last executing test programs:

6m12.601718891s ago: executing program 2 (id=151):
r0 = io_uring_setup(0x68f4, &(0x7f00000002c0)={0x0, 0x48c7, 0x8, 0x0, 0x1000168})
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x10000000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000800)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x2, 0x2c}, @flat=@weak_binder={0x77622a85, 0x100, 0x2}, @fda={0x66646185, 0x9, 0x1, 0x2}}, &(0x7f0000000240)={0x0, 0x28, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, 0x0, 0x0)
mq_open(&(0x7f0000000000)='bat\x13\x1b\r\xcbs\xecave_5\x00', 0x8c2, 0x30, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

6m9.982841931s ago: executing program 2 (id=146):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000700), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r8, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r9, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000a"], 0xe4}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_VENDOR(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000200006700000008000300", @ANYRES32=r10], 0x28}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
accept4$ax25(r0, 0x0, 0x0, 0x80000)
r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, 0x0)
r12 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r12, 0xc08c5332, &(0x7f0000000300)={0x6, 0x0, 0x0, 'queue1\x00', 0x4})
write$sndseq(r12, 0x0, 0x0)

6m7.184025168s ago: executing program 2 (id=153):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./bus\x00', 0x200001, &(0x7f0000000200), 0x3, 0x55a3, &(0x7f0000005600)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x2)
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)
r1 = getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
ptrace$setregs(0xd, r1, 0x4, &(0x7f0000000380))
openat$proc_mixer(0xffffffffffffff9c, 0x0, 0x298f3cc22e12b39a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$cgroup_procs(r6, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@delsa={0x28, 0x11, 0x1, 0x70bd29, 0x25dfdbfe, {@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4d4, 0xa, 0xff}}, 0x28}, 0x1, 0x0, 0x0, 0x8004}, 0x80)
pread64(r7, &(0x7f00000000c0)=""/30, 0x1e, 0x800000000004)
r9 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r9, 0x0, 0x0)
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xca289435, &(0x7f0000000400)={0x0, 0x0, {0x1, @usage=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct, 0x0, 0x0, [0x0, 0x0, 0xb, 0x0, 0x0, 0x1]}, {0x0, @struct={0x9, 0xbe0}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, @struct, 0xfffffffe, 0x0, [0x0, 0x2000, 0x0, 0x0, 0x0, 0x2]}, {0x0, @struct, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, @usage, 0x0, 0x7fff}})

6m1.065899237s ago: executing program 2 (id=168):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x8488, &(0x7f00000001c0), 0x1, 0x10fd, &(0x7f0000001140)="$eJzs2T9rFEEYBvBnds8/3cqmXwQtLCQknF8ghcK1ttqIpDJVrlL8OH4cTWUf0msRsF9Zb/dO5UTwTm1+PzjmvYd9Z2fKmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZsmnkhxUSTtlVZKSdN3F4ipJN+V33tdVSp6eLpaPz+dPlknqb4+XZ0kZuoa2tMf3brfzdt4et48OTu5/WL5+8+rF2dnp+ThNSZfL6/1vpYzrAQAAAH7U76z5z+8HAAAAfmdvFwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6hvNnU7FVWSknTdxeIqSbel78Y/Wh8AAACwu5Iqz5tt+eoaYONhPjZlnQ/jlzLUR3m3pR8AAAD4pf7WWHz/fb3c3JzHH2S2PpcP2d3Mcni4+j8O+XyS1EmOfpr88vrty+lX+vpv7wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAPYKAAD///F61s8=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
ioprio_set$pid(0x1, 0x0, 0x2000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x80049367, &(0x7f0000000480))
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f0000000000)={0x0, 0x5}, 0x8)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000840)=ANY=[@ANYBLOB, @ANYRES16=r5, @ANYBLOB="0100000000000000000010000000300001801300030000000000000000000000ffffe0000001060002000000000006", @ANYRESDEC, @ANYRESOCT, @ANYBLOB="215f2781d1c2f26cad369584683ea05ca8c3899d56421596525c2a511f1542b018675bc6a2dda5b368f3a58d86353d7294d3f5ed0874c0cd964be9e0d218d42885a36c3313a17dfdc7a97f1b5ff68916bb6e4b360fef404548e313488f06a8873e234e9a85928d0eb674f1a5634193e17310b687413ec62371feadebf6f36480c91ca46b279ceec5a86c4e60464c023ac66e5985a3def7e19c59df19dbbe8a142e7dff98a03e00c14d5b19666c6dc65e651ec33279308790fc36d6424bfb95226dd560efa8bcba9f715b84bea138ac655bc0543e6c034537283dba", @ANYRES64=0x0, @ANYBLOB="32e1f47939227646d956a6417a1144c15ce8fee1c8897bb4f0d4a4724aa5cfb5e572ca7b3b96b0b4ec71594e48e5f0761651e5383abc807752f45c211b2b3210dfb62b4ed9bdde70f77206b045ccd8e1f12a322b2ea0b28b8a2602e70e210b8231031ba34077f7502e22b4ad5a27bebc0bbdc2b9475b4f2d32bf8e", @ANYRES16=r1], 0x44}}, 0x0)
ftruncate(r0, 0x2000009)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file1\x00', 0x0, 0x0, 0x1, 0x0, &(0x7f00000007c0))
write$P9_ROPEN(r0, &(0x7f00000002c0)={0x18, 0x71, 0xfff0, {{0x10, 0x4, 0x80000001}, 0x96}}, 0x18)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
fsetxattr$trusted_overlay_redirect(r3, &(0x7f00000004c0), &(0x7f0000000500)='./bus\x00', 0x6, 0x2)
pivot_root(&(0x7f0000000280)='./file0\x00', 0x0)
socket$unix(0x1, 0x5, 0x0)
truncate(&(0x7f0000000440)='./file0\x00', 0x9)

5m59.972468643s ago: executing program 2 (id=162):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000280)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2e, &(0x7f0000000040)=0x4, 0x4)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_opts(r4, 0x0, 0x4, &(0x7f0000000080)="441f08100000009837a0324d7df546bcb8e8c94efe76cef3e200000000", 0x1d)
r5 = io_uring_setup(0x2f00, &(0x7f00000004c0)={0x0, 0xe8e2, 0x4, 0x20001, 0x2d6})
r6 = syz_open_procfs(0x0, &(0x7f00000190c0)='net/ip_tables_targets\x00')
pread64(r6, &(0x7f0000000080)=""/102356, 0x18fd4, 0x6)
setsockopt$MRT_FLUSH(r6, 0x0, 0xd4, &(0x7f0000000040)=0x5, 0x4)
r7 = socket$kcm(0x2, 0x200000000000001, 0x106)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r8, 0x4b67, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x7, 0x2}]})
ioctl$BTRFS_IOC_BALANCE_V2(r5, 0xc4009420, &(0x7f0000019100)={0x8, 0x0, {0xffffffffffffffff, @usage, 0x0, 0x5, 0x0, 0x200, 0x9, 0x81f6, 0x40, @struct={0x7, 0x3}, 0x20, 0x4, [0x4, 0x1, 0x1, 0x86, 0xfffffffffffff0f7, 0x80]}, {0x2, @struct={0x7f, 0x9}, 0x0, 0x3, 0x8, 0x5b7, 0xee79, 0x6, 0x2, @struct={0x5, 0x9}, 0x40, 0x7, [0x2, 0xfffffffffffffffb, 0xd0c, 0x1, 0x7, 0xe]}, {0xdcf, @struct={0x5, 0x101}, 0x0, 0x0, 0x5, 0x7fffffffffffffff, 0x6, 0x2, 0xe8, @struct={0x8, 0x3}, 0x10001, 0x5, [0x2, 0x0, 0x6, 0xec, 0x800, 0x7f]}, {0x3, 0x3, 0x100}})
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, 0x0)
r9 = socket$inet(0x2, 0xa, 0x0)
sendmmsg$sock(r9, &(0x7f0000003280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
sendmsg$inet(r7, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x3000c041)

5m57.96641982s ago: executing program 2 (id=164):
r0 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x4c1, &(0x7f0000000080)=ANY=[@ANYBLOB="666c7573682c757466383d312c6e6f6e756d7461696c3d302c726f6469722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c6e6f6e756d7461696c3d302c756e695f786c6174653d302c757466383d312c756e695f786c6174653d302c757466383d312c756e695f786c6174653d312c6e6f6e756d7461696c3d302c646f733178666c6f7070792c726f6469722c73686f72746e616d653d77696e6e742c71756965742c0094f8a04f0973c43c7bcea227ba87b349831c01bc3220ec43c16881ca5a7eb4c441b475069a19ed5992542160cfb3116e6b98cb32f0c11a1425599a6e9e6112e8ccec10c22c03ee6158bae8a13f6c3b4c6a28b970ccddefe85485144c95ae43328f492ad74f0d68df2d1fb7eed626acbfd66c627c439a6358168da3754739b94ec5550af56d20754c3be005251ae53ba42f"], 0x0, 0x30a, &(0x7f0000001200)="$eJzs3ctrE1scwPHf5NEk7e1tFpfL5XIvHHrhci/SoQ24c2GRFsSC0odgBWFqpxoyTUomFFLEZiG4de2iC5ciiODOjYhLu/EvUOuum+7sIjgymUeTZowJkj70+1l0fplzfnNOZ076OO2c2T33YLWwkhYRTQ7Ea1mJSdx/VZP/X2+9/3vu1S/ea6WmJ+cnckrFROT6nSejLytDV5//+iIl29kbu3u5j9t/zYt8nr8tMZW3VdFxlKGWSqWK24RaztsFXakrlmnYpsoXbbNc8cuNJctUK1Zpba2qjOLy8OBa2bRtZRSrqmBWVaWkKuWqMm4Z+aLSdV0NDwpEJBtGsbYyrVPiwuN9x5E9x3GcVE0cx4moXQuCpL9NfV9ncZIcuv4d67YNjng/e4ajsO8kur7++PF47/8PD7u7/s7mEXULR2Tu2uKlyZmZqVml0iKr99cX1he8rVf+bkjyYokpW7NnFuvijhGfaO7H6YszU+OqISv/rm428hPujxbeN4fJlUb+TpDUlC9B/oSXr8J8cbdJGTzINyUnI/KbRObngnyJNeUPyH//NOXrMiJvb0pJLFl2R3JT/t0JpS5cfhNvbT/TqAcAAAAAAAAAwGmkq9DB/L0W/qk3o+upxn98hOUZd7dbz6sQzq+Py4jUo+fnxyPn9xPyZ+IYP3EAAAAAAH4idnWjYFiWWe5PEH+U6dBEUkTcQOTeqNuZjgf83e9xd60PiEh7UbxzEy1B5qzX3tNZv2PSzxMVBOkeehgRBDdrFIz6s6AoI1GVYz0NgLGByDOfLmvS1/HTEkg3lSXd88DWEnZ1I9X10GpLrwd7/ois42jfPo5jWElvj4RXsHPW+Z7eDl8N0odP1NiOd1yrwxeNT+EUHwAAAIBTpOkXJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEzC+/81/0n/3SweFqzb31ok/iPi25dkO/yceNb9BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHACfQkAAP//w0Oy1Q==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1f, 0x13, &(0x7f0000000240)=@framed={{}, [@printk={@d, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x45b}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(0x0, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x0, 0x0, 0x0}, 0x94)
mount_setattr(0xffffffffffffffff, 0x0, 0x8100, 0x0, 0x37)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_LE_SET_ADV_PARAM={{0x79}, 0xce}}}, 0x7)
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r4, 0x400, 0x1)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100)={[{@uni_xlateno}, {@shortname_win95}, {@shortname_winnt}, {@uni_xlate}, {@shortname_lower}, {@shortname_lower}, {@rodir}, {@utf8no}, {@fat=@nfs_nostale_ro}, {@fat=@uid}, {@rodir}, {@shortname_win95}, {@fat=@umask={'umask', 0x3d, 0x89}}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x8}}, {@fat=@nfs}]}, 0x1, 0x2b0, &(0x7f0000000640)="$eJzs3T9rO3UcB/DPpWkSdUhmEbzB+Ufb1SUdWhA7KR100WJbKE0QWihUxLSTq0/ARyAIrj4HF5+B4Co4FiycXO6uaf6dVprWH329ln76ve/7vn96IUPJN5+/Mzw9TOP4+uvfotNJotGPftwk0YtGVK5iSv+7AABeZzdZFn9mhYfkkojorG5aAMAKzb3/J0l94KenmRcAsDoff/Lph9t7ezsfpWkndoffXuzn7//5z+L69nGcxCCOYiO6cRuR3Snq3SzLRs0014v3hqOL/Tw5/OyX8v7bf0SM85vRjd64aTr/wd7OZlq4lx/l83izHL+f57eiG39NjV/9g2Jnay4fEc3e9PxfRTd+/SK+jEEcjicxGf+bzTQ9+bnakTyfjC722+N+E9naE/w5AAAAAAAAAAAAAAAAAAAAAAB4IV6VZ+e0Y3x+T95Unr+zdpv/sh5ppTd9Pk+RvzstcOZ8oFEW31fn62ykaZqVHSf5ZrzdjObzrBoAAAAAAAAAAAAAAAAAAAD+X84vvzo9GAyOzh6lqE4DqD7W/1/v07/X8m4s7ZwPc9CejNUoy5o7x1rVJ4monUa+iEfalvri6vKNZXP+4ceaeGdRqvPPg67X7c/jFNXTdXqQFHuYzPRpx2QVRRGN+w9kK87Os38zVmvZpexBj19r4aXug9feemtcjGr6RFI3sfd/L7ahbElmV9Ea7+rC+HpZlPHG3NPbyVtay+Jzr5Qp+asscVoHAAAAAAAAAAAAAAAAAACs1ORDvwsuXtdGG1l7ZdMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCc1+f7/u6IRsy2zxagM1/Upi1acnT/zEgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgB/g4AAP//6w9Qcg==")
socket$nl_sock_diag(0x10, 0x3, 0x4)
pipe2(&(0x7f0000000040), 0x0)
memfd_create(&(0x7f00000002c0)='\x103q}2\xa18/\xd5\x86\xe7\xc0\x14\x8f^\xd5\xfd\xa9\r\x90k\xd6\x05\r\x84\x87\x1c\b\x8c`\xea\x13A\x90m\xb6&\xd0\x9daA\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2_\xdb\xc0\x8b\x19\x17\xb7R\x00\x00\xcb:\b\xeeC0\xa3\xa6\xcf\x00\x00\xac\xc5h&+\t\x98\'\xfd|\x11\x99\xa2*6{\xd2C>2\xf2!\xbc\xda\xee\xb0\xd8\xbf\xaf)\xf58c\x189K\x82\xd1(\xceY*\xcb\x9b\xbdn\x8e\x98m\x10L\xec\xfdWF\x7fj\x19\xb8<\xd2\x9d\x02\xeaQy\xe32\xed\x16f\xfe&\x1a\xdb\xeb\xad\xaaE\b\xa9\xf8\xa9s\xc4d\xd4\x03\xf1\xdaxO\x99\x804m[Ai\x13\x02\xf0\x84c2s\xf0P\t`\x9b\x12&\x8cx\x8eg\x9d\xe6g', 0x0)

5m57.219350796s ago: executing program 32 (id=164):
r0 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x4c1, &(0x7f0000000080)=ANY=[@ANYBLOB="666c7573682c757466383d312c6e6f6e756d7461696c3d302c726f6469722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c6e6f6e756d7461696c3d302c756e695f786c6174653d302c757466383d312c756e695f786c6174653d302c757466383d312c756e695f786c6174653d312c6e6f6e756d7461696c3d302c646f733178666c6f7070792c726f6469722c73686f72746e616d653d77696e6e742c71756965742c0094f8a04f0973c43c7bcea227ba87b349831c01bc3220ec43c16881ca5a7eb4c441b475069a19ed5992542160cfb3116e6b98cb32f0c11a1425599a6e9e6112e8ccec10c22c03ee6158bae8a13f6c3b4c6a28b970ccddefe85485144c95ae43328f492ad74f0d68df2d1fb7eed626acbfd66c627c439a6358168da3754739b94ec5550af56d20754c3be005251ae53ba42f"], 0x0, 0x30a, &(0x7f0000001200)="$eJzs3ctrE1scwPHf5NEk7e1tFpfL5XIvHHrhci/SoQ24c2GRFsSC0odgBWFqpxoyTUomFFLEZiG4de2iC5ciiODOjYhLu/EvUOuum+7sIjgymUeTZowJkj70+1l0fplzfnNOZ076OO2c2T33YLWwkhYRTQ7Ea1mJSdx/VZP/X2+9/3vu1S/ea6WmJ+cnckrFROT6nSejLytDV5//+iIl29kbu3u5j9t/zYt8nr8tMZW3VdFxlKGWSqWK24RaztsFXakrlmnYpsoXbbNc8cuNJctUK1Zpba2qjOLy8OBa2bRtZRSrqmBWVaWkKuWqMm4Z+aLSdV0NDwpEJBtGsbYyrVPiwuN9x5E9x3GcVE0cx4moXQuCpL9NfV9ncZIcuv4d67YNjng/e4ajsO8kur7++PF47/8PD7u7/s7mEXULR2Tu2uKlyZmZqVml0iKr99cX1he8rVf+bkjyYokpW7NnFuvijhGfaO7H6YszU+OqISv/rm428hPujxbeN4fJlUb+TpDUlC9B/oSXr8J8cbdJGTzINyUnI/KbRObngnyJNeUPyH//NOXrMiJvb0pJLFl2R3JT/t0JpS5cfhNvbT/TqAcAAAAAAAAAwGmkq9DB/L0W/qk3o+upxn98hOUZd7dbz6sQzq+Py4jUo+fnxyPn9xPyZ+IYP3EAAAAAAH4idnWjYFiWWe5PEH+U6dBEUkTcQOTeqNuZjgf83e9xd60PiEh7UbxzEy1B5qzX3tNZv2PSzxMVBOkeehgRBDdrFIz6s6AoI1GVYz0NgLGByDOfLmvS1/HTEkg3lSXd88DWEnZ1I9X10GpLrwd7/ois42jfPo5jWElvj4RXsHPW+Z7eDl8N0odP1NiOd1yrwxeNT+EUHwAAAIBTpOkXJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEzC+/81/0n/3SweFqzb31ok/iPi25dkO/yceNb9BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHACfQkAAP//w0Oy1Q==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1f, 0x13, &(0x7f0000000240)=@framed={{}, [@printk={@d, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x45b}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(0x0, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x0, 0x0, 0x0}, 0x94)
mount_setattr(0xffffffffffffffff, 0x0, 0x8100, 0x0, 0x37)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_LE_SET_ADV_PARAM={{0x79}, 0xce}}}, 0x7)
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r4, 0x400, 0x1)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100)={[{@uni_xlateno}, {@shortname_win95}, {@shortname_winnt}, {@uni_xlate}, {@shortname_lower}, {@shortname_lower}, {@rodir}, {@utf8no}, {@fat=@nfs_nostale_ro}, {@fat=@uid}, {@rodir}, {@shortname_win95}, {@fat=@umask={'umask', 0x3d, 0x89}}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x8}}, {@fat=@nfs}]}, 0x1, 0x2b0, &(0x7f0000000640)="$eJzs3T9rO3UcB/DPpWkSdUhmEbzB+Ufb1SUdWhA7KR100WJbKE0QWihUxLSTq0/ARyAIrj4HF5+B4Co4FiycXO6uaf6dVprWH329ln76ve/7vn96IUPJN5+/Mzw9TOP4+uvfotNJotGPftwk0YtGVK5iSv+7AABeZzdZFn9mhYfkkojorG5aAMAKzb3/J0l94KenmRcAsDoff/Lph9t7ezsfpWkndoffXuzn7//5z+L69nGcxCCOYiO6cRuR3Snq3SzLRs0014v3hqOL/Tw5/OyX8v7bf0SM85vRjd64aTr/wd7OZlq4lx/l83izHL+f57eiG39NjV/9g2Jnay4fEc3e9PxfRTd+/SK+jEEcjicxGf+bzTQ9+bnakTyfjC722+N+E9naE/w5AAAAAAAAAAAAAAAAAAAAAAB4IV6VZ+e0Y3x+T95Unr+zdpv/sh5ppTd9Pk+RvzstcOZ8oFEW31fn62ykaZqVHSf5ZrzdjObzrBoAAAAAAAAAAAAAAAAAAAD+X84vvzo9GAyOzh6lqE4DqD7W/1/v07/X8m4s7ZwPc9CejNUoy5o7x1rVJ4monUa+iEfalvri6vKNZXP+4ceaeGdRqvPPg67X7c/jFNXTdXqQFHuYzPRpx2QVRRGN+w9kK87Os38zVmvZpexBj19r4aXug9feemtcjGr6RFI3sfd/L7ahbElmV9Ea7+rC+HpZlPHG3NPbyVtay+Jzr5Qp+asscVoHAAAAAAAAAAAAAAAAAACs1ORDvwsuXtdGG1l7ZdMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCc1+f7/u6IRsy2zxagM1/Upi1acnT/zEgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgB/g4AAP//6w9Qcg==")
socket$nl_sock_diag(0x10, 0x3, 0x4)
pipe2(&(0x7f0000000040), 0x0)
memfd_create(&(0x7f00000002c0)='\x103q}2\xa18/\xd5\x86\xe7\xc0\x14\x8f^\xd5\xfd\xa9\r\x90k\xd6\x05\r\x84\x87\x1c\b\x8c`\xea\x13A\x90m\xb6&\xd0\x9daA\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2_\xdb\xc0\x8b\x19\x17\xb7R\x00\x00\xcb:\b\xeeC0\xa3\xa6\xcf\x00\x00\xac\xc5h&+\t\x98\'\xfd|\x11\x99\xa2*6{\xd2C>2\xf2!\xbc\xda\xee\xb0\xd8\xbf\xaf)\xf58c\x189K\x82\xd1(\xceY*\xcb\x9b\xbdn\x8e\x98m\x10L\xec\xfdWF\x7fj\x19\xb8<\xd2\x9d\x02\xeaQy\xe32\xed\x16f\xfe&\x1a\xdb\xeb\xad\xaaE\b\xa9\xf8\xa9s\xc4d\xd4\x03\xf1\xdaxO\x99\x804m[Ai\x13\x02\xf0\x84c2s\xf0P\t`\x9b\x12&\x8cx\x8eg\x9d\xe6g', 0x0)

