last executing test programs:

3m35.399781674s ago: executing program 2 (id=2952):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000180)={0x0, 0xf, 0xc, 0x1, 0x4, "5a1c966bcd4b7448"})
write$UHID_INPUT(r0, &(0x7f0000001040)={0x9, {"a2e3ad21ed0d09f90e3d090987f70e06d038e7ff7fc6e5539b0d5b0e8b099b3f36006c090890e0878f0e1ac6e7f89b334d959b639a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0a6193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000400000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617679314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec230911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918c91243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac5a4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4b333bd5bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3be3b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ce0700c7e658828163e2d25c4aa348561f927eff7f3aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f05004b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d486046b2c0e2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee6157eb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de225727aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d78749a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29c60acebdbe8ddbd75c2f998d8a57f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bad36f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95ff80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8870b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513007000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae8489d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60299473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d946a2daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810300000000000000a12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf000000800000000007b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae0e797e8bd1f4108b7807fb36207685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ad50dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b9048017848416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1db44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744d2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b00f1000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de9c0587c2cb5fe36d7d3e5db21b013b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cf4b23329072e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06810002000000000000957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f3e90d5943dbc10360a1a49700d1dfbf66d69f6fbafe1e83cdde8bb0d872a02238926407a4eddd5d0fc5a752f900000000000000100", 0x1000}}, 0x1006)

3m34.787143356s ago: executing program 2 (id=2956):
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f00000009c0)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20044818)
close(0x3)

3m34.549322515s ago: executing program 2 (id=2958):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="05000000080000000200000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000080000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3m34.247118696s ago: executing program 2 (id=2960):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000400)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@nombcache}, {@test_dummy_encryption}, {@usrquota}, {@nogrpid}, {@resgid}]}, 0x1, 0x451, &(0x7f0000000980)="$eJzs281rHGUYAPBnZpP020SpH/1Qo1UsfiRNWmsPXhQFDwqCHtpjTNJSu22kiWBL0SpSj1LwLh4F/wJPehH1JHjVuxSK9NIqCCOT3Wl2t7vbbLKbje7vB9O+73zwPs/OvLvvzJsJYGCN5/8kETsj4reIGK1U63cYr/x368al2b9uXJpNIsve+jM5MRIRN29cmi12LY7bUVSGItJPk9jXpN3FCxfPzJTL8+er9cmls+9NLl64+NzpszOn5k/Nn5s+duzI4akXjk4/33FOY03W5Xnd3Pvhwv49r524+sbs8avv/PRNUuTfkEeXjLfb+GSWdbm5/tpVU06G+hgIHSlVumkML/f/0SjFyskbjVc/6WtwQE9lWZY90Hrz5Qz4H0ui40OGOj8E2HyKH/r8/rdYNmjosSlcf6lyA5Tnfau6VLYMRVrdZ7jh/rabxiPi+OW/v8yX6M1zCACAOt/l459nm43/0qh9LnRPdQ5lLCLujYj7IuJoROyOiPsjlvd9MCIeWn3TpWgySXLn+Ce9tubkViEf/734Txa37hj/FaO/GCtVa7uW8x9OTp4uzx+qfiYHY3hLXp9q08b3r/z6eattteO/fMnbL8aC1TiuDW2pP2ZuZmlmPTnXuv5xxN6haJJ/cnsmIImIPRGxd41tnH766/2ttt09/za6MM+UfRXxVGVu83I05F9I2s9PTm6N8vyhyeKquNPPv1x5s1X768q/C/Lzvz2an/+qsaR2vnax8zau/P5Zy3uatV7/I8nbdes+mFlaOj8VMZK8Xgm6dv10w37TK/vn+R88UJ9/peeny99xxSexLyLyi/jhiHgkIh6txv5YRDweEQfa5P/jy0+8u/b8eyvPf66j879SGInGNc0LpTM/fFvX6Fgn+efn/0hEttIfV/P9t5q41nY1AwAAwH9PGhE7I0knbpfTdGKi8jf8u2N7Wl5YXHrm5ML75+Yq7wiMxXBaPOkarXkeOlW9rS/q0w31w9Xnxl+Uti3XJ2YXynP9Th4G3I4W/T/3R6nf0QE9530tGFy1/X+4j3EAG8/vPwwu/R8GV5P+v60fcQAbr9nv/0d9iAPYeA39v+2030iPYwE2lvt/GFz6Pwwu/R8G0uK2uPtL8grtC1s7/AxHNkHM6y5EuinCUOhRod/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//VQTm5g==")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000140), 0x8, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

3m33.621772801s ago: executing program 2 (id=2969):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$media(&(0x7f00000001c0), 0x10, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000280)={0x0, 0x8, 0x0, &(0x7f0000001d40), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x0, 0x0})

3m31.879877171s ago: executing program 2 (id=2976):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000000000406c256d00000002000001090224000100000000090424d7010300000009210000080122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x2, "19fde941"}]}}, 0x0}, 0x0)

3m31.28750482s ago: executing program 32 (id=2976):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000000000406c256d00000002000001090224000100000000090424d7010300000009210000080122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x2, "19fde941"}]}}, 0x0}, 0x0)

3m5.890048141s ago: executing program 5 (id=3150):
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080), 0x101600, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000680)={0x4000000c})

3m5.555799327s ago: executing program 5 (id=3154):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3M1rI2UYAPAn/djtfrgW8eBtBxahhU1o+rHoreoufmCXsurBk6ZJGrKbZEqTprUnDx7Fg/+JKHjy6N/gwbM38aB4E5TMTHXrBwhNm+3294PJM++bN888b1gWnpmSAC6s+eTXn0txI65ExHREXI/IzkvFkVnPwwsRcTMiph47SsX8nxOXIuJqRNwYJc9zloq3Pr89vLX201u/fPPd5ZlrX3z9/eR2DUzaixHR3cnP97t5TFt5fFjM14btLHZXh0XM3+g+KsZpHvebW1mG/drRuloWV1r5+nRnrz+K251afRRb7e1sfqeXX7A/bB3lyT7wsLabjRvNrSy2+2kWW4d5XQeH+f9th/1BnqdR5PsoSx+DwVHM55sHzXw/O4+yWO8Nivk8b9poHozisIjF5aKedhpZHVsn+aafbG+3e3sHybC522+nvWStUn2pUr1Tru6mjeaguVqudRt3VpOFVme0rDxo1rrrrTRtdZqVetpdTBZa9Xq5Wk0W7ja32rVeUq1WVipL5bXF4ux28vr995JOI1kYxVfbvb1Bu9NPttPdJP/EYrJcWXl5MblVTd7Z2Ew2H9y7t7H57gd337//ysabrxWL/lFWsrC8tLxcri6Vl6uLF2j/nxRFj3H/cCKlSRcAcP7o/4FJOL3+f/dBxOn3/6H/H4tz1f9e9P7/FPYPJ6L/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4sH6Y/fKN7GQ+H18r5p8ppp4rxqWImIqI3//FdFw6lnO6yDP7H+tn/1bDt6XIMoyucbk4rkbEenH89uxpfwsAAADw9Prq45uf5d16/jI/6YI4S/lNm6nrH44p31xEzM7/OKZsU6OX58eULPv3PRMHY8qW3cCaG1Oy/JbbzLiy/S/Tx8LcY6GUh6kzLQcAADgTxzuBs+1CAAAAOEufTroAJqMUR48yj54FZ395/9cDwSvHRgAAAMA5VJp0AQAAAMCpy/p/v/8HAAAAT7f89/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgD3bu5zZxIIoD8LPBC/tPi1Z731b2BmVsCXvcY0QBaYICciAtpAFqILeUEEGExyEQcYjksa1E3yc5k7HMjzcIDjMjDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KX7ar24vfp93TZnt28nz2gAAACAS7bVelH/M0v9r839782tn02/iIgyIi7N3Ufx6Sxz1ORUL8/fnD5fvarhLqJOOLzHpLm+RMSf5nr80fWnAAAAAB/XZrmap9l6+jMbuiD6lBZtym9/M+UVEVHNHjKllYe8X5nC6u/3OP5nSqsXsKaZwtKS2zhX2pvUP/fjqt30pClSU1582bHIbGMHAAB6NDpr+p2FAAAA0Kd/QxfAMIp43so8bgVOUtNs730+6wEAAADvUDF0AQAAAEDn6vl/T+f/7Z3/BwAAAMNI5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQpW21XmyWq3nbnN2+nTyjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCf25x0FQiAMwmDv+s5k7n9YadDU1KQKhI+/MRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjzu7/8n5gaZ5K518bS80iydmpsnRp758bRH8bXrwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNiflxQIgSCIgjnjfyd9/8NKgp5BhAhoeFRRiwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuh3v/yfmBpnkrnTxtLxSLJ21di6auw9aBw9GG//BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNi5n9c4qjgA4G9mdra2Kq5R9hARBQ96sdttbe1NPCjBg3+CENJtjd36o83BliLm4k1y7kX0KCIo8db/IecEcom3HPYQwbMyszPZyQ9w/TWzST4fePO+Owzzvm8WQr7zXgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBp9PYkTrJDZxzHxbnNvYdLWb91qM88Xtuez1oWR3UmfTK8WP0QdZtLBAAAgLMjKev7EMJOur6Q9XEnr//T8pqs5v/26XFc1vOH6/6yL2v/rP3y8+7z+wN1xuNkN725PBxcOppK6/+b5Wx75i+vaOVPPn/3kuRfSPze6nOjNH+e0dcbG++08/BcHdkCAP/ExbIvgvL3oazvN5kYAGdGq1J4l/V/0mk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6jFbDk2UchRDmW5M4s7X3cOm4/vHa9nzZrj16tBa+nNwzu0UaQri5PBxcqnU2s+3e/Qe3F4fDwd36g5dCCE2N/lYx/dsfTHFxCI08H8F/FMTFlz0r+ZyMoMEfSgAAnEpp0bK6fiddX8jORXMh/PHdwfr/1Uocpqz/dz+8tlkdq1r/92ub4ezrrdz5tHfv/oPXl+8s3hrcGnz8xuX+m/0r169evd7L35X0vDEBAADg32kXrVr/x3NH1/8vVOIwZf3/2Tf9L6pjJer/Y00W/ZrOBAAA4Gx79uXff4uOOR+12+HzxZWVu/3xcf/z5fGxgVT/tnNFq9b/yVzTWQEAAAB1GK1GB9b/b1TiMOX6/1Pfv/Bj9Z5JCOF8sf5/cemT4Y36pjPT6vhz4qbnCAAAQLPOF626/p/m+//j/S0PcQjhtVfGcfFvAKeq/5N3v/qhOlZ1//+V+qY4k+Lu+HnkfTeEVrfpjAAAADjNnihaVuz/mq4vfPTThffb9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O3PAAAA//9WwT6Z")
r0 = creat(&(0x7f0000000240)='./file1\x00', 0x180)
fadvise64(r0, 0x800, 0x0, 0x0)

3m3.637130778s ago: executing program 5 (id=3166):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./file0\x00', 0x0, &(0x7f0000000040)={[{@noacl}]}, 0x1, 0x5599, &(0x7f0000005680)="$eJzs3X1oVecdB/BzTaKhFpPV1alY6RSqdGVTW5DNUeNLZjvfkhq0NTXGaWudrViZW9qJCwliOi2NSh2jrjhkRVtWApO+iFPXoUM2psikszLnim44ahZ1gh2Tjdx7n+u955rk1nVNXz6fknvuc3/nec5zD+eP+731OTcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAKIoSm289OevImvqxM8fNeeA/j7y669ljk5aNPnL25/N3TCuqWv1U3fSGlrq5UzqaKxfPP3p1/aEoSqT6pfsvnHzfA4/OWTizNAxYX53alpd3ecjk4+lUo2/Oi539cv8WRVFUEhugKL2tLMpqJ+IHiFblD9it6k1X3lxWM/XtxssXJg6vHbU3/63TqbS3J9Bb0tfVmWvXUkXysU9sj0w769JL5Fyiqf7xC+4jeRMAwAcypiq5yXwcTX/EzbQb4/VYuyLWbo21wyeE1uzGjUiN27ered4er/fSPCtSUaFfl/OM1dPnP9OuivePtWNR4wPMM3fXdKQp7WqeK2P13ponAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMfJu5PmXZgy/cXLfSfV7hiy4a+z+mxcv+9UbfVLd+2sPrHujf61ddMbWurmTulorlw8/+jV9YeiqDzZL5Hqnnhj08Kn+tbNfHDzQ2srZ0w49FpRetywLc7aOfpjePLVsij6VlblTBj23IAoqsotJJvRj/MLy5JP7g8FAAAAPk2GJB/7ZNqpOFiS004k02Qi+V+QCovVm668uaxm6tuNly9MHF47au+Nj1fVxXgV1x0v0y6/9pfICsYh/sbHu1YPu67KG6d78RHjef7YtHdmnBlRf27rlfNNTWsv7h534K73tkw93/zNd/av6Hf/cyPy8n959/k/nDn5HwAAgP+F/B8fp3s95f+3ZlfOaPvDvT/6/biv/31o9cZ3m/YmVg09vmLkd+ZNPPXa869fzcv/t+ccMi//hxmH/N8nurH8DwAAAB9n/+/8X5E3Tvd6yv/PHDwxdM+ogzWN0furyv6VOLhk36nnvtZ8ec29216oPDvrsf55+X9MYfm/OHva4cXfhQkvL4uiMYWfVAAAACBH+P/u175aCHk99c1BPK+/PP7FnRdLZxYvKf7yrl3bnl5TevcdA5fWLn5l9EtDnjg8/9nVefm/orD8X/LRvF0AAACgAIs23L100D/mjd+2pH32rVePVg66Z/vRO25un7G6Zv2kFbec/kpe/q8qLP/36523AwAAAFzHsfmPLFrxt9071v16xOQxpe9PGTn7e3WX9hwe++9RNR0vjP/GW3n5v76w/H9Tepte+ZDqdCj8K4QtZVFU2vlkZarwm6h1YqYAAAAAfEhCTm/44eylDZuf2fbPizV3vtJ8y8utf374C+V3bpz2s+9vOT63adO+vPy/svv7/4c7HYT1/zn3/8tb/59VSN31b4IbAwAAAPBZlL+eP9weP/XLBV39/n6h6/8fe3r4o1u/+5Olv7itfHfitpNPfumJ5ocrfzpwYHvL6JHNRYNL8vJ/Y2H5vyh7+2H+/h8AAADcgE/a7/89lDdO93q6//+0BesOL2gf+/kDLe3Pjxn02znFDy7Y+af2m/c/Oax9/7nzLcPy8n9rYfk/bPtnv70D4fw0l0XR4M4n6bsJ7grTXR4rtJVkFVInPtZjTuiRLrT1yyokrYz1GFcWRV/sfNIYK3wuFFpjhY4B6cL2WOFIKKSvh0zh1VjhQLjStg5ITzdeeD0U0gss2sIKiv6ZJRGxHpe66tFZuG6Pk5mDAwAAfKaE8JzOsiW5zSgeZdsSPe1wU0879Olph6KediiO7RDfsavXo/rcQnj9L6dXv/f48l/WTmi4Z+7kPcOOP37f2bE/+PbaX83uv6XxxKUpTXn5f3th+T+cir6pTVfr/6Ow/j/9u4aZ9f/1oVAeK7SFQlX8jgFV4RipsLshHKO8Kt2jY3CmAAAAAJ9q4XuBol6eBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBf9u49Sq6qThTw7nd30uk0OI6AykSdJEZMdydBlICLPERUjHQYZFTGPEg65NEkIQ8kwYWBsBwUdQLBxDvDXQS4WYCixDgEERgSlcC9RHnNMAzyFLiBUSFc3nCZ3NV9aleqzulKV0wa0tzv+6NrV/3289Sja59zah8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPj/w+BDv7LgilOeuWnkC3936imNC59+bsxlB3/kiPqb5h48/PUtd8+6fcrxZ10w5eSJO1YeO+Mrd7/591tDaO8uV5EUr/j5RVOX1U6Z9KWLv3zOsZ8/auum2ly9uXgY2PWnMnfn/Njqk4NCuKEihOp0YGRjEqjJ3W+M9b2vMYQDwq5AvkTHgKREuuFwW0MI68KuQL6qGxtCaCwInHTvL2/9blfikoYQhoYQ6tJtPFyXtNGQDgyrTQID0oEF1UnglZ2JfODnlUkA9lp8M+Rf9BvaizM091yuxOuvZp917O2VHl5VTDSXzven8X3cqQK16Qfa9+ppy1RHn8i8PTZ7t/WDd1tmO6/ytBV+kcp9Q9m5K1QXKmd2zJq+tHNJfKQytLRUlaqpj57nh5//+ow9Sfeb12HsQPM+eR1W7dh+59mNn7pu9aD1r64ce+WWve3mQwWbtDDd1+pC7jXXb57HaJzPk37w9st8SxriS1cI4V9vqNv26hcuf/nTa7ZcPem8v13zzIjTW9veuO+F6yctWLXg+v/+i8z8v3n38//4co63lUW5Y6tvNCVz8/hIY0w815TMzQEAAKDf6A97Tac+NOvF4b/5xD9PvvHR7YOO/5tFqw/+de2Wdz34VOX4Z285ecT81zLz/yHlHf+Ph/wbC0e7OYRx3YmVg0M4qPvxJHBN7M6pg0P4QHeqvTgwPhXYHMLB3YkR+apSJepjiSGpwPamXGBcKrA1BtpTgfUxsCoVOD8GNqQCM2JgcyowIQbCnOJxfKQpN46yAw0xMC3ZiBviWQgvNMXWUtvqd/mqAAAA9pHc7LCm+G7BuQ57myFOLzc09JYhnoFdMkNdqob0DDY/rSpZQ3VvNVT2VkN+3Ct2P/xMzRW91Zw5DaOiOMPSb/7h/rFfXDW3euj22sNemnfczN8d8/41O1s++uPanT8cd9fahsz8v2338/+6HjpSkTn+H8Lk7r8xd2Uu0pmPT2svygAAAADshdETP/ZPl733l9fdcuLnfzv4jiOv2PjDqbVjv/XK0nt+uGLCudt+dEFm/j+uvPP/4z6RqoLMYVvcDTFvcAhtxYGk2qOygeSo98BcAAAAAPqD/PH4/LHwObnb5BTt9Hw6m799D/PHA//jesw//pC/fmzDf8z99k8nTjli7TmPzd9+1+EfrWn7m+cf/tIF86Z947JvZub/7eWd/z+g+DbpxNbYi9WDQ6gvCNwee9kV6DYkBh47pjiQG//WuAEujFXlTkzIV3VhLDEtBtpSgXWlStydL3FQcSD3ZOUbX5kfx5xciYIAAAAAvOXi7oB4XD6e/3/fgg/PPmpb3aG3rKr46V/uuKZz4vVtNc+M/VXT61/4whNff63xzMz8f9qenf/fPQ/OnN7fOTCE1uoQqtI/DNg2IFkYMAYaK3KJWwYkdVWlqzp3QAhHdw0sXdXjufX/q9NrDN7bkFQVAwd98Ornh3UlrmwIobUwcP8pl3+sK7EkFcg3/sWGEP6qa7Tpxq+vTxqvSTe+tj6EQwsC+apOrQ+hq7HadFW/rMtdxyBd1XV1IbyrIJCv6oi6EJYFAPqp+K90ZuGDi5ctnze9s7NjUR8m4j78hjBrTmdHy4wFnTPrSvRpZqrPRcsYnZsdU8nlkFLiEkWr7lk7tJx0/neCbYV9ye3Hz5w4mLsfvwvVdI9zdE3R3THpIX/4Q9kmQsE3qbdryAMKK9n1JGbqj/lrw8BQv3Rxx6KWs6YvWbJoVPK33Oyjk79xUMm2GpXeVgN66tt+8PIYXlhJ65LTF7YuXrZ85JzTp5/WcVrH/NFtYw5vO3LMqCM+3to1qrbkby9DHd5T1amh7rz8rR/qIdUFlbwVnxoSEhL9LfE/zjj95DuOnPOpE+5d+oGj1oybcPaNh89qXXPb9ZPWT3ts8I9GXZKZ/y/c/fw/furET/7c+gyljv83x8P8yeO7DvNPi4F15R7/by51ND9/YsCQVGBFDKxwmB8AAIB3hrg7Mu52jHutH6q74qrDL3329C2jJn7tzOaRv57wwXEHfvqML99x3H/+3/d/7xN//N+Z+f+K8n7/v4/W/88vXf+5Usv8j4gl2kqt/59e5j+//v+KUuv/p5f5z6//v+5tWP9/aT6Q2iQvWP8fAAB4J3jr1v/vdXn/9AUCMhl6Xd4/fYGATIZel/Ev9wIBe7z+/5PHXPv0B97/TPvPrr/j8ekXn3HOx9fUD9uxrL7l9m//+y9u/MqpgzLz/1Xlzf8t3A8AAAD7j2uPffLfjr3q+7ec3Pjsj2sWzT7/5vNuahz2WsWsjfMnDJh8zez/ysz/15U3/3/r1/8Lpc7/H1Iq0F5qYUDr/wEAANBPlVr/b/tP6i+9sHHHuk0bXv/ske9+/Tt3fOdrry34wQ8+89H3zV48adyEmzPz/w3lzf/jaReVRbljb95oSta0C+k17Z5ryv9kAAAAAPqHytDSUlNm3qKVUcf/+W3GpUB3ly504nE//WT70HffPufaKa3/cN99Ha2H3NnUsH7+zi+d8PTyp05YeWVm/r+5vPl/0e8yqnZsv/Psxk9d98bqQetfXTn2yi27jv8DAAAAfafc/RIAAAAAAAAAAAAAAMDb770Lxoy/t+Xxd1+0evn5zdddcfmbm1q3fPUfL6na/uHZf7hg7uiGzO//w+TucqV+/x+v+xd/X/AXRbljq72v/5e7f9LxP1nWvWThtqYQPlQYmHfevANC7tr8wwsDt351xHu6EuelS9z8yISnuhJT04HPjDzw5a7E0anAtLhI4sHpQLyq4suDUoG4vOJ96UDcHhvSgdpc4FuDknFUpLfVM43JtqpIb6sHG0MYXBDIb6sbGpM2KtIDvCQVyA/wjHQgDvALuUBlulc/GZj0KgYaY9HLBia9AgBgvxW/BdaEWXM6O9riV/h4e0h18W1UtGTZudlqq8psPi5NtuqetUPLSVelv4vuutZ4TajrGsKozNfVwiwV3aPcN7X0sun+osSQe1vtra82XW3pETUkI2qZsaBzZk2vAx/Te5bR1b1mGZWZ7BRmqezepGXUUkZfyhhRmdumjC7H+5WhpaUqlWtsDDaHIr29Isr9vX5Pa/6VekV0+cSXb/rD41ubPn3Ye9pPO/+eyvff+6sDr3jxQ688dN1hm/7bR9b++urM/L+5vPl/XeG4Xs5dDGBFvLLeUYNDmFbmiAAAAOCdb/b8Ry6+4FcXbX+sfdhTC1ovuvWBZT9YXt10zfnHPnjzmS+d8r2pexu/9skTfvvAb3+0cdj4WxaOGfDEWVdedtw9d92xetvxb95w2P8ZOePRzPx/SHnz/7hjLHcoONnbsTle/3/l4BC6L63fnASuicM9dXAIH+hOtccSyQX1PxdLtCWBa+IOkxGxxLT24qrqY2BDKrC9KRfYnApsjYHcXoqrQ25XzkVNIXysOzW5uMTCWKI5FTghBoakAi0x0JYKDIqBcanAHwflAu2pwJ0xEOYUb6ufDcptKwAAgD2Rm2fVFN8N6XnehureMlT0lmFAbxkqe8tQ11uGUqOI9zfGDDWFx+NzGeJDNelaG1K1ZDLEi+Hvcb8yGcLdxTnTBTNN588kaS7OGTN8+x8f/OT0lx6+YemP3hh+4rmf/PH3tm16be4Tp40cPO3VsfNGfPuPmfl/W3nz/wHFt0nrW+P8f9f1/5LA7bF7q+Op40Ni4LFjigO5HQNb42T3wnxV7bkSuUn7hbHEuBgYkgosjIFxqcC0ybnAuvcUB3Iz7XzjK/ONz8mVKAgAAADAWy7uIIi7aeL8/9K/mz353O+0dqyc9dWnps0Y+ukDL33fpcfcNOk3c9cedOCpd14zLzP/H1fe/D+2N7CwsfNjb54cFMINFbt6kw+MbEwCcT9GY/x5/PsaQzigYAdHvkTHgKREbarhcFtD8gv12nRVNzYkawzE+yfd+8tbv9uVuKQhhKEFe1/ybTxcl7TRkA4Mq00CA9KBBdVJIO75yQd+XpkEYK/l9wrGF1TuVJe85p7LlXj9vVOuCZoeXmYfaA/5evrNVV+pSz+Q26eat2dPW6Y6+kTm7bHZu60/vtuavdsKv0jlvqHs3BWqC5UzO2ZNX9q5JD5S+EvWjD56nnv6Jevu0vvgdbjiz+9t7+rSHWhLfXy09Vyu59dhRayuasf2O89u/NR1qwetf3Xl2Cu3lN2NEuIm/cuvjR/2UMHm7Wt1Ifea63efJ+0+T/rjv4EhnrYQwqbnvlF/5okn/tsB/7Rw0/cf/a/mV7/1zTs2blzW1HJz1ZpJF3722sz8v728+X916rbba3FjLh4cwocLNu62uPknDk4+BwsCyafku7KB5JD7E00lPzkBAABgX8vv7sjvL5iTu01OCE/Pk7P52/cwf9xfMa7H/OX2+4TP3/0vf7vid6u/uGX9AxW/+f3GK04YM3XhYwvvu3jiP/+v31/16I2Z+f+03c//61PddPzf8X/6iOP/Pdrfd0XXpx9YsVe7ojPV0Scc/+/R/v5uc/y/R47/O/7fE8f/e+H4f4/296ct8y1poS9dIYSnn/2XC//hgmUnPfTqu4+4+IE/PTjx7IobOv9j+kPPdLzx0Vdm3XpoZv6/sLz5v/X/el60L7/+37RS6/8tLLX+3wrr/wEAAH2qxEJz6XleZvW+TIb06n2ZDL0uENjrEoPW/9vj9f82nFz9+1/P/ffvf+6+pw+vnHr/f46eP++m4UcdM+KqNU+t+NcX2lsy8/8V5c3/48thYGHr/WX9vyGTS1S1KgYWWhgQAACA/VGpHQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8vcaceedL33lh+2G3Lrlt5cnj/3r1qV//7NEH/+zKnZ/YHL7x4vKX7ply/FkXTDl54o6Vx874yt1v/v3WEOZ0l6tIilf8/KKpy2qnTPrSxV8+59jPH7V1U12u3prc7XuLcsdW32gKYV3BI40x8VxT151dgZOO/8my6q7EtqYQPlQYmHfevAO6EuubQhheGLj1qyPe05U4L13i5kcmPNWVmJoOfGbkgS93JY7OBSrS3b10UNLdinR3vzsohMEFgXx35w4qrirfxnG5QGW6jasakzZioDEW/UFj0kYMdMYSc+pDaK0OoSpd1f+sS6qqSlf1i7qkqqp0VefUhXB0CKE6XdUjtUlV1emR31WbVBUDB33w6ueHdSXW1YbQWhi4/5TLP9aVOCMVyDd+Ym0If9X1kkk3vrEmabwm3fglNSEcGkKoTZd4sTopUZsu8Xh1CO8qCOQbn10dwrLAO0L88JlZ+ODiZcvnTe/s7FjUh4naXFsNYdaczo6WGQs6Z9al+lRKRUF657nZeGWZY3/4+a/P6Lpddc/aoeWkq3Plarq7PLqm6O6YfdX7ij7qfezXgMJKdj0fmfpj/towMNQvXdyxqOWs6UuWLBqV/C03++jkb1UummyrUftqW5Xrz91WwwsraV1y+sLWxcuWj5xz+vTTOk7rmD+6bczhbUeOGXXEx1u7RtWW/N0XQ708G6/q46EeUl1QyVvxASAhIdHfEpVFn25t+/u/7MwX/V0drQl13R/QmWlFYZaK7lHui0GP3318Xw46MyXJjGhUZuKQyTK69yxjMpOJXVkakizd3+syk8PCmiq7N2m8XxlaWkr+p2suvlu4+f7Uw+YtV9x05aYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+H/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuBQAAP//CAsM0g==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a)

