last executing test programs:

28.905077985s ago: executing program 2 (id=337):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r9}, &(0x7f0000000000), &(0x7f0000000080)=r6}, 0x20)
recvmsg$unix(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x12)
sendmsg$inet(r8, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESOCT=r0])
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40186f40, &(0x7f0000000440)=0x20000)

27.809170761s ago: executing program 2 (id=341):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x8, 0xf, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="80000000", @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="6100330080000000ffffffffffff080211000000505050505050"], 0x80}}, 0x0)

27.627331868s ago: executing program 2 (id=344):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r1, 0x0, 0x0)

27.289126234s ago: executing program 2 (id=346):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000002c0)={[{@noauto_da_alloc}, {@jqfmt_vfsold}, {@noquota}, {@norecovery}, {}]}, 0x1, 0x4be, &(0x7f0000000540)="$eJzs3ctrW1caAPBPUvyMZ/KYYUgyMAlkIPMglh8MsWdmM6uZWQSGCXTTQuraiutatowlp7EJ1Gl3WXRRWlooXXRZ6D/QbppVQ6F03e5LFiWlTV1oCwUVXUmO/JArGjsC398PbnTuOTf6zrH4jq+OrnUDSK1ztX8yEUMR8UlEHKvvbj3gXP1h48HN6dqWiWr1yleZ5LjafvPQ5v87GhHrEdEfEf//d8QzmZ1xy6tr81PFYmG5sZ+vLCzly6trF+cWpmYLs4XF0YlLk5MTI+Njk/s21tsvP3f78vv/7X33u5fu333lww9q3RpqtLWOYz/Vh94TJ1rqjkTEPw8iWBfkGuMZ6HZH+EVqr99vIuJ8kv/HIpe8mkAaVKvV6o/VvnbN61Xg0Mom58CZ7HBE1MvZ7PBw/Rz+tzGYLZbKlb9eK60sztTPlY9HT/baXLEw0nivcDx6MrX90aT8cH9s2/54RHIO/GpuINkfni4VZx7vVAdsc3Rb/n+bq+c/kBLe8kN6yX9IL/kP6SX/Ib3kP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q+p9L/Ll2tbtfn37zPXV1fmS9cvzhTK88MLK9PD06XlGJ4t9b3X2fMVS6Wl0b/Fyo18pVCu5Mura1cXSiuLlatzC1OzvVHoOeDxAJ07cfbOZ5mIWP/7QLLV9Dba5CocbtUX6t8BAKRPrtsTENA1lv4gvbzHB3b5it4t+ts1LD1S1J8LCxygbLc7AHTNhdM+/4O0sv4P6WX9H9Jr6zm+swFIo+6s/wPdZP0f0muo5f4/mZb7f/2q5d5dIxHx64j4NNfT17zXF3AYZL/INHL/wrE/Dm1v7c18nywK9EbE829eef3GVKWyPFqr/3qzvvJGvb63G90HOpbk71jj0S9yAEi1jQc3p5vbZuXxg4/75b/qFyHsjH+ksTbZn3xGObiR2XKtQmafrl1YvxURp3aLn2nc77z+ycfgRm5H/JONx0z9KZL+Hknum/4o8e+902n80y3x/9AS/8wj/1QgHe7U5p+R3fI/m+R0bObf1vlnaJ+uj24//2U3579cm/nvbIcxnn3rxXtt49+KOLNr/Ga8/iTW9vi1vl3oMP79p574Xbu26tv159ktflOtlK8sLOXLq2sX5xamZguzhcXRiUuTkxMj42OT+WSNOt9cqd7pH6c+vrvX+AfbxN9r/LW6P3c4/h9+/9GT5/aI/6fzu7/+J/eIPxARf+kw/jdjnz/drq0Wf6bN+LPb47cs8NXqxjuMX37tP30dHgoAPAbl1bX5qWKxsKygoKCwWej2zAQctIdJ3+2eAAAAAAAAAAAAAJ16HJcTd3uMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHwU8BAAD//zAx0oQ=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})
chdir(&(0x7f0000000240)='./file0\x00')
unlink(&(0x7f0000000040)='./file2\x00')

26.825602805s ago: executing program 2 (id=351):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x8000, 0xc5f7, @value})
r0 = add_key$user(&(0x7f0000000200), &(0x7f00000002c0)={'syz', 0x2}, &(0x7f0000000480)='\x00\x00', 0x2, 0xffffffffffffffff)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/80, 0x50, 0x0)

25.908979432s ago: executing program 2 (id=355):
r0 = syz_open_dev$hidraw(&(0x7f0000002300), 0x1, 0x14a042)
r1 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e20, 0x2000000, @ipv4={'\x00', '\xff\xff', @loopback}, 0xb851}, 0x1c)
ioctl$HIDIOCGRDESC(r0, 0x4030582a, &(0x7f0000000200))
r2 = io_uring_setup(0x53e6, &(0x7f0000000000)={0x0, 0xa101, 0x40, 0x1, 0x3d4})
io_uring_setup(0x5f41, &(0x7f00000000c0)={0x0, 0xfcdc, 0x2010, 0x0, 0x17a, 0x0, r2})
r3 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="1800000024000103000000000000000001008c000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r5, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/4082, 0xff2}], 0x1}, 0x5}], 0x40000000000000d, 0x2000, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
geteuid()
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004200)={0x50, 0x0, 0x0, {0x7, 0x24, 0x0, 0x400040, 0x0, 0x800, 0x11, 0x0, 0x0, 0x0, 0x0, 0x7f6}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x90, 0x0, 0x7, {0x5, 0x0, 0x2, 0x800000000000000, 0x4000081, 0x0, {0x1, 0x80000000000041a2, 0x40000000, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x8000, 0x4000000, 0x0, 0x0, 0x0, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7fe, 0xf83, 0x8}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$incfs(0xffffffffffffffff, 0x0, 0x200, 0x181)
syz_open_procfs$userns(0x0, &(0x7f0000028d00))
ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000300)=0xd0)

25.510070849s ago: executing program 32 (id=355):
r0 = syz_open_dev$hidraw(&(0x7f0000002300), 0x1, 0x14a042)
r1 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e20, 0x2000000, @ipv4={'\x00', '\xff\xff', @loopback}, 0xb851}, 0x1c)
ioctl$HIDIOCGRDESC(r0, 0x4030582a, &(0x7f0000000200))
r2 = io_uring_setup(0x53e6, &(0x7f0000000000)={0x0, 0xa101, 0x40, 0x1, 0x3d4})
io_uring_setup(0x5f41, &(0x7f00000000c0)={0x0, 0xfcdc, 0x2010, 0x0, 0x17a, 0x0, r2})
r3 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="1800000024000103000000000000000001008c000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r5, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/4082, 0xff2}], 0x1}, 0x5}], 0x40000000000000d, 0x2000, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
geteuid()
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004200)={0x50, 0x0, 0x0, {0x7, 0x24, 0x0, 0x400040, 0x0, 0x800, 0x11, 0x0, 0x0, 0x0, 0x0, 0x7f6}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x90, 0x0, 0x7, {0x5, 0x0, 0x2, 0x800000000000000, 0x4000081, 0x0, {0x1, 0x80000000000041a2, 0x40000000, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x8000, 0x4000000, 0x0, 0x0, 0x0, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7fe, 0xf83, 0x8}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$incfs(0xffffffffffffffff, 0x0, 0x200, 0x181)
syz_open_procfs$userns(0x0, &(0x7f0000028d00))
ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000300)=0xd0)

7.57837421s ago: executing program 3 (id=420):
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$dsp(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
recvmsg$unix(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x12)
sendmsg$inet(r6, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

6.812498206s ago: executing program 1 (id=423):
r0 = socket$inet6(0xa, 0x3, 0x6)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000580)={0x0, <r1=>0x0, <r2=>0x0}, &(0x7f00000005c0)=0xc)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x40, &(0x7f00000004c0)=ANY=[@ANYBLOB='nobarrier,gid=', @ANYRESHEX=r2, @ANYBLOB="2c63726561746f723dbd3d66f12c63726561746f723d64eb8ba92c6e6f6465636f6d706f73652c756d61736b3d3030303030303030303030303030303030303030303032000000003d", @ANYRESHEX=r1, @ANYRESOCT], 0x3, 0x6a4, &(0x7f0000001b40)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=")
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r3, &(0x7f00000000c0)='./file1\x00', 0x0)

6.482539201s ago: executing program 1 (id=425):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x3000046, &(0x7f0000000280)={[{@resgid}, {@grpjquota}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}, {@errors_remount}, {@nobh}, {@usrquota}, {@stripe={'stripe', 0x3d, 0x624}}]}, 0x1, 0x56c, &(0x7f0000001a00)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLqMJh1rHbhduBtvZAgiDsR7vfdy+A/4Vwx0MHQUvfCmctKTLmuTJttiUs3nA6e87zknfc+bc543z5uTkACG1kT2pxDxfER8kUQcjogk3zYa+caJjf3WHl6fzZYk1tc//C2p75fVG/+r8biDeeW5iPjps4iThe3tVldWF0rlcrqU1ydri1cmqyurpy4tlubT+fTy9MzMmddnpt96842e9fWV839+/cHdd898fnztqx/uH7mdxNk4lG9r7sczuNFcmYiJ/DkZi7NbdpzqQWO7STLoA+CpjORxPhbZGHA4RvKoB/77Po2IdWBIJeIfhlQjD2jM7XeeB/+/T1lJ/zx4Z2MCtL3/oxvvjcS++tzowFry2Mwom++O96D9rI0ff71zO1uid+9DAHR042ZEnB4d3T7+Jfn4t4MOb/qdbr16X3NlaxvGP+ifu1n+82qr/KdQj83f83Ddmv8cbBG7T6Nz/Bfu96CZtrL87+2W+e/mTavxkbz2v3rON5ZcvFROT+fZ8IkY25vVd7qfc2bt3nq7bc35X7Zk7Tdywfw47o/uffwxc6Va6Vn63OzBzYgXWua/yWb+m7Q4/9nzcb7LNo6ld15qt61z//9Z699FvNzy/D96cUt2vj85Wb8eJhtXxXZ/3Dr2c7v2B93/7Pwf2Ln/40nz/drqk7fx7b6/0nbbHut/dH/970k+qpf35OuulWq1pamIPcn729dPP3pso97YP+v/iePtx7921//+iPi4y/7fOvr9i131f0Dnf+6Jzv+TF+6998k37drvbvx7rV46ka/pZvzr9gCf5bkDAAAAAACA3aYQEYciKRQ3y4VCsbjx+Y6jcaBQrlRrJy9Wli/PRf27suMxVmjc6T7c9HmIqfzzsI369Jb6TEQciYgvR/bX68XZSnlu0J0HAAAAAAAAAAAAAAAAAACAXeJg/Tv/I5v1xvf/M7+MDO64gD7xk98wvDrGfy9+6QnYlbz+w/AS/zC8xD8ML/EPw0v8w/AS/zC8uoj/Qj+OA+g/r/8AAAAAAAAAAAAAAAAAAAAAAAAAAADQU+fPncuW9bWH12ez+tzVleWFytVTc2l1obi4PFucrSxdKc5XKvPltDhbWez0/8qVypWp6Vi+NllLq7XJ6srqhcXK8uXahUuLpfn0QjrWl14BAAAAAAAAAAAAAAAAAADAv0t1ZXWhVC6nSwoKT1UY3R2HodDjwqBHJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB45O8AAAD//8A2OIo=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0x101042, 0x100)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
ftruncate(r0, 0x0)
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000080)=0x7)

6.11546386s ago: executing program 3 (id=426):
r0 = gettid()
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000000080)=[{{0x0, 0x63, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x2000, 0x0)
rt_sigqueueinfo(r0, 0x21, &(0x7f0000002d00)={0x0, 0x0, 0xffffffff})
readv(r1, &(0x7f0000001200)=[{&(0x7f0000000000)=""/126, 0x7e}], 0x1)

5.491337088s ago: executing program 3 (id=429):
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'\x00', 0x202})
recvmmsg(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x0, 0x0)

5.273176175s ago: executing program 1 (id=430):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x84, r1, 0x5, 0x0, 0x3, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x4e, 0xe, {{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x4}}, 0x0, @random=0x1a8, 0x1, @void, @void, @void, @val={0x4, 0x6, {0x3, 0x7, 0x7f, 0xfc}}, @void, @val={0x5, 0x3, {0x0, 0x0, 0x8}}, @val={0x25, 0x3, {0x0, 0x24, 0x4}}, @val={0x2a, 0x1, {0x1}}, @void, @void, @void, @val={0x71, 0x7, {0x0, 0x0, 0x0, 0x1, 0x1, 0x6, 0x9}}, @val={0x76, 0x6, {0x9, 0x2, 0xff7f, 0xe9}}}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x8}]}, 0x84}}, 0x0)

5.258806394s ago: executing program 0 (id=432):
r0 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0x78)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socket$kcm(0x29, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "08004e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r2, 0x5423, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000540)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000180)=0x3)
ioctl$TIOCSTI(r4, 0x5412, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x7e)
close_range(r3, 0xffffffffffffffff, 0x0)

5.124675846s ago: executing program 3 (id=433):
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='smaps\x00')
r1 = fanotify_init(0x8, 0x0)
fanotify_mark(r1, 0x1, 0x40000011, r0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='ns\x00')
getdents64(r2, 0x0, 0x0)