11.745217755s ago: executing program 4 (id=1409):
syz_emit_ethernet(0x3a, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004600fb2b"], 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x56a, 0x331, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x80, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x4}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)

9.292005001s ago: executing program 4 (id=1419):
socket(0x10, 0x803, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc0)
mkdirat(0xffffffffffffff9c, 0x0, 0x108)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x181)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x14a0, &(0x7f0000000700)=ANY=[], 0x1, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r4, 0x402, 0x91ea6c1af182532)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x108)
mount(0x0, 0x0, 0x0, 0x1214040, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

5.892539871s ago: executing program 4 (id=1432):
syz_mount_image$xfs(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x4004000, &(0x7f0000000140)={[{@qnoenforce}, {@nodiscard}, {@nouuid}, {@usrquota}, {@inode32}, {@pquota}, {@lazytime}, {@usrquota}, {@gquota}, {}]}, 0x1, 0x975c, &(0x7f000001c600)="$eJzs/QWcbXWhuP/PgUM3giBSUmKSEqJIhyJKihKCtKSACCgdSqigCCjd3d2d0t3d3R3/14EDKj5wvd/f/V+8Ps/zYmbPjlnz2Z/3Wou9Z83Ze6n5FptrYGDMgfd6//RvXbTbvcstPtpC6528y+Bb9t5x4SeGXjz8eydjzTH0dM6hp3MNDAwMGrqcQe9dNnj2k04eZmDwwJD//taoI408zKgDAyMPPTt0OQMzv3cyyiHv3+6dD8UDnXTIj9vhvY93G23IQoZ8sczyb609MDAw4t99/5BxTftPd1TaUnPOP9/frD5wG2bo1YP+dt27p4Pf+xjlgIGBUfYb+Oj1Y8hth/u77/3fbMjPHHPygSXu/QR+9v+5lppz/gU/5D9kWxx26GUzD9nGP7wNGvvwer7jYms8NnQKBw2duMF/t718Euv9/1NLzTnfQgMfvR0PLDzvpo++8+5+c/A8AwOD5x0YGDzfwMDg+T9pj/qf6RNd+aqqquoTac65ZhjynH2YDz0eGPH9x7X0uPCyN6d7cGBg8MLvPU8cvPz7zwWrqqqqqqqq6t+zOeeaYW54/j/mxz3/n/TMbcbq+X9VVVVVVVXV/50WnHOuGYY81//Q8//xP+75/7OPH33we3/7P8fM733X25/snaiqqqqqqqqqj22+BfH5/6Qf9/z/ipMmvbrn/1VVVVVVVVX/d1r0nXfe2fzvXmdv6MVTv389Pf8/+5G7l/3EBlxVVVVVVVVV/+3efuqMc/72mu8TD3zo9d7fbejvBQYdd961135iA/33aNA//z5ki096TP9fG+I84hGTDgysvcQnPZT6BPo/81r19f+X8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/cR9x/P+D1/8/+4QV338v+M9POcOtZ/ztO9997//BCy/41Jaf0NA/if5Tj/8PrD5oYGCo75irDwwMLDznootPPTAwcMatM0w5xcAH180y5LrZxh723TeIf/+ficw7Fi94i8neOx2yogyM88Eyjnt3+Qu+s/+wgz40iL9rrFMOPni1pV6Z8cOnU330/Rjmg69GO/nx9/8tyzAfutGIH/HN7y///fvyYeehY596yNin2WCtdadZf+NNvrL6WiusuvKqK6896/QzTTfjrLPONNM0q6y+5srTvvf5o+Zs0nc/z/2vzNmoH56zp+b8+zn78H37qDmb9OPn7N0l7nr5iN96f84G/zfnbO6Pn7NJVx/6g8aaY7iB5d+dm0EDA2PNM9zARkPOTDfCwMBY8w697fhDbvuNsYcZGNj5b3d0yFcjfLAODtpiyG2Wmm+xud7bTQ0M/O30b33E+9kPP3Tkcww9nXPo6Vzv/ZgxB/62Kg6e/aSThxkyF/8wHaOONPIwow4MjDz07NDlDMz63snIZ75/u494n/UPDfTdl1nZ4b2PdxttYGBglCFfTLzC2dsOmfr/hfdp/3/6//8/ec0y6IP1cdDQj6G3ec9rzvkX/NvPencahszdsEMvm3mIyf/wW9v/Q/803klHHJj0Y8b7Ma+L8260fq15xrhb/U+9Lg6Nd/yPGe/HvI7vR453yQf3eOy9Rf2PjfdD+7qF3v08x7+yrxv4+H3dsLSAla+a6MP7uu989BD/YXf5/hyN8KEbfdS+bvy9JtliyPLn+Ph93UJDxj7cP+zrhhkYGGvu9/d1Q3Z88w03sPOQM9MPOTP/cAOHDTkzw7tnRho4b8iZr664zporDblggX9eD6Ye9A9/oAnb2Xwf2s4G/d19H/Shv+8c/N7pKAe8/x5OH7HfHDT0bv2X+wpab8f8mPF+zPtP4TwPuWyl40cc93/q/adovCN+/Hg/6v2yP3K8O7189r3/w+P9YDsb7u+ma4F/ZTub9B+3syF3cdi/2zL+1cdhK8Ht3/t6/A+WtuFmj3/wmGK4Dy33v3pMscDHb2djrv6h79t+v4FBHzc38/8rczPhP+2Dtvz7uflXH29NPfl71w/7MXMzwqzLTfX+3Az/35yb+f+7czPHwLD/ODeDB+YdGBiYYuj+Yb5/ZW7G//i5+VfXm5Hh9u99vfIHF82z4xGXvD83H56L/2pu5vvvzs2kH6w3U7x73WTDDAw//MBGK2ywwXrTvff5/bPTv/f547fBef6VuRzzf2YuJxj8UXP5t1V11AevPuC/2Ab/aZ/+/vLn+e/O5cAHczmw+oc3lvp3rd//ucvfXf7u8neXv7v83eUv7iOO/3/w+v+7jznbLkN/uTHc1ZOMt90nPd5PuP/o4/9Dff/h+P92401y9TADH1z3scdn37vNv+Xx2ZnfOxnlkPdv9+HjgzzQjz4+u9+sM2/zv3R89v+p97fVf+H3cO3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uI+4vj/tO//HcAj0y3y/NADocM9sfXSi3zS4/2E+48+/j/U9x+O/y+y9NZPDDPwwXUfe/z/vds4jv/f/8Z8O/07H/9/f1vt+H/9F+XvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uI+4vj/HO//HcDRR++xyft/D3DjWDuc8UmP9xPuP/X4f+//7639v7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y1/c0OP/Ax96e8vvt15gcPz//3Yf4b9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8l8wfs/j/IH/M4r9U/pjF/4f5Yxb/H+WPWfyXzh+z+C+TP2bxXzZ/zOK/XP6Yxf/H+WMW/+Xzxyz+K+SPWfx/kj9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+P80f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+P8sf8ziv17+mMV//fwxi/8G+WMW/5/nj1n8N8wfs/j/In/M4r9R/pjFf+P8MYv/JvljFv9f5o9Z/H+VP2bx3zR/zOK/Wf6YxX/z/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/9f5Yxb/3+SPWfy3zx+z+O+QP2bx3zF/zOK/U/6Yxf+3+WMW/9/lj1n8f58/ZvHfOX/M4r9L/pjF/w/5Yxb/P+aPWfx3zR+z+P8pf8ziv1v+mMV/9/wxi/8e+WMW/z/nj1n8/5I/ZvHfM3/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/gfkD9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvH/a/6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6Yxf/N/DGL/1v5Yxb/t/PHLP7v5I9J/AcN5I9Z/Aflj1n8h8kfs/gPmz9m8R+cP2bxHy5/zOI/fP6YxX+E/DGL/4j5Yxb/kfLHLP4j549Z/EfJH7P4j5o/ZvEfLX/M4j96/pjFf4z8MYv/mPljFv+x8scs/mPnj1n8P5U/ZvEfJ3/M4j9u/pjF/9P5Yxb/8fLHLP7j549Z/D+TP2bxnyB/zOL/2fwxi/+E+WMW/4nyxyz+E+ePWfwnyR+z+E+aP2bx/1z+mMV/svf9R/yExvVvmsV/8rZ/zOI/Rf6YxX/K/DGL/1T5Yxb/z+ePWfynzh+z+H8hf8zi/8X8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/NPljFv9p88cs/tPlj1n8p88fs/jPkD9m8Z8xf8zi/7X8MYv/TPljFv+Z88cs/rPkj1n8Z80fs/h/PX/M4j9b/pjF/xv5Yxb/b+aPWfxnzx+z+H8rf8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6YxX/B/DGL/7fzxyz+38kfs/gvlD9m8f9u/pjFf+H8MYv/9/LHLP7fzx+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/JfPHLP4/yB+z+C+VP2bx/2H+mMX/R/ljFv+l88cs/svkj1n8l80fs/gvlz9m8f9x/pjFf/n8MYv/CvljFv+f5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv/V88cs/j/NH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/j/LH7P4r5c/ZvFfP3/M4r9B/pjF/+f5Yxb/DfPHLP6/yB+z+G+UP2bx3zh/zOK/Sf6Yxf+X+WMW/1/lj1n8N80fs/hvlj9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfy3zR+z+G+XP2bx/3X+mMX/N/ljFv/t88cs/jvkj1n8d8wfs/jvlD9m8f9t/pjF/3f5Yxb/3+ePWfx3zh+z+O+SP2bx/0P+mMX/j/ljFv9d88cs/n/KH7P475Y/ZvHfPX/M4r9H/pjF/8/5Yxb/v+SPWfz3zB+z+O+VP2bx3zt/zOK/T/6YxX/f/DGL/375Yxb//fPHLP4H5I9Z/A/MH7P4H5Q/ZvE/OH/M4n9I/pjF/9B/9H/4f31c/6ZZ/A9r+8cs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+T+L9b/v+cxH/QlfljFv+r8scs/lfnj1n8r8kfs/hfmz9m8b8uf8zif33+mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH7P4v5o/ZvF/Lf/h6UKL/+v5Yxb/N/LHLP5v5o9Z/N/KH7P4v50/ZvF/J39M4v/ul/n/cxb/QfljFv9h8scs/sPmj1n8B+ePWfyHyx+z+A+fP2bxHyF/zOI/Yv6YxX+k/DGL/8j5Yxb/UfLHLP6j5o9Z/EfLH7P4j54/ZvEfI3/M4j9m/pjFf6z8MYv/2PljFv9P5Y9Z/MfJH7P4j5s/ZvH/dP6YxX+8/DGL//j5Yxb/z+SPWfwnyB+z+H82f8ziP2H+mMV/ovwxi//E+WMW/0nyxyz+k+aPWfw/lz9m8Z8sf8ziP3n+mMV/ivwxi/+U+WMW/6nyxyz+n88fs/hPnT9m8f9C/pjF/4v5Yxb/L+WPWfy/nD9m8f9K/pjF/6v5Yxb/afLHLP7T5o8Numi34QYGBv7j/afLH7Ns/9Pnj1n8Z8gfs/jPmD9m8f9a/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v54/ZvGfLX/M4v+N/DGL/zfzxyz+s+ePWfy/lT9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6Yxf/b+WMW/+/kj1n8F8ofs/h/N3/M4r9w/pjF/3v5Yxb/7+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL/5L5Yxb/H+SPWfyXyh+z+P8wf8zi/6P8MYv/0vljFv9l8scs/svmj1n8l8sfs/j/OH/M4r98/pjFf4X8MYv/T/LHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv+f5o9Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv+f5Y9Z/NfLH7P4r58/ZvHfIH/M4v/z/DGL/4b5Yxb/X+SPWfw3yh+z+G+cP2bx3yR/zOL/y/wxi/+v8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy3yx+z+P86f8zi/5v8MYv/9vljFv8d8scs/jvmj1n8d8ofs/j/Nn/M4v+7/DGL/+/zxyz+O+ePWfx3yR+z+P8hf8zi/8f8MYv/rvljFv8/5Y9Z/HfLH7P4754/ZvHfI3/M4v/n/DGL/1/yxyz+e+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+f80fs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT9m8X8rf8zi/3b+mMX/nfwxif+wA/ljFv9B+WMW/2Hyxyz+w+aPWfwH549Z/IfLH7P4D58/ZvEfIX/M4j9i/pjFf6T8MYv/yPljFv9R8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/0/lj1n8x8kfs/iPmz9m8f90/pjFf7z8MYv/+PljFv/P5I9Z/CfIH7P4fzZ/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/D+XP2bxnyx/zOI/ef6YxX+K/DGL/5T5Yxb/qfLHLP6fzx+z+E+dP2bx/0L+mMX/i/ljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv9p8scs/tPmj1n8p8sfs/hPnz9m8Z8hf8ziP2P+mMX/a/ljFv+Z8scs/jPnj1n8Z8kfs/jPmj9m8f96/pjFf7b8MYv/N/LHLP7fzB+z+M+eP2bx/1b+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/b+ePWfy/kz9m8V8of8zi/938MYv/wvljFv/v5Y9Z/L+fP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP5L5o9Z/H+QP2bxXyp/zOL/w/wxi/+P8scs/kvnj1n8l8kfs/gvmz9m8V8uf8zi/+P8MYv/8vljFv8V8scs/j/JH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/qvnj1n8f5o/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/uvmj1n8f5Y/ZvFfL3/M4r9+/pjFf4P8MYv/z/PHLP4b5o9Z/H+RP2bx3yh/zOK/cf6YxX+T/DGL/y/zxyz+v8ofs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/6/wxi/9v8scs/tvnj1n8d8gfs/jvmD9m8d8pf8zi/9v8MYv/7/LHLP6/zx+z+O+cP2bx3yV/zOL/h/wxi/8f88cs/rvmj1n8/5Q/ZvHfLX/M4r97/pjFf4/8MYv/n/PHLP5/yR+z+O+ZP2bx3yt/zOK/d/6YxX+f/DGL/775Yxb//fLHLP77549Z/A/IH7P4H5g/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+P81f8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf8zi/2b+mMX/rfwxi//b+WMW/3fyxyT+gwfyxyz+g/LHLP7D5I9Z/IfNH7P4D84fs/gPlz9m8R8+f8ziP0L+mMV/xPwxi/9I+WMW/5Hzxyz+o+SPWfxHzR+z+I+WP2bxHz1/zOI/Rv6YxX/M/DGL/1j5Yxb/sfPHLP6fyh+z+I+TP2bxHzd/zOL/6fwxi/94+WMW//Hzxyz+n8kfs/hPkD9m8f9s/pjFf8L8MYv/RPljFv+J88cs/pPkj1n8J80fs/h/Ln/M4j9Z/pjFf/L8MYv/FPljFv8p88cs/lPlj1n8P58/ZvGfOn/M4v+F/DGL/xfzxyz+X8ofs/h/OX/M4v+V/DGL/1fzxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/9fyxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOL/9fwxi/9s+WMW/2/kj1n8v5k/ZvGfPX/M4v+t/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv8F88cs/t/OH7P4fyd/zOK/UP6Yxf+7+WMW/4Xzxyz+38sfs/h/P3/M4r9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8l8wfs/j/IH/M4r9U/pjF/4f5Yxb/H+WPWfyXzh+z+C+TP2bxXzZ/zOK/XP6Yxf/H+WMW/+Xzxyz+K+SPWfx/kj9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+P80f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+P8sf8ziv17+mMV//fwxi/8G+WMW/5/nj1n8N8wfs/j/In/M4r9R/pjFf+P8MYv/JvljFv9f5o9Z/H+VP2bx3zR/zOK/Wf6YxX/z/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/9f5Yxb/3+SPWfy3zx+z+O+QP2bx3zF/zOK/U/6Yxf+3+WMW/9/lj1n8f58/ZvHfOX/M4r9L/pjF/w/5Yxb/P+aPWfx3zR+z+P8pf8ziv1v+mMV/9/wxi/8e+WMW/z/nj1n8/5I/ZvHfM3/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/gfkD9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvH/a/6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6Yxf/N/DGL/1v5Yxb/t/PHLP7v5I9J/IcbyB+z+A/KH7P4D5M/ZvEfNn/M4j84f8ziP1z+mMV/+Pwxi/8I+WMW/xHzxyz+I+WPWfxHzh+z+I+SP2bxHzV/zOI/Wv6YxX/0/DGL/xj5Yxb/MfPHLP5j5Y9Z/MfOH7P4fyp/zOI/Tv6YxX/c/DGL/6fzxyz+4+WPWfzHzx+z+H8mf8ziP0H+mMX/s/ljFv8J88cs/hPlj1n8J84fs/hPkj9m8Z80f8zi/7n8MYv/ZPljFv/J88cs/lPkj1n8p8wfs/hPlT9m8f98/pjFf+r8MYv/F/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/GfPHLP5fyx+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/9fzxyz+s+WPWfy/kT9m8f9m/pjFf/b8MYv/t/LHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/gvkj1n8F8wfs/h/O3/M4v+d/DGL/0L5Yxb/7+aPWfwXzh+z+H8vf8zi//38MYv/IvljFv9F88cs/ovlj1n8F88fs/gvkT9m8V8yf8zi/4P8MYv/UvljFv8f5o9Z/H+UP2bxXzp/zOK/TP6YxX/Z/DGL/3L5Yxb/H+ePWfyXzx+z+K+QP2bx/0n+mMV/xfwxi/9K+WMW/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf9v8MYv/dvljFv9f549Z/H+TP2bx3z5/zOK/Q/6YxX/H/DGL/075Yxb/3+aPWfx/lz9m8f99/pjFf+f8MYv/LvljFv8/5I9Z/P+YP2bx3zV/zOL/p/wxi/9u+WMW/93zxyz+e+SPWfz/nD9m8f9L/pjFf8/8MYv/XvljFv+988cs/vvkj1n8980fs/jvlz9m8d8/f8zif0D+mMX/wPwxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/6/5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzxyz+L+WPWfxfzh+z+L+SP2bxfzV/zOL/Wv6Yxf/1/DGL/xv5Yxb/N/PHLP5v5Y9Z/N/OH7P4v5M/JvEffiB/zOI/KH/M4j9M/pjFf9j8MYv/4Pwxi/9w+WMW/+Hzxyz+I+SPWfxHzB+z+I+UP2bxHzl/zOI/Sv6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4v+p/DGL/zj5Yxb/cfPHLP6fzh+z+I+XP2bxHz9/zOL/mfwxi/8E+WMW/8/mj1n8J8wfs/hPlD9m8Z84f8ziP0n+mMV/0vwxi//n8scs/pPlj1n8J88fs/hPkT9m8Z8yf8ziP1X+mMX/8/ljFv+p88cs/l/IH7P4fzF/zOL/pfwxi/+X88cs/l/JH7P4fzV/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/GfMH7P4fy1/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP5fzx+z+M+WP2bx/0b+mMX/m/ljFv/Z88cs/t/KH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8V8wf8zi/+38MYv/d/LHLP4L5Y9Z/L+bP2bxXzh/zOL/vfwxi//388cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMV/yfwxi/8P8scs/kvlj1n8f5g/ZvH/Uf6YxX/p/LH/UP9BH7Iefpn8sf9Q/3f7++1/2fwxi/9y+WMW/x/nj1n8l88fs/ivkD9m8f9J/pjFf8X8sUEXDRo6M//Z/ivlj1m2/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf9v8MYv/dvljFv9f549Z/H+TP2bx3z5/zOK/Q/6YxX/H/DGL/075Yxb/3+aPWfx/lz9m8f99/pjFf+f8MYv/LvljFv8/5I9Z/P+YP2bx3zV/zOL/p/wxi/9u+WMW/93zxyz+e+SPWfz/nD9m8f9L/pjFf8/8MYv/XvljFv+988cs/vvkj1n8980fs/jvlz9m8d8/f8zif0D+mMX/wPwxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/6/5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzHxgJLrP4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljFv/X88cs/m/kj1n838wfs/i/lT9m8X87f8zi/07+mMR/hIH8MYv/oPwxi/8w+WMW/2Hzxyz+g/PHLP7D5Y9Z/IfPH7P4j5A/ZvEfMX/M4j9S/pjFf+T8MYv/KPljFv9R88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+QxvxH85Z/MfOH7P4fyp/zOI/Tv6YxX/c/DGL/6fzxyz+4+WPWfzHzx+z+H8mf8ziP0H+mMX/s/ljFv8J88cs/hPlj1n8J84fs/hPkj9m8Z80f8zi/7n8MYv/ZPljFv/J88cs/lPkj1n8p8wfs/hPlT9m8f98/pjFf+r8MYv/F/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/GfPHLP5fyx+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/9fzxyz+s+WPWfy/kT9m8f9m/pjFf/b8MYv/t/LHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/gvkj1n8F8wfs/h/O3/M4v+d/DGL/0L5Yxb/7+aPWfwXzh+z+H8vf8zi//38MYv/IvljFv9F88cs/ovlj1n8F88fs/gvkT9m8V8yf8zi/4P8MYv/UvljFv8f5o9Z/H+UP2bxXzp/zOK/TP6YxX/Z/DGL/3L5Yxb/H+ePWfyXzx+z+K+QP2bx/0n+mMV/xfwxi/9K+WMW/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf1v0b42w+G+XNmbx/3X+mMX/N/ljFv/t88cs/jvkj1n8d3zP/613Pqlx/Ztm8d+p7R+z+P82f8zi/7v8MYv/7/PHLP47549Z/HfJH7P4/yF/zOL/x/wxi/+u+WMW/z/lj1n8d8sfs/jvnj9m8d8jf8zi/+f8MYv/X/LHLP575o9Z/PfKH7P4750/ZvHfJ3/M4r9v/pjFf7/8MYv//vljFv8D8scs/gfmj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5/zR+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxi/+r+WMW/9fyxyz+r+ePWfzfyB+z+L+ZP2bxfyt/zOL/dv6Yxf+d/DGJ/4gD+WMW/0H5Yxb/YfLHLP7D5o9Z/Afnj1n8h8sfs/gPnz9m8R8hf8ziP2L+mMV/pPwxi//I+WMW/1Hyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/T+WPWfzHyR+z+I+bP2bx/3T+mMV/vPwxi//4+WMW/8/kj1n8J8gfs/h/Nn/M4j9h/pjFf6L8MYv/xPljFv9J8scs/pPmj1n8P5c/ZvGfLH/M4j95/pjFf4r8MYv/lPljFv+p8scs/p/PH7P4T50/ZvH/Qv6Yxf+L+WMW/y/lj1n8v5w/ZvH/Sv6Yxf+r+WMW/2nyxyz+0+aPWfynyx+z+E+fP2bxnyF/zOI/Y/6Yxf9r+WMW/5nyxyz+M+ePWfxnyR+z+M+aP2bx/3r+mMV/tvwxi/838scs/t/MH7P4z54/ZvH/Vv6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjFf4H8MYv/gvljFv9v549Z/L+TP2bxXyh/zOL/3fwxi//C+WMW/+/lj1n8v58/ZvFfJH/M4r9o/pjFf7H8MYv/4vljFv8l8scs/kvmj1n8f5A/ZvFfKn/M4v/D/DGL/4/yxyz+S+ePWfyXyR+z+C+bP2bxXy5/zOL/4/wxi//y+WMW/xXyxyz+P8kfs/ivmD9m8V8pf8ziv3L+mMV/lfwxi/+q+WMW/9Xyxyz+q+ePWfx/mj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfx/lj9m8V8vf8ziv37+mMV/g/wxi//P88cs/hvmj1n8f5E/ZvHfKH/M4r9x/pjFf5P8MYv/L/PHLP6/yh+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/r/DGL/2/yxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/2/wxi//v8scs/r/PH7P475w/ZvHfJX/M4v+H/DGL/x/zxyz+u+aPWfz/lD9m8d8tf8ziv3v+mMV/j/wxi/+f88cs/n/JH7P475k/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8D8gfs/gfmD9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4/zV/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYP/oMEDIz6dP2bwH7L9P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/ljFv8X88cs/i/lj1n8X84fs/i/kj9m8X81f8zi/1r+mMX/9fwxi/8b+WMW/zfzxyz+b+WPWfzfzh+z+L+TPybxH2kgf8ziPyh/zOI/TP6YxX/Y/DGL/+D8MYv/cPljFv/h88cs/iPkj1n8R8wfs/iPlD9m8R85f8ziP0r+mMV/1Pwxi/9o+WMW/9Hzxyz+Y+SPWfzHzB+z+I+VP2bxHzt/zOL/qfwxi/84+WMW/3Hzxyz+n84fs/iPlz9m8R8/f8zi/5n8MYv/BPljFv/P5o9Z/CfMH7P4T5Q/ZvGfOH/M4j9J/pjFf9L8MYv/5/LHLP6T5Y9Z/CfPH7P4T5E/ZvGfMn/M4j9V/pjF//P5Yxb/qfPHLP5fyB+z+H8xf8zi/6X8MYv/l/PHLP5fyR+z+H81f8ziP03+mMV/2oGBzT+pIf07Z/Gfru0fs/hPnz9m8Z8hf8ziP2P+mMX/a/ljFv+Z8scs/jPnj1n8Z8kfs/jPmj9m8f96/pjFf7b8MYv/N/LHLP7fzB+z+M+eP2bx/1b+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/b+ePWfy/kz9m8V8of8zi/938MYv/wvljFv/v5Y9Z/L+fP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP5L5o9Z/H+QP2bxXyp/zOL/w/wxi/+P8scs/kvnj1n8l8kfs/gvmz9m8V8uf8zi/+P8MYv/8vljFv8V8scs/j/JH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/qvnj1n8f5o/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/uvmj1n8f5Y/ZvFfL3/M4r9+/pjFf4P8MYv/z/PHLP4b5o9Z/H+RP2bx3yh/zOK/cf6YxX+T/DGL/y/zxyz+v8ofs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/6/wxi/9v8scs/tvnj1n8d8gfs/jvmD9m8d8pf8zi/9v8MYv/7/LHLP6/zx+z+O+cP2bx3yV/zOL/h/wxi/8f88cs/rvmj1n8/5Q/ZvHfLX/M4r97/pjFf4/8MYv/n/PHLP5/yR+z+O+ZP2bx3yt/zOK/d/6YxX+f/DGL/775Yxb//fLHLP77549Z/A/IH7P4H5g/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+P81f8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf8zi/2b+mMX/rfwxi//b+WMW/3fyxyT+Iw/kj1n8B+WPWfyHyR+z+A+bP2bxH5w/ZvEfLn/M4j98/pjFf4T8MYv/iPljFv+R8scs/iPnj1n8R8kfs/iPmj9m8R8tf8ziP3r+mMV/jPwxi/+Y+WMW/7Hyxyz+Y+ePWfw/lT9m8R8nf8ziP27+mMX/0/ljFv/x8scs/uPnj1n8P5M/ZvGfIH/M4v/Z/DGL/4T5Yxb/ifLHLP4T549Z/CfJH7P4T5o/ZvH/XP6YxX+y/DGL/+T5Yxb/KfLHLP5T5o9Z/KfKH7P4fz5/zOI/df6Yxf8L+WMW/y/mj1n8v5Q/ZvH/cv6Yxf8r+WMW/6/mj1n8p8kfs/hPmz9m8Z8uf8ziP33+mMV/hvwxi/+M+WMW/6/lj1n8Z8ofs/jPnD9m8Z8lf8ziP2v+mMX/6/ljFv/Z8scs/t/IH7P4fzN/zOI/e/6Yxf9b+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/L+dP2bx/07+mMV/ofwxi/9388cs/gvnj1n8v5c/ZvH/fv6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4L5k/ZvH/Qf6YxX+p/DGL/w/zxyz+P8ofs/gvnT9m8V8mf8ziv2z+mMV/ufwxi/+P88cs/svnj1n8V8gfs/j/JH/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/ivnj9m8f9p/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8f9Z/pjFf738MYv/+vljFv8N8scs/j/PH7P4b5g/ZvH/Rf6YxX+j/DGL/8b5Yxb/TfLHLP6/zB+z+P8qf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/6/zxyz+v8kfs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/9v88cs/r/LH7P4/z5/zOK/c/6YxX+X/DGL/x/yxyz+f8wfs/jvmj9m8f9T/pjFf7f8MYv/7vljFv898scs/n/OH7P4/yV/zOK/Z/6YxX+v/DGL/975Yxb/ffLHLP775o9Z/PfLH7P4758/ZvE/IH/M4n9g/pjF/6D8MYv/wfljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvE/I3/M4n9m/pjF/6z8MYv/2fljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zif2H+mMX/ovwxi//F+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOL/1/wxi/+V+WMW/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfs/i/mj9m8X8tf8zi/3r+mMX/jfwxi/+b+WMW/7fyxyz+b+ePWfzfyR+T+I8ykD9m8R+UP2bxHyZ/zOI/bP6YxX9w/pjFf7j8MYv/8PljFv8R8scs/iPmj1n8R8ofs/iPnD9m8R8lf8ziP2r+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bx/1T+mMV/nPwxi/+4+WMW/0/nj1n8x8sfs/iPnz9m8f9M/pjFf4L8MYv/Z/PHLP4T5o9Z/CfKH7P4T5w/ZvGfJH/M4j9p/pjF/3P5Yxb/yfLHLP6T549Z/KfIH7P4T5k/ZvGfKn/M4v/5/DGL/9T5Yxb/L+SPWfy/mD9m8f9S/pjF/8v5Yxb/r+SPWfy/mj9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+M+aPWfy/lj9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/6/nj1n8Z8sfs/h/I3/M4v/N/DGL/+z5Yxb/b+WPWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/BfIH7P4L5g/ZvH/dv6Yxf87+WMW/4Xyxyz+380fs/gvnD9m8f9e/pjF//v5Yxb/RfLHLP6L5o9Z/BfLH7P4L54/ZvFfIn/M4r9k/pjF/wf5Yxb/pfLHLP4/zB+z+P8of8ziv3T+mMV/mfwxi/+y+WMW/+Xyxyz+P84fs/gvnz9m8V8hf8zi/5P8MYv/ivljFv+V8scs/ivnj1n8V8kfs/ivmj9m8V8tf8ziv3r+mMX/p/ljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8ziv27+mMX/Z/ljFv/18scs/uvnj1n8N8gfs/j/PH/M4r9h/pjF/xf5Yxb/jfLHLP4b549Z/DfJH7P4/zJ/zOL/q/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/7fLHLP6/zh+z+P8mf8ziv33+mMV/h/wxi/+O+WMW/53yxyz+v80fs/j/Ln/M4v/7/DGL/875Yxb/XfLHLP5/yB+z+P8xf8ziv2v+mMX/T/ljFv/d8scs/rvnj1n898gfs/j/OX/M4v+X/DGL/575Yxb/vfLHLP57549Z/PfJH7P475s/ZvHfL3/M4r9//pjF/4D8MYv/gfljFv+D8scs/gfnj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/mflj7/sPjDgw8J/sf1b+mGX7Pzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8/5o/ZvG/Mn/M4n9V/pjF/+r8MYv/NfljFv9r88cs/tflj1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/ljzn8k/+oHP4DozzRWoBZ/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+z+L+VP2bxfzt/zOL/Tv6YxH/Ugfwxi/+g/DGL/zD5Yxb/YfPHLP6D88cs/sPlj1n8h88fs/iPkD9m8R8xf8ziP1L+mMV/5Pwxi/8o+WMW/1Hzxyz+o+WPWfxHzx+z+I+RP2bxHzN/zOI/Vv6YxX/s/DGL/6fyxyz+4+SPWfzHzR+z+H86f8ziP17+mMV//Pwxi/9n8scs/hPkj1n8P5s/ZvGfMH/M4j9R/pjFf+L8MYv/JPljFv9J88cs/p/LH7P4T5Y/ZvGfPH/M4j9F/pjFf8r8MYv/VPljFv/P549Z/KfOH7P4fyF/zOL/xfwxi/+X8scs/l/OH7P4fyV/zOL/1fwxi/80+WMW/2nzxyz+0+WPWfynzx+z+M+QP2bxnzF/zOL/tfwxi/9M+WMW/5nzxyz+s+SPWfxnzR+z+H89f8ziP1v+mMX/G/ljFv9v5o9Z/GfPH7P4fyt/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4r9A/pjFf8H8MYv/t/PHLP7fyR+z+C+UP2bx/27+mMV/4fwxi//38scs/t/PH7P4L5I/ZvFfNH/M4r9Y/pjFf/H8MYv/EvljFv8l88cs/j/IH7P4L5U/ZvH/Yf6Yxf9H+WMW/6Xzxyz+y+SPWfyXzR+z+C+XP2bx/3H+mMV/+fwxi/8K+WMW/5/kj1n8V8wfs/ivZPT/F+6wxX9lo/+/kMV/lfwxi/+q+WMW/9Xyxyz+q+ePWfx/mj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfx/lj9m8V8vf8ziv37+mMV/g/wxi//P88cs/hvmj1n8f5E/ZvHfKH/M4r9x/pjFf5P8MYv/L/PHLP6/yh+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/r/DGL/2/yxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/2/wxi//v8scs/r/PH7P475w/ZvHfJX/M4v+H/DGL/x/zxyz+u+aPWfz/lD9m8d8tf8ziv3v+mMV/j/wxi/+f88cs/n/JH7P475k/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8D8gfs/gfmD9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4/zV/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+z+L+eP2bxfyN/zOL/Zv6Yxf+t/DGL/9v5Yxb/d/LHJP6jDeSPWfwH5Y9Z/IfJH7P4D5s/ZvEfnD9m8R8uf8ziP3z+mMV/hPwxi/+I+WMW/5Hyxyz+I+ePWfxHyR+z+I+aP2bxHy1/zOI/ev6YxX+M/DGL/5j5Yxb/sfLHLP5j549Z/D+VP2bxHyd/zOI/bv6Yxf/T+WMW//Hyxyz+4+ePWfw/kz9m8Z8gf8zi/9n8MYv/hPljFv+J8scs/hPnj1n8J8kfs/hPmj9m8f9c/pjFf7L8MYv/5PljFv8p8scs/lPmj1n8p8ofs/h/Pn/M4j91/pjF/wv5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfynyR+z+E+bP2bxny5/zOI/ff6YxX+G/DGL/4z5Yxb/r+WPWfxnyh+z+M+cP2bxnyV/7B/8h1425ic8pv9PfYT/rPljlu3/6/ljFv/Z8scs/t/IH7P4fzN/zOI/e/6Yxf9b+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/L+dP2bx/07+mMV/ofwxi/9388cs/gvnj1n8v5c/ZvH/fv6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4L5k/ZvH/Qf6YxX+p/DGL/w/zxyz+P8ofs/gvnT9m8V8mf8ziv2z+mMV/ufwxi/+P88cs/svnj1n8V8gfs/j/JH/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/ivnj9m8f9p/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8f9Z/pjFf738MYv/+vljFv8N8scs/j/PH7P4b5g/ZvH/Rf6YxX+j/DGL/8b5Yxb/TfLHLP6/zB+z+P8qf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/6/zxyz+v8kfs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/9v88cs/r/LH7P4/z5/zOK/c/6YxX+X/LH/VP8RP+T/h/yx/1T/gQ/5/zF/zOK/a/6Yxf9P+WMW/93yxyz+u+ePWfz3yB+z+P85f8zi/5f8MYv/nvljFv+98scs/nvnj1n898kfs/jvmz9m8d8vf8ziv3/+mMX/gPwxi/+B+WMW/4Pyxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL/4X5Yxb/i/LHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/X/PHLP5X5o9Z/K/KH7P4X50/ZvG/Jn/M4n9t/pjF/7r8MYv/9fljFv8b8scs/jfmj1n8b8ofs/jfnD9m8b8lf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+d+aPWfzvyh+z+N+dP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP4P5o9Z/B/KH7P4P5w/ZvF/5MP+W/wvj+vfNIv/o23/mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljFv838scs/m/mj1n838ofs/i/nT9m8X8nf0ziP/pA/pjFf1D+mMV/mPwxi/+w+WMW/8H5Yxb/4fLHLP7D549Z/EfIH7P4j5g/ZvEfKX/M4j9y/pjFf5T8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMX/U/ljFv9x8scs/uPmj1n8P50/ZvEfL3/M4j9+/pjF/zP5Yxb/CfLHLP6fzR+z+E+YP2bxnyh/zOI/cf6YxX+S/DGL/6T5Yxb/z+WPWfwnyx+z+E+eP2bxnyJ/zOI/Zf6YxX+q/DGL/+fzxyz+U+ePWfy/kD9m8f9i/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9a/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v54/ZvGfLX/M4v+N/DGL/zfzxyz+s+ePWfy/lT9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6Yxf/b+WMW/+/kj1n8F8ofs/h/N3/M4r9w/pjF/3v5Yxb/7+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL/5L5Yxb/H+SPWfyXyh+z+P8wf8zi/6P8MYv/0vljFv9l8scs/svmj1n8l8sfs/j/OH/M4r98/pjFf4X8MYv/T/LHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv+f5o9Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv+f5Y9Z/NfLH7P4r58/ZvHfIH/M4v/z/DGL/4b5Yxb/X+SPWfw3yh+z+G+cP2bx3yR/zOL/y/wxi/+v8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy3yx+z+P86f8zi/5v8MYv/9vljFv8d8scs/jvmj1n8d8ofs/j/Nn/M4v+7/DGL/+/zxyz+O+ePWfx3yR+z+P8hf8zi/8f8MYv/rvljFv8/5Y9Z/HfLH7P4754/ZvHfI3/M4v/n/DGL/1/yxyz+e+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+f80fs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT9m8X8rf8zi/3b+mMX/nfwxif8YA/ljFv9B+WMW/2Hyxyz+w+aPWfwH549Z/IfLH7P4D58/ZvEfIX/M4j9i/pjFf6T8MYv/yPljFv9R8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/0/lj1n8x8kfs/iPmz9m8f90/pjFf7z8MYv/+PljFv/P5I9Z/CfIH7P4fzZ/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/D+X//+PnbsP97qu7zj+454sZ592Xeo122UXGnNtRiKjUQtRUTzenDLRzHuEw01yIzcSYApstFLHpkvdLNjEwjFnq5Y43Fx3KxqWNVsjtlY5xbUwxhwsMmfsOnAOwdnbc+182ffr8v14/ME5v9/x/Ut5Xi9/Py+uq1CW/sP0D2Xpf5z+oSz9j9c/lKX/a/UPZek/XP9Qlv6/oH8oS/8T9A9l6f+L+oey9H+d/qEs/X9J/1CW/r+sfyhL/xP1D2Xp/3r9Q1n6j9A/lKX/G/QPZel/kv6hLP1H6h/K0v9k/UNZ+o/SP5Sl/6/oH8rSf7T+oSz936h/KEv/X9U/lKX/GP1DWfq/Sf9Qlv5v1j+Upf+v6R/K0v8t+oey9B+rfyhL/1P0D2XpP07/UJb+p+ofytL/NP1DWfqfrn8oS//x+oey9D9D/1CW/mfqH8rSf4L+oSz9z9I/lKV/m/6hLP3P1j+Upf85+oey9D9X/1CW/ufpH8rSv13/UJb+b9U/lKX/2/QPZel/vv6hLP3frn8oS/8L9A9l6T9R/1CW/hfqH8rS/yL9Q1n6v0P/UJb+F+sfytL/nfqHsvS/RP9Qlv6X6h/K0v8y/UNZ+l+ufyhL/yv0D2Xpf6X+oSz9r9I/lKX/JP1DWfpfrX8oS//J+oey9J+ifyhL/w79Q1n6T9U/lKX/NP1DWfpP1z+Upf8M/UNZ+r9L/1CW/tfoH8rSf6b+oSz9Z+kfytJ/tv6hLP3n6B/K0v9a/UNZ+s/VP5Sl/zz9Q1n6z9c/lKX/Av1DWfpfp38oS/+F+oey9H+3/qEs/RfpH8rSf7H+oSz9l+gfytL/ev1DWfq/R/9Qlv436B/K0v9G/UNZ+i/VP5Sl/zL9Q1n6L9c/lKX/r+sfytL/N/QPZem/Qv9Qlv7v1T+Upf9v6h/K0v99+oey9H+//qEs/W/SP5Sl/836h7L0v0X/UJb+v6V/KEv/lfqHsvT/bf1DWfr/jv6hLP1v1T+Upf9t+oey9P9d/UNZ+n9A/1CW/rfrH8rS/w79Q1n636l/KEv/39M/lKX/7+sfytL/Lv1DWfp/UP9Qlv4f0j+Upf8q/UNZ+q/WP5Sl/x/oH8rS/w/1D2Xpf7f+oSz91+gfytL/Hv1DWfp/WP9Qlv4f0T+Upf9a/UNZ+t+rfyhL/z/SP5Sl/zr9Q1n6/7H+oSz979M/lKX/n+gfytL/fv1DWfp/VP9Qlv5/qn8oS/+P6R/K0v/j+oey9P+E/qEs/f9M/1CW/p/UP5Sl/wP6h7L0X69/KEv/B/UPZen/5/qHsvTfoH8oS/+H9A9l6f8X+oey9P9L/UNZ+j+sfyhL/7/SP5Sl/6f0D2Xp/2n9Q1n6f0b/UJb+n9U/lKX/5/QPZen/1/qHsvT/vP6hLP2/oH8oS/+N+oey9P+i/qEs/f9G/1CW/pv0D2Xp/4j+oSz9v6R/KEv/L+sfytL/Uf1DWfp/Rf9Qlv5f1T+Upf/f6h/K0v8x/UNZ+n9N/1CW/n+nfyhL/6/rH8rS/+/1D2Xpv1n/UJb+39A/lKX/Fv1DWfr/g/6hLP3/Uf9Qlv7f1D+Upf8/6R/K0v9b+oey9P+2/qEs/b+jfyhL/8f1D2Xp/8/6h7L0f0L/UJb+T+ofytJ/q/6hLP2f0j+Upf+/6B/K0v+7+oey9P9X/UNZ+n9P/1CW/tv0D2Xp/7T+oSz9v69/KEv/7fqHsvT/N/1DWfrv0D+Upf+/6x/K0v8Z/UNZ+v+H/qEs/XfqH8rSf5f+oSz9/1P/UJb+P9A/lKX/bv1DWfr/UP9Qlv7P6h/K0v9H+oey9H9O/1CW/v+lfyhL/+f1D2Xp/2P9Q1n679E/lKT/K1v6h7L076d/KEv//vqHsvQfoH8oS/+B+oey9B+kfyhL/8H6h7L0H6J/KEv/ofqHsvR/mf6hLP0P0z+Upf/L9Q9l6f8K/UNZ+h+ufyhL/5/RP5Sl/xH6h15y/QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6/mb94yTWTZs7smOcb3/jGN/u/ebH/zQQAAPxf+8mH/hf77wQAAAAAAAAAAAAAAAAAAADyauL/TuzF/mcEAAAAAAAAAAAAAICfdm3tp24f0O+gpwYc+ODnH+3Y+3XU7ounr137YOn+2vXjc4KX7H/ggz179uxZ/czY8V0Ph7Rarc7/tVd2PR7a87jz9Zcdu+rofY/KuM/f+fgVEw8/d9762wZ+Y/Ut7U8P2vvsoNZVU2fM7HhD/1arnD6otajzwUn9Wq1y5qDWrZ0PRnY+mDCota7zwcl7H7ys9ZnOB6+fPGfmlM4nzqr8ewYvFW3ty1oDDlps66B/Gxy4/2XHPjG9+2svL9n9agNbXfsftv5LR/X4WbcX2H/365dTe+6/z/+AwAvq2/6f3dL9tZeX/B/v/x/etHtJ9LMX3n/365fT7B/qE3z+P2ijPT/39/j8/5rgJfffnzJ00+2d+2+78L5Xdz018H/z+f8nr19O77n//gd9/u/8HD+++/P/kFarnHGIvx2QSlv78u29vf/3vv+BP9fjpt+B+7/nK1tf0bn/e59rreh6alAf9z++t/f/m3r8vQJ909a+Zk+P9/8+7L81PHjJ/fvftv7wvZ//t94/+cgDftaX/Z/Rc/8jFsy6dsT8xUtOnDFr0rSOaR2zx4wcfdKoMWNGjx6x9xPBvl8P8TcFkji09//WYT1u+rVaHfvvN953y/jO/e94aMVHup4a2sf9n9nr+/9rvP9DaFj/1uDBrUWTFiyYd9K+X7sfjtz3676/LNh/H/77/7gTuv6y7j8z7NdqHb3/fvgVY4Z07v/6uWVD11OD+7j/Cb3uf9zBf1YJ9M0hvv9P6XFz0P5P2Xbjws79H/+DV23teqqv//1/Vq/7v9v7PxyKtvZWrW+infs/ecjys6tdlzZ//gf1aWL/x+68dVe163K2/UN9mtj/xJVvvrradTnH/qE+Tez/wVlXrqx2Xc61f6hPE/t//md3HVPtupxn/1CfJvb/2HefWlvturTbP9Snif1/8K72k6tdl7faP9Snif2feN0Px1a7Lm+zf6hPE/uf+vIL1lW7LufbP9Snif2fvee0I6tdl7fbP9Snif33W/69ZdWuywX2D/VpYv9PTlo5p9p1mWj/UJ8m9r/u2OHPVrsuF9o/1KeJ/a94+o0Tql2Xi+wf6tPE/r96x6rHql2Xd9g/1KeJ/X/isletqnZdLrZ/qE8T+//RsIcOq3Zd3mn/UJ8m9r9587oHql2XS+wf6tPE/levGzCs2nW51P6hPk3sf+lZ0x6tdl0us3+oTxP7HzX6y5dWuy6X2z/Up4n9H/25bz1V7bpcYf9Qnyb2f8HDC+dXuy5X2j/Up4n9Lzzm4z+udl2usn+oTxP7f0vHMdOrXZdJ9g/1aWL/5bbDNle7LlfbP9Snif1fsmPNuGrXZbL9Q32a2P+GI77wsWrXZYr9Q32a2P/OubPHVLsuHfYP9Wli/99579L3VbsuU+0f6tPE/m9/7uul2nWZZv9Qnyb2v23kJZdVuy7T7R/q08T+15z7zCPVrssM+4f6NLH/lRseX1DturzL/qE+Tex/48Zznqh2Xa6xf6hPE/s/fviIw6tdl5n2D/VpYv9zLl7xoWrXZZb9Q32a2P/p99/x2mrXZbb9Q32a2P/Qr439ZLXrMsf+oT5N7P/TY9//qWrX5Vr7h/o0sf9d4447odp1mWv/UJ8m9r/lgZF3Vrsu8+wf6tPE/j/wyF0Vr8t8+4f6NLH/ua97fke167LA/qE+Tez/TRMvWlztulxn/1CfJvZ/5N0Tvljtuiy0f6hPE/u//NvfP7/adXm3/UN9mtj/cUdd/epq12WR/UN9mtj/9Bmbbq52XRbbP9Snif2PX71lVLXrssT+oT5N7P+IJ+ffU+26XG//UJ8m9r99wFHnVbsu77F/qE8T+7/3hoe/We263GD/UJ8m9n/zTR/tqHZdbrR/qE8T+//s7sE7q12XpfYPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/zQ4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAPHAgAAAADC/K2D6N0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICjAAAA//8mu+jL")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x143040, 0x30)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x109142, 0x84)
ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f00000000c0)={{r0}})