3m0.064386084s ago: executing program 5 (id=3197):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)

2m58.194151246s ago: executing program 5 (id=3217):
r0 = socket(0x1, 0x803, 0x0)
bind$unix(r0, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r0, &(0x7f0000007940)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x10}}, {{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x0)

2m57.680301912s ago: executing program 5 (id=3221):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000404c05a00b00000000000109022400010000000009040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0x8, {0x8, 0x0, "392cdaab4a73"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

2m57.027561661s ago: executing program 33 (id=3221):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000404c05a00b00000000000109022400010000000009040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0x8, {0x8, 0x0, "392cdaab4a73"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

2m32.755423595s ago: executing program 3 (id=3416):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
prctl$PR_SET_NAME(0xf, &(0x7f0000000240)='}]\\:\x00')
read$FUSE(r0, &(0x7f0000001300)={0x2020}, 0x2020)

2m32.452247456s ago: executing program 3 (id=3420):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f0000002300)=""/4113, &(0x7f00000000c0)=0x1011)

2m32.283735965s ago: executing program 3 (id=3422):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x5420, 0x0)

2m32.018554689s ago: executing program 3 (id=3426):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1f, 0x11, &(0x7f00000015c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1001}, [@call={0x85, 0x0, 0x0, 0x7d}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8009}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc)

2m31.736329246s ago: executing program 3 (id=3430):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
mkdirat(r0, &(0x7f0000002040)='./file0\x00', 0x5)

2m31.488199027s ago: executing program 3 (id=3434):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/cgroup.procs\x00', 0xc01, 0x20)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x356, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r0, &(0x7f00000000c0)='!', 0xb7f40, 0x3000000000000000}])

2m16.228267678s ago: executing program 34 (id=3434):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/cgroup.procs\x00', 0xc01, 0x20)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x356, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r0, &(0x7f00000000c0)='!', 0xb7f40, 0x3000000000000000}])

3.65194625s ago: executing program 4 (id=4915):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000880)=ANY=[@ANYBLOB="636f6d6d69743d30303030303030303030303030303030303030302c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c61636c2c6c6f63616c666c6f636b732c00092c028a3e5e3d356729aea7ca3fad2d183adad8e398462724e676c20f8d5ba5e324d43b4cb2740b9ed587e8e1eb9abed9bd1956375ca4a2e7e8b12a206ab1c1873177d9589d17e2c24c1e4a723b69720830e8e0b63e0c9f8821b1ea6faf51f5e1b81113cc5f437d61b627977f194fe72b02c4178f1c4913ba476fd820cf2e88f51ada7c10e8f40b2d21840ccacbaf197d71f86cc2a7ffdf45cfee1fba03d0005b892e718935374e7e068e5ea9a7fd1c16a7ee5cb028ca153c5efb24de48d5a1ab5ac938b648c9f683142b93ec377285d20155596b9be69a2c05a6d247fc04aedb7946a49b53caa904"], 0x1, 0x4422, &(0x7f0000004480)="$eJzs3c9PHFUcAPA3A1qobYXaQ01M3MQmGjUEelJpIqW0FFqsqbYxXrYLbFt0YRtYjIce8NbEk4kH46HRxBunhoPX+id48VjPTfTgxcSkEbO7s8AMu7I2LNjm80nKMO/37nfn7Zsmw4sTlZtzS7m5pVxhIVeeub50MvdZubQ8XwzxHtnv/mlPJ+Ik9vvn0plzH1w9GcJPs788XF9fXw9V3aGpoS2///nH7Zmtx4Y4U6fabvPWdsvHIYRj28ZV1RVC+OjHEKIQwukkbTQ59oYQjoR63tXbX17L7dJo7j0onso/mrqzNnxicvXuWuvXHoXwbenFN2/M//ZK1/Cvr+9S9wAAAAAAAAAAAAAAAAAAPOHGL1+68v7gULgfhe7VaPvzuuPJsdXzseu75uXOv1gAAAAAAAAAAAAAAAAAAAD4n9p8/j8XHW3y/P9YchxpUX/93c6Pkc6ZeO/S2NnBoWT/92hb/ltJ0u+nu0J/k33fs/u/n87Ub77/+/Z+HldjfI1++0IUD6TO43hgIITvk43fj0cH41J5qfLG9fLywuyuDeOJlY5/fff+VHSSDf3bjf9opv3O7///wrZPU/X82u59xJ5q6fh3tSz3wxdRW/E/k6m3F/Gve6az3Tyl0vHvrqX1bi0wUp8AqvH/qnvn+I9l2u9U/I+EEHJRday51AxQXcNU0zfWKz4W/yod//qblZo6kzey1fX/Vyb+ZzPt79f8v5L9IqKpdPyfraX1pEpsXv/98c7X/7lM+/sR/+r4V3z/tyUd/wP1xO5Ukdo72e78P55pv1PxvxIn4zwSpT4Bq1E9vdXfqyMtHf+ebfmb939xW+u/85n6e3X/1+i3cf/XmP5fi+r3fzSXjn9vy3LtXv8TmXqdnv9Haus/Hlc6/gdraen/6+ur/Ww3/pOZ9jsV/9qqpKcR/8355O8D9fTvrP/ako7/c/XEeGuJldrP2vov2nn9fyHT/n6s/6rjX4k72+vTIh3/Qy3LVeP/cxvf/xcz9Tof/xAGrfUfWzr+h1uWq13/PTvHfypTr9Pxf7WTjQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8AUaTY1+I4oHUeRwPDIRwJjk/Hg5G04XZ/HSpPPPpUghjSXouHI1ulMrThVJ+bqE8W8wXSqXyTAhnk/xjoSdaKpUr+fnCrXMbbfVGN4uFxcp0sVAJIYwn6S+Fw422pucq84VbIYTzG3nPx+XFWzcLC/nZucV3BgcHB8PExhj6o+LnleJCpd57PTeEyY26fdGWwdWyL2yM5VD0SXl5caFQqqVf3FKnVJ4plLbUmUryvg79UWVxeWGmUCnmS+Ubjf7200hyHJu4/OHli0Pb8q9F9ePo3g4LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP/o/vDb34QQuutncQghFyW/RMm/lHsPiqfyj6burA2fmFy9u/awWRkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgH3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS/8oCgNRHIAns2y/x9gqJN22WXYRLYwInkCP4WH0KF7CO1hY2FoJOgHJH0iT7vuaR/Jj5j2YBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOPN1vVmVZThM32fdufLe75I9fDbf/5j4vmY1nxZ//0XZXr3rJP/pF/XKj7T+22/DT21cWztSXufXrp92ob2bWi+pu9XyGIeQqhS/p3FmOfj7gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHiwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRd8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCvAAAA//9ggh5T")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f00000003c0)={{}, {}, [], {}, [{0x8, 0x3}, {0x8, 0x4}, {0x8, 0x1}, {0x8, 0x2}, {0x8, 0x1}, {0x8, 0x4}, {0x8, 0x4}], {}, {0x20, 0x4}}, 0x5c, 0x2)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)

2.199765223s ago: executing program 4 (id=4931):
r0 = memfd_secret(0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x13, r0, 0x8000000)
move_pages(0x0, 0x1, &(0x7f00000001c0)=[&(0x7f0000ffb000/0x2000)=nil], 0x0, &(0x7f0000000240), 0x2)

2.108118668s ago: executing program 1 (id=4933):
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x2800, 0x0)
preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/146, 0x92}], 0x1, 0x100, 0x8)
pread64(r0, &(0x7f0000000300)=""/15, 0xf, 0x200)

1.984356209s ago: executing program 0 (id=4935):
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x129c81, 0x0)
splice(r1, 0x0, r0, 0x0, 0x7ffff000, 0x0)

1.928419508s ago: executing program 1 (id=4936):
unshare(0x22020600)
r0 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)

1.756620577s ago: executing program 0 (id=4939):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x8044)

1.706378085s ago: executing program 1 (id=4940):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000bc0)=ANY=[@ANYBLOB='iocharset=maciceland,iocharset=default,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6572726f72733d636f6e74696e75652c696f636861727365743d63703835352c666d61736b3d30303030303030303030303030303030303030303230342c756d61736b3d30303030303030303030303030303030303031303030002c6b6565705f6c6173745f646f74732c757466382c696f636861727365743d69736f383835382d322c00716e38bcb049da85848e6756a3bd4745417549b1cb9a33b753aa8794c7e33757ce7c8e8fffc81ac6d5041b8ed65bd4dbe75b53ad789c5f492cb5866d74265428e77c8824127d6f36cd183083f016bdaf33c30f8645e367d089cb4235517369a13ead2b4ea75585050ac51ba363c593780cf08ef99a97db4c453e6fded10a48d332668e93902504c38866c149921b590e1dd141206e28b0b817e984629c659b02a0508f2b8ca4ae4a125af4831e79e8bbb571147676f45a4e36f460952320d5a1d97c98508c7f149f9a30b543949899e532f8be39abce"], 0x1, 0x1535, &(0x7f00000034c0)="$eJzs3AuYTlXbOPD7XmvtMSSeJjlM1lr35kkOyyRJDiE5JEklSXJKSJrklYTEEJI0JCE5DEkMITlMTBrn8/mQkCRNkuSUU7L+14S/t6/er97D93qvd+7fde3Lumfttfa9n/t55ll7X2Z/12VIrca1qzckIvin4IV/kgAgFgAGAEBeAAgAoFxcubis/pwSk/65g7B/rYdSr3QG7Eri+mdvXP/sjeufvXH9szeuf/bG9c/euP7ZG9efsexs49RC1/CWfTe+/5+d8ff/f5HM0mO+Wl36uq4AMX92CNc/e+P6/9cK/sxOXP/sjeufXcVe6QTYfwD+/GcHOf5mD9c/e+P6M5adXen7z1d6g8h/2GtwOOeFwvy7zp8xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGPs3OO0vUwBwqX2l82KMMcYYY4wxxti/js9xpTNgjDHGGGOMMcbY/z0EARIUBBADOSAWckIuEABwNeSBvBCBayAOroV8cB3khwJQEApBPFwPhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDQkwE1QBm6GsnALlINboTzcBhWgIlSCynA7VIGqUA3ugOpwJ9SAmlALasNdUAfuhrpwD9SDe6E+3Af3wwPQAB6EhvAQNIKHoTE8Ak3gUWgKzaA5tICW/9D4F6AHvAg9oRckQW/oAy9BX+gH/eFlGACvwEB4FQbBa5AMg2EIvA5D4Q0YBm/CcBgBI+EtGAVvw2gYA2NhHKTAeJgA78BEeBcmwXswGaZAKkyFafA+TIcZMBM+gFnwIcyGOTAX5kEafATzYQGkw8ewED6BDFgEi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHT6FHfAZ7IRdsBs+hz3wxd85/tT/GN8VAQEFClSoMAZjMBZjMRfmwtyYG/NgHoxgBOMwDvNhPsyP+bEgFsR4jMfCWBgNGiQkLIJFMIpRLIbFsDgWx5JYEh06TMAELIM3Y1ksi+WwHJbH8lgBK2JFrIyVsQpWwWpYDatjdayBNbAW1sK78C7sjXWxLtbDelgf61+6PYUNsSE2wkbYGBtjE2yCTbEpNsfm2BJbYitsha2xNbbFttgO22F7bI+JmIgdsAN2xI7YCTthZ+yMXbALdsVu2C3zhRyAL+KL2AtriN7YB/tgX0zO0R9fxpfxFRyIr+Kr+Bom42Acgq/j6/gGDsOTOBxH4EgciVXE2zgaxyCJcZiCKTgBJ+BEnIhZib6HUzAVp+I0nIbTcQbOwA9wFn6IH+IcnIPzMA3TcD4uwHRMx4V4CjNwES7GJbgUl+FSXIErcQWuxjW4GtfhOtyAG3ATbsItuAW34Tb8FBUAfoa7cBcm4x7cg3txL+7Dfbgf92MmZuIBPIAH8SAewkN4GA/jETyKx/AonsATeBJP4Wk8jWfxLJ7D5+K/afRpiVXJILIooUSMiBGxIlbkErlEbpFb5BF5RERERJyIE/lEPpFf5BcFRUERL+JFYVFYGGEEiTAGAERUREUxUUwUF8VFSVFSOOFEgkgQZUQZUVaUFeXEraK8uE1UEBVFG1dZVBZVRFtXTdwhqovqooaoKWqJ2qK2qCPqiLqirqgn6on6or64XzwgGoje2B8fElmVaSwGYxMxBJuKZkJe/A3WSgzD1qKNaCueECNwOLYXrVyieFp0EKOxo/iLGIPPis5iHHYRz4uuopvoLl4QPURr11P0EpOwt+gjpmBf0U/0Fy+L6VhTfICzctYSr4lkMVgMEa+LefiGGCbeFMPFCDFSvCVGibfFaDFGjBXjRIoYLyaId8RE8a6YJN4Tk8UUkSqmimnifTFdzBAzxQdilvhQzBZzxFwxT6SJj8R8sUCki4/FQvGJyBCLxGKxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmEQtbxTaxXXwqdojPxE6xS+wWn4s94guxV3wp9omvxH7xtcgU34gD4ltxUHwnDonvxWHxgzgijopj4rg4IX4UJ8UpcVqcEWfFT+Kc+FmcF16ARCmklEoGMkbmkLEyp8wlr5K5ZXDx1b1GxslrZT55ncwvC8iCspCMl9fLwlJLI60kGcoisqiMyhtkMXmjLC5LyJKylHSytEyQN8ky8mZZVt4iy8lbZXl5m6wgK8pKsrK8XVaRVSVELhyjhqwpa8na8i6ZBHfLuvIeWU/eK+vL++T98gHZQD4oG8qHZCP5sGwsH5FN5KOyqWwmm8sWsqV8TLaSj8vWso1sK5+Q7eSTsr18SibKp2UH6S++RZ6VneVzsot8XnaV3WR3+bM8L73sKXtJ6A2yj3xJ9pX9ZP9YAJCvyIHyVTlIviaT5WA5RL4uh8o35DD5phwuR8iR8i05Sr4tR8sxcqwcJ1PkeDlBviMnynflJPmenCynyFQ5VfaXA36ZaaaUfzj+nd8ZP+iXo2+QG+UmuVlukVvlNrldfip3yB1yp9wpd8vdco/cI/fKvXKf3Cf3y/0yU2bKA/KAPCgPykPykDwsD8sj8qg8I4/LE/JHeVKekqfkGXlWnpXnLr4GoFAJJZVSgYpROVSsyqlyqatUbnW1yqPyqoi6RsWpa1U+dZ3KrwqogqqQilfXq8JKK6OsIhWqIqqoiqob8OIbRpVUpZRTpVWCuunvGa+KqRtVcVXiV+Mv5Zf0N/JrqVqqVqqVaq1aq7aqrWqn2qn2qr1KVImqg+qgOqqOqpPqpDqrzqqL6pL1flDdVXfVQ/VQPVVPlaSSVB/1kuqr+qn+6mU1QL2iBqqBapAapJJVshqihqihaqgapoap4TlAjVQj1Sg1So1Wo9VYNValqBQ1QU1QE9VENUlNUpPVZJWqUtU0NU1NV9PVTDVTzVKz1Gw1W81Vc1WaSlPz1XyVrtLVQrVQZahFapFaopaoZWqZWqFWqFVqlVqj1qh1ap3KUBvVRrVZbVZb1Va1XW1XO9QOtVPsVLvVbrVH7VF71V61T+1T+9V+laky1QF1QB1UB9UhdUgdVofVEXVEHVPH1Al1Qp1UJ9VpdVqdVWfVOXVOnVfns5Z9gQhEoAIVxAQxQWwQG+QKcgW5g9xBniBPEAkiQVwQF+QLrgvyBwWCgkGhID64Pigc6MAENhAXix4NbgiKBTcGxYMSQcmgVOCC0kFCcFNQJrg5KBvcEpQLbg3KB7cFFYKKQaWgcnB7UCWoGlQL7giqB3cGNYKaQa2gdnBXUCe4O6gb3BPUC+4N6gf3BfcHDwQNggeDhsFDQaPg4aBx8EjQJHg0aBo0C5oHLYKW/9L5vT9Z4HHXU/fSSbq37qNf0n11P91fv6wH6Ff0QP2qHqRf08l6sB6iX9dD9Rt6mH5TD9cj9Ej9lh6l39aj9Rg9Vo/TKXq8nqDf0RP1u3qSfk9P1lN0qp6qp+n39XQ9Q8/UH+hZ+kM9W8/Rc/U8naY/0vP1Ap2uP9YL9Sc6Qy/Si/USvVQv08v1Cr1Sr9Kr9Rq9Vq/T6/UGvVFv0pv1Fr1Vb9Pb9ad6h/5M79S79G79ud6jv9B79Zd6n/5K79df60z9jT6gv9UH9Xf6kP5eH9Y/6CP6qD6mj+sT+kd9Up/Sp/UZfVb/pM/pn/V57bMW91lf70YZZWJMjIk1sSaXyWVym9wmj8ljIiZi4kycyWfymfwmvyloCpp4E28Km8ImCxkyRUwREzVRU8wUM8VNcVPSlDTOOJNgEkwZU8aUNWVNOVPOlDflTQVTwVQylczt5nZT1VQ1d5g7zJ3mTlPT1DS1TW1Tx9QxdU1dU8/UM/VNfXO/ud80MA1MQ9PQNDKNTGPT2DQxTUxT09Q0N81NS9PStDKtTGvT2rQ1bU070860N+1Nokk0HUwH09F0NJ1MJ9PZdDZdTBfT1XQ13U1308P0MD1NT5Nkkkwf08f0NX1Nf9PfDDADzEAz0Awyg0yySTZDzBAz1Aw1w8wwM9yMMCOzFqrmbTPajDFjzTiTYlLMBDPBTDQTzSQzyUw2k02qSTXTzDQz3Uw3M81MM8vMMrPNbDPXzDVpJs3MN/NNukk3C81Ck2EyzGKz2Cw1S81ys9ysNCvNarParIW1Zr1ZbzaajWaz2Wy2mq1mu9ludpgdZqfZaXab3WaP2WP2mr1mn9ln9pv9JtNkmgPmgDloDppD5pA5bA6bI+aIOWaOmRPmhDlpTprT5rQ5awpc/L70JtbmtLnsVTa3vdrmsXnt/4wL2kI23l5vC1tt89sCv4qNtba4LWFL2lLW2dI2wd70m7iCrWgr2cr2dlvFVrXVfhPXsXfbuvYeW8/ea2vbu34V17f32azVSQNEANvMNrItbGP7iG1iH7VNbTPb3Law7eyTtr19yibap20H+8xv4vl2gV1pV9nVdo3daXfZ0/aMPWi/s2ftT7an7WUH2FfsQPuqHWRfs8l28G/ikfYtO8q+bUfbMXasHfebeLKdYlPtVDvNvm+n2xm/idPsR3aWTbez7Rw71877Jc7KKd1+bBfaT2yGDWCxXWKX2mV2uV1xKVef166z6+0Gu8N+ZjfbLXar3Wa3X1oI2112t/3c7rFf2AP2W7vPfmX320M2037zS5x1fofs9/aw/cEesUftMXvcnrA/qkujs879uP3ZnrfeAiEBSVIUUAzloFjKSbnoKspNV1MeyksRuobi6FrKR9dRfipABakQxdP1VJg0GbJEFFIRKkpRuoEupVeSSpGj0pRAN1EZupnK0i1Ujm6l8nQbVaCKVIkq0+1UhapSNbqDqtOdVINqUi2qTXdRHbqb6tI9VI/upfp0H91PD1ADepAa0kPUiB6mxvQINaFHqSk1o+bUglrSY9SKHqfW1Iba0hPUjp6k9vQUJdLT1IGeoY70F+pEz1Jneo660PPUlbpRd3qBetCL1JN6URL1pj70EvWlftSfXqYB9AoNpFdpEL1GyTSYhtDrNJTeoGH0Jg2nETSS3qJR9DaNpjE0lsZRCo2nCfQOTaR3aRK9R5NpCqXSVJpG79N0mkEz6QOaRR/SbJpDc2kepdFHNJ8WUDp9TAvpE8qgRbSYltBSWkbLaQWtpFW0mtbQWlpH62kDbaRNtJm20FbaRtvpU9pBn9FO2kW76XPaQ18Q0pe0j76i/fQ1ZdI3dIC+pYP0HR2i730v+oGO0FE6RsfpBP1IJ+kUnaYzdJZ+onP0M50nTxBiKEIZqjAIY8IcYWyYM8wVXhXmDq8O84R5w0h4TRgXXhvmC68L84cFwoJhoTA+vD4sHOrQhDakMAyLhEXDaHhDWCy8MSwelghLhqVCF5YOE8KbwjLhzWHZ8JawXHhrWD68LawQVgwfubdyeHtYJawaVgvvCKuHd4Y1wpphrbB2eFdYJ7w7rBveE9YL7w3LhveF94cPhA3CB8OG4UNho/DhsHH4SNgkfDRsGjYLm4ctwpbhY2Gr8PGwddgmbBs+EbYLnwzbh0+FieHTYYfwmV/671vwt/uTwt5hn/Cl8KXQ+3vk3Oi8aFr0o+j86IJoevTj6MLoJ9GM6KLo4uiS6NLosujy6Iroyuiq6Oromuja6Lro+uiGqPe1c4BDJ5x0ygUuxuVwsS6ny+Wucrnd1S6Py+si7hoX5651+dx1Lr8r4Aq6Qi6+ag5X2GlnnHXkQlfEFXVRd4Mr5m50xV0JV9KVcs6VdgmuhWvpWrpW7nHX2rVxbd0T7gn3pHvSPeWeck+7Du4Z19H9xXVyz7rO7jn3nHvedXXdXHf3guvhxue58JlMcn1cH9fX9XX9XX83wA1wA91AN8gNcsku2Q1xQ9xQN9QNc8PccDfcjXQj3Sg3yo12o91YN9aluBQ3wU1wE91EN8lNcpPdZJfqUt00N81Nd9NdlRkXjjLbzXZz3VyX5tLcfJe1Zkx3C91Cl+Ey3GK32C11S91yt9ytdCvdarfarXVr3Xq33m10G91mt9ltdVvddrfd7XA73E6f98Kkbo/b6/a6fW6f2+++dpnuG3fAfesOuu/cIfe9O+x+cEfcUXfMHXcn3I/upDvlTrsz7qz7yZ1zP7vzzruUyPjIhMg7kYmRdyOTIu9lzRpJjUyNTIu8H5kemRGZGfkgMivyYWR2ZE5kbmReJC3yUWR+ZEEkPfJxZGHkk0hGZFFkcWRJZGlkWcT76zeHvogv6qP+Bl/M3+iL+xK+pC/lnS/tE/xNvoy/2Zf1t/hy/lZf3t/mK/iKvpJ/1Df1zXxz38K39I/5Vv5x39q38W39E76df9K390/5RP+07+Cf8R39X3wn/6zv7J/zXfzzvqvv5rv7F3wP/6Lv6Xv5JN/b9/Ev+b6+n+/vX/YD/Ct+oH/VD/Kv+WQ/2A/xr/uh/g0/zL/ph/sRfmTMW37UpUtkGOdT/Hg/wb/jJ/p3/ST/np/sp/hUP9VP8+/76X6Gn+k/8LP8h362n+Pn+nk+zX/k5/sFPt1/7Bf6T3yGX3TpprJf7lf4lX6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+4/9Tv8Z36n3+V3+8/9Hv+F3+u/9Pv8V36//9pn+m/8Af+tP+i/84f89/6w/8Ef8Uf9MX/cn/A/+pP+lD/tz/iz/id/zv/sz/PfrDHGGGOM/SnjLzfFr3su3M7v/TtjxF/t3AcArt5SKPOv+7NWlGvzX2j3E/HtIgDwdK8uD13aatRISkq6uG+GhKDonKx1N1x8+gBADFyKARZBW3gSEqENlPnd/PuJbmfpD+aP3gqQ66/GxMLl+PL8XwJg0u/M/9gTI+eXD0/H/S/zzwEoXvTymJxwOV4EbX+5v9IGyv6N/Au0+oP8c36VAtD6r8bkhsvx5fwT4HF4BhJ/tSdjjDHGGGOMMXZBP1Gp06Xrz0v/4/P3rs/j1eUxOeBy/EfX54wxxhhjjDHGGLvynu3W/anHEhPbdPr7G9X+eB/15yaM+b2uJvCPJsaNf6jhPcD/LxwA/JMTAmQ15L/zLDb9W46VfPGjc+knl56gufSMD+A/o5T/isYV/KXEGGOMMcYY+z9xedH/65+rK5UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf2zz3iDP/GUvit9jowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtiV9v8CAAD//y4L9xY=")
link(&(0x7f00000001c0)='./file1\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)