4.19681914s ago: executing program 1 (id=435):
syz_mount_image$xfs(&(0x7f0000000000), &(0x7f0000009640)='./file0\x00', 0x200800, &(0x7f0000000240)={[{@inode64}, {}, {@dax_never}, {@nolazytime}, {@prjquota}]}, 0x1, 0x9644, &(0x7f0000012cc0)="$eJzs2gnYpnPBuP/7Gca+jKGSUlMRLbJmiWpmMEMhWaIdWVKWkgptWqRQEdGefctWllC2VpK9hRJCJUukxTbM/3hmnmGMk7d+vf/DW+d5HsdzL9d9Xdfzvb+fa3mmbD5p44mDwVyD6Y0bzNp5106eMubqDe44aquFjl3+1HsOePSKS4wfeZ4w8jxxMBiMGvl4aPqysYPTTh81mH3a8kead+55huYfDFYYeTuyn8Eq05/mv2LGelNnadaBDj3ysM/0n2ktOPwrhl8cfsBeRwwGgzEzbT80GAzt+ZgvKm3zCZMnPWL1sNuw1eiR1zP/zDH9Z/6LB4P5zxzw8THzukNPwlca/p17vvDc0Rs8Cb/7P67NJ0xedxb/4XNxtpFlqwyf47Oeg8ZmPc5vW3KL1UamcNrxNhgMX+Ieda78R7T5hEnrDR7/Oj84avUL95k6/bo552D6jWLuwWAwz8j1db4n26X+vSZMXHHaPXvG+xH2GcfynnRcnPCWkx8avkkPBoOFB4Ox68y4F1RVVdV/RhMmrrgm3P/neqL7/ymnLHZm9/+qqqr/3NadMHHF4Xv9LPf/+Z7o/r/LYhd9bPr/9j9+lelbPfTkfomqqqr6l5q0Lt7/xzzR/X+VNS9br/t/VVXVf24brT/t/j/fLPf/RZ7o/v/Gk1dffGS9GX83PDjTLodm+v8THphp+WwzLb9/puWjZ9rPzOvPMdPye2daPufwZ7D+uMFg7Iz/XnDKI4vHjhv+bGT5fTMtH//If6ezxFozLZ8w0/JJMy2fODLW4eWTZ1o+eab113mCqa6qqvo/00YrTlpzMNN/Zz+yeNEZn9P9/4KzrlvmyRpvVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV/Wf20B1nnzsYDIYGg8GowWDKYOT1zM+DqVOnTh1+f8r5l1/+pA30/0ZD5107ecqYqze446itFjp2+VPvOeCRWfqP7T//G9S/07D/XMePGwx22vTJHko9CXX+u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7iH7jj73JFjYNRgMGUw8nrPGc9n7f+GN42sutpmp9518CNbLjF++5FX5107ecr2T8LYn4SGhr/rmKs3uOOorRY6dvlT7zngv+Ds+c//BvXvNM1/+6HBYOT8HjN8Lm8wYaNNlh4MBgffdepmKw8e/mzV4c9WHzvbYLZpmy497XHtJXjHe64z/Xn88MMiD+/jlGn7X3fqYbMNzTKImXr5eTce9fbN71lp1uelHv97jJrx4ojrz7h76tSpUx+1cKS5HmfjGfuf8V1mPc9Hxr708NiX3XXHdy37nt33WGb7Hbfcbpvtttlp+RVXXWnlFZZfebWXLrvt9jtss9z0x8eZs3HTHtf8Z+Zsvlnn7I4JM8/ZrN/t8eZs3BPP2bQ9TtljaJMZczb7vzhnaz7xnI3bfuQXLTF+9GCLaVMzNBgssdbowW7Db5afczBYYu2RdRcdXneNsaMGg/0f+aLDr+Z8+Bgc2nN4nc0nbTzxkZE99hs+5jr9qBWXGD/yPGHkeeL0IY4bPHIojh2cdvqo4bl41DTPO/c8Q/MPBiuMvB3Zz2C1kU8PnbHe1FmadaBDjzzsM/1nWgsO72T4xTuWO/ua4XNxlu3//+j/6fr/GK9Vhx6eqKGRn5F1pntNmLzuI79r2jQMz91sI8tWGTaZdc7+N3vMeMfNPhjzBOOdtO7EFYcXzzL/MzbB4+vOJS/8wPRja/wq07d66P8ZhcY73xOMd90JON75nmi8x3/w0tOn7+p/bbyzXOvWm/Y4/p+51g2e+Fo3G+1gm0sWn/Va9+rHH+KjzuMZczTnLCs93rVut0NW2HN4/+Of+Fq33vDYRz/qWjdqMFhizRnXuuEL36TRg/2H36ww/Gby6MGxw29WnPZm7sH5w29e8radd9h6eME6M+ZkueH9jh87NM39wlVuXWrqgVOnrjUylvFjHz3WkeNj3Mz38wljp0/mjG1n7Hd41Rn7veVp0z+bNLLfCf/CfmdsS+O9a8Hpn00e2e/EWfY7+gn2O2Pbx5wPSw89fOF6nOvNpFmuNyP/xpnx6x71M8f0n/kvHgzmP5N8Z1n3f7xm0vk71xOMd8LEFdccHt8s5+/DhyOdv5dOvnr4XjH/YDBYeDAYu86Msf+LDT3eeGd/4vFOhPHO/kTjvfK4Hdf/XxjvYKbxPuo423yj6cfKOiPH2eR/4fidse2s17HR0z6dftlf55+5jo17zHXso7ONmmWyZ+rx/mbbGtaf/nrRR/7OvfakY2bM/ehZ9vs//c0203cZguvYmFn+PT9qnRsGQzTnex6/xmVDBz3xnI8ePPrfFjPmfMa2TzTnk/+ZOX/mE8/5P/t38tLPm/756FnGP/Ocb7jfM/adMedzzLLf/2nOJz/xveOxcz5+MJrmfLn7p8/bE11PH2/OZ2w7Y86Hv+LqY2cfrD18zxqZ80n/zJwv+r9znM8D609/vc3Di8456tTXzZjzWef4f5rzSf/qnI97+DhfYtpnzx01mGOOwW5b7rrrLstPf5zxdoXpj3wtuvfa6fP8RPfSxzOase0TnRdr/TNGY/4po6H/yWix2R/P6JFT68idd3nq/+u1aK1/1WjA16Krj5k+b0/0d9HjzfmMbek+uMhM28/679CN1p/2d/d8s9wHZ2yC98Fzzlpv7xm7HNnswVmGOeO++sBMy2ebafn9My0fPdN+Zl5/jpmW3zvT8uGvMMdM689gHTf8b96R5VMeWX3s8B9P40aW3zfT8vGPbLvEWjMtnzDT8kkzLZ/4yKGxxOSZlk+eaf11Bv9iM/436e1nvcjXP1v/+6+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn9xD91x9rkjx8CowWDKYPrroZHnwZ5DG97+yuHnwWAwepUTp274ZI/3SW7ovGsnTxlz9QZ3HLXVQscuf+o9B/wXnD3/+d+g/p2m+W8/NBiMnN9jth8MBhtM2GiTpQeDwYZTT1xl1ODhzxYd/myNsaMGg/2HHrWDOR9eZ2jP4XU2n7TxxMFgrpE1xj3mlz7mPHrUikuMH3meMPI8cfr1adzgkeN17OC000cNZp+2/JHmnXueofkHgxVG3o7sZ7DK9Kf5r5ix3tRZmnWgQ4887DP9Z1oLDv+K4Re7bTf5WcNzNcv2/2eaca3eftT/uGrnv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y9/dv+bf0fLfVqLu8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/cQ/dcfa5I8fAqMFgymD666E9R54HQyef9oKRQ2T07lcdfdiTPd4nuaHzrp08ZczVG9xx1FYLHbv8qfcc8F9w9vznf4P6d5rmv/3QYDByfo/ZfjAYbDBho02WHgwGhx191e6jBg9/tujwZ2uMHTUY7D/0qB3M+fA6Q3sOr7P5pI0nDgZzjawx7jG/9DHn0aNWXGL8yPOEkeeJ069P4waPHK9jB6edPmow+7TljzTv3PMMzT8YrDDydmQ/g1WmP81/xYz1ps7SrAMdeuRhn+k/01pw+FcMv9hrvmtPHp6rWbb/P9OMa/X2o/7HVTv/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvLX9xDd5x97sgxMGowmDKY/nrUyPPQnjff9OFNhp+H3y+0zt7XPtnjfZIbOu/ayVPGXL3BHUdttdCxy596zwH/BWfPf/43qH+nYf+5jh83GOy06ZM9lHoS6vx3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/cQ/dcfa5Iy9HPbJ01J4dF9jQeddOnjLm6g3uOGqrhY5d/tR7DniyB/Tv9jj+H80fs/h/LH/M4v/x/DGL/yfyxyz+e+WPWfw/mT9m8d87f8zi/6n8MYv/p/PHLP775I9Z/PfNH7P475c/ZvH/TP6Yxf+z+WMW/8/lj1n8988fs/gfkD9m8f98/pjF/8D8MYv/QfljFv8v5I9Z/A/OH7P4H5I/ZvH/Yv6Yxf9L+WMW/y/nj1n8v5I/ZvH/av6Yxf9r+WMW/6/nj1n8v5E/ZvE/NH/M4n9Y/pjF//D8MYv/EfljFv8j88cs/kflj1n8j84fs/gfkz9m8T82f8zif1z+mMX/+Pwxi/8388cs/ifkj1n8T8wfs/iflD9m8T85f8zif0r+mMX/W/ljFv9v549Z/E/NH7P4n5Y/ZvE/PX/M4n9G/pjF/zv5Yxb/M/PHLP5n5Y9Z/M/OH7P4fzd/zOL/vfwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bx/37+mMX/B/ljFv8f5o9Z/H+UP2bx/3H+mMX/J/ljFv8L88cs/hflj1n8f5o/ZvG/OH9sJv9P/jf7/yx/zHL+X5I/ZvG/NH/M4n9Z/pjF//L8MYv/FfljFv8r88cs/lflj1n8f54/ZvH/Rf6Yxf+X+WMW/1/lj1n8r84fs/hfkz9m8f91/pjF/zf5Yxb/a/PHLP6/zR+z+F+XP2bxvz5/zOJ/Q/6Yxf93+WMW/xvzxyz+N+WPWfxvzh+z+P8+f8zi/4f8MYv/H/PHLP635I9Z/P+UP2bxvzV/zOJ/W/6Yxf/2/DGL/x35Yxb/P+ePWfzvzB+z+N+VP2bx/0v+mMX/7vwxi/9f88cs/n/LH7P4/z1/zOL/j/wxi/89+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxn5I/ZvF/MH/M4v9Q/pjFf2r+mMR/tkH+mMV/KH/M4j8qf8ziP1v+mMV/9vwxi//o/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv8F88cs/mPyxyz+C+WPWfzH5o9Z/BfOH7P4L5I/ZvF/Sv6Yxf+p+WMW/6flj1n8F80fs/g/PX/M4r9Y/pjF/xn5Yxb/Z+aPWfwXzx+z+D8rf8zi/+z8MYv/uPwxi/9z8scs/s/N/zHNPvJs8H9e/pjl/F8if8ziv2T+mMX/+fljFv+l8scs/kvnj1n8X5A/ZvF/Yf6Yxf9F+WMW/xfnj1n8l8kfs/i/JH/M4r9s/pjFf7n8MYv/8vljFv8V8scs/ivmj1n8V8ofs/i/NH/M4r9y/pjFf5X8MYv/qvljFv/V8scs/i/LH7P4r54/ZvFfI3/M4v/y/DGL/yvyxyz+r8wfs/iPzx+z+E/IH7P4T8wfs/ivmT9m8V8rf8ziv3b+mMV/Uv6YxX+yyn+2f3pNi/86Kv9/Pov/uvljFv9X5Y9Z/F+dP2bxXy9/zOK/fv6YxX+D/DGL/2vyxyz+G+aPWfxfmz9m8d8of8ziv3H+mMV/k/wxi/+m+WMW/9flj1n8N8sfs/hvnj9m8X99/pjF/w35Yxb/N+aPWfzflD9m8X9z/pjF/y35Yxb/t+aPWfy3yB+z+G+ZP2bx3yp/zOL/tvwxi//W+WMW/23yxyz+2+aPWfy3yx+z+L89f8ziv33+mMX/HfljFv935o9Z/HfIH7P475g/ZvHfKX/M4r9z/pjF/135Yxb/d+ePWfx3yR+z+L8nf8ziv2v+mMX/vfljFv/35Y9Z/N+fP2bx3y1/zOK/e/6YxX+P/DGL/wfyxyz+H8wfs/h/KH/M4v/h/DGL/0fyxyz+e+aPWfw/mj9m8f9Y/pjF/+P5Yxb/T+SPWfz3yh+z+H8yf8ziv3f+mMX/U/ljFv9P549Z/PfJH7P475s/ZvHfL3/M4v+Z/DGL/2fzxyz+n8sfs/jvnz9m8T8gf8zi//n8MYv/gfljFv+D8scs/l/IH7P4H5w/ZvE/JH/M4v/F/DGL/5fyxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+X88fs/h/I3/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/2/mj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+38scs/t/OH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/d/LHLP5n5o9Z/M/KH7P4n50/ZvH/bv6Yxf97+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOL//fwxi/8P8scs/j/MH7P4/yh/zOL/4/wxi/9P8scs/hfmj1n8L8ofs/j/NH/M4n9x/pjF/2f5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/z/PHLP6/yB+z+P8yf8zi/6v8MYv/1fljFv9r8scs/r/OH7P4/yZ/zOJ/bf6Yxf+3+WMW/+vyxyz+1+ePWfxvyB+z+P8uf8zif2P+mMX/pvwxi//N+WMW/9/nj1n8/5A/ZvH/Y/6Yxf+W/DGL/5/yxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOL/5/wxi/+d+WMW/7vyxyz+f8kfs/jfnT9m8f9r/pjF/2/5Yxb/v+ePWfz/kT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+U/LHLP4Pmv1ne/yPLP4Pmf2fIIv/1Pwxif/sg/wxi/9Q/pjFf1T+mMV/tvwxi//s+WMW/9H5Yxb/OfLHLP5z5o9Z/OfKH7P4z50/ZvGfJ3/M4j9v/pjFf778MYv//PljFv8F8scs/gvmj1n8x+SPWfwXyh+z+I/NH7P4L5w/ZvFfJH/M4v+U/DGL/1Pzxyz+T8sfs/gvmj9m8X96/pjFf7H8MYv/M/LHLP7PzB+z+C+eP2bxf1b+mMX/2fljFv9x+WMW/+fkj1n8n2v2f2jq9OAji//zzP5PkMV/ifwxi/+S+WMW/+fnj1n8l8ofs/gvnT9m8X9B/pjF/4X5Yxb/F+WPWfxfnD9m8V8mf8zi/5L8MYv/svljFv/l8scs/svnj1n8V8gfs/ivmD9m8V8pf8zi/9L8MYv/yvljFv9V8scs/qvmj1n8V8sfs/i/LH/M4r96/pjFf438MYv/y/PHLP6vyB+z+L8yf8ziPz5/zOI/IX/M4j8xf8ziv2b+mMV/rfwxi//a+WMW/0n5Yxb/yfljFv918scs/uvmj1n8X5U/ZvF/df6YxX+9/DGL//r5Yxb/DfLHLP6vyR+z+G+YP2bxf+3g8vwhi/9Gnf+YxX/j/DGL/yb5Yxb/TfPHLP6vyx+z+G+WP2bx3zx/zOL/+vwxi/8b8scs/m/MH7P4vyl/zOL/5vwxi/9b8scs/m/NH7P4b5E/ZvHfMn/M4r9V/pjF/235Yxb/rfPHLP7b5I9Z/LfNH7P4b5c/ZvF/e/6YxX/7/DGL/zvyxyz+78wfs/jvkD9m8d8xf8ziv1P+mMV/5/wxi/+78scs/u/OH7P475I/ZvF/T/6YxX/X/DGL/3vzxyz+78sfs/i/P3/M4r9b/pjFf/f8MYv/HvljFv8P5I9Z/D+YP2bx/1D+mMX/w/ljFv+P5I9Z/PfMH7P4fzR/zOL/sfwxi//H88cs/p/IH7P475U/ZvH/ZP6YxX/v/DGL/6fyxyz+n84fs/jvkz9m8d83f8ziv1/+mMX/M/ljFv/P5o9Z/D+XP2bx3z9/zOJ/QP6Yxf/z+WMW/wPzxyz+B+WPWfy/kD9m8T84f8zif0j+mMX/i/ljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP7fzB+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/b+WPWfy/nT9m8T81f8zif1r+mMX/9Pyx/07/+WZdOvsZ+WP/nf7Tm/n8/07+mMX/zPwxi/9Z+WMW/7Pzxyz+380fs/h/L3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8v58/ZvH/Qf6Yxf+H+WMW/x/lj1n8f5w/ZvH/Sf6Yxf/C/DGL/0X5Yxb/n+aPWfwvzh+z+P8sf8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bx/3n+mMX/F/ljFv9f5o9Z/H+VP2bxvzp/zOJ/Tf6Yxf/X+WMW/9/kj1n8r80fs/j/Nn/M4n9d/pjF//r8MYv/DfljFv/f5Y9Z/G/MH7P435Q/ZvG/OX/M4v/7/DGL/x/yxyz+f8wfs/jfkj9m8f9T/pjF/9b8MYv/bfljFv/b88cs/nfkj1n8/5w/ZvG/M3/M4n9X/pjF/y/5Yxb/u/PHLP5/zR+z+P8tf8zi//f8MYv/P/LHLP735I9Z/O/NH7P435c/ZvG/P3/M4v9A/pjFf0r+mMX/wfwxi/9D+WMW/6n5YxL/0YP8MYv/UP6YxX9U/pjFf7b8MYv/7PljFv/R+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/Mfkj1n8F8ofs/iPzR+z+C+cP2bxXyR/zOL/lPwxi/9T88cs/k/LH7P4L5o/ZvF/ev6YxX+x/DGL/zPyxyz+z8wfs/gvnj9m8X9W/pjF/9n5Yxb/cfljFv/n5I9Z/J+bP/bf7z9m+GH08/LH/vv9pzV6ifwxi/+S+WMW/+fnj1n8l8ofs/gvnT9m8X9B/pjF/4X5Yxb/F+WPWfxfnD9m8V8mf8zi/5L8MYv/svljFv/l8scs/svnj1n8V8gfs/ivmD9m8V8pf8zi/9L8MYv/yvljFv9V8scs/qvmj1n8V8sfs/i/LH/M4r96/pjFf438MYv/y/PHLP6vyB+z+L8yf8ziPz5/zOI/IX/M4j8xf8ziv2b+mMV/rfwxi//a+WMW/0n5Yxb/yfljFv918scs/uvmj1n8X5U/ZvF/df6YxX+9/DGL//r5Yxb/DfLHLP6vyR+z+G+YP2bxf23+mMV/o/wxi//G+WMW/03yxyz+m+aPWfxflz9m8d8sf8ziv3n+mMX/9fljFv835I9Z/N+YP2bxf1P+mMX/zfljFv+35I9Z/N+aP2bx3yJ/zOK/Zf6YxX+r/DGL/9vyxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/9vwxi//2+WMW/3fkj1n835k/ZvHfIX/M4r9j/pjFf6f8MYv/zvljFv935Y9Z/N+dP2bx3yV/zOL/nvwxi/+u+WMW//fmj1n835c/ZvF/f/6YxX+3/DGL/+75Yxb/PfLHLP4fyB+b2X/qR57s0fwv9Dj+H8wfs5z/H8ofs/h/OH/M4v+R/DGL/575Yxb/j+aPWfw/lj9m8f94/pjF/xP5Yxb/vfLHLP6fzB+z+O+dP2bx/1T+mMX/0/ljFv998scs/vvmj1n898sfs/h/Jn/M4v/Z/DGL/+fyxyz+++ePWfwPyB+z+H8+f8zif2D+mMX/oPwxi/8X8scs/gfnj1n8D8kfs/h/MX/M4v+l/DGL/5fzxyz+X8kfs/h/NX/M4v+1/DGL/9fzxyz+38gfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+b+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOL/rfwxi/+388cs/qfmj1n8T8sfs/ifnj9m8T8jf8zi/538MYv/mfljFv+z8scs/mfnj1n8v5s/ZvH/Xv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4fz9/zOL/g/wxi/8P88cs/j/KH7P4/zh/zOL/k/wxi/+F+WMW/4vyxyz+P80fs/hfnD9m8f9Z/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zi//P8MYv/L/LHLP6/zB+z+P8qf8zif3X+mMX/mvwxi/+v88cs/r/JH7P4X5s/ZvH/bf6Yxf+6/DGL//X5Yxb/G/LHLP6/yx+z+N+YP2bxvyl/zOJ/c/6Yxf/3+WMW/z/kj1n8/5g/ZvG/JX/M4v+n/DGL/635Yxb/2/LHLP63549Z/O/IH7P4/zl/zOJ/Z/6Yxf+u/DGL/1/yxyz+d+ePWfz/mj9m8f9b/pjF/+/5Yxb/f+SPWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/5T8MYv/g/ljFv+H8scs/lPzxyT+cwzyxyz+Q/ljFv9R+WMW/9nyxyz+s+ePWfxH549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8F8gfs/gvmD9m8R+TP2bxXyh/zOI/Nn/M4r9w/pjFf5H8MYv/U/LHLP5PzR+z+D8tf8ziv2j+mMX/6fljFv/F8scs/s/IH7P4PzN/zOK/eP6Yxf9Z+WMW/2fnj1n8x+WPWfyfkz9m8X9u/pjF/3n5Yxb/JfLHLP5L5o9Z/J+fP2bxXyp/zOK/dP6Yxf8F+WMW/xfmj1n8X5Q/ZvF/cf6YxX+Z/DGL/0vyxyz+y+aPWfyXyx+z+C+fP2bxXyF/zOK/Yv6YxX+l/DGL/0vzxyz+K+ePWfxXyR+z+K+aP2bxXy1/zOL/svwxi//q+WMW/zXyxyz+L88fs/i/In/M4v/K/DGL//j8MYv/hPwxi//E/DGL/5r5Yxb/tfLHLP5r549Z/Cflj1n8J+ePWfzXyR+z+K+bP2bxf1X+mMX/1fljFv/18scs/uvnj1n8N8gfs/i/Jn/M4r9h/pjF/7X5Yxb/jfLHLP4b549Z/DfJH7P4b5o/ZvF/Xf6YxX+z/DGL/+b5Yxb/1+ePWfzfkD9m8X9j/pjF/035Yxb/N+ePWfzfkj9m8X9r/pjFf4v8MYv/lvljFv+t8scs/m/LH7P4b50/ZvHfJn/M4r9t/pjFf7v8MYv/2/PHLP7b549Z/N+RP2bxf2f+mMV/h/wxi/+O+WMW/53yxyz+O+ePWfzflT9m8X93/pjFf5f8MYv/e/LHLP675o9Z/N+bP2bxf1/+mMX//fljFv/d8scs/rvnj1n898gfs/h/IH/M4v/B/DGL/4fyxyz+H84fs/h/JH/M4r9n/pjF/6P5Yxb/j+WPWfw/nj9m8f9E/pjFf6/8MYv/J/PHLP57549Z/D+VP2bx/3T+mMV/n/wxi/+++WMW//3yxyz+n8kfs/h/Nn/M4v+5/DGL//75Yxb/A/LHLP6fzx+z+B+YP2bxPyh/zOL/hfwxi//B+WMW/0Pyxyz+X8wfs/h/KX/M4v/l/DGL/1fyxyz+X80fs/h/LX/M4v/1/DGL/zfyxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf+o/DGL/9H5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvH/Zv6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4fyt/zOL/7fwxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+H8nf8zif2b+mMX/rPwxi//Z+WMW/+/mj1n8v5c/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/t/PH7P4/yB/zOL/w/wxi/+P8scs/j/OH7P4/yR/zOJ/Yf6Yxf+i/DGL/0/zxyz+F+ePWfx/lj9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+V+aPWfyvyh+z+P88f8zi/4v8MYv/L/PHLP6/yh+z+F+dP2bxvyZ/zOL/6/wxi/9v8scs/tfmj1n8f5s/ZvG/Ln/M4n99/pjF/4b8MYv/7/LHLP435o9Z/G/KH7P435w/ZvH/ff6Yxf8P+WMW/z/mj1n8b8kfs/j/KX/M4n9r/pjF/7b8MYv/7fljFv878scs/n/OH7P435k/ZvG/K3/M4v+X/DGL/935Yxb/v+aPWfz/lj9m8f97/pjF/x/5Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4j8lf8zi/2D+mMX/ofwxi//U/DGJ/5yD/DGL/1D+mMV/VP6YxX+2/DGL/+z5Yxb/0fljFv858scs/nPmj1n858ofs/jPnT9m8Z8nf8ziP2/+mMV/vvwxi//8+WMW/wXyxyz+C+aPWfzH5I9Z/BfKH7P4j80fs/gvnD9m8V8kf8zi/5T8MYv/U/PHLP5Pyx+z+C+aP2bxf3r+mMV/sfwxi/8z8scs/s/MH7P4L54/ZvF/Vv6Yxf/Z+WMW/3H5Yxb/5+SPWfyfmz9m8X9e/pjFf4n8MYv/kvljFv/n549Z/JfKH7P4L50/ZvF/Qf6Yxf+F+WMW/xflj1n8X5w/ZvFfJn/M4v+S/DGL/7L5Yxb/5fLHLP7L549Z/FfIH7P4r5g/ZvFfKX/M4v/S/DGL/8r5Yxb/VfLHLP6r5o9Z/FfLH7P4vyx/zOK/ev6YxX+N/DGL/8vzxyz+r8gfs/i/Mn/M4j8+f8ziPyF/zOI/MX/M4r9m/pjFf638MYv/2vljFv9J+WMW/8n5Yxb/dfLHLP7r5o9Z/F+VP2bxf3X+mMV/vfwxi//6+WMW/w3yxyz+r8kfs/hvmD9m8X9t/pjFf6P8MYv/xvljFv9N8scs/pvmj1n8X5c/ZvHfLH/M4r95/pjF//X5Yxb/N+SPWfzfmD9m8X9T/pjF/835Yxb/t+SPWfzfmj9m8d8if8ziv2X+mMV/q/wxi//b8scs/lvnj1n8t8kfs/hvmz9m8d8uf8zi//b8MYv/9vljFv935I9Z/N+ZP2bx3yF/zOK/Y/6YxX+n/DGL/875Yxb/d+WPWfzfnT9m8d8lf8zi/578MYv/rvljFv/35o9Z/N+XP2bxf3/+mMV/t/wxi//u+WMW/z3yxyz+H8gfs/h/MH/M4v+h/DGL/4fzxyz+H8kfs/jvmT9m8f9o/pjF/2P5Yxb/j+ePWfw/kT9m8d8rf8zi/8n8MYv/3vljFv9P5Y9Z/D+dP2bx3yd/zOK/b/6YxX+//DGL/2fyxyz+n80fs/h/Ln/M4r9//pjF/4D8MYv/5/PHLP4H5o9Z/A/KH7P4fyF/zOJ/cP6Yxf+Q/DGL/xfzxyz+X8ofs/h/OX/M4v+V/DGL/1fzxyz+X8sfs/h/PX/M4v+N/DGL/6H5Yxb/w/LHLP6H549Z/I/IH7P4H5k/ZvE/Kn/M4n90/pjF/5j8MYv/sfljFv/j8scs/sfnj1n8v5k/ZvE/IX/M4n9i/pjF/6T8MYv/yfljFv9T8scs/t/KH7P4fzt/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP7fyR+z+J+ZP2bxPyt/zOJ/dv6Yxf+7+WMW/+/lj1n8z8kfs/ifmz9m8T8vf8zif37+mMX/gvwxi//388cs/j/IH7P4/zB/zOL/o/wxi/+P88cs/j/JH7P4X5g/ZvG/KH/M4v/T/DGL/8X5Yxb/n+WPWfwvyR+z+F+aP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP4/zx+z+P8if8zi/8v8MYv/r/LHLP5X549Z/K/JH7P4/zp/zOL/m/wxi/+1+WMW/9/mj1n8r8sfs/hfnz9m8b8hf8zi/7v8MYv/jfljFv+b8scs/jfnj1n8f58/ZvH/Q/6Yxf+P+WMW/1vyxyz+f8ofs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+f88cs/nfmj1n878ofs/j/JX/M4n93/pjF/6/5Yxb/v+WPWfz/nj9m8f9H/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/hPyR+z+D+YP2bxfyh/zOI/NX9M4j/XIH/M4j+UP2bxH5U/ZvGfLX/M4j97/pjFf3T+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/MfljFv+F8scs/mPzxyz+C+ePWfwXyR+z+D8lf8zi/9T8MYv/0/LHLP6L5o9Z/J+eP2bxXyx/zOL/jPwxi/8z88cs/ovnj1n8n5U/ZvF/dv6YxX9c/pjF/zn5Yxb/5+aPWfyflz9m8V8if8ziv2T+mMX/+fljFv+l8scs/kvnj1n8X5A/ZvF/Yf6Yxf9F+WMW/xfnj1n8l8kfs/i/JH/M4r9s/pjFf7n8MYv/8vljFv8V8scs/ivmj1n8V8ofs/i/NH/M4r9y/pjFf5X8MYv/qvljFv/V8scs/i/LH7P4r54/ZvFfI3/M4v/y/DGL/yvyxyz+r8wfs/iPzx+z+E/IH7P4T8wfs/ivmT9m8V8rf8ziv3b+mMV/Uv6YxX9y/pjFf538MYv/uvljFv9X5Y9Z/F+dP2bxXy9/zOK/fv6YxX+D/DGL/2vyxyz+G+aPWfxfmz9m8d8of8ziv3H+mMV/k/wxi/+m+WMW/9flj1n8N8sfs/hvnj9m8X99/pjF/w35Yxb/N+aPWfzflD9m8X9z/pjF/y35Yxb/t+aPWfy3yB+z+G+ZP2bx3yp/zOL/tvwxi//W+WMW/23yxyz+2+aPWfy3yx+z+L89f8ziv33+mMX/HfljFv935o9Z/HfIH7P475g/ZvHfKX/M4r9z/pjF/135Yxb/d+ePWfx3yR+z+L8nf8ziv2v+mMX/vfljFv/35Y9Z/N+fP2bx3y1/zOK/e/6YxX+P/DGL/wfyxyz+H8wfs/h/KH/M4v/h/DGL/0fyxyz+e+aPWfw/mj9m8f9Y/pjF/+P5Yxb/T+SPWfz3yh+z+H8yf8ziv3f+mMX/U/ljFv9P549Z/PfJH7P475s/ZvHfL3/M4v+Z/DGL/2fzxyz+n8sfs/jvnz9m8T8gf8zi//n8MYv/gfljFv+D8scs/l/IH7P4H5w/ZvE/JH/M4v/F/DGL/5fyxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+X88fs/h/I3/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/2/mj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+38scs/t/OH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/d/LHLP5n5o9Z/M/KH7P4n50/ZvH/bv6Yxf97+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOL//fwxi/8P8scs/j/MH7P4/yh/zOL/4/wxi/9P8scs/hfmj1n8L8ofs/j/NH/M4n9x/pjF/2f5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/z/PHLP6/yB+z+P8yf8zi/6v8MYv/1fljFv9r8scs/r/OH7P4/yZ/zOJ/bf6Yxf+3+WMW/+vyxyz+1+ePWfxvyB+z+P8uf8zif2P+mMX/pvwxi//N+WMW/9/nj1n8/5A/ZvH/Y/6Yxf+W/DGL/5/yxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOL/5/wxi/+d+WMW/7vyxyz+f8kfs/jfnT9m8f9r/pjF/2/5Yxb/v+ePWfz/kT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+U/LHLP4P5o9Z/B/KH7P4T80fk/jPPcgfs/gP5Y9Z/Eflj1n8Z8sfs/jPnj9m8R+dP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvFfIH/M4r9g/pjFf0z+mMV/ofwxi//Y/DGL/8L5Yxb/RfLHLP5PyR+z+D81f8zi/7T8MYv/ovljFv+n549Z/BfLH7P4PyN/zOL/zPwxi//i+WMW/2flj1n8n50/ZvEflz9m8X9O/pjF/7n5Yxb/5+WPWfyXyB+z+C+ZP2bxf37+mMV/qfwxi//S+WMW/xfkj1n8X5g/ZvF/Uf6Yxf/F+WMW/2Xyxyz+L8kfs/gvmz9m8V8uf8ziv3z+mMV/hfwxi/+K+WMW/5Xyxyz+L80fs/ivnD9m8V8lf8ziv2r+mMV/tfwxi//L8scs/qvnj1n818gfs/i/PH/M4v+K/DGL/yvzxyz+4/PHLP4T8scs/hPzxyz+a+aPWfzXyh+z+K+dP2bxn5Q/ZvGfnD9m8V8nf8ziv27+mMX/VfljFv9X549Z/NfLH7P4r58/ZvHfIH/M4v+a/DGL/4b5Yxb/1+aPWfw3yh+z+G+cP2bx3yR/zOK/af6Yxf91+WMW/83yxyz+m+ePWfxfnz9m8X9D/pjF/435Yxb/N+WPWfzfnD9m8X9L/pjF/635Yxb/LfLHLP5b5o9Z/LfKH7P4vy1/zOK/df6YxX+b/DGL/7b5Yxb/7fLHLP5vzx+z+G+fP2bxf0f+mMX/nfljFv8d8scs/jvmj1n8d8ofs/jvnD9m8X9X/pjF/935Yxb/XfLHLP7vyR+z+O+aP2bxf2/+mMX/ffljFv/3549Z/HfLH7P4754/ZvHfI3/M4v+B/DGL/wfzxyz+H8ofs/h/OH/M4v+R/DGL/575Yxb/j+aPWfw/lj9m8f94/pjF/xP5Yxb/vfLHLP6fzB+z+O+dP2bx/1T+mMX/0/ljFv998scs/vvmj1n898sfs/h/Jn/M4v/Z/DGL/+fyxyz+++ePWfwPyB+z+H8+f8zif2D+mMX/oPwxi/8X8scs/gfnj1n8D8kfs/h/MX/M4v+l/DGL/5fzxyz+X8kfs/h/NX/M4v+1/DGL/9fzxyz+38gfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPGfFf4Mka1//RLP7Hdv5jFv/j8scs/sfnj1n8v5k/ZvE/IX/M4n9i/pjF/6T8MYv/yfljFv9T8scs/t/KH7P4fzt/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP7fyR+z+J+ZP2bxPyt/zOJ/dv6Yxf+7+WMW/+/lj1n8z8kfs/ifmz9m8T8vf8zif37+mMX/gvwxi//388cs/j/IH7P4/zB/zOL/o/wxi/+P88cs/j/JH7P4X5g/ZvG/KH/M4v/T/DGL/8X5Yxb/n+WPWfwvyR+z+F+aP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP4/zx+z+P8if8zi/8v8MYv/r/LHLP5X549Z/K/JH7P4/zp/zOL/m/wxi/+1+WMW/9/mjz3af/STPZx/v8fxvy5/zHL+X58/ZvG/IX/M4v+7/DGL/435Yxb/m/LHLP43549Z/H+fP2bx/0P+mMX/j/ljFv9b8scs/n/KH7P435o/ZvG/LX/M4n97/pjF/478MYv/n/PHLP535o9Z/O/KH7P4/yV/zOJ/d/6Yxf+v+WMW/7/lj1n8/54/ZvH/R/6Yxf+e/DGL/735Yxb/+/LHLP73549Z/B/IH7P4T8kfs/g/mD9m8X8of8ziPzV/TOI/zyB/zOI/lD9m8R+VP2bxny1/zOI/e/6YxX90/pjFf478MYv/nPljFv+58scs/nPnj1n858kf++/3n+vhj/J/bP/9/tOaZ778MYv//PljFv8F8scs/gvmj1n8x+SPWfwXyh+z+I/NH7P4L5w/ZvFfJH/M4v+U/DGL/1Pzxyz+T8sfs/gvmj9m8X96/pjFf7H8MYv/M/LHLP7PzB+z+C+eP2bxf1b+mMX/2fljFv9x+WMW/+fkj1n8n5s/ZvF/Xv6YxX+J/DGL/5L5Yxb/5+ePWfyXyh+z+C+dP2bxf0H+mMX/hfljFv8X5Y9Z/F+cP2bxXyZ/zOL/kvwxi/+y+WMW/+Xyxyz+y+ePWfxXyB+z+K+YP2bxXyl/zOL/0vwxi//K+WMW/1Xyxyz+q+aPWfxXyx+z+L8sf8ziv3r+mMV/jfwxi//L88cs/q/IH7P4vzJ/zOI/Pn/M4j8hf8ziPzF/zOK/Zv6YxX+t/DGL/9r5Yxb/SfljFv/J+WMW/3Xyxyz+6+aPWfxflT9m8X91/pjFf738MYv/+vljFv8N8scs/q/JH7P4b5g/ZvF/bf6YxX+j/DGL/8b5Yxb/TfLHLP6b5o9Z/F+XP2bx3yx/zOK/ef6Yxf/1+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvHfIn/M4r9l/pjFf6v8MYv/2/LHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/2/DGL//b5Yxb/d+SPWfzfmT9m8d8hf8ziv2P+mMV/p/wxi//O+WMW/3flj1n8350/ZvHfJX/M4v+e/DGL/675Yxb/9+aPWfzflz9m8X9//pjFf7f8MYv/7vljFv898scs/h/IH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P475k/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvHfK3/M4v/J/DGL/975Yxb/T+WPWfw/nT9m8d8nf8ziv2/+mMV/v/wxi/9n8scs/p/NH7P4fy5/zOK/f/6Yxf+A/DGL/+fzxyz+B+aPWfwPyh+z+H8hf8zif3D+mMX/kPwxi/8X88cs/l/KH7P4fzl/zOL/lfwxi/9X88cs/l/LH7P4fz1/zOL/jfwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/L+ZP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP7fyh+z+H87f8zif2r+mMX/tPwxi//p+WMW/zPyxyz+38kfs/ifmT9m8T8rf8zif3b+mMX/u/ljFv/v5Y9Z/M/JH7P4n5s/ZvE/L3/M4n9+/pjF/4L8MYv/9/PHLP4/yB+z+P8wf8zi/6P8MYv/j/PHLP4/yR+z+F+YP2bxvyh/zOL/0/wxi//F+WMW/5/lj1n8L8kfs/hfmj9m8b8sf8zif3n+mMX/ivwxi/+V+WMW/6vyxyz+P88fs/j/In/M4v/L/DGL/6/yxyz+V+ePWfyvyR+z+P86f8zi/5v8MYv/tfljFv/f5o9Z/K/LH7P4X58/ZvG/IX/M4v+7/DGL/435Yxb/m/LHLP43549Z/H+fP2bx/0P+mMX/j/ljFv9b8scs/n/KH7P435o/ZvG/LX/M4n97/pjF/478MYv/n/PHLP535o9Z/O/KH7P4/yV/zOJ/d/6Yxf+v+WMW/7/lj1n8/54/ZvH/R/6Yxf+e/DGL/735Yxb/+/LHLP73549Z/B/IH7P4T8kfs/g/mD9m8X8of8ziPzV/TOI/7yB/zOI/lD9m8R+VP2bxny1/zOI/e/6YxX90/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/+C+WMW/zH5Yxb/hfLHLP5j88cs/gvnj1n8F8kfs/g/JX/M4v/U/DGL/9Pyxyz+i+aPWfyfnj9m8V8sf8zi/4z8MYv/M/PHLP6L549Z/J+VP2bxf3b+mMV/XP6Yxf85+WMW/+fmj1n8n5c/ZvFfIn/M4r9k/pjF//n5Yxb/pfLHLP5L549Z/F+QP2bxf2H+mMX/RfljFv8X549Z/JfJH7P4vyR/zOK/bP6YxX+5/DGL//L5Yxb/FfLHLP4r5o9Z/FfKH7P4vzR/zOK/cv6YxX+V/DGL/6r5Yxb/1fLHLP4vyx+z+K+eP2bxXyN/zOL/8vwxi/8r8scs/q/MH7P4j88fs/hPyB+z+E/MH7P4r5k/ZvFfK3/M4r92/pjFf1L+mMV/cv6YxX+d/DGL/7r5Yxb/V+WPWfxfnT9m8V8vf8ziv37+mMV/g/wxi/9r8scs/hvmj1n8X5s/ZvHfKH/M4r9x/pjFf5P8MYv/pvljFv/X5Y9Z/DfLH7P4b54/ZvF/ff6Yxf8N+WMW/zfmj1n835Q/ZvF/c/6Yxf8t+WMW/7fmj1n8t8gfs/hvmT9m8d8qf8zi/7b8MYv/1vljFv9t8scs/tvmj1n8t8sfs/i/PX/M4r99/pjF/x35Yxb/d+aPWfx3yB+z+O+YP2bx3yl/zOK/c/6Yxf9d+WMW/3fnj1n8d8kfs/i/J3/M4r9r/pjF/735Yxb/9+WPWfzfnz81NBgaKPx3yx+znP+7549Z/PfIH7P4fyB/zOL/wfwxi/+H8scs/h/OH7P4fyR/zOK/Z/6Yxf+j+WMW/4/lj1n8P54/ZvH/RP6YxX+v/DGL/yfzxyz+e+ePWfw/lT9m8f90/pjFf5/8MYv/vvljFv/98scs/p/JH7P4fzZ/zOL/ufwxi//++WMW/wPyxyz+n88fs/gfmD9m8T8of8zi/4X8MYv/wfljFv9D8scs/l/MH7P4fyl/zOL/5fwxi/9X8scs/l/NH7P4fy1/zOL/9fwxi/838scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bx/2b+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfxPyR+z+H8rf8zi/+38MYv/qfljFv/T8scs/qfnj1n8z8gfs/h/J3/M4n9m/pjF/6z8MYv/2fljFv/v5o9Z/L+XP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP7fzx+z+P8gf8zi/8P8MYv/j/LHLP4/zh+z+P8kf8zif2H+mMX/ovwxi/9P88cs/hfnj1n8f5Y/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/j/PH/M4v+L/DGL/y/zxyz+v8ofs/hfnT9m8b8mf8zi/+v8MYv/b/LHLP7X5o9Z/H+bP2bxvy5/zOJ/ff6Yxf+G/DGL/+/yxyz+N+aPWfxvyh+z+N+cP2bx/33+mMX/D/ljFv8/5o9Z/G/JH7P4/yl/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP5/zh+z+N+ZP2bxvyt/zOL/l/wxi//d+WMW/7/mj1n8/5Y/ZvH/e/6Yxf8f+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOI/JX/M4v9g/pjF/6H8MYv/1Pwxif98g/wxi/9Q/pjFf1T+mMV/tvwxi//s+WMW/9H5Yxb/OfLHLP5z5o9Z/OfKH7P4z50/ZvGfJ3/M4j9v/pjFf778MYv//PljFv8F8scs/gvmj1n8x+SPWfwXyh+z+I/NH7P4L5w/ZvFfJH/M4v+U/DGL/1Pzxyz+T8sfs/gvmj9m8X96/pjFf7H8MYv/M/LHLP7PzB+z+C+eP2bxf1b+mMX/2fljFv9x+WMW/+fkj1n8n5s/ZvF/Xv6YxX+J/DGL/5L5Yxb/5+ePWfyXyh+z+C+dP2bxf0H+mMX/hfljFv8X5Y9Z/F+cP2bxXyZ/zOL/kvwxi/+y+WMW/+Xyxyz+y+ePWfxXyB+z+K+YP2bxXyl/zOL/0vwxi//K+WMW/1Xyxyz+q+aPWfxXyx+z+L8sf8ziv3r+mMV/jfwxi//L88cs/q/IH7P4vzJ/zOI/Pn/M4j8hf8ziPzF/zOK/Zv6YxX+t/DGL/9r5Yxb/SfljFv/J+WMW/3Xyxyz+6+aPWfxflT9m8X91/pjFf738MYv/+vljFv8N8scs/q/JH7P4b5g/ZvF/bf6YxX+j/DGL/8b5Yxb/TfLHLP6b5o9Z/F+XP2bx3yx/zOK/ef6Yxf/1+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvHfIn/M4r9l/pjFf6v8MYv/2/LHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/2/DGL//b5Yxb/d+SPWfzfmT9m8d8hf8ziv2P+mMV/p/wxi//O+WMP+2978n+1/7vyxyzn/7vzxyz+u+SPWfzfkz9m8d81f8zi/978MYv/+/LHLP7vzx+z+O+WP2bx3z1/zOK/R/6Yxf8D+WMW/w/mj1n8P5Q/ZvH/cP6Yxf8j+WMW/z3zxyz+H80fs/h/LH/M4v/x/DGL/yfyxyz+e+WPWfw/mT9m8d87f8zi/6n8MYv/p/PHLP775I9Z/PfNH7P475c/ZvH/TP6Yxf+z+WMW/8/lj1n8988fs/gfkD9m8f98/pjF/8D8MYv/QfljFv8v5I9Z/A/OH7P4H5I/ZvH/Yv6Yxf9L+WMW/y/nj1n8v5I/ZvH/av6Yxf9r+WMW/6/nj1n8v5E/ZvE/NH/M4n9Y/pjF//D8MYv/EfljFv8j88cs/kflj1n8j84fs/gfkz9m8T82f8zif1z+mMX/+Pwxi/8388cs/ifkj1n8T8wfs/iflD9m8T85f8zif0r+mMX/W/ljFv9v549Z/E/NH7P4n5Y/ZvE/PX/M4n9G/pjF/zv5Yxb/M/PHLP5n5Y9Z/M/OH7P4fzd/zOL/vfwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bx/37+mMX/B/ljFv8f5o9Z/H+UP2bx/3H+mMX/J/ljFv8L88cs/hflj1n8f5o/ZvG/OH/M4v+z/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvG/Mn/M4n9V/pjF/+f5Yxb/X+SPWfx/mT9m8f9V/pjF/+r8MYv/NfljFv9f549Z/H+TP2bxvzZ/zOL/2/wxi/91+WMW/+vzxyz+N+SPWfx/lz9m8b8xf8zif1P+mMX/5vwxi//v88cs/n/IH7P4/zF/zOJ/S/6Yxf9P+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bx/3P+mMX/zvwxi/9d+WMW/7/kj1n8784fs/j/NX/M4v+3/DGL/9/zxyz+/8gfs/jfkz9m8b83f8zif1/+mMX//vwxi/8D+WMW/yn5Yxb/B/PHLP4P5Y9Z/Kfmj0n85x/kj1n8h/LHLP6j8scs/rPlj1n8Z88fs/iPzh+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4L5A/ZvFfMH/M4j8mf8ziv1D+mMV/bP6YxX/h/DGL/yL5Yxb/p+SPWfyfmj9m8X9a/pjFf9H8MYv/0/PHLP6L5Y9Z/J+RP2bxf2b+mMV/8fwxi/+z8scs/s/OH7P4j8sfs/g/J3/M4v/c/DGL//Pyxyz+S+SPWfyXzB+z+D8/f8ziv1T+mMV/6fwxi/8L8scs/i/MH7P4vyh/zOL/4vwxi/8y+WMW/5fkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi/9K+WMW/5fmj1n8V84fs/ivkj9m8V81f8ziv1r+mMX/ZfljFv/V88cs/mvkj1n8X54/ZvF/Rf6Yxf+V+WMW//H5Yxb/CfljFv+J+WMW/zXzxyz+a+WPWfzXzh+z+E/KH7P4T84fs/ivkz9m8V83f8zi/6r8MYv/q/PHLP7r5Y9Z/NfPH7P4b5A/ZvF/Tf6YxX/D/DGL/2vzxyz+G+WPWfw3zh+z+G+SP2bx3zR/zOL/uvwxi/9m+WMW/83zxyz+r88fs/i/IX/M4v/G/DGL/5vyxyz+b84fs/i/JX/M4v/W/DGL/xb5Yxb/LfPHLP5b5Y9Z/N+WP2bx3zp/zOK/Tf6YxX/b/DGL/3b5Yxb/t+ePWfy3zx+z+L8jf8zi/878MYv/DvljFv8d88cs/jvlj1n8d84fs/i/K3/M4v/u/DGL/y75Yxb/9+SPWfx3zR+z+L83f8zi/778MYv/+/PHLP675Y9Z/HfPH7P475E/ZvH/QP6Yxf+D+WMW/w/lj1n8P5w/ZvH/SP6YxX/P/DGL/0fzxyz+H8sfs/h/PH/M4v+J/DGL/175Yxb/T+aPWfz3zh+z+H8qf8zi/+n8MYv/PvljFv9988cs/vvlj1n8P5M/ZvH/bP6Yxf9z+WMW//3zxyz+B+SPWfw/nz9m8T8wf8zif1D+mMX/C/ljFv+D88cs/ofkj1n8v5g/ZvH/Uv6Yxf/L+WMW/6/kj1n8v5o/ZvH/Wv6Yxf/r+WMW/2/kj1n8D80fs/gflj9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+x+SPWfyPzR+z+B+XP2bxPz5/zOL/zfwxi/8J+WMW/xPzxyz+J+WPWfxPzh+z+J+SP2bx/1b+mMX/2/ljFv9T88cs/qflj1n8T88fs/ifkT9m8f9O/pjF/8z8MYv/WfljFv+z88cs/t/NH7P4fy9/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/L+fP2bx/0H+mMX/h/ljFv8f5Y9Z/H+cP2bx/0n+mMX/wvwxi/9F+WMW/5/mj1n8L84fs/j/LH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8r8wfs/hflT9m8f95/pjF/xf5Yxb/X+aPWfx/lT9m8b86f8zif03+mMX/1/ljFv/f5I9Z/K/NH7P4/zZ/zOJ/Xf6Yxf/6/DGL/w35Yxb/3+WPWfxvzB+z+N+UP2bxvzl/zOL/+/wxi/8f8scs/n/MH7P435I/ZvH/U/6Yxf/W/DGL/235Yxb/2/PHLP535I9Z/P+cP2bxvzN/zOJ/V/6Yxf8v+WMW/7vzxyz+f80fs/j/LX/M4v/3/DGL/z/yxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6YxX9K/pjF/8H8MYv/Q/ljFv+p+WMS/wUG+WMW/6H8MYv/qPwxi/9s+WMW/9nzxyz+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/gvkj1n8F8wfs/iPyR+z+C+UP2bxH5s/ZvFfOH/M4r9I/pjF/yn5Yxb/p+aPWfyflj9m8V80f8zi//T8MYv/YvljFv9n5I9Z/J+ZP2bxXzx/zOL/rPwxi/+z88cs/uPyxyz+z8kfs/g/N3/M4v+8/DGL/xL5Yxb/JfPHLP7Pzx+z+C+VP2bxXzp/zOL/gvwxi/8L88cs/i/KH7P4vzh/zOK/TP6Yxf8l+WMW/2Xzxyz+y+WPWfyXzx+z+K+QP2bxXzF/zOK/Uv6Yxf+l+WMW/5Xzxyz+q+SPWfxXzR+z+K+WP2bxf1n+mMV/9fwxi/8a+WMW/5fnj1n8X5E/ZvF/Zf6YxX98/pjFf0L+mMV/Yv6YxX/N/DGL/1oi/7n+hXUt/muL/P+VLP6T8scs/pPzxyz+6+SPWfzXzR+z+L8qf8zi/+r8MYv/evljFv/188cs/hvkj1n8X5M/ZvHfMH/M4v/a/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4vy5/zOK/Wf6YxX/z/DGL/+vzxyz+b8gfs/i/MX/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4r9F/pjFf8v8MYv/VvljFv+35Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/+35Yxb/7fPHLP7vyB+z+L8zf8ziv0P+mMV/x/wxi/9O+WMW/53zxyz+78ofs/i/O3/M4r9L/pjF/z35Yxb/XfPHLP7vzR+z+L8vf8zi//78MYv/bvljFv/d88cs/nvkj1n8P5A/ZvH/YP6Yxf9D+WMW/w/nj1n8P5I/ZvHfM3/M4v/R/DGL/8fyxyz+H88fs/h/In/M4r9X/pjF/5P5Yxb/vfPHLP6fyh+z+H86f8ziv0/+mMV/3/wxi/9++WMW/8/kj1n8P5s/ZvH/XP6YxX///DGL/wH5Yxb/z+ePWfwPzB+z+B+UP2bx/0L+mMX/4Pwxi/8h+WMW/y/mj1n8v5Q/ZvH/cv6Yxf8r+WMW/6/mj1n8v5Y/ZvH/ev6Yxf8b+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4fzN/zOJ/Qv6Yxf/E/DGL/0n5Yxb/k/PHLP6n5I9Z/L+VP2bx/3b+mMX/1Pwxi/9p+WMW/9Pzxyz+Z+SPWfy/kz9m8T8zf8zif1b+mMX/7Pwxi/9388cs/t/LH7P4n5M/ZvE/N3/M4n9e/pjF//z8MYv/BfljFv/v549Z/H+QP2bx/2H+mMX/R/ljFv8f549Z/H+SP2bxvzB/zOJ/Uf6Yxf+n+WMW/4vzxyz+P8sfs/hfkj9m8b80f8zif1n+mMX/8vwxi/8V+WMW/yvzxyz+V+WPWfx/nj9m8f9F/pjF/5f5Yxb/X+WPWfyvzh+z+F+TP2bx/3X+mMX/N/ljFv9r88cs/r/NH7P4X5c/ZvG/Pn/M4n9D/pjF/3f5Yxb/G/PHLP435Y9Z/G/OH7P4/z5/zOL/h/wxi/8f88cs/rfkj1n8/5Q/ZvG/NX/M4n9b/pjF//b8MYv/HfljFv8/549Z/O/MH7P435U/ZvH/S/6Yxf/u/DGL/1/zxyz+f8sfs/j/PX/M4v+P/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvGfkj9m8X8wf8zi/1D+mMV/av6YxH/BQf6YxX8of8ziPyp/zOI/W/6YxX/2/B/VbCPPFv/R+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/Mfkj1n8F8ofs/iPzR+z+C+cP2bxXyR/zOL/lPwxi/9T88cs/k/LH7P4L5o/ZvF/ev6YxX+x/DGL/zPyxyz+z8wfs/gvnj9m8X9W/pjF/9n5Yxb/cfljFv/n5I9Z/J+bP2bxf17+mMV/ifwxi/+S+WMW/+fnj1n8l8ofs/gvnT9m8X9B/pjF/4X5Yxb/F+WPWfxfnD9m8V8mf8zi/5L8MYv/svljFv/l8scs/svnj1n8V8gfs/ivmD9m8V8pf8zi/9L8MYv/yvljFv9V8scs/qvmj1n8V8sfs/i/LH/M4r96/pjFf438MYv/y/PHLP6vyB+z+L8yf8ziPz5/zOI/IX/M4j8xf8ziv2b+mMV/rfwxi//a+WMW/0n5Yxb/yfljFv918scs/uvmj1n8X5U/ZvF/df6YxX+9/DGL//r5Yxb/DfLHLP6vyR+z+G+YP2bxf23+mMV/o/wxi//G+WMW/03yxyz+m+aPWfxflz9m8d8sf8ziv3n+mMX/9fljFv835I9Z/N+YP2bxf1P+mMX/zfljFv+35I9Z/N+aP2bx3yJ/zOK/Zf6YxX+r/DGL/9vyxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/9vwxi//2+WMW/3fkj1n835k/ZvHfIX/M4r9j/pjFf6f8MYv/zvljFv935Y9Z/N+dP2bx3yV/zOL/nvwxi/+u+WMW//fmj1n835c/ZvF/f/6YxX+3/DGL/+75Yxb/PfLHLP4fyB+z+H/w/2OPHgzAMBQoAH6zSG3btm3bts0ktW3btm3btm23C7wJ+u5WOP9Ry/9A/1HL/yD/Ucv/YP9Ry/8e/qOW/z39Ry3/e/mPWv739h+1/O/jP2r539d/1PK/n/+o5X9//1HL/wH+o5b/A/1HLf8H+Y9a/g/2H7X8H+I/avk/1H/U8n+Y/6jl/3D/Ucv/Ef6jlv8j/Uct/0f5j1r+j/Yftfwf4z9q+T/Wf9Tyf5z/qOX/eP9Ry/8J/qOW/xP9Ry3/J/mPWv5P9h+1/J/iP2r5P9V/1PJ/mv+o5f90/1HL/xn+o5b/M/1HLf9n+Y9a/s/2H7X8n+M/avk/13/U8n+e/6jl/3z/Ucv/Bf6jlv8L/Uct/xf5j1r+L/Yftfxf4j9q+b/Uf9Tyf5n/qOX/cv9Ry/8V/qOW/yv9Ry3/V/mPWv6v9h+1/F/jP2r5v9Z/1PJ/nf+o5f96/1HL/w3+o5b/G/1HLf83+Y9a/m/2H7X83+I/avm/1X/U8n+b/6jl/3b/Ucv/Hf6jlv87/Uct/3f5j1r+7/Yftfzf4z9q+b/Xf9Tyf5//qOX/fv9Ry/8D/qOW/wf9Ry3/D/mPWv4f9h+1/D/iP2r5f9R/1PL/mP+o5f9x/1HL/xP+o5b/J/1HLf9P+Y9a/p/2H7X8P+M/avl/1n/U8v+c/6jl/3n/Ucv/C/6jlv8X/Uct/y/5j1r+X/Yftfy/4j9q+X/Vf9Ty/5r/qOX/df9Ry/8b/qOW/zf9Ry3/b/mPWv7f9h+1/L/jP2r5f9d/1PL/nv+o5f99/1HL/wf+o5b/D/1HLf8f+Y9a/j/2H7X8f+I/avn/1H/U8v+Z/6jl/3P/Ucv/F/6jlv8v/Uct/1/5j1r+v/Yftfx/4z9q+f/Wf9Ty/53/qOX/e/9Ry/8P/qOW/x/9Ry3/P/mPWv5/9h+1/P/iP2r5/9V/1PL/m/+o5f93/1HJ/4C/+I9a/v/qP2r5/5v/qOX/7/6jlv9/+I9a/v/pP2r5/5f/qOX/3/6jlv//+I9a/v/rP2r5/5//qOX///6jlv8h/Ect/0P6j1r+h/IftfwP7T9q+R/gP2r5H8Z/1PI/rP+o5X84/1HL//D+o5b/EfxHLf8j+o9a/kfyH7X8j+w/avkfxX/U8j+q/6jlfzT/Ucv/6P6jlv8x/Ect/2P6j1r+x/IftfyP7T9q+R/Hf9TyP67/qOV/PP9Ry//4/qOW/wn8Ry3/E/qPWv4n8h+1/E/sP2r5n8R/1PI/qf+o5X8y/1HL/+T+o5b/KfxHLf9T+o9a/qfyH7X8T+0/avmfxn/U8j+t/6jlfzr/Ucv/9P6jlv8Z/Ect/zP6j1r+Z/IftfzP7D9q+Z/Ff9TyP6v/qOV/Nv9Ry//s/qOW/zn8Ry3/c/qPWv7n8h+1/M/tP2r5n8d/1PI/r/+o5X8+/1HL//z+o5b/BfxHLf8L+o9a/hfyH7X8L+w/avlfxH/U8r+o/6jlfzH/Ucv/4v6jlv8l/Ect/0v6j1r+l/Iftfwv7T9q+V/Gf9Tyv6z/qOV/Of9Ry//y/qOW/xX8Ry3/K/qPWv5X8h+1/K/sP2r5X8V/1PK/qv+o5X81/1HL/+r+o5b/NfxHLf9r+o9a/tfyH7X8r+0/avlfx3/U8r+u/6jlfz3/Ucv/+v6jlv8N/Ect/xv6j1r+N/Iftfxv7D9q+d/Ef9Tyv6n/qOV/M/9Ry//m/qOW/y38Ry3/W/qPWv638h+1/G/tP2r538Z/1PK/rf+o5X87/1HL//b+o5b/HfxHLf87+o9a/nfyH7X87+w/avnfxX/U8r+r/6jlfzf/Ucv/7v6jlv+B/qOW/0H+o5b/wf6jP90/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAf7NttbJ1l4cfxu9s6xv78kxEXXIYmm1woJMJs95DxgrDJ2FYH3XgeAxzd2o2Ndptdh10B9/BiEiE8SDLJEiXKlqGEmdBIDAQriGjQRU00+ACIQhSNEyHolrhYc9rT0h67xnPV61qUz+dFz7nvs9+9rcl3973AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/14NjQuPjK8Zdmr80IMPHm7pe51zdOXNB37bc+HAa/njZSNcctzQg97e3t45z83eUT48pSiK0s+2s3w8qXJcuv7O+i909h+FBT0vLTk+5eeNRw6sOf2Ruu6j99f2na0tblq3obXlY+OKIlxcW3SWDupqiiIsri3uKx3Ulw6W1BaPlA5m9x2cWny7dHD+2s2tzaUTS6O/Z/C/oqFxZzF+WLHFsD8Nhva/s/5bdw68jnLJgatNKMr9X9H1/bcqPhtwgv4Hrh8WVvZf9W8QOKHq+n9hwcDrKJf8l/v/5KdWvTLSZyfuf+D64eP6h3RGeP4f1mjlc3/F8/+MES45uL+qput4qf9Lb3t2ZvnUhH/n+f/d64eLK/sfN+z5v/Qcv2jg+f+UogiXjPHbAe8pDY27jox2/x+9/wnTKzY1Q/s/o33z/lL/jy/53hPlU7VV9r9olPv/uKUVv1agOg2NX+6tuP9X0X/xkREuOdj/20/8+uFS/4/9/oEzh3xWTf+XVPY/q6Nty6yt27vO29DWtL5lfcumutnz58yrr5t3wdxZfY8E/V/H+F2B94ax3f+LyRWbmqJoGdxf033g6VL/cx98cE751KQq+1886v1/hvs/jOhD44qJE4vOpo6O9rr+rwOH9f1f+3/YCP1X8ff/s84p/7Da8mtNUUwb3N915t0rSv2/c+jZ3eVTE6vsf8mo/S8Y/HmBCGO8/zdXbIb1f/DQS33P/8vuPXhG+VS1f/9fOmr/r7r/w1g0NFb8Dz//YaX+dxWXRXYaGvz3P0gnR/+PvXNDT9w6fEL/kE6O/n/3uaPnxq3DMv1DOjn6n7Dxgefj1uFS/UM6OfpfPnX+irh1uEz/kE6O/te+eu6f49ahUf+QTo7+z/nS7s64dViuf0gnR/8Ptc/ZFrcOK/QP6eTo/6enPfRa3Dpcrn9IJ0f/x47dc2PcOlyhf0gnR//de87+Qdw6XKl/SCdH/5evWxji1uEq/UM6OfqfPu2Pj8etw9X6h3Ry9D/vT38/LW4drtE/pJOj/zs+v2Jf3Dpcq39IJ0f/469/5cW4dVipf0gnR/9Lz962MG4drtM/pJOj/+afNPfGrcMq/UM6Ofqf9fUfbYhbh+v1D+nk6P/w8kf3xK3DDfqHdHL0v6eumBK3DjfqH9LJ0f/Xvnv6obh1+KT+IZ0c/f/mqSfnx63Dav1DOjn6f+4Dt38jbh1u0j+kk6P/e9e8eFbcOjTpH9LJ0f/De5//Ytw6rNE/pJOj/zfeaPu/uHVYq39IJ0f/kyed+nrcOjTrH9LJ0f/CW7/SHrcOLfqHdHL037a7+4dx67BO/5BOjv4/fHzaqrh1WK9/SCdH/yvn7n1/3DrcrH9IJ0f/71t24a64ddigf0gnR/8X9Xz0orh12Kh/SCdH/x3PfParcetwi/4hnRz975352uK4dWjVP6STo/+XVy/9cdw6tOkf0snR/1uPXrcpbh026R/SydH/kz97+1jcOmzWP6STo///v2DRX+PWYYv+IZ0c/S9e8ubauHX4lP4hnRz9b+z+x8tx69Cuf0gnR/8zD1+9LG4dtuof0snR/3fOq9sftw4d+od0cvR/55X76uPWYZv+IZ0c/e8/eNfdcetwq/4hnRz9v/mLGdPj1uHT+od0cvR//5RD18atQ6f+IZ0c/f9yU+0zceuwXf+QTo7+/7Zv6o64dejSP6STo/+nX+/5Q9w63KZ/SCdH/6sn/Gpi3Drcrn9IJ0f/U7u23Be3DnfoH9LJ0f/8e5rOj1uHz+gf0snR/9a/vPDNuHXYoX9IZ+v2rluaWltb2r3xxhtvBt+c7D+ZgNTejf5k/0oAAAAAAAAAAAAAAIATyfHPiU727xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7JDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgWAAAAABAmL91EL0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAVAAD//0pM5a8=")
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804051, 0x0, 0x1, 0x0, &(0x7f0000000d40))
rmdir(&(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

