwlx1RBXC3H1ENcIcc0Q1wpx7RDXCXHdENcLcf0QNwhxwxA3CnHjEDcJcdMQNwtx8xC3CHHLELcKcesQtwlx2xC3C3H7EHcIcccQdwpx5xB3CXHXEHcLcfcQ9whxzxD3CnHvEPcJcd8Q9wtx/xAPCPHAEA8K8eAQDwnx0BAPC/HwEI8I8cgQjwrx6BCPCfHYEI8L8fgQTwjxxBBPCvHkEE8J8dQQDfG0EE8P8YwQzwzxrBDPDvGcEM8N8bwQzw/xghAvDPGiEC8O8ZIQLw3xshAvD/GKEK8M8aoQrw7xmhCvDXEQYhBiGGIUYhxiEmIaYhZiHmIRYhliFWIdYhNiG2IXYh/idSFeH+INId4Y4k0h3hziLSHeGuJtId4e4h0h3hniXSHeHeI9Id4b4n0h3h/iAyE+GOJDIT4c4iMhPhriYyE+HuITIT4Z4lMhPh3iMyE+G+JzIT4f4gshvhjiSyG+HOIrIb4a4mshvh7iGyG+GeJbIb4d4jshvhvieyG+H+IHIX4Y4kchfhziJyF+GuJnIX4e4hchfhniVyF+HeI3IX4b4nchfh/iDyH+GOJPIf4c4i8h/hribyH+HuIfIf4Z4l8h/h3iPyH+G+J/IQ4JcWiIw0IcHuKIEEeGOCrE0SGOCXFsiONEOG6E40U4foQTRDhhhBNFOHGEk0Q4aYSTRTh5hFNEOGWEU0U4dYTTRDhthNNFOH2EM0Q4Y4QzRThzhLNEOGuEs0U4e4RzRDhnhHNFOHeE80Q4b4TzRTh/hAtEuGCEC0W4cISLRLhohItFuHiES0S4ZIRLRbh0hMtESITLRrhchMtHuEKEK0a4UoQrR7hKhKtGuFqEq0e4RoRrRrhWhGtHuE6E60a4XoTrR7hBhBtGuFGEG0e4SYSbRrhZhJtHuEWEW0a4VYRbR7hNhNtGuF2E20e4Q4Q7RrhThDtHuEuEu0a4W4S7R7hHhHtGuFeEe0e4T4T7RrhfhPtHeECEB0Z4UIQHR3hIhIdGeFiEh0d4RIRHRnhUhEdHeEyEx0Z4XITHR3hChCdGeFKEJ0d4SoSnRmiEp0V4eoRnRHhmhGdFeHaE50R4boTnRXh+hBdEeGGEF0V4cYSXRHhphJdFeHmEV0R4ZYRXRXh1hNdEeG2EgwiDCMMIowjjCJMI0wizCPMIiwjLCKsI6wibCNsIuwj7CK+L8PoIb4jwxghvivDmCG+J8NYIb4vw9gjviPDOCO+K8O4I74nw3gjvi/D+CB+I8MEIH4rw4QgfifDRCB+L8PEIn4jwyQifivDpCJ+J8NkIn4vw+QhfiPDFCF+K8OUIX4nw1Qhfi/D1CN+I8M0I34rw7QjfifDdCN+L8P0IP4jwwwg/ivDjCD+J8NMIP4vw8wi/iPDLCL+K8OsIv4nw2wi/i/D7CH+I8McIf4rw5wh/ifDXCH+L8PcI/4jwzwj/ivDvCP+J8N8I/4twSIRDIxwW4fAIR0Q4MsJREY6OcEyEYyMcJ8ZxYxwvxvFjnCDGCWOcKMaJY5wkxkljnCzGyWOcIsYpY5wqxqljnCbGaWOcLsbpY5whxhljnCnGmWOcJcZZY5wtxtljnCPGOWOcK8a5Y5wnxnljnC/G+WNcIMYFY1woxoVjXCTGRWNcLMbFY1wixiVjXCrGpWNcJkZiXDbG5WJcPsYVYlwxxpViXDnGVWJcNcbVYlw9xjViXDPGtWJcO8Z1Ylw3xvViXD/GDWLcMMaNYtw4xk1i3DTGzWLcPMYtYtwyxq1i3DrGbWLcNsbtYtw+xh1i3DHGnWLcOcZdYtw1xt1i3D3GPWLcM8a9Ytw7xn1i3DfG/WLcP8YDYjwwxoNiPDjGQ2I8NMbDYjw8xiNiPDLGo2I8OsZjYjw2xuNiPD7GE2I8McaTYjw5xlNiPDVGYzwtxtNjPCPGM2M8K8azYzwnxnNjPC/G82O8IMYLY7woxotjvCTGS2O8LMbLY7wixitjvCrGq2O8JsZrYxzEGMQYxhjFGMeYxJjGmMWYx1jEWMZYxVjH2MTYxtjF2Md4XYzXx3hDjDfGeFOMN8d4S4y3xnhbjLfHeEeMd8Z4V4x3x3hPjPfGeF+M98f4QIwPxvhQjA/H+EiMj8b4WIyPx/hEjE/G+FSMT8f4TIzPxvhcjM/H+EKML8b4Uowvx/hKjK/G+FqMr8f4RoxvxvhWjG/H+E6M78b4Xozvx/hBjB/G+FGMH8f4SYyfxvhZjJ/H+EWMX8b4VYxfx/hNjN/G+F2M38f4Q4w/xvhTjD/H+EuMv8b4W4y/x/hHjH/G+FeMf8f4T4z/xvhfjENiHBrjsBiHxzgixpExjopxdIxjYhwb4zgJjpvgeAmOn+AECU6Y4EQJTpzgJAlOmuBkCU6e4BQJTpngVAlOneA0CU6b4HQJTp/gDAnOmOBMCc6c4CwJzprgbAnOnuAcCc6Z4FwJzp3gPAnOm+B8Cc6f4AIJLpjgQgkunOAiCS6a4GIJLp7gEgkumeBSCS6d4DIJkuCyCS6X4PIJrpDgigmulODKCa6S4KoJrpbg6gmukeCaCa6V4NoJrpPgugmul+D6CW6Q4IYJbpTgxglukuCmCW6W4OYJbpHglgluleDWCW6T4LYJbpfg9gnukOCOCe6U4M4J7pLgrgnuluDuCe6R4J4J7pXg3gnuk+C+Ce6X4P4JHpDggQkelODBCR6S4KEJHpbg4QkekeCRCR6V4NEJHpPgsQkel+DxCZ6Q4IkJnpTgyQmekuCpCZrgaQmenuAZCZ6Z4FkJnp3gOQmem+B5CZ6f4AUJXpjgRQlenOAlCV6a4GUJXp7gFQlemeBVCV6d4DUJXpvgIMEgwTDBKME4wSTBNMEswTzBIsEywSrBOsEmwTbBLsE+wesSvD7BGxK8McGbErw5wVsSvDXB2xK8PcE7ErwzwbsSvDvBexK8N8H7Erw/wQcSfDDBhxJ8OMFHEnw0wccSfDzBJxJ8MsGnEnw6wWcSfDbB5xJ8PsEXEnwxwZcSfDnBVxJ8NcHXEnw9wTcSfDPBtxJ8O8F3Enw3wfcSfD/BDxL8MMGPEvw4wU8S/DTBzxL8PMEvEvwywa8S/DrBbxL8NsHvEvw+wR8S/DHBnxL8OcFfEvw1wd8S/D3BPxL8M8G/Evw7wX8S/DfB/xIckuDQBIclODzBEQmOTHBUgqMTHJPg2ATHSXHcFMdLcfwUJ0hxwhQnSnHiFCdJcdIUJ0tx8hSnSHHKFKdKceoUp0lx2hSnS3H6FGdIccYUZ0px5hRnSXHWFGdLcfYU50hxzhTnSnHuFOdJcd4U50tx/hQXSHHBFBdKceEUF0lx0RQXS3HxFJdIcckUl0px6RSXSZEUl01xuRSXT3GFFFdMcaUUV05xlRRXTXG1FFdPcY0U10xxrRTXTnGdFNdNcb0U109xgxQ3THGjFDdOcZMUN01xsxQ3T3GLFLdMcasUt05xmxS3TXG7FLdPcYcUd0xxpxR3TnGXFHdNcbcUd09xjxT3THGvFPdOcZ8U901xvxT3T/GAFA9M8aAUD07xkBQPTfGwFA9P8YgUj0zxqBSPTvGYFI9N8bgUj0/xhBRPTPGkFE9O8ZQUT03RFE9L8fQUz0jxzBTPSvHsFM9J8dwUz0vx/BQvSPHCFC9K8eIUL0nx0hQvS/HyFK9I8coUr0rx6hSvSfHaFAcpBimGKUYpxikmKaYpZinmKRYplilWKdYpNim2KXYp9ilel+L1Kd6Q4o0p3pTizSnekuKtKd6W4u0p3pHinSneleLdKd6T4r0p3pfi/Sk+kOKDKT6U4sMpPpLioyk+luLjKT6R4pMpPpXi0yk+k+KzKT6X4vMpvpDiiym+lOLLKb6S4qspvpbi6ym+keKbKb6V4tspvpPiuym+l+L7KX6Q4ocpfpTixyl+kuKnKX6W4ucpfpHilyl+leLXKX6T4rcpfpfi9yn+kOKPKf6U4s8p/pLiryn+luLvKf6R4p8p/pXi3yn+k+K/Kf6X4pAUh6Y4LMXhKY5IcWSKo1IcneKYFMemOE6G42Y4XobjZzhBhhNmOFGGE2c4SYaTZjhZhpNnOEWGU2Y4VYZTZzhNhtNmOF2G02c4Q4YzZjhThjNnOEuGs2Y4W4azZzhHhnNmOFeGc2c4T4bzZjhfhvNnuECGC2a4UIYLZ7hIhotmuFiGi2e4RIZLZrhUhktnuEyGZLhshstluHyGK2S4YoYrZbhyhqtkuGqGq2W4eoZrZLhmhmtluHaG62S4bobrZbh+hhtkuGGGG2W4cYabZLhphptluHmGW2S4ZYZbZbh1httkuG2G22W4fYY7ZLhjhjtluHOGu2S4a4a7Zbh7hntkuGeGe2W4d4b7ZLhvhvtluH+GB2R4YIYHZXhwhodkeGiGh2V4eIZHZHhkhkdleHSGx2R4bIbHZXh8hidkeGKGJ2V4coanZHhqhmZ4WoanZ3hGhmdmeFaGZ2d4TobnZnhehudneEGGF2Z4UYYXZ3hJhpdmeFmGl2d4RYZXZnhVhldneE2G12Y4yDDIMMwwyjDOMMkwzTDLMM+wyLDMsMqwzrDJsM2wy7DP8LoMr8/whgxvzPCmDG/O8JYMb83wtgxvz/CODO/M8K4M787wngzvzfC+DO/P8IEMH8zwoQwfzvCRDB/N8LEMH8/wiQyfzPCpDJ/O8JkMn83wuQyfz/CFDF/M8KUMX87wlQxfzfC1DF/P8I0M38zwrQzfzvCdDN/N8L0M38/wgww/zPCjDD/O8JMMP83wsww/z/CLDL/M8KsMv87wmwy/zfC7DL/P8IcMf8zwpwx/zvCXDH/N8LcMf8/wjwz/zPCvDP/O8J8M/83wvwyHZDg0w2EZDs9wRIYjMxyV4egMx2Q4NsNxchw3x/FyHD/HCXKcMMeJcpw4x0lynDTHyXKcPMcpcpwyx6lynDrHaXKcNsfpcpw+xxlynDHHmXKcOcdZcpw1x9lynD3HOXKcM8e5cpw7x3lynDfH+XKcP8cFclwwx4VyXDjHRXJcNMfFclw8xyVyXDLHpXJcOsdlciTHZXNcLsflc1whxxVzXCnHlXNcJcdVc1wtx9VzXCPHNXNcK8e1c1wnx3VzXC/H9XPcIMcNc9wox41z3CTHTXPcLMfNc9wixy1z3CrHrXPcJsdtc9wux+1z3CHHHXPcKcedc9wlx11z3C3H3XPcI8c9c9wrx71z3CfHfXPcL8f9czwgxwNzPCjHg3M8JMdDczwsx8NzPCLHI3M8Ksejczwmx2NzPC7H43M8IccTczwpx5NzPCXHU3M0x9NyPD3HM3I8M8ezcjw7x3NyPDfH83I8P8cLcrwwx4tyvDjHS3K8NMfLcrw8xytyvDLHq3K8Osdrcrw2x0GOQY5hjlGOcY5JjmmOWY55jkWOZY5VjnWOTY5tjl2OfY7X5Xh9jjfkeGOON+V4c4635HhrjrfleHuOd+R4Z4535Xh3jvfkeG+O9+V4f44P5Phgjg/l+HCOj+T4aI6P5fh4jk/k+GSOT+X4dI7P5Phsjs/l+HyOL+T4Yo4v5fhyjq/k+GqOr+X4eo5v5Phmjm/l+HaO7+T4bo7v5fh+jh/k+GGOH+X4cY6f5Phpjp/l+HmOX+T4ZY5f5fh1jt/k+G2O3+X4fY4/5Phjjj/l+HOOv+T4a46/5fh7jn/k+GeOf+X4d47/5Phvjv/lOCTHoTkOy3F4jiNyHJnjqBxH5zgmx7E5jlPguAWOV+D4BU5Q4IQFTlTgxAVOUuCkBU5W4OQFTlHglAVOVeDUBU5T4LQFTlfg9AXOUOCMBc5U4MwFzlLgrAXOVuDsBc5R4JwFzlXg3AXOU+C8Bc5X4PwFLlDgggUuVODCBS5S4KIFLlbg4gUuUeCSBS5V4NIFLlMgBS5b4HIFLl/gCgWuWOBKBa5c4CoFrlrgagWuXuAaBa5Z4FoFrl3gOgWuW+B6Ba5f4AYFbljgRgVuXOAmBW5a4GYFbl7gFgVuWeBWBW5d4DYFblvgdgVuX+AOBe5Y4E4F7lzgLgXuWuBuBe5e4B4F7lngXgXuXeA+Be5b4H4F7l/gAQUeWOBBBR5c4CEFHlrgYQUeXuARBR5Z4FEFHl3gMQUeW+BxBR5f4AkFnljgSQWeXOApBZ5aoAWeVuDpBZ5R4JkFnlXg2QWeU+C5BZ5X4PkFXlDghQVeVODFBV5S4KUFXlbg5QVeUeCVBV5V4NUFXlPgtQUOCgwKDAuMCowLTApMC8wKzAssCiwLrAqsC2wKbAvsCuwLvK7A6wu8ocAbC7ypwJsLvKXAWwu8rcDbC7yjwDsLvKvAuwu8p8B7C7yvwPsLfKDABwt8qMCHC3ykwEcLfKzAxwt8osAnC3yqwKcLfKbAZwt8rsDnC3yhwBcLfKnAlwt8pcBXC3ytwNcLfKPANwt8q8C3C3ynwHcLfK/A9wv8oMAPC/yowI8L/KTATwv8rMDPC/yiwC8L/KrArwv8psBvC/yuwO8L/KHAHwv8qcCfC/ylwF8L/K3A3wv8o8A/C/yrwL8L/KfAfwv8r8AhBQ4tcFiBwwscUeDIAkcVOLrAMQWOLXCcEsctcbwSxy9xghInLHGiEicucZISJy1xshInL3GKEqcscaoSpy5xmhKnLXG6EqcvcYYSZyxxphJnLnGWEmctcbYSZy9xjhLnLHGuEucucZ4S5y1xvhLnL3GBEhcscaESFy5xkRIXLXGxEhcvcYkSlyxxqRKXLnGZEilx2RKXK3H5ElcoccUSVypx5RJXKXHVElcrcfUS1yhxzRLXKnHtEtcpcd0S1ytx/RI3KHHDEjcqceMSNylx0xI3K3HzErcoccsStypx6xK3KXHbErcrcfsSdyhxxxJ3KnHnEncpcdcSdytx9xL3KHHPEvcqce8S9ylx3xL3K3H/Eg8o8cASDyrx4BIPKfHQEg8r8fASjyjxyBKPKvHoEo8p8dgSjyvx+BJPKPHEEk8q8eQSTynx1BIt8bQSTy/xjBLPLPGsEs8u8ZwSzy3xvBLPL/GCEi8s8aISLy7xkhIvLfGyEi8v8YoSryzxqhKvLvGaEq8tcVBiUGJYYlRiXGJSYlpiVmJeYlFiWWJVYl1iU2JbYldiX+J1JV5f4g0l3ljiTSXeXOItJd5a4m0l3l7iHSXeWeJdJd5d4j0l3lvifSXeX+IDJT5Y4kMlPlziIyU+WuJjJT5e4hMlPlniUyU+XeIzJT5b4nMlPl/iCyW+WOJLJb5c4islvlriayW+XuIbJb5Z4lslvl3iOyW+W+J7Jb5f4gclfljiRyV+XOInJX5a4mclfl7iFyV+WeJXJX5d4jclflvidyV+X+IPJf5Y4k8l/lziLyX+WuJvJf5e4h8l/lniXyX+XeI/Jf5b4n8lDilxaInDShxe4ogSR5Y4qsTRJY4pcWyJ41Q4boXjVTh+hRNUOGGFE1U4cYWTVDhphZNVOHmFU1Q4ZYVTVTh1hdNUOG2F01U4fYUzVDhjhTNVOHOFs1Q4a4WzVTh7hXNUOGeFc1U4d4XzVDhvhfNVOH+FC1S4YIULVbhwhYtUuGiFi1W4eIVLVLhkhUtVuHSFy1RIhctWuFyFy1e4QoUrVrhShStXuEqFq1a4WoWrV7hGhWtWuFaFa1e4ToXrVrhehetXuEGFG1a4UYUbV7hJhZtWuFmFm1e4RYVbVrhVhVtXuE2F21a4XYXbV7hDhTtWuFOFO1e4S4W7VrhbhbtXuEeFe1a4V4V7V7hPhftWuF+F+1d4QIUHVnhQhQdXeEiFh1Z4WIWHV3hEhUdWeFSFR1d4TIXHVnhchcdXeEKFJ1Z4UoUnV3hKhadWaIWnVXh6hWdUeGaFZ1V4doXnVHhuhedVeH6FF1R4YYUXVXhxhZdUeGmFl1V4eYVXVHhlhVdVeHWF11R4bYWDCoMKwwqjCuMKkwrTCrMK8wqLCssKqwrrCpsK2wq7CvsKr6vw+gpvqPDGCm+q8OYKb6nw1gpvq/D2Cu+o8M4K76rw7grvqfDeCu+r8P4KH6jwwQofqvDhCh+p8NEKH6vw8QqfqPDJCp+q8OkKn6nw2Qqfq/D5Cl+o8MUKX6rw5QpfqfDVCl+r8PUK36jwzQrfqvDtCt+p8N0K36vw/Qo/qPDDCj+q8OMKP6nw0wo/q/DzCr+o8MsKv6rw6wq/qfDbCr+r8PsKf6jwxwp/qvDnCn+p8NcKf6vw9wr/qPDPCv+q8O8K/6nw3wr/q3BIhUMrHFbh8ApHVDiywlEVjq5wTIVjKxynxnFrHK/G8WucoMYJa5yoxolrnKTGSWucrMbJa5yixilrnKrGqWucpsZpa5yuxulrnKHGGWucqcaZa5ylxllrnK3G2Wuco8Y5a5yrxrlrnKfGeWucr8b5a1ygxgVrXKjGhWtcpMZFa1ysxsVrXKLGJWtcqsala1ymRmpctsblaly+xhVqXLHGlWpcucZValy1xtVqXL3GNWpcs8a1aly7xnVqXLfG9Wpcv8YNatywxo1q3LjGTWrctMbNaty8xi1q3LLGrWrcusZtaty2xu1q3L7GHWrcscadaty5xl1q3LXG3WrcvcY9atyzxr1q3LvGfWrct8b9aty/xgNqPLDGg2o8uMZDajy0xsNqPLzGI2o8ssajajy6xmNqPLbG42o8vsYTajyxxpNqPLnGU2o8tUZrPK3G02s8o8YzazyrxrNrPKfGc2s8r8bza7ygxgtrvKjGi2u8pMZLa7ysxstrvKLGK2u8qsara7ymxmtrHNQY1BjWGNUY15jUmNaY1ZjXWNRY1ljVWNfY1NjW2NXY13hdjdfXeEONN9Z4U40313hLjbfWeFuNt9d4R4131nhXjXfXeE+N99Z4X4331/hAjQ/W+FCND9f4SI2P1vhYjY/X+ESNT9b4VI1P1/hMjc/W+FyNz9f4Qo0v1vhSjS/X+EqNr9b4Wo2v1/hGjW/W+FaNb9f4To3v1vheje/X+EGNH9b4UY0f1/hJjZ/W+FmNn9f4RY1f1vhVjV/X+E2N39b4XY3f1/hDjT/W+FONP9f4S42/1vhbjb/X+EeNf9b4V41/1/hPjf/W+F+NQ2ocWuOwGofXOKLGkTWOqnF0jWNqHFvjOA2O2+B4DY7f4AQNTtjgRA1O3OAkDU7a4GQNTt7gFA1O2eBUDU7d4DQNTtvgdA1O3+AMDc7Y4EwNztzgLA3O2uBsDc7e4BwNztngXA3O3eA8Dc7b4HwNzt/gAg0u2OBCDS7c4CINLtrgYg0u3uASDS7Z4FINLt3gMg3S4LINLtfg8g2u0OCKDa7U4MoNrtLgqg2u1uDqDa7R4JoNrtXg2g2u0+C6Da7X4PoNbtDghg1u1ODGDW7S4KYNbtbg5g1u0eCWDW7V4NYNbtPgtg1u1+D2De7Q4I4N7tTgzg3u0uCuDe7W4O4N7tHgng3u1eDeDe7T4L4N7tfg/g0e0OCBDR7U4MENHtLgoQ0e1uDhDR7R4JENHtXg0Q0e0+CxDR7X4PENntDgiQ2e1ODJDZ7S4KkN2uBpDZ7e4BkNntngWQ2e3eA5DZ7b4HkNnt/gBQ1e2OBFDV7c4CUNXtrgZQ1e3uAVDV7Z4FUNXt3gNQ1e2+CgwaDBsMGowbjBpMG0wazBvMGiwbLBqsG6wabBtsGuwb7B6xq8vsEbGryxwZsavLnBWxq8tcHbGry9wTsavLPBuxq8u8F7Gry3wfsavL/BBxp8sMGHGny4wUcafLTBxxp8vMEnGnyywacafLrBZxp8tsHnGny+wRcafLHBlxp8ucFXGny1wdcafL3BNxp8s8G3Gny7wXcafLfB9xp8v8EPGvywwY8a/LjBTxr8tMHPGvy8wS8a/LLBrxr8usFvGvy2we8a/L7BHxr8scGfGvy5wV8a/LXB3xr8vcE/Gvyzwb8a/LvBfxr8t8H/GhzS4NAGhzU4vMERDY5scFSDoxsc0+DYBsdpcdwWx2tx/BYnaHHCFidqceIWJ2lx0hYna3HyFqdoccoWp2px6hanaXHaFqdrcfoWZ2hxxhZnanHmFmdpcdYWZ2tx9hbnaHHOFudqce4W52lx3hbna3H+FhdoccEWF2px4RYXaXHRFhdrcfEWl2hxyRaXanHpFpdpkRaXbXG5FpdvcYUWV2xxpRZXbnGVFldtcbUWV29xjRbXbHGtFtducZ0W121xvRbXb3GDFjdscaMWN25xkxY3bXGzFjdvcYsWt2xxqxa3bnGbFrdtcbsWt29xhxZ3bHGnFnducZcWd21xtxZ3b3GPFvdsca8W925xnxb3bXG/Fvdv8YAWD2zxoBYPbvGQFg9t8bAWD2/xiBaPbPGoFo9u8ZgWj23xuBaPb/GEFk9s8aQWT27xlBZPbdEWT2vx9BbPaPHMFs9q8ewWz2nx3BbPa/H8Fi9o8cIWL2rx4hYvafHSFi9r8fIWr2jxyhavavHqFq9p8doWBy0GLYYtRi3GLSYtpi1mLeYtFi2WLVYt1i02LbYtdi32LV7X4vUt3tDijS3e1OLNLd7S4q0t3tbi7S3e0eKdLd7V4t0t3tPivS3e1+L9LT7Q4oMtPtTiwy0+0uKjLT7W4uMtPtHiky0+1eLTLT7T4rMtPtfi8y2+0OKLLb7U4sstvtLiqy2+1uLrLb7R4pstvtXi2y2+0+K7Lb7X4vstftDihy1+1OLHLX7S4qctftbi5y1+0eKXLX7V4tctftPity1+1+L3Lf7Q4o8t/tTizy3+0uKvLf7W4u8t/tHiny3+1eLfLf7T4r8t/tfikBaHtjisxeEtjmhxZIujWhzd4pgWx7Y4Tofjdjheh+N3OEGHE3Y4UYcTdzhJh5N2OFmHk3c4RYdTdjhVh1N3OE2H03Y4XYfTdzhDhzN2OFOHM3c4S4ezdjhbh7N3OEeHc3Y4V4dzdzhPh/N2OF+H83e4QIcLdrhQhwt3uEiHi3a4WIeLd7hEh0t2uFSHS3e4TId0uGyHy3W4fIcrdLhihyt1uHKHq3S4aoerdbh6h2t0uGaHa3W4dofrdLhuh+t1uH6HG3S4YYcbdbhxh5t0uGmHm3W4eYdbdLhlh1t1uHWH23S4bYfbdbh9hzt0uGOHO3W4c4e7dLhrh7t1uHuHe3S4Z4d7dbh3h/t0uG+H+3W4f4cHdHhghwd1eHCHh3R4aIeHdXh4h0d0eGSHR3V4dIfHdHhsh8d1eHyHJ3R4YocndXhyh6d0eGqHdnhah6d3eEaHZ3Z4Vodnd3hOh+d2eF6H53d4QYcXdnhRhxd3eEmHl3Z4WYeXd3hFh1d2eFWHV3d4TYfXdjjoMOgw7DDqMO4w6TDtMOsw77DosOyw6rDusOmw7bDrsO/wug6v7/CGDm/s8KYOb+7wlg5v7fC2Dm/v8I4O7+zwrg7v7vCeDu/t8L4O7+/wgQ4f7PChDh/u8JEOH+3wsQ4f7/CJDp/s8KkOn+7wmQ6f7fC5Dp/v8IUOX+zwpQ5f7vCVDl/t8LUOX+/wjQ7f7PCtDt/u8J0O3+3wvQ7f7/CDDj/s8KMOP+7wkw4/7fCzDj/v8IsOv+zwqw6/7vCbDr/t8LsOv+/whw5/7PCnDn/u8JcOf+3wtw5/7/CPDv/s8K8O/+7wnw7/7fC/Dod0OLTDYR0O73BEhyM7HNXh6A7HdDi2w3F6HLfH8Xocv8cJepywx4l6nLjHSXqctMfJepy8xyl6nLLHqXqcusdpepy2x+l6nL7HGXqcsceZepy5x1l6nLXH2Xqcvcc5epyzx7l6nLvHeXqct8f5epy/xwV6XLDHhXpcuMdFely0x8V6XLzHJXpcsselely6x2V6pMdle1yux+V7XKHHFXtcqceVe1ylx1V7XK3H1Xtco8c1e1yrx7V7XKfHdXtcr8f1e9ygxw173KjHjXvcpMdNe9ysx8173KLHLXvcqsete9ymx2173K7H7Xvcoccde9ypx5173KXHXXvcrcfde9yjxz173KvHvXvcp8d9e9yvx/17PKDHA3s8qMeDezykx0N7PKzHw3s8oscjezyqx6N7PKbHY3s8rsfjezyhxxN7PKnHk3s8pcdTe7TH03o8vcczejyzx7N6PLvHc3o8t8fzejy/xwt6vLDHi3q8uMdLery0x8t6vLzHK3q8sserery6x2t6vLbHQY9Bj2GPUY9xj0mPaY9Zj3mPRY9lj1WPdY9Nj22PXY99j9f1eH2PN/R4Y4839Xhzj7f0eGuPt/V4e4939Hhnj3f1eHeP9/R4b4//EwAPALQVAABDs23bXrZt27a9bNvGuzaybdu29Y3OfQO8f4APDPDBAT40wIcH+MgAHx3gYwN8fIBPDPDJAT41wKcH+MwAnx3gcwN8foAvDPDFAb40wJcH+MoAXx3gawN8fYBvDPDNAb41wLcH+M4A3x3gewN8f4AfDPDDAX40wI8H+MkAPx3gZwP8fIBfDPDLAX41wK8H+M0Avx3gdwP8foA/DPDHAf40wJ8H+MsAfx3gbwP8fYB/DPDPAf41wL8H+M8A/x3gfwMcMsChAxw2wOEDHDHAkQMcNcDRAxwzwLEDHCfAcQMcL8DxA5wgwAkDnCjAiQOcJMBJA5wswMkDnCLAKQOcKsCpA5wmwGkDnC7A6QOcIcAZA5wpwJkDnCXAWQOcLcDZA5wjwDkDnCvAuQOcJ8B5A5wvwPkDXCDABQNcKMCFA1wkwEUDXCzAxQNcIsAlA1wqwKUDXCZAAlw2wOUCXD7AFQJcMcCVAlw5wFUCXDXA1QJcPcA1AlwzwLUCXDvAdQJcN8D1Alw/wA0C3DDAjQLcOMBNAtw0wM0C3DzALQLcMsCtAtw6wG0C3DbA7QLcPsAdAtwxwJ0C3DnAXQLcNcDdAtw9wD0C3DPAvQLcO8B9Atw3wP0C3D/AAwI8MMCDAjw4wEMCPDTAwwI8PMAjAjwywKMCPDrAYwI8NsDjAjw+wBMCPDHAkwI8OcBTAjw1QAM8LcDTAzwjwDMDPCvAswM8J8BzAzwvwPMDvCDACwO8KMCLA7wkwEsDvCzAywO8IsArA7wqwKsDvCbAawO8LsDrA7whwBsDvCnAmwO8JcBbA7wtwNsDvCPAOwO8K8C7A7wnwHsDHAQYBBgGGAUYB5gEmAaYBZgHWARYBlgFWAfYBNgG2AXYB3hfgPcH+ECADwb4UIAPB/hIgI8G+FiAjwf4RIBPBvhUgE8H+EyAzwb4XIDPB/hCgC8G+FKALwf4SoCvBvhagK8H+EaAbwb4VoBvB/hOgO8G+F6A7wf4QYAfBvhRgB8H+EmAnwb4WYCfB/hFgF8G+FWAXwf4TYDfBvhdgN8H+EOAPwb4U4A/B/hLgL8G+FuAvwf4R4B/BvhXgH8H+E+A/wb4X4BDAhwa4LAAhwc4IsCRAY4KcHSAYwIcG+A4IY4b4nghjh/iBCFOGOJEIU4c4iQhThriZCFOHuIUIU4Z4lQhTh3iNCFOG+J0IU4f4gwhzhjiTCHOHOIsIc4a4mwhzh7iHCHOGeJcIc4d4jwhzhvifCHOH+ICIS4Y4kIhLhziIiEuGuJiIS4e4hIhLhniUiEuHeIyIRLisiEuF+LyIa4Q4oohrhTiyiGuEuKqIa4W4uohrhHimiGuFeLaIa4T4rohrhfi+iFuEOKGIW4U4sYhbhLipiFuFuLmIW4R4pYhbhXi1iFuE+K2IW4X4vYh7hDijiHuFOLOIe4S4q4h7hbi7iHuEeKeIe4V4t4h7hPiviHuF+L+IR4Q4oEhHhTiwSEeEuKhIR4W4uEhHhHikSEeFeLRIR4T4rEhHhfi8SGeEOKJIZ4U4skhnhLiqSEa4mkhnh7iGSGeGeJZIZ4d4jkhnhvieSGeH+IFIV4Y4kUhXhziJSFeGuJlIV4e4hUhXhniVSFeHeI1IV4b4nUhXh/iDSHeGOJNId4c4i0h3hribSHeHuIdId4Z4l0h3h3iPSHeG+IgxCDEMMQoxDjEJMQ0xCzEPMQixDLEKsQ6xCbENsQuxD7E+0K8P8QHQnwwxIdCfDjER0J8NMTHQnw8xCdCfDLEp0J8OsRnQnw2xOdCfD7EF0J8McSXQnw5xFdCfDXE10J8PcQ3QnwzxLdCfDvEd0J8N8T3Qnw/xA9C/DDEj0L8OMRPQvw0xM9C/DzEL0L8MsSvQvw6xG9C/DbE70L8PsQfQvwxxJ9C/DnEX0L8NcTfQvw9xD9C/DPEv0L8O8R/Qvw3xP9CHBLi0BCHhTg8xBEhjgxxVIijQxwT4tgQx4lw3AjHi3D8CCeIcMIIJ4pw4ggniXDSCCeLcPIIp4hwygininDqCKeJcNoIp4tw+ghniHDGCGeKcOYIZ4lw1ghni3D2COeIcM4I54pw7gjniXDeCOeLcP4IF4hwwQgXinDhCBeJcNEIF4tw8QiXiHDJCJeKcOkIl4mQCJeNcLkIl49whQhXjHClCFeOcJUIV41wtQhXj3CNCNeMcK0I145wnQjXjXC9CNePcIMIN4xwowg3jnCTCDeNcLMIN49wiwi3jHCrCLeOcJsIt41wuwi3j3CHCHeMcKcId45wlwh3jXC3CHePcI8I94xwrwj3jnCfCPeNcL8I94/wgAgPjPCgCA+O8JAID43wsAgPj/CICI+M8KgIj47wmAiPjfC4CI+P8IQIT4zwpAhPjvCUCE+N0AhPi/D0CM+I8MwIz4rw7AjPifDcCM+L8PwIL4jwwggvivDiCC+J8NIIL4vw8giviPDKCK+K8OoIr4nw2givi/D6CG+I8MYIb4rw5ghvifDWCG+L8PYI74jwzgjvivDuCO+J8N4IBxEGEYYRRhHGESYRphFmEeYRFhGWEVYR1hE2EbYRdhH2Ed4X4f0RPhDhgxE+FOHDET4S4aMRPhbh4xE+EeGTET4V4dMRPhPhsxE+F+HzEb4Q4YsRvhThyxG+EuGrEb4W4esRvhHhmxG+FeHbEb4T4bsRvhfh+xF+EOGHEX4U4ccRfhLhpxF+FuHnEX4R4ZcRfhXh1xF+E+G3EX4X4fcR/hDhjxH+FOHPEf4S4a8R/hbh7xH+EeGfEf4V4d8R/hPhvxH+F+GQCIdGOCzC4RGOiHBkhKMiHB3hmAjHRjhOjOPGOF6M48c4QYwTxjhRjBPHOEmMk8Y4WYyTxzhFjFPGOFWMU8c4TYzTxjhdjNPHOEOMM8Y4U4wzxzhLjLPGOFuMs8c4R4xzxjhXjHPHOE+M88Y4X4zzx7hAjAvGuFCMC8e4SIyLxrhYjIvHuESMS8a4VIxLx7hMjMS4bIzLxbh8jCvEuGKMK8W4coyrxLhqjKvFuHqMa8S4Zoxrxbh2jOvEuG6M68W4fowbxLhhjBvFuHGMm8S4aYybxbh5jFvEuGWMW8W4dYzbxLhtjNvFuH2MO8S4Y4w7xbhzjLvEuGuMu8W4e4x7xLhnjHvFuHeM+8S4b4z7xbh/jAfEeGCMB8V4cIyHxHhojIfFeHiMR8R4ZIxHxXh0jMfEeGyMx8V4fIwnxHhijCfFeHKMp8R4aozGeFqMp8d4RoxnxnhWjGfHeE6M58Z4Xoznx3hBjBfGeFGMF8d4SYyXxnhZjJfHeEWMV8Z4VYxXx3hNjNfGeF2M18d4Q4w3xnhTjDfHeEuMt8Z4W4y3x3hHjHfGeFeMd8d4T4z3xjiIMYgxjDGKMY4xiTGNMYsxj7GIsYyxirGOsYmxjbGLsY/xvhjvj/GBGB+M8aEYH47xkRgfjfGxGB+P8YkYn4zxqRifjvGZGJ+N8bkYn4/xhRhfjPGlGF+O8ZUYX43xtRhfj/GNGN+M8a0Y347xnRjfjfG9GN+P8YMYP4zxoxg/jvGTGD+N8bMYP4/xixi/jPGrGL+O8ZsYv43xuxi/j/GHGH+M8acYf47xlxh/jfG3GH+P8Y8Y/4zxrxj/jvGfGP+N8b8Yh8Q4NMZhMQ6PcUSMI2McFePoGMfEODbGcRIcN8HxEhw/wQkSnDDBiRKcOMFJEpw0wckSnDzBKRKcMsGpEpw6wWkSnDbB6RKcPsEZEpwxwZkSnDnBWRKcNcHZEpw9wTkSnDPBuRKcO8F5Epw3wfkSnD/BBRJcMMGFElw4wUUSXDTBxRJcPMElElwywaUSXDrBZRIkwWUTXC7B5RNcIcEVE1wpwZUTXCXBVRNcLcHVE1wjwTUTXCvBtRNcJ8F1E1wvwfUT3CDBDRPcKMGNE9wkwU0T3CzBzRPcIsEtE9wqwa0T3CbBbRPcLsHtE9whwR0T3CnBnRPcJcFdE9wtwd0T3CPBPRPcK8G9E9wnwX0T3C/B/RM8IMEDEzwowYMTPCTBQxM8LMHDEzwiwSMTPCrBoxM8JsFjEzwuweMTPCHBExM8KcGTEzwlwVMTNMHTEjw9wTMSPDPBsxI8O8FzEjw3wfMSPD/BCxK8MMGLErw4wUsSvDTByxK8PMErErwywasSvDrBaxK8NsHrErw+wRsSvDHBmxK8OcFbErw1wdsSvD3BOxK8M8G7Erw7wXsSvDfBQYJBgmGCUYJxgkmCaYJZgnmCRYJlglWCdYJNgm2CXYJ9gvcleH+CDyT4YIIPJfhwgo8k+GiCjyX4eIJPJPhkgk8l+HSCzyT4bILPJfh8gi8k+GKCLyX4coKvJPhqgq8l+HqCbyT4ZoJvJfh2gu8k+G6C7yX4foIfJPhhgh8l+HGCnyT4aYKfJfh5gl8k+GWCXyX4dYLfJPhtgt8l+H2CPyT4Y4I/Jfhzgr8k+GuCvyX4e4J/JPhngn8l+HeC/yT4b4L/JTgkwaEJDktweIIjEhyZ4KgERyc4JsGxCY6T4rgpjpfi+ClOkOKEKU6U4sQpTpLipClOluLkKU6R4pQpTpXi1ClOk+K0KU6X4vQpzpDijCnOlOLMKc6S4qwpzpbi7CnOkeKcKc6V4twpzpPivCnOl+L8KS6Q4oIpLpTiwikukuKiKS6W4uIpLpHikikuleLSKS6TIikum+JyKS6f4goprpjiSimunOIqKa6a4moprp7iGimumeJaKa6d4joprpvieimun+IGKW6Y4kYpbpziJilumuJmKW6e4hYpbpniViluneI2KW6b4nYpbp/iDinumOJOKe6c4i4p7pribinunuIeKe6Z4l4p7p3iPinum+J+Ke6f4gEpHpjiQSkenOIhKR6a4mEpHp7iESkemeJRKR6d4jEpHpvicSken+IJKZ6Y4kkpnpziKSmemqIpnpbi6SmekeKZKZ6V4tkpnpPiuSmel+L5KV6Q4oUpXpTixSlekuKlKV6W4uUpXpHilSleleLVKV6T4rUpXpfi9SnekOKNKd6U4s0p3pLirSneluLtKd6R4p0p3pXi3Snek+K9KQ5SDFIMU4xSjFNMUkxTzFLMUyxSLFOsUqxTbFJsU+xS7FO8L8X7U3wgxQdTfCjFh1N8JMVHU3wsxcdTfCLFJ1N8KsWnU3wmxWdTfC7F51N8IcUXU3wpxZdTfCXFV1N8LcXXU3wjxTdTfCvFt1N8J8V3U3wvxfdT/CDFD1P8KMWPU/wkxU9T/CzFz1P8IsUvU/wqxa9T/CbFb1P8LsXvU/whxR9T/CnFn1P8JcVfU/wtxd9T/CPFP1P8K8W/U/wnxX9T/C/FISkOTXFYisNTHJHiyBRHpTg6xTEpjk1xnAzHzXC8DMfPcIIMJ8xwogwnznCSDCfNcLIMJ89wigynzHCqDKfOcJoMp81wugynz3CGDGfMcKYMZ85wlgxnzXC2DGfPcI4M58xwrgznznCeDOfNcL4M589wgQwXzHChDBfOcJEMF81wsQwXz3CJDJfMcKkMl85wmQzJcNkMl8tw+QxXyHDFDFfKcOUMV8lw1QxXy3D1DNfIcM0M18pw7QzXyXDdDNfLcP0MN8hwwww3ynDjDDfJcNMMN8tw8wy3yHDLDLfKcOsMt8lw2wy3y3D7DHfIcMcMd8pw5wx3yXDXDHfLcPcM98hwzwz3ynDvDPfJcN8M98tw/wwPyPDADA/K8OAMD8nw0AwPy/DwDI/I8MgMj8rw6AyPyfDYDI/L8PgMT8jwxAxPyvDkDE/J8NQMzfC0DE/P8IwMz8zwrAzPzvCcDM/N8LwMz8/wggwvzPCiDC/O8JIML83wsgwvz/CKDK/M8KoMr87wmgyvzfC6DK/P8IYMb8zwpgxvzvCWDG/N8LYMb8/wjgzvzPCuDO/O8J4M781wkGGQYZhhlGGcYZJhmmGWYZ5hkWGZYZVhnWGTYZthl2Gf4X0Z3p/hAxk+mOFDGT6c4SMZPprhYxk+nuETGT6Z4VMZPp3hMxk+m+FzGT6f4QsZvpjhSxm+nOErGb6a4WsZvp7hGxm+meFbGb6d4TsZvpvhexm+n+EHGX6Y4UcZfpzhJxl+muFnGX6e4RcZfpnhVxl+neE3GX6b4XcZfp/hDxn+mOFPGf6c4S8Z/prhbxn+nuEfGf6Z4V8Z/p3hPxn+m+F/GQ7JcGiGwzIcnuGIDEdmOCrD0RmOyXBshuPkOG6O4+U4fo4T5DhhjhPlOHGOk+Q4aY6T5Th5jlPkOGWOU+U4dY7T5DhtjtPlOH2OM+Q4Y44z5ThzjrPkOGuOs+U4e45z5DhnjnPlOHeO8+Q4b47z5Th/jgvkuGCOC+W4cI6L5LhojovluHiOS+S4ZI5L5bh0jsvkSI7L5rhcjsvnuEKOK+a4Uo4r57hKjqvmuFqOq+e4Ro5r5rhWjmvnuE6O6+a4Xo7r57hBjhvmuFGOG+e4SY6b5rhZjpvnuEWOW+a4VY5b57hNjtvmuF2O2+e4Q4475rhTjjvnuEuOu+a4W46757hHjnvmuFeOe+e4T4775rhfjvvneECOB+Z4UI4H53hIjofmeFiOh+d4RI5H5nhUjkfneEyOx+Z4XI7H53hCjifmeFKOJ+d4So6n5miOp+V4eo5n5HhmjmfleHaO5+R4bo7n5Xh+jhfkeGGOF+V4cY6X5HhpjpfleHmOV+R4ZY5X5Xh1jtfkeG2O1+V4fY435HhjjjfleHOOt+R4a4635Xh7jnfkeGeOd+V4d4735HhvjoMcgxzDHKMc4xyTHNMcsxzzHIscyxyrHOscmxzbHLsc+xzvy/H+HB/I8cEcH8rx4RwfyfHRHB/L8fEcn8jxyRyfyvHpHJ/J8dkcn8vx+RxfyPHFHF/K8eUcX8nx1Rxfy/H1HN/I8c0c38rx7RzfyfHdHN/L8f0cP8jxwxw/yvHjHD/J8dMcP8vx8xy/yPHLHL/K8escv8nx2xy/y/H7HH/I8cccf8rx5xx/yfHXHH/L8fcc/8jxzxz/yvHvHP/J8d8c/8txSI5DcxyW4/AcR+Q4MsdROY7OcUyOY3Mcp8BxCxyvwPELnKDACQucqMCJC5ykwEkLnKzAyQucosApC5yqwKkLnKbAaQucrsDpC5yhwBkLnKnAmQucpcBZC5ytwNkLnKPAOQucq8C5C5ynwHkLnK/A+QtcoMAFC1yowIULXKTARQtcrMDFC1yiwCULXKrApQtcpkAKXLbA5QpcvsAVClyxwJUKXLnAVQpctcDVCly9wDUKXLPAtQpcu8B1Cly3wPUKXL/ADQrcsMCNCty4wE0K3LTAzQrcvMAtCtyywK0K3LrAbQrctsDtCty+wB0K3LHAnQrcucBdCty1wN0K3L3APQrcs8C9Cty7wH0K3LfA/Qrcv8ADCjywwIMKPLjAQwo8tMDDCjy8wCMKPLLAowo8usBjCjy2wOMKPL7AEwo8scCTCjy