1.628384148s ago: executing program 4 (id=4941):
syz_mount_image$udf(&(0x7f0000001940), &(0x7f0000001980)='.\x02\x00', 0x0, &(0x7f0000003340)=ANY=[@ANYBLOB="00e9c655ee4708d304c5a20d854fb29bc0815156d4a1c8c5e67b11054a016a1c8a5af527a4a5b6ffb6bc35a4a6f709bc361489eff75209e3297e9f2194a0fdb2bf3993ba8ec61a7ad684860088ed6c765bc3013ad5fdcc6fb1be44c2e460b8ce295d59cfbaa4175da1f5d9b3f9ca3c91a1f5790ae208ce2044fc8fb3f70de141152bf726b3838587d24802992b3995624fd7705f2d64c6524d9cea8cc909d0f727154985464ac46e974449dcef0b41b4465f50223fdb36bcae080bd6c92083765c0fa49fe536a392caf67f"], 0x1, 0x1905, &(0x7f0000004480)="$eJzs3E9oXOe1APDzaWYsWc6LJ06sOA8vJsnj2U/5gyy99yKjFuREHhIQzh9ZLcEby9bYnUYeqZJd5BBShyzaTamhm9KVKbhQSiGlXRVKQumigRbcUGi7KJgSnG4SVChkU+pyr66ksSzXSmJZdfL7RdH57pnz3Tl3BIZzNZoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACKePHigb1/a7C4AAACAjXRo7IW+AfM/AAAAfKod9vt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICNkKIUj0SKv/9xIR3Njxd1jTZbZ+bHR+prb9uaIkVHlPL67P+uff0D//t////E4FL81/tvtQfi2bHDB2pPTZ+amW3MzTUma+Ot5vHpyca6z/BJ96/Wm78AtVMvnZk8cWKu1v/4wDUPz1evdG7rqQ4NHjk4ulQ7PlKvj7XVlCsf+9mvk27dqQAAALgDbYlS7I0UtZ/+JU1EREd88ln4JvcONtrWqGbzd34R4yP1/EKmmhOt09mDqaOoquZfy4aXZuTbMIt/MinOZT+nrOHe7PLGZiZmJ45NNWrPTcyebp5uTrdSx2K3Kb/MjhhMETMRsVDa7N4BAADYLJUoxZuR4rtvL6RjEVFamoMfOTT2Qt/AjTdWb2OTayhnLZQiLsWdMLMDAADA5uqMUjwTKbZ+ry+OF3N1PjYPV+KuLC5EfKWoPF8cpxQRlyP+6vfJAAAAcEcoRyl+Eymm00KaXJr98/eVj36h9kzrxHRb7dL7yu/4vw+4nbw3AQAAgH8DXVGKY/k7/hfSx/+wOwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYaKX4WaR449TeNJMd9o6P1GtjMxOzzdbJ2uGJY1ONvCp1lCtZrBW7rl69erWaFmOtiH1FHC7ic0U8WsSZIp4r4vkiXijiG0V8q4iXini5iAtFjI7i+YtYK2JfEYeL+FwRjxZxpojnini+iBeK+EYR3yripSJeLuJCEaO0iT8uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACADbI1SjEdKb72/lfjXJaoXunc1rN9aP//3L0ltdXtusl5strHI+IXEXEpS/SONltn5mvjI/X6WFtdubIYt0RER7avI/vv1l8XAAAAsKIrSvFqPr0vpNc2uxkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCO1BGleD9SfL21kCJlmRRHYzFeLm12dwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8VnSmUqRIMfn88HKuHBEp/1q0N/u2EMN54lIM35vFczG8lN+Xx67hA5vQPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALdIKsXrkeKH7yykakTMV690buupDg0eOThailKkrKS9/tmxwwdqT02fmpltzM01Jmvjrebx6cnGep+ua7TZOjM/PlLfkIu5qa0b3P/WrqemZ87ONk9+6fSaj3d3HTg2d3p24vjaD8fWqEb0tWd684bHR+p501PNiVa+NXXcoMFqRG29FwMAAMBnRncqxWSk+NNrfy7fU+TKizN/ZfGotFx78ZWVewH/Wb42LsvvH2wf2r+nv3c967TeRnvzwTsbhOtjbely0eWOtlzW09zZl1+amJpqzFpYWFgsLz7CP44AAPApk83/P4oUTz6d0tIMXcz/dy0ercz/H766Mv/vXxWXbdL8f29bbn/xnoVKOaLr9KmZys6IrrmzLz/WPDVxsnGy0ep/on9gYHBgsLIloutEc6rRt7Ja9ysHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLtKKsVcpPjg27+KWpErR0SK+I/Fo9Jy7cVX8nxu76rzzFevdG7rqQ4NHjk4eqN1WquB3tFm68x8bXykXh9rS5cr15dmz5lSKY5Eihd/uSvvN0V3RDWWewcAAACu151KsTtS7P/y0+nBIlfM/+XFo7Xn/3Or4rJ83t8+tH9Pf+961mveE1jLTe4T3NOWO1fcJzgbKcbe2xUPtt0n6Ft12qyuEike+MHuoi62ZHVL59uRf+860Zxq9GW1b0aK77x7be2Oovbeldp9670sAAAAuB2y+f9CpPjw++/EQ0WumP+LyXrt+b97VVy2SfP/fe3XFBFzZ19+aWJqqjE7t+6XAgAAAD61svn/H5HiwE/+EA8XuWvn/5UJPZv/O4r13oevjct3CTZp/t/ZlqsWff3XR3wtAAAAAAAAAAAAAAAAAAAAYLN0p1L8LVL87uePpj1Fbj2f/ze5Ki7bpL//v78tN3nN5/9t3GLdLzIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJuukkqxI1J8a/Ld1FfkyhGRFkNElJZrL34uoqNYj6RVJ6pe6dzWc/fQ4JGDo4vr7UP79/T3tq9Xb8n1jjZbZ+Zr4yP1+lhbuly5vjR7zpRK8Y1IMfberujL++yOqEb0rarN6nZHil9/8GhRl3qyuuGldvPvXYemW48dmJqaPj5xeuLYVKM2NjNxvJHtHYoU51/cXezt2JJteLDYe8/i3hPNqUZfVvt2pPjv55dqI699qKi9b6V2X1b7aKR4/YvX1j5c1O5cqe3Pan8bKT7/5Nq1PSu1A1ntjyPFznptqbY7q91T1N6/Uvv48empybV+DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJVUikOR4pu/vxDDRa4cESmi0naYu/hKnl/TfPVK57ae6tDgkYOjN1qvubd3tNk6M18bH6nXx9rS5eLZq7fmMgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgn+zbvU9kVRjA4ffMAXeJFlOZ2N3SYGJw8YPEmKAiiQlRIouNDbMCZiIMI7DJlnS21FYbWxND4R+wrYkFrR1+rLEy194Ecy9nzKrrRwSZJXme7OaXYc6ZOReql7kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADnlCLH55Hil6/rdJKbx2euL/UHt++sLiw+fNtUihSdyO365v/1527MPv/Ciy/Njfr3+y/aU/H2ys1Xq9d3toe7G3t7G+vV6qD//s76xr9+hfPu/6Pp9htQbX94e31zc6+68ezs756+0/3h2uNPdl+ee++NpdHa1YXFxZUH1kxM/ud3/5N0cS8FAADAFfRY5PgsUlRf/Ji+yRGdOP8s/A+/O/i/TUW3mb/bi1hdWGwvZKvfG+w3T6ZOWdVt//1mfjQjX8Isfj4pDiKi0xx4urm8lWFvt3dra6Na7u3u9/f7O4PUOTttai+zE3MpYhgRdR732QEAABiXycjxWqT45Ms6fZsj8mgOfuatlXdmZv96Y/cSD/kQE80RcsRxXIWZHQAAAMbrWuT4KlJMfToT3+Wzubodm+cn44mmdcRHZeVheZxSRJxE/OzzZAAAALgSJiLHcqTYSXX6PpfZv72vfOnd6s3B5s4Da0f3lV/5vw+4TO5NAAAA4BFwPXLcb+/4r9N9n+cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MjK8UqkONp+OtU5IqZXFxarlWFvtz/4oLrZu7W10a5KnYnJplXZdXp6etpNZ61KZ0rnS5dL10qHpQelh6V3S49K75Uel56U1qXRKe9fWpXOlM6XLpeulQ5LD0oPS++WHpXeKz0uPSmtSyOP8+cFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAencjxU6T4eFCn09x8JcVanPUkj/t0AAAAwEX4NQAA//9ohSnw")
symlink(&(0x7f0000000580)='.\x02/file1\x00', &(0x7f00000002c0)='.\x02\x00')
newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='.\x02/file1\x00', 0x0, 0x6000)

1.628223488s ago: executing program 7 (id=4942):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000002060101000000000000000000000000010000000a000000090002008d001f106f194eb3050001"], 0x30}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="300000001d00"], 0x30}}, 0x0)

1.537578513s ago: executing program 1 (id=4943):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = gettid()
sendmsg$unix(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000640)='Q;', 0x2}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000018"], 0xa0}, 0x4004881)

1.505689219s ago: executing program 6 (id=4944):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=@ipv6_getroute={0x1c, 0x1a, 0x101, 0x70bd2c, 0x0, {0xa, 0x0, 0x0, 0x80, 0xfe, 0x0, 0xc8, 0x9}}, 0x1c}, 0x1, 0x0, 0x0, 0x91}, 0x0)

1.275525018s ago: executing program 7 (id=4945):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000500), r0)
sendmsg$DEVLINK_CMD_RATE_DEL(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)={0x44, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_NODE_NAME={0xe}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000084}, 0x80)

1.275310057s ago: executing program 1 (id=4946):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000480), 0xc0d00)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000180)={0x80, 0x10002b, 0x4, 0x4})
close(0x3)

1.275192848s ago: executing program 6 (id=4947):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfc}, [@call={0x85, 0x0, 0x0, 0x8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x21700, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r1, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)

1.027274499s ago: executing program 1 (id=4948):
syz_usb_connect(0x5, 0x24, &(0x7f0000001280)=ANY=[@ANYBLOB="12010003001f66088f0510660548020003010902120001049570810904008100ffffff02"], &(0x7f0000001700)={0xffffffa0, 0x0, 0x0, 0x0, 0x23})
r0 = syz_open_dev$I2C(&(0x7f0000000200), 0x1, 0x402)
ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000000080)={0x1, 0x8, 0x6, &(0x7f0000000040)={0x9, "c86a9dfdf84a33a86837070a3af9941731743b881010facbc0518f8326721f6a7b"}})

1.027179049s ago: executing program 7 (id=4949):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000d40)=0xfffffffe, 0x4)
poll(&(0x7f0000000200)=[{r0, 0xa200}], 0x1, 0x4)

978.515047ms ago: executing program 6 (id=4950):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f000000fa00)=0x9)
sendto$inet(r0, 0x0, 0x0, 0x80d4, 0x0, 0x0)

872.426925ms ago: executing program 0 (id=4951):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0xc0041, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r0, 0x804c4700, &(0x7f0000000040)={0x8, 0x5, 0xb1, 0x3f, 0x1a, "3eccd25569e20900"})

785.454089ms ago: executing program 4 (id=4952):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xc4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {0x0, 0xacb0, 0x400000000}, 0x400}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x4c050)
syz_emit_ethernet(0x46, &(0x7f00000009c0)={@link_local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra}}}}}, 0x0)

785.072779ms ago: executing program 7 (id=4953):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000050a03000000000000000000020000000c00024000000000000000010900010073797a30000000002c000000030a01020000000000000000020000000900010073797a30000000000900030073797a32"], 0x94}}, 0x0)

696.212704ms ago: executing program 6 (id=4954):
unshare(0x20040600)
r0 = memfd_create(&(0x7f0000000000)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\x19\xe2W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x926k\xd8\xfar&\x04\xe6Et\xec\x0f\x95\xbf/\xd3\xcd1\xc5L\xa7\xd8\x8c\xf0\x06\xa6Bf\xea)qC\x80&\xa2\x8b\x99\x87\x1b\x1f\xa7\xcc\xcf\xad\xcc\xafTn\x9b\xee^2F\xec;j\x834\x18\xdc\xcb\x13V|i\xc0\x16\x94\x86\x14\x16\x03\x82q\x8c\xe1\x93\xa9&\x7f{\x13*\xa2\\j\xb0\xf9\xdb\xde\x06\x91\x93h\xcbX\x93\xd7\x88f-\xb4\x00\x00\x00\x00\x00\x00\x00\x00\x92\x9a{+\xaa3I\xc6\x97\xb5c\x86\x8e5<\xb4}\xe9\xac@\xa8\xa6\xee\xb1#E\x8f\x99\xf9i\x14\xfc\a\xf6\xbak\x1d\x18\x90\xe8KgZ\x99\xba\x9d\x97\xef&>\xa50\xbd\xa4\x9f@`\x06\xf0\xf7\x91\x8c\x8c\xc3\xcd\xff\t\x8f\xd4\xa4\xcf\b\xe9+\xa3\xc9\xc2y\x10\rW\xf9\x10\xc9\x95\xfb\x99N\xc0#|@e>\x91\x1d\x02\x98\x96\xfa\x92\x81b}I\xb6\xa7`\xa6\xef\x8a\xe6\x8e\x1b\xa6\x81\tG\xadRV\xaa\xb0\x86\x1buI\xc1:\x17\xc3\xdcqJ\x96\x7ff', 0x1)
fcntl$addseals(r0, 0x409, 0x8)

669.507358ms ago: executing program 0 (id=4955):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f00000003c0)=0x6, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x0, 0xffffffff, @ipv4={'\x00', '\xff\xff', @multicast1}}], 0x1c)

520.342083ms ago: executing program 4 (id=4956):
syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000980)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdb1dd9467f5cd2d6c4e8b9d4f50d338ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESHEX=0x0], 0x11, 0x314, &(0x7f0000000b80)="$eJzs3U1rE08cB/Dv7KZN+m/pf7UVwYNINWAvovUiXiIlL8KTqE0KxSWitviAYBVPIvbu3aNXX4N4UQTP9eRJPHiqBxmZh2SfN6lmd1P9fsCy2dmZ/e3OzlPALIjon7Xa3n11/ov6JwAXLvDsIuAAaAA1AEdwtLHV29zY9LudvIJcHK+bXAImp0gcs9brpmVtwOawPPWphrnwPiqGlPLS56qDoMrp1i/d6M4Tuieo29apExsVxZfl8f6zfJsBsF1EMBMlv6bEHvZwD/OlhUNERBNJmPHdseP8nJ2/Ow7QtIOJSpu48f937VUdQOFkbmpo/NerLClUvf+vk4L1nl7CqXSnv0pMK+t17PNU7PM0zNMTmV2KYatKHYszs77hd8+s3fQ7Dp6gZYUOW9R/O/bxtCLR1hNFL6WsTXMMSpvJPESkzyhn9TVMqWtYMfHfBRCJfyH3jAUQ78QHcUV4eInOYP5Xk0JVk64pL1ZTJv6z2SXqq/TUUbDdRqvVciKHHNInOWbPYA25ygbcrDNO2zIjXxB4w+LUuQ7HcpmrOzck10JqrhW9vQwnI9diJJe6mvUN/232qUohXojLYglf8Qbt0PzfUfE1kWyZoYc+aDWiaYYCfcdV64zWbEitaXsiPXJsfdp9aPYnm8vgLiYbrPUjv0+jfXiO67iA+Tv3H9xwfb97W21c89XjqjcGe27N2Q2/O/UUCCdNyga2gz11SC1xcH9QKjOw5bEWqPqPlCTVsHrf+3tUKxtW4KM/jUf1A4XeutkRrmJ/G/2uazwFtt+P50HqTxsiST+llCU2oh17Z+JJ1XRLVK6g0kc7PmWqQwebqlJh1n/BeqVmJnvqj5c6Tx/xiwBbolRz7MEKLsgrzYwcwH85K7i0YjNXcMk1V2LNqNdcJ08Dp0Y/o2fj/EuINj7iKr//JyIiIiIiIiIiIiIiIiIiIiIiIiI6aMr4zzBVXyMRERERERERERERERERERERERERERER0UG32oD53Wv03/+L0d7/G38Vi2t+Enws7//d6YHv/yUq3q8AAAD///B/c8c=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
read(r0, &(0x7f0000002fc0)=""/4096, 0x1000)

492.330448ms ago: executing program 7 (id=4957):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003180)=[{{&(0x7f0000001540)={0xa, 0x4e23, 0x5, @loopback, 0x1}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000001580)="db", 0x1}], 0x1}}, {{&(0x7f0000001640)={0xa, 0x4e22, 0x171600, @loopback, 0x269}, 0x1c, &(0x7f0000002680)=[{&(0x7f0000001680)="b5", 0x1}], 0x1}}], 0x2, 0x4000001)