4.13704895s ago: executing program 3 (id=436):
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x810000, &(0x7f00000006c0)=ANY=[@ANYBLOB="6a6f75726e616c5f7472616e73616374696f6e5f6e616d65732c62747265655f6e6f64655f0dcbcc28b5ef6f8b2c6a6f75726e616c5f666c7573685f64697361626c65642c6673636b2c6a6f75726e616c5f666c7573685f64697361626c65642c726174656c696d69745f6572726f72732c7265636f766572795f706173735f6c6173743d7365745f6d61795f676f5f72772c7265636f6e7374727563745f616c6c6f632c6e6f5f646174615f696f2c00", @ANYBLOB="e0e41daf6d671710fd0891b4039bb28069f3f208bb54badc87b7cffb3da275a6d077279bf0ed4d2bb138fbd08f50d60c77df276e5c51f9906e010a36626581e1fe12a91b791e2c02ea97afcbc7893bf4b4ac0dcb35bad8d634d637fe09c04666d2bc27e83b48034c2cc2fcd102ef74f5e574f77fa9c4bc773fd57a693f10452a4c16e18c0ef6f9401b25fd7fee4653577d7db8c7"], 0x1, 0x5917, &(0x7f0000006f40)="$eJzs3W2QXFXdIPBzu3synZlMMgkgEWQyBKIIaia8Fb6URte3AqRiYSlhozCQCUaTkEqCQEAJLrhQgIWWlqJ+QAupRaNFFawSKZGXTVhFKVaX2kJqdRf94FPIQ0ogD2X5OE/N9D2dnjt95/b09IQEfr9K5vY5fft/zr339O37P90zHQAAAHhN2HP91n3nHPWBX31x5KVrPvyzjdeG3vJ4fTWu0J8ur3ilesiB1F1ZPL7Mjos3XfWDPw9e/L5f3t3z/Zd3rz123e/ff9jF93/mzF23ffuhF/vu/eczRXHjeDpxfzl5Lgmh+vO9X//S7seOHKtLQgjlpH9HCAuTRQ8tTDIhhv4eQlibFhZn7rznpVPWjS2vval7Qv2CzHrG+2tbNR1n2/ddflL4w3tXX/ebJT/+UdfOZ3fsXyWpNoynEOZf2Pj4rhDC3PT/mDja4niMg3ZVCKGn4XFnFPTruBb7vzynfHS6nJMuewvixPuXZsqlzHrZctSVWfYUtDdTef1od70i8zLl7MlopvL6GesXpsufpssTpxm/HP8noZSESr37G5L9YyQ0HLckJOPHslovl+rHNqTbnyknmXIpUy53ZbZrvN10oJWTZGJ9XC9TH0/HlbT+2MZzdRPn5tS/Pl1W0yfqy7EcsjdqeifdqG/XuNivvVP05UAoNZyDmtXXD3x6MHrTut5k0aTHjDYR79u9+uZl5TUP7+nP6Udyd5LGT9qKv/3XC+d96oc3XpZ9Xa/Hv7CUxi+1Ff+PZz3+/Pk3fu9bufFvjfHLbcU/+YGe58565Pqluftnb9w/lbbiDz/z6C1LDr9oZ27/b4/xq23FX7nr8e6+fQ88mNv/obh/5rYV/+l3fvBPdz1537O58UOM39NW/DW7Nn+5e2DfCbnxH4z7p7e98fPCztOfGhj4y2Be/Cdi/L624t+547Z33LHgpjNzj++quH/624p/9vH3Xzdv333H5J07k9s79coJ8Np0WHqNdUNabjfPnKmGfOGbg5XaNd+89H9fJxvKXHyOtTO/k/EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwxEn/80P//+P9z1XScnd64+lSbRnr54SQzA0hbN02vGXb+k2XDH7m0su2bBreMDi8bXBk07YtVw6e+pbBLSObNwxfOXbv0FtPqT1uUUhqy+SYSW13j46Olvon1sX2/tPxO/+w7Ix/+WsIQ0f8bqCS2//lt2284/AmPzOSlaPv2XjZOb877bvpdvWn/epv0q/R0dHRkNOvfz3vH3d8de+fTwhh6HVT9evRp9/9iwkdGq/YHydV6g61DnUnPU37Ue912p+4vyrr1m8YGZp6/449vpyzHf/5qmf/vu6Kr/yjtn+rudvR4v6du3J0Q+kbq8/+929cXaso6tcrddyL9nfciti/uP+q6f6en27X/JztquRs1/W/efDJnx9144s7wlDlhSWT2y7arq50AHQlr2+p3dhCT7JwQn01XT8e8fi45ds2bl6+9crtb12/cfiSkUtGNr19xakrTh867fTTlo9v+fIOb39s/40tbv+BGU8LPrfjp/Fna+OpqF9F+2OsX8X7o7FHec+/nnO/9LW33/bIObWKonEe166fT9Jlz9hxXhEaxtvkfdVsu4r2QwhhsNl+eP7FM8OR/2f9dUXnocYj0/gzI1k5+tjSv333jO8sflet4oCc5xs71OZ5vt7r/f0Z31/V9HiMHqT7tzuU0+3qbdqvFY890nXznr9+vt6/OXPCFcPbtm1ZUfs5L+3pvOTopv3K1sbtWjL+sxzS3RLqw7TJeB3TFWr9y54/4+rZvdqb3tebLGq6XVnxvt2rb15WXvPwnrw9ndxda3Fu6KstkzfkrLkh88ByvcPN2j9Yn39F42PgQ9+59+P3/uTUSePj5NrPou1Kcrbrx0/e+bXvf+W//qRz2/Whdz/e/7f/++lltYpD5bxS73Xan6TxvHJyCEXPvyWh+XbkPv9Kzben6PmXbWf/+s3jDWbKvaHc1vP15Ad6njvrkeuX5j5f97b6fL16Qqlc8Hw9WMZP9vmVVCb2Y/aeXxMGSrJy9Jc3HLbjoWtWHVWrKBrX9bWbjetTWsg/crbrF+c/NXDp4H/53507b/zgLfdc8PvhlV+oVbR/3GNfOnPcq+n+rebs33qvY97ZuH/fdvGlG9bW6g/e6990WZD/xFPJ1iu3f3Z4w4aRLVtb265WX09jO9m93O7raTy7LSrYrtKk7Zq9G63sr1afb7H/a9veXxOfb70haet1YfuvF8771A9vvKx/0qPShi4spfFLbcX/41mPP3/+jd/7Vm78W2P8Slvxh5959JYlh1+0Mzf+7Ukav9pW/JW7Hu/u2/fAg7nxh2L/57YV/+l3fvBPdz1537O58UOM39ve/n9h5+lPDQz8JTf+E0naztg1Ugj3vHTKulo5CV3p8y32o2tCv0K2nGTKpUy53Fgu1eZa6w2Uk2RifVwvrT+2oS/NfCKnPl6FVRfXli/HcsjemLr+YFNqOPc3qy+6TgUAeLWL7//Ha9D4/v9IeqGUP9MA+800D1ucEzfmYfvnc+ZMuH9xGj8+Ps4DDrwtDI0trx2sXehP932E+HzIznPGdk44bmKMduc5i+bfl2bKsV+1+fJKQx6ampzXVEIL8++T25l6/j2z+cXz44M3TOrWYMO8Vfb4daUzZs0+75Dpb2UsQt74yM6Lxc9zDMwPq8bba3F8ZD9HE49D9nM0sZ2jMifOdj9HM9PxEbs9xfgY73Lx+xuTj1+YYv/uP37No2WP3zSOd3Vs/dl+f7YD84ZNT2kHbt5wdt8PMy+ZEz99gh3s84axPm5HpcX5xI/n1HdqPjGeLmK/9k7RlwPBfCLwahXz//gaMZb/j12A/1tmvaLr0OxVY4yX+zmhcvP+NM879l9MT/6cXk9br+Nrdm3+cvfAvhNyr3MebPVzP5snlHoKPvdTtB+XZcqF+zFngqYo38u2U5TvZT+X0Rv62trvd+647R13LLjpzNz9vqr2Qlq83782odRXsN8PgXyheXz5wmsiX5jt+bNXLB9JP/g0W/nIx3Lqp5uP9Ey6Ud+ucYdcPtJ1YPsFABw6Yv5ff/8szf//X1whvY4oyltPzJRjvNy8Nef6JC9v/Ui6vCKzfm/6GxXTvW4++/j7r5u3775jcvOW21vNQ//bhFJ/YR46s7w5N49Y1ZnPi+fmEfU8a2Z5Ym7/63nizPL03Pj1PH1meXTu/qnn0TObB8iNX58HONTz3IL5ukxjsdjqfN2rNo9Of312tvLoc3Pqp5tH9066Ud+ucfJoAIBXVsz/42VczP8fyaw30/fZc/OCDl23Z/8eSD3+Ewcqr5ztvG+289bZzutne17iUM+LZ3teaHbnyV7zeXHaqLwYAICDWcz/56bl/Px/ZvlJs/yta0J+Ij9vGl9+fpDk54f6/Jf83/vixeT/AACvbjH/j7/2GP/+3/9Iy9m/Wy9Pz4kvT+/uq8jTc8dPy3l65+fZgs8BvLLzAHP3r28eAACAV0LXeKY0+ffsP5kus79nn/d7+efnrN+qSnp5fNG2LSMjF1y2ee3wtpELNl26dmTrBZdvWb9t28im2nozzRtz85Y0b+wKlXR/NF8vm7ctSP8ewoKcv4eQXT+GPXr8xuS/h5Btdm7B3xHYf/xa62/e8StNsX6z8ZF3vPPifyJn/ah+/C/+9MkXrNt6wfpN67etH96wfvvIxPXGstaeaXxvZtwt0/q+1MyPSUrT//7OzvSjNKkfXen+yPt+9iTTj4VpTxbmff9BTr9/9b+++rnjR/9xVwhDR5TfMKP9l6wc/e/njXxk257fbR7rf2nK/tfXTPtV9H2l2fXj9lQ2XLp120nrLr1sU/YbJdsT5zNK9fIszWekT/9yi/MTa3Lqp/s5hfKkGwenlucnAACYIL7/H69n4/uHX0kvoGJ963n6zD7nnZunD7WWp2e/l6woT8+uH7e31Ty9OsM8Pdt+UZ7ebP1meXpe3p0X/2M5609X6+NkZp/zyB0nF7Y2TrLfZ1A0TrLrT3ecJDMcJ9n2i8ZJs/WbjZO8454X/6M56+dpfTzM7HM5uePh1tbGw5sz5aLxkF1/uuOhNMPxkG2/aDw0W7/ZeMg7vnnxz8lZv1UTx8fYwBgfFyMXXH7pls82rDfb338x8/7N7vd/tKv1/s/u72fNfv9n93Nls9//mX2uLLf/T8xsJqz1/s/u97u064DN16YfNiv6/FnRPO7qnPrpzuPOmXTj4GQeF145Mf+Pb/fE/P+mdNnpt4EO/e9Je5V+j9ncg+N7zIquY7yeT9HYQcDrOQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBruiuLx5d7rt+675yjPvCrL468dM2Hf7bx2jdd9YM/D178vl/e3fP9l3evPXbd799/2MX3f+bMXbd9+6EX++795zOFgfvHf1ZOTIvVEJLnkhCqP9/79S/tfuzIsbokhFBO+neEsDBZ9NDCJBNh6O8hhLX1fk68856XTlk3trz2pu4J9QsyQbLbFXrLsT+N/QzhisIt4hBUTcfZ9n2XnxT+8N7V1/1myY9/1LXz2R37V0mqDeMphPkXNj6+K4QwN/0/Jo62xfHB6XJVCKGn4XFnFPTruBb7vzynfHS6nJMuewvixPuXZsqlzHrZctSVWfYUtDdTef1od70i8zLl7MlopvL6GesXpsufpssTpxm/HP8noZSESr37G5L9YyQ0HLckJOPHslovl+rHNqTbnyknmXIpUy53ZbZrvN10oJWTZGJ9XC9TH0/HlbT+2MZzdRPn5tS/Pl1W0yfqy7EcsjdqeifdqG/XuNivvVP05UAoNZyDmtXXD3x6MHrTut5k0aTHjDYR79u9+uZl5TUP7+nP6Udyd5LGT9qKv/3XC+d96oc3XrY4L/6FpTR+qa34fzzr8efPv/F738qNf2uMX24r/skP9Dx31iPXL83dP3vj/qm0FX/4mUdvWXL4RTtz+397jF9tK/7KXY939+174MHc/g/F/TO3rfhPv/ODf7rryfuezY0fYvyetuKv2bX5y90D+07Ijf9g3D+97Y2fF3ae/tTAwF8G8+I/EeP3jcXvmW78O3fc9o47Ftx0Zu7xXRX3T39b/T/7+Puvm7fvvmPyzp3J7Z165QR4bTosvca6IS23m2fOVEO+8M3BSu2ab176v6+TDWWMtTN/FuMDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDq9NurT/3kee/56OpKEkKSs85oE/G+8pyVKwfbaHf4mUdvWXL4RTsb6xa3EQcAAAAoFvPwUr2mGhaHy5O54eim68c5gqNjKZlYn51DiHGycwTtxil1KE65Q3EqHYrT1aE4czoUp7tDcaoFcaqhtThzp4hTGRsVLfanZ8r+tB6nt0Nx5nUoTl+H4szvUJwFHYrTP2Wc1sfhwg7FWdShOId1KM7hHYpzRIfivK6xsrv9OEd2qD/ZOeXpjsO+dM2j8uKM3ygXxqkk5fodzebTj0zbOWaG7fQWtNNX9HrcYjtzW2znuMzjStNsp9piO2+cYTtJi+28eYbtlAraieP2imz/Yjux1OL4v7JDcbZ3KM5VHYpzdYfifL5Dcb7QoTjXzDAOQKti/r8/3+sP3ZV3hZ70jJOdBYj57pLxn5Nf7/JOSDHeGzL1c4riZRP1TLwl0+1fdgIhE29ppr5rQrxKPR+ZIl61Md6yzJ2F25udUMj078RMfXdRvOzEAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADMot9efeonz3vPR1eHJIz9a2q0iXhfec7KlYNttLt79c3Lymse3tNY111pIxAAAABQKObhXfWaauiurAjdyZwJ61XTeYBqWi7315YD88OqsWUyWBov9yQLp3xcJX3c8m0bNy/feuX2t67fOHzJyCUjm96+4tQVpw+ddvppy9et3zAyVPsZQndBvBDC+PTD1iu3f3Z4w4aRLVtrldn+L04ftzgtJ+njBt4WhsaW16b9X1TQXmlSe7N3o/joAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/Brt2FyHXWfwB/zszszHTb/Dt/+jYNzXbIS4laNIlbSbV0DggW2iRkKchMdS3BJljcNKFNSqxjG7CtCYrQEgiRXBiJxdbiTV9sEftCIFKjATcGaYv2Qi+UVitpyYWkjGR3zuzMZE5mHUvTxs/nYs7M8/ye53eeuVj4nh0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4IM13RifrFUn6qNRCFFKTbOPZC6bj+PK2Rpk+w9/+fmt3y+MnVzeOVbIDXUEAAAAYIAkh4+0R4qhkMuGbLhy5tPi0DER5nI/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwv2e6MT5Zq07UL4xCiFJqmn0kc9l8HFeG6PvGO09+5tWxsb92jpWH2AcAAAAYLMnhmfZIMZTDkjASXdlVlzwbWNizvrcu2WfRPOt6nx2k1S2ZZ90186z72IC6da3rjgAAAAAffUn+z7VHSqGQW5Ca/wfl+qTu6p66bOs6zG8FAAAAgP9Okv8L7ZFyKOTK7bw+37y/uKcuWT/o//bJ+mUp6wf9P39t6+r/9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw0THdGJ+sVSfq2SiEKKWm2Ucyl83HcWWIvqteGP37LYceWtw5VsgNsREAAAAwUJLD56J3MRRyo2EkXDiT+8du2v/0F59+djyEMBvz8/mwY8O2bXevmn1N6lYeOTTyvcNvfeuMupWzr+fsgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPtmujE+WatO1C+IQohSapp9JHPZfBxXhuj7+ue+8OfHjz/3ZudYeYh9AAAAgMGSHD6X/YuhHPIhHy6f+dSZ9U/L9KxPe2YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnD/u+cZ9X98wNbXxbm+88cab9ptz/ZcJAAB4v10dotD8D12x/lzfNQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GEw3RifrFUn6sUohCilptlHMpfNx3FliL7x80cLC06+8FLnWHmIfQAAAIDBkhw+l/2LoRxGwki4bOZTv2cCM/m/9AHeJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPChMt0Yn6xVJ+oLohCilJpmH8lcNh/HlSH6PrZz32cPXvzdmzvHCrkhNgIAAAAGSnJ4vj1SDIXcx0MhXNX6PNW9IMq2rv2fC8yt29q1bHTe6xpd67LzXrer52S51mlm1xWT/Uqz1/a6ypnrKh3ryqHdvtK1LuzpWrVgwH0GAAAAOIeS/F9oj5RCIVfoyLk/6aovybkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIrpxvhkrTpRj6IQopSaZh/JXDYfx5Uh+t73m/+/6Cs/3b29c6w8xD4AAADAYEkOn8v+xVAOi8L/hUUzuT+UuuuTun/UTh189J9/WR7CisuPjeVCprvsh8mbX71+44u9L6G3OhPCxa1+UUq/X//u0XuXNk89HsKKy7JX5VLP079f95Zx85naxrXbDh/bOvDrAQAAgPNCkv9H2iOlUMjdlZr/k+Tdm//TzATwi+/d+fNLW6+tRN6zIlNq9cuk9Pv80if/tGz13946nf/P1u9T+zYfvLSr4exIh52ZEELcrG7evu7YdQcyyaln+2d7+iffy5e++ea/Nu145NRs/2IotsYX5vr1P/O1xwVxcyqzt77mvb2N7v65lPM/9NuXjv9y4e53T/d/5+rRdv9rznL+s/cfvfXhPdfvO7Suu38IodKv/9vv3hyu+MOdD/aef7Rn485vvvO1RxQ3jyw+cWD1/vIN3f2jnv7J9/+z44/t+fEj33k26Z/8VmT5kvn2z/T0f2XXJTtffmD9wu7+mZTzv3jbq2NbKt/+fe/57+jaNZd6F2ee/4lrn7r9tQ3x/b1TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA55fpxvhkrTpRz0QhRCk1zT6SuWw+jitD9H3jlqNv37b7Rz/oHCsPsQ8AAAAwWJLD57J/MZRDPuTD6Ezuf6a2ce22w8e2htLsbNS65qa23LPtE5u2bL/rjnN05wAAAMB8Jfk/1x4phUJuaRhp5f/q5u3rjl13IJPk/0yS/zfdObVxRWjXvbLrkp0vP7B+Yfs5QQgzPwsonq779FzdTTceLZ3449eW9a1bNVd3ZPGJA6v3l29I6kJn3crQfj7xxLVP3f7ahvj+9v111n3yq1umWo8nkn1Hb314z/X7Dq1rn6N1HW3tm9RNZfbW17y3t5HUZVvXYuvcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCZphvjk7XqRD1kQ4hSapp9JHPZfBxXhui7ZukvHrzo5HOLOscKuSE2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/swMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYX9+guRqorjAH7OzG477uzqrgZtRetqRWEPSUFEvVRUhEYIPRkSluZDFAQRhT20hkZiRS9B1otEBdUWQkFukmixRv+klx4qKLAeApEWykF6qNiZc6fZ69wmrxaFnw9czp5z7/3e373nzJ0dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4H9loG+s2R7c9mDjtvNu+uTxe449dst792+55NHXf5jYcMPHuwdfOT6zcdmmr29csmHvvaumd7544Jfhd3473DP4kVazInVrIcSjMYTa+7PPPTHz6TlzYzGEUI0jkyGMxsUHRmMuYeWvIYSN7Trn73z72JWb5totOwbmjS/KheTvK9SrWT0tI/Pr5b8tv0h6qaVzNjcevix8e/3arZ8vfevN/qkjkx2RtY71FMLC9Z3n94cQFqRtTrbaxnL1rAkhDHacd3WPui78m/VfXtA/P7VnpbbeIyfbvzzXr+SOy/cz/bl2sMf1TlVRHWWP62Uo1z/ZddZLUZ3Z+Ghq303tipPMr2ZbDJUY+trl3xf/XCOhY95iiM25rLX7lfbchnT/uX7M9Su5frU/d1/N66aFVo1x/nh2XG48ex33pfFlne/qLm4vGD83tbX0QT2e9UP+j5b6CX+076spq2v2L2r5N1Q63kHdxtsTnyajnsbqcfEJ5/zeRbZvZu1TF1fXfXBwpKCOuDum/Fgqf/Nno0N3vrH9obGi/PWVlF8plf/d6kM/3bH9pRcK85/N8qul8q/YN3h09Yfblhc+n9ns+fSVyr/r8EdPLz377qluc93M35Xl10rlXzd9aGC4sW9/Yf0rs+ezoFT+N9fe/P1rX+45UpgfsvzBUvnrph94ZmC8cWlh/v7WR6HeXKEl1s/PU1d9NT7+40RR/hfZ8x/ukh975r86ufOalxftWFW4Ptdkz2ekVP23XrR361BjzwVF786463R9cwKcmZak/7GeTP2yvzNPVcfvhecn+lrfQENpGz6dF8qZu87CfzAfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAcOSAAAAAAE/X/djkABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACApwIAAP//N5Un+A==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143441, 0x98)
fallocate(r0, 0x10, 0xcf7, 0x2c03)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r1, r1, 0x0, 0x800000009)