5.859261834s ago: executing program 0 (id=1433):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f00000002c0)={[0x3000, 0x2000, 0x200000, 0xfec00000], 0x6, 0x10, 0x1000})

5.584013818s ago: executing program 0 (id=1435):
mprotect(&(0x7f00001b9000/0x2000)=nil, 0x2000, 0x8)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000040), 0x0}, 0x0)
preadv2(r0, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fee00}], 0x2, 0x0, 0x0, 0x0)

4.912944237s ago: executing program 0 (id=1438):
socket(0x10, 0x803, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc0)
mkdirat(0xffffffffffffff9c, 0x0, 0x108)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x181)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x14a0, &(0x7f0000000700)=ANY=[], 0x1, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r4, 0x402, 0x91ea6c1af182532)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x108)
mount(0x0, 0x0, 0x0, 0x1214040, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

4.42706947s ago: executing program 5 (id=1440):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000004c0)={r0, &(0x7f0000000300), 0x0}, 0x20)

4.344026817s ago: executing program 5 (id=1442):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x42802, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x4, <r2=>0xffffffffffffffff})
mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x1800002, 0x11, r2, 0x0)

4.334490579s ago: executing program 1 (id=1443):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2840, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_TSC_KHZ_vm(r2, 0xaea2, 0x0)

4.119075357s ago: executing program 5 (id=1445):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0xea}]}}}]}, 0x3c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x1}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x50}}, 0x0)

4.054300183s ago: executing program 1 (id=1446):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$radio(0x0, 0x0, 0x2)
gettid()
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
prctl$PR_SET_THP_DISABLE(0x44, 0x200000000003)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x1b}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="28000000350001002bbd7004fedbdb250400000008000400020000000c0005"], 0x28}, 0x1, 0x0, 0x0, 0x20040050}, 0x24000080)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003e40)=@newtaction={0x60, 0x30, 0xffff, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x9, 0x4, 0x5, 0x1}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0)

3.97038074s ago: executing program 5 (id=1447):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x10, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000000000000000000000000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fe8000000000000000000000000000bb"], 0x190)
syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x30, 0x3a, 0x0, @remote, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x5dc, {0x0, 0x6, "8cb02b", 0x0, 0x2f, 0x0, @loopback={0x4000000}, @empty}}}}}}}, 0x0)

3.740184681s ago: executing program 5 (id=1448):
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
readv(r0, &(0x7f0000000300)=[{&(0x7f0000000000)=""/113, 0x71}], 0x1)

3.719082222s ago: executing program 3 (id=1449):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r2, @ANYBLOB="08002600940900000800b700"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

2.981227048s ago: executing program 1 (id=1450):
r0 = socket$netlink(0x10, 0x3, 0x4)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfd, 0x2ffffffff}, 0xc)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
close(r1)

2.906449174s ago: executing program 3 (id=1451):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000003c0)={0x2, 0x0, [{0x40000002, 0x0, 0x2}, {0x40000002}]})

2.779957856s ago: executing program 1 (id=1452):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x503, &(0x7f0000000fc0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPILUhcaModhzFTmlCD+mZKxKVOMGRP4BzT9y5IHrjUg5I/IhADRIHoxlPUje1m6hJ7Gz8+UijeW/e1N/vazrvxS+NXwBD62pE7EbEWETcjojp7HouO+KT9pHc93Tv/tL+3v2lXLRan/0zl7Yn16LjzySuZK9ZjIgffS/ip7kX4za2d9YWq9XKZlafbdY2ZhvbOzdWa4srlZXKerm8ML8w99HND8tn1td3amNZ6atP/rj7rZ8naU1lVzr7cZbaXS8cxkmMRsQPziPYAIxk/RkbdCK8knxEvBkR76bP/3SMpF9NAOAya7WmozXdWQcALrt8ugaWy5eytYCpyOdLpfYa3lsxma/WG83rd+pb68vttbKZKOTvrFYrc9la4UwUckl9Pi0/q5eP1G9GxBsR8cvxibReWqpXlwf5jQ8ADLErR+b//4y3538A4JIrDjoBAKDvzP8AMHzM/wAwfMz/ADB82vP/xKDTAAD6yPt/ABg+5n8AGCo//PTT5GjtZ59/vXx3e2utfvfGcqWxVqptLZWW6psbpZV6fSX9zJ7aca9Xrdc35j+IrXsz395oNGcb2zu3avWt9eat9HO9b1UK6V27fegZANDLG+88epxLZuSPJ9IjOvZyKAw0M+C85QedADAwI4NOABgYu33B8DrFe3zLA3BJdNmi9znFbr8g1Gq1WueXEnDOrn3J+j8Mq471f/8LGIaM9X8YXtb/YXi1WrmT7vkfJ70RALjYrPEDPX7+/2Z2/l32w4GfLB+94+F5ZgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX28H+v6VsL/CpyOdLpYjXImImCrk7q9XKXES8HhF/Hi+MJ/X5AecMAJxW/m+5bP+va9PvTz3X9PaVw+JYRPzs15/96t5is7n5p4ix3L/GD643H2bXy/3PHgA43sE8nZ473sg/3bu/dHD0M5+/fzciiu34+3tjsX8YfzRG03MxChEx+e9cVm/LdaxdnMbug4j4Yrf+52IqXQNp73x6NH4S+7W+xs8/Fz+ftrXPyd/FF84gFxg2j5Lx55Nuz18+rqbn7s9/MR2hTi8b/5KXWtpPx8Bn8Q/Gv5Ee49/Vk8b44A/fb5cmXmx7EPHl0YiD2Psd489B/FyP+O+fMP5fvvL2u73aWr+JuBbd43fGmm3WNmYb2zs3VmuLK5WVynq5vDC/MPfRzQ/Ls+ka9Wzv2eAfH19/vVdb0v/JHvGLx/T/6yfs/2//d/vHX3tJ/G++1y1+Pt56SfxkTvzGCeMvTv6+2Kstib/co//Hff2vnzD+k7/uvLBtOAAwOI3tnbXFarWy+TkqPE6+pxl8Ggr9LyT/ZC9AGl0L3+lXrLHo3vSL99rP9JGmVuuVYvUaMc5i1Q24CA4f+oj476CTAQAAAAAAAAAAAAAAuurHbywNuo8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcXv8PAAD//+a4zis=")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20400, 0x0)
r4 = creat(&(0x7f0000000580)='./file1\x00', 0x0)
r5 = fanotify_init(0xf00, 0x1)
fanotify_mark(r5, 0x0, 0x8000022, r4, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r6 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)=@newsa={0x19c, 0x16, 0x633, 0x0, 0x80000000, {{@in=@rand_addr=0x64010100, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in=@multicast2, 0x4d2, 0x32}, @in6=@loopback, {0x0, 0x8000}, {0x5, 0xffffffffffffffff, 0x0, 0x5}, {0x4, 0x2, 0x3dce6aa0}, 0x6, 0x2, 0x0, 0x4, 0x18, 0x19}, [@policy={0xac, 0x7, {{@in=@loopback, @in=@remote, 0x4e25, 0x9, 0x4e23, 0xe, 0xa, 0xc0, 0x20, 0x3a}, {0x1, 0x3, 0x1, 0xfa, 0x9, 0xd2f, 0x3c, 0x8000}, {0x8, 0x81, 0x9, 0x40}, 0x4, 0x6e6bb2, 0x1, 0x1, 0x0, 0x3}}]}, 0x19c}}, 0x0)

2.663474566s ago: executing program 3 (id=1453):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
unshare(0x22020400)
r0 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, 0x0, &(0x7f0000000000))

2.658206916s ago: executing program 0 (id=1454):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)={0x4, 0xc00, 0x200, {0x0, 0x2710}, {0x0, 0x2710}, {}, 0x1, @canfd={{0x2, 0x1, 0x0, 0x1}, 0xa2, 0x6, 0x0, 0x0, "90bd38f4de9b969d99a22c1a11808840004b4e1c537dc61119c864da8f5dc1f2b4c917d0253c6d108ba26575b5a650fb516c85af94f75c4299167d61bca1302f"}}, 0x80}, 0x1, 0x0, 0x0, 0x4004040}, 0x0)

2.461734443s ago: executing program 3 (id=1455):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000280)={0x1, 0x0, [{0x489, 0x0, 0x8000}]})