449.087775ms ago: executing program 6 (id=4958):
syz_mount_image$iso9660(&(0x7f0000000780), &(0x7f0000000000)='./file0\x00', 0x21488b, &(0x7f0000001f80)=ANY=[@ANYBLOB='map=acorn,sbsector=0x0000000000000000,uid=', @ANYRESDEC=0x0, @ANYBLOB="0000b18eb0ea96e8437d91edf772ce16e8f4545927e1e38533740c5b1da10b839e273fa468d364205a63adda5262cda8e690c1049c88d615fd8362cd464a35e122ae29c203d5ce83fd7888eb1f09a8a7f55959926a7fd5ac27fd519b1ddcfd9072f503656169e734fdc2da8c998a8700232e5263a04392efa56fc98553afa5a498c8c3a3206f2b25a00c0ec0d1202c822ab708037a4c29a9c81216c73358cda8b1a2532650070aaf77d3ac8e46f2b2b5ed7828c6165514d2f40c6cf8eb2e325f9d2b7750af696145751cdfc7d00f6021f29a689969eadb6a870fb43b3f6badebdc0048aa9956828007502b62", @ANYRES16, @ANYRES64, @ANYRESHEX], 0x1, 0x65c, &(0x7f0000002280)="$eJzs3V1rG+n5x/HfyLKs+A/hT1uWEPJwJ+mCQ1NFkjcOIoV2OhrZs5U0YkZubSgs6cZeQuRsm6TQ+GTJSR9g+wb2bE+W0hdR6HHfRQ8LS3tW6MmUebJsS7LkRLF3t9+PiXVr5pq5r3tGmYuxpBkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABZTrNarVlqe93NLTOZ0wz8zgnz07Ut6nbauD2mqy+O9CtZ8T+Vy7qUTrr0neHsd+JfN3UlfXZF5fihrP3/e+f/H3y7WMiXPyGh16FImmGdpSxJY56/3H/ycDDYeTbnRL4CVJghaN3teqHvdex113ihbxpra9W7G63QtLySwu2w73aME7iFvh+YFee2qTUaq8atbPub3fWm3Xbzife/X69W18z7S9mWvft+JXQ2vHbb664nMfHsOOa++fTnaYhrd4zZfTzYWZ2WZBxUmyWoPi2oXq3Xa7V6vbZ2r3HvfrVaHJlQPUYjEXN/0eJrZn4Hb+ANFeL6/3dLaqusrja1JTP2x1FTgXx1JszP5PX/3bvuif0erv95lb80nH1ZSf2/lj67Nqn+T8jFyCQLjJtjTZj+ej/P9VL7eqKHGmigHT2bz3qvzy/Dt/uzLhUlT6F8eerI1rpcmWyKUUNrWlNVH2hDLYUyaslTW65CbStUX646yT4J5MpOWrEVOboto5oaamhVRq4q2pavTXW1rqZs/TuKol09Trb76gk5Kg+qzRJUPyFoUv3/xSdp1lPrvyXq/zdafvyaJQY4d1F2/n9K199ONgAAAAAA4G2wkr++W8l791clRWp5bbd63mkBAAAAAIA5St75vxI/LMatq7ImnP9HZ58bAAAAAACYDyv5jp0laTn5UL81/CbULB8CWDiDFAEAAAAAwBtK3v+/VpKi5Npr12Wd6vwfAAAAAAB8Dfz+0DX2i/k1dqP8bf2CpLC3ZP3ln0sKFq1Xva3vWnt2PMfey2JGPgHQb122LmYX6k0eSpKSZ457xbqaBmUXwbTSC/tKX+5Ou9a/FRxLoLSQ//liWgJrxeyZPtWNNOZG1u+j/YKSOWkvyy2v7VYcv/2gJtu+WOi7W/1fP338Gyk4GOfu48FO5cOPB4+SXF7Fk17txXl8ciSdwrRcXijbFlfHjviCWnmXf+h2lq2k32o+/gXZe4XDHc02/t/qZhpzczl9XN7P90Ay/nI8/lol2WXD0cej+uxPw9HXjo983I6YkEU5yeJWGnNr5Vb6kOeXZfG9BaleOb4PSvFLcLgt6oezmL4trH+NbIspWcTbYjXO4q/xioavhCNZrJ4ui5E9AgDnZXdYhZKLmI9eY/943X2do9z06v6jo728+CxKv3C4IBWz9yZO7KWs+Ii+kqxbJSUH1uLlg6Ps3o38iF7N6kpZE47o1TeobnFffx7eAylLe6Su/CeKoge1pN8/HvSbVtXP4wU+n9hv2K4vxCO8+2Lvl8kF8GMf7Xy087ReX12rvlet3qtrMRlG9kDtAQCMMf0eO1MjrPcOzqof/ePdtHWk4n3r4CMFFX2ojzXQI93JbyFwffxalw99DOHO6FlrHHtBOh5b052JZ3VJLU1jf7Zd+mEalPxeVL7I0Uo9XO/qW90HAACctZuNrDGhDs9S/+8k592SVi4fOu8+OGc/VsuP3yF4Us2tndk2AADgf40bfGkt939nBYHX+6DWaNTs/oZrAt/5iQm85rprvG7fDZwNu7vuml7g933Hb5teoCWv6YYm3Oz1/KBvWn5gen7obZmW13ZNduv30O3Y3b7nhL22a4eucfxu33b6pumFjult/rjthRtukCwc9lzHa3mO3ff8rgn9zcBxK8aErnso0Gu63b7X8uJm1/QCr2MH2+anfnuz45qmGzqB1+v76Qrzvrxuyw86yWorik59o0MAAL6Jnr/cf/JwMNh5NqmRnNFPiRk2SuNWmPfFO84AAHw1jFbpicpnkhAAAAAAAAAAAAAAAAAAAAAAABgx/St9p2wsjvuyoHQw5VcXZ1qPpXkndppG4fUX/9sJMRcOpuSb/3DMq3MYqdJGcf5rvnCar43OofGD3XSLToyJZ46dtXSwL4rz/+8QN55+MWFWFEXRyYsvHd2GpZMGeLRRlPSs9Aa74HyORwDOzn8DAAD//+I0QI0=")
r0 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

376.253578ms ago: executing program 0 (id=4959):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000007, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'netdevsim0\x00', &(0x7f0000002fc0)=@ethtool_wolinfo={0x1b, 0x8, 0xfffffffd, "050000009582"}})

186.751449ms ago: executing program 7 (id=4960):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000100)='./file1\x00', 0x1008008, &(0x7f0000000280)={[{@longad}, {@uid}, {@uid_forget}, {@mode={'mode', 0x3d, 0x5c}}, {@shortad}, {@uid_forget}, {@session={'session', 0x3d, 0xfffffffffffffe81}}, {@gid_ignore}, {@anchor={'anchor', 0x3d, 0x2}}, {@lastblock={'lastblock', 0x3d, 0x1}}, {@undelete}]}, 0xa, 0xc30, &(0x7f0000002740)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcZy9S+mYhXOqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgpYzOxbcUWRNi2KEmV9Pjb13Z15b/a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+/cvHU6fSwWwEAPEiXx7526oz7PwA8Vq74/38AAAAAAAAAAAAAADjoUhTxZKSYv7yeJqr3HfVL7b6bt8aHR7avdiRVNQ9V5cuf+ukzZ8996YWh89281J79gPr322fjtbErFxsvz92YX5heXJyeaozPtifnpqZ3fYS91t9qsDoBjRuv35y6dm2xceb5s3fsvjXwfv8TxwcuDD178plu2fHhkZGxzSL13vK1e25Ix04zPA5HEScjxXPf/1lqRUQRez8X9Qc79lsdqToxWHVifHik6shMuzW7VO4c7Z6IIqLRU6nZPUfbj0XU+h5oH3bWjFgum182eLDs3th8a6F1dWa6MdpaWGovtedmR1OntWV/GlHE+RSxEhFr/Xcfri+KqEWK7x5bT1cj4lD3PHyxmhi8czuKfezjLpTtbPRFrBSPwJgdYP1RxKuR4ufvnIjJfJ2prjVfiHi1zB9GvFXmSxGp/GKci3hvm+8Rj6ZaFPEX5fhfWE9T1fWge1259PXGV2evzfWU7V5XPuL94a4rxUO6PxzZkg/GAb821aOIVnXFX0/3/psdAAAAAAAAAAAAAAAAAO63I1HEZyLFK//+x9W84qjmpR+7MPQHA7/aO2f86Q85Tln2+YhYLnY3J/dwnhg4mkZTeshziR9n9SjiT/L8v28/7MYAAAAAAAAAAAAAAAAAAAA81or4aaR48d0TaSV61xRvz15vXGldnemsCttd+7e7ZvrGxsZGI3WymXMi53LOlZyrOddyRpHr52zmnMi5nHMl52rOtZxxKNfP2cw5kXM550rO1ZxrOaOW6+ds5pzIuZxzJedqzrWccUDW7gUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DgpoohfRorvfHM9RYqIZsREdHK1/2G3DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo9acifhApGn/YvL2tFhGp+rfjRPnLuWgeLvOT0Rwq86VoXszZqrLW/PZDaD9705eK+Emk6K+/fXvA8/j3dd7d/hrEW9/afPfZWicPdXcOvN//xPFjF4ZGfuPpnV6n7RoweKk9e/NWY3x4ZGSsZ3Mtf/one7YN5M8t7k/XiYjFN958vTUzM71w7y/Kr8Aeqj9CL1LtcempF9WLqB2IZjycvvMYKO//70WK3333P7o3/M79vx6/0nl3+w4fv/jTzfv/i1sPtMv7f21rvXz/L+/p293/n+zZ9mL+3UhfLaK+dGO+73hEffGNN0+2b7SuT1+fnj136tSXh4a+fPZU3+GI+rX2zHTPq/tyugAAAAAAAAAAAAAAAAAenFTEVyJF6yfrqRERt6r5WgMXhp49+cyhOFTNt7pj3vZrY1cuNl6euzG/ML24OD3VGJ9tT85NTe/24+rVdK/x4ZF96cyHOrLP7T9Sf3lu/o2F9vU/Wtp2/9H6xauLSwutye13x5EoIpq9WwarBo8Pj1SNnmm3Zquqo9tOpv/o+lIR/xkpJs810ufztjz/f+sM/zvm/y9vPdA+zf//RM+28jNTKuIXkeJ3/vLp+HzVzqNx1znL5f42Ugye/1wuF4fLct02dJ4r0JkZWJb930jxj7+8s2x3PuSTm2VP7/rEPiLK8T8WKX7w59+L38zb7nz+w/bjf3TrgfZp/J/q2Xb0jucV7Lnr5PE/GSleevLt+K287YOe/9F99saJXPj28zn2afw/1bNtIH/ub9+frgMAAAAAAAAAADzS+lIRfxcpfjRSSy/kbbv5+39TWw+0T3//69M926buz3pFH/pizycVAAAAAA6IvlTETyPF9aW3b8+hvnP+d8/8z9/bnP85nLbsrf6c79eq5wbczz//6zWQP3di790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66lPVPP5p3ZcT301Urzy38/lcul4Wa67DvxA9Wv98tzsyYszM3OTraXW1Znpxth8a3K6rPtUpFj/m8/lukW1vnp3vfnOGu+ba7EvRIqRv++W7azF3l2b/KnNsqfLsp+IFP/1D3eW7a5j/anNsmfKsn8dKb7xz9uXPb5Z9mxZ9nuR4sffaHTLHi3Ldp+P+unNss9PzhX7MCoAAAAAAAAAAAAAAAAAAAA8bvpSEX8WKf7nxsrtufx5/f++nreVt77Vs97/Freqdf4HqvX/d3p9L+v/V88VWN7pUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OMpRRFvRor5y+tptb9831G/1J69eWt8eGT7akdSVfNQVb78qZ8+c/bcl14YOt/ND65/v30mXhu7crHx8tyN+YXpxcXpqcb4bHtybmp610fYa/2tBqsT0Ljx+s2pa9cWG2eeP1ttPpx33xp4v/+J4wMXhp49+Uy37PjwyMhYzyFqfff86XdJO2w/HEX8VaR47vs/Sz/qjyhi7+fiQ747++1I1YnBqhPjwyNVR2bardmlcudo90QUEY2eSs3uOXoAY7EnzYjlsvllgwfL7o3NtxZaV2emG6OthaX2UntudjR1Wlv2pxFFnE8RKxGx1n/34fqiiNcjxXePrad/6Y841D0PX7w89rVTZ3ZuR7GPfdyFsp2NvoiV4hEYswOsP4r4p0jx83dOxL/2R9Si8xNfiHi1zB9GvBWd8U7lF+NcxHvbfI94NNWiiP8rx//Cenqnv7wedK8rl77e+Orstbmest3ryiN/f3iQdr42feWBtmMH9Sjix9UVfz39m/+uAQAAAAAAAAAAAAAAAA6QIn49Urz47olUzQ/Oc4qfynuvznSm9XXn/nXnTG9sbGw0UiebOSdyLudcybmacy1nFLl+zmaZ9Y2Nifx+OedKztWcaznjUK6fs5lzIudyzpWcqznXckYt18/ZzDmRcznnSs7VnGs5w7xiAAAAAAAAAAAAAAAAAABgHxTVPym+8831tNHfWV96Ijq5aj3Qj73/DwAA//8H5/Ye")
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$FUSE(r0, &(0x7f0000001d40)={0x2020}, 0x2020)

87.885255ms ago: executing program 0 (id=4961):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=@newqdisc={0x24, 0x24, 0x50b, 0x70bd27, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0x8}, {0xffff, 0xffff}, {0x1, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
write$binfmt_aout(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="03040000b500000001008aea0000feff"], 0xc8)

298.75µs ago: executing program 6 (id=4962):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r1, 0x4068aea3, &(0x7f0000000000))

0s ago: executing program 4 (id=4963):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x5)
fcntl$notify(r0, 0x402, 0x8000003d)

kernel console output (not intermixed with test programs):