4.060576297s ago: executing program 0 (id=437):
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='gid_map\x00')
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pread64(r0, 0x0, 0x0, 0x6)
socket$pppoe(0x18, 0x1, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000003c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
r5 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_enter(r5, 0x0, 0xe38e, 0x5, 0x0, 0x0)
r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
write$vga_arbiter(r6, &(0x7f0000000040)=@target={'target ', {'PCI:', '0', ':', '7', ':', '2', '.', '0'}}, 0x13)
io_uring_register$IORING_REGISTER_BUFFERS2(r5, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0x10, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {0x0}], 0x0, 0x2}, 0x20)
r7 = socket$xdp(0x2c, 0x3, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x6, 0x22, 0xc, 0x1, 0x900000, 0x3, 0x3e, 0x2, 0x6e, 0x40, 0x282, 0xe, 0x7, 0x38, 0x3, 0x81, 0x8}, [{0x474e553, 0x2, 0x8000000000000001, 0xffffffffffffffff, 0x2, 0x2, 0x2627e68d, 0x9}, {0x6474e551, 0x80000000, 0x10001, 0xa26, 0x0, 0x1, 0x9, 0xe}, {0x6, 0x5, 0x7, 0x100, 0x3, 0x0, 0x200, 0xffffffffffffffff}], "25c8e7a093f5a0fce74731a433885038d6507dc8033239d05e3d57a06e2485dcc29e0fe563beb845fffb8c4b3c999c42406191634930ee2dee51270856c218df7d9c8ab3f364530c1adc5c2280597f53f8df4b93fd6896b69882bf6ba04be45f346c34ffb5ca574acb1eede1f34c21a6e164157ad539241d9c345bae08de41f5e83d8a075db754f776a6c254dc818af1d7f6109a94f09469dc9d137917e02ebc29f428349227a0dc85cafa85ed994d246d0f7d0352f84f34b289eedf3ff3934ed7619b45d8653427436c1dbee380"}, 0x1b6)
socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r8)

4.01407389s ago: executing program 5 (id=356):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r0, &(0x7f0000000e00)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x22002, &(0x7f0000000f80))
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001100)={0x14, r1, 0xf09, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4004080}, 0x20008004)
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="00bc7811e943bbb3bc31a70c81525069e4320000000000", @ANYRES64], 0x1, 0x1a1, &(0x7f0000000440)="$eJzs0bFrFEEUx/Hvm53b2whRT8UiggkYXPeI5HaDFlaHVYRbsLARPPS4rElwo1z2ChMSvEYCEs2/oIVoqYJWIgrWwUKw0Nikk1wRLMRCTvZuIvg3ZD7Nb99bdmfmzVzWyorAn92VJlX6HA7yCUEDozLoKTXIN6b+YXJjEFw09brJ5yZHsqXlW400TRbHLhQo/dcAfo4VS/Cvlb3kuGJIqCJfdleaDbkR06uyoGZiSjXKD3HqtIJHjOhhjl3Hoeevc0nREr8GhybbHpPZ0vLZ+YXGbDKb3I6iqfP3qFTO5ftPk8prJHggisesEkAxZihYpVDn/qY+wIQgwZzacqTcxa2zsemcOTXRRQU79BDe+12K37SLusJpvGv5gaY5KjzBiRmvcVihuTmfJpVp5LJ6JaH+rH8VFF7HcbzmnXRm7aqS3+6zqux4Em5T8EOicshUPhqO8IG1LTpmqGx/Z1Te5qvszVX3370w1QlO8tTlbqPdXgxd+Ch+TNSBqATD/d+pmPH8gnlnvjHB170Hy7Isy7Isy7Isax/4GwAA//+IG117")

3.965815623s ago: executing program 4 (id=438):
r0 = syz_open_procfs(0x0, &(0x7f0000000580)='attr/exec\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])
r1 = syz_io_uring_setup(0x2e3b, &(0x7f0000000240)={0x0, 0x69e5, 0x10000, 0x0, 0x166, 0x0, r0}, &(0x7f00000003c0)=<r2=>0x0, &(0x7f0000001040)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000200)=""/9, 0x9}], 0x1})
io_uring_enter(r1, 0x567, 0xa1ff, 0x0, 0x0, 0x0)