2.395710119s ago: executing program 0 (id=1456):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0xfa, 0x62a2, &(0x7f000001c2c0)="$eJzs3c9vHGf9B/DP/vSPfJtaPVT9Rgi5aflRSpM4KSFQoO0BDlx6QLmiRK5bRaSAkoDSyiKufOHAib8AhMQRIY6IQ/+AHrhy48SJSDYSqCcGjfd54tnNbteu45215/WS7JnPPDP2M37v7A/vzD4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMT3v/eDtVZE3Ph5WrAS8X/RiWhHLJX1akQsra7k9bsR8VzsNcezEdFbiCi33/v2dMSrEfHx2Yid3c31cvHlA/bju3/82+9+eOatv/6hd/E/f7rXeW3Sevfv/+rff35wtH0GAACApimKomill/nn0uv7dt2dAgBmIj/+F0lefurrX//jrb/MU3/UarVarZ5BXVWM96BaRMRWdZvyOYO34wHghNmKT+ruAjWSf6N1I+JM3Z0A5lqr7g5wLHZ2N9dbKd9W9fFgddCezwUZyn+r9ej6jknTaUbPMZnV7Ws7OvHMhP4szagP8yTn3x7N/8agvZ/WO+78Z2VS/v3BpU+Nk/PvjOY/4vTk3x6bf1Pl/LuHyr8jfwAAAAAAmGP5//8rNb//u3D0XTmQT3v/d3VGfQAAAAAAAACAJ+2o4/89Yvw/AAAAmFvla/XSb87uL5v0WWzl8uutiKdG1gca5qPBZLnufgAAAAAAAAAAAABAk3QH5/Beb0X0IuKp5eWiKMqvqtH6sI66/UnX9P2HJqv7Th4AAAY+PjtyLX8rYjEirkd777P+esvLy0WxuLRcLBdLC/n5bH9hsViqvK7N03LZQv8AT4i7/aL8YYuV7aqmvV6e1j7688rf1S86B+jYE9JLf80JzTWFDQDJ4NFoxyPSKVMUT0968gFDHP+n0Eqs1H27Yv7VfTMFAAAAjl9RFEUrDfN3Lo3v1667UwDATOTH/9H3BQ5UR4xvbx9yfbVarVar1TOpq4rxHlSLiNiqblM+ZzAcPwCcMFvxSd1doEbyb7RuRDxXdyeAudaquwMci53dzfVWyrdVfTxYHbTnc0GG8t9q7W2Xtx83nWb0HJNZ3b62oxPPTOjPszPqwzzJ+bdH878xaO+n9Y47/1mZlH9/75K55sn5d0bzH3F68m+Pzb+pcv7dQ+XfkT8AAAAAAMyx/P//Fe//5l0GAAAAAAAAgBNnZ3dzPV/3mt///9yY9Vz/eTrl/FuHzX8pzcv/RMv5t0fy//LIep3K/MM394//f+1urv/+3j//P08Pmv9CnmmlW1Yr3SJa6Te1uml6lL173Hav0y9/U6/V7nTTOT9F7524FbdjIy4NrdtOf4/99rWh9rKnvaH2y0Pt3cfarwy199LnDhRLuf1CrMdP4na8vddeti1M2f/FKe3FlPacf8f9fyPl/LuVrzL/5dTeGpmWHn7Yfuy4r07H/Z43bn3+l5eOf3em2o7Oo32rKvfvfA392fubnOnHz+5u3Llw/+a9e3fWIk2Gll6ONHnCcv69va+F/fv/Fwbt+X6/erw+/LB/6PznxXZ0J+b/QmW+3N+XZty3OuT8++kr5/92ah9//J/k/Ccf/y/X0B8AAAAAAAAAAAAAAAD4NEVR7F0i+kZEXE3X/9R1bSYAMFv58b9I8nK1Wq1Wz0sdK3vf56Y/6pNcVxXjvV4tIuKj6jblc4ZfjPthAMA8+29E/L3uTlAb+TdY/ry/cvpi3Z0BZuru+x/86Obt2xt37tbdEwAAAAAAAADgs8rjf65Wxn9+MSJWRtYbGv/1zVg96vif3TzzaIDRJzzQ9wTb7X6nXRlu/PnYG5/7wqTxv8/H4+N/5zFxO9X9mKA3pb0/pX1hSvvi2KX7aY290KMi5/98ZbzzMv9zI8OvN2H819Ex75sg53++cnsu8//SyHrV/Ivfzl3+WwddcTvaQ/lfvPfeTy/eff+DV269d/PdjXc3fnxlbe3SlatXr127dvGdW7c3Lg2+H0+v50DOP4997TzQZsn558zl3yw5/y+kWv7NkvP/Yqrl3yw5//x8T/7NkvPPr33k3yw5/5dSLf9myfl/JdXyb5ad3c2FMv+XUy3/ZsnH/1dTLf9myfm/kmr5N0vO/0Kq5d8sOf+LqT5A/j4e/hTJ+ed3uBz/zZLzX0v1lPyXZtUvZiPnfznVjv9myflfSbX8myXn/2qq5d8sOf+vpVr+zZLzv5pq+TdLzv/rqZZ/s+T8r6Va/s2S8/9GquXfLDn/b6Za/s2S838t1fJvlpz/t1It/2bJ+X871fJvlpz/d1It/2bJ+b+eavk3y/7n/5sxY+aUzfTjM29e9z0TAAAAAAAAAAAAADBqFich172PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/YwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2LvXGLnO8g7gZ/bmtUOwgRCc1MDaMcY4S3Z9iS+0LiYQLgFKgYRCL9iud20WfMNrl0CRbBookTAqqqiafmgLKGojVRVWxQdaUZoPVS+foP1Av1RUlZAaVQYFVKS2omw1c9739czs7Mysd7w+e87vJyXP7syZOe+cec+ZeWb9nwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQbOsbZz9by7Ks/l/jf5uy7AX1n9dPbGpc9rrbPUIAAABgpf6v8f/nN6YLjvRxo6Zl/v4V3/rawsLCQvb+4d8b/eLCQrpiIstG12VZ47ro2r9/oNa8TPBENl4bavp9qMfqh3tcP9Lj+tEe14/1uH5dj+vHe1y/aAMssj7/PKZxZ9sbP27KN2l2VzbauG57h1s9UVs3NBQ/y2moNW6zMHoym8tOZ7PZdMvy+bK1xvLf2Fpf11uzuK6hpnVtqc+QH37yRBxDLWzj7S3runGf0fffkE386IefPPEnF6/f06n23Awt95ePc+e2+jg/HS7Jx1rL1qVtEsc51DTOLR2ek+GWcdYat6v/3D7O5/sc5/CNYa6q9ud8PBtq/PztxnYaaf5YL22nLeGy/74vy7IrN4bdvsyidWVD2YaWS4ZuPD/j+Yys30d9Kr04G1nWPN3axzyt15ntrfO0fZ+Iz//WcLuRJcbQ/DR9/1Nji5735c7TqP6ol9pX2ufgoPeVoszBOC++3XjQT3acg9vD4//kjqXnYMe502EOpsfdNAe39ZqDQ2PDjTGnJ6HWuM2NObi7Zfnhxppqjfrcju5zcOrimfNT8x//xGvnzhw/NXtq9uze3bun9+7ff/DgwamTc6dnp/P/3+TWLr4N2VDaB7aFbRf3gVe3Lds8VRe+PLj9cLzLfripbdlB74cj7Q+utjo75OI5ne8bj9Y3+vjVoWyJfazx/Oxa+X6YHnfTfjjStB92fE3psB+O9LEf1pc5v6u/9ywjTf91GsOtei3Y1DQH29+PtM/BQb8fKcocHA/z4l93Lf1asCWM98nJ5b4fGV40B9PDDcee+iXp/f74wUbpNC/vrV9xx1h2aX72wgOPH7948cLuLJRV8ZKmudI+Xzc0PaZs0XwdWvZ8PTL3iifv7XD5prCtxl9b/9/4ks9VfZl9D3R/rhqvbp23Z8ule7JQBmy1t2enV/P69ky9ZJftWV/m01Mrfy+e+tKm4+/oEsff2Pf/NF9fuqsnhkdH8v13OG2d0ZbjcetTNdI4dtUa635+qr/j8Wj4b7WPx3d1OR5vblt20Mfj0fYHF4/HtV6fdqxM+/M5HubJ6enux+P6Mpv3LHdOjnQ9Ht8Xai1s/9eETiH1RU1zZ6l5m9Y1MjIaHtdIXEPrPN3bsvxo6M3q63pmz83N05335fc1nB7dDas1Tyfalh30PE3Hq6Xmaa3Xp283p/35HA/z4q693edpfZln96382Lk+/th07BzrNQdHh8fqYx5NkzA/3i+sj3PwgexEdi47nc00rh1rzKdaY12TD/Y3B8fCf6t9rNzcZQ7ubFt20HMwvY4tNfdqI4sf/AC0P5/jYV489WD3OVhf5k0HBvvedWe4JC3T9N61/fO1pT7zurdtM93Kz7zq4/zbA90/m60vc/rgcvvM7tvp/nDJHR22U/v+u9Q+NZOtznbaHMZ5/eDS26k+nvoyXzzU53w6kmXZ5Y8+1Pi8N/x95S8ufedrLX936fQ3ncsffegHd578u+WMH4C176d52ZC/1jX9Zaqfv/8DAAAAa0Ls+4dCTfT/AAAAUBqx74//KjzLaldu85AAAACAAYt9/0ioSUX+/r/5Tdfnfno5S8n8hSBenzbDI/lyMeM6HX6fWLihfvlDT8/++K8u97fuoSzLfvLIb3ZcfvMjcVy5iTDOaw+3Xr74hpf7Wv+xx24s15xf/1K4//h4+p0GnSK401mWfWPj5xvrmfjA1UZ99pFjjfqeK08+UV/m+UP57/H2z70kX/4PQ/j3yMnjLbd/LmyH74U6/fbO2yPe7qtXX7PlwPturC/errbthY2H/dQH8/uN35PzhSfy5eN2Xmr8f/25Z75aX/7xV3Ue/+WhzuN/Jtzv0w9fn6vPuP95eb5883NQ/z3e7jNh/HF9T4fbP/CVb3Yc/7XP5suff3O+3LFQ4/p3ht+3v/n6XPP2erx2vOVxZW/Jl4vrn/7O7zSuj/cX7799/ONHr7Zsj/b58ew/5/cz1bZ8vDyuJ/rLtvXX76d5fsb1P/Pbx1q2c6/1X3vPcy+v32/7+u9vW2647fbt39j0R5/5fMf1xfEc+fPzLY/nyLvDfhzW/9QHw3wM1//vtc+3rDc69u7W409c/kubLrc8nuitP8rXf+31pxr1PyZ+/Ad3vODOF155ZX3bZdm335vfX6/1n/rjcy3j//LduxrPR7w+ZvTb17+UuP4LH5s8e27+0txM01ZtfHfOO/LxrBtfv6E+3o3h2Nr++9FzFz80e2FiemI6yybK+xV6N+0rof4gL8v+TH/XY+H5vPf3v7Fhxz99Ll7+L4/ml199e/669eqw3BfC5Zvy52+htsL1P7X17sb+XXs2/70lxz4AW7b/58G+FgyPv/19QZzv51/6ocZ2qF/XeN2I+/UKx//dmfx+vh6260L4ZuZtd99YX/Py8bsRrr43399XvP3CYS4+r38anu93fi+//ziu+Hi/G97HfHNz6/Euzo+vXx5qv//Gt3hcCceT7Ep+fVwqbu+rz9/dcXjxe0iyK/c0fv/ddD/3LOthLmX+4/NTp+fOXnp86uLs/MWp+Y9/4uiZc5fOXjza+C7Pox/udfsbx6cNjePTzOz+fdn0+izLzmXTq3DAujXjr//U3/jPP3Zi5sD0jpnZk8cvnbz42PnZC6dOzM+fmJ2Z33H85MnZj/W6/dzM4d17Du09sGfy1NzM4YOHDu09NDl39lx9GPmgetg//ZHJsxeONm4yf3jfod0PPrhvevLMuZnZwwempycv9bp947Vpsn7r35i8MHv6+MW5M7OT83OfmD28+9D+/Xt6fhvgmfMn5yemLlw6O3VpfvbCVP5YJi42Lq6/9vW6PeU0/2/5+9l2tfyL+LJ33b8/fT9r3dOfWvKu8kXavkD0evgumn980fmD/fwe+/7RUJOK9P8AAABQBbHvHws10f8DAABAacS+f12oif4fAAAASiP2/eOhJhXp/+X/5f/7y//n1w8y/98pP5/1lf8flf9fpfz/+Y/mudK1nv+P+Xn5/2q4zfn/Fa9f/l/+v3z5//7z82t9/PL/8v8sVrT8f+z712dZJft/AAAAqILY928INdH/AwAAQGnEvv+OUBP9PwAAAJRG7PtfEGpSkf5f/r+v/P+eXoGr8uf/B3/+/5vP/zv/v/x/rq/8f3xy5P8rY9n5+/c92vKr/H8g/y//L/8v/y//z4qNLnnN7cr/x77/zlCTivT/AAAAUAWx739hqIn+HwAAAEoj9v0bQ030/wAAAFAase/fFGpSkf5f/t/5/+X/5f9Lnf9f6fn/mwYj/782OP9/d/L/Pdx0/n98cPn/jUsPT/5/wOMfHez4i53/7zl8+X9uiaKd/z/2/S8KNalI/w8AAABVEPv+F4ea6P8BAACgNGLf/5JQE/0/AAAAlEbs++8KNalI/7+S/H/MXMv/y//L/+fk/3Olyv93Pf9//pP8f7HI/3dX/vx//n7G+f9vTuXy/wMef7Hz/4M+///ow+23l/+nk6Ll/2Pf/9JQk4r0/wAAAFAFse+/O9RE/w8AAAClEfv+l4Wa6P8BAACgNGLfvznUpCL9v/P/y//L/8v/y/93Xn/v/H9O/r9Y5P+7K3/+/3ad/1/+P5P/r1b+v8ObX/l/Oila/j/2/feEmlSk/wcAAIAqiH3/vaEm+n8AAAAojdj3/0yoif4fAAAASiP2/VtCTSrS/8v/y//L/1cr/3//mPy//H+5yf93J//fg/y//L/8f5/n/19sOfn/db3ujNIoWv4/9v0vDzWpSP8PAAAAVRD7/leEmuj/AQAAoDRi3//KUBP9PwAAAJRG7PsnQk0q0v/L/6+d/H/j+h75/z/7m6demcn/y//3WH9J8/9xGsj/V5z8f3fy/z3I/8v/r9H8/9u+lde1kv+nOoqW/499/9ZQk4r0/wAAAFAFse/fFmqi/wcAAIDSiH3/faEm+n8AAAAojdj3bw81qUj/L/+/dvL/zv8v/y//3/p4nP9f/r8T+f8OmnZS+f8e5P/l/9do/j8b2Pn/47tf+X8Go2j5/9j3vyrUpEvjN9hv4gEAAAButdj37wg1qcjf/wEAAKAKYt//6lAT/T8AAACURuz7d4aaVKT/l/+X/5f/l/+X/++8fvn/tWlt5f/XLbqkaOf/H5P/l/+X/69Y/t/5/xmsouX/Y9//mlCTivT/AAAAUAWx798VaqL/BwAAgNKI//Iu/3ev+n8AAAAoo9j3T4aaVKT/l/+X/69S/r8m/y//L/9femsr/79Y0fL/zv8v/y//L/8v/89KFC3/H/v+14aaVKT/BwAAgCqIff8DoSb6fwAAACiN2PdPhZro/wEAAKA0Yt8/HWpSkf5f/l/+v0r5f+f/l/+X/y8/+f/u5P97kP8vVf4/y+T/64OX/+d2Klr+P/b9u0NNKtL/AwAAQBXEvn9PqIn+HwAAAEoj9v17Q030/wAAAFAase/fF2pSkf5f/l/+X/5f/l/+v/P65f/XJvn/7uT/e5D/X538f6c3Tmtp/EsoZP7f+f+5zYqW/499/4OhJhXp/wEAAKAKYt+/P9RE/w8AAAClEfv+A6Emof+/Rf88CQAAAFhFse8/GGpSkb//y/+XJP//W//Qsm75f/n/busfTP5/vfx/qPL/xVLS/H/7bnHT5P97kP+/Zfn5bGggQ7xt45f/l//n5hQt/x/7/kOhJhXp/wEAAKAKYt//ulAT/T8AAACURuz7fzbURP8PAAAApRH7/p8LNalI/y//X5L8fxv5f/n/but3/n/5/zIraf5/YEqV/x+S/19L+f9+8vNrffzLzf/X2l5A5f8po1uf/48/9Zf/j33/4VCTivT/AAAAUAWx7//5UBP9PwAAAJRG7PtfH2qi/wcAAIDSiH3/kVCTivT/N5H/b1wp/99K/r91/PL/nedHtfL/r8/aFTH/X5888v/lUuD8/2g/65f/d/5/+f9VGX/7S81Axu/8//L/LFa08//Hvv8NoSYV6f8BAACgCmLf/1Coif4fAAAASiP2/W8MNdH/AwAAQGnEvv9NoSYV6f+d/1/+X/5f/t/5/zuvX/5/bSpw/r8v8v/y//L/a3f88v/y/yxWtPx/7PsfDjWpSP8PAAAAVRD7/jeHmuj/AQAAoDRi3/+WUBP9PwAAAJRG7PvfGmpSkf5f/l/+X/5f/l/+v/P65f/XJvn/7uT/e5D/l/+X/5f/Z6CKlv+Pff/bQk0q0v8DAABAFcS+/5FQE/0/AAAAlEbs+98eaqL/BwAAgNKIff87Qk0q0v/L/8v/y//L/8v/d16//P/aJP/f3erk/0fT3cj/y//L/692/n88k/+nSIqW/499/ztDTSrS/wMAAEAVxL7/F0JN9P8AAABQGrHvf1eoif4fAAAASiP2/b8YalKR/l/+X/6/WPn/hcvNt5P/l//PBpX/r99I/r8S5P+7c/7/Hjrk/9fJ/8v/r6n8v/P/UyxFy//Hvv/doSYV6f8BAACgCmLf/55QE/0/AAAAlEbs+98baqL/BwAAgNKIff+joSYV6f/l/yuZ/08PuXj5f+f/7yf/P7JR/j9z/n/5/yXI/3cn/9+D8//L/8v/y/8zUEXL/8e+/7FQk4r0/wAAAFAFse9/X6iJ/h8AAABKI/b9vxRqov8HAACA0oh9//tDTSrS/8v/VzL/X+Dz/5ct/z/SMj+qdP7/8abnM81L+X/5/1Ug/9+d/H8P8v/y/0XO/4fZvH6J28v/U0RFy//Hvv8DoSYV6f8BAACgCmLf/8uhJvp/AAAAKI3Y9/9KqIn+HwAAAEoj9v2/GmpSkf6/hPn/K5n8v/x/YfL/rfOjSvl/5/9fTP5/dcj/dyf/34P8v/x/kfP/Pcj/U0RFy//Hvv/XQk2WbPx+8F99PEwAAACgQGLf/8FQk4r8/R8AAACqIPb9R0NN9P8AAABQGrHvPxZqUpH+v4T5/xWe/z+eUbVX/r/1zKvy/63jl//POsyPIfl/+X/5/1UwuPz/y+7MMvl/+X/5f/l/+X/5f1aiaPn/2PcfDzWpSP8PAAAAVRD7/l8PNdH/AwAAQGnEvv9EqIn+HwAAAApvJCWCu4t9/0yoSUX6/9uY/x8tZv6/bOf/r4X7vvX5/5/I/zv/fyD/35n8/+pw/v/u5P97kP+X/5f/l/9noIqW/499/2yoSUX6fwAAACix9HFw7PtPhpro/wEAAKA0Yt9/KtRE/w8AAAClEfv+D4WaVKT/d/7/suf/nf+/mPn/kZbl5f9z8v/y/4Mg/9/dAPP/Y3F88v/y/5H8v/y//D/tipb/j33/XKhJRfp/AAAAqILY93841ET/DwAAAKUR+/6PhJro/wGA/2fvPr4sK8s9jm+4dBpd/wTHjBzqCP8Ep85cy6kYMYfuNmfFnANmMWcxgGLOAXPCnCNiQNcqF13P83RXn1P7VHWdqrP3+34+kwe4NHUaCu763V7f+wIAzcjdf7+4pZP9P9f+/9SuPyH9/6D/31f/f9kwnPH+v/5/2dfX/8+T/n+c9/9X0P/r//X/+n/Wamr9f+7+q+OWTvY/AAAA9CB3//3jFvsfAAAAmpG7/wFxi/0PAAAAzcjd/8C4pZP9P9f+f/efkP5/0P/P4P3/nX++/n+b/l//vw4L/f0Vy/+83aLwXfv/u939mvvo//X/+v9R+n/9v/6fi02t/8/d/6C4pZP9DwAAAD3I3f/guMX+BwAAgGbk7n9I3GL/AwAAQDNy918Tt3Sy//X/+n/9/yz6/8vyr3Ho/f9N+n/9/7x5/3/cofT/+S+D/r/o//X/+n/9P9um1v/n7n9o3NLJ/gcAAIAe5O5/WNxi/wMAAEAzcvc/PG6x/wEAAKAZufsfEbd0sv/1//p//f8s+v/bbzh93Pv/F/189P/6/2X0/+O8/7+C/l//317/f+f/SP/Pxkyt/8/d/8i4pZP9DwAAAD3I3f+ouMX+BwAAgGbk7n903GL/AwAAQDNy9z8mbulk/+v/9f/6/zX2/2eHYTi0/n/Q/1/089H/6/+XuW44/98E/f8i/f8KK/r/YdD/j9lzP7/8pzefz7+Lifb/3v9no6bW/+fuf2zccs9hOH6pP0kAAABgUnL3Py5u6eTX/wEAAKAHuftPxy32PwAAADQjd/+ZuKWT/a//1//r/+fy/r/+X/+v/98L7/+PO3j/f+Vdrr5vv/2/9//Hef9/3f3/nd8Z+n/mbWr9f+7+s3FLJ/sfAAAAepC7//Fxi/0PAAAAzcjd/4S4xf4HAACAZuTuf2Lc0sn+1/+31v//344fd0H/f6520f/r/y+l/z9WfyX9v/5/+vT/47z/v8K5/8ydqt/V/+v/vf+v/+dgptb/5+5/UtzSyf4HAACAHuTuf3LcYv8DAABAM3L3PyVusf8BAACgGbn7nxq3dLL/9f+t9f87f5z3//X/y76+9//1/y27tP7+yvp/c6H/D133/w28/3+J3zWb7ucPatOfX/+v/2fR1Pr/3P1Pi1s62f8AAADQg9z9T49b7H8AAABoRu7+Z8Qt9j8AAAA0I3f/M+OWTva//l//P4/+P7+C/l//f/j9f9L/z5P3/8fp/1dopf+/RJvu5+f++fX/+n8WTa3/z93/rLilk/0PAAAAPcjd/+y4xf4HAACAZuTuf07cYv8DAABAM3L3Pzdu6WT/6//1//Po/73/r//3/r/+f2/0/+P0/yvo//X/+n/9P2s1tf4/d/+1cUsn+x8AAAB6kLv/eXGL/Q8AAADNyN3//LhlP/v/2Lo/FQAAALBOuftfELd08uv/+n/9v/5f/6//X/719f/zpP8fp/9fofP+fzij/9f/6/9Zrwn1/xf8qJPDC+OWTvY/AAAA9CB3/4viFvsfAAAAmpG7/8Vxi/0PAAAAzcjd/5K4pZP9317/f2Ku/f+5nK+t/v/UMAz6/6HT/v/UBf886/tS/6//PwL6/3H6/xU67/833c/v1y0T+/z6f/0/iybU/5/7/dz9L41bOtn/AAAA0IPc/S+LW+x/AAAAaEbu/pfHLfY/AAAANCN3/yvilk72f3v9v/f/h8n0/97/v/j7o6f+3/v/i/T/R0P/P07/v4L+f1b9/9Q+v/5f/8+iqfX/uftfGTcdP3bJP0UAAABgYnL3vypu6eTX/wEAAKAHuftfHbfY/wAAADBT1y78kdz9r4lbOtn/+v/19v/HL/hj+n/9/8XfH/p//b/+//Ct6u9X/S3T/wf9v/5f/6//1/+zBlPr/3P3vzZu6WT/AwAAQA9y918Xt9j/AAAA0Izc/a+LW+x/AAAAaEbu/tfHLZ3sf/2/9//1//r/Vf3/+edQ9f/6/+nz/v+4WfT/N+v/9f/z/Pxr6P9PnP9N/T9t2Ef/v7W1dfrQ+//c/W+IWzrZ/wAAANCD3P1vjFvsfwAAAGhG7v43xS32PwAAADQjd/+b45ZO9r/+v9P+P7/V59X/nxkG/b/3//X/+v9x+v9xs+j/vf+v/5/p5/f+v/6fRVN7/z93/1vilk72PwAAAPQgd/9b4xb7HwAAAJqRu//6uMX+BwAAgGbk7n9b3NLJ/tf/d9r/e/9f/6//P+r+/45B/38kZtH/n9r960+9/z+r/9f/j+iu/7/XPXb8rv5f/8+iqfX/ufvfHrd0sv8BAACgB7n73xG32P8AAADQjNz974xb7H8AAABoRu7+d8VNV3Sy//X/+n/9v/5f/7/86x/x+//Hh2HQ/6/BLPr/EVPv/9fz/v/F/5afp//X/8/58+v/9f8smlr/n7v/3XFLJ/sfAAAAepC7/z1x0wn7HwAAAJqRu/+9cYv9DwAAAM3I3f++uKWT/a//1//r//X/zff/Z2fR/3v/f030/+Om0f/vTv+v/5/z59f/6//Zu031/7n73x+3dLL/AQAAoAe5+z8Qt9j/AAAA0Izc/R+MW+x/AAAAaEbu/g/FLZ3sf/2//n8//X9+Tv3//vr//HxT7f9PTK7/P7njr9fJ+//6/zXR/4/T/6+g/9f/6/+v1f+zTlN7/z93/4fjlk72PwAAAPQgd/8Ncev/dGv/AwAAQDNy938kbrH/AQAAoBm5+z8at3Sy//X/+n/v/3v/v/n3//X/XdH/j9P/r6D/1//r/73/z1pNrf/P3f+xuKWT/Q8AAAA9yN3/8bjF/gcAAIBm5O6/MW6x/wEAAKAZuftvils62f/6f/2//l//r//f/meo/2+D/n/c0fT/p/T/+v/q5y+Lfwv0//r/VT+eNk2t/8/d/4m4pZP9DwAAAD3I3f/JuMX+BwAAgGbk7r85brH/AQAAYJauWPLHcvd/Km7pZP/r//X/+n/9v/5/+dfX/8/TRvr//KbQ/3v/P/TT/991x+/N7f3/i//3l/5f/8/6Ta3/z93/6bilk/0PAAAAPcjd/5m4xf4HAACAZuTu/2zcYv8DAABAM3L3fy5u6WT/6//1//p//b/+f/nX1//Pk/f/x+n/V9D/b/T9/Ll/fv2//p9FU+v/c/d/Pm7pZP8DAABAD3L3fyFusf8BAACgGbn7vxi32P8AAADQjHO7P+OyDve//l//r//X/+v/l399/f886f/H6f9X0P/r//X/+n/Wamr9/5fO/aiTw5fjlk72PwAAAPQgd/9X4hb7HwAAAJqRu/+rcYv9DwAAAM3I3f+1uKWT/b/3/n9r0P/vTv+/8/Ovv//f2to6rf/X/+/8+Zzv/2/V/1P0/+P0/yvo//X/+n/9P2s1tf4/d//X45ZO9j8AAAD0IHf/N+IW+x8AAACakbv/m3GL/Q8AAADNyN1/S9zSyf73/v8E+v+T+n/v/+v/B+//L/b/l2//R1n/vz/6/3H6/xVa7P9P7v2nv+l+/qA2/fn1//p/Fk2t/8/d/624pZP9DwAAAD3I3f/tuMX+BwAAgGbk7v9O3GL/AwAAQDNy9383bulk/+v/j67/v/PvXS/v/58aln9+/b/+X//v/f/Dpv8fp/9focX+fx823c/P/fPr//X/LJpa/5+7/3txy87hd2x/P0sAAABgSnL3fz9u6eTX/wEAAKAHuft/ELfY/wAAANCM3P0/jFs62f/6/wm8/99g/+/9/+XfH/r/Sff/l+v/26D/H6f/X0H/r//X/6+p/8/vZv1/76bW/+fu/1Hc0sn+BwAAgB7k7v9x3GL/AwAAQDNy9/8kbrH/AQAAoBm5+2+NWy7Y/8va7lbo//X/+n/9v/5/+dfX/8+T/n/cXvv/E8PB+v+k/9f/6/977f+9/8+2qfX/uft/Grf49X8AAACYnWO7/PHc/T+LW+x/AAAAaEbu/p/HLfY/AAAANCN3/y/iltsu39RHOlL6f/2//l//r/9f/vX1//Ok/x83yff/r7+xflP/30T/f5X+v43+fxj0/xzc1Pr/3P2/jFv8+j8AAAA0I3f/r+IW+x8AAACakbv/13GL/Q8AAADNyN3/m7ilk/2v/9f/H7D/P5dm6v+36f+36f+X0/8fDf3/uEn2/xfQ/zfR/3v/v5H+3/v/rMPU+v/c/b+NWzrZ/wAAANCD3P2/i1vsfwAAAGhG7v7fxy32PwAAADQjd/8f4pZO9v/G+v/4W63/n33/P433/7e2P4H+X/8/6P+7p/8fp/9fQf+v/9f/6/9Zq6n1/7n7/xi3dLL/AQAAoAe5+/8Ut9j/AAAA0Izc/X+OW+x/AAAAaEbu/r/ELZ3sf+//6/+b6P/jx+r/9f+D/r97+v9x+v/l6h+U/l//r//X/7NWU+v/c/f/NW7pZP8DAABAD3L3/y1usf8BAACgGbn7b4tb7H8AAABoRu7+v8ctnex//b/+X/+v/9f/L//6+v950v+P22T/f+//X/1lvf+/8f4/P4L+X/+v/2ctptb/5+6/PW7pZP8DAABAD3L3/yNusf8BAACgGbn7/xm32P8AAADQjNz9/4pbOtn/K/r/E/Un6v9H6f93fn79//Lvj4b7/x2Bq/5/Of3/0dD/j5vP+//x4/X/O3j/f9qfX/+v/2fR1Pr/3P3/jls62f8AAADQg9z9d8Qt9j8AAAA0I3f/f+IW+x8AAACakbv/v3FLJ/vf+/9z6v+v0v/r/6fa/++g/19O/3809P/j5tP/e/9/Gf3/tD+//l//z6Kp9f+5+/8XAAD//0yWMnw=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', r0, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
fsync(r0)