886396][T13712] chnl_net:caif_netlink_parms(): no params data found
[  499.073131][T13698] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 12
[  499.198350][T13712] bridge0: port 1(bridge_slave_0) entered blocking state
[  499.236396][T13712] bridge0: port 1(bridge_slave_0) entered disabled state
[  499.286730][T13712] device bridge_slave_0 entered promiscuous mode
[  499.330426][T13712] bridge0: port 2(bridge_slave_1) entered blocking state
[  499.358206][T13712] bridge0: port 2(bridge_slave_1) entered disabled state
[  499.387208][T13712] device bridge_slave_1 entered promiscuous mode
[  499.459692][T13712] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  499.510749][T13712] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  499.573738][ T6804] usb 2-1: new low-speed USB device number 26 using dummy_hcd
[  499.593880][T13712] team0: Port device team_slave_0 added
[  499.613999][T13712] team0: Port device team_slave_1 added
[  499.720732][T13712] batman_adv: batadv0: Adding interface: batadv_slave_0
[  499.748608][T13712] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  499.783610][ T6804] usb 2-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  499.805750][ T6804] usb 2-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  499.822642][ T6804] usb 2-1: config 0 interface 0 has no altsetting 0
[  499.829375][ T6804] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  499.842390][T13712] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  499.854245][ T6804] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  499.866802][T13712] batman_adv: batadv0: Adding interface: batadv_slave_1
[  499.887745][ T6804] usb 2-1: config 0 descriptor??
[  499.893358][T13712] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  499.944444][T13712] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  500.117930][T13712] device hsr_slave_0 entered promiscuous mode
[  500.133718][T13712] device hsr_slave_1 entered promiscuous mode
[  500.182715][T13712] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  500.207645][T13712] Cannot create hsr debugfs directory
[  500.358977][ T6804] mcp2221 0003:04D8:00DD.001A: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  500.402971][ T4271] Bluetooth: hci4: command 0x0409 tx timeout
[  500.540233][   T26] audit: type=1326 audit(1776124041.576:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13763 comm="syz.0.3539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ffc0000
[  500.613489][ T6804] usb 2-1: USB disconnect, device number 26
[  500.667991][   T26] audit: type=1326 audit(1776124041.576:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13763 comm="syz.0.3539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ffc0000
[  500.744872][T13768] loop6: detected capacity change from 0 to 16
[  500.772735][T13768] erofs: (device loop6): mounted with root inode @ nid 36.
[  500.787074][   T26] audit: type=1326 audit(1776124041.646:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13763 comm="syz.0.3539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7ff1e619c819 code=0x7ffc0000
[  500.839068][T13768] overlayfs: failed to get redirect (-117)
[  500.875048][   T26] audit: type=1326 audit(1776124041.646:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13763 comm="syz.0.3539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ffc0000
[  500.891331][T13768] overlayfs: failed to resolve './file0/file0': -117
[  500.918993][T13712] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  500.984099][T13712] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  500.993747][   T26] audit: type=1326 audit(1776124041.646:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13763 comm="syz.0.3539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ffc0000
[  501.055957][T13712] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  501.095594][   T26] audit: type=1326 audit(1776124041.646:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13763 comm="syz.0.3539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7ff1e619c819 code=0x7ffc0000
[  501.123730][T13712] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  501.183195][   T26] audit: type=1326 audit(1776124041.646:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13763 comm="syz.0.3539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ffc0000
[  501.278878][   T26] audit: type=1326 audit(1776124041.646:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13763 comm="syz.0.3539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ffc0000
[  501.402032][T13712] 8021q: adding VLAN 0 to HW filter on device bond0
[  501.465896][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  501.490583][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  501.531314][T13712] 8021q: adding VLAN 0 to HW filter on device team0
[  501.551652][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  501.569392][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  501.581566][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  501.588841][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  501.635748][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  501.649041][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  501.671986][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  501.694680][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  501.701927][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  501.724926][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  501.759937][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  501.779224][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  501.809183][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  501.846435][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  501.852180][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  501.852838][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  501.903535][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  501.933854][T13787] netlink: 452 bytes leftover after parsing attributes in process `syz.6.3550'.
[  501.952780][T13787] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3550'.
[  501.962825][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  501.992184][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  502.011242][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  502.045960][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  502.081179][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  502.108380][T13712] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  502.483044][ T4271] Bluetooth: hci4: command 0x041b tx timeout
[  502.967160][T13811] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3557'.
[  503.094038][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  503.103566][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  503.127652][T13712] 8021q: adding VLAN 0 to HW filter on device batadv0
[  504.116780][   T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  504.126652][   T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  504.192517][T13712] device veth0_vlan entered promiscuous mode
[  504.214654][   T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  504.228624][   T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  504.239132][   T47] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  504.270589][   T47] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  504.299845][T13712] device veth1_vlan entered promiscuous mode
[  504.349887][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  504.360901][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  504.378167][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  504.388991][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  504.409014][T13712] device veth0_macvtap entered promiscuous mode
[  504.430515][T13712] device veth1_macvtap entered promiscuous mode
[  504.439742][T13737] syz.4.3532 (13737): drop_caches: 1
[  504.467343][T13712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  504.490711][T13712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.502119][T13712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  504.516270][T13712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.526554][T13712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  504.546608][T13712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.556915][T13712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  504.567988][ T4275] Bluetooth: hci4: command 0x040f tx timeout
[  504.578310][T13712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.592840][T13712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  504.603960][T13712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.616159][T13712] batman_adv: batadv0: Interface activated: batadv_slave_0
[  504.627838][T13712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  504.639665][T13712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.650300][T13712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  504.661621][T13712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.671986][T13712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  504.683585][T13712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.694499][T13712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  504.705338][T13712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.715726][T13712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  504.727093][T13712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.739362][T13712] batman_adv: batadv0: Interface activated: batadv_slave_1
[  504.748034][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  504.757500][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  504.783094][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  504.793654][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  504.804207][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  504.814383][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  504.837394][T13712] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  504.851501][T13712] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  504.861636][T13712] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  504.875355][T13712] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  505.004157][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  505.012153][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  505.036251][   T47] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  505.090515][ T4325] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  505.101575][ T4325] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  505.117718][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  505.273164][T13841] binder: 13840:13841 ioctl c0306201 200000000100 returned -14
[  505.313327][T13846] loop4: detected capacity change from 0 to 64
[  505.572592][ T4317] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  505.710412][T13861] netlink: 'syz.4.3563': attribute type 1 has an invalid length.
[  505.807253][ T4317] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  505.838157][ T4317] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  505.893163][ T4317] usb 7-1: config 1 has no interface number 0
[  505.899719][ T4317] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  505.958126][ T4317] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  505.996822][ T4317] usb 7-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  506.042647][ T4317] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  506.083853][ T4317] usb 7-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  506.121110][ T4317] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  506.157942][ T4317] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  506.168159][T13871] loop4: detected capacity change from 0 to 4096
[  506.192626][ T4317] usb 7-1: Product: syz
[  506.223899][ T4317] usb 7-1: Manufacturer: syz
[  506.255088][ T4317] usb 7-1: SerialNumber: syz
[  506.297202][T13844] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  506.360065][T13871] ntfs3: loop4: failed to convert "0080" to cp775
[  506.382270][T13871] ntfs3: loop4: failed to convert name for inode 1e.
[  506.644490][ T4271] Bluetooth: hci4: command 0x0419 tx timeout
[  506.729831][T13844] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  506.947241][ T4317] cdc_ncm 7-1:1.1: failed GET_NTB_PARAMETERS
[  506.972780][ T4317] cdc_ncm 7-1:1.1: bind() failure
[  507.010328][ T4317] usb 7-1: USB disconnect, device number 3
[  507.380527][T13878] loop7: detected capacity change from 0 to 32768
[  507.489850][T13878] JBD2: Ignoring recovery information on journal
[  507.555531][T13884] loop4: detected capacity change from 0 to 32768
[  507.595994][T13884] (syz.4.3577,13884,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  507.639823][T13884] (syz.4.3577,13884,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  507.739845][T13884] JBD2: Ignoring recovery information on journal
[  507.749497][T13878] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  507.810346][T13878] (syz.7.3570,13878,0):ocfs2_reflink_ioctl:4433 ERROR: status = -14
[  508.014702][T13884] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  508.047430][T13712] ocfs2: Unmounting device (7,7) on (node local)
[  508.302432][ T4274] ocfs2: Unmounting device (7,4) on (node local)
[  510.138603][T13972] loop6: detected capacity change from 0 to 512
[  510.166386][T13972] EXT4-fs: Ignoring removed oldalloc option
[  510.188833][T13972] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  510.283921][T13972] EXT4-fs (loop6): 1 truncate cleaned up
[  510.289723][T13972] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  510.568539][T12758] EXT4-fs (loop6): unmounting filesystem.
[  511.243262][T14010] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3621'.
[  511.272833][T14010] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3621'.
[  511.334883][T14010] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  511.344299][T14010] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  511.353211][T14010] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  511.362028][T14010] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  511.886585][T14034] loop7: detected capacity change from 0 to 512
[  511.934429][T14034] EXT4-fs: Ignoring removed nobh option
[  511.969358][T14034] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  512.015568][T14034] EXT4-fs error (device loop7): ext4_orphan_get:1405: inode #15: comm syz.7.3631: iget: bad i_size value: 38620345925642
[  512.053806][T14034] EXT4-fs error (device loop7): ext4_orphan_get:1410: comm syz.7.3631: couldn't read orphan inode 15 (err -117)
[  512.112776][T14034] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  512.314539][T13712] EXT4-fs (loop7): unmounting filesystem.
[  512.493733][T14051] loop7: detected capacity change from 0 to 256
[  512.585001][T14051] FAT-fs (loop7): Directory bread(block 64) failed
[  512.601271][T14051] FAT-fs (loop7): Directory bread(block 65) failed
[  512.628893][T14051] FAT-fs (loop7): Directory bread(block 66) failed
[  512.651150][T14051] FAT-fs (loop7): Directory bread(block 67) failed
[  512.701994][T14051] FAT-fs (loop7): Directory bread(block 68) failed
[  512.723230][T14051] FAT-fs (loop7): Directory bread(block 69) failed
[  512.753527][T14051] FAT-fs (loop7): Directory bread(block 70) failed
[  512.760210][T14051] FAT-fs (loop7): Directory bread(block 71) failed
[  512.815165][T14059] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3638'.
[  512.824672][T14051] FAT-fs (loop7): Directory bread(block 72) failed
[  512.831286][T14051] FAT-fs (loop7): Directory bread(block 73) failed
[  513.171155][T14041] loop6: detected capacity change from 0 to 32768
[  513.264062][T14041] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop6 scanned by syz.6.3632 (14041)
[  513.343654][T14041] BTRFS info (device loop6): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  513.422640][T14041] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[  513.432172][T14041] BTRFS info (device loop6): use zlib compression, level 3
[  513.482885][T14041] BTRFS info (device loop6): using free space tree
[  513.648569][   T26] audit: type=1400 audit(1776124054.686:247): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=262620616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161 pid=14083 comm="syz.7.3648"
[  513.963869][T14041] BTRFS info (device loop6): enabling ssd optimizations
[  514.037095][T14111] program syz.4.3651 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  514.126225][   T26] audit: type=1326 audit(1776124055.166:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14116 comm="syz.1.3652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e66f9c819 code=0x7ffc0000
[  514.203069][   T26] audit: type=1326 audit(1776124055.206:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14116 comm="syz.1.3652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e66f9c819 code=0x7ffc0000
[  514.263385][T12758] BTRFS info (device loop6): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  514.361411][   T26] audit: type=1326 audit(1776124055.206:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14116 comm="syz.1.3652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e66f9c819 code=0x7ffc0000
[  514.490797][   T26] audit: type=1326 audit(1776124055.206:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14116 comm="syz.1.3652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4e66f9c819 code=0x7ffc0000
[  514.641418][   T26] audit: type=1326 audit(1776124055.206:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14116 comm="syz.1.3652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4e66f9c582 code=0x7ffc0000
[  514.780484][   T26] audit: type=1326 audit(1776124055.216:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14116 comm="syz.1.3652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e66f9c819 code=0x7ffc0000
[  514.815522][    C0] vkms_vblank_simulate: vblank timer overrun
[  514.873590][T14130] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3657'.
[  514.902608][   T26] audit: type=1326 audit(1776124055.216:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14116 comm="syz.1.3652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4e66f5d04e code=0x7ffc0000
[  515.002774][   T26] audit: type=1326 audit(1776124055.216:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14116 comm="syz.1.3652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f4e66f9c647 code=0x7ffc0000
[  515.133298][   T26] audit: type=1326 audit(1776124055.216:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14116 comm="syz.1.3652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4e66f5d04e code=0x7ffc0000
[  515.328945][T14138] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  515.548601][T14148] loop6: detected capacity change from 0 to 1024
[  515.593639][T14148] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  515.636604][T14109] loop7: detected capacity change from 0 to 40427
[  515.646611][T14152] MPTCP: kernel_bind error, err=-22
[  515.671489][T14109] F2FS-fs (loop7): Invalid SB checksum offset: 0
[  515.690235][T14109] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock
[  515.700607][T14109] F2FS-fs (loop7): invalid crc value
[  515.709717][T14148] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  515.719218][T14148] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  515.747774][T14148] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.3653: bg 0: block 112: padding at end of block bitmap is not set
[  515.775531][T14148] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  515.790765][T14148] EXT4-fs (loop6): This should not happen!! Data will be lost
[  515.790765][T14148] 
[  515.801177][T14148] EXT4-fs (loop6): Total free blocks count 0
[  515.807592][T14148] EXT4-fs (loop6): Free/Dirty block details
[  515.814283][T14148] EXT4-fs (loop6): free_blocks=0
[  515.819355][T14148] EXT4-fs (loop6): dirty_blocks=64
[  515.825192][T14148] EXT4-fs (loop6): Block reservation details
[  515.831419][T14148] EXT4-fs (loop6): i_reserved_data_blocks=4
[  515.854104][T14109] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  516.001716][T12758] EXT4-fs (loop6): unmounting filesystem.
[  516.093873][T14109] F2FS-fs (loop7): Try to recover 2th superblock, ret: 0
[  516.101027][T14109] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  516.209832][T14165] loop6: detected capacity change from 0 to 256
[  516.238231][T14165] exfat: Deprecated parameter 'namecase'
[  516.266374][T13712] syz-executor: attempt to access beyond end of device
[  516.266374][T13712] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  516.281101][T14165] exfat: Deprecated parameter 'utf8'
[  516.319010][T14165] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x544194fd, utbl_chksum : 0xe619d30d)
[  517.015457][T14150] loop4: detected capacity change from 0 to 32768
[  517.066573][T14181] loop7: detected capacity change from 0 to 512
[  517.081135][T14150] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 9
[  517.101158][T14175] loop6: detected capacity change from 0 to 4096
[  517.221437][T14184] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3672'.
[  517.236164][T14175] ntfs: volume version 3.1.
[  517.316957][T14181] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  517.481754][T14181] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.3671: Invalid inode bitmap blk 4 in block_group 0
[  517.622716][T14181] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  517.666746][T13698] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 9
[  517.782576][ T4406] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  517.992599][ T4406] usb 5-1: Using ep0 maxpacket: 32
[  518.004315][ T4406] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 190, changing to 11
[  518.048749][T13712] EXT4-fs (loop7): unmounting filesystem.
[  518.072156][ T4406] usb 5-1: config 1 interface 0 altsetting 0 has a duplicate endpoint with address 0x3, skipping
[  518.166071][ T4406] usb 5-1: string descriptor 0 read error: -22
[  518.202660][ T4406] usb 5-1: New USB device found, idVendor=0a92, idProduct=1020, bcdDevice= 0.40
[  518.241797][ T4406] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  518.540317][T14190] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  518.593124][T14190] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  518.631034][ T4406] usb 5-1: USB disconnect, device number 26
[  518.712674][ T6804] usb 2-1: new full-speed USB device number 27 using dummy_hcd
[  518.739963][T14215] ptrace attach of "./syz-executor exec"[13712] was attempted by ""[14215]
[  518.759523][T14213] [U] k
[  518.955080][ T6804] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  518.968013][ T6804] usb 2-1: config 0 has no interface number 0
[  518.982634][ T6804] usb 2-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  519.002088][ T6804] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.012091][T14223] loop6: detected capacity change from 0 to 256
[  519.040823][ T6804] usb 2-1: config 0 descriptor??
[  519.052891][T14223] exfat: Deprecated parameter 'namecase'
[  519.097836][ T6804] usb 2-1: selecting invalid altsetting 1
[  519.105317][ T6804] dvb_ttusb_budget: ttusb_init_controller: error
[  519.111894][ T6804] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  519.161846][T14223] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1cbb3694, utbl_chksum : 0xe619d30d)
[  519.248164][T14226] loop7: detected capacity change from 0 to 1024
[  519.285537][T14223] exFAT-fs (loop6): error, found bogus dentry(5) beyond unused empty group(4) (start_clu : 5, cur_clu : 5)
[  519.309147][T14226] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  519.371774][T14228] exFAT-fs (loop6): error, found bogus dentry(5) beyond unused empty group(4) (start_clu : 5, cur_clu : 5)
[  519.397564][T14226] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  519.523230][ T6804] DVB: Unable to find symbol cx22700_attach()
[  519.665329][T13712] EXT4-fs (loop7): unmounting filesystem.
[  519.792350][ T6804] DVB: Unable to find symbol tda10046_attach()
[  519.799156][ T6804] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  519.839968][ T6804] usb 2-1: USB disconnect, device number 27
[  520.213519][T14255] loop7: detected capacity change from 0 to 64
[  520.745818][T14274] device syz_tun entered promiscuous mode
[  520.793891][T14274] device macvtap1 entered promiscuous mode
[  520.828068][T14274] device syz_tun left promiscuous mode
[  521.067053][T14285] team0: Device gtp0 is of different type
[  521.272796][   T14] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  521.490064][   T14] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  521.509834][   T14] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.528975][   T14] usb 2-1: Product: syz
[  521.538841][   T14] usb 2-1: Manufacturer: syz
[  521.546088][   T14] usb 2-1: SerialNumber: syz
[  521.568685][   T14] usb 2-1: config 0 descriptor??
[  521.829946][ T4406] usb 2-1: USB disconnect, device number 28
[  521.935317][T13765] udevd[13765]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  522.000123][T14307] loop6: detected capacity change from 0 to 1024
[  522.028710][T14307] EXT4-fs: Ignoring removed orlov option
[  522.092608][T14307] EXT4-fs: inline encryption not supported
[  522.112270][T14307] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[  522.137783][T14307] EXT4-fs (loop6): invalid journal inode
[  522.172285][T14307] EXT4-fs (loop6): can't get journal size
[  522.212421][T14307] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  522.275763][T12758] EXT4-fs (loop6): unmounting filesystem.
[  522.345630][T14314] loop7: detected capacity change from 0 to 2048
[  522.389959][T14314] UDF-fs: error (device loop7): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  522.427556][T14314] UDF-fs: error (device loop7): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  522.427598][T14314] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found
[  522.427614][T14314] UDF-fs: Scanning with blocksize 512 failed
[  522.439127][T14314] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  522.519202][   T26] kauditd_printk_skb: 10 callbacks suppressed
[  522.519234][   T26] audit: type=1800 audit(1776124063.556:265): pid=14314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3715" name="file1" dev="loop7" ino=838 res=0 errno=0
[  522.861867][T14330] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  523.237965][ T6804] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  523.489334][ T6804] usb 7-1: Using ep0 maxpacket: 32
[  523.496664][ T6804] usb 7-1: config 0 has an invalid interface number: 196 but max is 0
[  523.526722][ T6804] usb 7-1: config 0 has no interface number 0
[  523.551552][ T6804] usb 7-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  523.590239][ T6804] usb 7-1: config 0 interface 196 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  523.610824][ T6804] usb 7-1: config 0 interface 196 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  523.649922][ T6804] usb 7-1: config 0 interface 196 has no altsetting 0
[  523.674181][ T6804] usb 7-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a
[  523.702654][ T6804] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  523.715209][ T6804] usb 7-1: Product: syz
[  523.719469][ T6804] usb 7-1: Manufacturer: syz
[  523.742096][ T6804] usb 7-1: SerialNumber: syz
[  523.757381][ T6804] usb 7-1: config 0 descriptor??
[  523.763401][T14332] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  523.973463][T14337] loop7: detected capacity change from 0 to 40427
[  524.011267][T14337] F2FS-fs (loop7): build fault injection attr: rate: 771, type: 0x3ffff
[  524.053121][T14337] F2FS-fs (loop7): invalid crc value
[  524.078715][T14337] F2FS-fs (loop7): Found nat_bits in checkpoint
[  524.215388][ T6804] ipheth 7-1:0.196: ipheth_get_macaddr: usb_control_msg: short packet: 0 bytes
[  524.232749][ T6804] ipheth: probe of 7-1:0.196 failed with error -22
[  524.294497][T14337] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  524.418737][ T6804] usb 7-1: USB disconnect, device number 4
[  524.459390][T13712] syz-executor: attempt to access beyond end of device
[  524.459390][T13712] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  524.520280][T14350] loop4: detected capacity change from 0 to 32768
[  524.555058][T14350] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.3732 (14350)
[  524.611308][T14350] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  524.652294][T14350] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  524.694110][T14350] BTRFS info (device loop4): using free space tree
[  525.079743][T14350] BTRFS info (device loop4): enabling ssd optimizations
[  525.185717][T14350] BTRFS info (device loop4): device stats zeroed by syz.4.3732 (14350)
[  525.344100][ T4274] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  525.480750][T14397] device batadv0 entered promiscuous mode
[  525.898406][   T22] kernel write not supported for file /input/mice (pid: 22 comm: kworker/1:0)
[  526.030264][T14397] device batadv0 left promiscuous mode
[  526.428838][T14399] loop6: detected capacity change from 0 to 32768
[  526.466290][T14399] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 9
[  526.701477][T14416] loop4: detected capacity change from 0 to 512
[  526.751221][T14416] EXT4-fs: inline encryption not supported
[  526.814012][T14416] EXT4-fs (loop4): orphan cleanup on readonly fs
[  526.846804][T14416] EXT4-fs (loop4): 1 truncate cleaned up
[  526.882577][T14416] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  527.108029][T13698] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 9
[  527.136461][ T4274] EXT4-fs (loop4): unmounting filesystem.
[  527.878290][T14425] loop7: detected capacity change from 0 to 32768
[  528.389533][T14433] loop4: detected capacity change from 0 to 32768
[  528.533446][T14433] XFS (loop4): Mounting V5 Filesystem
[  528.608962][T14437] loop6: detected capacity change from 0 to 32768
[  528.773086][T14437] XFS (loop6): Mounting V5 Filesystem
[  528.825273][T14433] XFS (loop4): Ending clean mount
[  528.840097][T14433] XFS (loop4): Quotacheck needed: Please wait.
[  529.013296][T14433] XFS (loop4): Quotacheck: Done.
[  529.060952][T14437] XFS (loop6): Ending clean mount
[  529.196289][T12758] XFS (loop6): Unmounting Filesystem
[  529.203057][ T4274] XFS (loop4): Unmounting Filesystem
[  529.211443][T14446] loop7: detected capacity change from 0 to 32768