2.918712885s ago: executing program 0 (id=439):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x6e20, 0x2, @mcast1={0xff, 0x5}, 0x100}, 0x1c)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000002100)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x18, 0x0, @wg=@data}}}}}, 0x0)

2.87310431s ago: executing program 4 (id=440):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000080)=0x10)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r2=>0x0]}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000000c0)={r2, 0x9}, &(0x7f00000002c0)=0x8)

2.85786102s ago: executing program 5 (id=441):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000001c0)={@in6={{0xa, 0x4e24, 0x1, @mcast2, 0x1}}, 0x0, 0x0, 0xc, 0x0, "abe32023d87dd78ca5230f8c16df2d4445009ea73e9129cc9fe0090000007687277b90b5e7c759eb7c7dee2843f985513bef3277a79a6956a3cd5c42defb62fde8ea606bf49777e12c966378d35d37c4"}, 0xd8)
syz_emit_ethernet(0x4e, &(0x7f0000000040)={@local, @local, @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x14, 0x6, 0x0, @local, @local, {[], {{0xfffa, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2}}}}}}}, 0x0)

2.735023778s ago: executing program 0 (id=442):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000005c0)='syz_tun\x00', 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x5a, &(0x7f0000000240)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xe, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x1d, 0x12, "d285b6853bc4dc54c6910c1d66f8841a"}, @md5sig={0x1d, 0x12, "adf059fd789278e2fb03dc15d356998a"}]}}}}}}}, 0x0)

2.651827983s ago: executing program 5 (id=443):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000003c0)={@val, @void, @eth={@random="ad30660a1dca", @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x1, 0x2, 0x24, 0x64, 0x0, 0x1, 0x11, 0x0, @rand_addr=0x64010102, @empty}, {0x4e22, 0x4e21, 0x10, 0x0, @gue={{0x2, 0x0, 0x1, 0xff, 0x0, @val=0x80}}}}}}}}, 0x36)

2.330378563s ago: executing program 5 (id=444):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f0000000000)=0x6, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x38, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x46}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD1={0x8, 0x2, @udp6=r1}]}}}]}, 0x38}, 0x1, 0xba01}, 0x0)
close_range(r1, r1, 0x0)

2.265456967s ago: executing program 1 (id=445):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000680)={0x0, 0xfc000000}, 0x8)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x79, &(0x7f0000000000)=ANY=[], 0x8)

2.214767298s ago: executing program 5 (id=446):
r0 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0x78)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socket$kcm(0x29, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "08004e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r2, 0x5423, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000540)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000180)=0x3)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000300))
ioctl$TIOCSTI(r4, 0x5412, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x7e)
close_range(r3, 0xffffffffffffffff, 0x0)

1.205396304s ago: executing program 4 (id=447):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)

1.196887013s ago: executing program 0 (id=448):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x88, &(0x7f0000000180), 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file3\x00', 0x141042, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000080)={0xe0, 0x2000009, 0x1, 0x400009, 0x1, [0x20000007, 0x9, 0x3, 0xd6]})

1.195226958s ago: executing program 3 (id=449):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_MM(0x35, 0x2, &(0x7f0000f7b000/0x4000)=nil)

1.194602983s ago: executing program 5 (id=450):
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='gid_map\x00')
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pread64(r0, 0x0, 0x0, 0x6)
socket$pppoe(0x18, 0x1, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000003c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
r5 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_enter(r5, 0x0, 0xe38e, 0x5, 0x0, 0x0)
r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
write$vga_arbiter(r6, &(0x7f0000000040)=@target={'target ', {'PCI:', '0', ':', '7', ':', '2', '.', '0'}}, 0x13)
io_uring_register$IORING_REGISTER_BUFFERS2(r5, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0x10, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {0x0}], 0x0, 0x2}, 0x20)
r7 = socket$xdp(0x2c, 0x3, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x6, 0x22, 0xc, 0x1, 0x900000, 0x3, 0x3e, 0x2, 0x6e, 0x40, 0x282, 0xe, 0x7, 0x38, 0x3, 0x81, 0x8}, [{0x474e553, 0x2, 0x8000000000000001, 0xffffffffffffffff, 0x2, 0x2, 0x2627e68d, 0x9}, {0x6474e551, 0x80000000, 0x10001, 0xa26, 0x0, 0x1, 0x9, 0xe}, {0x6, 0x5, 0x7, 0x100, 0x3, 0x0, 0x200, 0xffffffffffffffff}], "25c8e7a093f5a0fce74731a433885038d6507dc8033239d05e3d57a06e2485dcc29e0fe563beb845fffb8c4b3c999c42406191634930ee2dee51270856c218df7d9c8ab3f364530c1adc5c2280597f53f8df4b93fd6896b69882bf6ba04be45f346c34ffb5ca574acb1eede1f34c21a6e164157ad539241d9c345bae08de41f5e83d8a075db754f776a6c254dc818af1d7f6109a94f09469dc9d137917e02ebc29f428349227a0dc85cafa85ed994d246d0f7d0352f84f34b289eedf3ff3934ed7619b45d8653427436c1dbee380"}, 0x1b6)
socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r8)

1.100586725s ago: executing program 4 (id=451):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), r0)
sendmsg$DEVLINK_CMD_RATE_DEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4008000}, 0x10)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048091}, 0x0)
writev(r0, &(0x7f0000000180), 0x100000000000003c)

856.374637ms ago: executing program 1 (id=452):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe1, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d", 0x0, 0x8, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0xc0686611, &(0x7f0000000180)={0x68, 0x0, 0x17, 0x2000, &(0x7f0000ffd000/0x2000)=nil})

804.952195ms ago: executing program 4 (id=453):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x0, 0x4, &(0x7f00000013c0)=@raw=[@ringbuf_query], 0x0}, 0x90)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
futex_waitv(&(0x7f0000001140)=[{0x0, 0x0}], 0x1, 0x0, &(0x7f00000012c0)={0x0, 0x989680}, 0x0)

754.601425ms ago: executing program 4 (id=454):
r0 = socket(0x2a, 0x803, 0x6)
getsockname$packet(r0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, 0x0, 0x0)
r3 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000000)="1eb3bf65654102f4af4d221c8bd458d1e7cbdaf3657d0f34e790c85bdba7931791f6d15c3e681411f7a496c0dace6a3c242f5b016f64b4ef8a9cedaf6bec340dee49474360b24cb8", 0x0, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="040e04141a0c"], 0x7)

0s ago: executing program 0 (id=455):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$sndseq(0xffffffffffffff9c, 0x0, 0x8040)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fdffffff18010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b00000001811000073614e7b8e9dc316b84af7b658dc04", @ANYBLOB="0000000000000000b702000000000000850000008600000095000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)
open(&(0x7f0000000200)='./file0\x00', 0xc0, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000004500)={0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x4000)
setresuid(r5, 0xffffffffffffffff, 0x0)
capset(0x0, 0x0)
request_key(&(0x7f0000000300)='logon\x00', &(0x7f0000000340)={'syz', 0x3}, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0xa}, 0x1c)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x110}, 0x0)
sendmmsg$unix(r0, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24040841}}], 0x1, 0x4c054)

kernel console output (not intermixed with test programs):