5wFMKPLVACzytwNMLPKPAMws8q8CzCzynwHMLPK/A8wu8oMALC7yowIsLvKTASwu8rMDLC7yiwCsLvKrAqwu8psBrC7yuwOsLvKHAGwu8qcCbC7ylwFsLvK3A2wu8o8A7C7yrwLsLvKfAewscFBgUGBYYFRgXmBSYFpgVmBdYFFgWWBVYF9gU2BbYFdgXeF+B9xf4QIEPFvhQgQ8X+EiBjxb4WIGPF/hEgU8W+FSBTxf4TIHPFvhcgc8X+EKBLxb4UoEvF/hKga8W+FqBrxf4RoFvFvhWgW8X+E6B7xb4XoHvF/hBgR8W+FGBHxf4SYGfFvhZgZ8X+EWBXxb4VYFfF/hNgd8W+F2B3xf4Q4E/FvhTgT8X+EuBvxb4W4G/F/hHgX8W+FeBfxf4T4H/FvhfgUMKHFrgsAKHFziiwJEFjipwdIFjChxb4DgljlvieCWOX+IEJU5Y4kQlTlziJCVOWuJkJU5e4hQlTlniVCVOXeI0JU5b4nQlTl/iDCXOWOJMJc5c4iwlzlribCXOXuIcJc5Z4lwlzl3iPCXOW+J8Jc5f4gIlLljiQiUuXOIiJS5a4mIlLl7iEiUuWeJSJS5d4jIlUuKyJS5X4vIlrlDiiiWuVOLKJa5S4qolrlbi6iWuUeKaJa5V4tolrlPiuiWuV+L6JW5Q4oYlblTixiVuUuKmJW5W4uYlblHiliVuVeLWJW5T4rYlblfi9iXuUOKOJe5U4s4l7lLiriXuVuLuJe5R4p4l7lXi3iXuU+K+Je5X4v4lHlDigSUeVOLBJR5S4qElHlbi4SUeUeKRJR5V4tElHlPisSUeV+LxJZ5Q4oklnlTiySWeUuKpJVriaSWeXuIZJZ5Z4lklnl3iOSWeW+J5JZ5f4gUlXljiRSVeXOIlJV5a4mUlXl7iFSVeWeJVJV5d4jUlXlvidSVeX+INJd5Y4k0l3lziLSXeWuJtJd5e4h0l3lniXSXeXeI9Jd5b4qDEoMSwxKjEuMSkxLTErMS8xKLEssSqxLrEpsS2xK7EvsT7Sry/xAdKfLDEh0p8uMRHSny0xMdKfLzEJ0p8ssSnSny6xGdKfLbE50p8vsQXSnyxxJdKfLnEV0p8tcTXSny9xDdKfLPEt0p8u8R3Sny3xPdKfL/ED0r8sMSPSvy4xE9K/LTEz0r8vMQvSvyyxK9K/LrEb0r8tsTvSvy+xB9K/LHEn0r8ucRfSvy1xN9K/L3EP0r8s8S/Svy7xH9K/LfE/0ocUuLQEoeVOLzEESWOLHFUiaNLHFPi2BLHqXDcCsercPwKJ6hwwgonqnDiCiepcNIKJ6tw8gqnqHDKCqeqcOoKp6lw2gqnq3D6CmeocMYKZ6pw5gpnqXDWCmercPYK56hwzgrnqnDuCuepcN4K56tw/goXqHDBCheqcOEKF6lw0QoXq3DxCpeocMkKl6pw6QqXqZAKl61wuQqXr3CFClescKUKV65wlQpXrXC1ClevcI0K16xwrQrXrnCdCtetcL0K169wgwo3rHCjCjeucJMKN61wswo3r3CLCrescKsKt65wmwq3rXC7CrevcIcKd6xwpwp3rnCXCnetcLcKd69wjwr3rHCvCveucJ8K961wvwr3r/CACg+s8KAKD67wkAoPrfCwCg+v8IgKj6zwqAqPrvCYCo+t8LgKj6/whApPrPCkCk+u8JQKT63QCk+r8PQKz6jwzArPqvDsCs+p8NwKz6vw/AovqPDCCi+q8OIKL6nw0govq/DyCq+o8MoKr6rw6gqvqfDaCq+r8PoKb6jwxgpvqvDmCm+p8NYKb6vw9grvqPDOCu+q8O4K76nw3goHFQYVhhVGFcYVJhWmFWYV5hUWFZYVVhXWFTYVthV2FfYV3lfh/RU+UOGDFT5U4cMVPlLhoxU+VuHjFT5R4ZMVPlXh0xU+U+GzFT5X4fMVvlDhixW+VOHLFb5S4asVvlbh6xW+UeGbFb5V4dsVvlPhuxW+V+H7FX5Q4YcVflThxxV+UuGnFX5W4ecVflHhlxV+VeHXFX5T4bcVflfh9xX+UOGPFf5U4c8V/lLhrxX+VuHvFf5R4Z8V/lXh3xX+U+G/Ff5X4ZAKh1Y4rMLhFY6ocGSFoyocXeGYCsdWOE6N49Y4Xo3j1zhBjRPWOFGNE9c4SY2T1jhZjZPXOEWNU9Y4VY1T1zhNjdPWOF2N09c4Q40z1jhTjTPXOEuNs9Y4W42z1zhHjXPWOFeNc9c4T43z1jhfjfPXuECNC9a4UI0L17hIjYvWuFiNi9e4RI1L1rhUjUvXuEyN1LhsjcvVuHyNK9S4Yo0r1bhyjavUuGqNq9W4eo1r1LhmjWvVuHaN69S4bo3r1bh+jRvUuGGNG9W4cY2b1LhpjZvVuHmNW9S4ZY1b1bh1jdvUuG2N29W4fY071LhjjTvVuHONu9S4a4271bh7jXvUuGeNe9W4d4371LhvjfvVuH+NB9R4YI0H1XhwjYfUeGiNh9V4eI1H1HhkjUfVeHSNx9R4bI3H1Xh8jSfUeGKNJ9V4co2n1HhqjdZ4Wo2n13hGjWfWeFaNZ9d4To3n1nhejefXeEGNF9Z4UY0X13hJjZfWeFmNl9d4RY1X1nhVjVfXeE2N19Z4XY3X13hDjTfWeFONN9d4S4231nhbjbfXeEeNd9Z4V41313hPjffWOKgxqDGsMaoxrjGpMa0xqzGvsaixrLGqsa6xqbGtsauxr/G+Gu+v8YEaH6zxoRofrvGRGh+t8bEaH6/xiRqfrPGpGp+u8Zkan63xuRqfr/GFGl+s8aUaX67xlRpfrfG1Gl+v8Y0a36zxrRrfrvGdGt+t8b0a36/xgxo/rPGjGj+u8ZMaP63xsxo/r/GLGr+s8asav67xmxq/rfG7Gr+v8Ycaf6zxpxp/rvGXGn+t8bcaf6/xjxr/rPGvGv+u8Z8a/63xvxqH1Di0xmE1Dq9xRI0jaxxV4+gax9Q4tsZxGhy3wfEaHL/BCRqcsMGJGpy4wUkanLTByRqcvMEpGpyywakanLrBaRqctsHpGpy+wRkanLHBmRqcucFZGpy1wdkanL3BORqcs8G5Gpy7wXkanLfB+Rqcv8EFGlywwYUaXLjBRRpctMHFGly8wSUaXLLBpRpcusFlGqTBZRtcrsHlG1yhwRUbXKnBlRtcpcFVG1ytwdUbXKPBNRtcq8G1G1ynwXUbXK/B9RvcoMENG9yowY0b3KTBTRvcrMHNG9yiwS0b3KrBrRvcpsFtG9yuwe0b3KHBHRvcqcGdG9ylwV0b3K3B3Rvco8E9G9yrwb0b3KfBfRvcr8H9GzygwQMbPKjBgxs8pMFDGzyswcMbPKLBIxs8qsGjGzymwWMbPK7B4xs8ocETGzypwZMbPKXBUxu0wdMaPL3BMxo8s8GzGjy7wXMaPLfB8xo8v8ELGrywwYsavLjBSxq8tMHLGry8wSsavLLBqxq8usFrGry2wesavL7BGxq8scGbGry5wVsavLXB2xq8vcE7GryzwbsavLvBexq8t8FBg0GDYYNRg3GDSYNpg1mDeYNFg2WDVYN1g02DbYNdg32D9zV4f4MPNPhggw81+HCDjzT4aIOPNfh4g080+GSDTzX4dIPPNPhsg881+HyDLzT4YoMvNfhyg680+GqDrzX4eoNvNPhmg281+HaD7zT4boPvNfh+gx80+GGDHzX4cYOfNPhpg581+HmDXzT4ZYNfNfh1g980+G2D3zX4fYM/NPhjgz81+HODvzT4a4O/Nfh7g380+GeDfzX4d4P/NPhvg/81OKTBoQ0Oa3B4gyMaHNngqAZHNzimwbENjtPiuC2O1+L4LU7Q4oQtTtTixC1O0uKkLU7W4uQtTtHilC1O1eLULU7T4rQtTtfi9C3O0OKMLc7U4swtztLirC3O1uLsLc7R4pwtztXi3C3O0+K8Lc7X4vwtLtDigi0u1OLCLS7S4qItLtbi4i0u0eKSLS7V4tItLtMiLS7b4nItLt/iCi2u2OJKLa7c4iotrtriai2u3uIaLa7Z4lotrt3iOi2u2+J6La7f4gYtbtjiRi1u3OImLW7a4mYtbt7iFi1u2eJWLW7d4jYtbtvidi1u3+IOLe7Y4k4t7tziLi3u2uJuLe7e4h4t7tniXi3u3eI+Le7b4n4t7t/iAS0e2OJBLR7c4iEtHtriYS0e3uIRLR7Z4lEtHt3iMS0e2+JxLR7f4gktntjiSS2e3OIpLZ7aoi2e1uLpLZ7R4pktntXi2S2e0+K5LZ7X4vktXtDihS1e1OLFLV7S4qUtXtbi5S1e0eKVLV7V4tUtXtPitS1e1+L1Ld7Q4o0t3tTizS3e0uKtLd7W4u0t3tHinS3e1eLdLd7T4r0tDloMWgxbjFqMW0xaTFvMWsxbLFosW6xarFtsWmxb7FrsW7yvxftbfKDFB1t8qMWHW3ykxUdbfKzFx1t8osUnW3yqxadbfKbFZ1t8rsXnW3yhxRdbfKnFl1t8pcVXW3ytxddbfKPFN1t8q8W3W3ynxXdbfK/F91v8oMUPW/yoxY9b/KTFT1v8rMXPW/yixS9b/KrFr1v8psVvW/yuxe9b/KHFH1v8qcWfW/ylxV9b/K3F31v8o8U/W/yrxb9b/KfFf1v8r8UhLQ5tcViLw1sc0eLIFke1OLrFMS2ObXGcDsftcLwOx+9wgg4n7HCiDifucJIOJ+1wsg4n73CKDqfscKoOp+5wmg6n7XC6DqfvcIYOZ+xwpg5n7nCWDmftcLYOZ+9wjg7n7HCuDufucJ4O5+1wvg7n73CBDhfscKEOF+5wkQ4X7XCxDhfvcIkOl+xwqQ6X7nCZDulw2Q6X63D5DlfocMUOV+pw5Q5X6XDVDlfrcPUO1+hwzQ7X6nDtDtfpcN0O1+tw/Q436HDDDjfqcOMON+lw0w4363DzDrfocMsOt+pw6w636XDbDrfrcPsOd+hwxw536nDnDnfpcNcOd+tw9w736HDPDvfqcO8O9+lw3w7363D/Dg/o8MAOD+rw4A4P6fDQDg/r8PAOj+jwyA6P6vDoDo/p8NgOj+vw+A5P6PDEDk/q8OQOT+nw1A7t8LQOT+/wjA7P7PCsDs/u8JwOz+3wvA7P7/CCDi/s8KIOL+7wkg4v7fCyDi/v8IoOr+zwqg6v7vCaDq/t8LoOr+/whg5v7PCmDm/u8JYOb+3wtg5v7/CODu/s8K4O7+7wng7v7XDQYdBh2GHUYdxh0mHaYdZh3mHRYdlh1WHdYdNh22HXYd/hfR3e3+EDHT7Y4UMdPtzhIx0+2uFjHT7e4RMdPtnhUx0+3eEzHT7b4XMdPt/hCx2+2OFLHb7c4Ssdvtrhax2+3uEbHb7Z4Vsdvt3hOx2+2+F7Hb7f4QcdftjhRx1+3OEnHX7a4Wcdft7hFx1+2eFXHX7d4Tcdftvhdx1+3+EPHf7Y4U8d/tzhLx3+2uFvHf7e4R8d/tnhXx3+3eE/Hf7b4X8dDulwaIfDOhze4YgOR3Y4qsPRHY7pcGyH4/Q4bo/j9Th+jxP0OGGPE/U4cY+T9Dhpj5P1OHmPU/Q4ZY9T9Th1j9P0OG2P0/U4fY8z9DhjjzP1OHOPs/Q4a4+z9Th7j3P0OGePc/U4d4/z9Dhvj/P1OH+PC/S4YI8L9bhwj4v0uGiPi/W4eI9L9Lhkj0v1uHSPy/RIj8v2uFyPy/e4Qo8r9rhSjyv3uEqPq/a4Wo+r97hGj2v2uFaPa/e4To/r9rhej+v3uEGPG/a4UY8b97hJj5v2uFmPm/e4RY9b9rhVj1v3uE2P2/a4XY/b97hDjzv2uFOPO/e4S4+79rhbj7v3uEePe/a4V49797hPj/v2uF+P+/d4QI8H9nhQjwf3eEiPh/Z4WI+H93hEj0f2eFSPR/d4TI/H9nhcj8f3eEKPJ/Z4Uo8n93hKj6f2aI+n9Xh6j2f0eGaPZ/V4do/n9Hhuj+f1eH6PF/R4YY8X9Xhxj5f0eGmPl/V4eY9X9Hhlj1f1eHWP1/R4bY/X9Xh9jzf0eGOPN/V4c4+39Hhrj7f1eHuPd/R4Z4939Xh3j/f0eG+Pgx6DHsMeox7jHpMe0x6zHvMeix7LHqse6x6bHtseux77Hv8nAB4AaCsAAIZm27a9bNu2bXvZtm27d21k27b9jU4wwHCA0QDjASYDTAeYDTAfYDHAcoDVAOsBNgNsB9gNsB/gcwN8foAvDPDFAb40wJcH+MoAXx3gawN8fYBvDPDNAb41wLcH+M4A3x3gewN8f4AfDPDDAX40wI8H+MkAPx3gZwP8fIBfDPDLAX41wK8H+M0Avx3gdwP8foA/DPDHAf40wJ8H+MsAfx3gbwP8fYB/DPDPAf41wL8H+M8A/x3gfwMcMsChAxw2wOEDHDHAkQMcNcDRAxwzwLEDHCfAcQMcL8DxA5wgwAkDnCjAiQOcJMBJA5wswMkDnCLAKQOcKsCpA5wmwGkDnC7A6QOcIcAZA5wpwJkDnCXAWQOcLcDZA5wjwDkDnCvAuQOcJ8B5A5wvwPkDXCDABQNcKMCFA1wkwEUDXCzAxQNcIsAlA1wqwKUDXCZAAlw2wOUCXD7AFQJcMcCVAlw5wFUCXDXA1QJcPcA1AlwzwLUCXDvAdQJcN8D1Alw/wA0C3DDAjQLcOMBNAtw0wM0C3DzALQLcMsCtAtw6wG0C3DbA7QLcPsAdAtwxwJ0C3DnAXQLcNcDdAtw9wD0C3DPAvQLcO8B9Atw3wP0C3D/AAwI8MMCDAjw4wEMCPDTAwwI8PMAjAjwywKMCPDrAYwI8NsDjAjw+wBMCPDHAkwI8OcBTAjw1QAM8LcDTAzwjwDMDPCvAswM8J8BzAzwvwPMDvCDACwO8KMCLA7wkwEsDvCzAywO8IsArA7wqwKsDvCbAawO8LsDrA7whwBsDvCnAmwO8JcBbA7wtwNsDvCPAOwO8K8C7A7wnwHsDvC/A+wN8IMAHA3wowIcDfCTARwN8LMDHA3wiwCcDfCrApwN8JsBnAxwEGAQYBhgFGAeYBJgGmAWYB1gEWAZYBVgH2ATYBtgF2Af4XIDPB/hCgC8G+FKALwf4SoCvBvhagK8H+EaAbwb4VoBvB/hOgO8G+F6A7wf4QYAfBvhRgB8H+EmAnwb4WYCfB/hFgF8G+FWAXwf4TYDfBvhdgN8H+EOAPwb4U4A/B/hLgL8G+FuAvwf4R4B/BvhXgH8H+E+A/wb4X4BDAhwa4LAAhwc4IsCRAY4KcHSAYwIcG+A4IY4b4nghjh/iBCFOGOJEIU4c4iQhThriZCFOHuIUIU4Z4lQhTh3iNCFOG+J0IU4f4gwhzhjiTCHOHOIsIc4a4mwhzh7iHCHOGeJcIc4d4jwhzhvifCHOH+ICIS4Y4kIhLhziIiEuGuJiIS4e4hIhLhniUiEuHeIyIRLisiEuF+LyIa4Q4oohrhTiyiGuEuKqIa4W4uohrhHimiGuFeLaIa4T4rohrhfi+iFuEOKGIW4U4sYhbhLipiFuFuLmIW4R4pYhbhXi1iFuE+K2IW4X4vYh7hDijiHuFOLOIe4S4q4h7hbi7iHuEeKeIe4V4t4h7hPiviHuF+L+IR4Q4oEhHhTiwSEeEuKhIR4W4uEhHhHikSEeFeLRIR4T4rEhHhfi8SGeEOKJIZ4U4skhnhLiqSEa4mkhnh7iGSGeGeJZIZ4d4jkhnhvieSGeH+IFIV4Y4kUhXhziJSFeGuJlIV4e4hUhXhniVSFeHeI1IV4b4nUhXh/iDSHeGOJNId4c4i0h3hribSHeHuIdId4Z4l0h3h3iPSHeG+J9Id4f4gMhPhjiQyE+HOIjIT4a4mMhPh7iEyE+GeJTIT4d4jMhPhviIMQgxDDEKMQ4xCTENMQsxDzEIsQyxCrEOsQmxDbELsQ+xOdCfD7EF0J8McSXQnw5xFdCfDXE10J8PcQ3QnwzxLdCfDvEd0J8N8T3Qnw/xA9C/DDEj0L8OMRPQvw0xM9C/DzEL0L8MsSvQvw6xG9C/DbE70L8PsQfQvwxxJ9C/DnEX0L8NcTfQvw9xD9C/DPEv0L8O8R/Qvw3xP9CHBLi0BCHhTg8xBEhjgxxVIijQxwT4tgQx4lw3AjHi3D8CCeIcMIIJ4pw4ggniXDSCCeLcPIIp4hwygininDqCKeJcNoIp4tw+ghniHDGCGeKcOYIZ4lw1ghni3D2COeIcM4I54pw7gjniXDeCOeLcP4IF4hwwQgXinDhCBeJcNEIF4tw8QiXiHDJCJeKcOkIl4mQCJeNcLkIl49whQhXjHClCFeOcJUIV41wtQhXj3CNCNeMcK0I145wnQjXjXC9CNePcIMIN4xwowg3jnCTCDeNcLMIN49wiwi3jHCrCLeOcJsIt41wuwi3j3CHCHeMcKcId45wlwh3jXC3CHePcI8I94xwrwj3jnCfCPeNcL8I94/wgAgPjPCgCA+O8JAID43wsAgPj/CICI+M8KgIj47wmAiPjfC4CI+P8IQIT4zwpAhPjvCUCE+N0AhPi/D0CM+I8MwIz4rw7AjPifDcCM+L8PwIL4jwwggvivDiCC+J8NIIL4vw8giviPDKCK+K8OoIr4nw2givi/D6CG+I8MYIb4rw5ghvifDWCG+L8PYI74jwzgjvivDuCO+J8N4I74vw/ggfiPDBCB+K8OEIH4nw0Qgfi/DxCJ+I8MkIn4rw6QififDZCAcRBhGGEUYRxhEmEaYRZhHmERYRlhFWEdYRNhG2EXYR9hE+F+HzEb4Q4YsRvhThyxG+EuGrEb4W4esRvhHhmxG+FeHbEb4T4bsRvhfh+xF+EOGHEX4U4ccRfhLhpxF+FuHnEX4R4ZcRfhXh1xF+E+G3EX4X4fcR/hDhjxH+FOHPEf4S4a8R/hbh7xH+EeGfEf4V4d8R/hPhvxH+F+GQCIdGOCzC4RGOiHBkhKMiHB3hmAjHRjhOjOPGOF6M48c4QYwTxjhRjBPHOEmMk8Y4WYyTxzhFjFPGOFWMU8c4TYzTxjhdjNPHOEOMM8Y4U4wzxzhLjLPGOFuMs8c4R4xzxjhXjHPHOE+M88Y4X4zzx7hAjAvGuFCMC8e4SIyLxrhYjIvHuESMS8a4VIxLx7hMjMS4bIzLxbh8jCvEuGKMK8W4coyrxLhqjKvFuHqMa8S4Zoxrxbh2jOvEuG6M68W4fowbxLhhjBvFuHGMm8S4aYybxbh5jFvEuGWMW8W4dYzbxLhtjNvFuH2MO8S4Y4w7xbhzjLvEuGuMu8W4e4x7xLhnjHvFuHeM+8S4b4z7xbh/jAfEeGCMB8V4cIyHxHhojIfFeHiMR8R4ZIxHxXh0jMfEeGyMx8V4fIwnxHhijCfFeHKMp8R4aozGeFqMp8d4RoxnxnhWjGfHeE6M58Z4Xoznx3hBjBfGeFGMF8d4SYyXxnhZjJfHeEWMV8Z4VYxXx3hNjNfGeF2M18d4Q4w3xnhTjDfHeEuMt8Z4W4y3x3hHjHfGeFeMd8d4T4z3xnhfjPfH+ECMD8b4UIwPx/hIjI/G+FiMj8f4RIxPxvhUjE/H+EyMz8Y4iDGIMYwxijGOMYkxjTGLMY+xiLGMsYqxjrGJsY2xi7GP8bkYn4/xhRhfjPGlGF+O8ZUYX43xtRhfj/GNGN+M8a0Y347xnRjfjfG9GN+P8YMYP4zxoxg/jvGTGD+N8bMYP4/xixi/jPGrGL+O8ZsYv43xuxi/j/GHGH+M8acYf47xlxh/jfG3GH+P8Y8Y/4zxrxj/jvGfGP+N8b8Yh8Q4NMZhMQ6PcUSMI2McFePoGMfEODbGcRIcN8HxEhw/wQkSnDDBiRKcOMFJEpw0wckSnDzBKRKcMsGpEpw6wWkSnDbB6RKcPsEZEpwxwZkSnDnBWRKcNcHZEpw9wTkSnDPBuRKcO8F5Epw3wfkSnD/BBRJcMMGFElw4wUUSXDTBxRJcPMElElwywaUSXDrBZRIkwWUTXC7B5RNcIcEVE1wpwZUTXCXBVRNcLcHVE1wjwTUTXCvBtRNcJ8F1E1wvwfUT3CDBDRPcKMGNE9wkwU0T3CzBzRPcIsEtE9wqwa0T3CbBbRPcLsHtE9whwR0T3CnBnRPcJcFdE9wtwd0T3CPBPRPcK8G9E9wnwX0T3C/B/RM8IMEDEzwowYMTPCTBQxM8LMHDEzwiwSMTPCrBoxM8JsFjEzwuweMTPCHBExM8KcGTEzwlwVMTNMHTEjw9wTMSPDPBsxI8O8FzEjw3wfMSPD/BCxK8MMGLErw4wUsSvDTByxK8PMErErwywasSvDrBaxK8NsHrErw+wRsSvDHBmxK8OcFbErw1wdsSvD3BOxK8M8G7Erw7wXsSvDfB+xK8P8EHEnwwwYcSfDjBRxJ8NMHHEnw8wScSfDLBpxJ8OsFnEnw2wUGCQYJhglGCcYJJgmmCWYJ5gkWCZYJVgnWCTYJtgl2CfYLPJfh8gi8k+GKCLyX4coKvJPhqgq8l+HqCbyT4ZoJvJfh2gu8k+G6C7yX4foIfJPhhgh8l+HGCnyT4aYKfJfh5gl8k+GWCXyX4dYLfJPhtgt8l+H2CPyT4Y4I/Jfhzgr8k+GuCvyX4e4J/JPhngn8l+HeC/yT4b4L/JTgkwaEJDktweIIjEhyZ4KgERyc4JsGxCY6T4rgpjpfi+ClOkOKEKU6U4sQpTpLipClOluLkKU6R4pQpTpXi1ClOk+K0KU6X4vQpzpDijCnOlOLMKc6S4qwpzpbi7CnOkeKcKc6V4twpzpPivCnOl+L8KS6Q4oIpLpTiwikukuKiKS6W4uIpLpHikikuleLSKS6TIikum+JyKS6f4goprpjiSimunOIqKa6a4moprp7iGimumeJaKa6d4joprpvieimun+IGKW6Y4kYpbpziJilumuJmKW6e4hYpbpniViluneI2KW6b4nYpbp/iDinumOJOKe6c4i4p7pribinunuIeKe6Z4l4p7p3iPinum+J+Ke6f4gEpHpjiQSkenOIhKR6a4mEpHp7iESkemeJRKR6d4jEpHpvicSken+IJKZ6Y4kkpnpziKSmemqIpnpbi6SmekeKZKZ6V4tkpnpPiuSmel+L5KV6Q4oUpXpTixSlekuKlKV6W4uUpXpHilSleleLVKV6T4rUpXpfi9SnekOKNKd6U4s0p3pLirSneluLtKd6R4p0p3pXi3Snek+K9Kd6X4v0pPpDigyk+lOLDKT6S4qMpPpbi4yk+keKTKT6V4tMpPpPisykOUgxSDFOMUoxTTFJMU8xSzFMsUixTrFKsU2xSbFPsUuxTfC7F51N8IcUXU3wpxZdTfCXFV1N8LcXXU3wjxTdTfCvFt1N8J8V3U3wvxfdT/CDFD1P8KMWPU/wkxU9T/CzFz1P8IsUvU/wqxa9T/CbFb1P8LsXvU/whxR9T/CnFn1P8JcVfU/wtxd9T/CPFP1P8K8W/U/wnxX9T/C/FISkOTXFYisNTHJHiyBRHpTg6xTEpjk1xnAzHzXC8DMfPcIIMJ8xwogwnznCSDCfNcLIMJ89wigynzHCqDKfOcJoMp81wugynz3CGDGfMcKYMZ85wlgxnzXC2DGfPcI4M58xwrgznznCeDOfNcL4M589wgQwXzHChDBfOcJEMF81wsQwXz3CJDJfMcKkMl85wmQzJcNkMl8tw+QxXyHDFDFfKcOUMV8lw1QxXy3D1DNfIcM0M18pw7QzXyXDdDNfLcP0MN8hwwww3ynDjDDfJcNMMN8tw8wy3yHDLDLfKcOsMt8lw2wy3y3D7DHfIcMcMd8pw5wx3yXDXDHfLcPcM98hwzwz3ynDvDPfJcN8M98tw/wwPyPDADA/K8OAMD8nw0AwPy/DwDI/I8MgMj8rw6AyPyfDYDI/L8PgMT8jwxAxPyvDkDE/J8NQMzfC0DE/P8IwMz8zwrAzPzvCcDM/N8LwMz8/wggwvzPCiDC/O8JIML83wsgwvz/CKDK/M8KoMr87wmgyvzfC6DK/P8IYMb8zwpgxvzvCWDG/N8LYMb8/wjgzvzPCuDO/O8J4M783wvgzvz/CBDB/M8KEMH87wkQwfzfCxDB/P8IkMn8zwqQyfzvCZDJ/NcJBhkGGYYZRhnGGSYZphlmGeYZFhmWGVYZ1hk2GbYZdhn+FzGT6f4QsZvpjhSxm+nOErGb6a4WsZvp7hGxm+meFbGb6d4TsZvpvhexm+n+EHGX6Y4UcZfpzhJxl+muFnGX6e4RcZfpnhVxl+neE3GX6b4XcZfp/hDxn+mOFPGf6c4S8Z/prhbxn+nuEfGf6Z4V8Z/p3hPxn+m+F/GQ7JcGiGwzIcnuGIDEdmOCrD0RmOyXBshuPkOG6O4+U4fo4T5DhhjhPlOHGOk+Q4aY6T5Th5jlPkOGWOU+U4dY7T5DhtjtPlOH2OM+Q4Y44z5ThzjrPkOGuOs+U4e45z5DhnjnPlOHeO8+Q4b47z5Th/jgvkuGCOC+W4cI6L5LhojovluHiOS+S4ZI5L5bh0jsvkSI7L5rhcjsvnuEKOK+a4Uo4r57hKjqvmuFqOq+e4Ro5r5rhWjmvnuE6O6+a4Xo7r57hBjhvmuFGOG+e4SY6b5rhZjpvnuEWOW+a4VY5b57hNjtvmuF2O2+e4Q4475rhTjjvnuEuOu+a4W46757hHjnvmuFeOe+e4T4775rhfjvvneECOB+Z4UI4H53hIjofmeFiOh+d4RI5H5nhUjkfneEyOx+Z4XI7H53hCjifmeFKOJ+d4So6n5miOp+V4eo5n5HhmjmfleHaO5+R4bo7n5Xh+jhfkeGGOF+V4cY6X5HhpjpfleHmOV+R4ZY5X5Xh1jtfkeG2O1+V4fY435HhjjjfleHOOt+R4a4635Xh7jnfkeGeOd+V4d4735HhvjvfleH+OD+T4YI4P5fhwjo/k+GiOj+X4eI5P5Phkjk/l+HSOz+T4bI6DHIMcwxyjHOMckxzTHLMc8xyLHMscqxzrHJsc2xy7HPscn8vx+RxfyPHFHF/K8eUcX8nx1Rxfy/H1HN/I8c0c38rx7RzfyfHdHN/L8f0cP8jxwxw/yvHjHD/J8dMcP8vx8xy/yPHLHL/K8escv8nx2xy/y/H7HH/I8cccf8rx5xx/yfHXHH/L8fcc/8jxzxz/yvHvHP/J8d8c/8txSI5DcxyW4/AcR+Q4MsdROY7OcUyOY3Mcp8BxCxyvwPELnKDACQucqMCJC5ykwEkLnKzAyQucosApC5yqwKkLnKbAaQucrsDpC5yhwBkLnKnAmQucpcBZC5ytwNkLnKPAOQucq8C5C5ynwHkLnK/A+QtcoMAFC1yowIULXKTARQtcrMDFC1yiwCULXKrApQtcpkAKXLbA5QpcvsAVClyxwJUKXLnAVQpctcDVCly9wDUKXLPAtQpcu8B1Cly3wPUKXL/ADQrcsMCNCty4wE0K3LTAzQrcvMAtCtyywK0K3LrAbQrctsDtCty+wB0K3LHAnQrcucBdCty1wN0K3L3APQrcs8C9Cty7wH0K3LfA/Qrcv8ADCjywwIMKPLjAQwo8tMDDCjy8wCMKPLLAowo8usBjCjy2wOMKPL7AEwo8scCTCjy5wFMKPLVACzytwNMLPKPAMws8q8CzCzynwHMLPK/A8wu8oMALC7yowIsLvKTASwu8rMDLC7yiwCsLvKrAqwu8psBrC7yuwOsLvKHAGwu8qcCbC7ylwFsLvK3A2wu8o8A7C7yrwLsLvKfAewu8r8D7C3ygwAcLfKjAhwt8pMBHC3yswMcLfKLAJwt8qsCnC3ymwGcLHBQYFBgWGBUYF5gUmBaYFZgXWBRYFlgVWBfYFNgW2BXYF/hcgc8X+EKBLxb4UoEvF/hKga8W+FqBrxf4RoFvFvhWgW8X+E6B7xb4XoHvF/hBgR8W+FGBHxf4SYGfFvhZgZ8X+EWBXxb4VYFfF/hNgd8W+F2B3xf4Q4E/FvhTgT8X+EuBvxb4W4G/F/hHgX8W+FeBfxf4T4H/FvhfgUMKHFrgsAKHFziiwJEFjipwdIFjChxb4DgljlvieCWOX+IEJU5Y4kQlTlziJCVOWuJkJU5e4hQlTlniVCVOXeI0JU5b4nQlTl/iDCXOWOJMJc5c4iwlzlribCXOXuIcJc5Z4lwlzl3iPCXOW+J8Jc5f4gIlLljiQiUuXOIiJS5a4mIlLl7iEiUuWeJSJS5d4jIlUuKyJS5X4vIlrlDiiiWuVOLKJa5S4qolrlbi6iWuUeKaJa5V4tolrlPiuiWuV+L6JW5Q4oYlblTixiVuUuKmJW5W4uYlblHiliVuVeLWJW5T4rYlblfi9iXuUOKOJe5U4s4l7lLiriXuVuLuJe5R4p4l7lXi3iXuU+K+Je5X4v4lHlDigSUeVOLBJR5S4qElHlbi4SUeUeKRJR5V4tElHlPisSUeV+LxJZ5Q4oklnlTiySWeUuKpJVriaSWeXuIZJZ5Z4lklnl3iOSWeW+J5JZ5f4gUlXljiRSVeXOIlJV5a4mUlXl7iFSVeWeJVJV5d4jUlXlvidSVeX+INJd5Y4k0l3lziLSXeWuJtJd5e4h0l3lniXSXeXeI9Jd5b4n0l3l/iAyU+WOJDJT5c4iMlPlriYyU+XuITJT5Z4lMlPl3iMyU+W+KgxKDEsMSoxLjEpMS0xKzEvMSixLLEqsS6xKbEtsSuxL7E50p8vsQXSnyxxJdKfLnEV0p8tcTXSny9xDdKfLPEt0p8u8R3Sny3xPdKfL/ED0r8sMSPSvy4xE9K/LTEz0r8vMQvSvyyxK9K/LrEb0r8tsTvSvy+xB9K/LHEn0r8ucRfSvy1xN9K/L3EP0r8s8S/Svy7xH9K/LfE/0ocUuLQEoeVOLzEESWOLHFUiaNLHFPi2BLHqXDcCsercPwKJ6hwwgonqnDiCiepcNIKJ6tw8gqnqHDKCqeqcOoKp6lw2gqnq3D6CmeocMYKZ6pw5gpnqXDWCmercPYK56hwzgrnqnDuCuepcN4K56tw/goXqHDBCheqcOEKF6lw0QoXq3DxCpeocMkKl6pw6QqXqZAKl61wuQqXr3CFClescKUKV65wlQpXrXC1ClevcI0K16xwrQrXrnCdCtetcL0K169wgwo3rHCjCjeucJMKN61wswo3r3CLCrescKsKt65wmwq3rXC7CrevcIcKd6xwpwp3rnCXCnetcLcKd69wjwr3rHCvCveucJ8K961wvwr3r/CACg+s8KAKD67wkAoPrfCwCg+v8IgKj6zwqAqPrvCYCo+t8LgKj6/whApPrPCkCk+u8JQKT63QCk+r8PQKz6jwzArPqvDsCs+p8NwKz6vw/AovqPDCCi+q8OIKL6nw0govq/DyCq+o8MoKr6rw6gqvqfDaCq+r8PoKb6jwxgpvqvDmCm+p8NYKb6vw9grvqPDOCu+q8O4K76nw3grvq/D+Ch+o8MEKH6rw4QofqfDRCh+r8PEKn6jwyQqfqvDpCp+p8NkKBxUGFYYVRhXGFSYVphVmFeYVFhWWFVYV1hU2FbYVdhX2FT5X4fMVvlDhixW+VOHLFb5S4asVvlbh6xW+UeGbFb5V4dsVvlPhuxW+V+H7FX5Q4YcVflThxxV+UuGnFX5W4ecVflHhlxV+VeHXFX5T4bcVflfh9xX+UOGPFf5U4c8V/lLhrxX+VuHvFf5R4Z8V/lXh3xX+U+G/Ff5X4ZAKh1Y4rMLhFY6ocGSFoyocXeGYCsdWOE6N49Y4Xo3j1zhBjRPWOFGNE9c4SY2T1jhZjZPXOEWNU9Y4VY1T1zhNjdPWOF2N09c4Q40z1jhTjTPXOEuNs9Y4W42z1zhHjXPWOFeNc9c4T43z1jhfjfPXuECNC9a4UI0L17hIjYvWuFiNi9e4RI1L1rhUjUvXuEyN1LhsjcvVuHyNK9S4Yo0r1bhyjavUuGqNq9W4eo1r1LhmjWvVuHaN69S4bo3r1bh+jRvUuGGNG9W4cY2b1LhpjZvVuHmNW9S4ZY1b1bh1jdvUuG2N29W4fY071LhjjTvVuHONu9S4a4271bh7jXvUuGeNe9W4d4371LhvjfvVuH+NB9R4YI0H1XhwjYfUeGiNh9V4eI1H1HhkjUfVeHSNx9R4bI3H1Xh8jSfUeGKNJ9V4co2n1HhqjdZ4Wo2n13hGjWfWeFaNZ9d4To3n1nhejefXeEGNF9Z4UY0X13hJjZfWeFmNl9d4RY1X1nhVjVfXeE2N19Z4XY3X13hDjTfWeFONN9d4S4231nhbjbfXeEeNd9Z4V41313hPjffWeF+N99f4QI0P1vhQjQ/X+EiNj9b4WI2P1/hEjU/W+FSNT9f4TI3P1jioMagxrDGqMa4xqTGtMasxr7GosayxqrGusamxrbGrsa/xuRqfr/GFGl+s8aUaX67xlRpfrfG1Gl+v8Y0a36zxrRrfrvGdGt+t8b0a36/xgxo/rPGjGj+u8ZMaP63xsxo/r/GLGr+s8asav67xmxq/rfG7Gr+v8Ycaf6zxpxp/rvGXGn+t8bcaf6/xjxr/rPGvGv+u8Z8a/63xvxqH1Di0xmE1Dq9xRI0jaxxV4+gax9Q4tsZxGhy3wfEaHL/BCRqcsMGJGpy4wUkanLTByRqcvMEpGpyywakanLrBaRqctsHpGpy+wRkanLHBmRqcucFZGpy1wdkanL3BORqcs8G5Gpy7wXkanLfB+Rqcv8EFGlywwYUaXLjBRRpctMHFGly8wSUaXLLBpRpcusFlGqTBZRtcrsHlG1yhwRUbXKnBlRtcpcFVG1ytwdUbXKPBNRtcq8G1G1ynwXUbXK/B9RvcoMENG9yowY0b3KTBTRvcrMHNG9yiwS0b3KrBrRvcpsFtG9yuwe0b3KHBHRvcqcGdG9ylwV0b3K3B3Rvco8E9G9yrwb0b3KfBfRvcr8H9GzygwQMbPKjBgxs8pMFDGzyswcMbPKLBIxs8qsGjGzymwWMbPK7B4xs8ocETGzypwZMbPKXBUxu0wdMaPL3BMxo8s8GzGjy7wXMaPLfB8xo8v8ELGrywwYsavLjBSxq8tMHLGry8wSsavLLBqxq8usFrGry2wesavL7BGxq8scGbGry5wVsavLXB2xq8vcE7GryzwbsavLvBexq8t8H7Gry/wQcafLDBhxp8uMFHGny0wccafLzBJxp8ssGnGny6wWcafLbBQYNBg2GDUYNxg0mDaYNZg3mDRYNlg1WDdYNNg22DXYN9g881+HyDLzT4YoMvNfhyg680+GqDrzX4eoNvNPhmg281+HaD7zT4boPvNfh+gx80+GGDHzX4cYOfNPhpg581+HmDXzT4ZYNfNfh1g980+G2D3zX4fYM/NPhjgz81+HODvzT4a4O/Nfh7g380+GeDfzX4d4P/NPhvg/81OKTBoQ0Oa3B4gyMaHNngqAZHNzimwbENjtPiuC2O1+L4LU7Q4oQtTtTixC1O0uKkLU7W4uQtTtHilC1O1eLULU7T4rQtTtfi9C3O0OKMLc7U4swtztLirC3O1uLsLc7R4pwtztXi3C3O0+K8Lc7X4vwtLtDigi0u1OLCLS7S4qItLtbi4i0u0eKSLS7V4tItLtMiLS7b4nItLt/iCi2u2OJKLa7c4iotrtriai2u3uIaLa7Z4lotrt3iOi2u2+J6La7f4gYtbtjiRi1u3OImLW7a4mYtbt7iFi1u2eJWLW7d4jYtbtvidi1u3+IOLe7Y4k4t7tziLi3u2uJuLe7e4h4t7tniXi3u3eI+Le7b4n4t7t/iAS0e2OJBLR7c4iEtHtriYS0e3uIRLR7Z4lEtHt3iMS0e2+JxLR7f4gktntjiSS2e3OIpLZ7aoi2e1uLpLZ7R4pktntXi2S2e0+K5LZ7X4vktXtDihS1e1OLFLV7S4qUtXtbi5S1e0eKVLV7V4tUtXtPitS1e1+L1Ld7Q4o0t3tTizS3e0uKtLd7W4u0t3tHinS3e1eLdLd7T4r0t3tfi/S0+0OKDLT7U4sMtPtLioy0+1uLjLT7R4pMtPtXi0y0+0+KzLQ5aDFoMW4xajFtMWkxbzFrMWyxaLFusWqxbbFpsW+xa7Ft8rsXnW3yhxRdbfKnFl1t8pcVXW3ytxddbfKPFN1t8q8W3W3ynxXdbfK/F91v8oMUPW/yoxY9b/KTFT1v8rMXPW/yixS9b/KrFr1v8psVvW/yuxe9b/KHFH1v8qcWfW/ylxV9b/K3F31v8o8U/W/yrxb9b/KfFf1v8r8UhLQ5tcViLw1sc0eLIFke1OLrFMS2ObXGcDsftcLwOx+9wgg4n7HCiDifucJIOJ+1wsg4n73CKDqfscKoOp+5wmg6n7XC6DqfvcIYOZ+xwpg5n7nCWDmftcLYOZ+9wjg7n7HCuDufucJ4O5+1wvg7n73CBDhfscKEOF+5wkQ4X7XCxDhfvcIkOl+xwqQ6X7nCZDulw2Q6X63D5DlfocMUOV+pw5Q5X6XDVDlfrcPUO1+hwzQ7X6nDtDtfpcN0O1+tw/Q436HDDDjfqcOMON+lw0w4363DzDrfocMsOt+pw6w636XDbDrfrcPsOd+hwxw536nDnDnfpcNcOd+tw9w736HDPDvfqcO8O9+lw3w7363D/Dg/o8MAOD+rw4A4P6fDQDg/r8PAOj+jwyA6P6vDoDo/p8NgOj+vw+A5P6PDEDk/q8OQOT+nw1A7t8LQOT+/wjA7P7PCsDs/u8JwOz+3wvA7P7/CCDi/s8KIOL+7wkg4v7fCyDi/v8IoOr+zwqg6v7vCaDq/t8LoOr+/whg5v7PCmDm/u8JYOb+3wtg5v7/CODu/s8K4O7+7wng7v7fC+Du/v8IEOH+zwoQ4f7vCRDh/t8LEOH+/wiQ6f7PCpDp/u8JkOn+1w0GHQYdhh1GHcYdJh2mHWYd5h0WHZYdVh3WHTYdth12Hf4XMdPt/hCx2+2OFLHb7c4Ssdvtrhax2+3uEbHb7Z4Vsdvt3hOx2+2+F7Hb7f4QcdftjhRx1+3OEnHX7a4Wcdft7hFx1+2eFXHX7d4Tcdftvhdx1+3+EPHf7Y4U8d/tzhLx3+2uFvHf7e4R8d/tnhXx3+3eE/Hf7b4X8dDulwaIfDOhze4YgOR3Y4qsPRHY7pcGyH4/Q4bo/j9Th+jxP0OGGPE/U4cY+T9Dhpj5P1OHmPU/Q4ZY9T9Th1j9P0OG2P0/U4fY8z9DhjjzP1OHOPs/Q4a4+z9Th7j3P0OGePc/U4d4/z9Dhvj/P1OH+PC/S4YI8L9bhwj4v0uGiPi/W4eI9L9Lhkj0v1uHSPy/RIj8v2uFyPy/e4Qo8r9rhSjyv3uEqPq/a4Wo+r97hGj2v2uFaPa/e4To/r9rhej+v3uEGPG/a4UY8b97hJj5v2uFmPm/e4RY9b9rhVj1v3uE2P2/a4XY/b97hDjzv2uFOPO/e4S4+79rhbj7v3uEePe/a4V49797hPj/v2uF+P+/d4QI8H9nhQjwf3eEiPh/Z4WI+H93hEj0f2eFSPR/d4TI/H9nhcj8f3eEKPJ/Z4Uo8n93hKj6f2aI+n9Xh6j2f0eGaPZ/V4do/n9Hhuj+f1eH6PF/R4YY8X9Xhxj5f0eGmPl/V4eY9X9Hhlj1f1eHWP1/R4bY/X9Xh9jzf0eGOPN/V4c4+39Hhrj7f1eHuPd/R4Z4939Xh3j/f0eG+P9/V4f48P9Phgjw/1+HCPj/T4aI+P9fh4j0/0+GSPT/X4dI/P9Phsj4Me/w8AAP//wLDz/g==")