[  529.279187][T14446] BTRFS error: device /dev/loop7 already registered with a higher generation, found 8 expect 9
[  529.802063][T14211] BTRFS error: device /dev/loop7 already registered with a higher generation, found 8 expect 9
[  530.497626][   T26] audit: type=1326 audit(1776124071.536:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14490 comm="syz.4.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6c19c819 code=0x7ffc0000
[  530.547693][T14492] loop4: detected capacity change from 0 to 512
[  530.594112][   T26] audit: type=1326 audit(1776124071.566:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14490 comm="syz.4.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6c19c819 code=0x7ffc0000
[  530.659801][   T26] audit: type=1326 audit(1776124071.566:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14490 comm="syz.4.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2b6c19c819 code=0x7ffc0000
[  530.744034][T14492] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  530.762685][T14492] ext4 filesystem being mounted at /682/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  530.832955][   T26] audit: type=1326 audit(1776124071.566:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14490 comm="syz.4.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2b6c19c582 code=0x7ffc0000
[  530.889076][   T26] audit: type=1326 audit(1776124071.566:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14490 comm="syz.4.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6c19c819 code=0x7ffc0000
[  530.954598][ T4274] EXT4-fs (loop4): unmounting filesystem.
[  530.969383][   T26] audit: type=1326 audit(1776124071.586:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14490 comm="syz.4.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2b6c15d04e code=0x7ffc0000
[  531.106199][   T26] audit: type=1326 audit(1776124071.586:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14490 comm="syz.4.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2b6c19c647 code=0x7ffc0000
[  531.190147][T14510] loop6: detected capacity change from 0 to 256
[  531.207507][   T26] audit: type=1326 audit(1776124071.586:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14490 comm="syz.4.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2b6c15d04e code=0x7ffc0000
[  531.293328][   T26] audit: type=1326 audit(1776124071.586:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14490 comm="syz.4.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2b6c19c4ab code=0x7ffc0000
[  531.321908][T14510] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x389acbd6, utbl_chksum : 0xe619d30d)
[  531.412905][   T26] audit: type=1326 audit(1776124071.626:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14490 comm="syz.4.3770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2b6c15d04e code=0x7ffc0000
[  531.441984][T14510] syz.6.3787: attempt to access beyond end of device
[  531.441984][T14510] loop6: rw=524288, sector=34359738488, nr_sectors = 8 limit=256
[  531.486847][T14510] syz.6.3787: attempt to access beyond end of device
[  531.486847][T14510] loop6: rw=0, sector=34359738488, nr_sectors = 8 limit=256
[  532.726868][T14562] delete_channel: no stack
[  532.745073][T14561] delete_channel: no stack
[  532.956951][T14568] sp0: Synchronizing with TNC
[  533.025837][T14567] [U] è
[  533.526871][T14589] loop7: detected capacity change from 0 to 2048
[  533.615258][T14592] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  534.208103][T14609] loop4: detected capacity change from 0 to 8192
[  534.910989][T14619] loop4: detected capacity change from 0 to 4096
[  534.976136][T14621] loop7: detected capacity change from 0 to 8192
[  535.013288][T14621] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  535.037786][T14621] REISERFS (device loop7): found reiserfs format "3.5" with non-standard journal
[  535.048357][T14621] REISERFS (device loop7): using ordered data mode
[  535.055392][T14621] reiserfs: using flush barriers
[  535.063890][T14621] REISERFS (device loop7): journal params: device loop7, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  535.081145][T14621] REISERFS (device loop7): checking transaction log (loop7)
[  535.092951][T14621] REISERFS (device loop7): Using r5 hash to sort names
[  535.106445][T14621] reiserfs: enabling write barrier flush mode
[  535.121368][T14621] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2
[  535.143130][T14621] REISERFS error (device loop7): vs-5150 search_by_key: invalid format found in block 531. Fsck?
[  535.155367][T14621] REISERFS (device loop7): Remounting filesystem read-only
[  535.173681][T14621] REISERFS error (device loop7): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 1 0x0 SD] stat data
[  535.208324][T14621] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2
[  535.243338][T14621] REISERFS error (device loop7): vs-5150 search_by_key: invalid format found in block 531. Fsck?
[  535.254687][T14621] REISERFS error (device loop7): zam-7001 reiserfs_find_entry: io error
[  535.263435][T14621] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2
[  535.281077][T14621] REISERFS error (device loop7): vs-5150 search_by_key: invalid format found in block 531. Fsck?
[  535.307018][ T4274] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22.
[  535.332563][ T4274] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  535.343354][T14621] REISERFS error (device loop7): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 1 0x0 SD] stat data
[  535.404749][T14621] REISERFS warning (device loop7): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount.
[  535.456479][T14615] loop6: detected capacity change from 0 to 32768
[  535.481654][T14621] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2
[  535.522823][T14621] REISERFS error (device loop7): vs-5150 search_by_key: invalid format found in block 531. Fsck?
[  535.575298][T14621] REISERFS (device loop7): Remounting filesystem read-only
[  535.595908][T14621] REISERFS error (device loop7): zam-7001 reiserfs_find_entry: io error
[  535.639206][T14615] XFS (loop6): Mounting V5 Filesystem
[  535.774291][T14640] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3841'.
[  535.784956][T14615] XFS (loop6): Ending clean mount
[  535.951623][T12758] XFS (loop6): Unmounting Filesystem
[  536.043591][T14647] ptrace attach of "./syz-executor exec"[4274] was attempted by ""[14647]
[  537.108698][T14677] program syz.4.3857 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  537.426804][T14660] loop7: detected capacity change from 0 to 32768
[  537.495802][T14660] JBD2: Ignoring recovery information on journal
[  537.556166][T14660] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  537.746896][T13712] ocfs2: Unmounting device (7,7) on (node local)
[  537.952633][ T6687] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  538.145712][T14701] device batadv0 entered promiscuous mode
[  538.151858][T14701] device macsec2 entered promiscuous mode
[  538.163439][ T6687] usb 7-1: Using ep0 maxpacket: 8
[  538.170961][T14701] device batadv0 left promiscuous mode
[  538.180058][ T6687] usb 7-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  538.204483][ T6687] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  538.212923][ T6687] usb 7-1: Product: syz
[  538.217148][ T6687] usb 7-1: Manufacturer: syz
[  538.221802][ T6687] usb 7-1: SerialNumber: syz
[  538.654909][T14703] loop4: detected capacity change from 0 to 32768
[  538.669134][ T6687] mxuport 7-1:254.0: mxuport_recv_ctrl_urb - short read (0 / 4)
[  538.678748][ T6687] mxuport: probe of 7-1:254.0 failed with error -5
[  538.706423][T14703] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  538.808969][ T4274] ocfs2: Unmounting device (7,4) on (node local)
[  538.880129][ T4406] usb 7-1: USB disconnect, device number 5
[  539.989778][T14739] loop4: detected capacity change from 0 to 256
[  540.023559][T14739] exfat: Deprecated parameter 'utf8'
[  540.028955][T14739] exfat: Deprecated parameter 'utf8'
[  540.076009][T14739] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  540.576542][T14735] loop6: detected capacity change from 0 to 32768
[  540.604781][T14735] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop6 scanned by syz.6.3882 (14735)
[  540.635556][T14735] BTRFS info (device loop6): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  540.657886][T14735] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[  540.677617][T14735] BTRFS info (device loop6): using free space tree
[  540.838212][T14735] BTRFS info (device loop6): enabling ssd optimizations
[  540.964616][T12758] BTRFS info (device loop6): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  541.077813][T14774] loop4: detected capacity change from 0 to 512
[  541.116323][T14774] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  541.146819][T14774] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it
[  541.157875][T14774] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.3892: Corrupt directory, running e2fsck is recommended
[  541.185263][T14774] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  541.202663][T14774] EXT4-fs error (device loop4): ext4_iget_extra_inode:4763: inode #15: comm syz.4.3892: corrupted in-inode xattr
[  541.216035][    C1] vkms_vblank_simulate: vblank timer overrun
[  541.223086][T14745] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  541.249923][T14774] EXT4-fs error (device loop4): ext4_orphan_get:1410: comm syz.4.3892: couldn't read orphan inode 15 (err -117)
[  541.314336][T14774] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  541.778720][ T4274] EXT4-fs (loop4): unmounting filesystem.
[  541.924582][T14788] device syz_tun entered promiscuous mode
[  541.936325][T14788] device macvtap1 entered promiscuous mode
[  541.975833][   T26] kauditd_printk_skb: 16 callbacks suppressed
[  541.975849][   T26] audit: type=1326 audit(1776124083.016:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14790 comm="syz.4.3898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6c19c819 code=0x7ffc0000
[  542.016945][T14788] device syz_tun left promiscuous mode
[  542.054778][   T26] audit: type=1326 audit(1776124083.016:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14790 comm="syz.4.3898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6c19c819 code=0x7ffc0000
[  542.077172][    C1] vkms_vblank_simulate: vblank timer overrun
[  542.202630][   T26] audit: type=1326 audit(1776124083.016:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14790 comm="syz.4.3898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f2b6c19c819 code=0x7ffc0000
[  542.302660][   T26] audit: type=1326 audit(1776124083.016:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14790 comm="syz.4.3898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6c19c819 code=0x7ffc0000
[  542.391317][   T26] audit: type=1326 audit(1776124083.016:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14790 comm="syz.4.3898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b6c19c819 code=0x7ffc0000
[  542.562430][T14779] loop7: detected capacity change from 0 to 32768
[  542.759963][T14779] XFS (loop7): Mounting V5 Filesystem
[  542.909066][T14779] XFS (loop7): Ending clean mount
[  542.925521][   T27] XFS (loop7): Metadata CRC error detected at xfs_inobt_read_verify+0x3a/0xd0, xfs_finobt block 0x20 
[  542.972570][   T27] XFS (loop7): Unmount and run xfs_repair
[  542.979583][   T27] XFS (loop7): First 128 bytes of corrupted metadata buffer:
[  543.010662][   T27] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  543.051128][   T27] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40  ....... .......@
[  543.066775][   T27] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a  ...B..N....xv...
[  543.096385][   T27] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37  .......F......@7
[  543.116727][   T27] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  543.136998][   T27] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00  ................
[  543.162556][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  543.202564][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  543.229312][T14779] XFS (loop7): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x20 len 8 error 74
[  543.253290][T14779] XFS (loop7): Failed to initialize disk quotas.
[  543.349385][T13712] XFS (loop7): Unmounting Filesystem
[  543.360556][T14803] loop6: detected capacity change from 0 to 32768
[  543.471334][T14803] syz.6.3905: attempt to access beyond end of device
[  543.471334][T14803] loop6: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[  543.492732][   T27] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  543.535789][T14803] metapage_write_end_io: I/O error
[  543.602672][T14803] blkno = 8ed2c, nblocks = 1
[  543.607550][T14803] ERROR: (device loop6): dbUpdatePMap: blocks are outside the map
[  543.607550][T14803] 
[  543.618813][T14832] loop4: detected capacity change from 0 to 4096
[  543.659044][T14803] ERROR: (device loop6): remounting filesystem as read-only
[  543.697648][   T27] usb 2-1: Using ep0 maxpacket: 32
[  543.711618][T14833] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  543.723257][   T27] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 190, changing to 11
[  543.783403][  T107] blkno = 8ed2c, nblocks = 4
[  543.787766][   T27] usb 2-1: config 1 interface 0 altsetting 0 has a duplicate endpoint with address 0x3, skipping
[  543.788146][  T107] ERROR: (device loop6): dbUpdatePMap: blocks are outside the map
[  543.788146][  T107] 
[  543.829302][T12758] syz-executor: attempt to access beyond end of device
[  543.829302][T12758] loop6: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[  543.848151][   T27] usb 2-1: string descriptor 0 read error: -22
[  543.865553][   T27] usb 2-1: New USB device found, idVendor=0a92, idProduct=1020, bcdDevice= 0.40
[  543.887676][   T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  543.909600][T12758] metapage_write_end_io: I/O error
[  543.915420][T12758] JFS: metapage_get_blocks failed
[  543.935412][T12758] JFS: metapage_get_blocks failed
[  543.971351][T12758] JFS: metapage_get_blocks failed
[  543.987009][T12758] JFS: metapage_get_blocks failed
[  544.193914][T14825] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  544.241665][T14825] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  544.274955][   T27] usb 2-1: USB disconnect, device number 29
[  544.633999][T14847] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3921'.
[  544.643266][T14847] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3921'.
[  544.653830][T14847] netlink: 'syz.4.3921': attribute type 19 has an invalid length.
[  544.662034][T14847] netlink: 'syz.4.3921': attribute type 20 has an invalid length.
[  545.066019][T14842] loop6: detected capacity change from 0 to 32768
[  545.196655][T14842] XFS (loop6): Mounting V5 Filesystem
[  545.313763][T14842] XFS (loop6): Ending clean mount
[  545.370737][T14853] loop4: detected capacity change from 0 to 32768
[  545.409431][T14853] ialloc: diAlloc returned -5!
[  545.497270][T12758] XFS (loop6): Unmounting Filesystem
[  545.993639][T14878] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_bond, syncid = 0, id = 0
[  546.248657][T14888] netlink: 'syz.1.3937': attribute type 1 has an invalid length.
[  546.416170][ T4319] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  546.632753][ T4319] usb 7-1: Using ep0 maxpacket: 32
[  546.646770][ T4319] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 190, changing to 11
[  546.662885][ T4319] usb 7-1: config 1 interface 0 altsetting 0 has a duplicate endpoint with address 0x3, skipping
[  546.677332][ T4319] usb 7-1: string descriptor 0 read error: -22
[  546.684118][ T4319] usb 7-1: New USB device found, idVendor=0a92, idProduct=1020, bcdDevice= 0.40
[  546.694213][ T4319] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  546.722753][ T6687] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  546.922285][T14884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  546.931622][T14884] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  546.940758][ T6687] usb 2-1: Using ep0 maxpacket: 32
[  546.947912][ T6687] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  546.956636][ T6687] usb 2-1: config 0 has no interface number 0
[  546.958182][ T4406] usb 7-1: USB disconnect, device number 6
[  546.971540][ T6687] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  546.989702][ T6687] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  547.011293][ T6687] usb 2-1: Product: syz
[  547.017276][ T6687] usb 2-1: Manufacturer: syz
[  547.021946][ T6687] usb 2-1: SerialNumber: syz
[  547.039124][ T6687] usb 2-1: config 0 descriptor??
[  547.049504][ T6687] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  547.259604][ T6687] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  547.271663][ T6687] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  547.575372][T14900] loop6: detected capacity change from 0 to 512
[  547.603492][T14900] EXT4-fs: inline encryption not supported
[  547.624492][T14900] EXT4-fs (loop6): orphan cleanup on readonly fs
[  547.631163][T14900] EXT4-fs (loop6): 1 truncate cleaned up
[  547.637586][T14900] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  547.657868][    C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  547.660430][ T4406] usb 2-1: USB disconnect, device number 30
[  547.674839][ T4406] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  547.690029][ T4406] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  547.702309][ T4406] quatech2 2-1:0.51: device disconnected
[  547.818890][T14903] loop4: detected capacity change from 0 to 128
[  547.829201][T12758] EXT4-fs (loop6): unmounting filesystem.
[  547.898419][   T26] audit: type=1800 audit(1776124088.936:297): pid=14903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3943" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop4" ino=1048799 res=0 errno=0
[  548.905763][   T26] audit: type=1326 audit(1776124089.946:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14928 comm="syz.6.3956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  548.996321][   T26] audit: type=1326 audit(1776124089.976:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14928 comm="syz.6.3956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  549.052047][   T26] audit: type=1326 audit(1776124089.976:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14928 comm="syz.6.3956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  549.169769][   T26] audit: type=1326 audit(1776124089.976:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14928 comm="syz.6.3956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  549.222405][T14937] loop6: detected capacity change from 0 to 256
[  549.271955][   T26] audit: type=1326 audit(1776124089.976:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14928 comm="syz.6.3956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  549.278807][T14937] exfat: Deprecated parameter 'namecase'
[  549.368394][   T26] audit: type=1326 audit(1776124089.976:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14928 comm="syz.6.3956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  549.380759][T14937] exfat: Deprecated parameter 'utf8'
[  549.449032][   T26] audit: type=1326 audit(1776124089.976:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14928 comm="syz.6.3956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  549.481537][   T26] audit: type=1326 audit(1776124089.976:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14928 comm="syz.6.3956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  549.530727][T14937] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xffade8b4, utbl_chksum : 0xe619d30d)
[  549.891143][T14952] loop4: detected capacity change from 0 to 8
[  550.483173][ T6687] usb 5-1: new full-speed USB device number 27 using dummy_hcd
[  550.675068][ T6687] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[  550.714117][ T6687] usb 5-1: config 0 has no interface number 0
[  550.720555][ T6687] usb 5-1: config 0 interface 2 altsetting 2 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  550.780018][ T6687] usb 5-1: config 0 interface 2 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  550.803918][ T6687] usb 5-1: config 0 interface 2 altsetting 2 endpoint 0x82 has invalid maxpacket 192, setting to 64
[  550.824984][ T6687] usb 5-1: config 0 interface 2 has no altsetting 0
[  550.841696][ T6687] usb 5-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f7.3f
[  550.851805][ T6687] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  550.860763][ T6687] usb 5-1: Product: syz
[  550.865499][ T6687] usb 5-1: Manufacturer: syz
[  550.870237][ T6687] usb 5-1: SerialNumber: syz
[  550.886246][ T6687] usb 5-1: config 0 descriptor??
[  550.891992][T14960] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  550.902736][T14960] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  551.424185][ T4319] usb 5-1: USB disconnect, device number 27
[  551.542736][ T6687] usb 2-1: new full-speed USB device number 31 using dummy_hcd
[  551.591140][T14989] device bridge0 entered promiscuous mode
[  551.597982][T14989] device macsec1 entered promiscuous mode
[  551.607258][T14989] bridge0: port 3(macsec1) entered blocking state
[  551.614678][T14989] bridge0: port 3(macsec1) entered disabled state
[  551.628596][T14989] device bridge0 left promiscuous mode
[  551.734409][ T6687] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  551.746782][ T6687] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  551.782616][ T6687] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  551.812167][ T6687] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  551.843989][ T6687] usb 2-1: config 0 descriptor??
[  552.271653][ T6687] isku 0003:1E7D:319C.001B: collection stack underflow
[  552.287608][ T6687] isku 0003:1E7D:319C.001B: item 0 4 0 12 parsing failed
[  552.297302][ T6687] isku 0003:1E7D:319C.001B: parse failed
[  552.308282][ T6687] isku: probe of 0003:1E7D:319C.001B failed with error -22
[  552.472215][ T4406] usb 2-1: USB disconnect, device number 31
[  552.943830][T15013] loop6: detected capacity change from 0 to 512
[  553.041409][T15013] EXT4-fs error (device loop6): ext4_orphan_get:1410: comm syz.6.3997: couldn't read orphan inode 26 (err -116)
[  553.070104][T15013] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  553.079819][T15013] ext4 filesystem being mounted at /149/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  553.111704][T15013] EXT4-fs error (device loop6): ext4_do_update_inode:5279: inode #3: comm syz.6.3997: corrupted inode contents
[  553.139273][T15013] EXT4-fs error (device loop6): ext4_dirty_inode:6156: inode #3: comm syz.6.3997: mark_inode_dirty error
[  553.234050][T15013] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.3997: bg 0: block 64: padding at end of block bitmap is not set
[  553.282096][T15013] Quota error (device loop6): write_blk: dquota write failed
[  553.292697][T15013] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  553.338274][T15019] Quota error (device loop6): do_check_range: Getting block 59136 out of range 0-3
[  553.356992][T15013] EXT4-fs error (device loop6): ext4_acquire_dquot:6841: comm syz.6.3997: Failed to acquire dquot type 0
[  553.468256][T12758] EXT4-fs (loop6): unmounting filesystem.
[  553.816669][T15037] loop6: detected capacity change from 0 to 64
[  554.115272][T15048] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4012'.
[  555.407986][T15059] loop6: detected capacity change from 0 to 32768
[  555.580035][T15059] JBD2: Ignoring recovery information on journal
[  555.760247][T15059] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  556.106810][T12758] ocfs2: Unmounting device (7,6) on (node local)
[  556.232065][T15088] device batadv0 entered promiscuous mode
[  556.289285][T15088] device batadv0 left promiscuous mode
[  556.959593][T15108] netlink: 'syz.4.4038': attribute type 29 has an invalid length.
[  556.971568][T15106] loop7: detected capacity change from 0 to 4096
[  557.041243][T15108] netlink: 'syz.4.4038': attribute type 29 has an invalid length.
[  557.074441][T15117] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  557.159042][T15115] netlink: 'syz.4.4038': attribute type 29 has an invalid length.
[  557.410228][T15127] loop4: detected capacity change from 0 to 64
[  557.461780][T15127] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended.  mounting read-only.
[  557.482708][T15127] hfs: filesystem is marked locked, mounting read-only.
[  557.519839][T15129] device batadv0 entered promiscuous mode
[  557.609059][T15136] loop7: detected capacity change from 0 to 256
[  557.649467][T15129] device batadv0 left promiscuous mode
[  558.235668][T15149] loop7: detected capacity change from 0 to 8192
[  558.332608][ T6687] usb 5-1: new low-speed USB device number 28 using dummy_hcd
[  558.524861][ T6687] usb 5-1: config index 0 descriptor too short (expected 6427, got 27)
[  558.542565][ T6687] usb 5-1: config 0 has an invalid interface number: 21 but max is 0
[  558.550757][ T6687] usb 5-1: config 0 has no interface number 0
[  558.592583][ T6687] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[  558.632599][ T6687] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  558.663132][ T6687] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  558.672364][ T6687] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.721999][ T6687] usb 5-1: config 0 descriptor??
[  559.342549][ T4406] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  559.371752][ T6687] usb 5-1: USB disconnect, device number 28
[  559.562648][ T4406] usb 7-1: Using ep0 maxpacket: 32
[  559.571982][ T4406] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  559.591208][ T4406] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  559.606579][ T4406] usb 7-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  559.623227][ T4406] usb 7-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  559.631912][ T4406] usb 7-1: Product: syz
[  559.636684][ T4406] usb 7-1: Manufacturer: syz
[  559.648167][ T4406] hub 7-1:4.0: USB hub found
[  559.693440][T15177] device netdevsim0 entered promiscuous mode
[  559.699686][T15177] IPv6: ADDRCONF(NETDEV_CHANGE): netdevsim0: link becomes ready
[  559.715628][T15177] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  559.862907][ T4406] hub 7-1:4.0: config failed, hub doesn't have any ports! (err -19)
[  559.995699][T15183] device batadv0 entered promiscuous mode
[  560.001789][T15183] device macsec1 entered promiscuous mode
[  560.016506][T15183] device batadv0 left promiscuous mode
[  560.098251][ T4406] kernel write not supported for file /sequencer (pid: 4406 comm: kworker/1:12)
[  560.193107][   T22] usb 7-1: USB disconnect, device number 7
[  561.215790][T15211] loop6: detected capacity change from 0 to 32768
[  561.363804][T15211] XFS (loop6): Mounting V5 Filesystem
[  561.404875][T15215] loop4: detected capacity change from 0 to 40427
[  561.456199][T15215] F2FS-fs (loop4): invalid crc value
[  561.534896][T15215] F2FS-fs (loop4): Found nat_bits in checkpoint
[  561.537766][T15211] XFS (loop6): Ending clean mount
[  561.575220][T15211] XFS (loop6): Quotacheck needed: Please wait.
[  561.691973][T15215] F2FS-fs (loop4): Start checkpoint disabled!
[  561.710976][T15211] XFS (loop6): Quotacheck: Done.
[  561.769004][T15215] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  561.863708][T12758] XFS (loop6): Unmounting Filesystem
[  562.023607][   T11] kworker/u4:1: attempt to access beyond end of device
[  562.023607][   T11] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  562.702859][T15254] Bluetooth: MGMT ver 1.22
[  563.287265][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  563.294833][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  563.494615][T15276] loop7: detected capacity change from 0 to 256
[  563.508501][T15276] exfat: Deprecated parameter 'namecase'
[  563.508578][T15276] exfat: Deprecated parameter 'utf8'
[  563.530481][   T26] audit: type=1326 audit(1776124104.566:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15277 comm="syz.6.4115" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8cf179c819 code=0x0
[  563.554204][T15276] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xffade8b4, utbl_chksum : 0xe619d30d)
[  564.261761][T15308] ax25_connect(): syz.1.4128 uses autobind, please contact jreuter@yaina.de
[  564.672702][T15324] loop6: detected capacity change from 0 to 512
[  564.988361][T15335] loop4: detected capacity change from 0 to 128
[  565.097921][T15337] device ip6gretap0 entered promiscuous mode
[  565.157749][T15337] device macvtap1 entered promiscuous mode
[  565.206054][T15337] device ip6gretap0 left promiscuous mode
[  565.390025][T15347] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4147'.
[  565.418219][T15347] device vlan2 entered promiscuous mode
[  565.434296][T15347] device bridge0 entered promiscuous mode
[  565.473621][T15349] netlink: 'syz.1.4148': attribute type 4 has an invalid length.
[  565.484897][ T6687] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  565.512122][T15349] netlink: 17 bytes leftover after parsing attributes in process `syz.1.4148'.
[  565.687297][ T6687] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[  565.702588][ T6687] usb 7-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  565.732631][ T6687] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  565.732662][ T6687] usb 7-1: config 220 has no interface number 2
[  565.732723][ T6687] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  565.732753][ T6687] usb 7-1: config 220 interface 0 has no altsetting 0
[  565.732773][ T6687] usb 7-1: config 220 interface 76 has no altsetting 0
[  565.732794][ T6687] usb 7-1: config 220 interface 1 has no altsetting 0
[  565.735232][ T6687] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  565.735266][ T6687] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  565.735289][ T6687] usb 7-1: Product: syz
[  565.735305][ T6687] usb 7-1: Manufacturer: syz
[  565.735323][ T6687] usb 7-1: SerialNumber: syz
[  565.967556][ T6687] usb 7-1: selecting invalid altsetting 0
[  565.968174][ T6687] usb 7-1: Found UVC 7.01 device syz (8086:0b07)
[  565.968217][ T6687] usb 7-1: No valid video chain found.
[  566.002037][ T6687] usb 7-1: selecting invalid altsetting 0
[  566.002070][ T6687] usbtest: probe of 7-1:220.1 failed with error -22
[  566.011097][ T6687] usb 7-1: USB disconnect, device number 8
[  566.308536][T15373] loop4: detected capacity change from 0 to 2048