6043] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   99.280964][ T6043] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000006)
[   99.300111][ T6043] exFAT-fs (loop1): Filesystem has been set read-only
[   99.370646][ T1209] usb 3-1: 0:2 : does not exist
[   99.379344][ T6035] loop4: detected capacity change from 0 to 32768
[   99.413778][ T1209] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[   99.450355][ T6035] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   99.510954][ T1209] usb 3-1: USB disconnect, device number 2
[   99.574218][ T5912] kernel read not supported for file /dsp1 (pid: 5912 comm: kworker/1:3)
[   99.627963][ T6035] XFS (loop4): Ending clean mount
[   99.644451][ T6022] udevd[6022]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   99.664244][ T6035] XFS (loop4): Quotacheck needed: Please wait.
[   99.729252][ T6035] XFS (loop4): Quotacheck: Done.
[   99.913400][ T5839] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  100.303414][ T6068] loop4: detected capacity change from 0 to 16
[  100.318257][ T6068] erofs (device loop4): mounted with root inode @ nid 36.
[  100.378531][ T6068] erofs (device loop4): bogus dirent @ nid 36
[  100.497989][ T6070] tap0: tun_chr_ioctl cmd 1074025677
[  100.530056][ T6070] tap0: linktype set to 774
[  100.646468][ T6074] loop4: detected capacity change from 0 to 1024
[  100.675342][ T6072] loop1: detected capacity change from 0 to 2048
[  100.724650][ T6062] loop0: detected capacity change from 0 to 32768
[  100.726440][ T6072] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  100.751503][ T6074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.798043][ T6062] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.31 (6062)
[  100.822597][ T6064] loop3: detected capacity change from 0 to 32768
[  100.909804][ T6072] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.920469][ T6062] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  100.940562][ T6064] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  101.000630][ T6062] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  101.027944][ T6064] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  101.032955][ T6062] BTRFS info (device loop0): using free-space-tree
[  101.103935][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.273134][ T6064] syz.3.32 (6064) used greatest stack depth: 19440 bytes left
[  101.384530][ T6062] BTRFS info (device loop0): rebuilding free space tree
[  101.505520][ T5831] ocfs2: Unmounting device (7,3) on (node local)
[  101.513838][ T6099] loop1: detected capacity change from 0 to 4096
[  101.580192][ T6099] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  101.616867][ T6099] ntfs3(loop1): It is recommened to use chkdsk.
[  101.743086][ T6107] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  101.795633][ T6099] ntfs3(loop1): ino=1b, "file0" ntfs_readdir
[  101.847544][ T5830] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  102.060964][ T6113] warning: `syz.2.46' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  102.178460][ T6110] loop4: detected capacity change from 0 to 8192
[  102.579163][ T6123] loop3: detected capacity change from 0 to 8
[  102.607344][ T6119] loop2: detected capacity change from 0 to 4096
[  102.665666][ T6119] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  102.860351][ T6128] netlink: 40 bytes leftover after parsing attributes in process `syz.4.51'.
[  102.883444][ T6119] ntfs3(loop2): ino=19, mi_enum_attr
[  102.930231][ T6119] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  102.954811][ T6119] ntfs3(loop2): ino=18, mi_enum_attr
[  103.094318][   T30] audit: type=1800 audit(1751282109.568:3): pid=6119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.48" name="file1" dev="loop2" ino=30 res=0 errno=0
[  103.520227][ T5920] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  103.669940][ T5955] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  103.692717][ T5920] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  103.720083][ T5920] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  103.751306][ T5920] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  103.770842][ T5920] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.789104][ T5920] usb 1-1: Product: syz
[  103.799225][ T5920] usb 1-1: Manufacturer: syz
[  103.809356][ T5920] usb 1-1: SerialNumber: syz
[  103.829947][ T5955] usb 3-1: Using ep0 maxpacket: 32
[  103.837070][ T5955] usb 3-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  103.878987][ T5955] usb 3-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  103.909987][ T5955] usb 3-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 48, changing to 9
[  103.930067][ T5955] usb 3-1: config 155 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8240, setting to 1024
[  103.943647][ T5955] usb 3-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  103.970578][ T5955] usb 3-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  103.989925][ T5955] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.998064][ T5955] usb 3-1: Product: syz
[  104.020943][ T5955] usb 3-1: Manufacturer: syz
[  104.025575][ T5955] usb 3-1: SerialNumber: syz
[  104.046003][ T5920] usb 1-1: 0:2 : does not exist
[  104.067248][ T5920] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  104.090455][ T5955] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:155.0/input/input7
[  104.167654][ T5920] usb 1-1: USB disconnect, device number 3
[  104.275522][ T6021] udevd[6021]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  104.371906][ T5955] imon:send_packet: packet tx failed (-71)
[  104.420813][ T5955] imon 3-1:155.0: panel buttons/knobs setup failed
[  104.427472][ T5955] imon 3-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  104.451387][ T6139] loop3: detected capacity change from 0 to 40427
[  104.480546][ T5955]  (id 0x00)
[  104.506222][ T6139] F2FS-fs (loop3): invalid crc value
[  104.535343][ T6136] loop4: detected capacity change from 0 to 40427
[  104.543865][ T6150] loop1: detected capacity change from 0 to 128
[  104.610764][ T6150] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  104.759973][ T5955] rc_core: IR keymap rc-imon-pad not found
[  104.772279][ T5955] Registered IR keymap rc-empty
[  104.777746][ T5955] imon 3-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  104.790135][ T6150] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.806683][ T5955] imon 3-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  104.853538][ T5955] imon:send_packet: packet tx failed (-71)
[  104.890357][ T5955] imon 3-1:155.0: remote input dev register failed
[  104.923555][ T5955] imon 3-1:155.0: imon_init_intf0: rc device setup failed
[  104.969310][ T6150] fscrypt (loop1, inode 12): Unsupported encryption modes (contents 0, filenames 0)
[  105.047261][ T6136] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  105.054962][ T5955] imon 3-1:155.0: unable to initialize intf0, err 0
[  105.054983][ T5955] imon:imon_probe: failed to initialize context!
[  105.054997][ T5955] imon 3-1:155.0: unable to register, err -19
[  105.070361][ T5955] usb 3-1: USB disconnect, device number 3
[  105.153742][ T6139] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  105.237747][ T5842] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  105.433987][ T5839] syz-executor: attempt to access beyond end of device
[  105.433987][ T5839] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  105.467500][ T5839] CPU: 1 UID: 0 PID: 5839 Comm: syz-executor Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  105.467527][ T5839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.467548][ T5839] Call Trace:
[  105.467555][ T5839]  <TASK>
[  105.467563][ T5839]  dump_stack_lvl+0x189/0x250
[  105.467602][ T5839]  ? __pfx_dump_stack_lvl+0x10/0x10
[  105.467629][ T5839]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  105.467657][ T5839]  ? __pfx_queue_work_on+0x10/0x10
[  105.467686][ T5839]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  105.467713][ T5839]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  105.467742][ T5839]  ? f2fs_hw_is_readonly+0x39b/0x470
[  105.467772][ T5839]  f2fs_handle_critical_error+0x37c/0x540
[  105.467804][ T5839]  f2fs_write_end_io+0x495/0x810
[  105.467831][ T5839]  ? blkg_put+0x22/0x240
[  105.467872][ T5839]  __submit_merged_bio+0x27a/0x6a0
[  105.467901][ T5839]  __submit_merged_write_cond+0x255/0x530
[  105.467932][ T5839]  f2fs_write_data_pages+0x261d/0x3000
[  105.467957][ T5839]  ? sched_clock+0x3f/0x60
[  105.468007][ T5839]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  105.468031][ T5839]  ? __resched_curr+0x2ca/0x3d0
[  105.468122][ T5839]  ? __lock_acquire+0xab9/0xd20
[  105.468155][ T5839]  ? do_raw_spin_lock+0x121/0x290
[  105.468186][ T5839]  ? do_raw_spin_unlock+0x122/0x240
[  105.468205][ T5839]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  105.468233][ T5839]  do_writepages+0x32e/0x550
[  105.468272][ T5839]  ? do_raw_spin_unlock+0x122/0x240
[  105.468303][ T5839]  filemap_fdatawrite+0x199/0x240
[  105.468333][ T5839]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  105.468409][ T5839]  ? do_raw_spin_unlock+0x122/0x240
[  105.468433][ T5839]  f2fs_sync_dirty_inodes+0x31f/0x830
[  105.468482][ T5839]  f2fs_write_checkpoint+0x95a/0x1df0
[  105.468536][ T5839]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  105.468605][ T5839]  ? try_to_wake_up+0x7e5/0x1290
[  105.468632][ T5839]  ? kill_f2fs_super+0x298/0x6c0
[  105.468667][ T5839]  kill_f2fs_super+0x2c3/0x6c0
[  105.468703][ T5839]  ? __pfx_kill_f2fs_super+0x10/0x10
[  105.468730][ T5839]  ? radix_tree_delete_item+0x2b6/0x400
[  105.468767][ T5839]  ? shrinker_free+0x2ce/0x3e0
[  105.468792][ T5839]  deactivate_locked_super+0xbc/0x130
[  105.468817][ T5839]  cleanup_mnt+0x425/0x4c0
[  105.468841][ T5839]  ? lockdep_hardirqs_on+0x9c/0x150
[  105.468873][ T5839]  task_work_run+0x1d1/0x260
[  105.468898][ T5839]  ? __pfx_task_work_run+0x10/0x10
[  105.468916][ T5839]  ? __x64_sys_umount+0x122/0x160
[  105.468950][ T5839]  ? exit_to_user_mode_loop+0x40/0x110
[  105.468979][ T5839]  exit_to_user_mode_loop+0xec/0x110
[  105.469002][ T5839]  do_syscall_64+0x2bd/0x3b0
[  105.469020][ T5839]  ? lockdep_hardirqs_on+0x9c/0x150
[  105.469048][ T5839]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.469067][ T5839]  ? clear_bhb_loop+0x60/0xb0
[  105.469091][ T5839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.469110][ T5839] RIP: 0033:0x7f6ca378fc57
[  105.469134][ T5839] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  105.469150][ T5839] RSP: 002b:00007fff79d875c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  105.469182][ T5839] RAX: 0000000000000000 RBX: 00007f6ca3810925 RCX: 00007f6ca378fc57
[  105.469194][ T5839] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff79d87680
[  105.469205][ T5839] RBP: 00007fff79d87680 R08: 0000000000000000 R09: 0000000000000000
[  105.469216][ T5839] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff79d88710
[  105.469228][ T5839] R13: 00007f6ca3810925 R14: 0000000000019b16 R15: 00007fff79d88750
[  105.469256][ T5839]  </TASK>
[  105.469335][ T5839] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  106.208968][ T6175] loop1: detected capacity change from 0 to 128
[  106.278716][ T6175] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  106.328352][ T6175] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.492486][ T6177] loop0: detected capacity change from 0 to 4096
[  106.547135][ T5842] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  106.564810][ T6177] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.719148][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.732879][ T5912] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  106.963574][ T5912] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  106.988828][ T5912] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  107.033061][ T5912] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  107.058178][ T5912] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  107.102793][ T5912] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  107.127749][ T5912] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.185343][ T5912] usb 5-1: config 0 descriptor??
[  107.313962][ T6203] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  107.644872][ T5912] plantronics 0003:047F:FFFF.0001: ignoring exceeding usage max
[  107.720602][ T5912] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  107.801566][ T6191] loop2: detected capacity change from 0 to 32768
[  107.948368][ T6191] JBD2: Ignoring recovery information on journal
[  108.137858][ T6191] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  108.345428][ T5832] ocfs2: Unmounting device (7,2) on (node local)
[  108.555217][ T6207] loop0: detected capacity change from 0 to 32768
[  108.602833][ T6207] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  108.741216][ T6207] XFS (loop0): Ending clean mount
[  108.923549][ T5830] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  109.635723][ T6243] syzkaller1: entered promiscuous mode
[  109.648943][ T6237] loop3: detected capacity change from 0 to 32768
[  109.655705][ T6243] syzkaller1: entered allmulticast mode
[  109.687436][ T6249] program syz.0.93 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  109.755387][ T6237] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  109.788695][ T6257] loop4: detected capacity change from 0 to 256
[  109.858738][ T5955] usb 5-1: USB disconnect, device number 3
[  109.956562][   T30] audit: type=1800 audit(1751282116.438:4): pid=6257 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.94" name="file1" dev="loop4" ino=1048627 res=0 errno=0
[  110.063034][ T6257] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  110.072826][ T6237] XFS (loop3): Ending clean mount
[  110.078727][ T6265] loop0: detected capacity change from 0 to 256
[  110.099518][ T6237] XFS (loop3): Quotacheck needed: Please wait.
[  110.116005][ T6257] FAT-fs (loop4): Filesystem has been set read-only
[  110.194890][ T6237] XFS (loop3): Quotacheck: Done.
[  110.364753][ T6237] XFS (loop3): User initiated shutdown received.
[  110.378288][ T6237] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:476).  Shutting down filesystem.
[  110.403052][ T6237] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  110.513544][ T5831] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  110.522618][ T6276] loop0: detected capacity change from 0 to 512
[  110.563388][ T6276] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2798: inode #11: comm syz.0.100: corrupted xattr block 95: invalid header
[  110.616366][ T6276] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  110.649803][ T6280] loop1: detected capacity change from 0 to 1024
[  110.696360][ T6276] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.100: bg 0: block 7: invalid block bitmap
[  110.756294][ T6276] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  110.806291][ T6276] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2962: inode #11: comm syz.0.100: corrupted xattr block 95: invalid header
[  110.844376][   T49] hfsplus: b-tree write err: -5, ino 8
[  110.855482][ T6276] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117)
[  110.885114][ T6276] EXT4-fs (loop0): 1 orphan inode deleted
[  110.906776][ T6276] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.970996][ T6290] loop1: detected capacity change from 0 to 128
[  110.971872][ T6290] EXT4-fs: Ignoring removed oldalloc option
[  110.971898][ T6290] EXT4-fs: inline encryption not supported
[  111.004682][ T6290] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  111.006733][ T6290] ext4 filesystem being mounted at /27/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  111.205298][ T5842] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  111.279588][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.343572][ T6296] loop1: detected capacity change from 0 to 128
[  111.393515][ T6296] EXT4-fs: Ignoring removed orlov option
[  111.427721][ T6296] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  111.442503][ T6296] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.483651][ T6298] syz_tun: entered promiscuous mode
[  111.519430][ T6298] batadv_slave_0: entered promiscuous mode
[  111.562109][ T6298] hsr1: entered allmulticast mode
[  111.580903][ T6287] loop4: detected capacity change from 0 to 32768
[  111.598631][ T6298] syz_tun: entered allmulticast mode
[  111.642384][ T6298] batadv_slave_0: entered allmulticast mode
[  111.664541][ T6287] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  111.788641][ T6287] XFS (loop4): Ending clean mount
[  111.820715][ T5842] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  111.824255][ T6287] XFS (loop4): Quotacheck needed: Please wait.
[  111.933403][ T6287] XFS (loop4): Quotacheck: Done.
[  112.174533][ T5839] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  112.213731][ T6295] loop3: detected capacity change from 0 to 32768
[  112.281519][ T6295] XFS (loop3): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  112.410195][ T6295] XFS (loop3): Starting recovery (logdev: internal)
[  112.426172][ T6330] loop1: detected capacity change from 0 to 128
[  112.436598][ T6314] loop0: detected capacity change from 0 to 32768
[  112.439684][ T6330] EXT4-fs: Ignoring removed oldalloc option
[  112.473389][ T6330] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  112.504819][ T6330] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.525631][ T6295] XFS (loop3): Ending recovery (logdev: internal)
[  112.542263][ T6336] syz.2.117: attempt to access beyond end of device
[  112.542263][ T6336] nbd2: rw=0, sector=64, nr_sectors = 1 limit=0
[  112.544305][ T6314] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  112.555596][ T6336] syz.2.117: attempt to access beyond end of device
[  112.555596][ T6336] nbd2: rw=0, sector=256, nr_sectors = 1 limit=0
[  112.578575][ T6336] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  112.589767][ T6336] syz.2.117: attempt to access beyond end of device
[  112.589767][ T6336] nbd2: rw=0, sector=512, nr_sectors = 1 limit=0
[  112.603126][ T6336] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  112.613969][ T6336] syz.2.117: attempt to access beyond end of device
[  112.613969][ T6336] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0
[  112.629428][ T6336] syz.2.117: attempt to access beyond end of device
[  112.629428][ T6336] nbd2: rw=0, sector=512, nr_sectors = 2 limit=0
[  112.642886][ T6336] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  112.652620][ T6336] syz.2.117: attempt to access beyond end of device
[  112.652620][ T6336] nbd2: rw=0, sector=1024, nr_sectors = 2 limit=0
[  112.700253][ T6336] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  112.725262][ T6295] XFS (loop3): User initiated shutdown received.
[  112.741025][ T6336] syz.2.117: attempt to access beyond end of device
[  112.741025][ T6336] nbd2: rw=0, sector=64, nr_sectors = 4 limit=0
[  112.746622][ T6340] loop4: detected capacity change from 0 to 256
[  112.761006][ T6340] /dev/loop4: Can't open blockdev
[  112.763490][ T6314] syz.0.112 (6314) used greatest stack depth: 18984 bytes left
[  112.773070][ T6295] XFS (loop3): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x105/0x150 (fs/xfs/xfs_fsops.c:466).  Shutting down filesystem.
[  112.775278][    C1] operation not supported error, dev loop4, sector 0 op 0x9:(WRITE_ZEROES) flags 0x20000800 phys_seg 0 prio class 0
[  112.789420][ T6295] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  112.819468][ T6336] syz.2.117: attempt to access beyond end of device
[  112.819468][ T6336] nbd2: rw=0, sector=1024, nr_sectors = 4 limit=0
[  112.841896][ T6336] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  112.851960][ T6336] syz.2.117: attempt to access beyond end of device
[  112.851960][ T6336] nbd2: rw=0, sector=2048, nr_sectors = 4 limit=0
[  112.864997][ T6336] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  112.876925][ T6336] syz.2.117: attempt to access beyond end of device
[  112.876925][ T6336] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  112.897220][ T5830] ocfs2: Unmounting device (7,0) on (node local)
[  112.909193][ T6336] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  112.932902][ T6336] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  112.954710][ T5831] XFS (loop3): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  112.969436][ T6336] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1)
[  113.158320][ T5842] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  113.177060][ T6343] loop4: detected capacity change from 0 to 4096
[  113.271967][ T6345] loop2: detected capacity change from 0 to 512
[  113.305922][ T6348] loop0: detected capacity change from 0 to 1024
[  113.320866][ T6345] EXT4-fs: Ignoring removed oldalloc option
[  113.321013][ T6348] EXT4-fs: Ignoring removed nobh option
[  113.339926][ T6345] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  113.360835][ T6348] EXT4-fs: inline encryption not supported
[  113.364694][ T6345] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  113.399217][ T6351] ip6tnl1: entered promiscuous mode
[  113.411601][ T6351] ip6tnl1: entered allmulticast mode
[  113.415834][ T6348] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.421515][ T6343] ntfs3(loop4): ino=5, "/" mi_enum_attr
[  113.436194][ T6343] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  113.451243][ T6345] EXT4-fs (loop2): 1 truncate cleaned up
[  113.458453][ T6343] ntfs3(loop4): ino=5, mi_enum_attr
[  113.464644][ T6343] ntfs3(loop4): ino=21, "blkio.bfq.io_merged_recursive" failed to open parent directory r=5 to update
[  113.480960][ T6355] Bluetooth: MGMT ver 1.23
[  113.488473][ T6345] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.510793][ T6348] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.118: Allocating blocks 385-513 which overlap fs metadata
[  113.563924][ T6358] loop1: detected capacity change from 0 to 512
[  113.580022][ T6358] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  113.593662][ T6348] EXT4-fs (loop0): pa ffff88805d775000: logic 16, phys. 129, len 24
[  113.602501][ T6345] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 6: comm syz.2.122: lblock 2 mapped to illegal pblock 6 (length 1)
[  113.618016][ T6348] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  113.636293][ T6348] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  113.649719][ T6348] EXT4-fs (loop0): This should not happen!! Data will be lost
[  113.649719][ T6348] 
[  113.651653][ T3456] ntfs3(loop4): ino=5, mi_enum_attr
[  113.683325][ T6358] EXT4-fs (loop1): 1 orphan inode deleted
[  113.683393][ T3456] ntfs3(loop4): ino=21, failed to open parent directory r=5 to update
[  113.691243][ T6358] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.705448][ T6348] EXT4-fs (loop0): Total free blocks count 0
[  113.717727][   T59] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  113.735559][ T6348] EXT4-fs (loop0): Free/Dirty block details
[  113.743838][ T6348] EXT4-fs (loop0): free_blocks=128
[  113.748990][ T6348] EXT4-fs (loop0): dirty_blocks=0
[  113.753430][   T59] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  113.759344][ T6348] EXT4-fs (loop0): Block reservation details
[  113.776361][ T6358] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.809028][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.814448][ T6348] EXT4-fs (loop0): i_reserved_data_blocks=0
[  113.942140][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.952182][ T6369] loop3: detected capacity change from 0 to 256
[  113.974661][ T6369] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  114.063713][ T6373] capability: warning: `syz.1.130' uses 32-bit capabilities (legacy support in use)
[  114.102420][ T6375] syzkaller1: entered promiscuous mode
[  114.133251][ T6373] program syz.1.130 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  114.142492][ T6375] syzkaller1: entered allmulticast mode
[  114.148165][ T5920] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  114.277896][   T12] Bluetooth: hci5: Frame reassembly failed (-84)
[  114.296439][ T6380] Bluetooth: hci5: Frame reassembly failed (-84)
[  114.303544][   T12] Bluetooth: hci5: Frame reassembly failed (-84)
[  114.348853][ T5920] usb 3-1: config 0 has no interfaces?
[  114.355095][ T5920] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  114.364413][ T5920] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.375339][ T6387] loop1: detected capacity change from 0 to 256
[  114.383982][ T5920] usb 3-1: config 0 descriptor??
[  114.407952][ T6387] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda2184db, utbl_chksum : 0xe619d30d)
[  114.678572][ T6402] loop1: detected capacity change from 0 to 1024
[  114.688695][ T6402] EXT4-fs: Ignoring removed oldalloc option
[  114.694780][ T6402] EXT4-fs: Ignoring removed bh option
[  114.706261][ T6404] loop3: detected capacity change from 0 to 64
[  114.736507][ T6404] minix_free_block (loop3:1): bit already cleared
[  114.745444][ T6402] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.750870][ T6404] minix_free_block (loop3:4): bit already cleared
[  114.770188][ T6404] minix_free_block (loop3:3): bit already cleared
[  114.784371][ T6404] minix_free_block (loop3:2): bit already cleared
[  114.794073][ T6404] minix_free_block (loop3:1): bit already cleared
[  114.809373][ T6367] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  114.820850][ T6367] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  114.826271][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.842628][ T5920] usb 3-1: USB disconnect, device number 4
[  114.935531][ T6413] loop3: detected capacity change from 0 to 1024
[  114.955144][ T6413] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.971662][ T5955] kernel read not supported for file /usbmon8 (pid: 5955 comm: kworker/1:4)
[  115.033523][ T6413] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.146: Abort forced by user
[  115.049784][ T6413] EXT4-fs (loop3): Remounting filesystem read-only
[  115.059434][ T6413] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  115.134576][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.232989][ T6420] loop3: detected capacity change from 0 to 2048
[  115.246968][ T6420] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  115.259442][ T6420] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  115.273586][ T6420] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  115.501899][ T6418] loop1: detected capacity change from 0 to 40427
[  115.516063][ T6418] F2FS-fs (loop1): invalid crc value
[  115.530369][ T5849] Bluetooth: hci0: command 0x0c1a tx timeout
[  115.536849][ T5847] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  115.669233][ T6418] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  115.721023][ T6418] F2FS-fs (loop1): Stopped filesystem due to reason: 0
[  115.960253][ T1209] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  116.136372][ T1209] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00
[  116.156092][ T1209] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  116.178457][ T1209] usb 3-1: Product: syz
[  116.192177][ T1209] usb 3-1: SerialNumber: syz
[  116.208132][ T1209] usb 3-1: config 0 descriptor??
[  116.324739][ T5847] Bluetooth: hci5: command 0xfc11 tx timeout
[  116.332152][ T5841] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  116.393213][ T6440] loop0: detected capacity change from 0 to 32768
[  116.434084][ T1209] hso 3-1:0.0: Failed to find BULK IN ep
[  116.512953][ T6442] loop3: detected capacity change from 0 to 32768
[  116.528812][   T30] audit: type=1800 audit(1751282123.008:5): pid=6440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.157" name="file1" dev="loop0" ino=4 res=0 errno=0
[  116.595394][ T6448] find_entry called with index = 0
[  116.602710][ T6442] JBD2: Ignoring recovery information on journal
[  116.614721][ T6448] read_mapping_page failed!
[  116.619268][ T6448] ERROR: (device loop0): txCommit: 
[  116.619268][ T6448] 
[  116.620061][ T6444] loop1: detected capacity change from 0 to 40427
[  116.642226][ T1209] usb 3-1: USB disconnect, device number 5
[  116.658585][ T6444] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  116.678970][ T6444] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  116.699749][ T6444] F2FS-fs (loop1): invalid crc value
[  116.707044][ T6442] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  116.797666][ T6444] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  116.801726][ T5912] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  116.819450][ T6444] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  116.873496][ T6450] CPU: 0 UID: 0 PID: 6450 Comm: f2fs_ckpt-7:1 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  116.873523][ T6450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.873534][ T6450] Call Trace:
[  116.873542][ T6450]  <TASK>
[  116.873557][ T6450]  dump_stack_lvl+0x189/0x250
[  116.873593][ T6450]  ? __pfx_dump_stack_lvl+0x10/0x10
[  116.873619][ T6450]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  116.873646][ T6450]  ? __pfx_queue_work_on+0x10/0x10
[  116.873673][ T6450]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  116.873699][ T6450]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  116.873727][ T6450]  ? f2fs_hw_is_readonly+0x39b/0x470
[  116.873755][ T6450]  f2fs_handle_critical_error+0x37c/0x540
[  116.873785][ T6450]  f2fs_write_end_io+0x495/0x810
[  116.873810][ T6450]  ? blkg_put+0x22/0x240
[  116.873848][ T6450]  __submit_merged_bio+0x27a/0x6a0
[  116.873869][ T6450]  ? up_write+0x1c4/0x420
[  116.873901][ T6450]  __submit_merged_write_cond+0x44c/0x530
[  116.873932][ T6450]  f2fs_sync_node_pages+0x1869/0x1a00
[  116.873977][ T6450]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  116.874027][ T6450]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  116.874060][ T6450]  ? up_write+0x1c4/0x420
[  116.874085][ T6450]  ? do_raw_spin_unlock+0x122/0x240
[  116.874108][ T6450]  f2fs_write_checkpoint+0xe6f/0x1df0
[  116.874159][ T6450]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  116.874226][ T6450]  ? down_write+0x162/0x1f0
[  116.874245][ T6450]  ? __pfx_down_write+0x10/0x10
[  116.874264][ T6450]  ? __pfx___schedule+0x10/0x10
[  116.874297][ T6450]  __checkpoint_and_complete_reqs+0xd9/0x3b0
[  116.874320][ T6450]  ? __pfx___checkpoint_and_complete_reqs+0x10/0x10
[  116.874365][ T6450]  issue_checkpoint_thread+0xd9/0x260
[  116.874397][ T6450]  ? __pfx_issue_checkpoint_thread+0x10/0x10
[  116.874425][ T6450]  ? __pfx_autoremove_wake_function+0x10/0x10
[  116.874446][ T6450]  ? __kthread_parkme+0x7b/0x200
[  116.874490][ T6450]  ? __kthread_parkme+0x1a1/0x200
[  116.874544][ T6450]  kthread+0x70e/0x8a0
[  116.874574][ T6450]  ? __pfx_issue_checkpoint_thread+0x10/0x10
[  116.874606][ T6450]  ? __pfx_kthread+0x10/0x10
[  116.874627][ T6450]  ? _raw_spin_unlock_irq+0x23/0x50
[  116.874655][ T6450]  ? lockdep_hardirqs_on+0x9c/0x150
[  116.874684][ T6450]  ? __pfx_kthread+0x10/0x10
[  116.874705][ T6450]  ret_from_fork+0x3fc/0x770
[  116.874735][ T6450]  ? __pfx_ret_from_fork+0x10/0x10
[  116.874769][ T6450]  ? __switch_to_asm+0x39/0x70
[  116.874788][ T6450]  ? __switch_to_asm+0x33/0x70
[  116.874806][ T6450]  ? __pfx_kthread+0x10/0x10
[  116.874827][ T6450]  ret_from_fork_asm+0x1a/0x30
[  116.874866][ T6450]  </TASK>
[  116.874875][ T6450] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  117.024512][ T5912] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  117.158721][ T5912] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.183186][ T5912] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.201331][ T5912] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.211644][ T5831] ocfs2: Unmounting device (7,3) on (node local)
[  117.231054][ T5912] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.256428][ T5912] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.286304][ T5912] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.312656][ T5912] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.361237][ T5912] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.380455][ T5912] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.402842][ T5912] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.422225][ T5912] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.450376][ T5912] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.465255][ T6458] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  117.493070][ T5912] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.502835][ T5912] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.532998][ T5912] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.543231][ T5912] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.562484][ T5912] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.586724][ T5912] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.605484][ T5912] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.615916][ T5912] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.656698][ T5912] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.686246][ T5912] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.702733][ T5912] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.717233][ T5912] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.738531][ T5912] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  117.747906][ T6462] loop3: detected capacity change from 0 to 4096
[  117.762371][ T5912] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  117.780163][ T5912] usb 5-1: Product: syz
[  117.787839][ T5912] usb 5-1: Manufacturer: syz
[  117.805058][ T6462] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.806754][ T5912] usb 5-1: SerialNumber: syz
[  117.888976][ T6467] loop1: detected capacity change from 0 to 1024
[  117.891324][ T6469] loop0: detected capacity change from 0 to 1024
[  117.916701][ T5912] usb 5-1: config 0 descriptor??
[  117.934796][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.935768][ T6469] EXT4-fs (loop0): Test dummy encryption mode enabled
[  117.966101][ T5912] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  117.970047][ T6469] EXT4-fs (loop0): stripe (9) is not aligned with cluster size (16), stripe is disabled
[  118.008888][ T6469] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.023410][ T3456] hfsplus: b-tree write err: -5, ino 4
[  118.069323][ T6469] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  118.104175][ T6473] loop3: detected capacity change from 0 to 256
[  118.123988][ T6473] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  118.141678][ T6473] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  118.181660][ T6473] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  118.250845][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.278282][ T5912] usb 5-1: USB disconnect, device number 4
[  118.287958][ T5912] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  118.448592][ T6484] xt_hashlimit: size too large, truncated to 1048576
[  118.468218][ T6483] sp0: Synchronizing with TNC
[  118.551764][ T6486] 
: renamed from vxcan1 (while UP)
[  118.790421][ T5912] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  118.937741][ T6494] loop3: detected capacity change from 0 to 512
[  118.952922][ T6494] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  118.961107][ T6495] loop4: detected capacity change from 0 to 128
[  118.981183][ T5912] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  119.009264][ T5912] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.034172][ T5912] usb 2-1: config 0 descriptor??
[  119.043701][ T5912] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  119.056976][ T6494] EXT4-fs (loop3): 1 truncate cleaned up
[  119.064500][ T6494] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.086609][ T6500] netlink: 27 bytes leftover after parsing attributes in process `syz.0.177'.
[  119.164509][ T6494] EXT4-fs error (device loop3): ext4_empty_dir:3116: inode #2: block 13: comm syz.3.175: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  119.193949][ T6505] netlink: 12 bytes leftover after parsing attributes in process `syz.0.179'.
[  119.220225][ T6494] EXT4-fs (loop3): Remounting filesystem read-only
[  119.275914][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.399274][ T6511] loop0: detected capacity change from 0 to 1024
[  119.862962][ T5912] usb 2-1: USB disconnect, device number 2
[  120.178828][   T30] audit: type=1326 audit(1751282126.658:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6532 comm="syz.2.190" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x0
[  120.200304][    C0] vkms_vblank_simulate: vblank timer overrun
[  120.308948][ T6526] loop0: detected capacity change from 0 to 32768
[  120.381878][ T6526] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  120.501716][ T6526] XFS (loop0): Ending clean mount
[  120.638791][ T5830] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  120.754382][ T6554] loop3: detected capacity change from 0 to 256
[  120.770316][ T6553] syzkaller1: entered promiscuous mode
[  120.792977][ T6553] syzkaller1: entered allmulticast mode
[  120.839280][ T6554] FAT-fs (loop3): Directory bread(block 64) failed
[  120.860080][ T6554] FAT-fs (loop3): Directory bread(block 65) failed
[  120.866751][ T6554] FAT-fs (loop3): Directory bread(block 66) failed
[  120.909942][ T6554] FAT-fs (loop3): Directory bread(block 67) failed
[  120.918481][ T6554] FAT-fs (loop3): Directory bread(block 68) failed
[  120.950042][ T6554] FAT-fs (loop3): Directory bread(block 69) failed
[  120.956680][ T6554] FAT-fs (loop3): Directory bread(block 70) failed