2.392768539s ago: executing program 4 (id=1457):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000000)=0xfffffffd, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x20000000, &(0x7f0000000240)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
recvfrom$inet(r0, 0x0, 0x0, 0x2042, 0x0, 0x0)

2.201698956s ago: executing program 3 (id=1458):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0xc04, &(0x7f0000000580), 0x3, 0x448, &(0x7f0000000e40)="$eJzs28tvG8UfAPDv2kn6Sx+/mKo8+gACBVHxSJq0lB64tAKJA0hIcCjHkKRVqNugJki0iiAgVI6oEncENyT+Ak5wQcAJiSvcUaUK5dLCyWhtb+K4tuukTpzEn4+0yczurGa+nh17dscOoGcNp3+SiL0R8UdEDFWyqwsMV/7dWVqY/GdpYTKJUumtv5NyudtLC5NZ0ey8PVmmEJH7LInDDeqdu3rt4kSxOH2lmh+dv/T+6NzVay/MXJq4MH1h+vL46dMnT4y9dGr8xY7EmcZ1+9BHs0cOvvbOjTcmz91495fvkiz+ujg6ZLjVwadLpQ5X1137atJJX9unlXIb0hralY+ItLv6y+N/KPKx0nlD8eqnXW0csKEGWh9eLAE7WDqbB3pR9kGf3v9m2yZMO7aMW2di+TnGnepWOdIXlXvTZEPrH46Ic4v/fpVuUfscIr+h1QIAPeyHMxHxfKP5Xy4eqin3/+oaSiEiHoiI/RFxKiIORMSDEeWyD0fEI2usv36R5O75Z+7mugJrUzr/e7m6trV6/re8MlHIV3P7yvH3J+dnitPHq6/JsejflebHWtTx4yu/f9HsWO38L93S+rO5YLUdN/t2rT5namJ+4n5irnXrk4hDfY3iT5ZXAtIZ8MGIOLTOOmae/fZIs2P3jr+F9teZmip9HfFMpf8Xoy7+TNJ6fXL0f1GcPj6aXRV3+/W36282q/++4u+AtP93N7z+l+MvJLXrtXNrr+P6n583vadc7/U/kLy9at+HE/PzV8YiBpLXK42u3T9eV258pXwa/7GjafxZxCvjf3+svBKHIyK9iB+NiMci4vFq25+IiCcj4miL+H8++9R7649/Y6XxT62p/1cSA1G/p3Eif/Gn71dVWlhL/Gn/nyynjlX3NHv/G6xJt9Ou9V3NAAAAsP3kImJvJLmR5XQuNzJS+Q7/gdidK87OzT93fvaDy1OV3wgUoj+XPekaqnkeOla9rc/y43X5E9Xnxl/mB8v5kcnZ4lS3g4cet6fJ+E/95TsosPN1YB0N2KaMf+hdxj/0LuMfeleD8T/YjXYAm688/ut+5/pxl9oCbK66z3/LftBD3P9D7zL+oXcZ/9CT5gbj3j+S36aJb85uiWbs0ETk1nRWadcWaLNE+4luvzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xn8BAAD//y8A3oc=")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

1.307963895s ago: executing program 1 (id=1459):
r0 = syz_io_uring_setup(0x6d5d, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_CONNECT={0x10, 0x10, 0x0, r3, 0xfffffffffffffe10, &(0x7f00000001c0)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}})
io_uring_enter(r0, 0x2, 0x0, 0x0, 0x0, 0x0)

1.225840262s ago: executing program 3 (id=1460):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000280)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_uring_setup(0x2f00, &(0x7f0000000700)={0x0, 0xe8e2, 0x400, 0x20001, 0x2d6})
socket$kcm(0x2, 0x200000000000001, 0x106)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r3, 0x4b67, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x7, 0x2}]})
r4 = socket$inet(0x2, 0xa, 0x0)
sendmmsg$sock(r4, &(0x7f0000003280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
io_uring_setup(0xfc8, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2})
preadv(0xffffffffffffffff, &(0x7f0000000540), 0x10000000000002be, 0x0, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000500)=""/79)

1.131949821s ago: executing program 4 (id=1461):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$radio(0x0, 0x0, 0x2)
gettid()
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
prctl$PR_SET_THP_DISABLE(0x44, 0x200000000003)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x1b}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="28000000350001002bbd7004fedbdb250400000008000400020000000c0005"], 0x28}, 0x1, 0x0, 0x0, 0x20040050}, 0x24000080)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003e40)=@newtaction={0x60, 0x30, 0xffff, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x9, 0x4, 0x5, 0x1}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0)

1.004204542s ago: executing program 1 (id=1462):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000080000000000000000000080850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000725e850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000680)={r1}, 0xc)

886.075542ms ago: executing program 5 (id=1463):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@user_xattr}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x7}}]}, 0x1, 0x47d, &(0x7f0000000200)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0agUvioJIRUEP9RiTbQndNtJEsbXYVMSTIAU9ingU/Qu8iSDqSfDqyZMUivbS1lNkZmfSzXa3sWbTicnnA7N5npln93m+mbdnn2c2gA1rKHtJIrZFxK8RMdDILi0w1Phz9fLZyWuXz04msbDw6h9JXu7K5bOTZdHyfVuLzHAakX6QFJUsNXv6zPGJer12qsiPzp14c3T29JnH3j4xcax2rHZy/NChgwfGnnxi/PGuxJnFdWXPezN7d7/w+oWXJo9ceOPHr7P2biu2N8fRLUNZ4H8u5Fq3Pdztyiq2vSmd9FbYEG5JT0Rku6svP/8Hoieu77yBeP79ShsHrKrs3rSp8+b5BWAdS6LqFgDVKG/02fffcrlNXY814dIzjS9AWdxXi6WxpTfSokxfy/fbbhqKiCPzf32eLbFK4xAAAM0+mvz0cH9EvHvtqxezvsdARJTjQXflr7/lrzuKOZTBiPh/ROyMiDsiYldE3FmUvTsi7llhe27s/6QX25V7Kl1hRYWs//d0Mbe1tP+3WMFgT5Hbnsfflxydrtf2F/+T4ejblOXHblLHt8/98nGnbc39v2zJ6i/7gkU7Lva2DNBNTcxN5J3SLrh0PmJPb7v4k8WZgCQidkfEnvYf8VmHj95RJqYf+XJvp/qXj/8mujDPtPBFFt58Fv98tMRfSprnJ6dvmJ8c3Rz12v7R8qi40U8/f/hKp/pXFH8XXKo1/jbt/9Yig0nzfO1sd+v/l8d/2p+8ls8z9xfr3pmYmzs1FtGfHM7zS9aPX39vmS/LZ8f/8L725//O4j1Z/PdGRHYQ3xcR90fEA0XbH4yIhyJi301i/OHZ5eOPtKL9fz5iqu31b/H4b9n/t57oOf79N53q/2f7/2CeGi7W5Ne/ZbRrTna5aG3gSv53AAAA8F+R5s/AJ+nIYjpNR0Yaz/Dviv+l9ZnZuUePzrx1cqrxrPxg9KXlSNdAMR5an67XxpL54hMb46PjxVhxOV56oBg3/qRnS54fmZypT1UcO2x0Wzuc/5nfe6puHbDKtrRdO95/2xsCVKB1Hr3l2YpzL4eLAaxXfq8NG9cy53/z72CAdcb9Hzauduf/uZa8uQBYn9z/YeO6hfPfGACsJ+l3VbcAqJD+P2xIK/ld/yomNq+NZlSTWKs7JU9ElIm061VErIEAJRqJqq9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fF3AAAA//8g5+aQ")
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="020000000100010000000000", @ANYBLOB], 0x54, 0x1)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x100, 0x0)
open_by_handle_at(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="08000000020000000b"], 0x0)

104.911531ms ago: executing program 4 (id=1464):
socket(0x10, 0x803, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc0)
mkdirat(0xffffffffffffff9c, 0x0, 0x108)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x181)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x14a0, &(0x7f0000000700)=ANY=[], 0x1, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r4, 0x402, 0x91ea6c1af182532)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x108)
mount(0x0, 0x0, 0x0, 0x1214040, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

0s ago: executing program 0 (id=1465):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x7ffffffc, 0xfff}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
write(r4, &(0x7f0000000240)="14000000140005b7ffccca38b9000000060860eb", 0x14)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = syz_open_dev$vim2m(&(0x7f0000000280), 0x7fffffffffffffff, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r6, 0xc008561c, &(0x7f0000000000)={0x980914, 0x8})
r7 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'sit0\x00'})
ioctl$sock_inet6_SIOCSIFDSTADDR(r7, 0x8918, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000001d80)={0x0, @in6={{0xa, 0x4e23, 0x6, @empty, 0x6}}, 0x7f, 0x2, 0x0, 0x5, 0xe6eedc45313651a9, 0x94, 0x1}, 0x9c)

kernel console output (not intermixed with test programs):