4m38.039278386s ago: executing program 0 (id=1898):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x400)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f00000000c0)={0x0, 0x8000, 0x5ae4, {0x100, 0xb}, 0x100000, 0x5b50})

4m36.852582869s ago: executing program 0 (id=1900):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
read(r0, &(0x7f0000000840)=""/40, 0x28)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x381, @time={0x5}, 0x40, {0xc0, 0xff}, 0x46, 0x1, 0x1})
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r0, 0x80045300, &(0x7f0000000080))

4m35.355148137s ago: executing program 0 (id=1904):
r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

4m33.107800726s ago: executing program 0 (id=1913):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
writev(r0, &(0x7f0000003500)=[{&(0x7f00000035c0)='4', 0x1}], 0x1)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x8, &(0x7f0000000100)=0x147ae147ae147ad, 0x112)

4m32.52477209s ago: executing program 0 (id=1916):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40098}, 0x4000000)
r3 = socket$netlink(0x10, 0x3, 0x9)
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x10d00, 0xf)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)={0x9c, r5, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x74, 0x8, 0x0, 0x1, [{0x6c, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x20, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "eff93d58460ea431f2cb4a6894ddb2834088d7445bf5afdd0619ce173f1db717"}]}, {0x4}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)

4m14.998638596s ago: executing program 34 (id=1916):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40098}, 0x4000000)
r3 = socket$netlink(0x10, 0x3, 0x9)
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x10d00, 0xf)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)={0x9c, r5, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x74, 0x8, 0x0, 0x1, [{0x6c, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x20, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "eff93d58460ea431f2cb4a6894ddb2834088d7445bf5afdd0619ce173f1db717"}]}, {0x4}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)

1m24.525105528s ago: executing program 1 (id=2689):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[@assoc={0x18, 0x117, 0x4, 0x400}], 0x18, 0x20000840}, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[], 0x12f4}, 0x1, 0x0, 0x0, 0x4040845}, 0x40000)
recvmsg$can_bcm(r1, &(0x7f00000017c0)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000080)=""/138, 0x8a}, {&(0x7f0000000480)=""/250, 0xfa}, {&(0x7f0000000400)=""/119, 0x77}, {&(0x7f0000000c40)=""/138, 0x8a}, {&(0x7f0000000940)=""/246, 0xf6}, {&(0x7f0000000680)=""/148, 0x94}], 0x6}, 0x0)

1m24.311555413s ago: executing program 1 (id=2691):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000010c0)={0x40, r2, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x628}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x7}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x80c1}, 0x40000)

1m23.922012742s ago: executing program 1 (id=2693):
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x9, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000440)="08008edf773c8000", 0x35)

1m23.610281072s ago: executing program 1 (id=2696):
syz_open_procfs(0x0, &(0x7f00000001c0)='net/packet\x00')
socket$packet(0x11, 0x2, 0x300)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a1)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20400, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
fanotify_init(0x8, 0x80000)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x2)
openat$audio1(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x40000012})
ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f00000003c0)={r2, 0x0, 0x0, 0x7e3c, 0x4, 0x9, 0xfffffff9, 0xffff, 0xfffffffe, 0x7, 0x1, 0xfefffffd})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000180)={0x300, 0x1, &(0x7f0000000340)=[r2], &(0x7f0000000040)=[0x1], &(0x7f0000000200), &(0x7f00000000c0), 0x0, 0x7f})

1m22.168598172s ago: executing program 1 (id=2700):
io_setup(0x4, &(0x7f00000014c0)=<r0=>0x0)
syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00')
io_submit(r0, 0x1, &(0x7f0000000280)=[0x0])
mount$binderfs(0x0, &(0x7f0000000700)='./binderfs\x00', 0x0, 0x20, 0x0)

1m21.314933052s ago: executing program 1 (id=2702):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0})
r0 = timerfd_create(0x0, 0x0)
timerfd_gettime(r0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r2, 0x0)
r3 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
io_setup(0x3, 0x0)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r6, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
splice(r6, 0x0, r5, 0x0, 0xfea8, 0xa)
r7 = socket$packet(0x11, 0x2, 0x300)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$SIOCGSTAMPNS(r7, 0x8907, 0x0)

1m5.81267122s ago: executing program 35 (id=2702):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0})
r0 = timerfd_create(0x0, 0x0)
timerfd_gettime(r0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r2, 0x0)
r3 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
io_setup(0x3, 0x0)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r6, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
splice(r6, 0x0, r5, 0x0, 0xfea8, 0xa)
r7 = socket$packet(0x11, 0x2, 0x300)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$SIOCGSTAMPNS(r7, 0x8907, 0x0)

6.731824734s ago: executing program 2 (id=2928):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000ac03000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, r3, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x8000000000000001}}, 0x30)
syz_emit_ethernet(0x2a, &(0x7f0000000380)=ANY=[], 0x0)

6.003920697s ago: executing program 6 (id=2931):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000ac0)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r2, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r0}, 0x20)
setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000080), 0x4)