[  566.366988][T15373] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  566.915182][T15393] loop6: detected capacity change from 0 to 2048
[  566.994155][T15393]  loop6: p2 p3 < > p4 < p5 >
[  566.999038][T15393] loop6: partition table partially beyond EOD, truncated
[  567.019407][T15393] loop6: p3 start 4225 is beyond EOD, truncated
[  567.078684][T15393] (syz.6.4169,15393,1):ocfs2_get_sector:1763 ERROR: status = -12
[  567.142642][T15393] (syz.6.4169,15393,1):ocfs2_sb_probe:786 ERROR: status = -12
[  567.192918][T15393] (syz.6.4169,15393,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  567.252678][T15393] (syz.6.4169,15393,1):ocfs2_fill_super:1176 ERROR: status = -12
[  567.562816][T15403] netlink: 'syz.6.4172': attribute type 27 has an invalid length.
[  568.146512][T15423] program syz.7.4182 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  568.400658][T15432] netlink: 104 bytes leftover after parsing attributes in process `syz.6.4184'.
[  568.773316][T15442] loop6: detected capacity change from 0 to 256
[  568.894766][T15442] FAT-fs (loop6): Directory bread(block 64) failed
[  568.901433][T15442] FAT-fs (loop6): Directory bread(block 65) failed
[  568.923845][T15442] FAT-fs (loop6): Directory bread(block 66) failed
[  568.940783][T15442] FAT-fs (loop6): Directory bread(block 67) failed
[  568.948451][T15442] FAT-fs (loop6): Directory bread(block 68) failed
[  568.963049][T15442] FAT-fs (loop6): Directory bread(block 69) failed
[  568.990612][T15442] FAT-fs (loop6): Directory bread(block 70) failed
[  569.004693][T15442] FAT-fs (loop6): Directory bread(block 71) failed
[  569.011389][T15442] FAT-fs (loop6): Directory bread(block 72) failed
[  569.039784][T15446] loop7: detected capacity change from 0 to 4096
[  569.046220][T15442] FAT-fs (loop6): Directory bread(block 73) failed
[  569.127885][T15448] netlink: 'syz.1.4193': attribute type 8 has an invalid length.
[  569.178937][T15449] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  570.122634][T15472] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4204'.
[  571.229747][T15509] loop6: detected capacity change from 0 to 1024
[  571.251021][T15512] loop7: detected capacity change from 0 to 256
[  571.260818][T15512] exfat: Deprecated parameter 'namecase'
[  571.278144][T15512] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  571.498684][T15515] loop4: detected capacity change from 0 to 512
[  571.669823][T15515] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  571.787556][T15515] EXT4-fs (loop4): 1 truncate cleaned up
[  571.812700][T15515] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  572.036272][ T4274] EXT4-fs (loop4): unmounting filesystem.
[  573.079701][T15562] nbd: must specify a device to reconfigure
[  573.390030][T15574] netlink: 'syz.7.4251': attribute type 30 has an invalid length.
[  573.670023][ T4271] Bluetooth: hci4: adv larger than maximum supported
[  573.670111][ T4271] Bluetooth: hci4: Malformed LE Event: 0x0d
[  573.707589][T15550] loop6: detected capacity change from 0 to 32768
[  573.737449][T15586] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4259'.
[  573.834991][T15550] XFS (loop6): DAX unsupported by block device. Turning off DAX.
[  573.847104][T15550] XFS (loop6): Mounting V5 Filesystem
[  573.998140][T15550] XFS (loop6): Ending clean mount
[  574.033670][T15550] XFS (loop6): Quotacheck needed: Please wait.
[  574.199575][T15550] XFS (loop6): Quotacheck: Done.
[  574.398041][T12758] XFS (loop6): Unmounting Filesystem
[  574.634281][T15613] loop4: detected capacity change from 0 to 164
[  575.407692][T15611] loop7: detected capacity change from 0 to 32768
[  575.882071][T15641] loop6: detected capacity change from 0 to 256
[  575.898464][T15639] device vlan3 entered promiscuous mode
[  575.913690][T15641] exfat: Deprecated parameter 'namecase'
[  575.919604][T15639] device macvlan0 entered promiscuous mode
[  575.929788][T15641] exfat: Deprecated parameter 'namecase'
[  575.943463][T15641] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  576.003334][   T22] usb 5-1: new full-speed USB device number 29 using dummy_hcd
[  576.040455][T15641] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  576.212682][   T22] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  576.243483][   T22] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  576.273520][   T22] usb 5-1: New USB device found, idVendor=056e, idProduct=011c, bcdDevice= 0.00
[  576.322626][   T22] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  576.355333][   T22] usb 5-1: config 0 descriptor??
[  576.392581][T15635] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  576.844859][   T22] elecom 0003:056E:011C.001C: unknown global tag 0xe
[  576.861633][   T22] elecom 0003:056E:011C.001C: item 0 2 1 14 parsing failed
[  576.891654][   T22] elecom: probe of 0003:056E:011C.001C failed with error -22
[  577.056835][   T22] usb 5-1: USB disconnect, device number 29
[  577.379970][T15672] loop7: detected capacity change from 0 to 512
[  577.427215][T15672] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  577.493682][T15672] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  577.563412][T15672] ext4 filesystem being mounted at /126/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  577.731373][T15680] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4298'.
[  577.871991][T13712] EXT4-fs (loop7): unmounting filesystem.
[  578.082767][   T22] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  578.129194][T15695] netlink: 'syz.4.4305': attribute type 1 has an invalid length.
[  578.304755][   T22] usb 7-1: Using ep0 maxpacket: 16
[  578.314845][   T22] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  578.350892][   T22] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  578.372387][   T22] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  578.433253][   T22] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  578.441342][   T22] usb 7-1: Product: syz
[  578.477718][   T22] usb 7-1: Manufacturer: syz
[  578.482409][   T22] usb 7-1: SerialNumber: syz
[  578.728284][   T22] usb 7-1: 0:2 : does not exist
[  578.749635][   T22] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[  578.819370][   T22] usb 7-1: USB disconnect, device number 9
[  579.228433][T15723] netlink: 'syz.4.4318': attribute type 4 has an invalid length.
[  579.512286][T15730] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4321'.
[  579.542617][T15730] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4321'.
[  580.057132][T15741] loop6: detected capacity change from 0 to 512
[  580.069901][T15743] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4327'.
[  580.097684][T15741] EXT4-fs: inline encryption not supported
[  580.181607][T15745] loop4: detected capacity change from 0 to 2048
[  580.193460][T15741] EXT4-fs error (device loop6): ext4_orphan_get:1431: comm syz.6.4336: bad orphan inode 15
[  580.257532][T15741] ext4_test_bit(bit=14, block=5) = 0
[  580.313127][T15741] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  580.338906][T15745]  loop4: p2 p3 < > p4 < p5 >
[  580.347198][T15745] loop4: partition table partially beyond EOD, truncated
[  580.388983][T15745] loop4: p3 start 4225 is beyond EOD, truncated
[  580.401497][T15741] EXT4-fs error (device loop6): __ext4_new_inode:1081: comm syz.6.4336: reserved inode found cleared - inode=1
[  580.503503][T15755] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1126: group 0, block bitmap and bg descriptor inconsistent: 7987 vs 220 free clusters
[  580.603281][T15755] EXT4-fs error (device loop6) in ext4_free_inode:362: Corrupt filesystem
[  580.722829][ T4271] Bluetooth: hci1: command 0x0406 tx timeout
[  580.779264][T13765] udevd[13765]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  580.807499][T14839] udevd[14839]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory
[  580.809133][T13698] udevd[13698]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  580.887421][T12758] EXT4-fs (loop6): unmounting filesystem.
[  581.336594][ T6804] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  581.517998][T15776] loop4: detected capacity change from 0 to 4096
[  581.523322][ T6804] usb 7-1: Using ep0 maxpacket: 32
[  581.532279][ T6804] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  581.557020][T15776] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  581.567035][ T6804] usb 7-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  581.651679][T15776] ntfs: (device loop4): ntfs_read_locked_inode(): Corrupt standard information attribute in inode.
[  581.662553][ T6804] usb 7-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  581.662590][ T6804] usb 7-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  581.662621][ T6804] usb 7-1: config 0 interface 0 has no altsetting 0
[  581.662661][ T6804] usb 7-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  581.662687][ T6804] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.697367][ T6804] usb 7-1: config 0 descriptor??
[  581.717715][T15780] netlink: 'syz.1.4343': attribute type 3 has an invalid length.
[  581.902751][T15776] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  581.972550][T15776] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  582.036947][T15776] ntfs: volume version 3.1.
[  582.147462][ T6804] corsair-psu 0003:1B1C:1C09.001D: item fetching failed at offset 0/5
[  582.184150][ T6804] corsair-psu: probe of 0003:1B1C:1C09.001D failed with error -22
[  582.349879][   T22] usb 7-1: USB disconnect, device number 10
[  582.360167][    T9] ntfs: (device loop4): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry.
[  582.392917][ T4274] ntfs: (device loop4): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  583.275118][T15812] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4358'.
[  584.363389][T15833] loop6: detected capacity change from 0 to 8192
[  584.397020][T15833] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  584.421044][T15833] REISERFS (device loop6): found reiserfs format "3.5" with non-standard journal
[  584.430548][T15833] REISERFS (device loop6): using ordered data mode
[  584.437622][T15833] reiserfs: using flush barriers
[  584.447303][T15833] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  584.464318][T15833] REISERFS (device loop6): checking transaction log (loop6)
[  584.473536][T15833] REISERFS (device loop6): Using r5 hash to sort names
[  584.653847][ T6687] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  584.848714][ T6687] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  584.864749][T15834] loop4: detected capacity change from 0 to 40427
[  584.875591][ T6687] usb 2-1: config 0 has no interface number 0
[  584.881781][ T6687] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  584.900595][ T6687] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  584.912147][ T6687] usb 2-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  584.943367][T15834] F2FS-fs (loop4): invalid crc value
[  584.951107][ T6687] usb 2-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[  584.970047][ T6687] usb 2-1: New USB device strings: Mfr=0, Product=64, SerialNumber=0
[  584.979047][ T6687] usb 2-1: Product: syz
[  584.993907][T15834] F2FS-fs (loop4): Found nat_bits in checkpoint
[  585.008527][ T6687] usb 2-1: config 0 descriptor??
[  585.152651][T15834] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  585.227249][ T4274] syz-executor: attempt to access beyond end of device
[  585.227249][ T4274] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  585.450416][ T6687] chicony 0003:04F2:1421.001E: ignoring exceeding usage max
[  585.476427][ T6687] chicony 0003:04F2:1421.001E: collection stack underflow
[  585.513561][ T6687] chicony 0003:04F2:1421.001E: item 0 0 0 12 parsing failed
[  585.521876][ T6687] chicony 0003:04F2:1421.001E: Chicony hid parse failed: -22
[  585.542729][ T6687] chicony: probe of 0003:04F2:1421.001E failed with error -22
[  585.662817][ T6687] usb 2-1: USB disconnect, device number 32
[  586.734816][T15897] loop4: detected capacity change from 0 to 512
[  586.789105][T15897] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  586.849503][T15901] loop7: detected capacity change from 0 to 256
[  586.941222][T15897] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3861: comm syz.4.4395: Allocating blocks 41-42 which overlap fs metadata
[  587.009556][T15897] Quota error (device loop4): write_blk: dquota write failed
[  587.053852][T15897] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5
[  587.098349][T15897] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3861: comm syz.4.4395: Allocating blocks 41-42 which overlap fs metadata
[  587.170461][T15897] Quota error (device loop4): write_blk: dquota write failed
[  587.190666][T15897] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  587.221973][T15897] EXT4-fs error (device loop4): ext4_acquire_dquot:6841: comm syz.4.4395: Failed to acquire dquot type 1
[  587.261591][T15897] EXT4-fs error (device loop4): mb_free_blocks:1839: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  587.336175][T15897] EXT4-fs error (device loop4): ext4_do_update_inode:5279: inode #12: comm syz.4.4395: corrupted inode contents
[  587.393040][T15897] EXT4-fs error (device loop4): ext4_dirty_inode:6156: inode #12: comm syz.4.4395: mark_inode_dirty error
[  587.426716][T15897] EXT4-fs error (device loop4): ext4_do_update_inode:5279: inode #12: comm syz.4.4395: corrupted inode contents
[  587.442833][T15897] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #12: comm syz.4.4395: mark_inode_dirty error
[  587.464043][T15897] EXT4-fs error (device loop4): ext4_do_update_inode:5279: inode #12: comm syz.4.4395: corrupted inode contents
[  587.499912][T15897] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  587.517831][T15897] EXT4-fs error (device loop4): ext4_do_update_inode:5279: inode #12: comm syz.4.4395: corrupted inode contents
[  587.547632][T15897] EXT4-fs error (device loop4): ext4_truncate:4325: inode #12: comm syz.4.4395: mark_inode_dirty error
[  587.573635][T15897] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  587.593755][T15897] EXT4-fs (loop4): 1 truncate cleaned up
[  587.599653][T15897] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  587.797770][ T4274] EXT4-fs (loop4): unmounting filesystem.
[  588.043567][T15935] loop6: detected capacity change from 0 to 2048
[  588.100953][T15935] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  588.192924][T15935] syz.6.4412: attempt to access beyond end of device
[  588.192924][T15935] loop6: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  588.207625][T15941] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  588.634201][T15931] loop7: detected capacity change from 0 to 32768
[  588.685465][T15931] JBD2: Ignoring recovery information on journal
[  588.850913][T15931] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  588.972680][T15931] (syz.7.4410,15931,1):ocfs2_get_suballoc_slot_bit:2726 ERROR: invalid inode 212 requested
[  589.022859][T15931] (syz.7.4410,15931,1):ocfs2_get_suballoc_slot_bit:2751 ERROR: status = -22
[  589.031915][T15931] (syz.7.4410,15931,1):ocfs2_test_inode_bit:2833 ERROR: get alloc slot and bit failed -22
[  589.122898][T15931] (syz.7.4410,15931,1):ocfs2_test_inode_bit:2874 ERROR: status = -22
[  589.316586][T13712] ocfs2: Unmounting device (7,7) on (node local)
[  589.333469][T15962] loop4: detected capacity change from 0 to 2048
[  589.431874][T15962] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  589.740323][T15970] device bridge0 entered promiscuous mode
[  589.768756][T15972] loop4: detected capacity change from 0 to 128
[  589.822347][T15970] device macsec1 entered promiscuous mode
[  589.850970][T15970] bridge0: port 3(macsec1) entered blocking state
[  589.890315][T15970] bridge0: port 3(macsec1) entered disabled state
[  589.915963][T15970] device bridge0 left promiscuous mode
[  590.515972][T15990] loop7: detected capacity change from 0 to 4096
[  590.585625][T15997] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  591.060518][T16011] loop6: detected capacity change from 0 to 1024
[  591.268423][T16007] loop7: detected capacity change from 0 to 8192
[  591.328577][T16015] netlink: 336 bytes leftover after parsing attributes in process `syz.4.4447'.
[  591.341465][T16015] netlink: 156 bytes leftover after parsing attributes in process `syz.4.4447'.
[  591.394397][T16017] loop6: detected capacity change from 0 to 256
[  591.432633][ T4406] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  591.642888][ T4406] usb 2-1: Using ep0 maxpacket: 16
[  591.650375][ T4406] usb 2-1: config index 0 descriptor too short (expected 51443, got 18)
[  591.702253][ T4406] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  591.742164][ T4406] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  591.777700][ T4406] usb 2-1: Product: syz
[  591.782059][ T4406] usb 2-1: Manufacturer: syz
[  591.792103][ T4406] usb 2-1: SerialNumber: syz
[  591.798973][ T4406] r8152-cfgselector 2-1: config 0 descriptor??
[  591.996137][T16030] loop4: detected capacity change from 0 to 24
[  592.016041][ T4406] r8152-cfgselector 2-1: Unknown version 0x0000
[  592.023091][T16030] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  592.044957][ T4406] usbip-host 2-1: 2-1 is not in match_busid table... skip!
[  592.085655][T16030] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  592.244349][ T6687] usb 2-1: USB disconnect, device number 33
[  592.347556][   T26] audit: type=1326 audit(1776124133.386:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16035 comm="syz.6.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  592.401542][   T26] audit: type=1326 audit(1776124133.426:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16035 comm="syz.6.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  592.445949][   T26] audit: type=1326 audit(1776124133.426:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16035 comm="syz.6.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  592.469359][   T26] audit: type=1326 audit(1776124133.426:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16035 comm="syz.6.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  592.503604][T16040] loop4: detected capacity change from 0 to 4096
[  592.533928][   T26] audit: type=1326 audit(1776124133.426:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16035 comm="syz.6.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  592.592746][T16042] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  592.651715][   T26] audit: type=1326 audit(1776124133.506:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16035 comm="syz.6.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  592.690804][   T26] audit: type=1326 audit(1776124133.506:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16035 comm="syz.6.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cf179c819 code=0x7ffc0000
[  592.767339][T16040] NILFS error (device loop4): nilfs_check_page: bad entry in directory #12: unaligned directory entry - offset=56, inode=14, rec_len=42001, name_len=5
[  592.835054][T16040] Remounting filesystem read-only
[  592.919614][ T4274] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  594.281925][T16107] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0
[  594.553802][T16118] loop4: detected capacity change from 0 to 512
[  594.628546][T16118] EXT4-fs: Ignoring removed mblk_io_submit option
[  594.715560][T16118] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  594.738199][T16118] ext4 filesystem being mounted at /848/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  594.998914][ T4274] EXT4-fs (loop4): unmounting filesystem.
[  595.131066][T16139] trusted_key: encrypted_key: insufficient parameters specified
[  595.215155][T16141] vivid-002: disconnect
[  595.236156][T16140] vivid-002: reconnect
[  595.396903][T16147] loop6: detected capacity change from 0 to 256
[  595.494245][T16147] FAT-fs (loop6): Directory bread(block 64) failed
[  595.501015][T16147] FAT-fs (loop6): Directory bread(block 65) failed
[  595.524386][T16147] FAT-fs (loop6): Directory bread(block 66) failed
[  595.541371][T16147] FAT-fs (loop6): Directory bread(block 67) failed
[  595.551604][T16147] FAT-fs (loop6): Directory bread(block 68) failed
[  595.570627][T16147] FAT-fs (loop6): Directory bread(block 69) failed
[  595.578076][T16147] FAT-fs (loop6): Directory bread(block 70) failed
[  595.585406][T16147] FAT-fs (loop6): Directory bread(block 71) failed
[  595.592202][T16147] FAT-fs (loop6): Directory bread(block 72) failed
[  595.600088][T16147] FAT-fs (loop6): Directory bread(block 73) failed
[  595.923452][   T26] audit: type=1326 audit(1776124136.966:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16160 comm="syz.1.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e66f9c819 code=0x7ffc0000
[  595.986496][   T26] audit: type=1326 audit(1776124137.006:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16160 comm="syz.1.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e66f9c819 code=0x7ffc0000
[  596.032708][   T26] audit: type=1326 audit(1776124137.006:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16160 comm="syz.1.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e66f9c819 code=0x7ffc0000
[  596.055136][    C0] vkms_vblank_simulate: vblank timer overrun
[  596.661529][T16185] loop7: detected capacity change from 0 to 256
[  596.983900][T16193] netlink: 'syz.1.4528': attribute type 1 has an invalid length.
[  597.033981][T16193] netlink: 120 bytes leftover after parsing attributes in process `syz.1.4528'.
[  597.385880][T16205] IPVS: ip_vs_add_dest(): server weight less than zero
[  597.410154][T16206] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4534'.
[  597.908005][T16197] loop7: detected capacity change from 0 to 32768
[  597.934913][T16219] loop4: detected capacity change from 0 to 164
[  598.001842][T16219] Unsupported NM flag settings (240)
[  598.062677][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  598.062692][   T26] audit: type=1326 audit(1776124139.096:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16226 comm="syz.0.4542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ff00000
[  598.165747][T16197] XFS (loop7): DAX unsupported by block device. Turning off DAX.
[  598.201008][ T4274] Unsupported NM flag settings (240)
[  598.208580][ T4274] Unsupported NM flag settings (240)
[  598.214909][ T4274] Unsupported NM flag settings (240)
[  598.226543][ T4274] Unsupported NM flag settings (240)
[  598.232392][ T4274] Unsupported NM flag settings (240)
[  598.238496][ T4274] Unsupported NM flag settings (240)
[  598.244179][T16197] XFS (loop7): Mounting V5 Filesystem
[  598.255504][   T26] audit: type=1326 audit(1776124139.096:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16226 comm="syz.0.4542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ff00000
[  598.397034][T16197] XFS (loop7): Ending clean mount
[  598.444060][T16197] XFS (loop7): Quotacheck needed: Please wait.
[  598.472247][   T26] audit: type=1326 audit(1776124139.096:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16226 comm="syz.0.4542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ff00000
[  598.542620][   T26] audit: type=1326 audit(1776124139.096:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16226 comm="syz.0.4542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ff00000
[  598.565775][T16197] XFS (loop7): Quotacheck: Done.
[  598.648982][   T26] audit: type=1326 audit(1776124139.096:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16226 comm="syz.0.4542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ff00000
[  598.671557][    C0] vkms_vblank_simulate: vblank timer overrun
[  598.712696][T13712] XFS (loop7): Unmounting Filesystem
[  598.749800][   T26] audit: type=1326 audit(1776124139.096:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16226 comm="syz.0.4542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ff00000
[  598.772275][    C0] vkms_vblank_simulate: vblank timer overrun
[  598.830641][   T26] audit: type=1326 audit(1776124139.096:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16226 comm="syz.0.4542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ff00000
[  598.870524][   T26] audit: type=1326 audit(1776124139.096:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16226 comm="syz.0.4542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ff00000
[  598.906642][   T26] audit: type=1326 audit(1776124139.096:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16226 comm="syz.0.4542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ff00000
[  598.967770][   T26] audit: type=1326 audit(1776124139.096:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16226 comm="syz.0.4542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e619c819 code=0x7ff00000
[  599.188027][T16243] device ipvlan3 entered promiscuous mode
[  599.212009][T16237] loop4: detected capacity change from 0 to 32768
[  599.234020][T16243] 8021q: adding VLAN 0 to HW filter on device ipvlan3
[  599.334318][T16237] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  599.369541][T16237] XFS (loop4): Mounting V5 Filesystem
[  599.465840][T16221] loop6: detected capacity change from 0 to 32768
[  599.576446][T16237] XFS (loop4): Ending clean mount
[  599.648544][T16221] XFS (loop6): Mounting V5 Filesystem
[  599.801206][T16221] XFS (loop6): Ending clean mount
[  599.873382][ T4274] XFS (loop4): Unmounting Filesystem
[  599.927724][T16221] XFS (loop6): Quotacheck needed: Please wait.
[  600.189904][T16221] XFS (loop6): Quotacheck: Done.
[  600.360909][T16274] device ip6gretap0 entered promiscuous mode
[  600.389804][T16274] device macvtap1 entered promiscuous mode
[  600.397507][T12758] XFS (loop6): Unmounting Filesystem
[  600.423479][T16274] device ip6gretap0 left promiscuous mode
[  600.510426][T16276] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  600.581453][T16276] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  600.662580][T16276] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  600.669323][T16276] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  600.730196][T16276] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  600.769668][T16276] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffa,4)
[  600.793355][T16276] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  600.861293][ T5428] kernel write not supported for file /uinput (pid: 5428 comm: kworker/0:14)
[  600.909492][T16285] loop7: detected capacity change from 0 to 64
[  601.726314][T16307] loop6: detected capacity change from 0 to 8192
[  601.772088][T16307] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  601.785568][ T4406] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  601.793551][T16307] REISERFS (device loop6): found reiserfs format "3.5" with non-standard journal
[  601.804103][T16307] REISERFS (device loop6): using ordered data mode
[  601.810774][T16307] reiserfs: using flush barriers
[  601.817407][T16307] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  601.834075][T16307] REISERFS (device loop6): checking transaction log (loop6)
[  601.851219][T16307] REISERFS (device loop6): Using r5 hash to sort names
[  601.860741][T16307] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage.
[  601.929114][T16315] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  601.986683][ T4406] usb 2-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  602.002994][ T4406] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  602.032505][ T4406] usb 2-1: Product: syz
[  602.042812][ T4406] usb 2-1: Manufacturer: syz
[  602.047670][ T4406] usb 2-1: SerialNumber: syz
[  602.102167][ T4406] usb 2-1: config 0 descriptor??
[  602.143818][ T4406] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  602.202332][ T4406] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  602.229550][ T4406] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0))
[  602.272616][ T4406] usb 2-1: media controller created
[  602.320159][T16302] dvb-usb: bulk message failed: -22 (7/0)
[  602.346941][ T4406] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  602.645647][ T4406] DVB: Unable to find symbol mt352_attach()
[  602.896415][T16311] loop4: detected capacity change from 0 to 40427
[  602.906857][ T4406] DVB: Unable to find symbol nxt6000_attach()
[  602.916532][ T4406] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)'
[  602.941263][T16311] F2FS-fs (loop4): Unrecognized mount option "whint_mode=user-based" or missing value
[  602.973120][ T4406] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input29
[  603.023784][ T4406] dvb-usb: schedule remote query interval to 1000 msecs.
[  603.030924][ T4406] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected.
[  603.063175][ T4406] dvb-usb: bulk message failed: -22 (7/0)
[  603.069038][ T4406] dvb-usb: bulk message failed: -22 (7/0)
[  603.112889][   T27] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  603.122188][ T4406] usb 2-1: USB disconnect, device number 34
[  603.125633][T16328] loop7: detected capacity change from 0 to 2048
[  603.227312][T16328] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024)
[  603.245063][ T4406] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected.
[  603.312578][   T27] usb 7-1: Using ep0 maxpacket: 16
[  603.318170][T16331] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  603.331817][   T27] usb 7-1: config 0 has an invalid interface number: 34 but max is 0
[  603.392599][   T27] usb 7-1: config 0 has no interface number 0
[  603.398909][   T27] usb 7-1: config 0 interface 34 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1023
[  603.441728][   T27] usb 7-1: config 0 interface 34 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80
[  603.444354][   T27] usb 7-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73
[  603.444391][   T27] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.444416][   T27] usb 7-1: Product: syz
[  603.444433][   T27] usb 7-1: Manufacturer: syz
[  603.444450][   T27] usb 7-1: SerialNumber: syz
[  603.453814][   T27] usb 7-1: config 0 descriptor??
[  603.454612][T16326] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  603.454742][T16326] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  603.661110][T16326] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  603.661252][T16326] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  603.865653][   T27] asix 7-1:0.34 (unnamed net_device) (uninitialized): invalid hw address, using random
[  604.000300][T16342] loop7: detected capacity change from 0 to 1024