 the config
[  281.569151][    T7] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  281.578776][ T5873] ext4 filesystem being mounted at /63/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  281.727827][ T5873] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.332: iget: bad i_size value: 2533274857506816
[  281.751985][    T7] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  281.803139][    T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.990387][    T7] usb 2-1: Product: syz
[  282.068193][    T7] usb 2-1: Manufacturer: syz
[  282.149423][    T7] usb 2-1: SerialNumber: syz
[  282.652564][ T5898] bridge0: adding interface bridge_slave_0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  283.042133][    T7] usb 2-1: 0:2 : does not exist
[  283.132195][    T7] usb 2-1: USB disconnect, device number 3
[  283.237186][ T5185] udevd[5185]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  286.504942][ T5985] loop3: detected capacity change from 0 to 512
[  287.354475][ T5980] binder: binder_mmap: 5946 2000003d3000-2000003d7000 bad vm_flags failed -1
[  287.410117][ T5985] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  291.111003][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  291.690645][ T5985] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  291.823885][ T6013] loop4: detected capacity change from 0 to 512
[  291.953940][ T6013] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  291.972346][ T6013] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  291.980507][ T6013] EXT4-fs error (device loop4): ext4_orphan_get:1426: comm syz.4.371: bad orphan inode 13
[  292.061590][ T6022] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.093293][ T6013] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota="data_err=ignore,noload,data_err=ignore,grpjquota="errors=continue,max_dir_size_kb=0x00000000000001ff,nobarrier,,errors=continue. Quota mode: writeback.
[  292.146115][ T6022] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.153283][ T6022] bridge0: port 1(bridge_slave_0) entered forwarding state
[  293.257224][ T6051] overlayfs: failed to clone upperpath
[  294.181306][ T6059] loop4: detected capacity change from 0 to 512
[  294.455337][ T6065] loop5: detected capacity change from 0 to 512
[  295.453631][ T6065] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  295.482310][ T6065] ext4 filesystem being mounted at /25/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  295.521803][ T6059] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  295.539332][ T6059] ext4 filesystem being mounted at /77/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  295.557845][ T6059] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.383: iget: bad i_size value: 2533274857506816
[  295.594306][ T6065] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.384: iget: bad i_size value: 2533274857506816
[  297.276429][ T6065] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.384: iget: bad i_size value: 2533274857506816
[  297.702205][ T6098] loop1: detected capacity change from 0 to 128
[  297.880646][ T6102] netlink: 830 bytes leftover after parsing attributes in process `syz.5.391'.
[  299.740478][ T6140] loop4: detected capacity change from 0 to 512
[  299.758427][ T6139] loop3: detected capacity change from 0 to 512
[  299.828108][ T6143] loop5: detected capacity change from 0 to 128
[  301.018853][ T6139] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  301.053183][ T6139] ext4 filesystem being mounted at /69/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  301.105258][ T6140] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  301.149851][ T6163] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.166030][ T6163] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.176202][ T6140] ext4 filesystem being mounted at /80/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  301.194325][ T6139] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.401: iget: bad i_size value: 2533274857506816
[  301.219505][ T6140] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.402: iget: bad i_size value: 2533274857506816
[  301.507355][ T6169] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.401: iget: bad i_size value: 2533274857506816
[  302.518911][ T6140] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.402: iget: bad i_size value: 2533274857506816
[  302.534043][ T6140] netlink: 164 bytes leftover after parsing attributes in process `syz.4.402'.
[  308.496734][ T6199] overlayfs: failed to clone upperpath
[  313.571887][ T5008] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  313.831964][ T5008] usb 2-1: Using ep0 maxpacket: 16
[  313.958716][ T5008] usb 2-1: config 0 interface 0 has no altsetting 0
[  314.132165][ T5008] usb 2-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[  314.145624][ T5008] usb 2-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[  314.181473][ T6290] loop4: detected capacity change from 0 to 512
[  314.211619][ T5008] usb 2-1: Product: syz
[  314.228670][ T5008] usb 2-1: Manufacturer: syz
[  314.258469][ T5008] usb 2-1: SerialNumber: syz
[  314.312647][ T5008] usb 2-1: config 0 descriptor??
[  314.630943][ T4223] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  314.660342][ T6290] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  314.683089][ T6290] ext4 filesystem being mounted at /91/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  314.783278][ T6290] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.446: iget: bad i_size value: 2533274857506816
[  315.021564][ T6290] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.446: iget: bad i_size value: 2533274857506816
[  315.100569][ T5008] snd-usb-audio: probe of 2-1:0.0 failed with error -22
[  315.113869][ T5008] usb 2-1: USB disconnect, device number 4
[  315.147220][ T6300] netlink: 164 bytes leftover after parsing attributes in process `syz.4.446'.
[  315.242238][ T4293] Bluetooth: hci3: command 0x0406 tx timeout
[  315.322917][ T5185] udevd[5185]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  315.411848][ T6306] overlayfs: failed to clone upperpath
[  315.497737][ T4223] usb 4-1: New USB device found, idVendor=1934, idProduct=0706, bcdDevice=e2.9e
[  315.513666][ T4223] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.531745][ T4223] usb 4-1: Product: syz
[  315.536172][ T4223] usb 4-1: Manufacturer: syz
[  315.540800][ T4223] usb 4-1: SerialNumber: syz
[  315.619665][ T4223] usb 4-1: config 0 descriptor??
[  315.743711][ T4223] f81232 4-1:0.0: f81232 converter detected
[  315.963070][ T4223] usb 4-1: f81232 converter now attached to ttyUSB0
[  316.014568][ T4223] usb 4-1: USB disconnect, device number 5
[  317.227465][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  317.233827][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  318.207245][ T4223] f81232 ttyUSB0: f81232 converter now disconnected from ttyUSB0
[  318.222628][ T4223] f81232 4-1:0.0: device disconnected
[  320.384602][ T6345] overlayfs: failed to clone upperpath
[  321.571895][    T7] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  321.853049][    T7] usb 5-1: Using ep0 maxpacket: 32
[  321.972123][    T7] usb 5-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  322.013472][    T7] usb 5-1: config 155 interface 0 altsetting 0 has an invalid endpoint with address 0xE2, skipping
[  322.096107][    T7] usb 5-1: config 155 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[  322.176224][    T7] usb 5-1: config 155 interface 0 altsetting 0 endpoint 0xE has invalid maxpacket 512, setting to 64
[  322.208859][    T7] usb 5-1: config 155 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 170, changing to 7
[  322.228480][    T7] usb 5-1: config 155 interface 0 altsetting 0 has a duplicate endpoint with address 0x8, skipping
[  322.240052][    T7] usb 5-1: config 155 interface 0 altsetting 0 has 7 endpoint descriptors, different from the interface descriptor's value: 11
[  323.812235][    T7] usb 5-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  323.853289][    T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.861452][    T7] usb 5-1: Product: syz
[  323.916943][    T7] usb 5-1: Manufacturer: syz
[  323.925021][ T6404] xt_bpf: check failed: parse error
[  323.935677][    T7] usb 5-1: SerialNumber: syz
[  324.372926][    T7] usb 5-1: can't set config #155, error -71
[  324.420840][    T7] usb 5-1: USB disconnect, device number 6
[  324.910574][ T6417] loop3: detected capacity change from 0 to 512
[  325.877860][ T6417] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  325.962319][ T6417] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  326.075266][ T6417] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.492: iget: bad i_size value: 2533274857506816
[  328.764121][ T6466] netlink: 20 bytes leftover after parsing attributes in process `syz.3.507'.
[  330.681065][ T6479] loop3: detected capacity change from 0 to 512
[  331.409960][ T6479] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  331.454371][ T6479] ext4 filesystem being mounted at /82/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  331.562314][ T6479] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.511: iget: bad i_size value: 2533274857506816
[  331.628527][ T6495] netlink: 'syz.4.520': attribute type 5 has an invalid length.
[  331.662071][ T6495] netlink: 24 bytes leftover after parsing attributes in process `syz.4.520'.
[  332.714587][ T6509] overlayfs: failed to clone upperpath
[  333.299264][ T6513] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  334.191659][ T6522] loop5: detected capacity change from 0 to 8
[  334.272592][ T6522] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  334.295794][ T6526] loop3: detected capacity change from 0 to 512
[  334.329040][ T5185] udevd[5185]: incorrect cramfs checksum on /dev/loop5
[  334.346626][ T6530] loop4: detected capacity change from 0 to 512
[  334.414552][ T6530] EXT4-fs (loop4): Ignoring removed bh option
[  335.434318][ T6530] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback.
[  335.451413][ T6526] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  335.536844][ T6530] ext4 filesystem being mounted at /108/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  335.554274][ T6526] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  336.053502][ T6526] EXT4-fs error (device loop3): ext4_xattr_block_get:543: inode #15: comm syz.3.531: corrupted xattr block 33
[  336.247687][ T6526] EXT4-fs error (device loop3): ext4_get_inode_usage:835: inode #15: comm syz.3.531: corrupted xattr block 33
[  336.327621][ T6553] loop1: detected capacity change from 0 to 4096
[  336.435545][ T6553] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512)
[  336.702462][ T6558] loop5: detected capacity change from 0 to 4096
[  337.583420][ T6573] loop4: detected capacity change from 0 to 2048
[  338.016241][ T6586] loop1: detected capacity change from 0 to 1024
[  338.024168][ T6583] loop3: detected capacity change from 0 to 512
[  338.030960][ T6558] EXT4-fs warning (device loop5): ext4_enable_quotas:6486: Failed to enable quota tracking (type=1, err=-13, ino=4). Please run e2fsck to fix.
[  338.053298][ T6558] EXT4-fs (loop5): mount failed
[  338.059846][ T6573] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,noinit_itable,noload,errors=continue,,errors=continue. Quota mode: none.
[  338.268384][ T6583] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  338.351901][ T6583] ext4 filesystem being mounted at /86/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  338.416190][ T6583] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.549: iget: bad i_size value: 2533274857506816
[  338.464496][ T6573] EXT4-fs error (device loop4): ext4_find_extent:893: inode #2: comm syz.4.543: inode has invalid extent depth: 9
[  342.217857][ T6617] loop1: detected capacity change from 0 to 256
[  343.890014][ T6621] loop4: detected capacity change from 0 to 2048
[  344.202801][ T6621] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  344.382891][ T6632] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  344.487790][ T6621] NILFS error (device loop4): nilfs_check_page: size of directory #2 is not a multiple of chunk size
[  344.521673][ T6621] Remounting filesystem read-only
[  344.526310][ T6634] loop1: detected capacity change from 0 to 2048
[  344.598087][ T6634] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  344.626847][ T6619] loop3: detected capacity change from 0 to 40427
[  344.727063][ T6619] F2FS-fs (loop3): build fault injection attr: rate: 684, type: 0x1ffff
[  344.825649][ T6619] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x35f7
[  344.865497][ T6619] F2FS-fs (loop3): invalid crc value
[  345.004245][ T6619] F2FS-fs (loop3): Found nat_bits in checkpoint
[  346.247306][ T6619] F2FS-fs (loop3): Start checkpoint disabled!
[  347.943662][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  348.620867][ T6660] loop4: detected capacity change from 0 to 1024
[  348.928359][ T4304] hfsplus: b-tree write err: -5, ino 4
[  349.355497][ T6669] overlayfs: failed to clone upperpath
[  350.353886][ T6676] loop4: detected capacity change from 0 to 2048
[  350.445752][ T6676] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[  350.710306][ T6683] loop3: detected capacity change from 0 to 128
[  350.830698][ T6683] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  350.877255][ T6683] FAT-fs (loop3): Filesystem has been set read-only
[  350.985015][ T6693] netlink: 28 bytes leftover after parsing attributes in process `syz.4.585'.
[  351.383526][ T6699] loop4: detected capacity change from 0 to 4096
[  351.447011][ T6708] loop1: detected capacity change from 0 to 512
[  352.259060][ T6711] loop3: detected capacity change from 0 to 1024
[  352.293211][ T6708] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  352.410093][ T6708] ext4 filesystem being mounted at /118/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  352.486846][ T6708] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.575: iget: bad i_size value: 2533274857506816
[  352.760033][ T4309] hfsplus: b-tree write err: -5, ino 4
[  352.822011][ T6729] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.575: iget: bad i_size value: 2533274857506816
[  352.835903][ T6729] netlink: 164 bytes leftover after parsing attributes in process `syz.1.575'.
[  353.261562][ T6737] loop3: detected capacity change from 0 to 512
[  353.329853][ T6737] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  353.384299][ T6737] FAT-fs (loop3): error, invalid access to FAT (entry 0x0fffff00)
[  354.371947][ T6749] device sit0 entered promiscuous mode
[  354.452856][ T6753] loop1: detected capacity change from 0 to 164
[  354.463966][ T6749] netlink: 'syz.4.606': attribute type 1 has an invalid length.
[  354.491830][ T6749] netlink: 1 bytes leftover after parsing attributes in process `syz.4.606'.
[  354.544631][ T6748] loop3: detected capacity change from 0 to 4096
[  354.587665][ T6748] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  354.653082][ T6748] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  354.717693][ T6748] ntfs: (device loop3): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  354.754538][ T6748] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  354.851178][ T6755] loop4: detected capacity change from 0 to 8192
[  354.911958][ T6748] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  354.953664][ T6755] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
[  354.970562][ T6755] REISERFS (device loop4): using ordered data mode
[  354.985589][ T6755] reiserfs: using flush barriers
[  355.010062][ T6755] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  355.028306][ T6748] ntfs: volume version 3.1.
[  355.036516][ T6755] REISERFS (device loop4): checking transaction log (loop4)
[  355.300801][ T6748] ntfs: (device loop3): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  355.328493][ T6755] REISERFS (device loop4): Using rupasov hash to sort names
[  355.378214][ T6755] REISERFS (device loop4): using 3.5.x disk format
[  355.468538][ T6755] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  355.660960][ T6748] ntfs: (device loop3): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  355.682118][ T6755] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  355.724039][ T6755] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  355.741989][ T6748] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  355.778243][ T6755] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  355.795991][ T6748] ntfs: (device loop3): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  355.860801][ T6748] ntfs: (device loop3): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  355.882645][ T6768] loop1: detected capacity change from 0 to 64
[  355.923085][ T6755] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  355.979488][ T6755] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  356.653307][ T6780] loop4: detected capacity change from 0 to 4096
[  356.686248][ T6780] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  356.719027][ T6785] loop5: detected capacity change from 0 to 256
[  358.208322][ T4224] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  361.165297][ T6817] loop1: detected capacity change from 0 to 256
[  361.299646][ T6821] netlink: 92 bytes leftover after parsing attributes in process `syz.3.635'.
[  361.470522][ T6828] loop5: detected capacity change from 0 to 256
[  361.601682][ T6830] loop3: detected capacity change from 0 to 512
[  362.201812][ T4224] usb 4-1: device not accepting address 6, error -71
[  364.221565][ T6817] MINIX-fs: mounting file system with errors, running fsck is recommended
[  364.453098][ T6830] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  364.505788][ T6830] EXT4-fs (loop3): Remounting filesystem read-only
[  364.529292][ T6830] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.639: invalid indirect mapped block 4278190080 (level 0)
[  364.583953][ T6830] EXT4-fs (loop3): Remounting filesystem read-only
[  364.608338][ T6830] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.639: invalid indirect mapped block 1 (level 1)
[  364.663148][ T6830] EXT4-fs (loop3): Remounting filesystem read-only
[  364.674062][ T6830] EXT4-fs (loop3): 1 truncate cleaned up
[  364.696966][ T6830] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,errors=continue,inode_readahead_blks=0x0000000000000040,errors=remount-ro,barrier=0x0000000000001000,resgid=0x0000000000000000,nolazytime,noquota,auto_da_alloc=0x0000000000000006,data=journal,init_itable=0x000000000000. Quota mode: none.
[  366.703338][ T6856] loop3: detected capacity change from 0 to 512
[  366.946302][ T6856] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  367.026489][ T6856] ext4 filesystem being mounted at /101/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  367.745346][ T6856] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.647: iget: bad i_size value: 2533274857506816
[  368.896305][ T6890] loop4: detected capacity change from 0 to 2048
[  368.961978][ T6896] loop5: detected capacity change from 0 to 512
[  369.110367][ T6900] bridge0: port 1(bridge_slave_0) entered disabled state
[  370.048966][ T6896] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  370.076731][ T6890] NILFS (loop4): corrupt root inode
[  370.129249][ T6896] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  370.145498][ T6896] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.659: iget: bad i_size value: 2533274857506816
[  370.251380][ T6907] loop1: detected capacity change from 0 to 2048
[  372.256092][ T6907] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  372.304617][ T6907] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  372.849302][ T6934] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  373.425328][ T6934] device batadv_slave_0 entered promiscuous mode
[  373.847731][ T6934] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  374.785780][ T6950] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.860137][ T6950] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.867441][ T6950] bridge0: port 1(bridge_slave_0) entered forwarding state
[  375.036138][ T6956] netlink: 'syz.1.681': attribute type 3 has an invalid length.
[  375.061901][ T6956] netlink: 666 bytes leftover after parsing attributes in process `syz.1.681'.
[  376.471007][ T6971] loop1: detected capacity change from 0 to 512
[  376.589342][ T6979] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  376.597221][ T6979] device batadv_slave_0 entered promiscuous mode
[  376.646511][ T6979] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  376.685491][ T6971] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  376.762235][ T6971] EXT4-fs (loop1): Remounting filesystem read-only
[  376.796638][ T6971] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.686: invalid indirect mapped block 4278190080 (level 0)
[  376.857551][ T6971] EXT4-fs (loop1): Remounting filesystem read-only
[  376.881661][ T6971] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.686: invalid indirect mapped block 1 (level 1)
[  376.938530][ T6971] EXT4-fs (loop1): Remounting filesystem read-only
[  376.969267][ T6971] EXT4-fs (loop1): 1 truncate cleaned up
[  376.985923][ T6971] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,errors=continue,inode_readahead_blks=0x0000000000000040,errors=remount-ro,barrier=0x0000000000001000,resgid=0x0000000000000000,nolazytime,noquota,auto_da_alloc=0x0000000000000006,data=journal,init_itable=0x000000000000. Quota mode: none.
[  377.121282][ T6962] loop4: detected capacity change from 0 to 32768
[  377.172204][ T6971] EXT4-fs error (device loop1): ext4_lookup:1850: inode #2: comm syz.1.686: bad inode number: 1
[  377.192454][ T6971] EXT4-fs (loop1): Remounting filesystem read-only
[  377.332261][ T6995] loop4: detected capacity change from 0 to 1024
[  377.378239][ T6974] loop5: detected capacity change from 0 to 32768
[  377.463850][ T7001] overlayfs: failed to clone upperpath
[  377.525201][ T7000] loop1: detected capacity change from 0 to 64
[  377.750593][ T4291] hfsplus: b-tree write err: -5, ino 4
[  377.797708][ T6974] XFS (loop5): Mounting V5 Filesystem
[  377.941169][ T6988] loop3: detected capacity change from 0 to 32768
[  378.091175][ T6988] XFS (loop3): Mounting V5 Filesystem
[  378.135140][ T6974] XFS (loop5): Ending clean mount
[  378.163988][ T7025] overlayfs: failed to clone upperpath
[  378.343560][ T6974] XFS (loop5): Quotacheck needed: Please wait.
[  378.554859][ T6988] XFS (loop3): Ending clean mount
[  378.636345][ T6988] XFS (loop3): Quotacheck needed: Please wait.
[  378.642935][ T6974] XFS (loop5): Quotacheck: Done.
[  378.678177][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  378.685072][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  378.830790][ T7028] loop1: detected capacity change from 0 to 4096
[  378.839974][ T6988] XFS (loop3): Quotacheck: Done.
[  378.933472][ T7028] __ntfs_error: 4 callbacks suppressed
[  378.933489][ T7028] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  378.971867][ T5050] XFS (loop5): Unmounting Filesystem
[  378.995630][ T7028] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  379.076518][ T7028] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  379.111319][ T4195] XFS (loop3): Unmounting Filesystem
[  379.118029][ T7028] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  379.131555][ T7035] loop4: detected capacity change from 0 to 4096
[  379.162520][ T7028] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  379.162932][ T7035] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512)
[  379.222163][ T7028] ntfs: volume version 3.1.
[  379.243423][ T7028] ntfs: (device loop1): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  379.309788][ T7028] ntfs: (device loop1): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  379.341883][ T7028] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  379.357040][ T7028] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  379.368583][ T7028] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  379.597949][ T7040] overlayfs: failed to clone upperpath
[  380.105279][ T7048] loop4: detected capacity change from 0 to 256
[  385.423644][ T7078] loop5: detected capacity change from 0 to 16
[  385.461655][ T7079] netlink: 144 bytes leftover after parsing attributes in process `syz.4.717'.
[  385.515695][ T7078] erofs: (device loop5): mounted with root inode @ nid 36.
[  385.555929][ T7073] loop3: detected capacity change from 0 to 4096
[  385.747273][ T7083] overlayfs: failed to clone upperpath
[  385.753762][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  385.753776][   T26] audit: type=1800 audit(1771859319.263:33): pid=7078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.713" name="file2" dev="loop5" ino=89 res=0 errno=0
[  387.056504][ T7073] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  387.511438][ T7094] loop5: detected capacity change from 0 to 128
[  387.581897][ T7094] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  387.750191][ T7070] loop1: detected capacity change from 0 to 32768
[  387.805627][ T7094] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  387.868826][ T7094] ext2 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  388.231935][ T4224] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  388.340682][ T7108] loop5: detected capacity change from 0 to 4096
[  390.197668][ T7108] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  390.238768][ T7108] ntfs3: loop5: Failed to load $MFT.
[  392.096001][ T7143] loop3: detected capacity change from 0 to 512
[  392.191624][ T7146] loop1: detected capacity change from 0 to 1024
[  392.463440][ T7143] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  392.501944][ T4224] usb 5-1: device descriptor read/all, error -71
[  392.515099][ T7143] ext4 filesystem being mounted at /119/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  392.554100][ T7143] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.741: iget: bad i_size value: 2533274857506816
[  392.897594][ T7164] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.741: iget: bad i_size value: 2533274857506816
[  393.510002][ T7175] netlink: 8 bytes leftover after parsing attributes in process `syz.0.753'.
[  394.569479][ T7186] netlink: 'syz.0.757': attribute type 3 has an invalid length.
[  395.225965][ T4223] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  396.380582][ T7202] loop1: detected capacity change from 0 to 4096
[  396.878256][ T7209] loop5: detected capacity change from 0 to 4096
[  397.008072][ T7212] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  402.846267][ T7256] snd_dummy snd_dummy.0: control 4:9:6:syz1:6 is already present
[  402.913858][ T7259] loop1: detected capacity change from 0 to 16
[  402.936509][ T7259] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  402.987978][ T7259] erofs: (device loop1): mounted with root inode @ nid 36.
[  403.063042][ T7259] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  403.150275][ T7259] CIFS mount error: No usable UNC path provided in device string!
[  403.150275][ T7259] 