5.890112394s ago: executing program 2 (id=2932):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f0000000100)=r1, 0x4)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0x2ee0}], 0x13, 0x0, 0x0, 0x10000000}, 0x12cd)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000180)='./file2\x00', 0x8000, &(0x7f0000000000)=ANY=[], 0x1, 0x255, &(0x7f0000001a40)="$eJzsWL9rFEEU/mZ2b29PgmhjYaNgwBO9vdwGJc0RIwipbKKojbKYNcTb5GRvBe9ASNDCRjsLwcbCf8AihbWd/4CghQqChSksbEQYmd3Z3Tlv490tdnlfMflm3o9537vdF1gQCIR9iy+ff356cmHh8hkAM5hFVZ1/MwDGEs41/4/P751+1r744vWHV283Dz5483c+GSLEb6Ef2Kjseb8JoL5kIMpuEmnsL0lm1WYG1YxfAccpxa+Cwcky8ewiH8uPrit+Bwwp70p/x7m9HvjOrW6wKsmcXFpyceUypFdm3d1mWFV7IYRgmr3XH3S8IPBDjZjKVmAqRbLLOkdG+leBhd0ljraqVtYn67/2+OG2PHGU3xx41r8WOFpKxDwYVtT5Aqppb5KWaPqPmrl+I7/ellV5QaFa6SoN40TaQeAbvX77x39plk4ON8qF16Wc86OmQyhTBvKoRfhhBblJdnLY+fjEmWsAJnh0YmJqvw6KnRfVL1pC4KURFRoR2kvydKKapyJWkZxSKjpecKOR9OBd4IeVYdPXgigL/QEDT7QLNv4Klj4JIg7/l7M9ac3pm1i+hzUMOrxkx3Riq0qywt7vJPNDvGQ4qc1PU5tfzWjjbrPXHzTWN7w1f83fdN35cwzYOus240GUrCNzL5/PtXg+HdDy7/XfxuIW7ntRFLaS1WIWaoii0I33rvbarOx0v99UYRGWAZxINnJsWllGQ0+f6o99ePxXsrqhV0sgEAgEAoFAIBAIBAKBQCAQCFMh++DJgK1jYPFX0DFwk4g/AQAA//94TlTK")
r2 = creat(0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0xb)

5.512885099s ago: executing program 6 (id=2935):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
close(0xffffffffffffffff)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000240)={0x8, {"7f9654d636ab18b7938a2804505c72e9994ca22404fc203334cc21ed3d6a776fd12d13f9602b2980f983c31a5d1e431db778099ce3af3fb20e1ee1f4fdb77cbb36154982a93c19825d6fd273ab1eb5bcd47adad50de8a6791486e482e29ecc94284921f33b941cfc1000c9781d9a828c5ec7a2c77b4e624a5aa0e9e39782bad733eda81ba47e1c6116e4170e6587dd6210a57abe91f1f80c4e31139d8b73fe35ac1f99ea82dd6aa9c9aa67de88ae3e141020e1a876bbc449d2d843aa7e6d90b948b7e28770e6ac71010c63f17e90fd20806a9f8d9f418ee3af74aac64b04a27c4f5e3626ca2da546c79d24acadd11e8d272a22fc54078fd5e64475993668980a9f95aff964ded28f79c862e674356af492b8377a759d8ccf1accb9a18ef7ad16f438dde69cd020d71552b0810688c882a26a22b23f4b35471b08b379193db1cd7934a4049ff1b00d9795cda6e73951641d5e2365c24facd5afd09ed1d096d758b4fef66fe1aa22395d67b7e1db623d4a60a7dc93893d6c4a91df79535a855868c5dc0033d5c428cd25b85c5deb6e81068553bc84cead4d1eba8aa57e2b354a6899e44acbd3834491219b3e231cd55d82f161774a689efe197cc193ac0124c67738a0a1d5f16a6768c2c2ba7386c8c95ca08c55117f344f5a2bca0d09e79ea3fc49491f2c7adc513c2779c1bf62b1a8643d23e9e8b2ae41d4a59f1b82b82e092b36eb851b8456da871b4057aec325a9d4cccafde61f2abc85e3cabeabb856f6ffbfe23d69219ec8fae6beb54abe7870dbae823d49806a967a1c7f252999804f106745f20490bb3347b59321dc69765567abcbd89de04d89622170005df5871ed0fb72345a11da074060d7d4ee2e437f71a45723fb6b02de56067e54f54c52d10f7874a13cbfb3bd65ce54f9d6719ea210e0cf79e4e2157736ec07ac5915682ab81bced665c1e72fab8d8cfe509de0f21fe374b957b379fd5918061e21c2e96985cc1354b2de859b0f1a463ab04683b1253eda671c2353b5c208aca652f5419ffc4949a7fa909b95653f42d97390c400b4a1c308b11e73e9a06d3b164d3361e75584d70e6bc61d570a7e0c7da330f643194c1893fcd6489fac605eead61b53dff18caf526ecccc9bbd9146bc3c3bb67677695e6fddaab081786e9084014e60f5c03ae5a9087726b05e17402cd2fbb80d773b8a41470b1f901a8c2b2d57450181f4fc5bc53c7cb3dc032b84567492607cb08832eca9f79da9210d197863e5db5a74a9823dc0cc8bd9f3a9b6ff5a7d15d4747a9b26e088f4fad96d81cd1214226b1c4585d418d593220fcbb9ad949266cc48163e3498b46ebcdf7b2b5ecfe67539a61ed9e39b02d5b35ac0d0e7fa830034ca2da8a7ddf04bcf2cee939994369feb77023e0e3de04b21db7a640a92c17748245005cd75a7deba4ff0e4c104a9db2d9a98ec8edb3562050a3bac5f322290e3d8b6fb21770ac436d4cb12b97fc8f76d7bb9eeed85663eb0626f1ad1719ee4b07f7de2c1d1a31c27c6879f4fa3dbdfb2bfc0898beabafbeca9f13050e6b2f6c432e423cd5cb6b8fa56fe32c3e50104e44462c0a5c69de6a7ac5ae3d9f07ceed64dbffa42e4663838bfcde92f0fcb895f3b93c59b0e48c09890dfc36436db56b708f6e7cbbd2a6305f573cee099dbcd263cb96d9fb69cbc3cb06d8f5e3789698a17e71d22b4665ff5447fcc17a31bb136c8bb4b984573bcaf1cb650198c1266e6ddfd42d44f9de02cb9d915c5334c550fac3fcee56790aeb09d81e7690a32d8b0cc477b23f15257820de227be1ffaec2f63f3266b8f5dd78947dcee355fe59bfb100e5244425532bb1d115acd211b8c16b0ec0aae00fca5d4511a05c3ff027a1cac56210a10d81c01b90e156cc7b33de0fac825dc516d398166096013e068db935483c93ba95da39b5ae4087d84479a4c4809f28f93790dc279637bd6f3dc441d315cf6bd7b0e3d92070a45baf4445ce063fd12690eb002f5ca068a256bc54100c99a02a346beca39072163c4b297d117f1ed9fef42e3dbc11d36a0a0db52e84461c6fbb4aad62cd6c8dc9ae6a3390a5e8773ac599e67436220c8d541a9039762bffaa7f490e31dddbc362fb4ff686cda905f3b02a1db76d4d570d970434921ca8a4765af6d5c8b881e1f4ffa7e2d9ef5f5511b94f88474674ec790bb5186c73446a227bf1ffd19b605733abd1bd41e421aeaf2ed4617088c7ceef85451225056435993e89e4bccd2c2e4b39af99feef11fea645eeb5cf9f77b1e19a72d3efb613100969b84302789714bca65bcbc96762b4012a5700c62aed706433b9f142b7302442b6a9958b0e28e8b1cfa9eeb4ac0d71f497b23babf9f0221dcb658d9f4db5d45bee30d2ad7c97d6a562e014a7701c15325ec5d42ab732b37714a77a95c03fb15bbfba6fade32bf50f985a1df362ca7216cc152907dd931acb58a63920f581e82b590c0d6a0033009f8e50c3263d3f58596b63d507cadbc809a6690561f74d0772bf92d04e06c47a350724b106f5e83f7e71c4b2a983bf5ad7d8684e7b8b5dc1273d0fa5879b8e61bde33d602bc8ff0913b6d32dcac366d568dc7cf82bbfc405cbe418a2644c26592b32ca1a632fc95123efb784cfb6953a94ebeccd24fba389a0e56b043df07d9a2dd38a1196e5e55576b25f85cb96f6560802a4a58b7a6857e8454faa2c880bf32d464562b2bdc5f0df22b663f2c01fc944f1cfd1908f617f8295a5440bb79ae178ea46a95baeea48322105146ac3ed2de7d3796ddddcc848a8ecf4a00dd055733b4f59211f5a40deea44e74b3bc57953b26ed61e6fd67889edfe8d0902385e37666aacec072735630ecc441c3cc6b09bb2f63aa4e332c6df728dc74078a83ce20454dfd616d116270666ddc09c5fea2e8442bc43455d0257fac92f3780061178f9420bf8e463f29896c12383dbb9a81bc5c87376e647c8a9786cb514fb9696d9c0a8d303c5c4b5b7c5f601c01fa19323e02f675c371bc44fbc1ac5704d41a89a2a4ccec6ac8440c532f07da25aa2dce6a5d2ebe694eb4017d178b221213bfe2a01d9cfe689bd190776bca6c032f446eb8862587a7826e35f3f691763212eee6af2e49bbeb0a27e07c5714b74e373798c7bebce265f7ebef3a1ea64078cf1e8a9d433af32c53090c972ffedbadafb50b9a6e540abd84f8e938583ea725954be3b236c5d8aca7d486d21902a2902f25a7c02dbe83c39bd0b81513f9ef198c49d560e930ae224ff47f92e4851e1f7ab5bb406abcf6596569261e6b0c67bb3b854e9c6de60bfb60fcf29241ff237151310ecd19f8b2cfe764c1df1a2de9d840eca47aa169ba9a415901204ec31ccdfd76e908029ae34fb12dc286758c64fd6d42bc82b14e07e421f4b42b180cd6ef40cac8062928b4a420a4577f24295f54de9048ac9d34307bf93e463cea4967cf4880166f68ed1eb965db2e4fb9f5f0b1c695d621e427ccb9a3188073ee6fde729c6698346efa1c0ba643c1efd20858965511da750060d551c44c435a5f1603fae7357e0bc78e92aad3d88790ec2aa1a42d6fe7e0ffc57f3599e406db63be7dd32692df32ce33dee0a2becdb02d6e435e09de3d356497543db23f53da25643f9c585e275297800d8beed47f0e622f86fc25d2e87036fdceebfe7257cb6de0c02412d1c0758acfcd0862e99ad17a118f46f635a87477e8b825423d94ada35bf0b5444aa7d3de4bb7eec7ae5129fcc2cba651cc972f5500fc5161149d29f452962afb102a01ae76825cb4477460be0b85d75058595c27e9b7fae3492ec3925c671bee5f4ca534d5a294f783d6cc073c992139b61d21fd98297b04c0578dafd5f7ebcaf8d4d9185aea3d76e813421f4573b38c25093c015a65e44fb297f0f6ac2d02c4237b37a3bfca2406c5c95ae5812816bacad59ba7c6f72d7c644ff25b592ed1e89b276e05866c01a4ced7fc6dd9f190c20d420d7c8a1fe908833a24c5e5bd7a95a2a6fbf147fc4b29a179718166dd0fbae2fc6b8c8aac6194fa6baf0d3edc36b2316c56c441ba53e3e7aaaf0a1405566ff584f73a637b74dde9bcb4d41da2be6c9df5d533fbac54f5fb52a8a793757cfe19aa90048c6d07e3474136ae1be2455b0d0d02eb4b5961ba883209355c0dd2af4aad98e7b971e358a7d9b55fe17cd6095f257355d9b99e5ea52848f17b35a80792d9ed0fef6fe3eef9a324902409969823be20bbe0e8dba9c747cd1a14d3642d877b86271f3f0c322a142c4ff635b37d542c3265b5fe8589a732bb1a55010b930dd0196cd43ac3634c01b4a44c517197d03a3d89c67f5c09aab409e84c0af466bfbd0c96d240101a2542c66b4b4b8ef65b41b0079995c52cc9720d2c1d7c128c6f17a65cc798c1986cfbd8888460c54438edc4f91f3580391c8b57d9aee209a59a116c1c44775437e9c30e6d87e82ce84e28532b19441e32ab9aea22177bac9daad25a6c88395e9348d6780de630cddb266c411011175bdb6255a36535180818447d43ffba3758d311539fe9f6811fa470bf3767b4c2d4cdf37854c7ee28730bb1d39d5c0dfffcdbf353cca3e13079f3ae66b839c7dd36914022a0e75bca5b622f521420b73249ef47f03c1fb03ecf7557882afcaa7cf454a68ad237d4ce860bd6b1531c1cafe2cfb76bc4188271ef6bdfb304ee0e6932463a1909f03d6e8a27b5f137d6b342841d613863dfdf37d5ec3a98d667810fb6f82d67620bdefed8b3ff98420a6c7ee577c3ba68b95a20403608a7ba6526ec9e8662c6e15ab09b1a9019d4958af04cb2e4890ee6b1077fcaa5cc0817f388461b230fe631e75f18ab392a5ca5de4a024ca16dd05fcfdf92114e43a5c4a169d462ff0dba57deeaf5eaafd892f8ccbd72ac56471162e1416bca39859b4184ba0d1b3f7ec05db4ef4cf0142867fa9be328a0be8aa74c716aad9411008607980861f4f72e9bfa60195e2f939d3f6a44a6cec07dd376d1bccaa126686f313d5f7918ecd1215026982c82ed1922ef70e36e8ed59b2d5ceab3b4aad7e53049062dd5ba0e87f7005c3f4d2b788245cdc2f35ef2572bea5ea92dfad406ade6d5ad18be8eeb4c652e5277b200fedea1c0c0f5a68d42e00d59b75941917b2cdf31fdf809f2078ca97fd5beba65b34e0621138ea0e94feb87166b2dac2232ebca575e5c0a4d565d9992f733bbfbe68a63d99ee93398604065d5517c33ed0e067bdb643e73102f16137afd7d4bf21e8065ea028c392a6dcefbe642dc3fb03a239d9c8b17023eacc8e19fea11c34a10644af1b786fc0f4504038c2ee59c1b353f3d7b9313df025b4b5874ca63ec164a3fe35bf390d266f53dcda6a8e190e63a56ffdf4f7c5c02aa22d376db06d4d2b96be5b331f897d1ecfd25c13a1c194c265dd95a5724a6435bc8138224d9db28b689b9cea5132cd19601dbc4a43e70c71e27e8fd0689d09484974e8a4605f8553735fffaf5654a087e323ca14e02b681b9bbe592bd6b719ae2e86bdf918b27c79d52dd334d1aa7ebc1bff76e97572faad092010a1022f7d33089049107a89c364ae7dd022d119e8f6ab795fd71d76a90e8202339401ff9e9918ea8c8e12f7b0ba10d9ebde5d1bc5988f2d07b34579d8c282628204f2978d8b0cf95dc41f3775a4053f833267c64b42336d7c850f2918ef0dd6d62e43fcc173254eb34748efd4754609ce25ade162ba3c91bb844aaf6fd648ee5a8fc5c64346603f8258592d67b9613e8f7ac0def0958f13436581d729e0b3e062738eb06b2116abe837529690a614fc5d3f53b4d4602e57060", 0x1000}}, 0xf47)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
write$RDMA_USER_CM_CMD_REJECT(r0, &(0x7f0000000080)={0x9, 0x108, 0xfa00, {0xffffffffffffffff, 0xff, "8818d4", "0a42844178b6e0694e11c75a8d13ab66d9700f66343c80697a335e16483403529334a63f903d1923dd567177f3ddc8257b55ab2dd664e814482b9ed72ce5dd1c780343b1a0dadac6be969def3e40be9332eb522e71551d2a8b9f26979edc98a347d24d9be70b696de89cd868df1caac5fa87e6de3267467453d55e4f7496434c11bce3d6807833c1d6a349883eef13aef63725cd29c78954e34c2144a8623a76c43c0da06da8960afd48efbf220510501ba1f9b30dbc3131b4829c078509a3a92d68a79a78812dd54b6bedcfdfa47e5fbc585a0d5d13396e68751383be58bc2e39bc3f525710f9b5df063179092a2e7fe51e47abe4da54f2036278b2e750f837"}}, 0x110)

5.062172316s ago: executing program 6 (id=2941):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r0, 0x0, 0x23, 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r1, 0xffffffffffffffff, 0x0)

4.826278562s ago: executing program 6 (id=2942):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000ac03000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, r3, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x8000000000000001}}, 0x30)
syz_emit_ethernet(0x2a, &(0x7f0000000380)=ANY=[], 0x0)

4.706362762s ago: executing program 2 (id=2945):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000ac0)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r2, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r0}, 0x20)
setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000080), 0x4)

4.297021487s ago: executing program 2 (id=2946):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff00000000000109022d000100000000090400001503000000092140000001220f00090581", @ANYRES32], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x5, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xa9}, [@call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
ioctl$HIDIOCGUSAGE(r1, 0x501c4814, &(0x7f0000000000)={0x2, 0xffffffff, 0x0, 0x5, 0x0, 0xfffffffc})

3.924917829s ago: executing program 6 (id=2947):
prctl$PR_SET_SECUREBITS(0x1c, 0x15)
setuid(0xee00)
fchmodat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0xfffffe41)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x4a040, 0x0)

3.805818086s ago: executing program 7 (id=2948):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000c00)=@newtfilter={0x34, 0x2c, 0xd3f, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r6, {0xc, 0xc}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)
r7 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x18ea1}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}]}, 0x44}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)