[  120.984029][ T6554] FAT-fs (loop3): Directory bread(block 71) failed
[  120.993707][ T6554] FAT-fs (loop3): Directory bread(block 72) failed
[  121.023836][ T6559] loop0: detected capacity change from 0 to 512
[  121.040269][ T6554] FAT-fs (loop3): Directory bread(block 73) failed
[  121.072422][ T6559] EXT4-fs: Ignoring removed nomblk_io_submit option
[  121.143132][ T6559] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  121.182302][ T6559] EXT4-fs (loop0): 1 truncate cleaned up
[  121.202139][ T6559] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.228629][ T6554] bio_check_eod: 4 callbacks suppressed
[  121.228648][ T6554] syz.3.195: attempt to access beyond end of device
[  121.228648][ T6554] loop3: rw=2049, sector=1224, nr_sectors = 12 limit=256
[  121.263664][ T6554] loop9: detected capacity change from 0 to 7
[  121.320987][ T6554] Dev loop9: unable to read RDB block 7
[  121.326748][ T6554]  loop9: unable to read partition table
[  121.344278][ T6565] netlink: 'syz.2.200': attribute type 9 has an invalid length.
[  121.349491][ T6554] loop9: partition table beyond EOD, truncated
[  121.371207][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.380436][ T6554] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  121.714594][ T6576] loop8: detected capacity change from 0 to 8
[  121.835706][ T6576] Dev loop8: unable to read RDB block 8
[  121.853307][ T6576]  loop8: unable to read partition table
[  121.879548][ T6576] loop8: partition table beyond EOD, truncated
[  121.910185][ T6576] loop_reread_partitions: partition scan of loop8 (þ被xü^>à– �) failed (rc=-5)
[  122.150024][ T5912] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  122.186339][ T6574] loop3: detected capacity change from 0 to 32768
[  122.198151][ T6591] loop2: detected capacity change from 0 to 1024
[  122.208932][ T6574] XFS: attr2 mount option is deprecated.
[  122.226504][ T6574] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  122.233273][ T6591] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.272622][ T6574] XFS (loop3): Ending clean mount
[  122.279618][ T6591] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 16 with error 28
[  122.293435][ T6591] EXT4-fs (loop2): This should not happen!! Data will be lost
[  122.293435][ T6591] 
[  122.300967][ T6574] XFS (loop3): Quotacheck needed: Please wait.
[  122.307761][ T6591] EXT4-fs (loop2): Total free blocks count 0
[  122.319628][ T6591] EXT4-fs (loop2): Free/Dirty block details
[  122.328755][ T6591] EXT4-fs (loop2): free_blocks=0
[  122.336298][ T6591] EXT4-fs (loop2): dirty_blocks=0
[  122.353629][ T5912] usb 5-1: config 0 has an invalid interface number: 255 but max is 0
[  122.366111][ T6574] XFS (loop3): Quotacheck: Done.
[  122.373298][ T5912] usb 5-1: config 0 has no interface number 0
[  122.379445][ T5912] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  122.380468][ T6591] EXT4-fs (loop2): Block reservation details
[  122.389362][ T5912] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.408954][ T5912] usb 5-1: config 0 descriptor??
[  122.419012][ T5912] cp210x 5-1:0.255: cp210x converter detected
[  122.429923][ T6591] EXT4-fs (loop2): i_reserved_data_blocks=0
[  122.482308][ T5831] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  122.498934][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.153017][ T5912] cp210x 5-1:0.255: failed to get vendor val 0x000e size 3: -32
[  123.162124][   T30] audit: type=1326 audit(1751282129.348:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6607 comm="syz.2.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  123.205702][   T30] audit: type=1326 audit(1751282129.358:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6607 comm="syz.2.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  123.232922][   T30] audit: type=1326 audit(1751282129.378:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6607 comm="syz.2.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  123.327314][   T30] audit: type=1326 audit(1751282129.388:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6607 comm="syz.2.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  123.349331][    C0] vkms_vblank_simulate: vblank timer overrun
[  123.388120][   T30] audit: type=1326 audit(1751282129.398:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6607 comm="syz.2.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  123.412117][ T5912] cp210x 5-1:0.255: GPIO initialisation failed: -19
[  123.435654][ T5912] usb 5-1: cp210x converter now attached to ttyUSB0
[  123.456325][   T30] audit: type=1326 audit(1751282129.408:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6607 comm="syz.2.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  123.570940][   T30] audit: type=1326 audit(1751282129.738:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6607 comm="syz.2.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  123.599131][ T6623] loop3: detected capacity change from 0 to 1024
[  123.677079][ T3593] usb 5-1: USB disconnect, device number 5
[  123.686098][   T30] audit: type=1326 audit(1751282129.738:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6607 comm="syz.2.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  123.742589][ T3593] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  123.755188][ T6623] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.768724][ T5841] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  123.769521][ T3593] cp210x 5-1:0.255: device disconnected
[  123.776447][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout
[  123.791768][ T6623] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.987950][ T6629] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  124.051683][ T6629] EXT4-fs (loop3): Remounting filesystem read-only
[  124.133906][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.300728][ T5899] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  124.487004][ T5899] usb 1-1: Using ep0 maxpacket: 32
[  124.504111][ T5899] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.533755][ T5899] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  124.581849][ T5899] usb 1-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  124.604522][ T5899] usb 1-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  124.640891][ T5899] usb 1-1: Product: syz
[  124.655351][ T5899] usb 1-1: Manufacturer: syz
[  124.676492][ T5899] usb 1-1: SerialNumber: syz
[  124.767304][ T6628] loop1: detected capacity change from 0 to 32768
[  124.779305][ T5899] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input9
[  124.824631][ T6628] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.221 (6628)
[  124.874790][ T6631] loop2: detected capacity change from 0 to 131072
[  124.898270][ T6628] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  124.918985][ T6628] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  124.927752][ T6628] BTRFS info (device loop1): disk space caching is enabled
[  124.950176][ T6628] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  125.011478][ T6631] F2FS-fs (loop2): invalid crc value
[  125.050190][ T3593] usb 1-1: USB disconnect, device number 4
[  125.077699][ T3593] appletouch 1-1:1.0: input: appletouch disconnected
[  125.261806][ T6628] BTRFS info (device loop1): rebuilding free space tree
[  125.269048][ T6631] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  125.318173][ T6628] BTRFS info (device loop1): disabling free space tree
[  125.325474][ T6628] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  125.336826][ T6628] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  125.337187][ T6635] loop4: detected capacity change from 0 to 32768
[  125.429051][ T6635] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  125.556807][ T6669] loop3: detected capacity change from 0 to 1024
[  125.605546][ T5842] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  125.651376][ T6669] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.686396][ T6635] XFS (loop4): Ending clean mount
[  125.709486][ T6635] XFS (loop4): Quotacheck needed: Please wait.
[  125.811020][ T6635] XFS (loop4): Quotacheck: Done.
[  125.818472][ T6669] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 16 with error 28
[  125.859797][ T6669] EXT4-fs (loop3): This should not happen!! Data will be lost
[  125.859797][ T6669] 
[  125.885456][ T6669] EXT4-fs (loop3): Total free blocks count 0
[  125.904822][ T6669] EXT4-fs (loop3): Free/Dirty block details
[  125.935186][ T6669] EXT4-fs (loop3): free_blocks=0
[  125.961658][ T6669] EXT4-fs (loop3): dirty_blocks=0
[  125.980684][ T6635] XFS (loop4): User initiated shutdown received.
[  125.987086][ T6635] XFS (loop4): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:476).  Shutting down filesystem.
[  126.005533][ T6669] EXT4-fs (loop3): Block reservation details
[  126.010163][ T6635] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  126.021125][ T6669] EXT4-fs (loop3): i_reserved_data_blocks=0
[  126.118543][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.146371][ T5839] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  126.285292][ T5899] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  126.450088][ T5899] usb 1-1: Using ep0 maxpacket: 16
[  126.474032][ T5899] usb 1-1: config index 0 descriptor too short (expected 59154, got 18)
[  126.503391][ T5899] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[  126.517006][ T5899] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  126.524750][ T6687] loop4: detected capacity change from 0 to 4096
[  126.554609][ T5899] usb 1-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  126.572299][ T5955] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  126.572855][ T5899] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.606937][ T5899] usb 1-1: Product: syz
[  126.613020][ T5899] usb 1-1: Manufacturer: syz
[  126.618133][ T5899] usb 1-1: SerialNumber: syz
[  126.630416][ T5899] usb 1-1: config 0 descriptor??
[  126.642217][ T5899] ssu100 1-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  126.643959][ T6687] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  126.760725][ T5955] usb 3-1: Using ep0 maxpacket: 16
[  126.786569][ T5955] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.800496][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  126.812963][ T6687] overlayfs: upper fs does not support tmpfile.
[  126.823084][ T5955] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.836017][ T5955] usb 3-1: config 0 interface 0 has no altsetting 0
[  126.850100][ T5955] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  126.863708][ T5955] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.878205][ T5955] usb 3-1: config 0 descriptor??
[  126.891551][ T6687] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  126.999768][   T12] ntfs3(loop4): ino=9, ntfs3_write_inode failed, -22.
[  127.017484][ T5839] ntfs3(loop4): ino=9, ntfs_sync_fs failed, -22.
[  127.050112][ T6703] dlm: non-version read from control device 211
[  127.058006][ T5839] ntfs3(loop4): ino=9, ntfs_sync_fs failed, -22.
[  127.058417][ T6703] dlm: non-version read from control device 211
[  127.076653][ T6703] dlm: non-version read from control device 211
[  127.083336][ T6703] dlm: non-version read from control device 211
[  127.097274][ T6703] dlm: non-version read from control device 211
[  127.105147][ T6703] dlm: non-version read from control device 211
[  127.111630][ T6703] dlm: non-version read from control device 211
[  127.119621][ T6703] dlm: non-version read from control device 211
[  127.126215][ T6703] dlm: non-version read from control device 211
[  127.135819][ T6703] dlm: non-version read from control device 211
[  127.142257][ T6703] dlm: non-version read from control device 211
[  127.154580][ T6703] dlm: non-version read from control device 211
[  127.161787][ T5912] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  127.172530][ T6703] dlm: non-version read from control device 211
[  127.179347][ T6703] dlm: non-version read from control device 211
[  127.188382][ T6703] dlm: non-version read from control device 211
[  127.198237][ T6703] dlm: non-version read from control device 211
[  127.205305][ T6703] dlm: non-version read from control device 211
[  127.235758][ T6703] dlm: non-version read from control device 211
[  127.242154][ T6703] dlm: non-version read from control device 211
[  127.248514][ T6703] dlm: non-version read from control device 211
[  127.257756][ T6703] dlm: non-version read from control device 211
[  127.264199][ T6703] dlm: non-version read from control device 211
[  127.270605][ T6703] dlm: non-version read from control device 211
[  127.276949][ T6703] dlm: non-version read from control device 211
[  127.283555][ T6703] dlm: non-version read from control device 211
[  127.290014][ T6703] dlm: non-version read from control device 211
[  127.296383][ T6703] dlm: non-version read from control device 211
[  127.304233][ T6703] dlm: non-version read from control device 211
[  127.316022][ T6703] dlm: non-version read from control device 211
[  127.333419][ T5912] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  127.352274][ T5912] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.370243][ T6703] dlm: non-version read from control device 211
[  127.376543][ T6703] dlm: non-version read from control device 211
[  127.378675][ T5912] usb 2-1: config 0 descriptor??
[  127.394093][ T6703] dlm: non-version read from control device 211
[  127.404100][ T5912] cp210x 2-1:0.0: cp210x converter detected
[  127.410433][ T6703] dlm: non-version read from control device 211
[  127.418076][ T6703] dlm: non-version read from control device 211
[  127.427873][ T6703] dlm: non-version read from control device 211
[  127.434676][ T6703] dlm: non-version read from control device 211
[  127.442365][ T6703] dlm: non-version read from control device 211
[  127.448752][ T6703] dlm: non-version read from control device 211
[  127.455480][ T6703] dlm: non-version read from control device 211
[  127.461893][ T6703] dlm: non-version read from control device 211
[  127.468449][ T6703] dlm: non-version read from control device 211
[  127.474881][ T6703] dlm: non-version read from control device 211
[  127.481503][ T6703] dlm: non-version read from control device 211
[  127.488002][ T6703] dlm: non-version read from control device 211
[  127.494627][ T6703] dlm: non-version read from control device 211
[  127.501060][ T6703] dlm: non-version read from control device 211
[  127.507683][ T6703] dlm: non-version read from control device 211
[  127.514130][ T6703] dlm: non-version read from control device 211
[  127.521778][ T6703] dlm: non-version read from control device 211
[  127.554806][ T5955] usb 3-1: USB disconnect, device number 6
[  127.564241][ T6703] dlm: non-version read from control device 211
[  127.578051][ T6703] dlm: non-version read from control device 211
[  127.585369][ T6703] dlm: non-version read from control device 211
[  127.591948][ T6703] dlm: non-version read from control device 211
[  127.598810][ T6703] dlm: non-version read from control device 211
[  127.614814][ T6703] dlm: non-version read from control device 211
[  127.621443][ T6703] dlm: non-version read from control device 211
[  127.627930][ T6703] dlm: non-version read from control device 211
[  127.637001][ T6703] dlm: non-version read from control device 211
[  127.643624][ T6703] dlm: non-version read from control device 211
[  127.654531][ T6703] dlm: non-version read from control device 211
[  127.662601][ T5899] ssu100 1-1:0.0: probe with driver ssu100 failed with error -71
[  127.662901][ T6703] dlm: non-version read from control device 211
[  127.678533][ T6703] dlm: non-version read from control device 211
[  127.687491][ T6703] dlm: non-version read from control device 211
[  127.690976][ T5899] usb 1-1: USB disconnect, device number 5
[  127.699678][ T6703] dlm: non-version read from control device 211
[  127.707068][ T6703] dlm: non-version read from control device 211
[  127.718243][ T6703] dlm: non-version read from control device 211
[  127.724740][ T6703] dlm: non-version read from control device 211
[  127.738748][ T6703] dlm: non-version read from control device 211
[  127.746459][ T6703] dlm: non-version read from control device 211
[  127.758296][ T6703] dlm: non-version read from control device 211
[  127.794759][ T6703] dlm: non-version read from control device 211
[  127.802198][ T6703] dlm: non-version read from control device 211
[  127.808705][ T6703] dlm: non-version read from control device 211
[  127.818818][ T5912] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32
[  127.827766][ T6703] dlm: non-version read from control device 211
[  127.848380][ T6703] dlm: non-version read from control device 211
[  127.862752][ T6703] dlm: non-version read from control device 211
[  127.873081][ T6703] dlm: non-version read from control device 211
[  127.879643][ T6703] dlm: non-version read from control device 211
[  127.888651][ T6703] dlm: non-version read from control device 211
[  127.903601][ T6703] dlm: non-version read from control device 211
[  127.910996][ T6703] dlm: non-version read from control device 211
[  127.917468][ T6703] dlm: non-version read from control device 211
[  127.928390][ T6703] dlm: non-version read from control device 211
[  127.939703][ T6703] dlm: non-version read from control device 211
[  127.950931][ T6703] dlm: non-version read from control device 211
[  127.957326][ T6703] dlm: non-version read from control device 211
[  128.047162][ T5912] usb 2-1: cp210x converter now attached to ttyUSB0
[  128.254307][ T6705] syz.4.239 (6705): drop_caches: 2
[  128.267206][ T5912] usb 2-1: USB disconnect, device number 3
[  128.276347][ T5912] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  128.377762][ T5912] cp210x 2-1:0.0: device disconnected
[  128.409583][ T6716] loop4: detected capacity change from 0 to 1024
[  128.441167][ T6716] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.522387][   T30] audit: type=1326 audit(1751282134.988:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  128.816906][   T30] audit: type=1326 audit(1751282134.988:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  129.097450][   T30] audit: type=1326 audit(1751282134.998:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  129.111464][ T6716] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 16 with error 28
[  129.120278][   T30] audit: type=1326 audit(1751282134.998:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  129.154172][   T30] audit: type=1326 audit(1751282134.998:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  129.178145][   T30] audit: type=1326 audit(1751282134.998:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  129.203026][   T30] audit: type=1326 audit(1751282135.078:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  129.226184][   T30] audit: type=1326 audit(1751282135.078:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.2.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  129.248492][ T5955] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  129.300387][ T6716] EXT4-fs (loop4): This should not happen!! Data will be lost
[  129.300387][ T6716] 
[  129.333577][ T6716] EXT4-fs (loop4): Total free blocks count 0
[  129.436476][ T6716] EXT4-fs (loop4): Free/Dirty block details
[  129.446531][ T6716] EXT4-fs (loop4): free_blocks=0
[  129.460362][ T6716] EXT4-fs (loop4): dirty_blocks=0
[  129.470378][ T5955] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  129.490037][ T6716] EXT4-fs (loop4): Block reservation details
[  129.505056][ T5955] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  129.514134][ T6716] EXT4-fs (loop4): i_reserved_data_blocks=0
[  129.534394][ T5955] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  129.565688][ T5955] usb 4-1: config 0 interface 0 has no altsetting 0
[  129.573763][ T5955] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  129.589959][ T5955] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  129.601059][ T5955] usb 4-1: config 0 interface 0 has no altsetting 0
[  129.609041][ T5955] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  129.618616][ T5955] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  129.630063][ T5955] usb 4-1: config 0 interface 0 has no altsetting 0
[  129.641114][ T5955] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  129.653107][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.766852][ T5955] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  129.781368][ T5955] usb 4-1: config 0 interface 0 has no altsetting 0
[  129.790907][ T5955] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  129.800822][ T5955] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  129.815666][ T5955] usb 4-1: config 0 interface 0 has no altsetting 0
[  130.043174][ T5955] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  130.058465][ T5955] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  130.116712][   T30] audit: type=1326 audit(1751282136.348:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6729 comm="syz.2.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  130.202374][ T5955] usb 4-1: config 0 interface 0 has no altsetting 0
[  130.209351][   T30] audit: type=1326 audit(1751282136.348:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6729 comm="syz.2.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  130.243928][ T5955] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  130.254633][ T5955] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  130.267676][ T5955] usb 4-1: config 0 interface 0 has no altsetting 0
[  130.307844][ T5955] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  130.337186][ T5955] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  130.381677][ T5955] usb 4-1: config 0 interface 0 has no altsetting 0
[  130.408745][ T6735] syzkaller1: entered promiscuous mode
[  130.415177][ T6735] syzkaller1: entered allmulticast mode
[  130.427214][ T5955] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  130.453568][ T5955] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  130.467038][ T6738] loop1: detected capacity change from 0 to 64
[  130.481676][ T5955] usb 4-1: Product: syz
[  130.492432][ T5955] usb 4-1: Manufacturer: syz
[  130.511267][ T5955] usb 4-1: SerialNumber: syz
[  130.532375][ T5955] usb 4-1: config 0 descriptor??
[  130.554824][ T6738] minix_free_block (loop1:1): bit already cleared
[  130.578310][ T6738] minix_free_block (loop1:4): bit already cleared
[  130.584925][ T6738] minix_free_block (loop1:3): bit already cleared
[  130.612243][ T6738] minix_free_block (loop1:2): bit already cleared
[  130.646490][ T5955] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  130.648858][ T6738] minix_free_block (loop1:1): bit already cleared
[  130.770022][ T5912] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  130.800866][   T10] usb 4-1: USB disconnect, device number 2
[  130.812859][   T10] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  130.880824][ T5899] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  130.941956][ T5912] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  130.951197][ T5912] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.961585][ T5912] usb 1-1: config 0 descriptor??
[  130.969753][ T5912] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  131.031507][ T5899] usb 5-1: config 0 has no interfaces?
[  131.037201][ T5899] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  131.046345][ T5899] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.057580][ T5899] usb 5-1: config 0 descriptor??
[  131.142143][ T5920] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  131.299972][ T5920] usb 3-1: Using ep0 maxpacket: 8
[  131.306903][ T5920] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  131.319196][ T5920] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  131.339970][ T5920] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  131.350066][ T5920] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  131.363208][ T5920] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  131.372368][ T5920] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.473874][ T6742] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  131.482806][ T6742] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  131.497131][ T5899] usb 5-1: USB disconnect, device number 6
[  131.597081][ T5920] usb 3-1: GET_CAPABILITIES returned 0
[  131.603070][ T5920] usbtmc 3-1:16.0: can't read capabilities
[  131.669767][ T6760] Illegal XDP return value 2769844235 on prog  (id 37) dev syz_tun, expect packet loss!
[  131.747968][ T6762] loop1: detected capacity change from 0 to 1024
[  131.767049][ T6762] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.791572][ T5912] usb 1-1: USB disconnect, device number 6
[  131.802965][ T6762] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 16 with error 28
[  131.815547][ T6762] EXT4-fs (loop1): This should not happen!! Data will be lost
[  131.815547][ T6762] 
[  131.829348][   T24] usb 3-1: USB disconnect, device number 7
[  131.829655][ T6762] EXT4-fs (loop1): Total free blocks count 0
[  131.845655][ T6762] EXT4-fs (loop1): Free/Dirty block details
[  131.858100][ T6762] EXT4-fs (loop1): free_blocks=0
[  131.864552][ T6762] EXT4-fs (loop1): dirty_blocks=0
[  131.869710][ T6762] EXT4-fs (loop1): Block reservation details
[  131.875810][ T6762] EXT4-fs (loop1): i_reserved_data_blocks=0
[  131.911043][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.991728][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  132.998718][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  133.330499][ T6790] syzkaller1: entered promiscuous mode
[  133.336017][ T6790] syzkaller1: entered allmulticast mode
[  133.690336][ T6804] syzkaller1: entered promiscuous mode
[  133.707039][ T6804] syzkaller1: entered allmulticast mode
[  133.811913][ T6793] loop1: detected capacity change from 0 to 32768
[  133.860471][ T6793] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  134.064466][ T5842] (syz-executor,5842,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 76
[  134.117832][ T5842] ocfs2: Unmounting device (7,1) on (node local)
[  134.579968][ T5899] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  134.792599][ T5899] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  134.837638][ T5899] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.854120][ T5899] usb 4-1: config 0 descriptor??
[  134.872760][ T5899] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  134.990091][ T5920] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  135.202606][ T5920] usb 1-1: config 0 has an invalid interface number: 93 but max is 0
[  135.228798][ T5920] usb 1-1: config 0 has no interface number 0
[  135.233076][ T6812] syz.2.271 (6812): drop_caches: 2
[  135.248631][ T5920] usb 1-1: New USB device found, idVendor=10b8, idProduct=1bb4, bcdDevice=34.65
[  135.269993][ T5920] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.290308][ T5920] usb 1-1: Product: syz
[  135.299896][ T5920] usb 1-1: Manufacturer: syz
[  135.313366][ T5920] usb 1-1: SerialNumber: syz
[  135.333368][ T5920] usb 1-1: config 0 descriptor??
[  135.406220][ T6821] loop1: detected capacity change from 0 to 32768
[  135.430502][ T6821] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.284 (6821)
[  135.951897][   T30] kauditd_printk_skb: 28 callbacks suppressed
[  135.951916][   T30] audit: type=1326 audit(1751282142.198:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.2.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  136.096213][   T30] audit: type=1326 audit(1751282142.198:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.2.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  136.123291][ T5920] dvb-usb: found a 'DiBcom TFE7090PVR reference design' in warm state.
[  136.133251][ T6821] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  136.138184][   T30] audit: type=1326 audit(1751282142.208:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.2.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  136.170129][ T6821] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  136.179605][ T6821] BTRFS info (device loop1): using free-space-tree
[  136.185903][   T30] audit: type=1326 audit(1751282142.218:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.2.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  136.209182][ T5920] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  136.216255][   T30] audit: type=1326 audit(1751282142.218:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.2.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  136.241134][ T5920] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  136.256019][ T5920] usb 1-1: media controller created
[  136.265929][   T30] audit: type=1326 audit(1751282142.218:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.2.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  136.275401][ T5920] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  136.303656][   T30] audit: type=1326 audit(1751282142.248:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.2.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  136.330857][   T30] audit: type=1326 audit(1751282142.258:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.2.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  136.354458][   T30] audit: type=1326 audit(1751282142.268:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.2.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  136.378913][   T30] audit: type=1326 audit(1751282142.268:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.2.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc7a0d8e929 code=0x7ffc0000
[  136.385815][ T5899] usb 4-1: USB disconnect, device number 3
[  136.466176][ T5920] DVB: Unable to find symbol dib7000p_attach()
[  136.490304][ T5920] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  136.503127][ T5920] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  136.526146][ T5920] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  136.543248][ T5920] usb 1-1: media controller created
[  136.560451][ T5920] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  136.590841][ T5920] dib0700: the master dib7090 has to be initialized first
[  136.598824][ T5920] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  136.685488][ T5842] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  136.700210][ T5920] rc_core: IR keymap rc-dib0700-rc5 not found
[  136.727985][ T5920] Registered IR keymap rc-empty
[  136.746030][ T5920] dvb-usb: could not initialize remote control.
[  136.752528][ T5920] dvb-usb: DiBcom TFE7090PVR reference design successfully initialized and connected.
[  136.773778][ T5920] usb 1-1: USB disconnect, device number 7
[  136.818770][ T5920] dvb-usb: DiBcom TFE7090PVR reference design successfully deinitialized and disconnected.
[  137.340116][ T5920] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  137.514524][ T5920] usb 1-1: Using ep0 maxpacket: 16
[  137.533635][ T5920] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.551831][ T5920] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.584021][ T5920] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  137.612876][ T5920] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  137.630251][ T5920] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.663259][ T5920] usb 1-1: config 0 descriptor??
[  137.821616][ T6861] loop1: detected capacity change from 0 to 32768
[  138.001120][ T6861] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  138.107296][ T5920] shield 0003:0955:7214.0003: unknown main item tag 0x0
[  138.130050][ T5920] shield 0003:0955:7214.0003: unknown main item tag 0x0
[  138.144078][ T5920] shield 0003:0955:7214.0003: unknown main item tag 0x0
[  138.192432][ T5920] shield 0003:0955:7214.0003: unknown main item tag 0x0
[  138.209939][ T5920] shield 0003:0955:7214.0003: unknown main item tag 0x0
[  138.233832][ T5920] input: HID 0955:7214 Haptics as /devices/virtual/input/input11
[  138.270920][ T6861] syz.1.281 (6861) used greatest stack depth: 18520 bytes left
[  138.287862][ T5920] shield 0003:0955:7214.0003: Registered Thunderstrike controller
[  138.296734][ T6857] random: crng reseeded on system resumption
[  138.310755][ T5920] shield 0003:0955:7214.0003: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.0-1/input0
[  138.359235][ T5842] ocfs2: Unmounting device (7,1) on (node local)
[  138.406106][ T1209] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  138.427770][ T5920] usb 1-1: USB disconnect, device number 8
[  138.446057][ T1209] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  138.487736][ T1209] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  138.516329][ T1209] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  138.984449][ T6892] syzkaller1: entered promiscuous mode
[  138.999966][ T6892] syzkaller1: entered allmulticast mode
[  139.770046][ T6916] loop3: detected capacity change from 0 to 2048
[  140.827222][ T6916] UDF-fs: warning (device loop3): udf_fill_super: No partition found (2)
[  141.459331][ T6926] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  141.487128][ T5931] IPVS: starting estimator thread 0...
[  141.600105][ T6932] IPVS: using max 26 ests per chain, 62400 per kthread
[  141.940831][ T6946] syzkaller1: entered promiscuous mode
[  141.946343][ T6946] syzkaller1: entered allmulticast mode
[  141.950263][ T6952] netlink: 16 bytes leftover after parsing attributes in process `syz.4.310'.
[  142.022563][ T6952] netlink: 16 bytes leftover after parsing attributes in process `syz.4.310'.
[  143.131487][ T6964] loop4: detected capacity change from 0 to 2048
[  143.510838][ T6964] UDF-fs: warning (device loop4): udf_fill_super: No partition found (2)
[  143.870267][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  143.880560][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  143.890322][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  143.898899][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  143.909212][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  144.713441][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  144.726471][   T30] audit: type=1326 audit(1751282150.998:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  144.837742][   T30] audit: type=1326 audit(1751282150.998:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  144.946006][   T30] audit: type=1326 audit(1751282151.018:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  144.971620][   T30] audit: type=1326 audit(1751282151.018:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  145.105572][   T30] audit: type=1326 audit(1751282151.058:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  145.128502][   T30] audit: type=1326 audit(1751282151.068:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  145.169698][   T30] audit: type=1326 audit(1751282151.128:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  145.259567][   T30] audit: type=1326 audit(1751282151.148:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6986 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  145.557226][ T7009] random: crng reseeded on system resumption
[  145.753954][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  145.958899][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  146.163748][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  146.266038][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  146.919965][ T5955] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  146.989771][ T7029] netlink: 48 bytes leftover after parsing attributes in process `syz.2.336'.
[  147.069915][ T5955] usb 4-1: device descriptor read/64, error -71
[  147.387180][ T7034] input: syz1 as /devices/virtual/input/input12
[  147.409433][ T7034] input: failed to attach handler leds to device input12, error: -6
[  147.424503][ T5955] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  147.526494][ T7024] loop0: detected capacity change from 0 to 32768
[  147.549561][ T7024] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  147.570313][ T5955] usb 4-1: device descriptor read/64, error -71
[  147.617685][ T7024] XFS (loop0): Ending clean mount
[  147.923772][   T30] audit: type=1326 audit(1751282154.278:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7041 comm="syz.1.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  148.173973][   T30] audit: type=1326 audit(1751282154.298:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7041 comm="syz.1.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  148.184950][ T5955] usb usb4-port1: attempt power cycle
[  148.317943][ T5830] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  148.356874][ T7054] loop4: detected capacity change from 0 to 1024
[  148.431235][ T7054] syz.4.342: attempt to access beyond end of device
[  148.431235][ T7054] loop4: rw=0, sector=393222, nr_sectors = 2 limit=1024
[  148.470050][ T7054] syz.4.342: attempt to access beyond end of device
[  148.470050][ T7054] loop4: rw=2049, sector=8556385938, nr_sectors = 2 limit=1024
[  148.535643][ T7054] Buffer I/O error on dev loop4, logical block 4278192969, lost async page write
[  148.580359][ T7054] syz.4.342: attempt to access beyond end of device
[  148.580359][ T7054] loop4: rw=2049, sector=393216, nr_sectors = 2 limit=1024
[  148.590141][ T5955] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  148.610067][ T7054] Buffer I/O error on dev loop4, logical block 196608, lost async page write
[  148.649429][ T7054] syz.4.342: attempt to access beyond end of device
[  148.649429][ T7054] loop4: rw=2049, sector=393218, nr_sectors = 2 limit=1024
[  148.652519][ T5955] usb 4-1: device descriptor read/8, error -71
[  148.704951][ T7054] Buffer I/O error on dev loop4, logical block 196609, lost async page write