[  604.066009][   T27] asix 7-1:0.34 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  604.096862][   T27] asix 7-1:0.34 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  604.109612][T16342] hfsplus: bad catalog entry type
[  604.136210][   T27] asix: probe of 7-1:0.34 failed with error -71
[  604.193108][   T27] usb 7-1: USB disconnect, device number 11
[  604.249012][   T41] hfsplus: b-tree write err: -5, ino 25
[  604.255561][   T41] hfsplus: b-tree write err: -5, ino 4
[  604.261185][   T41] hfsplus: b-tree write err: -5, ino 2
[  604.320681][T16350] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4587'.
[  605.208387][T16375] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4598'.
[  605.497884][T16385] loop7: detected capacity change from 0 to 512
[  605.638330][T16397] rtc_cmos 00:00: Alarms can be up to one day in the future
[  605.700640][T16385] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  605.829390][T16385] EXT4-fs (loop7): unmounting filesystem.
[  606.378316][T16421] loop6: detected capacity change from 0 to 2048
[  606.441165][T16423] block nbd1: not configured, cannot reconfigure
[  606.465991][T16421] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  606.503699][T16424] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  606.602245][T16426] loop7: detected capacity change from 0 to 2048
[  606.678644][T16426] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  606.703423][T16426] ext4 filesystem being mounted at /181/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  606.805166][T16435] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4624'.
[  606.853702][T16426] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.4621: bg 0: block 345: padding at end of block bitmap is not set
[  606.938441][T16426] EXT4-fs (loop7): Remounting filesystem read-only
[  607.102784][T13712] EXT4-fs (loop7): unmounting filesystem.
[  607.230514][T16447] netlink: 5 bytes leftover after parsing attributes in process `syz.4.4631'.
[  607.666026][T16467] loop7: detected capacity change from 0 to 164
[  607.708290][T16467] Unsupported NM flag settings (240)
[  607.818624][T13712] Unsupported NM flag settings (240)
[  607.825327][T13712] Unsupported NM flag settings (240)
[  607.845353][T13712] Unsupported NM flag settings (240)
[  607.864429][T13712] Unsupported NM flag settings (240)
[  607.878204][T13712] Unsupported NM flag settings (240)
[  607.890968][T13712] Unsupported NM flag settings (240)
[  608.096376][T16477] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4644'.
[  608.787906][T16488] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (48421)
[  608.804989][T16481] loop6: detected capacity change from 0 to 32768
[  608.825790][T16488] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023
[  608.862286][T16481] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 9
[  609.207538][T13698] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 9
[  609.499728][T16512] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4660'.
[  610.567275][T16538] loop7: detected capacity change from 0 to 1024
[  610.597402][T16536] loop4: detected capacity change from 0 to 4096
[  610.621656][T16536] __ntfs_error: 63 callbacks suppressed
[  610.621673][T16536] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 0) do not match.  Run ntfsfix or chkdsk.
[  610.657458][T16536] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  610.673552][T16536] ntfs: (device loop4): ntfs_read_locked_inode(): Inode is not in use!
[  610.681890][T16536] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  610.704006][T16536] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  610.758350][T16536] ntfs: (device loop4): load_and_init_attrdef(): Failed to initialize attribute definition table.
[  610.798882][T16536] ntfs: (device loop4): ntfs_fill_super(): Failed to load system files.
[  610.808856][   T47] hfsplus: b-tree write err: -5, ino 25
[  610.835330][   T47] hfsplus: b-tree write err: -5, ino 4
[  610.840973][   T47] hfsplus: b-tree write err: -5, ino 2
[  611.201268][T16554] netlink: 5364 bytes leftover after parsing attributes in process `syz.0.4680'.
[  611.248215][T16556] bridge0: port 3(bond0) entered blocking state
[  611.271422][T16556] bridge0: port 3(bond0) entered disabled state
[  611.290359][T16556] device bond0 entered promiscuous mode
[  611.305768][T16556] device bond_slave_0 entered promiscuous mode
[  611.331126][T16556] device bond_slave_1 entered promiscuous mode
[  611.348957][T16556] bridge0: port 3(bond0) entered blocking state
[  611.349458][T16552] loop4: detected capacity change from 0 to 4096
[  611.356589][T16556] bridge0: port 3(bond0) entered forwarding state
[  611.363036][   T22] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  611.456468][T16552] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  611.532094][T16552] ntfs3: loop4: Failed to load $Extend.
[  611.585450][   T22] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  611.624851][   T22] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  611.670741][   T22] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  611.692833][   T22] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  611.721397][   T22] usb 7-1: SerialNumber: syz
[  611.961524][   T22] usb 7-1: 0:2 : does not exist
[  612.022093][   T22] usb 7-1: USB disconnect, device number 12
[  612.270240][T13698] udevd[13698]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  612.740540][T16600] netlink: 480 bytes leftover after parsing attributes in process `syz.6.4703'.
[  613.322591][   T22] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  613.542845][   T22] usb 7-1: Using ep0 maxpacket: 16
[  613.550665][   T22] usb 7-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  613.574440][   T22] usb 7-1: config 0 interface 0 altsetting 64 endpoint 0x81 has invalid wMaxPacketSize 0
[  613.591278][   T22] usb 7-1: config 0 interface 0 has no altsetting 0
[  613.600070][   T22] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  613.621417][   T22] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  613.652869][   T22] usb 7-1: config 0 descriptor??
[  614.007356][T16644] loop7: detected capacity change from 0 to 512
[  614.064374][T16644] EXT4-fs (loop7): Test dummy encryption mode enabled
[  614.080994][   T22] mcp2221 0003:04D8:00DD.001F: item fetching failed at offset 4/5
[  614.097644][   T22] mcp2221 0003:04D8:00DD.001F: can't parse reports
[  614.126031][   T22] mcp2221: probe of 0003:04D8:00DD.001F failed with error -22
[  614.153220][T16644] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  614.267113][T13712] EXT4-fs (loop7): unmounting filesystem.
[  614.277241][   T27] usb 7-1: USB disconnect, device number 13
[  614.623666][T16665] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  614.637982][T16669] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4728'.
[  615.390039][T16688] can0: slcan on ptm0.
[  615.503436][T16686] can0 (unregistered): slcan off ptm0.
[  616.163410][T16716] loop7: detected capacity change from 0 to 128
[  616.747482][T16729] loop4: detected capacity change from 0 to 4096
[  616.802576][T16729] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  616.815925][T16739] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  617.158762][T16746] loop7: detected capacity change from 0 to 512
[  617.283890][T16746] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  617.316071][T16752] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4760'.
[  617.404299][T16746] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a000c028, mo2=0002]
[  617.443337][T16746] System zones: 1-12
[  617.504209][T16746] EXT4-fs (loop7): 1 truncate cleaned up
[  617.510380][T16746] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  617.776291][T13712] EXT4-fs (loop7): unmounting filesystem.
[  617.973296][T16773] loop7: detected capacity change from 0 to 4096
[  618.056102][T16773] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024)
[  618.070018][T16773] NILFS (loop7): mounting unchecked fs
[  618.141015][T16773] NILFS (loop7): recovery complete
[  618.166563][T16780] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  618.371103][T16782] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4771'.
[  618.441529][T16784] overlayfs: failed to resolve './file0': -2
[  618.706959][T16797] netlink: 260 bytes leftover after parsing attributes in process `syz.7.4778'.
[  618.722064][T16797] netlink: 260 bytes leftover after parsing attributes in process `syz.7.4778'.
[  618.731837][T16797] netlink: 260 bytes leftover after parsing attributes in process `syz.7.4778'.
[  619.473952][T16827] loop4: detected capacity change from 0 to 128
[  619.498812][T16827] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0003]
[  619.507488][T16827] System zones: 1-3, 19-19, 35-36
[  619.514690][T16827] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  619.525405][T16827] ext4 filesystem being mounted at /904/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  619.543756][T16827] EXT4-fs warning (device loop4): verify_group_input:151: Cannot add at group 129 (only 1 groups)
[  619.591375][ T4274] EXT4-fs (loop4): unmounting filesystem.
[  619.895978][T16834] loop4: detected capacity change from 0 to 4096
[  619.935737][T16834] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512)
[  619.965242][T16812] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  619.981444][T16812] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  620.127316][T16812] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  620.168207][T16812] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  620.188424][T16812] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  620.265029][T16812] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  620.280935][T16812] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  620.309987][T16812] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  620.340371][T16812] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[  620.452594][T16848] program syz.4.4802 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  620.792364][T16858] netlink: 'syz.7.4809': attribute type 16 has an invalid length.
[  620.803089][T16858] netlink: 'syz.7.4809': attribute type 3 has an invalid length.
[  620.810914][T16858] netlink: 64066 bytes leftover after parsing attributes in process `syz.7.4809'.
[  620.829018][T16856] loop4: detected capacity change from 0 to 1024
[  620.858504][T16856] EXT4-fs: Ignoring removed bh option
[  620.936425][T16856] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  620.992388][T16865] loop6: detected capacity change from 0 to 128
[  621.006375][T16856] EXT4-fs error (device loop4): empty_inline_dir:1895: inode #12: block 7: comm syz.4.4806: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  621.051000][T16865] FAT-fs (loop6): Directory bread(block 414) failed
[  621.091224][T16865] FAT-fs (loop6): Directory bread(block 415) failed
[  621.119742][T16856] EXT4-fs (loop4): Remounting filesystem read-only
[  621.127618][T16856] EXT4-fs warning (device loop4): empty_inline_dir:1902: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  621.133940][T16865] FAT-fs (loop6): Directory bread(block 416) failed
[  621.152675][T16865] FAT-fs (loop6): Directory bread(block 417) failed
[  621.159475][T16865] FAT-fs (loop6): Directory bread(block 418) failed
[  621.182575][T16865] FAT-fs (loop6): Directory bread(block 419) failed
[  621.194088][T16865] FAT-fs (loop6): Directory bread(block 420) failed
[  621.227901][T16865] FAT-fs (loop6): Directory bread(block 421) failed
[  621.282618][ T4271] Bluetooth: hci3: command 0x0c1a tx timeout
[  621.286290][T16865] FAT-fs (loop6): Directory bread(block 414) failed
[  621.307723][ T4274] EXT4-fs (loop4): unmounting filesystem.
[  621.313930][T16865] FAT-fs (loop6): Directory bread(block 415) failed
[  621.561347][T16872] loop7: detected capacity change from 0 to 256
[  621.578173][T16872] exfat: Deprecated parameter 'utf8'
[  621.624991][T16872] exfat: Deprecated parameter 'utf8'
[  621.642387][T16872] exfat: Deprecated parameter 'namecase'
[  621.654733][T16872] exfat: Deprecated parameter 'namecase'
[  621.702051][T16872] exFAT-fs (loop7): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[  621.933036][T16878] [U] 
[  621.990125][T16881] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not ''
[  622.178479][T16891] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4823'.
[  622.243129][ T4271] Bluetooth: hci1: command 0x0c1a tx timeout
[  622.272148][T16896] loop7: detected capacity change from 0 to 512
[  622.322766][ T4271] Bluetooth: hci4: command 0x0c1a tx timeout
[  622.468120][T16896] EXT4-fs error (device loop7): ext4_orphan_get:1410: comm syz.7.4824: couldn't read orphan inode 26 (err -116)
[  622.480939][T16896] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  622.518639][T16896] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  622.669850][T13712] EXT4-fs (loop7): unmounting filesystem.
[  623.130069][T16932] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4838'.
[  623.362772][ T4271] Bluetooth: hci3: command 0x0406 tx timeout
[  623.370200][ T5428] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  623.567947][ T5428] usb 7-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  623.567984][ T5428] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  623.568008][ T5428] usb 7-1: Product: syz
[  623.568025][ T5428] usb 7-1: Manufacturer: syz
[  623.568042][ T5428] usb 7-1: SerialNumber: syz
[  623.569977][ T5428] usb 7-1: config 0 descriptor??
[  623.573647][ T5428] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  623.586218][ T5428] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  623.592278][ T5428] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0))
[  623.592362][ T5428] usb 7-1: media controller created
[  623.636019][ T5428] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  623.710677][T16947] loop4: detected capacity change from 0 to 2048
[  623.784703][T16930] dvb-usb: bulk message failed: -22 (7/0)
[  623.937370][T16947] Alternate GPT is invalid, using primary GPT.
[  623.981157][T16947]  loop4: p2 p3 p7
[  623.995851][ T5428] DVB: Unable to find symbol mt352_attach()
[  624.031506][T16959] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4847'.
[  624.062071][T16959] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4847'.
[  624.274869][ T5428] DVB: Unable to find symbol nxt6000_attach()
[  624.283413][ T5428] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)'
[  624.322865][ T4271] Bluetooth: hci1: command 0x0406 tx timeout
[  624.350744][ T5428] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.6/usb7/7-1/input/input30
[  624.401637][ T5428] dvb-usb: schedule remote query interval to 1000 msecs.
[  624.409373][ T4271] Bluetooth: hci4: command 0x0406 tx timeout
[  624.425998][ T5428] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected.
[  624.456810][ T5428] dvb-usb: bulk message failed: -22 (7/0)
[  624.475311][ T5428] dvb-usb: bulk message failed: -22 (7/0)
[  624.508550][ T5428] usb 7-1: USB disconnect, device number 14
[  624.551467][T16972] loop6: detected capacity change from 0 to 1024
[  624.604910][T13765] udevd[13765]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  624.617261][T14839] udevd[14839]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[  624.641206][T13698] udevd[13698]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  624.664778][T16972] EXT4-fs: Ignoring removed bh option
[  624.696000][ T5428] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected.
[  624.727516][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  624.733997][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  624.858471][T16972] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  624.886075][T14211] udevd[14211]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[  624.898722][T14839] udevd[14839]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  624.920180][T13698] udevd[13698]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  625.132602][T12758] EXT4-fs (loop6): unmounting filesystem.
[  626.042832][   T27] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  626.232617][   T27] usb 7-1: Using ep0 maxpacket: 16
[  626.239998][   T27] usb 7-1: too many endpoints for config 0 interface 0 altsetting 64: 129, using maximum allowed: 30
[  626.289484][   T27] usb 7-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  626.319739][   T27] usb 7-1: config 0 interface 0 altsetting 64 endpoint 0x81 has invalid wMaxPacketSize 0
[  626.347183][   T27] usb 7-1: config 0 interface 0 altsetting 64 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  626.391444][   T27] usb 7-1: config 0 interface 0 has no altsetting 0
[  626.411805][   T27] usb 7-1: New USB device found, idVendor=046d, idProduct=c52b, bcdDevice= 0.00
[  626.445932][   T27] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  626.475262][   T27] usb 7-1: config 0 descriptor??
[  627.101253][   T27] usb 7-1: USB disconnect, device number 15
[  627.508839][T17055] loop7: detected capacity change from 0 to 256
[  627.537979][T17055] exfat: Deprecated parameter 'namecase'
[  627.551123][T17055] exfat: Deprecated parameter 'namecase'
[  627.590695][T17055] exFAT-fs (loop7): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[  628.309989][T17081] loop7: detected capacity change from 0 to 64
[  628.494958][T17088] loop6: detected capacity change from 0 to 256
[  628.614940][T17088] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  628.970923][T17096] loop7: detected capacity change from 0 to 4096
[  629.025053][T17096] ntfs: (device loop7): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  629.067976][T17096] ntfs: (device loop7): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  629.115979][T17096] ntfs: (device loop7): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  629.171450][T17096] ntfs: (device loop7): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  629.253028][T17096] ntfs: (device loop7): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  629.296150][T17096] ntfs: volume version 3.1.
[  629.314399][T17096] ntfs: (device loop7): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  629.358264][T17096] ntfs: (device loop7): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  629.462814][T17096] ntfs: (device loop7): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  629.482591][T17096] ntfs: (device loop7): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  629.552309][T17096] ntfs: (device loop7): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  630.000619][T17123] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4914'.
[  630.133006][T17127] loop6: detected capacity change from 0 to 128
[  630.585324][T17138] loop7: detected capacity change from 0 to 512
[  630.659723][T17138] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  630.745580][T17138] EXT4-fs (loop7): 1 truncate cleaned up
[  630.751354][T17138] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  630.834581][T17125] loop4: detected capacity change from 0 to 32768
[  630.883886][T17138] EXT4-fs (loop7): Online resizing not supported with sparse_super2
[  630.918142][T17125] JBD2: Ignoring recovery information on journal
[  630.963638][T13712] EXT4-fs (loop7): unmounting filesystem.
[  630.996012][T17125] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  631.266986][T17159] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  631.315167][ T4274] ocfs2: Unmounting device (7,4) on (node local)
[  631.869705][T17179] device wireguard0 entered promiscuous mode
[  631.948315][T17179] team0: Device wireguard0 is of different type
[  632.253324][T17186] loop4: detected capacity change from 0 to 8192
[  632.291813][T17186] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  632.339042][T17186] UDF-fs: Scanning with blocksize 512 failed
[  632.387460][T17186] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  632.415759][T17186] UDF-fs: Scanning with blocksize 1024 failed
[  632.483565][T17186] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  632.511514][T17186] UDF-fs: Scanning with blocksize 2048 failed
[  632.586249][T17186] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  632.882924][   T22] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  633.055276][T17218] loop4: detected capacity change from 0 to 64
[  633.072551][   T22] usb 2-1: Using ep0 maxpacket: 8
[  633.080077][   T22] usb 2-1: unable to get BOS descriptor or descriptor too short
[  633.106203][   T22] usb 2-1: config 4 interface 0 has no altsetting 0
[  633.118929][T17218] hfs: unable to locate alternate MDB
[  633.153300][   T22] usb 2-1: string descriptor 0 read error: -22
[  633.159624][   T22] usb 2-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  633.163196][T17218] hfs: continuing without an alternate MDB
[  633.178438][   T22] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[  633.196036][   T22] usb 2-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  633.246564][   T22] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  633.272953][   T22] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  633.295020][T17224] loop6: detected capacity change from 0 to 164
[  633.301662][   T22] usb 2-1: media controller created
[  633.381698][   T22] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  633.504065][ T2958] hfs: new node 0 already hashed?
[  633.543050][ T2958] ------------[ cut here ]------------
[  633.548727][ T2958] WARNING: CPU: 0 PID: 2958 at fs/hfs/bnode.c:520 hfs_bnode_create+0x37a/0x400
[  633.558180][ T2958] Modules linked in:
[  633.562236][ T2958] CPU: 0 PID: 2958 Comm: kworker/u4:5 Not tainted syzkaller #0
[  633.570007][ T2958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  633.580192][ T2958] Workqueue: writeback wb_workfn (flush-7:4)
[  633.586477][ T2958] RIP: 0010:hfs_bnode_create+0x37a/0x400
[  633.592191][ T2958] Code: ac a2 8a 89 ee e8 36 7d d7 07 e9 ab fd ff ff e8 cc 34 37 ff 48 89 df e8 34 cd ec 07 48 c7 c7 00 ad a2 8a 89 ee e8 16 7d d7 07 <0f> 0b eb b7 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c b7 fc ff ff 4c
[  633.612043][ T2958] RSP: 0018:ffffc9000ca56e80 EFLAGS: 00010246
[  633.618260][ T2958] RAX: 000000000000001f RBX: ffff88801ce4c0e0 RCX: b15c3e7277ff9b00
[  633.626365][ T2958] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  633.634453][ T2958] RBP: 0000000000000000 R08: ffffc9000ca56b87 R09: 1ffff9200194ad70
[  633.642551][ T2958] R10: dffffc0000000000 R11: fffff5200194ad71 R12: 0000000000000000
[  633.650673][ T2958] R13: ffff88801ce4c000 R14: ffff888019aff500 R15: dffffc0000000000
[  633.658804][ T2958] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  633.667862][ T2958] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  633.674574][ T2958] CR2: 00007f0c00cf6e00 CR3: 00000000247c6000 CR4: 00000000003506f0
[  633.678792][T17226] loop7: detected capacity change from 0 to 2048
[  633.682781][ T2958] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  633.682864][ T2958] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  633.682882][ T2958] Call Trace:
[  633.682905][ T2958]  <TASK>
[  633.682921][ T2958]  hfs_bmap_alloc+0x53d/0x5d0
[  633.682969][ T2958]  ? hfs_bmap_reserve+0x420/0x420
[  633.683024][ T2958]  hfs_btree_inc_height+0xfd/0xac0
[  633.683059][ T2958]  ? hfs_brec_insert+0x6f6/0xbd0
[  633.683099][ T2958]  ? hfs_brec_insert+0xbd0/0xbd0
[  633.683146][ T2958]  ? do_raw_spin_unlock+0x11d/0x230
[  633.683176][ T2958]  hfs_brec_insert+0x744/0xbd0
[  633.683231][ T2958]  ? hfs_brec_keylen+0x350/0x350
[  633.683277][ T2958]  __hfs_ext_write_extent+0x2a1/0x470
[  633.683320][ T2958]  hfs_ext_write_extent+0x17b/0x200
[  633.683357][ T2958]  ? verify_lock_unused+0x140/0x140
[  633.683391][ T2958]  ? hfs_ext_keycmp+0x310/0x310
[  633.773488][ T2958]  ? writeback_sb_inodes+0x46b/0x1850
[  633.778954][ T2958]  hfs_write_inode+0xd8/0xa20
[  633.784076][ T2958]  ? hfs_inode_write_fork+0x1a0/0x1a0
[  633.789616][ T2958]  ? __writeback_single_inode+0x4ae/0x1160
[  633.795571][ T2958]  ? __lock_acquire+0x7d10/0x7d10
[  633.800668][ T2958]  ? do_raw_spin_lock+0x128/0x2f0
[  633.805919][ T2958]  ? __rwlock_init+0x140/0x140
[  633.810766][ T2958]  __writeback_single_inode+0x75b/0x1160
[  633.816547][ T2958]  writeback_sb_inodes+0xb30/0x1850
[  633.821950][ T2958]  ? queue_io+0x5a0/0x5a0
[  633.826450][ T2958]  ? rcu_is_watching+0x11/0xa0
[  633.831382][ T2958]  wb_writeback+0x482/0xd50
[  633.836122][ T2958]  ? percpu_ref_tryget+0x250/0x250
[  633.841407][ T2958]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  633.847531][ T2958]  ? _raw_spin_unlock_irq+0x1f/0x40
[  633.853141][ T2958]  wb_workfn+0x423/0xee0
[  633.853145][T17226] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=4294967169, location=4294967169
[  633.853218][ T2958]  ? inode_wait_for_writeback+0x220/0x220
[  633.874402][ T2958]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  633.880466][ T2958]  ? read_lock_is_recursive+0x10/0x10
[  633.885973][ T2958]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  633.891945][ T2958]  ? _raw_spin_unlock+0x40/0x40
[  633.897026][ T2958]  ? _raw_spin_unlock_irq+0x1f/0x40
[  633.902302][ T2958]  ? process_one_work+0x7b0/0x1160
[  633.907558][ T2958]  process_one_work+0x8a2/0x1160
[  633.912636][ T2958]  ? worker_detach_from_pool+0x240/0x240
[  633.918359][ T2958]  ? _raw_spin_lock_irq+0xb7/0xf0
[  633.923595][ T2958]  ? _raw_spin_lock_irqsave+0x100/0x100
[  633.929306][ T2958]  ? kthread_data+0x4b/0xc0
[  633.933965][ T2958]  worker_thread+0xaa2/0x1270
[  633.938824][ T2958]  ? __kthread_parkme+0x162/0x1c0
[  633.940808][T17226] UDF-fs: error (device loop7): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  633.944053][ T2958]  kthread+0x29d/0x330
[  633.944081][ T2958]  ? worker_clr_flags+0x1a0/0x1a0
[  633.944108][ T2958]  ? kthread_blkcg+0xd0/0xd0
[  633.944133][ T2958]  ret_from_fork+0x1f/0x30
[  633.944180][ T2958]  </TASK>
[  633.944193][ T2958] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  633.944205][ T2958] CPU: 0 PID: 2958 Comm: kworker/u4:5 Not tainted syzkaller #0
[  633.944227][ T2958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  633.944241][ T2958] Workqueue: writeback wb_workfn (flush-7:4)
[  633.944277][ T2958] Call Trace:
[  633.944285][ T2958]  <TASK>
[  633.944293][ T2958]  dump_stack_lvl+0x188/0x24e
[  633.944328][ T2958]  ? memcpy+0x3c/0x60
[  633.944350][ T2958]  ? show_regs_print_info+0x12/0x12
[  633.944383][ T2958]  ? load_image+0x400/0x400
[  633.944421][ T2958]  panic+0x2e5/0x730
[  633.944529][ T2958]  ? bpf_jit_dump+0xd0/0xd0
[  633.944631][ T2958]  ? ret_from_fork+0x1f/0x30
[  633.944730][ T2958]  __warn+0x2f8/0x4f0
[  633.944786][ T2958]  ? hfs_bnode_create+0x37a/0x400
[  633.944878][ T2958]  ? hfs_bnode_create+0x37a/0x400
[  633.944966][ T2958]  report_bug+0x2ba/0x4f0
[  633.945056][ T2958]  ? hfs_bnode_create+0x37a/0x400
[  633.945152][ T2958]  handle_bug+0x3a/0x70
[  633.945237][ T2958]  exc_invalid_op+0x16/0x40
[  633.945327][ T2958]  asm_exc_invalid_op+0x16/0x20
[  633.945399][ T2958] RIP: 0010:hfs_bnode_create+0x37a/0x400
[  633.945491][ T2958] Code: ac a2 8a 89 ee e8 36 7d d7 07 e9 ab fd ff ff e8 cc 34 37 ff 48 89 df e8 34 cd ec 07 48 c7 c7 00 ad a2 8a 89 ee e8 16 7d d7 07 <0f> 0b eb b7 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c b7 fc ff ff 4c
[  633.945538][ T2958] RSP: 0018:ffffc9000ca56e80 EFLAGS: 00010246
[  633.945593][ T2958] RAX: 000000000000001f RBX: ffff88801ce4c0e0 RCX: b15c3e7277ff9b00
[  633.945639][ T2958] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  633.945676][ T2958] RBP: 0000000000000000 R08: ffffc9000ca56b87 R09: 1ffff9200194ad70
[  633.945721][ T2958] R10: dffffc0000000000 R11: fffff5200194ad71 R12: 0000000000000000
[  633.945765][ T2958] R13: ffff88801ce4c000 R14: ffff888019aff500 R15: dffffc0000000000
[  633.945867][ T2958]  hfs_bmap_alloc+0x53d/0x5d0
[  633.945994][ T2958]  ? hfs_bmap_reserve+0x420/0x420
[  633.946130][ T2958]  hfs_btree_inc_height+0xfd/0xac0
[  633.946213][ T2958]  ? hfs_brec_insert+0x6f6/0xbd0
[  633.946319][ T2958]  ? hfs_brec_insert+0xbd0/0xbd0
[  633.946423][ T2958]  ? do_raw_spin_unlock+0x11d/0x230
[  633.946492][ T2958]  hfs_brec_insert+0x744/0xbd0
[  633.946638][ T2958]  ? hfs_brec_keylen+0x350/0x350
[  633.946746][ T2958]  __hfs_ext_write_extent+0x2a1/0x470
[  633.946857][ T2958]  hfs_ext_write_extent+0x17b/0x200
[  633.946967][ T2958]  ? verify_lock_unused+0x140/0x140
[  633.947049][ T2958]  ? hfs_ext_keycmp+0x310/0x310
[  633.947151][ T2958]  ? writeback_sb_inodes+0x46b/0x1850
[  633.947256][ T2958]  hfs_write_inode+0xd8/0xa20
[  633.947333][ T2958]  ? hfs_inode_write_fork+0x1a0/0x1a0
[  633.947435][ T2958]  ? __writeback_single_inode+0x4ae/0x1160
[  633.947534][ T2958]  ? __lock_acquire+0x7d10/0x7d10
[  633.947621][ T2958]  ? do_raw_spin_lock+0x128/0x2f0
[  633.947683][ T2958]  ? __rwlock_init+0x140/0x140
[  633.947772][ T2958]  __writeback_single_inode+0x75b/0x1160
[  633.947883][ T2958]  writeback_sb_inodes+0xb30/0x1850
[  633.948034][ T2958]  ? queue_io+0x5a0/0x5a0
[  633.948167][ T2958]  ? rcu_is_watching+0x11/0xa0
[  633.948287][ T2958]  wb_writeback+0x482/0xd50
[  633.948412][ T2958]  ? percpu_ref_tryget+0x250/0x250
[  633.948502][ T2958]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  633.948617][ T2958]  ? _raw_spin_unlock_irq+0x1f/0x40
[  633.948714][ T2958]  wb_workfn+0x423/0xee0
[  633.948870][ T2958]  ? inode_wait_for_writeback+0x220/0x220
[  633.948997][ T2958]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  633.949093][ T2958]  ? read_lock_is_recursive+0x10/0x10
[  633.949172][ T2958]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  633.949236][ T2958]  ? _raw_spin_unlock+0x40/0x40
[  633.949313][ T2958]  ? _raw_spin_unlock_irq+0x1f/0x40
[  633.949392][ T2958]  ? process_one_work+0x7b0/0x1160
[  633.949461][ T2958]  process_one_work+0x8a2/0x1160
[  633.949574][ T2958]  ? worker_detach_from_pool+0x240/0x240
[  633.949665][ T2958]  ? _raw_spin_lock_irq+0xb7/0xf0
[  633.949755][ T2958]  ? _raw_spin_lock_irqsave+0x100/0x100
[  633.949833][ T2958]  ? kthread_data+0x4b/0xc0
[  633.949937][ T2958]  worker_thread+0xaa2/0x1270
[  633.950080][ T2958]  ? __kthread_parkme+0x162/0x1c0
[  633.950210][ T2958]  kthread+0x29d/0x330
[  633.950258][ T2958]  ? worker_clr_flags+0x1a0/0x1a0
[  633.950335][ T2958]  ? kthread_blkcg+0xd0/0xd0
[  633.950392][ T2958]  ret_from_fork+0x1f/0x30
[  633.950507][ T2958]  </TASK>
[  633.955494][ T2958] Kernel Offset: disabled
[  634.396970][ T2958] Rebooting in 86400 seconds..