3.573548603s ago: executing program 6 (id=2951):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1c802, &(0x7f0000002740)=ANY=[], 0x3, 0x5f74, &(0x7f0000007fc0)="$eJzs3V1vHFf9B/DfPnj90H/TqPqrChEXbgqlpTTPCZSnplxwAUggoVyTyHWrQFpQEhCtLOLKF4gLHl4C3PSGi76RIvEKEC+ASDZXlaAMGvucZLxeex1i76x9Ph/JmfntmfGeydfj2fXM7AkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIL7z7R9e6ETEjV+kB05G/F/0IroR83W9GPXMtbx8PyJOxWZzPBcRvdmIev3Nf56JuBwRH5+IWN9YWaofvrjPflw5f+/Op9/91t9+/fu1Uz9+80cfDrf/4P8vffSb+xEnv//aR5/eP5htBwAAgFJUVVV10tv80+n9fbftTgEAE5GP/1WSH1er1Wr1gda/605Xf9SF1k3VaPebRUSsNtepXzM4HQ8AR8xqfNJ2F2iR/IvWj4in2u4EMNU6bXeAQ7G+sbLUSfl2mseDxa32/HfKbfmvdh7e37HbdJzha0wm9fO1Fr14dpf+zE+oD9Mk598dzv/GVvsgLXfY+U/KbvkPtm59Kk7Ovzec/5Bt+f8hIo5s/t2R+Zcq599/nPxXe0d4/5c/AAAAAADHX/77/8mWz//OPvmm7Mte538XJ9QHAAAAAAAAADhoTzr+30PG/wMAAICpVb9Xr/3xxKPHdvsstvrx652Ip4eWBwqTbpZZaLsfAAAAAAAAAAAAAFCS/tY1vNc7ETMR8fTCQlVV9VfTcP24nnT9o6707YeStf1LHgAAtnx8It3Lnwfg60TMRcT19Fl/MwsLC1U1N79QLVTzs/n17GB2rppvvK/N0/qx2cE+XhD3B1X9zeYa6zWNe788rn34+9XPNah6++jYZLQcOgDF2zoarTsiHTNV9Uy0/SqHo8H+f/zY/9mPtn9OAQAAgMNXVVXVSR/nfTqd8++23SkAYBLm8vF/+LyAWq1Wq9Xq41c3VaPdbxYRsdpcp37NYDh+ADhiVuOTtrtAi+RftH5EnGq7E8BU67TdAQ7F+sbKUifl22keD9L47vlakG35r3Y218vrj5qOM3yNyaR+vtaiF8/u0p/nJtSHaZLz7w7nf2OrfZCWO+z8J2W3/OvtPNlCf9qW8+8N5z/k+OTfHZl/qXL+/cfKvyd/AAAAAACYYvnv/yfLPf/by/1ZnFAfAAAAAAAAAOCgrW+sLOX7XvP5/8+OWK7TnHP/57GR8+/sO3/3/x4nOf/ucP5DF+T0GvMP3niU/z83VpY+vPePz+Tp1Oc/0xvUzz3T6fb66ZqfauatuBW3YznO71i+v639wo72mW3tF8e0X9rRPqjb53P72ViKn8btePNh++yYC6PmxrRXY9pz/j37f5Fy/v3GV53/QmrvDE1rDz7o7tjvm9NRz3Ptz/9+cefeNXlr0Xu4bU319p1poT+b/ydPDeLnd5fvnP3lzXv37lyINNn26MVIkwOW859JXzn/l17Yas+/95v764MPBo+d/7RYi/6u+b/QmK+39+UJ960NOf9B+sr55yPQ6P3/KOe/+/7/Sgv9AQAAAAAAAAAAAAAAgL1UVbV5i+i1iLia7v9p695MAGCifvu9NFMloVar1Wq1+tjWTdVorzeLmNu+ztWI+NWobwYATLP/RMTf2+4ErZF/wfLn/dXTz7XdGWCi7r73/k9u3r69fOdu2z0BAAAAAAAAAP5XefzPxcb4z5vXAQ2NG71t/Nc3YvHIjv/ZHfQ2xzpPG/R87D3+95nYe/zv/pjnmxnTPhjTPjumfW5M+8gbPRpy/s+njHP+p9OGlTT+60st9KdtOf8zaaznnP8XhpZr5l/96Sjn392W/7l77/zs3N333n/11js3315+e/ndC+evXr505fKlK1fOvXXr9vL5rX9b7PHhyvnnsa9dB1qWnH/OXP5lyfl/PtXyL0vO/8VUy78sOf/8ek/+Zcn55/c+8i9Lzv/lVMu/LDn/L6Za/mXJ+b+SavmXJef/pVTLvyw5/1dTLf+y5PzPplr+Zcn5n0u1/MuS889nuORflpx/vrJB/mXJ+V9MtfzLkvO/lGr5lyXnfznV8i9Lzv9KquVflpz/1VTLvyw5/y+nWv5lyfl/JdXyL0vO/7VUy78sOf+vplr+Zcn5fy3V8i9Lzv/rqZZ/WXL+30i1/MuS8/9mquVflpz/66mWf1keff6/mQnP/OsvEVPQDTOlzrz7172Wafs3EwAAAAAAAAAAAAAwbBJXGre9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2UHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdi7uxi5zvoM4Ge/7LUTiEtCCMGQteMEQzbeXX8lJhgcIDQNLU0DoaUNdYy9/gB/1buGJIqaTZO2QURqpPYivSgFRBFSWyVCSKVSiiIVqb1rrkC5Qa2UC0tNKhNBJaokW5057/vuzOzszPpj7Tnn/H5R/PfOnJl558yZ2X3WemYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmm34+PSfD2RZlv/f+GNdll2Z/31Ntif/cm7n5V4hAAAAcKHebPz5D1elE/Ys40JN2/zb+/7jB/Pz8/PZF18/89Zfzs+nM8aybGh1ljXOi/79V7+cb94meCIbHRhs+nqwx80P9Th/uMf5Iz3OX9Xj/NU9zh/tcf6iHbDImuL3MY0r29T467pil2bXZCON8zZ1uNQTA6sHB+PvchoGGpeZHzmYHcmOZtPZ5KLLDDT+y7IXNuS3dXcWb2uw6bbWZ1l29ueP7o9rGAj7eFPWcmMNzY/da3dmY6///NH935199d2dZs/dsGilWbZ5Y77OJ7Ns4ddV2UC2Ou2TuM7BpnWu77DOoZZ1DjQul/+9fZ1nl7nOeL9Hwzpf6rLO9eG0h27MsmwuW3Kbdk9kg9natltN+3u0OCLy68gfyndkw+d0nGxYxnGSX+aVG1uPk/ZjMu7/DWGfDC+xhuaH47XHVy3a7+d7nOT3uh+O1fy6781vdHS0+VerLcdqvs2jNy19DHR87DocA+lYbjoGNvY6BgZXDTWOgcGFNW9sOQamFl1mMBto3NaZm7ofAxOzx05OzDz8yK1Hju07NH1o+vjU5M7t23Zs37Zjx8TBI0enJ4s/z22XlsjabDAdgxvDa008Bt/ftm3zITn/rYv3PBjtk+dBft8/e3O+oCsHsyWO8XybJzdf+PMgfd9veh4MNz0POr6mdngeDC/jeZBvc3bz8r5nDjf932kNK/VauK7pGLic3w/z23zgA0u/Fq4P63rqg+f6/XBo0TEQ79ZAeO7lp6Sf90ZvD/tl8XFxfX7GFauy0zPTp7Y8tG929tRUFsYlcXXTY9V+vKxtuk/ZouNl8JyPlz1//8bN13c4fV3YV6O3dH+s8m22j3d/rBqv7q37c1VW7M+WU7dmYVxkl3p/dvpulu/PlCW67M98mydvvfCfBVMuaXr9G+n1+jc0Mly8/g2lvTHS8vq3+KEZaqwsy87eurzXv5Hw/6V+/bumT17/8n31wJbux0C+zVMT53oMDHd9/bsxzIGwng+ExDDalPvfapw/VxymTY9lz+NmeHgkHDfD8RZbj5ttiy6TX1t+25snz++42Xxj62PV8nNLBY+bfF/91WT34ybf5sWpC3/tWBP/2vTasarXMTAytCpf70g6CIrXu/k18RjYku3PTmRHswPpMvmjnN/W+NblHQOrwv+X+rXjuj45BvJ99ezW7sdAvs2Pt13cn502h1PSNk0/O7X/fmGpzH/98ML1te+2i53583V+4iefTqd1yhD5Nq9uP9ec0X0/3RJOuaLDfmp//ix1TB/ILs1+ui6s8+iO7r+byre5Zucyj6c9WZa9PPVy4/dd4fe73z/9kx+0/N630++UX556+Z6J+356LusHAOD8vdX4c25V8bNm079YL+ff/wEAAIBSiLl/MMxE/gcAAIDKiLl/KMxE/gcAAIDKiLl/OMykJvn/8O27nnvzsSy9G+B8EM+Pu+HejxTbxY73XPh6bH5BfvrHvjPy3NceW95tD2ZZ9sY97+m4/eGPxHUVTsZ1fqj19EWuu2FZt//g/QvbNb9/wtldxfXH+7PcwyB2lV+Y2Nq43rGHpxrzxXuyxrxv7qkniusvvo7bn9lWbP834U1L9hwcaLn85rCeTWGOhfeUuXfPwn7IZ7zcc+vf969Xf27h9uLlBja+vXE3n/3j4nrje0Q9c3WxfbzfS63/X77+vefy7R+6qfP6HxvsvP4z4XpfCfNXu4vtm/f515rW/6dh/fH24uW2fPtHHdf//LuK7Z8Px8U3w2xf/51/8d43Oz1e8Xb23FFcLt7+5P9ub1wuXl+8/vb1jz421bI/2q//xdeL69n9lV8MNW8fT4+3Ez14R+vxPRAe35YeeZZl3/uzrGU/Zx8uLvfPbeuP13fyjs7rv6VtnScHbmhcfuH+rGu5X9/4u60d729cz55/XNdyf565K+y/1yd+nF/vmfvC8RjO/7+Xiutrfy/T5+9qfb2J239zXfG8jdc30bb+Z9rWP3dDvu96r//u14v1P//R1S3r3/PJcDzdXcxe6z/0t1e1XP5b3y0ej1NfHT9+Yub0kQNNe7X5ebx6dM3aK65829uvCq+l7V/vPTF7ePrU2OTYZJaNlfAtA1d6/d8O83+KMXfxb6Hw018Ux93Tnyq+b73/l8XXz4TTHwyPZ/z++I2/Hmk5Xtsf97mPFvNC1//BsI7letfX/+uGZW145gsvnP6nP3m1/eeCeH9OvnO0cf+e3XBt47yBF4vz21+vevnPd7Y+r382PNmYPwz7dT68M/PGa4vba7/++N4kT3+meP7Gn+Ti5bO29xNZN9R6Py50/T8LP8f86LrW1794fPzwsbZ3c16XDeRLmAuvD9lccX7cKu7vp89e2/H24vvwZHPvPpdlLmnm4ZmJo0eOn35oYnZ6ZnZi5uFH9h47cfr47N7Ge5fu/VKvyy88v9c2nt8HpnduzxrP9hPFWGGXe/0n799/4LbJmw9MH9x3+uDs/SenTx3aPzOzf/rAzM37Dh6c/mqvyx85sHtq665tt20dP3TkwO7bd+3atmv8yPET+TKKRfWwc/LL48dP7W1cZGb39l1TO3Zsnxw/duLA9O7bJifHT/e6fON703h+6a+Mn5o+um/2yLHp8Zkjj0zvntq1c+fWnu/+eOzkwZmxiVOnj0+cnpk+NVHcl7HZxsn5975el6ceZk6E17s2A+Gn88/fsjO9P27uO48veVXFJq0/nmavhfeCit/fen0dc/9ImElN8j8AAADUQcz94Y3/F86Q/wEAAKAyYu5fHWYi/wMAAEBlxNxfJP/R9PHvdcn/F6v//7j+f4P+v/5/pv+f6P/r/2f6//r/Pej/6/+Xef36//r/9NZv/f+Q+7M1Webf/wEAAKCiYu5fG2Yi/wMAAEBlxNx/RZiJ/A8AAACVEXP/lWEmNcn/Pv9f/1//v1v/P26r/5/p//dD/3/Tf+v/L6L/r/+f6f+ft8vdny/7+vuw/79G/59+02/9/5j73xZmUpP8DwAAAHUQc//bw0zkfwAAAKiMmPuvCjOR/wEAAKAyYu5fF2ZSk/yv/6//r//v8//1/0vT//f5/x3o/+v/Z/r/5+1y9+fLvv4+7P/7/H/6Tr/1/2Pu/7Uwk5rkfwAAAKiDmPvfEWYi/wMAAEBlxNx/dZiJ/A8AAACVEXP/NWEmNcn/9ez/v5Jlmf5/pv+v/9+2Tv1//f+VoP+v/9+N/r/+f5nXr/+v/09v/db/j7n/nWEmNcn/AAAAUAcx918bZiL/AwAAQGXE3P+uMBP5HwAAACoj5v7rwkxqkv/r2f/3+f/6/wX9/9Z16v/r/6+EWvf/3zis/9+D/r/+f5nXr/+v/09v/db/j7n/3WEmNcn/AAAAUAcx918fZiL/AwAAQGXE3P+eMBP5HwAAACoj5v71YSY1yf/6//r/+v/6//r/+v8rqVz9/8Elz/H5/wX9/1YXr/8/t7AA/f/SrF//X/+f3vqt/x9z/3vDTGqS/wEAAKAOYu5/X5iJ/A8AAACVEXP/DWEm8j8AAABURsz9Y2EmNcn/+v/6//r/+v/6//r/K6lc/f+l6f8X9P9b+fx//X/9f/1/uuu3/n/M/RvCTGqS/wEAAKAOYu7fGGYi/wMAAEBlxNx/Y5iJ/A8AAACVEXP/pjCTyuT/t3U9V/9f/1//X/9f/1//fyXp/+v/d6P/r/9f5vXr/+v/01u/9f9j7r8pzKQy+R8AAACIuf/mMBP5HwAAACoj5v73h5nI/wAAAFAZMfdvDjOpSf7X/9f/1/8vcf9/SP8/0//ve/r/+v/d6P/r/5d5/fr/+v/01m/9/5j7PxBmUpP8DwAAAHUQc/8Hw0zkfwAAAKiMmPtvCTOR/wEAAKAyYu4fDzOpSf7X/9f/1/8vcf/f5/+3rF//vz/p/5el/z/S+qX+/7Lo/+v/6//r/9Ndv/X/Y+6/NcykJvkfAAAA6iDm/i1hJvI/AAAAVEbM/RNhJvI/AAAAVEbM/ZNhJjXJ//r/+v/6//r/+v/6/ytJ/78s/f82+v/Lov+v/6//r/9Pd/3W/4+5fyrMpCb5HwAAAOog5v6tYSbyPwAAAFRGzP3bwkzkfwAAAKiMmPu3h5nUJP+XpP+/JRWg9P/1//X/9f/1/0tF/1//vxv9f/3/Mq9f/1//n1aDHU7rt/5/zP07wkxqkv8BAACgDmLu3xlmspD/1136VQEAAAAXU8z9t4WZ+Pd/AAAAqIyY+28PM6lJ/i9J/9/n/+v/6/830f/X/y8T/X/9/270//X/y7x+/X/9f3rrt/5/zP27wkxqkv8BAACgDmLu/1CYifwPAAAAlRFz/x1hJvI/AAAAlEqnzyGMYu7/cJhJTfK//n/V+//zq/X/9f/1/7uvX/9/Zen/6/93o/+v/1/m9ev/6//TW7/1/2Pu3x1mUpP8DwAAAHUQc/9HwkzkfwAAAKiMmPs/GmYi/wMAAEBlxNy/J8ykJvlf/7/q/X+f/6//r//fa/36/ytL/1//vxv9/3L2/8OPLfr/fdT/z48h/X/6Ub/1/2PuvzPMpCb5HwAAAOog5v6PhZnI/wAAAFAZMfd/PMxE/gcAAIDKiLn/E2EmNcn/+v/6//r/+v/l7P+P6P+XhP7/ivX/Gy+F+v8F/f/zc7n782Vffz/1/33+P/2q3/r/MfffFWZSk/wPAAAAdRBz/yfDTOR/AAAAqIyY+389zET+BwAAgMqIuf/uMJOa5H/9f/1//X/9/3L2/33+f1no//v8/270//X/y7x+/X/9f3rrt/5/zP2/EWZSk/wPAAAAdRBz/z1hJvI/AAAAVEbM/Z8KM5H/AQAAoGRWLXlOzP2/GWZSk/xfvv7/WCn7/4Pp+vX/9f/1//X/9f8vJv1//f9M//+8Xe7+fNnXr/+v/09v/db/j7n/t8JMapL/AQAAoA5i7v90mIn8DwAAAJURc/9vh5nI/wAAAFAZMfffG2ZSk/x/sfv/7Zfvxuf/6/9n+v/6//r/+v8XSP9f/z/T/z9vl7s/X+L1xx9F9P/1/+mh3/r/Mff/TphJTfI/AAAA1EHM/feFmcj/AAAA0KcOn/MlYu7/TJiJ/A8AAACVEXP/Z8NMapL/y/f5//r/+v/6//r/+v9lov+v/9+N/r/+f5nX7/P/9f/prd/6/zH33x9mUpP8DwAAAHUQc//nwkzkfwAAAKiMmPt/N8xE/gcAAIDKiLn/98JMapL/9f/1//X/9f/1//X/V5L+/+L+f/4apv9f0P/X/y/z+vX/9f/prd/6/zH3fz7MpCb5HwAAAOog5v7fDzOR/wEAAKAyYu7/gzAT+R8AAAAqI+b+B8JMapL/9f/1//X/9f/1//X/V5L+v8//70b/X/+/zOvX/9f/p7d+6//H3P+FMJOa5H8AAACog5j7/zDMRP4HAACAyoi5f2+YifwPAAAAlRFz/4NhJjXJ//r/+v/6//r/+v/6/ytJ/1//vxv9f/3/Mq9f/1//n976rf8fc/++MJM9rTcDAAAAlFfM/V8MM6nJv/8DAABAHcTcvz/MRP4HAACAyoi5/0CYSU3yv/6//r/+v/6//r/+/0rS/9f/70b/X/+/zOvX/9f/p7d+6//H3D8dZlKT/A8AAAB1EHP/wTAT+R8AAAAqI+b+Q2Em8j8AAABURsz9h8NMapL/9f/1//X/a9v/f+n7bevU/9f/Xwn6//r/3ej/6/+Xef36//r/9NZv/f+Y+4+EmdQk/wMAAEAdxNz/pTAT+R8AAAAqI+b+L4eZyP8AAABQGTH3Hw0zqUn+1//X/9f/r23/f3mf/79m4Xb1//X/z4f+v/5/N/r/+v9lXr/+v/4/vfVb/z/m/mNhJjXJ/wAAAFAHMfcfDzOR/wEAAKAyYu4/EWYi/wMAAEBlxNx/MsykJvlf///c+v8DS3QD9f87r1//vwL9/yb6//r/50P/X/+/G/1//f8yr1//X/+f3vqt/x9z/x+FmdQk/wMAAEAdxNx/KsxE/gcAAIDKiLl/JsxE/gcAAIDKiLl/NsykJvlf/9/n/+v/6//r/+v/ryT9f/3/bvT/9f/LvH79f/1/euu3/n/M/afDTGqS//+fvfte8qys9jjcNGcOQ1HeA+UdeAVegtdgleUlmAOYMSvmnDAnzIo555wxZ1EUc6zSonuthQw9e/cw/et597ue5w8Wp+EULwVW+a3xUxsAAAA6yN3/gLjF/gcAAIBp5O5/YNxi/wMAAMA0cvc/KG5psv/1//p//b/+X/+v/98l/b/+f4n+X/+/5ffr//X/rBut/8/d/+C4pcn+BwAAgA5y9z8kbrH/AQAAYBq5+x8at9j/AAAAMI3c/Q+LW5rsf/2//l//r//X/+v/d0n/r/9fov/X/2/5/fp//T/rRuv/c/c/PG5psv8BAACgg9z9j4hb7H8AAACYRu7+R8Yt9j8AAABMI3f/NXFLk/2v/9f/6/832P//n/5f/78d+n/9/xL9v/5/y+/X/+v/WTda/5+7/9q4pcn+BwAAgA5y9z8qbrH/AQAAYHPuef+jf567/9Fxi/0PAAAA08jd/5i4pcn+1//r//X/G+z/ff9f/78h+n/9/xL9v/5/y+/X/+v/WTda/5+7/7FxS5P9DwAAAB3k7n9c3GL/AwAAwDRy9z8+brH/AQAAYOvO5O/k7n9C3NJk/+v/T6//v0z/r//X/+v/9f8nTv+v/9/T/99tl7qf3/r79f/6f9btvP+/z3UH97j9f+7+6+KWJvsfAAAAOsjd/8S4xf4HAACAaeTuf1LcYv8DAADANHL3PzluabL/9f++/39H//+fy/T/+n/9/x0/1/+fDP2//n+J/l//v+X36//1/6zbef+/0vuf+3/n7n9K3NJk/wMAAEAHufufGrfY/wAAADCN3P1Pi1vsfwAAAJhG7v6nxy1N9r/+X//v+//6f/2//n+X9P/D9v/n/kfvzvT/x6L/1/+fr/+/9zHer/+ng9H6/9z9z4hbmux/AAAA6CB3/zPjFvsfAAAAppG7//q4xf4HAACAaeTuf1bc0mT/6//1//p//f+d+//9lv3/7T/T/++G/n/Y/n+Z/v9Y9P/6f9//1/+zbLT+P3f/s+OWJvsfAAAAOsjd/5y4xf4HAACAaeTuf27cYv8DAADANHL3Py9u2b9ULzpd+n/9v/5f/39R3/+/fI7+3/f/d0f/r/9fov/X/2/5/fp//T/rRuv/c/c/P27x6/8AAAAwh/292v0viFvsfwAAAJhG7v4Xxi32PwAAAEwjd/+L4pYm+1//r//X/+v/L6r/n+T7//r/3dH/6/+XHLf/39P/19+L/n+c9+v/9f+sG63/z93/4rilyf4HAACADnL3vyRusf8BAABgGrn7Xxq32P8AAAAwjdz9L4tbmux//b/+X/+v/9f/6/93Sf+v/1/i+//6/y2/X/+v/2fdaP1/7v6Xxy1N9j8AAAB0kLv/FXGL/Q8AAADTyN3/yrjF/gcAAIBp5O5/Vdxy7v7fP81XnR79v/5f/6//1//r/3dJ/6//X6L/P7r/P3uev57+f6z36//1/6wbrf/P3X9D3OLX/wEAAGAauftfHbfY/wAAADCN3P2viVvsfwAAAJhG7v7Xxi1N9v/5+v/brjr84/r/49H/H/1+/b/+X/+v/9f/6/+X6P99/3/L79f/6/9ZN1r/n7v/dXFLk/0PAAAAHeTuf33cYv8DAADANHL3vyFusf8BAABgGrn73xi3NNn/J//9/6v1//p//X9c/b/+X/+v/9f/L9P/6/+3/H79v/6fdaP1/7n73xS3NNn/AAAA0EHu/jfHLfY/AAAATCN3/1viFvsfAAAAppG7/61xS5P9f/L9v+//6/8vsP/f1/8n/X/8c9X/6/8vwFb7/339/wH9v/5/y+/X/+v/WTda/5+7/8aDqddv/wMAAEAHNx789uze2+IW+x8AAACmkbv/7XGL/Q8AAADTyN3/jrilyf7X/+v/L3n/7/v/Rf8f/1z1//r/C7DV/t/3/w/p//X/W36//l//z7rR+v/c/e+MW5rsfwAAAOggd/+74hb7HwAAAKYRu//wf/xu/wMAAMCU3n3w27N774lbmuz/xv3/1Rfb/1/5P7+v/z/6/fr/E+n/bzz33z39v/5/S/T/+v8l+n/9/5bfP07/Hz+4Rv/PeEbr/3P3vzduabL/AQAAoIPc/e+LW+x/AAAAmEbu/pviFvsfAAAAppG7//1xS5P937j/n+T7//e9NV6g/5+3//f9/7j6f/3/UfT/E/T/t//XL/1//fX1/9t5/zj9v+//M67R+v/c/R+IW5rsfwAAAOggd/8H4xb7HwAAAKaRu/9DcYv9DwAAANPI3f/huKXJ/tf/b73/9/1//b/+X/8/Nv2//n+J7//r/7f8fv2//p91o/X/ufs/Erc02f8AAADQQe7+j8Yt9j8AAABMI3f/x+IW+x8AAACmkbv/43FLk/2v/9f/76r/v/0vov9v0v9fe0X++fp//f9d6P/1/0v0//r/Lb9f/6//Z91o/X/u/k/ELU32PwAAAHSQu/+TcYv9DwAAANPI3f+puMX+BwAAgGnk7v903HCve1y6J52sM+f5eeS6+n/9v+//6/99/1//v0v6f/3/Ev2//n/L79f/6/9ZN1r/n7v/M3GLX/8HAACAaeTu/2zcYv8DAADANHL3fy5usf8BAABgGrn7Px+3NNn/+n/9v/5/s/3/lfr/O79f/z8m/b/+f4n+X/+/5fcfu/+/+ej/f/0/HYzW/+fu/0Lc0mT/AwAAQAe5+78Yt9j/AAAAMI3c/V+KW+x/AAAAmEbu/i/HLU32v/5f/6//32z/7/v/57xf/z8m/b/+/9AtR/5U/6//3/L7ff9f/8+60fr/3P1fiVua7H8AAADoIHf/V+MW+x8AAACmkbv/a3GL/Q8AAADTyN3/9bilyf7X/+v/9f/6f/2//n+X9P/6/yX6f/3/lt+v/9f/s260/j93/zfilib7HwAAADrI3f/NuMX+BwAAgGnk7v9W3GL/AwAAwDRy9387bmmy/2fu/5f+NP3/If2//n9P/6//3zH9v/5/if5f/7/l9+v/9f+sG63/z93/nbilyf4HAACADnL3fzdusf8BAABgGrn7b45b7H8AAACYRu7+78UtTfb/zP3/Ev3/If2//n9P/6//3zH9v/5/if5f/7/l9+v/9f+su0T9/5m98/T/ufu/H7c02f8AAADQQe7+H8Qt9j8AAABMI3f/D+MW+x8AAACmkbv/R3HLPPv/fjct/EH9/4n3/wf/Eun/9f97+n/9v/7/gP5f/79E/6//3/L79f/6f9aN9v3/3P0/jlvm2f8AAADQXu7+n8Qt9j8AAABMI3f/T+MW+x8AAACmkbv/Z3FLk/2v//f9f/1/q/7/8j39v/7/lOn/9f9L9P/6/y2/X/+v/2fdaP1/7v6fxy05/K66O3+XAAAAwEhy9/8ibmny6/8AAADQQe7+X8Yt9j8AAABMI3f/r+KWJvtf/6//1/+36v99/1//f+r0//r/Jfp//f+W35/9f/57p//X/3NXo/X/uft/Hbc02f8AAADQQe7+W+IW+x8AAACmkbv/N3GL/Q8AAADTyN3/27ilyf7X/+v/9f/6f/2//n+X9P/6/yX6f/3/lt/v+//6f9aN1v/n7r81bmmy/wEAAKCD3P2/i1vsfwAAAJhG7v7fxy32PwAAAEwjd/9tcUuT/a//1/9P2f9fof/X/+v/R6H/1/8v0f/r/7f8fv2//p91o/X/ufv/ELc02f8AAADQQe7+P8Yt9j8AAABMI3f/n+IW+x8AAACmkbv/z3FLk/2v/9f/X3j/f6b+voft/33/X/+v/x/GvP3//+v/j+r/z17Y+7v3/9ffcPhj/f8236//1/+zbrT+P3f/X+KWJvsfAAAAOsjd/9e4xf4HAACAaeTu/1vcYv8DAADANHL3/z1uabL/9f/6/ym//6//1//r/4cxb//v+/++/+/7//p//b/+nzWj9f+5+/8RtzTZ/wAAANBB7v5/xi32PwAAAEwjd/+/4hb7HwAAAKaRu//fcUuT/a//1//r//X/+n/9/y7p//X/S/T/+v8tv1//r/9n3Wj9f+7+/wYAAP//lgIt2A==")
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000002c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@nouid32}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x59c, &(0x7f0000001840)="$eJzs3U9oHGUbAPBnZrNN/+T70g++Dz6lh6JChdJN0j9aPbVXsVDoQfCiYbMNJZtsySbahIDpvYg9iEov9aYHj4oHD+LFo1cvimeh2KDQ9KArm51N03S3bmI2W7O/H0z2fWdm93nfmX3e7AwzTAB962j9TxrxVERcTCKGNywbiGzh0cZ6qytLxfsrS8UkarVLvySRRMS9laVic/0kez0UEcsR8f+I+CYfcTxd/8h9zUJ1YXFqvFwuzWb1kbnpqyPVhcUTV6bHJ0uTpZlTL7505uzpM2MnxzY2935tYy2/tb7e+PHmuze+e+X2zU8/O7JcfH88iXMxlC3b2I+d1Ngm+Ti3af7pbgTroaTXDWBbclme11PpfzEcuSzrW6ltHBwGd6V5QBfVBiNq6zYUgT6QSHroU83fAfXj3+a0m78/7pxvHIDU466uLBXfiWb8gca5idi/dmxy8NfkoSOT+vHm4d1sKHvS8vWIGB0YePT7n2Tfv+0b3YkG0lVfn2/sqEf3f7o+/kSL8Weoee70b2qOf6vZ+LfaIn6uzfh3scMYv7/+00dt418fjKdbxk/W4yct4qcR8WaH8W+99uXZdstqH0cci9bxm5LHnx8euXylXBpt/G0Z46tjR15u3/+Ig23iN87Z7l9ryMb+78valHbY/y++/fyZ5cfEf/7Zx+//Vtv/QES812H8/9z75NV2y+5cT+7WfwVsdf8nkY/bHcZ/4dzRH7Kis4YAAAAAAAAAALCD0rVr2ZK0sF5O00KhcQ/vf+NgWq5U545frszPTDSueTsc+bR5pdVwo57U62PZ9bjN+slN9VO5LGDuwFq9UKyUJ3rcdwAAAAAAAAAAAAAAAAAAAHhSHNp0//9vubX7/zc/rhrYq9o/8hvY6+Q/9K+H8z/pWTuA3ef/P/StmvyH/iX/oX/Jf+hf8h/6l/yH/iX/oX/JfwAAAAAAAAAAAAAAAAAAAAAAAAAA6IqLFy7Up9r9laVivT4xsDA/VXnrxESpOlWYni8WipXZq4XJSmWyXCoUK9N/9XlJpXJ1NGbmr43MlapzI9WFxTemK/MzzWeKlvJd7xEAAAAAAAAAAAAAAAAAAAD88wytTUlaiMg36mlaKET8KyIOJ5FcvlIujUbEvyPi+1x+sF4f63WjAQAAAAAAAAAAAAAAAAAAYI+pLixOjZfLpdnuFQayUF0M0XlhYCsrR8Tyzjaj/olbflc+24A93nR7o5B7Mr6HT36hh4MSAAAAAAAAAAAAAAAAAAD0qQc3/Xb6jj+62yAAAAAAAAAAAAAAAAAAAADoS+nPSUTUp2PDzw1tXrovWc2tvUbE27cufXBtfG5udqw+/+76/LkPs/kne9F+oFPNPE0jop7HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAPVhcWp8XK5NLvNwmAH6/S6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADb8WcAAAD//y4WzlE=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
r5 = open(&(0x7f0000000180)='./file1\x00', 0x109042, 0x88)
r6 = msgget$private(0x0, 0x1d0)
msgctl$MSG_INFO(r6, 0xc, &(0x7f0000000240)=""/74)
fallocate(r5, 0x0, 0x8, 0x7000000)
pwrite64(r4, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x143041, 0x114)
r7 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4012011, r7, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='veno', 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000001c0)=0xa3, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
mknod$loop(&(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x6000, 0x0)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

3.345600116s ago: executing program 7 (id=2953):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x12}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
unshare(0x24020400)
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xe825, 0x3400, 0x1, 0x3c3}, &(0x7f0000000dc0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

3.266663147s ago: executing program 8 (id=2954):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd70003c02000002000000080001", @ANYRES32=r4], 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000001800)=ANY=[@ANYBLOB="7240082b0102020681055a03997713fa06070202267a"], 0x16)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r5, 0xffffffffffffffff, 0x0)

3.050876832s ago: executing program 4 (id=2955):
syz_mount_image$cramfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f00000001c0), 0x1, 0x140, &(0x7f0000000200)="$eJzszEFLImEcx/Hv7Myuy66uLhlYkAUdGhJzHLFbB40kIRsovHQSbKJAMxKiYwXdOvQCPFRCJ/EQHTuUdbEUwl6H0CHoWIwjiBEdOj+fyzDf/8Nvbqap4gEZ22whv7VtFovm6tiSkUosX1xe/bO6A/jdd7ffX8dg3foq0N4HK9+6YG0jZ05lCznrvx0DFYj/tbuG/faP1bx2C3ebOg61Qbvpn7RItw0rEHf39t5OYcLa+9/bewF2S4Fq5X6xUU8GJ89HZA6TgdEBqb/7zSM9MVR2+mTS5t0Z8c79KVQPPoaqlVazkVowUkYzouvTES2sadGW8dBIRveOUeadO7DyYe8XPr+ShgMJShJUOvf2jeQCaievRt7t8ALPmx6QvrpkM76f5YzX8wNZRUIQBEEQBEEQBEEQvuk9AAD//2iQbNs=")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file3\x00', 0x0, 0x0)

2.878869791s ago: executing program 7 (id=2956):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000ac0)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r2, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r0}, 0x20)
setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000080), 0x4)

2.859913306s ago: executing program 8 (id=2957):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000ac03000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, r3, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x8000000000000001}}, 0x30)
syz_emit_ethernet(0x2a, &(0x7f0000000380)=ANY=[], 0x0)

2.714426911s ago: executing program 4 (id=2958):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x9, &(0x7f0000000180)={@ifindex, 0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
socket$igmp(0x2, 0x3, 0x2)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, 0x0, 0x0)
listen(r0, 0x3)
accept4$bt_l2cap(r0, &(0x7f0000000200), 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e130100c900", @ANYBLOB=' '], 0x16)

2.355389841s ago: executing program 8 (id=2959):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @ioapic={0xb000, 0x7, 0xd, 0x5, 0x0, [{0x7, 0x6, 0x1, '\x00', 0x3}, {0x2, 0x9, 0x8, '\x00', 0x8}, {0x8, 0x1, 0xf7, '\x00', 0x61}, {0x6, 0x3, 0x8, '\x00', 0x69}, {0x2, 0x7, 0x4, '\x00', 0x3}, {0x81, 0xb, 0x9, '\x00', 0xf1}, {0xb7, 0x1, 0x1, '\x00', 0x7}, {0x7, 0x3, 0x4, '\x00', 0x6}, {0x0, 0x4, 0x5, '\x00', 0x10}, {0x6, 0x0, 0x9, '\x00', 0x4}, {0xf, 0x6, 0x1, '\x00', 0x7}, {0xd1, 0x4, 0x3, '\x00', 0xd8}, {0xff, 0x3a, 0x26, '\x00', 0x8}, {0xfc, 0x7f, 0xac, '\x00', 0x2}, {0xf4, 0xa, 0xff, '\x00', 0x9}, {0x87, 0x6, 0x3}, {0x80, 0x4, 0x8a}, {0x7, 0x3, 0x9, '\x00', 0x6b}, {0x7, 0x3, 0x8, '\x00', 0x26}, {0xff, 0x7, 0x5, '\x00', 0x7}, {0x7e, 0x40, 0x5, '\x00', 0x3}, {0x2, 0xf, 0x3, '\x00', 0xc}, {0x59, 0x0, 0xab, '\x00', 0x2}, {0x6, 0x2, 0xd, '\x00', 0x65}]}})

2.327061828s ago: executing program 7 (id=2960):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000380)={0x1, @pix_mp={0x8, 0x5, 0x34524742, 0x5, 0x4, [{0x8, 0x9}, {0x7, 0x9}, {0x3}, {0xd, 0x8}, {0xd, 0xe0}, {0x200, 0x7ff}, {0x2, 0x3}, {0xfffffffc, 0xa}], 0xff, 0x28, 0x8, 0x1, 0x5}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r1, &(0x7f0000000040)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0102}}}, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1e8)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
symlinkat(&(0x7f0000000400)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00')
readlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', &(0x7f0000001300)=""/4096, 0x1000)

2.313874384s ago: executing program 4 (id=2961):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x240, 0x800}, 0x9, [0x6, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x5, 0x25cd, 0x1, 0xa4, 0x6, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x8, 0x9, 0x80000d, 0x4, 0x12a3, 0x5, 0x1, 0x2, 0x4, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x4, 0x0, 0x91, 0x4, 0x4, 0x7, 0x2, 0x5, 0x400, 0x7ff7, 0x5, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x3, 0x1, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x6], [0x9, 0x0, 0x6, 0x5f, 0x4, 0xc66, 0xa8a9, 0x73, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x9, 0x4, 0xa, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0xfece, 0x1c, 0x7, 0x1, 0x2, 0x54f5bad8, 0x8, 0xfffffffd, 0x400, 0xffff58b9, 0x0, 0x4, 0x0, 0x80000, 0x401, 0x46, 0xf1, 0x4, 0xab00040, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x762, 0x1cb, 0x1, 0x4, 0x6, 0x438, 0x2, 0x9, 0x95, 0xfffff50f, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0x1, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0xb, 0x2, 0x491, 0x9, 0x6, 0x8, 0x3ff, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x7, 0x5, 0x8000003, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xffe, 0x100006, 0x8000, 0x404, 0x3e55, 0xff, 0xd3, 0x8, 0x3437, 0x3, 0x9, 0xfd, 0x401, 0x101, 0xdd80, 0x60a2, 0x17fc, 0x9d26, 0x0, 0x8, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x4, 0x10000, 0x1, 0x8, 0x1], [0xa772, 0x1, 0x5, 0x1afa, 0xbfc, 0x8, 0x7c81, 0x7f, 0x56, 0x40, 0xff, 0x5, 0x7fffffff, 0x7, 0xe, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x40f1, 0x2, 0x3, 0x6, 0x80000001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x624dfaee, 0xc, 0x7f, 0x1000, 0x1ff, 0x2000003, 0xffffffff, 0x10000, 0x0, 0x8001, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x1, 0x8, 0x13ffd, 0x1, 0x1b18]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000450000000900010073797a30000000002c000000030a01010000000000000000050000000900010073797a30000000000900030073"], 0xc8}}, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2c, 0xc0, 0x7, 0x6, 0xfb, 0x2, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x180, 0x4, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x7, 0x5, 0x3, 0xfffffffffffffffe, 0x45, 0x4, 0xbdb], 0x1, 0x1c4213})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

2.054365548s ago: executing program 8 (id=2962):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000880)={0x1c, 0x19, 0x15, 0x0, 0x0, "", [@typed={0xa, 0x0, 0x0, 0x0, @str='\x02\x02\x00\x00\x00\x00'}]}, 0x1c}], 0x1}, 0x0)

1.320792335s ago: executing program 7 (id=2963):
r0 = socket$l2tp(0x2, 0x2, 0x73)
sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000140)={0x2, 0x4e20, @empty}, 0x10, 0x0}}, {{&(0x7f0000000500)={0x2, 0x4e22, @private=0xa010101}, 0x10, 0x0}}], 0x2, 0xc8)

1.142470192s ago: executing program 8 (id=2964):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f0000000040)="02000000", 0x4}, {&(0x7f0000000280)="33ddd0c241", 0x5}, {&(0x7f00000019c0)='\x00\x00', 0x2}], 0x3, 0xc, 0x20000000)

1.13634714s ago: executing program 4 (id=2965):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @dev={0xac, 0x14, 0x14, 0x23}}, 0x8)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

1.026659033s ago: executing program 7 (id=2966):
syz_usb_connect$cdc_ecm(0x2, 0x5c, &(0x7f0000001500)=ANY=[@ANYBLOB="12010000020000202505a1a440000000010109024a000101000000090400001602020000052406000005240000000d240f010000000000000000000624070000000905810340000000000905820200020000000905030240"], 0x0)

890.412236ms ago: executing program 8 (id=2967):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd70003c02000002000000080001", @ANYRES32=r4], 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000001800)=ANY=[@ANYBLOB="7240082b0102020681055a03997713fa06070202267a"], 0x16)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r5, 0xffffffffffffffff, 0x0)

816.048076ms ago: executing program 4 (id=2968):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)=0x2)
ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x40, 0x0, 0x36, 0x80000002}, {0x6, 0xfc, 0xfe, 0x6cf}]})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
write(r0, &(0x7f0000000280)="4591", 0x2)

633.169432ms ago: executing program 2 (id=2969):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000ac03000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, r3, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x8000000000000001}}, 0x30)
syz_emit_ethernet(0x2a, &(0x7f0000000380)=ANY=[], 0x0)

91.03908ms ago: executing program 4 (id=2970):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000ac0)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r2, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r0}, 0x20)
setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000080), 0x4)

0s ago: executing program 2 (id=2971):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x9, &(0x7f0000000180)={@ifindex, 0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
socket$igmp(0x2, 0x3, 0x2)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, 0x0, 0x0)
listen(r0, 0x3)
accept4$bt_l2cap(r0, &(0x7f0000000200), 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e130100c900", @ANYBLOB=' '], 0x16)

kernel console output (not intermixed with test programs):