[  148.733255][ T7054] syz.4.342: attempt to access beyond end of device
[  148.733255][ T7054] loop4: rw=2049, sector=393220, nr_sectors = 2 limit=1024
[  148.800200][ T7054] Buffer I/O error on dev loop4, logical block 196610, lost async page write
[  148.820846][ T7060] loop2: detected capacity change from 0 to 512
[  148.849262][ T7060] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  148.920056][ T5955] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  148.933234][ T7060] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.952973][ T5955] usb 4-1: device descriptor read/8, error -71
[  148.970126][ T7060] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.001118][ T7071] loop4: detected capacity change from 0 to 1024
[  149.080274][ T5955] usb usb4-port1: unable to enumerate USB device
[  149.117183][ T7071] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.189319][ T7071] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.246810][ T5832] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2962: inode #15: comm syz-executor: corrupted xattr block 32: bad e_name length
[  149.316433][ T5832] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  149.357511][ T5832] EXT4-fs error (device loop2): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 16
[  149.383748][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.411908][ T5832] EXT4-fs error (device loop2): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 16
[  149.541384][ T7063] loop0: detected capacity change from 0 to 32768
[  149.818107][ T7063] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow
[  149.818135][ T7063]   allowing incompatible features above 0.0: (unknown version)
[  149.818148][ T7063]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  149.871896][ T7063] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  149.881068][ T7063] bcachefs (loop0): initializing new filesystem
[  149.897933][ T7063] bcachefs (loop0): going read-write
[  149.925387][ T7063] bcachefs (loop0): marking superblocks
[  149.965514][ T7063] bcachefs (loop0): initializing freespace
[  149.978307][ T7063] bcachefs (loop0): done initializing freespace
[  149.994099][ T7063] bcachefs (loop0): reading snapshots table
[  150.002059][ T7063] bcachefs (loop0): reading snapshots done
[  150.043673][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.060130][ T7063] bcachefs (loop0): done starting filesystem
[  150.130058][ T5920] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  150.216002][ T3526] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.282047][ T7063] syz.0.343 (7063) used greatest stack depth: 15688 bytes left
[  150.326444][ T5920] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  150.330530][ T5830] bcachefs (loop0): shutting down
[  150.343193][ T5920] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  150.343220][ T5920] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  150.343241][ T5920] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  150.343281][ T5920] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  150.343302][ T5920] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.362637][ T5920] usb 4-1: config 0 descriptor??
[  150.371454][ T5830] bcachefs (loop0): going read-only
[  150.423535][ T5830] bcachefs (loop0): finished waiting for writes to stop
[  150.549422][ T3526] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.594637][ T5830] bcachefs (loop0): flushing journal and stopping allocators, journal seq 9
[  150.723251][ T5830] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12
[  150.737514][ T3526] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.756303][ T5830] bcachefs (loop0): clean shutdown complete, journal seq 13
[  150.765711][ T5830] bcachefs (loop0): marking filesystem clean
[  150.847821][ T5920] usbhid 4-1:0.0: can't add hid device: -71
[  150.856441][ T3526] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.868123][ T5920] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  150.887050][ T5830] bcachefs (loop0): shutdown complete
[  150.899545][ T5920] usb 4-1: USB disconnect, device number 8
[  150.955874][ T7106] loop1: detected capacity change from 0 to 764
[  150.994532][ T7106] Symlink component flag not implemented
[  151.014039][ T7106] Symlink component flag not implemented (7)
[  151.115526][ T3526] bridge_slave_1: left allmulticast mode
[  151.139980][ T3526] bridge_slave_1: left promiscuous mode
[  151.171170][ T3526] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.199219][ T3526] bridge_slave_0: left allmulticast mode
[  151.220530][ T3526] bridge_slave_0: left promiscuous mode
[  151.226374][ T3526] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.266134][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  151.277690][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  151.287903][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  151.296981][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  151.312607][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  151.730034][   T24] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  151.873027][   T24] usb 4-1: device descriptor read/64, error -71
[  151.890980][ T3526] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  151.912210][ T3526] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  151.923098][ T3526] bond0 (unregistering): Released all slaves
[  151.967196][ T7123] loop4: detected capacity change from 0 to 2048
[  152.085868][ T7126] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  152.288541][   T24] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  152.440112][   T24] usb 4-1: device descriptor read/64, error -71
[  152.658771][   T24] usb usb4-port1: attempt power cycle
[  152.665072][ T3526] hsr_slave_0: left promiscuous mode
[  152.672882][ T3526] hsr_slave_1: left promiscuous mode
[  152.683626][ T3526] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  152.691311][ T3526] batman_adv: batadv0: Removing interface: batadv_slave_0
[  152.699680][ T3526] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  152.718595][ T3526] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.757739][ T3526] veth1_macvtap: left promiscuous mode
[  152.767099][ T3526] veth0_macvtap: left promiscuous mode
[  152.773729][ T3526] veth1_vlan: left promiscuous mode
[  152.785845][ T3526] veth0_vlan: left promiscuous mode
[  153.010258][   T24] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  153.050649][   T24] usb 4-1: device descriptor read/8, error -71
[  153.051967][ T7137] loop1: detected capacity change from 0 to 2048
[  153.072137][ T7137] NILFS (loop1): invalid segment: Inconsistency found
[  153.084080][ T7137] NILFS (loop1): trying rollback from an earlier position
[  153.111716][ T7137] NILFS (loop1): recovery complete
[  153.137906][ T7138] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  153.299943][   T24] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  153.360033][ T5849] Bluetooth: hci2: command tx timeout
[  153.401846][   T24] usb 4-1: device descriptor read/8, error -71
[  153.513817][   T24] usb usb4-port1: unable to enumerate USB device
[  153.742758][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  153.742775][   T30] audit: type=1326 audit(1751282160.138:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.1.372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  154.026210][   T30] audit: type=1326 audit(1751282160.148:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.1.372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  154.069042][   T30] audit: type=1326 audit(1751282160.158:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.1.372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  154.120799][   T30] audit: type=1326 audit(1751282160.158:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.1.372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  154.179974][   T30] audit: type=1326 audit(1751282160.168:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.1.372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  154.225653][   T30] audit: type=1326 audit(1751282160.168:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.1.372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  154.253867][   T30] audit: type=1326 audit(1751282160.478:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.1.372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  154.291530][   T30] audit: type=1326 audit(1751282160.488:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.1.372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  154.506111][ T7140] loop0: detected capacity change from 0 to 40427
[  154.536677][ T7140] F2FS-fs (loop0): build fault injection rate: 771
[  154.548336][ T7140] F2FS-fs (loop0): invalid crc value
[  154.584889][ T3526] team0 (unregistering): Port device team_slave_1 removed
[  154.628981][ T3526] team0 (unregistering): Port device team_slave_0 removed
[  155.374649][ T7159] slcan: can't register candev
[  155.394964][ T7159] Falling back ldisc for ttyS3.
[  155.463389][ T7169] loop3: detected capacity change from 0 to 256
[  155.489944][ T5849] Bluetooth: hci2: command tx timeout
[  155.500293][ T7140] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  155.574606][ T7140] syz.0.357: attempt to access beyond end of device
[  155.574606][ T7140] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  155.682278][ T5830] syz-executor: attempt to access beyond end of device
[  155.682278][ T5830] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  155.717178][ T7174] loop4: detected capacity change from 0 to 2048
[  155.730633][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  155.730666][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  155.730679][ T5830] Call Trace:
[  155.730687][ T5830]  <TASK>
[  155.730697][ T5830]  dump_stack_lvl+0x189/0x250
[  155.730737][ T5830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.730765][ T5830]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  155.730794][ T5830]  ? __pfx_queue_work_on+0x10/0x10
[  155.730825][ T5830]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  155.730852][ T5830]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  155.730881][ T5830]  ? f2fs_hw_is_readonly+0x39b/0x470
[  155.730913][ T5830]  f2fs_handle_critical_error+0x37c/0x540
[  155.730947][ T5830]  f2fs_write_end_io+0x495/0x810
[  155.730975][ T5830]  ? blkg_put+0x22/0x240
[  155.731019][ T5830]  __submit_merged_bio+0x27a/0x6a0
[  155.731053][ T5830]  __submit_merged_write_cond+0x255/0x530
[  155.731087][ T5830]  f2fs_write_data_pages+0x261d/0x3000
[  155.731158][ T5830]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  155.731240][ T5830]  ? __mod_zone_page_state+0xd7/0x140
[  155.731282][ T5830]  ? folios_put_refs+0x560/0x640
[  155.731326][ T5830]  ? __pfx_folios_put_refs+0x10/0x10
[  155.731348][ T5830]  ? rcu_is_watching+0x15/0xb0
[  155.731386][ T5830]  ? __lock_acquire+0xab9/0xd20
[  155.731431][ T5830]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  155.731460][ T5830]  do_writepages+0x32e/0x550
[  155.731503][ T5830]  ? do_raw_spin_unlock+0x122/0x240
[  155.731530][ T5830]  filemap_fdatawrite+0x199/0x240
[  155.731561][ T5830]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  155.731648][ T5830]  ? do_raw_spin_unlock+0x122/0x240
[  155.731675][ T5830]  f2fs_sync_dirty_inodes+0x31f/0x830
[  155.731723][ T5830]  f2fs_write_checkpoint+0x95a/0x1df0
[  155.731792][ T5830]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  155.731869][ T5830]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  155.731886][ T5830]  ? kfree+0x18e/0x440
[  155.731913][ T5830]  ? kill_f2fs_super+0x298/0x6c0
[  155.731966][ T5830]  kill_f2fs_super+0x2c3/0x6c0
[  155.732006][ T5830]  ? __pfx_kill_f2fs_super+0x10/0x10
[  155.732033][ T5830]  ? radix_tree_delete_item+0x2b6/0x400
[  155.732072][ T5830]  ? shrinker_free+0x2ce/0x3e0
[  155.732101][ T5830]  deactivate_locked_super+0xbc/0x130
[  155.732131][ T5830]  cleanup_mnt+0x425/0x4c0
[  155.732156][ T5830]  ? lockdep_hardirqs_on+0x9c/0x150
[  155.732190][ T5830]  task_work_run+0x1d1/0x260
[  155.732216][ T5830]  ? __pfx_task_work_run+0x10/0x10
[  155.732235][ T5830]  ? __x64_sys_umount+0x122/0x160
[  155.732270][ T5830]  ? exit_to_user_mode_loop+0x40/0x110
[  155.732301][ T5830]  exit_to_user_mode_loop+0xec/0x110
[  155.732338][ T5830]  do_syscall_64+0x2bd/0x3b0
[  155.732356][ T5830]  ? lockdep_hardirqs_on+0x9c/0x150
[  155.732386][ T5830]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.732406][ T5830]  ? clear_bhb_loop+0x60/0xb0
[  155.732432][ T5830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.732450][ T5830] RIP: 0033:0x7fcf4b18fc57
[  155.732477][ T5830] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  155.732494][ T5830] RSP: 002b:00007ffc61e8db58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  155.732516][ T5830] RAX: 0000000000000000 RBX: 00007fcf4b210925 RCX: 00007fcf4b18fc57
[  155.732529][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc61e8dc10
[  155.732541][ T5830] RBP: 00007ffc61e8dc10 R08: 0000000000000000 R09: 0000000000000000
[  155.732553][ T5830] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc61e8eca0
[  155.732566][ T5830] R13: 00007fcf4b210925 R14: 0000000000025fab R15: 00007ffc61e8ece0
[  155.732602][ T5830]  </TASK>
[  155.732611][ T5830] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  155.897145][ T7174] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.425945][ T7172] loop1: detected capacity change from 0 to 32768
[  156.438461][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.446243][ T7172] XFS: ikeep mount option is deprecated.
[  156.482504][ T7172] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  156.570690][ T7172] XFS (loop1): Ending clean mount
[  156.671509][ T7192] netlink: 'syz.4.382': attribute type 10 has an invalid length.
[  156.680447][ T7192] netlink: 40 bytes leftover after parsing attributes in process `syz.4.382'.
[  156.695322][ T5842] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  157.045510][ T7192] team0: Port device geneve0 added
[  157.497438][   T30] audit: type=1326 audit(1751282163.638:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7195 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  157.521334][ T5849] Bluetooth: hci2: command tx timeout
[  157.585486][   T30] audit: type=1326 audit(1751282163.648:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7195 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  157.597789][ T7111] chnl_net:caif_netlink_parms(): no params data found
[  157.920197][ T5912] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  158.077555][ T5912] usb 4-1: device descriptor read/64, error -71
[  158.126770][ T7111] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.138153][ T7111] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.156076][ T7111] bridge_slave_0: entered allmulticast mode
[  158.166260][ T7194] loop0: detected capacity change from 0 to 32768
[  158.201594][ T7111] bridge_slave_0: entered promiscuous mode
[  158.549460][ T7194] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  158.578758][ T7111] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.683549][ T7111] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.827112][ T7111] bridge_slave_1: entered allmulticast mode
[  158.843575][ T7111] bridge_slave_1: entered promiscuous mode
[  158.894964][ T7194] XFS (loop0): Ending clean mount
[  158.999966][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  158.999984][   T30] audit: type=1804 audit(1751282165.478:99): pid=7229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.381" name="/newroot/71/file1/file1" dev="loop0" ino=6150 res=1 errno=0
[  159.050962][ T5912] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  159.114079][ T7233] random: crng reseeded on system resumption
[  159.260632][ T7111] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  159.284522][ T5912] usb 4-1: device descriptor read/64, error -71
[  159.441591][ T5912] usb usb4-port1: attempt power cycle
[  159.509210][ T7111] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  159.600069][ T5849] Bluetooth: hci2: command tx timeout
[  159.861071][ T5912] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  159.960264][ T5830] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  159.976301][ T5912] usb 4-1: device descriptor read/8, error -71
[  160.129713][ T7111] team0: Port device team_slave_0 added
[  160.162826][ T7111] team0: Port device team_slave_1 added
[  160.399061][ T7111] batman_adv: batadv0: Adding interface: batadv_slave_0
[  160.406222][ T5912] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  160.436813][ T7111] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.463931][ T7111] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  160.476997][ T7111] batman_adv: batadv0: Adding interface: batadv_slave_1
[  160.484209][ T7111] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.512265][ T5912] usb 4-1: device descriptor read/8, error -71
[  160.518653][ T7111] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  160.544238][ T7246] input: syz1 as /devices/virtual/input/input13
[  160.620167][ T5912] usb usb4-port1: unable to enumerate USB device
[  160.667631][ T7111] hsr_slave_0: entered promiscuous mode
[  160.691589][ T7111] hsr_slave_1: entered promiscuous mode
[  161.003204][ T7250] loop0: detected capacity change from 0 to 40427
[  161.133497][ T7111] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  161.141265][ T7111] Cannot create hsr debugfs directory
[  161.190523][   T30] audit: type=1326 audit(1751282167.608:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7251 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  161.216753][ T7250] F2FS-fs (loop0): build fault injection rate: 690
[  161.224369][ T7250] F2FS-fs (loop0): Image doesn't support compression
[  161.231265][ T7250] F2FS-fs (loop0): Image doesn't support compression
[  161.237969][ T7250] F2FS-fs (loop0): build fault injection type: 0x0
[  161.254337][   T30] audit: type=1326 audit(1751282167.608:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7251 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  161.277197][ T7250] F2FS-fs (loop0): invalid crc value
[  161.283005][   T30] audit: type=1326 audit(1751282167.608:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7251 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  161.305867][   T30] audit: type=1326 audit(1751282167.608:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7251 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  161.394119][   T30] audit: type=1326 audit(1751282167.608:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7251 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  161.416516][   T30] audit: type=1326 audit(1751282167.608:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7251 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  161.443948][   T30] audit: type=1326 audit(1751282167.608:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7251 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  161.493772][   T30] audit: type=1326 audit(1751282167.608:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7251 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  161.516444][   T30] audit: type=1326 audit(1751282167.608:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7251 comm="syz.3.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  161.614513][ T7250] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  162.325085][ T5830] syz-executor: attempt to access beyond end of device
[  162.325085][ T5830] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  162.387032][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  162.387065][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  162.387078][ T5830] Call Trace:
[  162.387087][ T5830]  <TASK>
[  162.387096][ T5830]  dump_stack_lvl+0x189/0x250
[  162.387136][ T5830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  162.387165][ T5830]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  162.387195][ T5830]  ? __pfx_queue_work_on+0x10/0x10
[  162.387226][ T5830]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  162.387255][ T5830]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  162.387287][ T5830]  ? f2fs_hw_is_readonly+0x39b/0x470
[  162.387319][ T5830]  f2fs_handle_critical_error+0x37c/0x540
[  162.387353][ T5830]  f2fs_write_end_io+0x495/0x810
[  162.387382][ T5830]  ? blkg_put+0x22/0x240
[  162.387424][ T5830]  __submit_merged_bio+0x27a/0x6a0
[  162.387458][ T5830]  __submit_merged_write_cond+0x255/0x530
[  162.387492][ T5830]  f2fs_write_data_pages+0x261d/0x3000
[  162.387558][ T5830]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  162.387649][ T5830]  ? folios_put_refs+0x559/0x640
[  162.387689][ T5830]  ? __lock_acquire+0xab9/0xd20
[  162.387724][ T5830]  ? do_raw_spin_lock+0x121/0x290
[  162.387758][ T5830]  ? do_raw_spin_unlock+0x122/0x240
[  162.387779][ T5830]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  162.387810][ T5830]  do_writepages+0x32e/0x550
[  162.387858][ T5830]  ? do_raw_spin_unlock+0x122/0x240
[  162.387884][ T5830]  filemap_fdatawrite+0x199/0x240
[  162.387914][ T5830]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  162.387997][ T5830]  ? do_raw_spin_unlock+0x122/0x240
[  162.388023][ T5830]  f2fs_sync_dirty_inodes+0x31f/0x830
[  162.388071][ T5830]  f2fs_write_checkpoint+0x95a/0x1df0
[  162.388128][ T5830]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  162.388206][ T5830]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  162.388223][ T5830]  ? kfree+0x18e/0x440
[  162.388253][ T5830]  ? kill_f2fs_super+0x298/0x6c0
[  162.388290][ T5830]  kill_f2fs_super+0x2c3/0x6c0
[  162.388328][ T5830]  ? __pfx_kill_f2fs_super+0x10/0x10
[  162.388356][ T5830]  ? radix_tree_delete_item+0x2b6/0x400
[  162.388395][ T5830]  ? shrinker_free+0x2ce/0x3e0
[  162.388423][ T5830]  deactivate_locked_super+0xbc/0x130
[  162.388453][ T5830]  cleanup_mnt+0x425/0x4c0
[  162.388479][ T5830]  ? lockdep_hardirqs_on+0x9c/0x150
[  162.388514][ T5830]  task_work_run+0x1d1/0x260
[  162.388540][ T5830]  ? __pfx_task_work_run+0x10/0x10
[  162.388560][ T5830]  ? __x64_sys_umount+0x122/0x160
[  162.388596][ T5830]  ? exit_to_user_mode_loop+0x40/0x110
[  162.388625][ T5830]  exit_to_user_mode_loop+0xec/0x110
[  162.388652][ T5830]  do_syscall_64+0x2bd/0x3b0
[  162.388670][ T5830]  ? lockdep_hardirqs_on+0x9c/0x150
[  162.388700][ T5830]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.388721][ T5830]  ? clear_bhb_loop+0x60/0xb0
[  162.388747][ T5830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.388767][ T5830] RIP: 0033:0x7fcf4b18fc57
[  162.388785][ T5830] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  162.388803][ T5830] RSP: 002b:00007ffc61e8db58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  162.388832][ T5830] RAX: 0000000000000000 RBX: 00007fcf4b210925 RCX: 00007fcf4b18fc57
[  162.388847][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc61e8dc10
[  162.388860][ T5830] RBP: 00007ffc61e8dc10 R08: 0000000000000000 R09: 0000000000000000
[  162.388873][ T5830] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc61e8eca0
[  162.388886][ T5830] R13: 00007fcf4b210925 R14: 00000000000277cd R15: 00007ffc61e8ece0
[  162.388920][ T5830]  </TASK>
[  162.388928][ T5830] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  162.749398][ T7279] netlink: 168 bytes leftover after parsing attributes in process `syz.4.404'.
[  163.132270][ T7111] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  163.187373][ T7111] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  163.212664][ T7111] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  163.215885][ T7286] loop4: detected capacity change from 0 to 256
[  163.250269][ T7111] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  163.264803][ T7286] FAT-fs (loop4): Directory bread(block 64) failed
[  163.278273][ T7286] FAT-fs (loop4): Directory bread(block 65) failed
[  163.290206][ T7286] FAT-fs (loop4): Directory bread(block 66) failed
[  163.296773][ T7286] FAT-fs (loop4): Directory bread(block 67) failed
[  163.320618][ T7286] FAT-fs (loop4): Directory bread(block 68) failed
[  163.329938][ T7286] FAT-fs (loop4): Directory bread(block 69) failed
[  163.336559][ T7286] FAT-fs (loop4): Directory bread(block 70) failed
[  163.350153][ T1209] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  163.407801][ T7286] FAT-fs (loop4): Directory bread(block 71) failed
[  163.450781][ T7295] random: crng reseeded on system resumption
[  163.499902][ T1209] usb 2-1: device descriptor read/64, error -71
[  163.509123][ T7286] FAT-fs (loop4): Directory bread(block 72) failed
[  163.589570][ T7286] FAT-fs (loop4): Directory bread(block 73) failed
[  164.309476][ T7111] 8021q: adding VLAN 0 to HW filter on device bond0
[  164.405378][ T7111] 8021q: adding VLAN 0 to HW filter on device team0
[  164.406622][ T7297] loop3: detected capacity change from 0 to 2048
[  164.453773][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.460969][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  164.478777][ T7297] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.493158][ T7297] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.503779][ T1209] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  164.534021][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.541208][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  164.597619][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.640355][ T1209] usb 2-1: device descriptor read/64, error -71
[  164.877123][ T1209] usb usb2-port1: attempt power cycle
[  166.915756][ T7329] loop3: detected capacity change from 0 to 2048
[  167.109529][ T1209] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  167.648754][ T7329] UDF-fs: warning (device loop3): udf_fill_super: No partition found (2)
[  167.691748][ T7111] 8021q: adding VLAN 0 to HW filter on device batadv0
[  168.173626][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  168.173645][   T30] audit: type=1326 audit(1751282174.338:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7333 comm="syz.1.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  168.300033][ T7343] random: crng reseeded on system resumption
[  168.305593][ T5899] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  168.498066][   T30] audit: type=1326 audit(1751282174.348:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7333 comm="syz.1.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  168.601600][ T1209] usb 2-1: device not accepting address 6, error -71
[  168.660039][   T30] audit: type=1326 audit(1751282174.358:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7333 comm="syz.1.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  168.698099][   T30] audit: type=1326 audit(1751282174.358:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7333 comm="syz.1.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  168.721881][   T30] audit: type=1326 audit(1751282174.368:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7333 comm="syz.1.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  168.744659][   T30] audit: type=1326 audit(1751282174.368:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7333 comm="syz.1.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  168.767207][   T30] audit: type=1326 audit(1751282174.688:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7333 comm="syz.1.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  168.809966][ T5899] usb 1-1: Using ep0 maxpacket: 8
[  168.893803][   T30] audit: type=1326 audit(1751282174.688:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7333 comm="syz.1.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032ff8e929 code=0x7ffc0000
[  168.988802][ T5899] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  169.002075][ T5899] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  169.013809][ T5899] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  169.037247][ T5899] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  169.074658][ T5899] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  169.102453][ T5899] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.130318][    C1] sd 0:0:1:0: [sda] tag#430 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  169.140715][    C1] sd 0:0:1:0: [sda] tag#430 CDB: Read(6) 08 00 9f d1 fe de
[  169.318039][ T7360] loop1: detected capacity change from 0 to 1024
[  169.342266][ T5899] usb 1-1: GET_CAPABILITIES returned 0
[  169.354010][ T5899] usbtmc 1-1:16.0: can't read capabilities
[  169.403474][ T7111] veth0_vlan: entered promiscuous mode
[  169.434711][ T7111] veth1_vlan: entered promiscuous mode
[  169.531621][ T1330] hfsplus: b-tree write err: -5, ino 4
[  169.577415][ T7111] veth0_macvtap: entered promiscuous mode
[  169.587460][ T5955] usb 1-1: USB disconnect, device number 9
[  170.024943][ T7111] veth1_macvtap: entered promiscuous mode
[  170.329157][ T7111] batman_adv: batadv0: Interface activated: batadv_slave_0
[  170.351844][ T7368] loop1: detected capacity change from 0 to 1024
[  170.359035][ T7368] EXT4-fs: Ignoring removed nobh option
[  170.408866][ T7111] batman_adv: batadv0: Interface activated: batadv_slave_1
[  170.451905][ T7368] EXT4-fs (loop1): stripe (1572) is not aligned with cluster size (16), stripe is disabled
[  170.474553][   T59] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.486962][   T59] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.523476][   T59] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.544716][ T7375] loop4: detected capacity change from 0 to 1024
[  170.547219][ T7368] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.574137][ T1330] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.660276][ T7368] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 16: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  170.679976][ T7368] EXT4-fs (loop1): Remounting filesystem read-only
[  170.753683][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.831905][ T1330] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.839763][ T1330] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.942123][ T7384] random: crng reseeded on system resumption
[  171.633030][ T1330] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.725420][ T1330] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  172.179278][ T7403] loop5: detected capacity change from 0 to 8
[  172.247736][ T7403] SQUASHFS error: lzo decompression failed, data probably corrupt
[  172.271228][ T5899] kernel write not supported for file /224/attr/exec (pid: 5899 comm: kworker/0:5)
[  172.300023][ T7403] SQUASHFS error: Failed to read block 0x144: -5
[  172.315987][ T7403] SQUASHFS error: Unable to read metadata cache entry [142]
[  172.613330][ T7403] SQUASHFS error: Unable to read inode 0x11f
[  173.178389][ T7397] loop3: detected capacity change from 0 to 32768
[  173.332740][ T7395] loop1: detected capacity change from 0 to 32768
[  173.348305][ T7395] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  173.386956][ T7397] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io
[  173.387850][ T7397]   allowing incompatible features above 0.0: (unknown version)
[  173.387869][ T7397]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  173.422606][ T7395] XFS (loop1): Ending clean mount
[  173.435245][ T7397] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  173.450168][ T7397] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  173.458474][ T7397] bcachefs (loop3): Version upgrade required:
[  173.458474][ T7397] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  173.458474][ T7397] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  173.458474][ T7397]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  173.555223][ T7395] XFS (loop1): Quotacheck needed: Please wait.
[  173.561086][ T7397] bcachefs (loop3): dropping and reconstructing all alloc info
[  173.605018][ T7395] XFS (loop1): Quotacheck: Done.
[  173.618009][ T7397] bcachefs (loop3): accounting_read... done
[  173.627071][ T7397] bcachefs (loop3): alloc_read... done
[  173.636266][ T7397] bcachefs (loop3): snapshots_read... done
[  173.646787][ T7397] bcachefs (loop3): check_allocations... done
[  173.734363][ T7397] bcachefs (loop3): going read-write
[  173.747011][ T5842] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  173.770793][ T7397] bcachefs (loop3): done starting filesystem
[  173.965326][ T7444] random: crng reseeded on system resumption
[  174.198199][   T30] audit: type=1800 audit(1751282180.528:119): pid=7397 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.436" name="file1" dev="loop3" ino=536870912 res=0 errno=0
[  174.849628][ T5831] bcachefs (loop3): shutting down
[  174.859866][ T5831] bcachefs (loop3): going read-only
[  174.866053][ T5831] bcachefs (loop3): finished waiting for writes to stop
[  174.913935][ T5831] bcachefs (loop3): flushing journal and stopping allocators, journal seq 12
[  175.031142][ T7456] Zero length message leads to an empty skb
[  175.139345][ T5831] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 13
[  175.175170][ T5831] bcachefs (loop3): unclean shutdown complete, journal seq 14
[  175.227651][ T5831] bcachefs (loop3): done going read-only, filesystem not clean
[  175.358005][ T5831] bcachefs (loop3): shutdown complete
[  175.749114][ T7454] loop0: detected capacity change from 0 to 32768
[  175.771045][ T7454] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.448 (7454)
[  175.816498][ T7454] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  175.843551][ T7454] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  175.866017][ T7454] BTRFS info (device loop0): using free-space-tree
[  176.014491][ T5830] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  176.029454][ T7460] BUG: sleeping function called from invalid context at ./include/linux/sched/mm.h:321
[  176.039775][ T7460] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 7460, name: syz.1.452
[  176.060048][ T7460] preempt_count: 0, expected: 0
[  176.077558][ T7460] RCU nest depth: 1, expected: 0
[  176.102317][ T7460] 2 locks held by syz.1.452/7460:
[  176.112299][ T7460]  #0: ffffffff8e13bee0 (rcu_read_lock){....}-{1:3}, at: query_vma_setup+0x18/0x110
[  176.124481][ T7460]  #1: ffff888063527448 (vm_lock){++++}-{0:0}, at: lock_next_vma+0x146/0xdc0
[  176.139470][ T7460] CPU: 0 UID: 0 PID: 7460 Comm: syz.1.452 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  176.139497][ T7460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  176.139510][ T7460] Call Trace:
[  176.139518][ T7460]  <TASK>
[  176.139531][ T7460]  dump_stack_lvl+0x189/0x250
[  176.139570][ T7460]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.139613][ T7460]  ? print_lock_name+0xde/0x100
[  176.139641][ T7460]  __might_resched+0x495/0x610
[  176.139672][ T7460]  ? irq_enter_rcu+0x1b/0xf0
[  176.139697][ T7460]  ? __pfx___might_resched+0x10/0x10
[  176.139753][ T7460]  ? __kmalloc_noprof+0xa3/0x4f0
[  176.139789][ T7460]  __kmalloc_noprof+0xbc/0x4f0
[  176.139818][ T7460]  ? procfs_procmap_ioctl+0x877/0xd10
[  176.139853][ T7460]  procfs_procmap_ioctl+0x877/0xd10
[  176.139901][ T7460]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  176.139944][ T7460]  ? __fget_files+0x2a/0x420
[  176.139966][ T7460]  ? __fget_files+0x2a/0x420
[  176.139984][ T7460]  ? __fget_files+0x3a0/0x420
[  176.140002][ T7460]  ? __fget_files+0x2a/0x420
[  176.140024][ T7460]  ? bpf_lsm_file_ioctl+0x9/0x20
[  176.140050][ T7460]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  176.140080][ T7460]  __se_sys_ioctl+0xfc/0x170
[  176.140109][ T7460]  do_syscall_64+0xfa/0x3b0
[  176.140127][ T7460]  ? lockdep_hardirqs_on+0x9c/0x150
[  176.140155][ T7460]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.140174][ T7460]  ? clear_bhb_loop+0x60/0xb0
[  176.140198][ T7460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.140216][ T7460] RIP: 0033:0x7f032ff8e929
[  176.140234][ T7460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.140251][ T7460] RSP: 002b:00007f032ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  176.140271][ T7460] RAX: ffffffffffffffda RBX: 00007f03301b5fa0 RCX: 00007f032ff8e929
[  176.140285][ T7460] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000003
[  176.140298][ T7460] RBP: 00007f0330010b39 R08: 0000000000000000 R09: 0000000000000000
[  176.140310][ T7460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  176.140321][ T7460] R13: 0000000000000000 R14: 00007f03301b5fa0 R15: 00007ffd97149fb8
[  176.140352][ T7460]  </TASK>
[  177.823479][   T30] audit: type=1326 audit(1751282184.308:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f11ead2ab19 code=0x7ffc0000
[  177.862910][   T30] audit: type=1326 audit(1751282184.318:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f11ead2ab19 code=0x7ffc0000
[  177.888010][   T30] audit: type=1326 audit(1751282184.318:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f11ead2ab19 code=0x7ffc0000
[  177.917884][   T30] audit: type=1326 audit(1751282184.318:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f11ead2ab19 code=0x7ffc0000
[  177.951329][   T30] audit: type=1326 audit(1751282184.328:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f11ead2ab19 code=0x7ffc0000
[  177.977616][   T30] audit: type=1326 audit(1751282184.328:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f11ead2ab19 code=0x7ffc0000
[  178.002773][   T30] audit: type=1326 audit(1751282184.328:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f11ead2ab19 code=0x7ffc0000
[  178.030988][   T30] audit: type=1326 audit(1751282184.328:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000
[  178.059089][   T30] audit: type=1326 audit(1751282184.328:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11ead8e929 code=0x7ffc0000