o 8
[  494.955071][ T9687] unable to read xattr id index table
[  496.819923][ T5932] IPVS: starting estimator thread 0...
[  496.935468][ T9708] IPVS: using max 240 ests per chain, 12000 per kthread
[  497.266010][ T5932] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  497.459914][ T9683] loop2: detected capacity change from 0 to 40427
[  497.461179][ T5932] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  497.478841][ T5932] usb 6-1: config 0 interface 0 has no altsetting 0
[  497.496885][ T9683] f2fs: Bad value for 'mode'
[  497.531768][ T5932] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  497.542134][ T5932] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  497.550781][ T5932] usb 6-1: Product: syz
[  497.555219][ T5932] usb 6-1: Manufacturer: syz
[  497.559989][ T5932] usb 6-1: SerialNumber: syz
[  497.612148][ T5932] usb 6-1: config 0 descriptor??
[  497.652871][ T5932] usb 6-1: selecting invalid altsetting 0
[  497.864490][ T5932] usb 6-1: USB disconnect, device number 6
[  499.062439][ T9749] loop5: detected capacity change from 0 to 2048
[  499.154966][ T9749] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  499.210408][ T9757] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1410'.
[  499.256854][   T30] audit: type=1800 audit(43777252.303:752): pid=9749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1409" name="bus" dev="loop5" ino=18 res=0 errno=0
[  499.326483][ T9758] loop2: detected capacity change from 0 to 512
[  499.413720][ T9758] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  499.436072][ T9758] EXT4-fs (loop2): orphan cleanup on readonly fs
[  499.540554][ T7536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  499.554923][ T9758] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.1411: corrupted inode contents
[  499.624382][ T9758] EXT4-fs (loop2): Remounting filesystem read-only
[  499.669538][ T9758] EXT4-fs (loop2): 1 truncate cleaned up
[  499.677956][  T749] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  499.690579][  T749] Quota error (device loop2): write_blk: dquota write failed
[  499.698314][  T749] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  499.708832][  T749] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  499.719611][  T749] Quota error (device loop2): write_blk: dquota write failed
[  499.727235][  T749] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  499.740252][  T749] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  499.751374][  T749] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  499.760811][  T749] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  499.907339][ T9758] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  500.126084][ T5807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  500.382144][ T9784] loop2: detected capacity change from 0 to 512
[  500.721548][ T9792] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  501.190850][ T9797] loop5: detected capacity change from 0 to 2048
[  501.402695][ T9797] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  501.500918][   T30] audit: type=1800 audit(43777254.543:753): pid=9797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1424" name="bus" dev="loop5" ino=18 res=0 errno=0
[  502.286273][ T7536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  503.324486][ T7536] INFO: The task syz-executor:7536 has been waiting for writeback completion for more than 1 seconds.
[  504.558207][ T9813] loop5: detected capacity change from 0 to 512
[  505.287066][ T9813] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  505.475849][ T9813] EXT4-fs (loop5): orphan cleanup on readonly fs
[  505.608265][ T9813] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #16: comm syz.5.1429: corrupted inode contents
[  505.637068][ T9813] EXT4-fs (loop5): Remounting filesystem read-only
[  505.655194][ T9813] EXT4-fs (loop5): 1 truncate cleaned up
[  505.662433][   T12] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  505.677893][   T12] Quota error (device loop5): write_blk: dquota write failed
[  505.687277][   T12] Quota error (device loop5): remove_free_dqentry: Can't write block (5) with free entries
[  505.697572][   T12] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  505.708422][   T12] Quota error (device loop5): write_blk: dquota write failed
[  505.716069][   T12] Quota error (device loop5): free_dqentry: Can't move quota data block (5) to free list
[  505.726428][   T12] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  505.737071][   T12] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  505.746649][   T12] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  505.867516][ T9813] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  506.102569][ T7536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.528337][ T9836] overlayfs: missing 'lowerdir'
[  506.808158][ T9837] loop2: detected capacity change from 0 to 2048
[  508.001656][ T9837] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  508.057858][   T30] audit: type=1800 audit(43777261.083:754): pid=9837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1439" name="bus" dev="loop2" ino=18 res=0 errno=0
[  508.199531][ T5807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  510.740330][ T9874] loop5: detected capacity change from 0 to 2048
[  511.526657][ T9874] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  511.674733][   T30] audit: type=1800 audit(43777264.693:755): pid=9874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1452" name="bus" dev="loop5" ino=18 res=0 errno=0
[  512.080703][ T7536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  512.712804][ T9904] loop2: detected capacity change from 0 to 512
[  512.777129][ T9904] EXT4-fs: test_dummy_encryption requires encrypt feature
[  519.081194][ T9946] loop2: detected capacity change from 0 to 512
[  519.197868][ T9946] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  519.220848][ T9946] EXT4-fs (loop2): orphan cleanup on readonly fs
[  519.274936][ T9946] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.1472: corrupted inode contents
[  519.350553][ T9946] EXT4-fs (loop2): Remounting filesystem read-only
[  519.424804][ T9946] EXT4-fs (loop2): 1 truncate cleaned up
[  519.432657][ T3939] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  519.443875][ T3939] Quota error (device loop2): write_blk: dquota write failed
[  519.451813][ T3939] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  519.462253][ T3939] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  519.473293][ T3939] Quota error (device loop2): write_blk: dquota write failed
[  519.481044][ T3939] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  519.491414][ T3939] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  519.506348][ T3939] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  519.517314][ T3939] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  519.536689][ T9946] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  520.003121][ T5807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.072615][ T9962] loop5: detected capacity change from 0 to 32768
[  525.152410][T10012] overlayfs: failed to resolve './file0': -2
[  527.255542][T10057] loop2: detected capacity change from 0 to 512
[  527.339707][T10057] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  527.385634][T10057] EXT4-fs (loop2): orphan cleanup on readonly fs
[  527.474114][T10057] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.1515: corrupted inode contents
[  527.504786][T10057] EXT4-fs (loop2): Remounting filesystem read-only
[  527.544643][T10057] EXT4-fs (loop2): 1 truncate cleaned up
[  527.551547][   T35] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  527.562689][   T35] Quota error (device loop2): write_blk: dquota write failed
[  527.570681][   T35] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  527.584938][   T35] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  527.595919][   T35] Quota error (device loop2): write_blk: dquota write failed
[  527.604324][   T35] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  527.614688][   T35] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  527.625448][   T35] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  527.635144][   T35] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  527.744739][T10057] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  527.940300][ T5807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  529.703218][T10093] loop2: detected capacity change from 0 to 512
[  529.770686][T10093] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  529.822862][T10093] EXT4-fs (loop2): orphan cleanup on readonly fs
[  529.906089][T10093] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.1529: corrupted inode contents
[  529.961937][T10093] EXT4-fs (loop2): Remounting filesystem read-only
[  529.983559][T10093] EXT4-fs (loop2): 1 truncate cleaned up
[  530.001853][ T2938] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  530.012927][ T2938] Quota error (device loop2): write_blk: dquota write failed
[  530.020791][ T2938] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  530.031055][ T2938] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  530.045621][ T2938] Quota error (device loop2): write_blk: dquota write failed
[  530.053245][ T2938] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  530.065810][ T2938] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  530.131976][T10093] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  530.383015][ T5807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  530.734689][T10116] syzkaller0: entered promiscuous mode
[  530.740621][T10116] syzkaller0: entered allmulticast mode
[  536.116466][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  536.122945][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  536.775590][T10132] loop2: detected capacity change from 0 to 512
[  536.849553][T10132] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  536.877795][T10132] EXT4-fs (loop2): orphan cleanup on readonly fs
[  536.938552][T10132] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.1546: corrupted inode contents
[  536.969499][T10132] EXT4-fs (loop2): Remounting filesystem read-only
[  536.982683][T10132] EXT4-fs (loop2): 1 truncate cleaned up
[  536.995016][   T35] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  537.010938][   T35] __quota_error: 2 callbacks suppressed
[  537.011009][   T35] Quota error (device loop2): write_blk: dquota write failed
[  537.026093][   T35] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  537.038301][   T35] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  537.049507][   T35] Quota error (device loop2): write_blk: dquota write failed
[  537.057236][   T35] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  537.067593][   T35] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  537.078252][   T35] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  537.088080][   T35] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  537.098768][ T5862] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  537.118030][T10132] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  537.264978][ T5862] usb 1-1: Using ep0 maxpacket: 8
[  537.288758][ T5862] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  537.297575][ T5862] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  537.307684][ T5862] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  537.321231][ T5862] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  537.332882][ T5862] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  537.346408][ T5862] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  537.355781][ T5862] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  537.391667][ T5807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  537.864991][T10150] loop5: detected capacity change from 0 to 1024
[  537.874959][T10150] EXT4-fs: inline encryption not supported
[  537.934529][T10150] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  538.291260][ T7536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  538.425685][T10161] misc userio: The device must be registered before sending interrupts
[  538.659874][T10164] syzkaller0: entered promiscuous mode
[  538.665648][T10164] syzkaller0: entered allmulticast mode
[  538.867015][T10167] loop2: detected capacity change from 0 to 1024
[  539.097083][ T1027] hfsplus: b-tree write err: -5, ino 4
[  539.800545][ T5862] usb 1-1: USB disconnect, device number 7
[  540.750763][T10191] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1566'.
[  540.990921][T10198] misc userio: The device must be registered before sending interrupts
[  541.077886][T10193] 	^Û„º„¬1
[  541.854516][   T30] audit: type=1326 audit(43777295.899:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.0.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b4ab8f749 code=0x7ffc0000
[  541.881663][   T30] audit: type=1326 audit(43777295.909:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.0.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b4ab8f749 code=0x7ffc0000
[  542.064423][   T30] audit: type=1326 audit(43777295.969:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.0.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f5b4ab8f749 code=0x7ffc0000
[  542.087476][   T30] audit: type=1326 audit(43777295.969:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.0.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b4ab8f749 code=0x7ffc0000
[  542.110807][   T30] audit: type=1326 audit(43777295.999:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10213 comm="syz.0.1575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b4ab8f749 code=0x7ffc0000
[  546.709730][T10251] loop5: detected capacity change from 0 to 128
[  546.819727][T10251] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  547.016083][   T30] audit: type=1804 audit(43777301.069:761): pid=10251 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1586" name="/newroot/190/file0/bus" dev="loop5" ino=12 res=1 errno=0
[  548.094853][ T7536] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  548.180677][T10266] misc userio: No port type given on /dev/userio
[  548.257676][T10266] misc userio: The device must be registered before sending interrupts
[  548.841712][T10272] loop5: detected capacity change from 0 to 512
[  548.855697][T10276] syzkaller0: entered promiscuous mode
[  548.861654][T10276] syzkaller0: entered allmulticast mode
[  551.126269][T10272] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  551.778790][T10291] loop2: detected capacity change from 0 to 4096
[  551.873470][ T7536] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  553.025763][T10310] syzkaller0: entered promiscuous mode
[  553.031634][T10310] syzkaller0: entered allmulticast mode
[  553.410294][T10318] loop5: detected capacity change from 0 to 512
[  554.127729][T10327] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  556.827357][T10343] misc userio: No port type given on /dev/userio
[  556.843404][T10343] misc userio: The device must be registered before sending interrupts
[  557.704416][T10359] loop2: detected capacity change from 0 to 512
[  558.391921][T10369] loop2: detected capacity change from 0 to 128
[  558.477083][T10369] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  558.870609][ T5807] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  562.290753][T10400] cgroup: Unknown subsys name 'cpuset'
[  564.496261][T10402] syzkaller0: entered promiscuous mode
[  564.502486][T10402] syzkaller0: entered allmulticast mode
[  567.061342][ T5932] libceph: connect (1)[c::]:6789 error -101
[  567.067948][ T5932] libceph: mon0 (1)[c::]:6789 connect error
[  567.218533][T10424] loop5: detected capacity change from 0 to 4096
[  567.345312][ T5932] libceph: connect (1)[c::]:6789 error -101
[  567.351923][ T5932] libceph: mon0 (1)[c::]:6789 connect error
[  567.843454][T10428] ceph: No mds server is up or the cluster is laggy
[  568.942149][T10454] loop2: detected capacity change from 0 to 32768
[  569.028418][T10454] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  569.452530][T10454] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x50.
[  569.488002][T10454] XFS (loop2): Tail block (0x29) overwrite detected. Updated to 0x30
[  569.641691][T10454] XFS (loop2): Ending clean mount
[  569.682467][T10454] XFS (loop2): Quotacheck needed: Please wait.
[  569.724308][  T749] XFS (loop2): Metadata corruption detected at xfs_dinode_verify+0x252/0x21a0, inode 0x1803 dinode
[  569.735415][  T749] XFS (loop2): Unmount and run xfs_repair
[  569.741252][  T749] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  569.748836][  T749] 00000000: 49 4e 41 ed 03 01 00 00 00 00 00 00 00 00 00 00  INA.............
[  569.758135][  T749] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  569.767176][  T749] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 e2 bf 3d  4.Xh....4.Xh...=
[  569.779281][  T749] 00000030: 34 f7 58 68 a5 e2 bf 3d 00 00 00 00 00 00 00 20  4.Xh...=....... 
[  569.789208][  T749] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  569.798465][  T749] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 ca e6 3d c1  ..............=.
[  569.807497][  T749] 00000060: ff ff ff ff 6e d0 e3 2d 00 00 00 00 00 00 00 04  ....n..-........
[  569.816568][  T749] 00000070: 00 00 00 03 00 00 00 10 00 00 00 00 00 00 00 06  ................
[  569.967663][T10454] XFS (loop2): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  569.989441][T10454] XFS (loop2): Metadata corruption detected at xfs_dinode_verify+0x252/0x21a0, inode 0x1803 dinode
[  570.000669][T10454] XFS (loop2): Unmount and run xfs_repair
[  570.007224][T10454] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  570.015262][T10454] 00000000: 49 4e 41 ed 03 01 00 00 00 00 00 00 00 00 00 00  INA.............
[  570.024575][T10454] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  570.033543][T10454] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 e2 bf 3d  4.Xh....4.Xh...=
[  570.042629][T10454] 00000030: 34 f7 58 68 a5 e2 bf 3d 00 00 00 00 00 00 00 20  4.Xh...=....... 
[  570.051739][T10454] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  570.060783][T10454] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 ca e6 3d c1  ..............=.
[  570.069793][T10454] 00000060: ff ff ff ff 6e d0 e3 2d 00 00 00 00 00 00 00 04  ....n..-........
[  570.081789][T10454] 00000070: 00 00 00 03 00 00 00 10 00 00 00 00 00 00 00 06  ................
[  570.161119][ T5807] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  570.204954][ T5807] XFS (loop2): Uncorrected metadata errors detected; please run xfs_repair.
[  570.933198][T10480] loop5: detected capacity change from 0 to 256
[  571.225168][T10480] FAT-fs (loop5): Directory bread(block 64) failed
[  571.232274][T10480] FAT-fs (loop5): Directory bread(block 65) failed
[  571.239227][T10480] FAT-fs (loop5): Directory bread(block 66) failed
[  571.245955][T10480] FAT-fs (loop5): Directory bread(block 67) failed
[  571.252659][T10480] FAT-fs (loop5): Directory bread(block 68) failed
[  571.259431][T10480] FAT-fs (loop5): Directory bread(block 69) failed
[  571.266298][T10480] FAT-fs (loop5): Directory bread(block 70) failed
[  571.272954][T10480] FAT-fs (loop5): Directory bread(block 71) failed
[  571.279728][T10480] FAT-fs (loop5): Directory bread(block 72) failed
[  571.286474][T10480] FAT-fs (loop5): Directory bread(block 73) failed
[  571.727782][T10490] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1672'.
[  573.118366][T10513] loop2: detected capacity change from 0 to 512
[  573.372604][T10517] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1690'.
[  577.552408][T10546] loop2: detected capacity change from 0 to 512
[  578.130821][T10556] loop5: detected capacity change from 0 to 256
[  578.505586][T10556] FAT-fs (loop5): Directory bread(block 64) failed
[  578.512326][T10556] FAT-fs (loop5): Directory bread(block 65) failed
[  578.519407][T10556] FAT-fs (loop5): Directory bread(block 66) failed
[  578.526443][T10556] FAT-fs (loop5): Directory bread(block 67) failed
[  578.533289][T10556] FAT-fs (loop5): Directory bread(block 68) failed
[  578.540277][T10556] FAT-fs (loop5): Directory bread(block 69) failed
[  578.547295][T10556] FAT-fs (loop5): Directory bread(block 70) failed
[  578.554112][T10556] FAT-fs (loop5): Directory bread(block 71) failed
[  578.560942][T10556] FAT-fs (loop5): Directory bread(block 72) failed
[  578.567917][T10556] FAT-fs (loop5): Directory bread(block 73) failed
[  579.625385][T10576] loop2: detected capacity change from 0 to 512
[  579.716727][T10576] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  579.736002][T10576] EXT4-fs (loop2): orphan cleanup on readonly fs
[  579.834722][T10576] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.1714: corrupted inode contents
[  579.901537][T10576] EXT4-fs (loop2): Remounting filesystem read-only
[  579.974889][T10576] EXT4-fs (loop2): 1 truncate cleaned up
[  579.982047][ T4404] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  579.993247][ T4404] Quota error (device loop2): write_blk: dquota write failed
[  580.000836][ T4404] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  580.016006][ T4404] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  580.027708][ T4404] Quota error (device loop2): write_blk: dquota write failed
[  580.037399][ T4404] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  580.047654][ T4404] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  580.057944][ T4404] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  580.067351][ T4404] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  580.166890][T10576] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  580.512593][ T5807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  580.671414][ T5816] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  580.682086][ T5816] CPU: 1 UID: 0 PID: 5816 Comm: kworker/u9:5 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  580.682270][ T5816] Tainted: [W]=WARN
[  580.682313][ T5816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  580.682433][ T5816] Workqueue: hci2 hci_rx_work
[  580.682610][ T5816] Call Trace:
[  580.682657][ T5816]  <TASK>
[  580.682703][ T5816]  __dump_stack+0x26/0x30
[  580.682851][ T5816]  dump_stack_lvl+0x14c/0x1c0
[  580.683000][ T5816]  dump_stack+0x1e/0x25
[  580.683143][ T5816]  sysfs_create_dir_ns+0x46c/0x540
[  580.683309][ T5816]  kobject_add_internal+0xf0f/0x1870
[  580.683469][ T5816]  kobject_add+0x2c1/0x410
[  580.683618][ T5816]  ? kmsan_get_metadata+0xfb/0x160
[  580.683791][ T5816]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  580.683983][ T5816]  device_add+0xa70/0x1c10
[  580.684149][ T5816]  hci_conn_add_sysfs+0x15f/0x2f0
[  580.684312][ T5816]  le_conn_complete_evt+0x1d03/0x2240
[  580.684474][ T5816]  hci_le_conn_complete_evt+0x157/0x260
[  580.684683][ T5816]  hci_le_meta_evt+0x6eb/0x960
[  580.684856][ T5816]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  580.685062][ T5816]  hci_event_packet+0xce2/0x1e40
[  580.685230][ T5816]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  580.685449][ T5816]  hci_rx_work+0x8c3/0xfc0
[  580.685621][ T5816]  ? kmsan_get_metadata+0xfb/0x160
[  580.685801][ T5816]  ? __pfx_hci_rx_work+0x10/0x10
[  580.685970][ T5816]  process_scheduled_works+0xb91/0x1d80
[  580.686206][ T5816]  worker_thread+0xedf/0x1590
[  580.686366][ T5816]  kthread+0xd5c/0xf00
[  580.686497][ T5816]  ? __pfx_worker_thread+0x10/0x10
[  580.686646][ T5816]  ? __pfx_kthread+0x10/0x10
[  580.686779][ T5816]  ret_from_fork+0x208/0x710
[  580.686947][ T5816]  ? __switch_to+0x53d/0x790
[  580.687094][ T5816]  ? __pfx_kthread+0x10/0x10
[  580.687237][ T5816]  ret_from_fork_asm+0x1a/0x30
[  580.687431][ T5816]  </TASK>
[  580.881553][ T5816] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  580.896976][ T5816] Bluetooth: hci2: failed to register connection device
[  583.551233][T10618] loop5: detected capacity change from 0 to 2368
[  593.646675][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  593.653230][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  594.770026][T10678] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1756'.
[  595.230078][T10685] 9p: Bad value for 'rfdno'
[  595.289352][T10686] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  595.728974][T10691] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1761'.
[  595.753379][T10691] xfrm1: entered promiscuous mode
[  595.758773][T10691] xfrm1: entered allmulticast mode
[  595.835063][T10691] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1761'.
[  603.311129][T10738] loop2: detected capacity change from 0 to 128
[  604.254171][T10752] misc userio: Invalid payload size
[  604.295855][T10752] misc userio: No port type given on /dev/userio
[  604.344441][T10752] misc userio: The device must be registered before sending interrupts
[  610.482869][T10777] loop2: detected capacity change from 0 to 4096
[  610.620839][T10777] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  610.741637][ T5807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  614.897368][T10817] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  614.907189][T10817] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  614.919371][T10817] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  614.956559][T10817] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  614.990995][T10817] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  616.155206][T10816] chnl_net:caif_netlink_parms(): no params data found
[  616.722191][T10832] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  616.963385][T10834] misc userio: Invalid payload size
[  616.992553][T10834] misc userio: No port type given on /dev/userio
[  617.034789][T10834] misc userio: The device must be registered before sending interrupts
[  617.049135][T10817] Bluetooth: hci3: command tx timeout
[  617.357973][T10816] bridge0: port 1(bridge_slave_0) entered blocking state
[  617.365667][T10816] bridge0: port 1(bridge_slave_0) entered disabled state
[  617.373472][T10816] bridge_slave_0: entered allmulticast mode
[  617.383483][T10816] bridge_slave_0: entered promiscuous mode
[  617.529054][T10816] bridge0: port 2(bridge_slave_1) entered blocking state
[  617.537469][T10816] bridge0: port 2(bridge_slave_1) entered disabled state
[  617.545120][T10816] bridge_slave_1: entered allmulticast mode
[  617.553374][T10816] bridge_slave_1: entered promiscuous mode
[  617.832509][T10816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  617.866676][T10816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  618.099145][T10816] team0: Port device team_slave_0 added
[  618.139452][T10816] team0: Port device team_slave_1 added
[  618.403039][T10816] batman_adv: batadv0: Adding interface: batadv_slave_0
[  618.415072][T10816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  618.443219][T10816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  618.471188][T10816] batman_adv: batadv0: Adding interface: batadv_slave_1
[  618.478729][T10816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  618.505669][T10816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  618.776240][T10816] hsr_slave_0: entered promiscuous mode
[  618.786238][T10816] hsr_slave_1: entered promiscuous mode
[  618.794858][T10816] debugfs: 'hsr0' already exists in 'hsr'
[  618.800930][T10816] Cannot create hsr debugfs directory
[  619.155699][T10817] Bluetooth: hci3: command tx timeout
[  619.302504][T10862] overlayfs: failed to clone upperpath
[  620.113791][T10870] loop2: detected capacity change from 0 to 128
[  620.299440][T10816] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  620.355645][T10816] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  620.425213][T10816] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  620.478765][T10877] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  620.504701][T10816] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  621.191757][T10889] overlayfs: failed to clone upperpath
[  621.248471][T10817] Bluetooth: hci3: command tx timeout
[  623.285347][T10817] Bluetooth: hci3: command tx timeout
[  623.373854][T10816] 8021q: adding VLAN 0 to HW filter on device bond0
[  623.562497][T10816] 8021q: adding VLAN 0 to HW filter on device team0
[  623.608039][ T4487] bridge0: port 1(bridge_slave_0) entered blocking state
[  623.615849][ T4487] bridge0: port 1(bridge_slave_0) entered forwarding state
[  623.723804][ T4487] bridge0: port 2(bridge_slave_1) entered blocking state
[  623.731253][ T4487] bridge0: port 2(bridge_slave_1) entered forwarding state
[  624.431782][T10907] loop2: detected capacity change from 0 to 128
[  625.300904][T10816] 8021q: adding VLAN 0 to HW filter on device batadv0
[  627.447717][T10816] veth0_vlan: entered promiscuous mode
[  627.553334][T10816] veth1_vlan: entered promiscuous mode
[  627.775346][T10816] veth0_macvtap: entered promiscuous mode
[  627.841750][T10816] veth1_macvtap: entered promiscuous mode
[  627.864964][   T30] audit: type=1326 audit(43777381.899:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10960 comm="syz.1.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18aab8f749 code=0x7ffc0000
[  627.943158][T10817] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  627.953293][T10817] CPU: 0 UID: 0 PID: 10817 Comm: kworker/u9:0 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  627.953463][T10817] Tainted: [W]=WARN
[  627.953510][T10817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  627.953613][T10817] Workqueue: hci4 hci_rx_work
[  627.953779][T10817] Call Trace:
[  627.953820][T10817]  <TASK>
[  627.953865][T10817]  __dump_stack+0x26/0x30
[  627.954015][T10817]  dump_stack_lvl+0x14c/0x1c0
[  627.954173][T10817]  dump_stack+0x1e/0x25
[  627.954309][T10817]  sysfs_create_dir_ns+0x46c/0x540
[  627.954490][T10817]  kobject_add_internal+0xf0f/0x1870
[  627.954652][T10817]  kobject_add+0x2c1/0x410
[  627.954802][T10817]  ? kmsan_get_metadata+0xfb/0x160
[  627.954975][T10817]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  627.955157][T10817]  device_add+0xa70/0x1c10
[  627.955322][T10817]  hci_conn_add_sysfs+0x15f/0x2f0
[  627.955498][T10817]  le_conn_complete_evt+0x1d03/0x2240
[  627.955671][T10817]  hci_le_conn_complete_evt+0x157/0x260
[  627.955881][T10817]  hci_le_meta_evt+0x6eb/0x960
[  627.956061][T10817]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  627.956270][T10817]  hci_event_packet+0xce2/0x1e40
[  627.956433][T10817]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  627.956654][T10817]  hci_rx_work+0x8c3/0xfc0
[  627.956822][T10817]  ? kmsan_get_metadata+0xfb/0x160
[  627.956999][T10817]  ? __pfx_hci_rx_work+0x10/0x10
[  627.957169][T10817]  process_scheduled_works+0xb91/0x1d80
[  627.957415][T10817]  worker_thread+0xedf/0x1590
[  627.957570][T10817]  kthread+0xd5c/0xf00
[  627.957699][T10817]  ? __pfx_worker_thread+0x10/0x10
[  627.957846][T10817]  ? __pfx_kthread+0x10/0x10
[  627.957980][T10817]  ret_from_fork+0x208/0x710
[  627.958147][T10817]  ? __switch_to+0x53d/0x790
[  627.958294][T10817]  ? __pfx_kthread+0x10/0x10
[  627.958436][T10817]  ret_from_fork_asm+0x1a/0x30
[  627.958629][T10817]  </TASK>
[  628.009412][T10816] batman_adv: batadv0: Interface activated: batadv_slave_0
[  628.014077][T10817] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  628.167329][T10817] Bluetooth: hci4: failed to register connection device
[  628.167845][   T30] audit: type=1326 audit(43777381.939:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10960 comm="syz.1.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f18aab8f749 code=0x7ffc0000
[  628.198097][   T30] audit: type=1326 audit(43777381.939:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10960 comm="syz.1.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18aab8f749 code=0x7ffc0000
[  628.220872][   T30] audit: type=1326 audit(43777381.949:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10960 comm="syz.1.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18aab8f749 code=0x7ffc0000
[  628.249145][   T30] audit: type=1326 audit(43777381.949:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10960 comm="syz.1.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f18aab8f749 code=0x7ffc0000
[  628.275079][   T30] audit: type=1326 audit(43777381.959:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10960 comm="syz.1.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18aab8f749 code=0x7ffc0000
[  628.297912][   T30] audit: type=1326 audit(43777381.959:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10960 comm="syz.1.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18aab8f749 code=0x7ffc0000
[  628.341024][T10816] batman_adv: batadv0: Interface activated: batadv_slave_1
[  628.477148][   T54] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  628.528195][   T54] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  628.541381][   T54] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  628.558568][   T54] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  635.436705][T10975] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1860'.
[  635.447403][T10975] netlink: 'syz.1.1860': attribute type 7 has an invalid length.
[  635.456306][T10975] netlink: 'syz.1.1860': attribute type 8 has an invalid length.
[  635.464460][T10975] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1860'.
[  635.495718][T10975] erspan0: entered promiscuous mode
[  635.597720][T10975] erspan0: left promiscuous mode
[  635.767056][ T4487] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  635.940098][ T4487] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  636.161310][ T4487] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  636.375270][ T4487] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  636.586157][T10986] program syz.2.1865 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  636.831496][ T4487] bridge_slave_1: left allmulticast mode
[  636.837597][ T4487] bridge_slave_1: left promiscuous mode
[  636.848680][ T4487] bridge0: port 2(bridge_slave_1) entered disabled state
[  636.892053][ T4487] bridge_slave_0: left allmulticast mode
[  636.898362][ T4487] bridge_slave_0: left promiscuous mode
[  636.905095][ T4487] bridge0: port 1(bridge_slave_0) entered disabled state
[  637.157324][T10817] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  637.702196][ T4487] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  637.741091][ T4487] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  637.775960][ T4487] bond0 (unregistering): Released all slaves
[  638.536334][ T4487] hsr_slave_0: left promiscuous mode
[  638.578123][ T4487] hsr_slave_1: left promiscuous mode
[  638.589520][ T4487] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  638.597318][ T4487] batman_adv: batadv0: Removing interface: batadv_slave_0
[  638.662444][ T4487] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  638.670549][ T4487] batman_adv: batadv0: Removing interface: batadv_slave_1
[  638.697897][ T4487] veth1_macvtap: left promiscuous mode
[  638.703628][ T4487] veth0_macvtap: left promiscuous mode
[  638.710042][ T4487] veth1_vlan: left promiscuous mode
[  638.715739][ T4487] veth0_vlan: left promiscuous mode
[  639.836148][ T4487] team0 (unregistering): Port device team_slave_1 removed
[  639.886079][ T4487] team0 (unregistering): Port device team_slave_0 removed
[  641.459763][T10817] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  641.470029][T10817] CPU: 0 UID: 0 PID: 10817 Comm: kworker/u9:0 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  641.470207][T10817] Tainted: [W]=WARN
[  641.470253][T10817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  641.470353][T10817] Workqueue: hci1 hci_rx_work
[  641.470533][T10817] Call Trace:
[  641.470581][T10817]  <TASK>
[  641.470627][T10817]  __dump_stack+0x26/0x30
[  641.470778][T10817]  dump_stack_lvl+0x14c/0x1c0
[  641.470935][T10817]  dump_stack+0x1e/0x25
[  641.471078][T10817]  sysfs_create_dir_ns+0x46c/0x540
[  641.471247][T10817]  kobject_add_internal+0xf0f/0x1870
[  641.471409][T10817]  kobject_add+0x2c1/0x410
[  641.471564][T10817]  ? kmsan_get_metadata+0xfb/0x160
[  641.471735][T10817]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  641.471914][T10817]  device_add+0xa70/0x1c10
[  641.472090][T10817]  hci_conn_add_sysfs+0x15f/0x2f0
[  641.472251][T10817]  le_conn_complete_evt+0x1d03/0x2240
[  641.472424][T10817]  hci_le_conn_complete_evt+0x157/0x260
[  641.472634][T10817]  hci_le_meta_evt+0x6eb/0x960
[  641.472805][T10817]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  641.473008][T10817]  hci_event_packet+0xce2/0x1e40
[  641.473175][T10817]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  641.473394][T10817]  hci_rx_work+0x8c3/0xfc0
[  641.473568][T10817]  ? kmsan_get_metadata+0xfb/0x160
[  641.473741][T10817]  ? __pfx_hci_rx_work+0x10/0x10
[  641.473914][T10817]  process_scheduled_works+0xb91/0x1d80
[  641.474158][T10817]  worker_thread+0xedf/0x1590
[  641.474324][T10817]  kthread+0xd5c/0xf00
[  641.474457][T10817]  ? __pfx_worker_thread+0x10/0x10
[  641.474610][T10817]  ? __pfx_kthread+0x10/0x10
[  641.474744][T10817]  ret_from_fork+0x208/0x710
[  641.474914][T10817]  ? __switch_to+0x53d/0x790
[  641.475069][T10817]  ? __pfx_kthread+0x10/0x10
[  641.475207][T10817]  ret_from_fork_asm+0x1a/0x30
[  641.475402][T10817]  </TASK>
[  641.656701][T10817] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  641.678009][T10817] Bluetooth: hci1: failed to register connection device
[  644.268158][ T4487] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  644.276614][ T4487] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  644.429298][  T152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  644.437661][  T152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  645.709047][T11073] loop6: detected capacity change from 0 to 512
[  645.890250][T11073] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  646.966421][T11073] EXT4-fs (loop6): orphan cleanup on readonly fs
[  647.636551][T11073] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #16: comm syz.6.1889: corrupted inode contents
[  647.724538][T11073] EXT4-fs (loop6): Remounting filesystem read-only
[  647.731979][T11073] EXT4-fs (loop6): 1 truncate cleaned up
[  647.863291][ T5814] Bluetooth: hci1: command 0x0406 tx timeout
[  647.886384][   T14] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  647.898448][   T14] Quota error (device loop6): write_blk: dquota write failed
[  647.909886][   T14] Quota error (device loop6): remove_free_dqentry: Can't write block (5) with free entries
[  647.921352][   T14] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  647.932348][   T14] Quota error (device loop6): write_blk: dquota write failed
[  647.940018][   T14] Quota error (device loop6): free_dqentry: Can't move quota data block (5) to free list
[  647.950722][   T14] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  647.961183][   T14] Quota error (device loop6): v2_write_file_info: Can't write info structure
[  647.970855][   T14] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  648.120240][T11073] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  648.581124][T10816] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  652.609284][T11118] loop2: detected capacity change from 0 to 64
[  653.341744][T11121] overlayfs: failed to clone upperpath
[  653.756008][T11126] overlayfs: failed to resolve './file0': -2
[  653.801634][T11127] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  653.811206][T11127] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  653.819860][T11127] overlayfs: missing 'lowerdir'
[  654.707077][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  654.713953][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  657.934805][T11154] loop6: detected capacity change from 0 to 512
[  658.371581][T11163] overlayfs: failed to resolve './file0': -2
[  658.536137][T11165] 9pnet_virtio: no channels available for device syz
[  658.709216][T11154] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  660.457614][T11154] EXT4-fs (loop6): orphan cleanup on readonly fs
[  660.987986][T11154] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #16: comm syz.6.1919: corrupted inode contents
[  661.034670][T11154] EXT4-fs (loop6): Remounting filesystem read-only
[  661.041859][T11154] EXT4-fs (loop6): 1 truncate cleaned up
[  661.051670][ T4204] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  661.064604][ T4204] Quota error (device loop6): write_blk: dquota write failed
[  661.072143][ T4204] Quota error (device loop6): remove_free_dqentry: Can't write block (5) with free entries
[  661.083347][ T4204] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  661.094388][ T4204] Quota error (device loop6): write_blk: dquota write failed
[  661.102014][ T4204] Quota error (device loop6): free_dqentry: Can't move quota data block (5) to free list
[  661.115616][ T4204] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  661.126739][ T4204] Quota error (device loop6): v2_write_file_info: Can't write info structure
[  661.135965][ T4204] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  661.189747][T11154] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  661.430983][T10816] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  662.114833][T10817] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  662.878933][T11198] overlayfs: failed to resolve './file0': -2
[  664.459626][T10817] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  664.469641][T10817] CPU: 1 UID: 0 PID: 10817 Comm: kworker/u9:0 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  664.469751][T10817] Tainted: [W]=WARN
[  664.469786][T10817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  664.469852][T10817] Workqueue: hci0 hci_rx_work
[  664.469965][T10817] Call Trace:
[  664.469997][T10817]  <TASK>
[  664.470029][T10817]  __dump_stack+0x26/0x30
[  664.470128][T10817]  dump_stack_lvl+0x14c/0x1c0
[  664.470227][T10817]  dump_stack+0x1e/0x25
[  664.470312][T10817]  sysfs_create_dir_ns+0x46c/0x540
[  664.470441][T10817]  kobject_add_internal+0xf0f/0x1870
[  664.470610][T10817]  kobject_add+0x2c1/0x410
[  664.470710][T10817]  ? kmsan_get_metadata+0xfb/0x160
[  664.470827][T10817]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  664.470945][T10817]  device_add+0xa70/0x1c10
[  664.471050][T10817]  hci_conn_add_sysfs+0x15f/0x2f0
[  664.471156][T10817]  le_conn_complete_evt+0x1d03/0x2240
[  664.471267][T10817]  hci_le_conn_complete_evt+0x157/0x260
[  664.471401][T10817]  hci_le_meta_evt+0x6eb/0x960
[  664.471511][T10817]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  664.471714][T10817]  hci_event_packet+0xce2/0x1e40
[  664.471836][T10817]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  664.471974][T10817]  hci_rx_work+0x8c3/0xfc0
[  664.472086][T10817]  ? kmsan_get_metadata+0xfb/0x160
[  664.472198][T10817]  ? __pfx_hci_rx_work+0x10/0x10
[  664.472303][T10817]  process_scheduled_works+0xb91/0x1d80
[  664.472452][T10817]  worker_thread+0xedf/0x1590
[  664.472552][T10817]  kthread+0xd5c/0xf00
[  664.472632][T10817]  ? __pfx_worker_thread+0x10/0x10
[  664.472774][T10817]  ? __pfx_kthread+0x10/0x10
[  664.472896][T10817]  ret_from_fork+0x208/0x710
[  664.473004][T10817]  ? __switch_to+0x53d/0x790
[  664.473100][T10817]  ? __pfx_kthread+0x10/0x10
[  664.473185][T10817]  ret_from_fork_asm+0x1a/0x30
[  664.473307][T10817]  </TASK>
[  664.473376][T10817] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  664.680097][T10817] Bluetooth: hci0: failed to register connection device
[  667.374492][T11236] overlayfs: failed to resolve './file0': -2
[  667.949182][T11246] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1951'.
[  668.196839][T11250] loop5: detected capacity change from 0 to 7
[  668.235150][T11250] Dev loop5: unable to read RDB block 7
[  668.241228][T11250]  loop5: unable to read partition table
[  668.300932][T11241] netlink: 'syz.1.1949': attribute type 10 has an invalid length.
[  668.315342][T11250] loop5: partition table beyond EOD, truncated
[  668.321805][T11250] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[  668.346758][T11241] 8021q: adding VLAN 0 to HW filter on device batadv0
[  668.360715][T11241] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  668.645834][ T5814] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  668.655768][ T5814] CPU: 1 UID: 0 PID: 5814 Comm: kworker/u9:3 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  668.655936][ T5814] Tainted: [W]=WARN
[  668.655980][ T5814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  668.656083][ T5814] Workqueue: hci3 hci_rx_work
[  668.656259][ T5814] Call Trace:
[  668.656307][ T5814]  <TASK>
[  668.656361][ T5814]  __dump_stack+0x26/0x30
[  668.656514][ T5814]  dump_stack_lvl+0x14c/0x1c0
[  668.656668][ T5814]  dump_stack+0x1e/0x25
[  668.656810][ T5814]  sysfs_create_dir_ns+0x46c/0x540
[  668.656977][ T5814]  kobject_add_internal+0xf0f/0x1870
[  668.657145][ T5814]  kobject_add+0x2c1/0x410
[  668.657296][ T5814]  ? kmsan_get_metadata+0xfb/0x160
[  668.657479][ T5814]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  668.657668][ T5814]  device_add+0xa70/0x1c10
[  668.657829][ T5814]  hci_conn_add_sysfs+0x15f/0x2f0
[  668.657998][ T5814]  le_conn_complete_evt+0x1d03/0x2240
[  668.658169][ T5814]  hci_le_conn_complete_evt+0x157/0x260
[  668.658387][ T5814]  hci_le_meta_evt+0x6eb/0x960
[  668.658566][ T5814]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  668.658781][ T5814]  hci_event_packet+0xce2/0x1e40
[  668.658944][ T5814]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  668.659168][ T5814]  hci_rx_work+0x8c3/0xfc0
[  668.659349][ T5814]  ? kmsan_get_metadata+0xfb/0x160
[  668.659526][ T5814]  ? __pfx_hci_rx_work+0x10/0x10
[  668.659696][ T5814]  process_scheduled_works+0xb91/0x1d80
[  668.659933][ T5814]  worker_thread+0xedf/0x1590
[  668.660092][ T5814]  kthread+0xd5c/0xf00
[  668.660219][ T5814]  ? __pfx_worker_thread+0x10/0x10
[  668.660378][ T5814]  ? __pfx_kthread+0x10/0x10
[  668.660510][ T5814]  ret_from_fork+0x208/0x710
[  668.660681][ T5814]  ? __switch_to+0x53d/0x790
[  668.660834][ T5814]  ? __pfx_kthread+0x10/0x10
[  668.660975][ T5814]  ret_from_fork_asm+0x1a/0x30
[  668.661172][ T5814]  </TASK>
[  668.661290][ T5814] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  668.866597][ T5814] Bluetooth: hci3: failed to register connection device
[  672.164181][ T5814] Bluetooth: hci0: command 0x0406 tx timeout
[  673.114379][T11268] program syz.2.1960 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  673.459096][T11270] overlayfs: failed to resolve './file0': -2
[  673.691301][T10817] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  673.701137][T10817] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  673.730727][T10817] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  673.755298][T10817] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  673.776827][T10817] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  675.007751][T10817] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  675.844253][T10817] Bluetooth: hci5: command tx timeout
[  677.337864][T11275] chnl_net:caif_netlink_parms(): no params data found
[  677.797692][T11316] overlayfs: failed to resolve './file0': -2
[  677.930035][T10817] Bluetooth: hci5: command tx timeout
[  678.199744][ T1106] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  678.211127][ T1106] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.407061][ T1106] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  678.421353][ T1106] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.544573][ T1106] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  678.555307][ T1106] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.712081][ T1106] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  678.722797][ T1106] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.746661][T11329] netlink: 'syz.1.1977': attribute type 4 has an invalid length.
[  678.801651][T11331] netlink: 'syz.1.1977': attribute type 4 has an invalid length.
[  678.911872][T11275] bridge0: port 1(bridge_slave_0) entered blocking state
[  678.919909][T11275] bridge0: port 1(bridge_slave_0) entered disabled state
[  678.933526][T11275] bridge_slave_0: entered allmulticast mode
[  678.946496][T11275] bridge_slave_0: entered promiscuous mode
[  679.050747][T10817] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  679.368333][T11275] bridge0: port 2(bridge_slave_1) entered blocking state
[  679.375911][T11275] bridge0: port 2(bridge_slave_1) entered disabled state
[  679.383741][T11275] bridge_slave_1: entered allmulticast mode
[  679.393074][T11275] bridge_slave_1: entered promiscuous mode
[  679.635169][ T1106] bridge_slave_1: left allmulticast mode
[  679.641172][ T1106] bridge_slave_1: left promiscuous mode
[  679.654722][ T1106] bridge0: port 2(bridge_slave_1) entered disabled state
[  679.735536][ T1106] bridge_slave_0: left allmulticast mode
[  679.741591][ T1106] bridge_slave_0: left promiscuous mode
[  679.753101][ T1106] bridge0: port 1(bridge_slave_0) entered disabled state
[  680.004360][T10817] Bluetooth: hci5: command tx timeout
[  680.935198][ T1106] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  680.973543][ T1106] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  681.000185][ T1106] bond0 (unregistering): Released all slaves
[  681.125793][T11275] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  681.140063][T11337] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1980'.
[  681.151495][T11337] netem: invalid attributes len -19
[  681.157371][T11337] netem: change failed
[  681.167071][ T1106] tipc: Left network mode
[  681.179434][T11275] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  681.678436][T11275] team0: Port device team_slave_0 added
[  681.801120][T11275] team0: Port device team_slave_1 added
[  681.874161][ T1106] hsr_slave_0: left promiscuous mode
[  681.892854][ T1106] hsr_slave_1: left promiscuous mode
[  681.905176][ T1106] batman_adv: batadv0: Removing interface: batadv_slave_0
[  681.936956][ T1106] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  681.944678][ T1106] batman_adv: batadv0: Removing interface: batadv_slave_1
[  681.997144][ T1106] veth1_macvtap: left promiscuous mode
[  682.014519][ T1106] veth0_macvtap: left promiscuous mode
[  682.020415][ T1106] veth1_vlan: left promiscuous mode
[  682.028726][ T1106] veth0_vlan: left promiscuous mode
[  682.085876][T10817] Bluetooth: hci5: command tx timeout
[  682.339961][T11354] loop2: detected capacity change from 0 to 512
[  682.357011][T11357] netlink: 'syz.6.1988': attribute type 4 has an invalid length.
[  682.437199][T11358] netlink: 'syz.6.1988': attribute type 4 has an invalid length.
[  682.973145][ T1106] team0 (unregistering): Port device team_slave_0 removed
[  683.567085][T11275] batman_adv: batadv0: Adding interface: batadv_slave_0
[  683.574406][T11275] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  683.601850][T11275] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  683.633435][ T1106] IPVS: stop unused estimator thread 0...
[  683.718904][T11275] batman_adv: batadv0: Adding interface: batadv_slave_1
[  683.726339][T11275] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  683.760913][T11275] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  683.906114][T11367] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1991'.
[  684.073216][T11275] hsr_slave_0: entered promiscuous mode
[  684.083169][T11275] hsr_slave_1: entered promiscuous mode
[  684.410436][T10817] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  684.923125][T11275] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  684.988897][T11275] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  685.025781][T11275] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  685.057315][T11275] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  685.605308][T11275] 8021q: adding VLAN 0 to HW filter on device bond0
[  685.693676][T11275] 8021q: adding VLAN 0 to HW filter on device team0
[  685.751395][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  685.759160][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  685.774561][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  685.782010][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  686.339088][T11386] loop2: detected capacity change from 0 to 8
[  687.126440][T11275] 8021q: adding VLAN 0 to HW filter on device batadv0
[  688.532537][T11415] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2006'.
[  689.744611][ T5892] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  689.951042][ T5892] usb 7-1: Using ep0 maxpacket: 16
[  690.015384][ T5892] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  690.023733][ T5892] usb 7-1: config 0 has no interface number 0
[  690.100909][ T5892] usb 7-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  690.111467][ T5892] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  690.120605][ T5892] usb 7-1: Product: syz
[  690.125764][ T5892] usb 7-1: Manufacturer: syz
[  690.130525][ T5892] usb 7-1: SerialNumber: syz
[  690.343519][ T5892] usb 7-1: config 0 descriptor??
[  690.381372][ T5892] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  691.242681][T11275] veth0_vlan: entered promiscuous mode
[  691.381990][T11275] veth1_vlan: entered promiscuous mode
[  691.869647][T11275] veth0_macvtap: entered promiscuous mode
[  691.988665][T11275] veth1_macvtap: entered promiscuous mode
[  692.326352][T11275] batman_adv: batadv0: Interface activated: batadv_slave_0
[  692.337817][ T5892] gspca_spca1528: reg_r err -71
[  692.347492][ T5892] spca1528 7-1:0.1: probe with driver spca1528 failed with error -71
[  692.377431][ T5892] usb 7-1: USB disconnect, device number 2
[  692.427960][T11275] batman_adv: batadv0: Interface activated: batadv_slave_1
[  692.544507][   T12] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  692.630695][   T12] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  692.709870][   T12] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  692.767458][   T12] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  693.379757][T11446] loop6: detected capacity change from 0 to 760
[  693.436235][T11446] iso9660: Unknown parameter '0xffffffffffffffff‘ŠÌʼç<¶<ák[Ï(:µÞ—öc6‘Ýz¶ªçºi9§î„Fª'Ž¹-é�OHBÝnsNɉʨƒ†cŠÇ22NÝ�*[Àížæ�Ó¾èòQ”ÝG§xŠ]& �¬Ñ
ûiø"À?’
[  693.436235][T11446] „¹Ìëh¢`õl¥±ô'
[  693.647912][T11446] overlayfs: failed to resolve './bus': -2
[  696.386191][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  696.394722][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  696.498982][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  696.507188][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  697.139393][T11518] loop7: detected capacity change from 0 to 760
[  697.176159][T11518] iso9660: Unknown parameter '0xffffffffffffffff‘ŠÌʼç<¶<ák[Ï(:µÞ—öc6‘Ýz¶ªçºi9§î„Fª'Ž¹-é�OHBÝnsNɉʨƒ†cŠÇ22NÝ�*[Àížæ�Ó¾èòQ”ÝG§xŠ]& �¬Ñ
ûiø"À?’
[  697.176159][T11518] „¹Ìëh¢`õl¥±ô'
[  699.597097][T11550] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  699.603196][T11550] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  699.621194][T11550] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  699.628267][T11550] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  699.696948][T11550] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  699.703049][T11550] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  700.017857][T11550] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  700.026177][T11550] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  700.186170][T11550] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  700.192276][T11550] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[  704.201383][T11605] loop2: detected capacity change from 0 to 760
[  704.304373][T11605] iso9660: Unknown parameter '0xffffffffffffffff‘ŠÌʼç<¶<ák[Ï(:µÞ—öc6‘Ýz¶ªçºi9§î„Fª'Ž¹-é�OHBÝnsNɉʨƒ†cŠÇ22NÝ�*[Àížæ�Ó¾èòQ”ÝG§xŠ]& �¬Ñ
ûiø"À?’
[  704.304373][T11605] „¹Ìëh¢`õl¥±ô'
[  704.720243][T11611] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  704.956387][T11615] 9p: Bad value for 'rfdno'
[  709.022802][T11649] loop7: detected capacity change from 0 to 128
[  710.784443][   T30] audit: type=1326 audit(43777464.759:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.2.2086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1a4f8f749 code=0x7ffc0000
[  710.809830][   T30] audit: type=1326 audit(43777464.759:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.2.2086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1a4f8f749 code=0x7ffc0000
[  710.832700][   T30] audit: type=1326 audit(43777464.779:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.2.2086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1a4f8f749 code=0x7ffc0000
[  710.855431][   T30] audit: type=1326 audit(43777464.779:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.2.2086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1a4f8f749 code=0x7ffc0000
[  710.878288][   T30] audit: type=1326 audit(43777464.779:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.2.2086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7fe1a4f8f749 code=0x7ffc0000
[  710.900822][   T30] audit: type=1326 audit(43777464.779:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.2.2086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1a4f8f749 code=0x7ffc0000
[  710.923709][   T30] audit: type=1326 audit(43777464.779:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.2.2086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1a4f8f749 code=0x7ffc0000
[  710.946509][   T30] audit: type=1326 audit(43777464.789:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.2.2086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1a4f8f749 code=0x7ffc0000
[  710.972287][   T30] audit: type=1326 audit(43777464.789:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.2.2086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fe1a4f8f749 code=0x7ffc0000
[  710.996698][   T30] audit: type=1326 audit(43777464.799:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.2.2086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fe1a4f8f749 code=0x7ffc0000
[  713.146718][T11696] loop6: detected capacity change from 0 to 760
[  713.196488][T11696] iso9660: Unknown parameter '0xffffffffffffffff‘ŠÌʼç<¶<ák[Ï(:µÞ—öc6‘Ýz¶ªçºi9§î„Fª'Ž¹-é�OHBÝnsNɉʨƒ†cŠÇ22NÝ�*[Àížæ�Ó¾èòQ”ÝG§xŠ]& �¬Ñ
ûiø"À?’
[  713.196488][T11696] „¹Ìëh¢`õl¥±ô'
[  714.154913][T11713] loop7: detected capacity change from 0 to 2048
[  714.236183][T11713] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  715.080659][T11737] loop7: detected capacity change from 0 to 128
[  715.237884][T11743] loop6: detected capacity change from 0 to 760
[  715.278500][T11743] iso9660: Unknown parameter '0xffffffffffffffff‘ŠÌʼç<¶<ák[Ï(:µÞ—öc6‘Ýz¶ªçºi9§î„Fª'Ž¹-é�OHBÝnsNɉʨƒ†cŠÇ22NÝ�*[Àížæ�Ó¾èòQ”ÝG§xŠ]& �¬Ñ
ûiø"À?’
[  715.278500][T11743] „¹Ìëh¢`õl¥±ô'
[  716.101914][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  716.110414][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  716.936812][T11760] loop6: detected capacity change from 0 to 1024
[  718.350224][T11785] loop6: detected capacity change from 0 to 512
[  718.449573][T11785] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  718.487153][T11785] EXT4-fs (loop6): orphan cleanup on readonly fs
[  718.571896][T11785] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #16: comm syz.6.2124: corrupted inode contents
[  718.617516][T11785] EXT4-fs (loop6): Remounting filesystem read-only
[  718.636355][T11785] EXT4-fs (loop6): 1 truncate cleaned up
[  718.648241][   T54] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  718.661004][   T54] Quota error (device loop6): write_blk: dquota write failed
[  718.668775][   T54] Quota error (device loop6): remove_free_dqentry: Can't write block (5) with free entries
[  718.679226][   T54] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  718.690178][   T54] Quota error (device loop6): write_blk: dquota write failed
[  718.698027][   T54] Quota error (device loop6): free_dqentry: Can't move quota data block (5) to free list
[  718.710358][   T54] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  718.721361][   T54] Quota error (device loop6): v2_write_file_info: Can't write info structure
[  718.730977][   T54] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  718.913307][T11785] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  719.243703][T10816] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.545367][T11825] loop6: detected capacity change from 0 to 128
[  723.553021][T11844] netlink: 'syz.1.2145': attribute type 1 has an invalid length.
[  723.626671][T11844] bond1: entered promiscuous mode
[  723.633005][T11844] 8021q: adding VLAN 0 to HW filter on device bond1
[  723.816552][T11844] bond1: (slave veth3): making interface the new active one
[  723.824183][T11844] veth3: entered promiscuous mode
[  723.833238][T11844] bond1: (slave veth3): Enslaving as an active interface with an up link
[  723.938097][T11852] loop2: detected capacity change from 0 to 2048
[  724.010392][T11852] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  725.625369][T10540] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  725.829156][T10540] usb 7-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  725.838977][T10540] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  725.876434][T10540] usb 7-1: config 0 descriptor??
[  726.439415][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  727.128502][T10540] pegasus 7-1:0.0: can't reset MAC
[  727.135954][T10540] pegasus 7-1:0.0: probe with driver pegasus failed with error -5
[  727.156568][T10540] usb 7-1: USB disconnect, device number 3
[  728.120428][T11953] loop2: detected capacity change from 0 to 8
[  728.520552][T11959] loop6: detected capacity change from 0 to 2048
[  728.542491][T11965] loop7: detected capacity change from 0 to 128
[  728.589114][T11959] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  729.533120][T11991] loop6: detected capacity change from 0 to 256
[  729.749843][T11995] loop2: detected capacity change from 0 to 128
[  730.031050][T12000] loop6: detected capacity change from 0 to 2048
[  730.061355][T12003] loop7: detected capacity change from 0 to 512
[  730.066150][T12000] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  730.118091][T12003] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  730.188184][T12003] EXT4-fs (loop7): 1 truncate cleaned up
[  730.196295][T12003] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  731.199425][T11275] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  733.106915][T12022] loop2: detected capacity change from 0 to 512
[  733.219260][T12022] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  733.283574][T12022] EXT4-fs (loop2): orphan cleanup on readonly fs
[  733.369862][T12022] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.2214: corrupted inode contents
[  733.469204][T12022] EXT4-fs (loop2): Remounting filesystem read-only
[  733.515031][T12022] EXT4-fs (loop2): 1 truncate cleaned up
[  733.788743][T12033] team_slave_0: entered promiscuous mode
[  733.794784][T12033] team_slave_1: entered promiscuous mode
[  733.806523][T12033] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  733.898311][ T4487] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  733.909517][ T4487] Quota error (device loop2): write_blk: dquota write failed
[  733.917253][ T4487] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  733.927659][ T4487] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  733.938601][ T4487] Quota error (device loop2): write_blk: dquota write failed
[  733.946777][ T4487] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  733.957128][ T4487] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  733.967484][ T4487] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  733.977064][ T4487] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  734.347927][T12036] loop7: detected capacity change from 0 to 1024
[  734.358796][T12022] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  734.541786][T12036] hfsplus: trying to free free bnode 0(1)
[  734.768734][ T5807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  734.861990][ T4487] hfsplus: b-tree write err: -5, ino 4
[  735.282621][T12043] loop6: detected capacity change from 0 to 2048
[  735.323465][T12043] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  735.745334][T12048] xt_CT: No such helper "pptp"
[  737.659521][T12061] loop6: detected capacity change from 0 to 8
[  737.888094][T12063] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  738.596323][T12072] loop6: detected capacity change from 0 to 512
[  738.675829][T12072] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  738.706455][T12072] EXT4-fs (loop6): orphan cleanup on readonly fs
[  738.752693][T12072] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #16: comm syz.6.2232: corrupted inode contents
[  738.812400][T12072] EXT4-fs (loop6): Remounting filesystem read-only
[  738.864727][T12072] EXT4-fs (loop6): 1 truncate cleaned up
[  738.872587][ T4487] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  738.884300][ T4487] Quota error (device loop6): write_blk: dquota write failed
[  738.891982][ T4487] Quota error (device loop6): remove_free_dqentry: Can't write block (5) with free entries
[  738.902434][ T4487] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  738.913380][ T4487] Quota error (device loop6): write_blk: dquota write failed
[  738.921298][ T4487] Quota error (device loop6): free_dqentry: Can't move quota data block (5) to free list
[  738.931996][ T4487] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  738.942531][ T4487] Quota error (device loop6): v2_write_file_info: Can't write info structure
[  738.952355][ T4487] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  739.250349][T12072] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  739.794817][T10816] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  739.905416][T12082] loop2: detected capacity change from 0 to 128
[  740.636430][T12090] loop2: detected capacity change from 0 to 2048
[  740.686015][T12090] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  741.923011][T12101] autofs: Unknown parameter '00000000000000000000'
[  741.977810][T12103] loop2: detected capacity change from 0 to 8
[  743.194315][T12109] loop7: detected capacity change from 0 to 512
[  743.292638][T12109] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  743.340128][T12109] EXT4-fs (loop7): orphan cleanup on readonly fs
[  743.430465][T12109] EXT4-fs error (device loop7): ext4_do_update_inode:5617: inode #16: comm syz.7.2246: corrupted inode contents
[  743.474663][T12109] EXT4-fs (loop7): Remounting filesystem read-only
[  743.527516][T12109] EXT4-fs (loop7): 1 truncate cleaned up
[  743.547425][ T1106] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  743.561335][ T1106] Quota error (device loop7): write_blk: dquota write failed
[  743.569044][ T1106] Quota error (device loop7): remove_free_dqentry: Can't write block (5) with free entries
[  743.579423][ T1106] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  743.590207][ T1106] Quota error (device loop7): write_blk: dquota write failed
[  743.598087][ T1106] Quota error (device loop7): free_dqentry: Can't move quota data block (5) to free list
[  743.609911][ T1106] EXT4-fs (loop7): Quota write (off=8, len=24) cancelled because transaction is not started
[  743.620694][ T1106] Quota error (device loop7): v2_write_file_info: Can't write info structure
[  743.630092][ T1106] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  743.719827][T12109] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  743.919101][T11275] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  744.361154][T12135] loop7: detected capacity change from 0 to 2048
[  744.419676][T12135] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  744.778038][T12143] loop7: detected capacity change from 0 to 8
[  746.693009][T12129] loop6: detected capacity change from 0 to 32768
[  746.736427][T12129] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2252 (12129)
[  746.801094][T12129] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  746.825386][T12129] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  746.868752][T12129] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  746.869886][T12129] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  746.880213][T12129] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  746.890867][T12129] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  746.900785][T12129] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  746.910769][T12129] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  746.921771][T12129] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  746.932225][T12129] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  746.942254][T12129] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  746.952807][T12129] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  746.963515][T12129] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  747.053404][T12129] BTRFS error (device loop6): open_ctree failed: -12
[  747.683466][T12169] loop2: detected capacity change from 0 to 512
[  747.810746][T12169] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  747.885081][T12169] EXT4-fs (loop2): orphan cleanup on readonly fs
[  747.979739][T12169] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.2263: corrupted inode contents
[  748.006128][T12169] EXT4-fs (loop2): Remounting filesystem read-only
[  748.046735][T12169] EXT4-fs (loop2): 1 truncate cleaned up
[  748.059757][  T152] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  748.070746][  T152] Quota error (device loop2): write_blk: dquota write failed
[  748.078453][  T152] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  748.090281][  T152] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  748.101927][  T152] Quota error (device loop2): write_blk: dquota write failed
[  748.109931][  T152] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  748.120461][  T152] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  748.130842][  T152] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  748.140281][  T152] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  748.247935][T12169] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  748.512205][ T5807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  748.630592][T12177] netlink: 'syz.6.2265': attribute type 2 has an invalid length.
[  748.638914][T12177] netlink: 164 bytes leftover after parsing attributes in process `syz.6.2265'.
[  749.038151][T12183] loop7: detected capacity change from 0 to 2048
[  749.106453][T12183] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  752.252081][T12213] sd 0:0:1:0: device reset
[  755.896204][T12232] loop6: detected capacity change from 0 to 256
[  758.517999][T12259] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  759.244808][T12265] loop7: detected capacity change from 0 to 4096
[  759.323790][T12265] ntfs3(loop7): failed to replay log file. Can't mount rw!
[  759.832129][T12271] loop2: detected capacity change from 0 to 512
[  759.958766][T12273] trusted_key: syz.4.2306 sent an empty control message without MSG_MORE.
[  759.986389][T12271] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  760.005567][T12271] EXT4-fs (loop2): orphan cleanup on readonly fs
[  760.082132][T12271] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.2304: corrupted inode contents
[  760.097174][T12248] loop6: detected capacity change from 0 to 40427
[  760.108338][T12248] F2FS-fs (loop6): Small segment_count (9 < 1 * 24)
[  760.115387][T12248] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  760.126371][T12271] EXT4-fs (loop2): Remounting filesystem read-only
[  760.140911][T12271] EXT4-fs (loop2): 1 truncate cleaned up
[  760.149557][   T54] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  760.160604][   T54] Quota error (device loop2): write_blk: dquota write failed
[  760.169340][   T54] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  760.180081][   T54] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  760.190960][   T54] Quota error (device loop2): write_blk: dquota write failed
[  760.199064][   T54] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  760.209669][   T54] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  760.220319][   T54] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  760.230284][   T54] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  760.366004][T12271] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  760.460704][T12248] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  760.520887][T12248] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  760.528515][T12248] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  760.565575][ T5807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  761.221890][T12291] loop2: detected capacity change from 0 to 4096
[  761.245408][T12295] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  761.332345][T12296] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  761.435482][   T30] audit: type=1800 audit(43777515.479:779): pid=12291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2312" name="file1" dev="loop2" ino=15 res=0 errno=0
[  762.462829][T12307] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2313'.
[  762.855523][T12315] loop6: detected capacity change from 0 to 1024
[  762.864721][T12314] loop2: detected capacity change from 0 to 512
[  762.885524][T12315] hfsplus: invalid file type 0120411 for inode 2
[  762.892528][T12315] hfsplus: failed to load root directory
[  762.911475][T12317] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2324'.
[  762.921352][T12317] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2324'.
[  762.978833][T12314] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  763.027910][T12314] EXT4-fs (loop2): orphan cleanup on readonly fs
[  763.186749][T12314] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.2322: corrupted inode contents
[  763.260550][T12314] EXT4-fs (loop2): Remounting filesystem read-only
[  763.313386][T12314] EXT4-fs (loop2): 1 truncate cleaned up
[  763.336658][ T1088] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  763.347786][ T1088] Quota error (device loop2): write_blk: dquota write failed
[  763.355420][ T1088] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  763.367462][ T1088] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  763.378858][ T1088] Quota error (device loop2): write_blk: dquota write failed
[  763.386717][ T1088] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  763.669528][T12314] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  765.314823][ T5807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  765.384912][T12336] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  766.622970][T12363] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  767.199650][T12376] tipc: Started in network mode
[  767.207323][T12376] tipc: Node identity beca5003b03b, cluster identity 4711
[  767.215879][T12376] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  767.235498][T12376] syzkaller0: entered promiscuous mode
[  767.241240][T12376] syzkaller0: entered allmulticast mode
[  767.296793][T12376] tipc: Resetting bearer <eth:syzkaller0>
[  767.365354][T12375] tipc: Resetting bearer <eth:syzkaller0>
[  767.397426][T12375] tipc: Disabling bearer <eth:syzkaller0>
[  769.969814][T12402] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  778.800148][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  778.806831][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  788.411379][T12507] loop7: detected capacity change from 0 to 64
[  792.041289][T12547] loop2: detected capacity change from 0 to 64
[  792.800785][T12560] loop6: detected capacity change from 0 to 512
[  792.866798][T12560] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  795.402494][T10816] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  795.665351][T12587] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2429'.
[  798.479164][T12616] loop2: detected capacity change from 0 to 2048
[  798.525560][T12616] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  798.789715][T12621] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2442'.
[  800.112623][T12644] loop7: detected capacity change from 0 to 2048
[  800.148325][T12644] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  800.184507][T12647] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2455'.
[  800.302230][T12648] loop6: detected capacity change from 0 to 2048
[  800.363292][T12648] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  800.509902][T12652] vxcan1: entered promiscuous mode
[  800.784708][T12658] loop6: detected capacity change from 0 to 64
[  801.638065][T12674] fuse: Unknown parameter 'grou00000000000000000000'
[  802.176581][T12683] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2467'.
[  802.352977][T12680] loop6: detected capacity change from 0 to 2048
[  802.381362][T12680] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  803.888975][T12695] loop2: detected capacity change from 0 to 512
[  803.927732][T12695] EXT4-fs: Ignoring removed bh option
[  803.968770][T12695] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  804.106240][T12695] EXT4-fs (loop2): 1 truncate cleaned up
[  804.114499][T12695] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  804.611766][T12704] fuse: Unknown parameter 'grou00000000000000000000'
[  806.316277][T12728] fuse: Unknown parameter 'group_i00000000000000000000'
[  806.951068][T12735] loop7: detected capacity change from 0 to 4096
[  807.190786][T12735] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[  807.597472][T11275] ntfs3(loop7): ino=9, ntfs_sync_fs failed, -22.
[  807.900543][ T5807] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  808.207361][T12757] fuse: Unknown parameter 'group_i00000000000000000000'
[  808.870599][T12772] 9pnet_virtio: no channels available for device syz
[  810.883033][T12780] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2510'.
[  812.636966][T12787] fuse: Unknown parameter 'group_i00000000000000000000'
[  812.722940][T12791] loop7: detected capacity change from 0 to 2048
[  812.814162][T12791] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  816.405396][T12848] xt_bpf: check failed: parse error
[  816.459681][T12848] loop6: detected capacity change from 0 to 128
[  816.503240][T12848] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  821.122719][T10817] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  821.138620][T10817] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  821.147945][T10817] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  821.331482][T10817] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  821.346958][   T35] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  821.368053][T10817] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  821.445289][ T5814] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  821.466690][ T5814] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  821.476152][ T5814] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  821.496902][ T5814] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  821.517184][ T5814] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  821.563503][   T35] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  821.717228][   T35] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  821.856441][   T35] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  822.301132][   T35] bridge_slave_1: left allmulticast mode
[  822.307341][   T35] bridge_slave_1: left promiscuous mode
[  822.313918][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  822.347513][   T35] bridge_slave_0: left allmulticast mode
[  822.353362][   T35] bridge_slave_0: left promiscuous mode
[  822.360321][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  822.925952][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  822.991376][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  823.029765][   T35] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  823.067400][   T35] bond0 (unregistering): Released all slaves
[  823.099888][   T35] bond1 (unregistering): (slave veth3): Releasing backup interface
[  823.108351][   T35] veth3: left promiscuous mode
[  823.202278][   T35] bond1 (unregistering): Released all slaves
[  823.223305][   T35] bond2 (unregistering): Released all slaves
[  823.336557][T12905] chnl_net:caif_netlink_parms(): no params data found
[  823.477730][   T35] tipc: Left network mode
[  823.608383][ T5814] Bluetooth: hci1: command tx timeout
[  823.754509][   T35] hsr_slave_0: left promiscuous mode
[  823.824217][   T35] hsr_slave_1: left promiscuous mode
[  823.832133][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  823.839908][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  823.890004][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  823.897933][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  823.976142][   T35] team_slave_0: left promiscuous mode
[  823.981906][   T35] team_slave_1: left promiscuous mode
[  823.987732][   T35] veth1_macvtap: left promiscuous mode
[  823.993404][   T35] veth0_macvtap: left promiscuous mode
[  823.999467][   T35] veth1_vlan: left promiscuous mode
[  824.005086][   T35] veth0_vlan: left promiscuous mode
[  825.394614][   T35] team0 (unregistering): Port device team_slave_1 removed
[  825.419976][   T35] team0 (unregistering): Port device team_slave_0 removed
[  825.690665][ T5814] Bluetooth: hci1: command tx timeout
[  826.650437][T12905] bridge0: port 1(bridge_slave_0) entered blocking state
[  826.658341][T12905] bridge0: port 1(bridge_slave_0) entered disabled state
[  826.666213][T12905] bridge_slave_0: entered allmulticast mode
[  826.675504][T12905] bridge_slave_0: entered promiscuous mode
[  827.215543][T12905] bridge0: port 2(bridge_slave_1) entered blocking state
[  827.222860][T12905] bridge0: port 2(bridge_slave_1) entered disabled state
[  827.232989][T12905] bridge_slave_1: entered allmulticast mode
[  827.242505][T12905] bridge_slave_1: entered promiscuous mode
[  827.621756][T12905] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  827.740372][T12905] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  827.768800][ T5814] Bluetooth: hci1: command tx timeout
[  828.152672][T12905] team0: Port device team_slave_0 added
[  828.210167][T12905] team0: Port device team_slave_1 added
[  828.353507][T12905] batman_adv: batadv0: Adding interface: batadv_slave_0
[  828.360719][T12905] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  828.386978][T12905] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  828.417315][T12905] batman_adv: batadv0: Adding interface: batadv_slave_1
[  828.424677][T12905] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  828.450878][T12905] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  828.586270][T12905] hsr_slave_0: entered promiscuous mode
[  828.596200][T12905] hsr_slave_1: entered promiscuous mode
[  828.604762][T12905] debugfs: 'hsr0' already exists in 'hsr'
[  828.610639][T12905] Cannot create hsr debugfs directory
[  829.915093][ T5814] Bluetooth: hci1: command tx timeout
[  830.038720][T12905] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  830.065177][T12905] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  830.086261][T12905] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  830.124417][T12905] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  831.009536][T13017] loop2: detected capacity change from 0 to 32768
[  831.022269][T13017] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2605 (13017)
[  831.055165][T13017] BTRFS info (device loop2): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  831.066810][T13017] BTRFS info (device loop2): using blake2b (blake2b-256-lib) checksum algorithm
[  831.210589][T12905] 8021q: adding VLAN 0 to HW filter on device bond0
[  831.236420][T13017] BTRFS info (device loop2): enabling ssd optimizations
[  831.243688][T13017] BTRFS info (device loop2): turning on async discard
[  831.251788][T13017] BTRFS info (device loop2): enabling free space tree
[  831.342281][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  831.342358][   T30] audit: type=1800 audit(43777585.359:780): pid=13017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2605" name="file2" dev="loop2" ino=261 res=0 errno=0
[  831.388257][T13017] BTRFS info (device loop2): setting compat-ro feature flag for VERITY (0x4)
[  831.494000][T12905] 8021q: adding VLAN 0 to HW filter on device team0
[  831.553700][  T152] bridge0: port 1(bridge_slave_0) entered blocking state
[  831.561294][  T152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  831.857643][T12905] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  831.868416][T12905] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  831.942558][  T152] bridge0: port 2(bridge_slave_1) entered blocking state
[  831.950163][  T152] bridge0: port 2(bridge_slave_1) entered forwarding state
[  831.970067][ T5807] BTRFS info (device loop2): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  833.053644][T12905] 8021q: adding VLAN 0 to HW filter on device batadv0
[  833.391757][T12905] veth0_vlan: entered promiscuous mode
[  833.508289][T12905] veth1_vlan: entered promiscuous mode
[  833.622738][T13068] netlink: 'syz.6.2619': attribute type 10 has an invalid length.
[  833.741590][T12905] veth0_macvtap: entered promiscuous mode
[  833.774281][T12905] veth1_macvtap: entered promiscuous mode
[  833.862214][T12905] batman_adv: batadv0: Interface activated: batadv_slave_0
[  833.902065][T12905] batman_adv: batadv0: Interface activated: batadv_slave_1
[  833.950748][ T1106] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  834.013018][ T1106] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  834.076098][T13073] loop7: detected capacity change from 0 to 2048
[  834.089326][ T1106] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  834.121910][ T4404] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  834.133374][T13073] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  836.505686][T13120] tipc: Started in network mode
[  836.510819][T13120] tipc: Node identity d22d98b68acc, cluster identity 4711
[  836.519217][T13120] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  836.549901][T13120] syzkaller0: entered promiscuous mode
[  836.555983][T13120] syzkaller0: entered allmulticast mode
[  836.627646][T13122] tipc: Resetting bearer <eth:syzkaller0>
[  836.711294][T13119] tipc: Resetting bearer <eth:syzkaller0>
[  836.766708][T13119] tipc: Disabling bearer <eth:syzkaller0>
[  836.810781][T13124] loop6: detected capacity change from 0 to 1024
[  837.090262][ T4404] hfsplus: b-tree write err: -5, ino 4
[  837.704914][ T4204] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  837.713037][ T4204] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  837.837686][ T4204] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  837.846199][ T4204] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  838.406534][T13163] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  838.996874][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  839.003849][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  840.310633][T13213] tipc: Started in network mode
[  840.318877][T13213] tipc: Node identity 080211000001, cluster identity 4711
[  840.329168][T13213] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  840.366254][T13218] mac80211_hwsim hwsim15 syzkaller0: entered promiscuous mode
[  840.374659][T13218] mac80211_hwsim hwsim15 syzkaller0: entered allmulticast mode
[  840.384953][T13218] tipc: Resetting bearer <eth:syzkaller0>
[  840.450247][T13213] tipc: Resetting bearer <eth:syzkaller0>
[  841.444881][T10540] tipc: Node number set to 134418688
[  841.492018][T13242] fuse: Bad value for 'fd'
[  841.970336][T13253] loop7: detected capacity change from 0 to 7
[  841.989450][T13253] Dev loop7: unable to read RDB block 7
[  841.995406][T13253]  loop7: AHDI p1 p2 p3
[  841.997892][T13254] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  842.000014][T13253] loop7: partition table partially beyond EOD, truncated
[  842.016128][T13253] loop7: p1 start 1702000233 is beyond EOD, truncated
[  842.023282][T13253] loop7: p2 size 10240 extends beyond EOD, truncated
[  843.666860][T13280] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  843.683043][T13280] syzkaller0: entered promiscuous mode
[  843.694272][T13280] syzkaller0: entered allmulticast mode
[  843.727092][T13280] tipc: Resetting bearer <eth:syzkaller0>
[  843.737602][T13279] tipc: Resetting bearer <eth:syzkaller0>
[  843.762040][T13279] tipc: Disabling bearer <eth:syzkaller0>
[  846.889851][T13288] loop7: detected capacity change from 0 to 131072
[  846.950845][T13288] F2FS-fs (loop7): Segment count (31) mismatch with total segments from devices (0)
[  846.960954][T13288] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  846.996787][T13288] F2FS-fs (loop7): invalid crc value
[  847.237756][T13288] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  850.554738][T13335] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2715'.
[  851.975212][T13352] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  851.987051][T13352] syzkaller0: entered promiscuous mode
[  851.992728][T13352] syzkaller0: entered allmulticast mode
[  852.028652][T13352] tipc: Resetting bearer <eth:syzkaller0>
[  852.043478][T13351] tipc: Resetting bearer <eth:syzkaller0>
[  852.061287][T13351] tipc: Disabling bearer <eth:syzkaller0>
[  854.117952][T13371] loop6: detected capacity change from 0 to 1024
[  854.675284][T13377] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  854.698044][   T54] hfsplus: b-tree write err: -5, ino 4
[  855.132305][T13383] loop6: detected capacity change from 0 to 512
[  855.187386][T13383] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  855.284332][T13383] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  855.355469][T13383] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 3: comm syz.6.2732: path (unknown): bad entry in directory: directory entry overrun - offset=12, inode=514, rec_len=2048, size=2048 fake=0
[  855.415964][T13383] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 12: comm syz.6.2732: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0
[  855.456759][T13383] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 13: comm syz.6.2732: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0
[  855.806885][T10816] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  856.716297][T10817] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  856.729482][T10817] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  856.739387][T10817] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  856.758873][T10817] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  856.776644][T10817] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  858.042460][T13412] loop6: detected capacity change from 0 to 1024
[  858.111674][T13399] chnl_net:caif_netlink_parms(): no params data found
[  858.806175][T10817] Bluetooth: hci2: command tx timeout
[  859.003365][  T152] hfsplus: b-tree write err: -5, ino 4
[  859.387759][T13399] bridge0: port 1(bridge_slave_0) entered blocking state
[  859.395314][T13399] bridge0: port 1(bridge_slave_0) entered disabled state
[  859.402819][T13399] bridge_slave_0: entered allmulticast mode
[  859.411361][T13399] bridge_slave_0: entered promiscuous mode
[  859.501312][T13399] bridge0: port 2(bridge_slave_1) entered blocking state
[  859.509216][T13399] bridge0: port 2(bridge_slave_1) entered disabled state
[  859.516880][T13399] bridge_slave_1: entered allmulticast mode
[  859.525443][T13399] bridge_slave_1: entered promiscuous mode
[  859.887274][T13399] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  859.935598][T13399] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  860.103741][T13399] team0: Port device team_slave_0 added
[  860.133994][T13399] team0: Port device team_slave_1 added
[  860.222088][T13399] batman_adv: batadv0: Adding interface: batadv_slave_0
[  860.231236][T13399] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  860.258132][T13399] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  860.281849][T13399] batman_adv: batadv0: Adding interface: batadv_slave_1
[  860.290072][T13399] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  860.317806][T13399] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  860.334460][T13427] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  860.610010][T13399] hsr_slave_0: entered promiscuous mode
[  860.618590][T13399] hsr_slave_1: entered promiscuous mode
[  860.626203][T13399] debugfs: 'hsr0' already exists in 'hsr'
[  860.632046][T13399] Cannot create hsr debugfs directory
[  860.884006][T10817] Bluetooth: hci2: command tx timeout
[  862.052698][T13399] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.286550][T13399] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  862.977720][T10817] Bluetooth: hci2: command tx timeout
[  863.431250][T13399] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  863.882170][T13399] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  864.298246][ T5814] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  864.307788][ T5814] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  864.333613][ T5814] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  864.346904][ T5814] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  864.358084][ T5814] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  865.044919][ T5814] Bluetooth: hci2: command tx timeout
[  865.302590][T13399] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  865.919225][T13399] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  866.081180][T13462] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  866.494325][ T5814] Bluetooth: hci4: command tx timeout
[  866.924895][T13399] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  867.110495][T13470] team_slave_0: entered promiscuous mode
[  867.116593][T13470] team_slave_1: entered promiscuous mode
[  867.128765][T13470] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  867.231647][T13449] chnl_net:caif_netlink_parms(): no params data found
[  867.325819][T13470] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  867.417375][T13473] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  867.918265][T13399] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  868.467797][T13449] bridge0: port 1(bridge_slave_0) entered blocking state
[  868.477242][T13449] bridge0: port 1(bridge_slave_0) entered disabled state
[  868.485457][T13449] bridge_slave_0: entered allmulticast mode
[  868.494707][T13449] bridge_slave_0: entered promiscuous mode
[  868.509147][T13449] bridge0: port 2(bridge_slave_1) entered blocking state
[  868.518467][T13449] bridge0: port 2(bridge_slave_1) entered disabled state
[  868.527005][T13449] bridge_slave_1: entered allmulticast mode
[  868.535831][T13449] bridge_slave_1: entered promiscuous mode
[  868.580089][ T5814] Bluetooth: hci4: command tx timeout
[  868.637531][T13449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  868.660933][T13449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  869.596103][T13449] team0: Port device team_slave_0 added
[  869.620758][T13449] team0: Port device team_slave_1 added
[  869.950555][T13449] batman_adv: batadv0: Adding interface: batadv_slave_0
[  869.958470][T13449] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  869.985156][T13449] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  870.184538][T13449] batman_adv: batadv0: Adding interface: batadv_slave_1
[  870.191723][T13449] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  870.220557][T13449] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  870.646668][ T5814] Bluetooth: hci4: command tx timeout
[  870.986766][T13449] hsr_slave_0: entered promiscuous mode
[  870.997003][T13449] hsr_slave_1: entered promiscuous mode
[  871.005951][T13449] debugfs: 'hsr0' already exists in 'hsr'
[  871.012366][T13449] Cannot create hsr debugfs directory
[  871.422921][T13490] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  871.531093][T13490] syzkaller0: entered promiscuous mode
[  871.536836][T13490] syzkaller0: entered allmulticast mode
[  871.589948][T13399] 8021q: adding VLAN 0 to HW filter on device bond0
[  871.722458][T13490] tipc: Resetting bearer <eth:syzkaller0>
[  871.756886][T13399] 8021q: adding VLAN 0 to HW filter on device team0
[  871.797736][T13489] tipc: Resetting bearer <eth:syzkaller0>
[  871.831093][T13489] tipc: Disabling bearer <eth:syzkaller0>
[  871.916101][ T1027] bridge0: port 1(bridge_slave_0) entered blocking state
[  871.923700][ T1027] bridge0: port 1(bridge_slave_0) entered forwarding state
[  872.029147][ T1027] bridge0: port 2(bridge_slave_1) entered blocking state
[  872.036683][ T1027] bridge0: port 2(bridge_slave_1) entered forwarding state
[  872.280184][T13499] 8021q: adding VLAN 0 to HW filter on device macvlan4
[  872.369263][T13499] 8021q: adding VLAN 0 to HW filter on device macvlan5
[  872.543494][T13501] binder_alloc: 13500: binder_alloc_buf, no vma
[  872.728330][ T5814] Bluetooth: hci4: command tx timeout
[  873.025082][T13508] loop6: detected capacity change from 0 to 1024
[  873.237387][T13449] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  873.262405][T13449] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  873.366933][T13449] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  873.435243][T13449] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  873.501485][ T4404] hfsplus: b-tree write err: -5, ino 4
[  873.980394][T13399] 8021q: adding VLAN 0 to HW filter on device batadv0
[  874.303618][T13521] loop6: detected capacity change from 0 to 512
[  874.377337][T13449] 8021q: adding VLAN 0 to HW filter on device bond0
[  874.559370][T13521] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  874.607882][T13449] 8021q: adding VLAN 0 to HW filter on device team0
[  874.697566][T13528] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  874.712697][T13528] syzkaller0: entered promiscuous mode
[  874.720976][T13528] syzkaller0: entered allmulticast mode
[  874.787496][T13528] tipc: Resetting bearer <eth:syzkaller0>
[  874.838239][T10816] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  874.888169][T13527] tipc: Resetting bearer <eth:syzkaller0>
[  874.941555][T13527] tipc: Disabling bearer <eth:syzkaller0>
[  874.999317][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  875.006913][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  875.012334][T13531] fuse: Bad value for 'fd'
[  875.119875][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  875.127511][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  876.071317][T13544] loop7: detected capacity change from 0 to 1024
[  876.217348][T13549] loop2: detected capacity change from 0 to 256
[  876.302354][  T152] hfsplus: b-tree write err: -5, ino 4
[  876.668714][T13553] 8021q: adding VLAN 0 to HW filter on device macvlan6
[  876.798902][T13553] 8021q: adding VLAN 0 to HW filter on device macvlan7
[  876.948175][T13558] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  876.995757][T13558] syzkaller0: entered promiscuous mode
[  877.001430][T13558] syzkaller0: entered allmulticast mode
[  877.086038][T13558] tipc: Resetting bearer <eth:syzkaller0>
[  877.137464][T13557] tipc: Resetting bearer <eth:syzkaller0>
[  877.255080][T13557] tipc: Disabling bearer <eth:syzkaller0>
[  877.422095][T13449] 8021q: adding VLAN 0 to HW filter on device batadv0
[  879.222558][T13399] veth0_vlan: entered promiscuous mode
[  879.333254][T13399] veth1_vlan: entered promiscuous mode
[  879.344716][T13577] loop7: detected capacity change from 0 to 1024
[  879.442123][T13584] team_slave_0: entered promiscuous mode
[  879.448167][T13584] team_slave_1: entered promiscuous mode
[  879.458277][T13584] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  879.579824][T13586] loop2: detected capacity change from 0 to 256
[  879.621619][T13399] veth0_macvtap: entered promiscuous mode
[  879.666447][T13587] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  879.695069][T13399] veth1_macvtap: entered promiscuous mode
[  879.868860][T13399] batman_adv: batadv0: Interface activated: batadv_slave_0
[  880.052986][  T152] hfsplus: b-tree write err: -5, ino 4
[  880.221817][T13399] batman_adv: batadv0: Interface activated: batadv_slave_1
[  880.646435][T13449] veth0_vlan: entered promiscuous mode
[  880.733390][ T3777] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  880.749687][T13449] veth1_vlan: entered promiscuous mode
[  880.787353][ T3777] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  880.838066][ T3777] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  880.886484][ T3777] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  881.004802][T13449] veth0_macvtap: entered promiscuous mode
[  881.084672][T13449] veth1_macvtap: entered promiscuous mode
[  881.105567][T13595] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  881.114650][T13595] syzkaller0: entered promiscuous mode
[  881.120207][T13595] syzkaller0: entered allmulticast mode
[  881.261755][T13595] tipc: Resetting bearer <eth:syzkaller0>
[  881.296060][T13449] batman_adv: batadv0: Interface activated: batadv_slave_0
[  881.345849][T13449] batman_adv: batadv0: Interface activated: batadv_slave_1
[  881.416984][ T3777] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  881.484549][ T3777] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  881.548181][T13594] tipc: Resetting bearer <eth:syzkaller0>
[  881.577361][T13594] tipc: Disabling bearer <eth:syzkaller0>
[  881.862548][   T12] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  881.909947][   T12] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  883.091176][T13606] loop7: detected capacity change from 0 to 4096
[  883.316051][   T11] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  883.536196][   T11] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  883.547484][   T11] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  883.557596][   T11] usb 7-1: New USB device found, idVendor=056a, idProduct=0307, bcdDevice= 0.00
[  883.566929][   T11] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  883.683066][   T11] usb 7-1: config 0 descriptor??
[  884.350723][   T11] usb 7-1: USB disconnect, device number 4
[  884.576826][T13625] loop2: detected capacity change from 0 to 256
[  884.695718][T13627] loop7: detected capacity change from 0 to 1024
[  884.905469][ T4404] hfsplus: b-tree write err: -5, ino 4
[  885.588837][T13639] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  887.423465][T13658] loop2: detected capacity change from 0 to 64
[  888.551886][T13666] loop6: detected capacity change from 0 to 512
[  888.869497][T13666] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  888.900103][ T3777] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  888.908429][ T3777] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  888.983556][ T3796] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  888.992015][ T3796] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  889.466789][T10816] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  890.606188][T13681] syzkaller0: entered promiscuous mode
[  890.611913][T13681] syzkaller0: entered allmulticast mode
[  891.268673][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  891.276866][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  891.367956][ T1027] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  891.376163][ T1027] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  894.351363][T13706] loop8: detected capacity change from 0 to 256
[  894.394025][T13702] loop6: detected capacity change from 0 to 512
[  894.590076][T13702] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  895.584380][T10816] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  896.399764][T13730] tipc: Started in network mode
[  896.405070][T13730] tipc: Node identity 26708564e0b2, cluster identity 4711
[  896.412908][T13730] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  896.508239][T13733] syzkaller0: entered promiscuous mode
[  896.514394][T13733] syzkaller0: entered allmulticast mode
[  896.675611][T13730] tipc: Resetting bearer <eth:syzkaller0>
[  896.769596][T13726] tipc: Resetting bearer <eth:syzkaller0>
[  896.826515][T13726] tipc: Disabling bearer <eth:syzkaller0>
[  897.334724][T13741] loop7: detected capacity change from 0 to 256
[  900.252069][T13779] loop6: detected capacity change from 0 to 64
[  900.796738][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  900.803361][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  900.812597][T13781] loop8: detected capacity change from 0 to 256
[  901.068929][T13785] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  901.165976][T13785] syzkaller0: entered promiscuous mode
[  901.171785][T13785] syzkaller0: entered allmulticast mode
[  901.220276][T13784] tipc: Resetting bearer <eth:syzkaller0>
[  901.295689][T13782] tipc: Resetting bearer <eth:syzkaller0>
[  901.351434][T13782] tipc: Disabling bearer <eth:syzkaller0>
[  901.851306][   T11] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  902.304803][   T11] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  903.365937][ T1027] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  903.631618][ T1027] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  904.640644][ T1027] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  904.883102][ T1027] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  905.544296][ T1027] bridge_slave_1: left allmulticast mode
[  905.550373][ T1027] bridge_slave_1: left promiscuous mode
[  905.558027][ T1027] bridge0: port 2(bridge_slave_1) entered disabled state
[  905.668590][ T1027] bridge_slave_0: left allmulticast mode
[  905.675237][ T1027] bridge_slave_0: left promiscuous mode
[  905.681670][ T1027] bridge0: port 1(bridge_slave_0) entered disabled state
[  906.496303][ T1027] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  906.517274][ T1027] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  906.583719][ T1027] bond0 (unregistering): Released all slaves
[  906.785099][T13840] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  906.861227][T13837] tipc: Resetting bearer <eth:syzkaller0>
[  907.304110][ T1027] hsr_slave_0: left promiscuous mode
[  907.324368][ T1027] hsr_slave_1: left promiscuous mode
[  907.332503][ T1027] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  907.340375][ T1027] batman_adv: batadv0: Removing interface: batadv_slave_0
[  907.394525][ T1027] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  907.402094][ T1027] batman_adv: batadv0: Removing interface: batadv_slave_1
[  907.463032][ T1027] veth1_macvtap: left promiscuous mode
[  907.469174][ T1027] veth0_macvtap: left promiscuous mode
[  907.476942][ T1027] veth1_vlan: left promiscuous mode
[  907.482431][ T1027] veth0_vlan: left promiscuous mode
[  908.255126][ T1027] team0 (unregistering): Port device team_slave_1 removed
[  908.280683][ T1027] team0 (unregistering): Port device team_slave_0 removed
[  908.540172][T13852] fuse: Bad value for 'fd'
[  908.585645][T13836] tipc: Disabling bearer <eth:syzkaller0>
[  908.748291][   T11] tipc: Node number set to 3334636900
[  910.771635][T13874] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2885'.
[  910.986149][T13879] fuse: Bad value for 'fd'
[  911.450734][T13886] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  911.514937][T13885] syzkaller0: entered promiscuous mode
[  911.520597][T13885] syzkaller0: entered allmulticast mode
[  911.591130][T13885] tipc: Resetting bearer <eth:syzkaller0>
[  911.602019][T13884] tipc: Resetting bearer <eth:syzkaller0>
[  911.619581][T13884] tipc: Disabling bearer <eth:syzkaller0>
[  913.202434][T13905] loop4: detected capacity change from 0 to 64
[  913.505547][T13872] loop7: detected capacity change from 0 to 32768
[  913.864254][T13913] fuse: Bad value for 'fd'
[  915.685686][T13924] tipc: Started in network mode
[  915.690808][T13924] tipc: Node identity 829422dacdf9, cluster identity 4711
[  915.698940][T13924] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  915.792517][T13927] syzkaller0: entered promiscuous mode
[  915.798377][T13927] syzkaller0: entered allmulticast mode
[  915.937105][T13926] tipc: Resetting bearer <eth:syzkaller0>
[  916.783540][T13921] tipc: Resetting bearer <eth:syzkaller0>
[  916.815210][T13921] tipc: Disabling bearer <eth:syzkaller0>
[  916.850519][T10540] tipc: Node number set to 1332552410
[  917.243221][T13939] netlink: 360 bytes leftover after parsing attributes in process `syz.2.2906'.
[  917.427425][T13944] loop7: detected capacity change from 0 to 1024
[  917.738418][   T54] hfsplus: b-tree write err: -5, ino 4
[  920.042330][T13978] loop8: detected capacity change from 0 to 1024
[  920.166561][ T1088] hfsplus: b-tree write err: -5, ino 4
[  922.048540][T14005] loop2: detected capacity change from 0 to 16
[  922.111271][T14005] erofs (device loop2): mounted with root inode @ nid 36.
[  923.180684][T14033] loop8: detected capacity change from 0 to 1024
[  923.891136][ T4204] hfsplus: b-tree write err: -5, ino 4
[  924.126583][T14044] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2949'.
[  924.672425][T14058] loop4: detected capacity change from 0 to 8
[  925.009684][ T5814] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  925.019759][ T5814] CPU: 0 UID: 0 PID: 5814 Comm: kworker/u9:3 Tainted: G        W    L      syzkaller #0 PREEMPT(none) 
[  925.019942][ T5814] Tainted: [W]=WARN, [L]=SOFTLOCKUP
[  925.019995][ T5814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  925.020096][ T5814] Workqueue: hci2 hci_rx_work
[  925.020283][ T5814] Call Trace:
[  925.020330][ T5814]  <TASK>
[  925.020375][ T5814]  __dump_stack+0x26/0x30
[  925.020529][ T5814]  dump_stack_lvl+0x14c/0x1c0
[  925.020679][ T5814]  dump_stack+0x1e/0x25
[  925.020812][ T5814]  sysfs_create_dir_ns+0x46c/0x540
[  925.021000][ T5814]  kobject_add_internal+0xf0f/0x1870
[  925.021171][ T5814]  kobject_add+0x2c1/0x410
[  925.021324][ T5814]  ? kmsan_get_metadata+0xfb/0x160
[  925.021498][ T5814]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  925.021680][ T5814]  device_add+0xa70/0x1c10
[  925.021845][ T5814]  hci_conn_add_sysfs+0x15f/0x2f0
[  925.022010][ T5814]  le_conn_complete_evt+0x1d03/0x2240
[  925.022188][ T5814]  hci_le_conn_complete_evt+0x157/0x260
[  925.022403][ T5814]  hci_le_meta_evt+0x6eb/0x960
[  925.022582][ T5814]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  925.022795][ T5814]  hci_event_packet+0xce2/0x1e40
[  925.022954][ T5814]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  925.023183][ T5814]  hci_rx_work+0x8c3/0xfc0
[  925.023358][ T5814]  ? kmsan_get_metadata+0xfb/0x160
[  925.023535][ T5814]  ? __pfx_hci_rx_work+0x10/0x10
[  925.023704][ T5814]  process_scheduled_works+0xb91/0x1d80
[  925.023931][ T5814]  worker_thread+0xedf/0x1590
[  925.024086][ T5814]  kthread+0xd5c/0xf00
[  925.024222][ T5814]  ? __pfx_worker_thread+0x10/0x10
[  925.024372][ T5814]  ? __pfx_kthread+0x10/0x10
[  925.024509][ T5814]  ret_from_fork+0x208/0x710
[  925.024680][ T5814]  ? __switch_to+0x53d/0x790
[  925.024829][ T5814]  ? __pfx_kthread+0x10/0x10
[  925.024966][ T5814]  ret_from_fork_asm+0x1a/0x30
[  925.025164][ T5814]  </TASK>
[  925.210580][ T5814] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  925.226507][ T5814] Bluetooth: hci2: failed to register connection device
[  925.473764][    C1] hrtimer: interrupt took 329538 ns
[  926.638788][T14047] loop6: detected capacity change from 0 to 32768
[  926.971274][   T11] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[  927.211869][   T11] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  927.224360][   T11] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  927.236028][   T11] usb 8-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  927.402119][   T11] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  927.412182][   T11] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  927.420644][   T11] usb 8-1: SerialNumber: syz
[  927.817576][T14098] ERROR: (device loop6): dtSearch: stack overrun!
[  927.817576][T14098] 
[  927.827776][T14098] ERROR: (device loop6): remounting filesystem as read-only
[  927.835580][T14098] btstack dump:
[  927.839149][T14098] bn = 0, index = 0
[  927.843071][T14098] bn = 72c, index = 96
[  927.847444][T14098] bn = 0, index = 0
[  927.851367][T14098] bn = 72c, index = 96
[  927.855735][T14098] bn = 0, index = 0
[  927.859655][T14098] bn = 72c, index = 96
[  927.867053][T14098] bn = 0, index = 0
[  927.870996][T14098] =====================================================
[  927.879244][T14098] BUG: KMSAN: uninit-value in BT_STACK_DUMP+0x5e5/0x600
[  927.886427][T14098]  BT_STACK_DUMP+0x5e5/0x600
[  927.891258][T14098]  dtSearch+0x393f/0x3d30
[  927.895813][T14098]  jfs_symlink+0x913/0x1f10
[  927.900481][T14098]  vfs_symlink+0x42f/0x4c0
[  927.905134][T14098]  do_symlinkat+0x2ae/0xbb0
[  927.909788][T14098]  __x64_sys_symlink+0xcf/0x140
[  927.914884][T14098]  x64_sys_call+0x2c72/0x3e70
[  927.923083][T14098]  do_syscall_64+0xd3/0xf80
[  927.927976][T14098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  927.934113][T14098] 
[  927.936496][T14098] Local variable btstack created at:
[  927.941936][T14098]  jfs_symlink+0x9f/0x1f10
[  927.946587][T14098]  vfs_symlink+0x42f/0x4c0
[  927.951163][T14098] 
[  927.953652][T14098] CPU: 1 UID: 0 PID: 14098 Comm: syz.6.2951 Tainted: G        W    L      syzkaller #0 PREEMPT(none) 
[  927.968766][T14098] Tainted: [W]=WARN, [L]=SOFTLOCKUP
[  927.975111][T14098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  927.985390][T14098] =====================================================
[  927.992417][T14098] Disabling lock debugging due to kernel taint
[  927.998761][T14098] Kernel panic - not syncing: kmsan.panic set ...
[  928.005307][T14098] CPU: 1 UID: 0 PID: 14098 Comm: syz.6.2951 Tainted: G    B   W    L      syzkaller #0 PREEMPT(none) 
[  928.016449][T14098] Tainted: [B]=BAD_PAGE, [W]=WARN, [L]=SOFTLOCKUP
[  928.022947][T14098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  928.033103][T14098] Call Trace:
[  928.036455][T14098]  <TASK>
[  928.039462][T14098]  __dump_stack+0x26/0x30
[  928.044051][T14098]  dump_stack_lvl+0x50/0x1c0
[  928.048807][T14098]  ? dump_stack+0x12/0x25
[  928.053288][T14098]  dump_stack+0x1e/0x25
[  928.057587][T14098]  vpanic+0x435/0xd30
[  928.061749][T14098]  panic+0x15d/0x160
[  928.065842][T14098]  kmsan_report+0x31c/0x320
[  928.070528][T14098]  ? __msan_warning+0x1b/0x30
[  928.075360][T14098]  ? BT_STACK_DUMP+0x5e5/0x600
[  928.080282][T14098]  ? dtSearch+0x393f/0x3d30
[  928.084945][T14098]  ? jfs_symlink+0x913/0x1f10
[  928.089788][T14098]  ? vfs_symlink+0x42f/0x4c0
[  928.094537][T14098]  ? do_symlinkat+0x2ae/0xbb0
[  928.099383][T14098]  ? __x64_sys_symlink+0xcf/0x140
[  928.104570][T14098]  ? x64_sys_call+0x2c72/0x3e70
[  928.109596][T14098]  ? do_syscall_64+0xd3/0xf80
[  928.114447][T14098]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.120663][T14098]  ? vprintk_emit+0xb5e/0xb70
[  928.125509][T14098]  ? vprintk_default+0x3f/0x50
[  928.130443][T14098]  ? vprintk+0x36/0x50
[  928.134639][T14098]  ? _printk+0x17e/0x1b0
[  928.139078][T14098]  ? kmsan_get_metadata+0xfb/0x160
[  928.144381][T14098]  __msan_warning+0x1b/0x30
[  928.149039][T14098]  BT_STACK_DUMP+0x5e5/0x600
[  928.153799][T14098]  dtSearch+0x393f/0x3d30
[  928.158322][T14098]  ? folio_unlock+0x1e1/0x250
[  928.163220][T14098]  jfs_symlink+0x913/0x1f10
[  928.167956][T14098]  ? inode_permission+0x4a3/0x8c0
[  928.173163][T14098]  ? try_to_merge_one_page+0x1bb0/0x2700
[  928.178944][T14098]  ? kmsan_get_metadata+0xfb/0x160
[  928.184325][T14098]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  928.190318][T14098]  ? __pfx_jfs_symlink+0x10/0x10
[  928.195435][T14098]  vfs_symlink+0x42f/0x4c0
[  928.200038][T14098]  do_symlinkat+0x2ae/0xbb0
[  928.204733][T14098]  __x64_sys_symlink+0xcf/0x140
[  928.209764][T14098]  x64_sys_call+0x2c72/0x3e70
[  928.214620][T14098]  do_syscall_64+0xd3/0xf80
[  928.219289][T14098]  ? clear_bhb_loop+0x40/0x90
[  928.224110][T14098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.230148][T14098] RIP: 0033:0x7f8f2af8f749
[  928.234838][T14098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  928.254679][T14098] RSP: 002b:00007f8f28df4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  928.263335][T14098] RAX: ffffffffffffffda RBX: 00007f8f2b1e6270 RCX: 00007f8f2af8f749
[  928.271425][T14098] RDX: 0000000000000000 RSI: 0000200000000e40 RDI: 0000200000001640
[  928.279503][T14098] RBP: 00007f8f2b013f91 R08: 0000000000000000 R09: 0000000000000000
[  928.287589][T14098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  928.295755][T14098] R13: 00007f8f2b1e6308 R14: 00007f8f2b1e6270 R15: 00007fff5b7b26c8
[  928.303961][T14098]  </TASK>
[  928.307424][T14098] Kernel Offset: disabled
[  928.311890][T14098] Rebooting in 86400 seconds..