[  403.172314][ T7259] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  403.401806][ T4754] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  403.498251][ T7273] loop4: detected capacity change from 0 to 64
[  404.322310][ T4754] usb 4-1: config 0 has an invalid interface number: 52 but max is 0
[  404.340726][ T4754] usb 4-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  404.377364][ T4754] usb 4-1: config 0 has no interface number 0
[  404.402340][ T4754] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 12336, setting to 64
[  404.454351][ T4754] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  404.504704][ T4754] usb 4-1: config 0 interface 52 has no altsetting 0
[  404.618322][ T4754] usb 4-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  404.646366][ T4754] usb 4-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[  404.675118][ T4754] usb 4-1: Manufacturer: syz
[  404.715121][ T4754] usb 4-1: config 0 descriptor??
[  404.789035][ T4754] hub 4-1:0.52: bad descriptor, ignoring hub
[  404.805144][ T4754] hub: probe of 4-1:0.52 failed with error -5
[  404.999432][ T4754] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.52/input/input8
[  405.203202][ T7265] udc-core: couldn't find an available UDC or it's busy
[  405.246398][ T7265] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  405.401997][ T4754] usb 4-1: USB disconnect, device number 8
[  405.667353][ T7285] loop4: detected capacity change from 0 to 2048
[  405.730946][ T7285] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  405.803218][ T7285] attempt to access beyond end of device
[  405.803218][ T7285] loop4: rw=524288, want=33554432, limit=2048
[  405.821817][ T4819] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  405.831214][ T7291] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  405.905240][ T7295] loop3: detected capacity change from 0 to 16
[  405.949711][ T7295] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  405.976679][ T7279] loop5: detected capacity change from 0 to 32768
[  406.006153][ T7295] erofs: (device loop3): mounted with root inode @ nid 36.
[  406.070807][ T7295] CIFS mount error: No usable UNC path provided in device string!
[  406.070807][ T7295] 
[  406.089776][ T7295] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  406.109697][ T7279] (syz.5.793,7279,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  406.170108][ T7279] (syz.5.793,7279,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  406.204873][ T7299] loop4: detected capacity change from 0 to 4096
[  406.269579][ T7279] JBD2: Ignoring recovery information on journal
[  406.342027][ T4819] usb 2-1: New USB device found, idVendor=1934, idProduct=0706, bcdDevice=e2.9e
[  406.362673][ T7279] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  406.376549][ T7303] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  406.418767][ T4819] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.459213][ T4819] usb 2-1: Product: syz
[  406.496483][ T4819] usb 2-1: Manufacturer: syz
[  406.501251][ T4819] usb 2-1: SerialNumber: syz
[  406.543216][ T4819] usb 2-1: config 0 descriptor??
[  406.583818][ T4819] f81232 2-1:0.0: f81232 converter detected
[  406.619881][ T4819] usb 2-1: f81232 converter now attached to ttyUSB0
[  406.719248][ T5050] ocfs2: Unmounting device (7,5) on (node local)
[  406.787096][ T7310] loop4: detected capacity change from 0 to 1024
[  406.831011][ T7314] loop3: detected capacity change from 0 to 512
[  406.838526][ T5008] usb 2-1: USB disconnect, device number 5
[  406.847305][ T5008] f81232 ttyUSB0: f81232 converter now disconnected from ttyUSB0
[  406.856228][ T5008] f81232 2-1:0.0: device disconnected
[  406.871967][ T7310] EXT4-fs (loop4): Ignoring removed bh option
[  406.879137][ T7314] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  406.894239][ T7310] EXT4-fs (loop4): inline encryption not supported
[  406.994316][ T7310] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 2: comm syz.4.805: lblock 2 mapped to illegal pblock 2 (length 1)
[  407.097671][ T7310] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  407.146900][ T7310] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 48: comm syz.4.805: lblock 0 mapped to illegal pblock 48 (length 1)
[  407.189235][ T7310] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  407.245072][ T7310] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.805: Failed to acquire dquot type 0
[  407.300416][ T7310] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5854: Corrupt filesystem
[  407.314858][ T7310] EXT4-fs error (device loop4): ext4_evict_inode:282: inode #11: comm syz.4.805: mark_inode_dirty error
[  407.641986][ T7310] EXT4-fs warning (device loop4): ext4_evict_inode:285: couldn't mark inode dirty (err -117)
[  407.745585][ T7310] EXT4-fs (loop4): 1 orphan inode deleted
[  407.765778][  T154] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  408.062402][ T7310] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,noblock_validity,bh,min_batch_time=0x0000000000000008,nodelalloc,inlinecrypt,,errors=continue. Quota mode: none.
[  408.336318][  T154] Quota error (device loop4): remove_tree: Can't read quota data block 1
[  408.349181][  T154] EXT4-fs error (device loop4): ext4_release_dquot:6270: comm kworker/u4:2: Failed to release dquot type 0
[  408.374583][ T7310] EXT4-fs error (device loop4): __ext4_get_inode_loc:4327: comm syz.4.805: Invalid inode table block 1 in block_group 0
[  408.424895][ T7310] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5854: Corrupt filesystem
[  408.444988][ T7310] EXT4-fs error (device loop4): ext4_quota_off:6540: inode #3: comm syz.4.805: mark_inode_dirty error
[  408.643335][ T7338] loop3: detected capacity change from 0 to 2048
[  408.752809][ T7344] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  409.009240][ T7352] loop1: detected capacity change from 0 to 512
[  409.071262][ T7352] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  409.103579][ T7352] EXT4-fs (loop1): invalid journal inode
[  409.109562][ T7352] EXT4-fs (loop1): can't get journal size
[  409.142639][ T7351] loop3: detected capacity change from 0 to 4096
[  409.228909][ T7352] EXT4-fs (loop1): 1 truncate cleaned up
[  409.239700][ T7357] overlayfs: failed to clone upperpath
[  409.326343][ T7352] EXT4-fs (loop1): mounted filesystem without journal. Opts: norecovery,sysvgroups,sysvgroups,sb=0x0000000000000005,,errors=continue. Quota mode: none.
[  409.428125][ T7359] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  409.805977][ T7345] loop4: detected capacity change from 0 to 32768
[  409.908362][ T7367] overlayfs: failed to clone upperpath
[  409.957610][ T7345] (syz.4.815,7345,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  410.062376][ T7345] (syz.4.815,7345,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  410.128597][ T7345] JBD2: Ignoring recovery information on journal
[  410.460222][ T7345] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  411.258404][ T7379] loop3: detected capacity change from 0 to 4096
[  411.288668][ T4191] ocfs2: Unmounting device (7,4) on (node local)
[  411.304594][ T7379] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  411.532931][ T7379] ntfs: volume version 3.1.
[  412.203641][ T7400] loop1: detected capacity change from 0 to 512
[  413.723325][ T7396] loop5: detected capacity change from 0 to 4096
[  414.128250][ T7411] loop4: detected capacity change from 0 to 16
[  414.283791][ T7400] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  414.305298][ T7400] ext4 filesystem being mounted at /168/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  414.315864][ T7411] erofs: (device loop4): mounted with root inode @ nid 36.
[  414.352927][ T7416] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  414.363584][ T7419] loop3: detected capacity change from 0 to 64
[  414.393293][ T7400] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.834: iget: bad i_size value: 2533274857506816
[  414.408254][   T26] audit: type=1800 audit(1771859348.033:34): pid=7411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.828" name="file1" dev="loop4" ino=86 res=0 errno=0
[  416.755504][ T7434] loop4: detected capacity change from 0 to 4096
[  416.815878][ T7434] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  416.890905][ T7434] ntfs: (device loop4): ntfs_read_locked_inode(): Corrupt standard information attribute in inode.
[  416.949429][ T7434] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  416.979014][ T7442] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:18980
[  417.023671][ T7434] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  417.053344][ T7434] ntfs: volume version 3.1.
[  417.082119][ T7444] loop5: detected capacity change from 0 to 512
[  417.116924][ T7434] ntfs: (device loop4): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set iso8859-9.  You might want to try to use the mount option nls=utf8.
[  417.174454][ T7434] ntfs: (device loop4): ntfs_filldir(): Skipping unrepresentable inode 0x4.
[  417.252859][ T7448] overlayfs: failed to resolve './file2': -2
[  418.101514][ T4191] ntfs: (device loop4): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  418.363923][ T7444] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  418.922535][ T7461] loop4: detected capacity change from 0 to 512
[  419.394326][ T7461] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  419.442823][ T7461] ext4 filesystem being mounted at /178/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  419.461288][ T7461] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.854: iget: bad i_size value: 2533274857506816
[  419.663428][ T7470] loop1: detected capacity change from 0 to 256
[  419.719145][ T7475] loop3: detected capacity change from 0 to 512
[  420.193918][ T7485] loop5: detected capacity change from 0 to 64
[  420.411324][ T7475] EXT4-fs (loop3): 1 truncate cleaned up
[  420.755135][ T7485] attempt to access beyond end of device
[  420.755135][ T7485] loop5: rw=0, want=268435470, limit=64
[  420.801880][ T7475] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,,errors=continue. Quota mode: none.
[  420.865015][ T7485] Buffer I/O error on dev loop5, logical block 134217734, async page read
[  421.966424][ T7509] loop5: detected capacity change from 0 to 4096
[  422.127006][ T7509] EXT4-fs (loop5): Test dummy encryption mode enabled
[  422.200690][ T7517] loop4: detected capacity change from 0 to 4096
[  422.224262][ T7509] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,grpquota,,errors=continue. Quota mode: writeback.
[  422.266963][ T7517] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512)
[  422.351876][ T4224] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  423.224042][ T7537] netlink: 164 bytes leftover after parsing attributes in process `syz.5.876'.
[  423.250797][ T7542] netlink: 8 bytes leftover after parsing attributes in process `syz.0.880'.
[  423.644724][ T7547] overlayfs: failed to resolve './file2': -2
[  423.765497][ T7551] bridge0: port 1(bridge_slave_0) entered forwarding state
[  424.102688][ T7531] loop1: detected capacity change from 0 to 32768
[  424.222080][ T4224] usb 4-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  424.244179][ T4224] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.255457][ T7559] netlink: 'syz.4.886': attribute type 1 has an invalid length.
[  424.278523][ T4224] usb 4-1: Product: syz
[  424.293075][ T4224] usb 4-1: Manufacturer: syz
[  424.318466][ T4224] usb 4-1: SerialNumber: syz
[  424.345462][ T4224] usb 4-1: config 0 descriptor??
[  424.377273][ T7531] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  424.404933][ T4224] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  424.422382][ T7531] BTRFS info (device loop1): using free space tree
[  424.429205][ T7531] BTRFS info (device loop1): has skinny extents
[  424.462143][ T7566] loop5: detected capacity change from 0 to 512
[  424.480437][ T4224] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  424.539771][ T7566] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  424.548024][ T4224] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0))
[  424.606689][ T7515] dvb-usb: bulk message failed: -22 (7/0)
[  424.624558][ T4224] usb 4-1: media controller created
[  424.650656][ T7566] EXT4-fs error (device loop5): ext4_iget_extra_inode:4566: inode #15: comm syz.5.889: corrupted in-inode xattr
[  424.719805][ T7566] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.889: couldn't read orphan inode 15 (err -117)
[  424.862617][    T9] BTRFS warning (device loop1): checksum verify failed on 5328896 wanted 0xac8366d3d2e6f7dc04e332773638acafeccdac9b39be662d19e98924efedf548 found 0x6751fbfdfa7679bdb0b4253f207cc8094d8d1988a31510ef4632b0a190084dd3 level 0
[  424.911304][ T7566] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000007,inode_readahead_blks=0x0000000000000001,grpid,noload,delalloc,max_batch_time=0x0000000000000001,discard,inode_readahead_blks=0x0000000000004000,nomblk_io_submit,init_itable=0x0000000000000a,errors=continue. Quota mode: none.
[  424.987752][ T4224] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  425.090558][ T7566] EXT4-fs error (device loop5): ext4_find_dest_de:2115: inode #12: block 7: comm syz.5.889: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=255, size=56 fake=0
[  425.324747][ T7531] BTRFS warning (device loop1): failed to read root (objectid=4): -5
[  425.661160][ T7531] BTRFS error (device loop1): open_ctree failed: -22
[  425.668488][ T4224] DVB: Unable to find symbol mt352_attach()
[  425.810969][ T4224] DVB: Unable to find symbol nxt6000_attach()
[  425.817823][ T4224] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)'
[  425.872572][ T7601] loop5: detected capacity change from 0 to 512
[  425.886279][ T4224] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input9
[  425.912466][ T7603] overlayfs: failed to clone upperpath
[  426.039479][ T4224] dvb-usb: schedule remote query interval to 1000 msecs.
[  426.078662][ T4224] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected.
[  426.108847][ T7601] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  426.167398][ T4224] dvb-usb: bulk message failed: -22 (7/0)
[  426.202498][ T7601] ext4 filesystem being mounted at /101/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  426.222336][ T4224] dvb-usb: bulk message failed: -22 (7/0)
[  426.260193][ T4224] usb 4-1: USB disconnect, device number 9
[  426.307565][ T7601] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.893: iget: bad i_size value: 2533274857506816
[  427.141154][ T7617] loop1: detected capacity change from 0 to 256
[  427.237754][ T7617] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  427.307765][ T7619] loop3: detected capacity change from 0 to 8
[  427.315148][ T7617] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  427.374502][ T7617] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  427.604066][ T4224] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected.
[  431.979898][ T7653] loop3: detected capacity change from 0 to 256
[  432.147883][ T7655] loop4: detected capacity change from 0 to 2048
[  432.164950][ T7659] overlayfs: failed to clone upperpath
[  432.312170][ T7655] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  432.344614][ T7258] udevd[7258]: incorrect nilfs2 checksum on /dev/loop4
[  432.467739][ T7664] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  432.528774][ T7665] loop1: detected capacity change from 0 to 512
[  432.683526][ T7665] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  432.719919][ T7665] ext4 filesystem being mounted at /183/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  432.823485][ T7665] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.912: iget: bad i_size value: 2533274857506816
[  433.087867][ T7680] overlayfs: failed to resolve './file2': -2
[  433.839949][ T7696] loop3: detected capacity change from 0 to 256
[  434.295919][ T7705] overlayfs: failed to clone upperpath
[  436.222182][ T7696] FAT-fs (loop3): Directory bread(block 64) failed
[  436.242215][ T7696] FAT-fs (loop3): Directory bread(block 65) failed
[  436.467216][ T7626] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  436.521866][ T7696] FAT-fs (loop3): Directory bread(block 66) failed
[  436.531957][ T7696] FAT-fs (loop3): Directory bread(block 67) failed
[  436.538592][ T7696] FAT-fs (loop3): Directory bread(block 68) failed
[  436.576185][ T7696] FAT-fs (loop3): Directory bread(block 69) failed
[  436.589514][ T7696] FAT-fs (loop3): Directory bread(block 70) failed
[  436.597931][ T7696] FAT-fs (loop3): Directory bread(block 71) failed
[  436.610669][ T7696] FAT-fs (loop3): Directory bread(block 72) failed
[  436.617578][ T7696] FAT-fs (loop3): Directory bread(block 73) failed
[  436.961893][ T7626] usb 5-1: device not accepting address 9, error -71
[  437.100464][ T7721] loop4: detected capacity change from 0 to 512
[  437.232747][ T7725] overlayfs: failed to resolve './file2': -2
[  437.410915][ T7721] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  437.456365][ T7721] ext4 filesystem being mounted at /197/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  437.537032][ T7721] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.933: iget: bad i_size value: 2533274857506816
[  437.777600][ T5007] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  437.791993][ T7721] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.933: iget: bad i_size value: 2533274857506816
[  437.857889][ T7737] netlink: 164 bytes leftover after parsing attributes in process `syz.4.933'.
[  437.915598][ T7739] loop1: detected capacity change from 0 to 256
[  438.194755][ T7739] FAT-fs (loop1): Directory bread(block 64) failed
[  438.201348][ T7739] FAT-fs (loop1): Directory bread(block 65) failed
[  438.215180][ T7739] FAT-fs (loop1): Directory bread(block 66) failed
[  438.232370][ T7739] FAT-fs (loop1): Directory bread(block 67) failed
[  438.259386][ T7739] FAT-fs (loop1): Directory bread(block 68) failed
[  438.296998][ T7739] FAT-fs (loop1): Directory bread(block 69) failed
[  438.322875][ T7739] FAT-fs (loop1): Directory bread(block 70) failed
[  438.350230][ T7739] FAT-fs (loop1): Directory bread(block 71) failed
[  438.352398][ T5007] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  438.372402][ T7739] FAT-fs (loop1): Directory bread(block 72) failed
[  438.379095][ T7739] FAT-fs (loop1): Directory bread(block 73) failed
[  438.385755][ T5007] usb 4-1: config 0 has no interface number 0
[  438.385797][ T5007] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  438.385824][ T5007] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  438.385860][ T5007] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  438.443243][ T5007] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.459519][ T5007] usb 4-1: config 0 descriptor??
[  438.571867][ T7624] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  440.114974][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  440.121507][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  440.240085][ T5007] prodikeys 0003:041E:2801.0001: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.3-1/input1
[  440.262053][ T7624] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  440.272660][ T5007] hid_prodikeys: hid-prodikeys: failed to find output report
[  440.272660][ T5007] 
[  440.277868][ T7624] usb 6-1: config 0 has no interface number 0
[  440.316512][ T7624] usb 6-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  440.360320][ T7624] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  440.401858][ T7629] usb 4-1: USB disconnect, device number 10
[  440.483449][ T7624] usb 6-1: config 0 descriptor??
[  440.524890][ T7624] usb 6-1: selecting invalid altsetting 1
[  440.582622][ T7773] loop3: detected capacity change from 0 to 512
[  440.607784][ T7624] dvb_ttusb_budget: ttusb_init_controller: error
[  440.642035][ T7624] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  441.035083][ T7769] fido_id[7769]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  441.256359][ T7773] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  441.292171][ T7773] ext4 filesystem being mounted at /150/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  441.344977][ T7624] DVB: Unable to find symbol cx22700_attach()
[  441.370678][ T7773] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.948: iget: bad i_size value: 2533274857506816
[  441.400166][ T7624] DVB: Unable to find symbol tda10046_attach()
[  441.408898][ T7624] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  441.460370][ T7624] usb 6-1: USB disconnect, device number 6
[  442.078523][ T7803] netlink: 8 bytes leftover after parsing attributes in process `syz.4.954'.
[  442.317180][ T7810] loop4: detected capacity change from 0 to 512
[  442.367246][ T7808] tipc: Started in network mode
[  442.378906][ T7810] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  442.396704][ T7808] tipc: Node identity ff020000000000000000000000000001, cluster identity 4711
[  442.426676][ T7810] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  442.452621][ T7808] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  442.490284][ T7810] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  442.553346][ T7810] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  442.592662][ T7810] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  442.644673][ T7810] EXT4-fs (loop4): orphan cleanup on readonly fs
[  442.831145][ T7822] loop3: detected capacity change from 0 to 512
[  443.196657][ T7810] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.960: bg 0: block 34: padding at end of block bitmap is not set
[  443.372558][ T7810] Quota error (device loop4): write_blk: dquota write failed
[  443.380053][ T7810] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[  443.727522][ T7810] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.960: Failed to acquire dquot type 1
[  443.783543][ T7822] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  443.822790][ T7810] EXT4-fs (loop4): 1 truncate cleaned up
[  443.837376][ T7822] FAT-fs (loop3): Filesystem has been set read-only
[  443.854901][ T7810] EXT4-fs (loop4): mounted filesystem without journal. Opts: norecovery,bsddf,nodioread_nolock,acl,max_dir_size_kb=0x0000000000000001,noblock_validity,usrjquota=,jqfmt=vfsv0,inode_readahead_blks=0x0000000000001000,resgid=0x0000000000000000,nodelalloc,,errors=continue. Quota mode: writeback.
[  444.223230][ T7626] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  444.321921][    T7] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  444.732581][    T7] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  444.763210][    T7] usb 4-1: config 0 has no interface number 0
[  444.819266][    T7] usb 4-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  444.901910][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.966669][    T7] usb 4-1: config 0 descriptor??
[  445.030473][ T7842] loop4: detected capacity change from 0 to 512
[  445.067966][    T7] usb 4-1: selecting invalid altsetting 1
[  445.074060][    T7] dvb_ttusb_budget: ttusb_init_controller: error
[  445.106530][    T7] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  445.202303][ T7842] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  445.236609][    T7] DVB: Unable to find symbol cx22700_attach()
[  445.239638][ T7842] ext4 filesystem being mounted at /204/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  445.294271][ T7842] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.968: iget: bad i_size value: 2533274857506816
[  445.417054][    T7] DVB: Unable to find symbol tda10046_attach()
[  445.434049][    T7] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  445.485350][    T7] usb 4-1: USB disconnect, device number 11
[  445.491985][ T7626] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  445.503818][ T7626] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  445.514014][ T7626] usb 2-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00
[  445.523099][ T7626] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.534514][ T7626] usb 2-1: config 0 descriptor??
[  445.571801][ T5007] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  445.651225][ T7855] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.968: iget: bad i_size value: 2533274857506816
[  446.218899][ T5007] usb 6-1: Using ep0 maxpacket: 8
[  446.277949][ T7860] loop3: detected capacity change from 0 to 512
[  446.367111][ T7860] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  446.420528][ T7860] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  446.521551][ T7860] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  446.547395][ T7860] System zones: 0-2, 18-18, 34-35
[  446.555657][ T7860] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none.
[  446.566935][ T7626] logitech-djreceiver 0003:046D:C71F.0002: hidraw0: USB HID v0.00 Device [HID 046d:c71f] on usb-dummy_hcd.1-1/input0
[  446.585703][ T7860] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  446.593570][ T5007] usb 6-1: unable to get BOS descriptor or descriptor too short
[  446.634970][ T7860] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  446.674818][ T7860] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: none.
[  446.691964][ T5007] usb 6-1: config 4 interface 0 has no altsetting 0
[  446.727885][ T7860] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #2: block 3: comm syz.3.972: bad entry in directory: inode out of bounds - offset=24, inode=134217739, rec_len=20, size=2048 fake=0
[  446.765780][ T7626] usb 2-1: USB disconnect, device number 6
[  446.807844][ T7860] EXT4-fs error (device loop3) in ext4_delete_entry:2800: Corrupt filesystem
[  446.840257][ T7866] fido_id[7866]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  447.092411][ T5007] usb 6-1: string descriptor 0 read error: -22
[  447.098879][ T5007] usb 6-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  447.109577][ T5007] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[  448.876174][ T5007] usb 6-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  449.122991][ T5007] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  449.174512][ T5007] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  449.194205][ T5007] usb 6-1: media controller created
[  449.228072][ T5007] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  449.246903][ T7887] loop1: detected capacity change from 0 to 4096
[  449.383602][ T7893] loop4: detected capacity change from 0 to 512
[  449.391429][ T5007] zl10353_read_register: readreg error (reg=127, ret==0)
[  449.443647][ T7895] overlayfs: failed to clone upperpath
[  449.762542][ T7893] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  449.933060][ T5007] usb 6-1: USB disconnect, device number 7
[  449.973606][ T7893] ext4 filesystem being mounted at /209/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  449.991247][ T4184] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[  450.004999][ T4184] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  450.036504][ T7893] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.982: iget: bad i_size value: 2533274857506816
[  450.387561][ T7913] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.982: iget: bad i_size value: 2533274857506816
[  451.771023][ T7934] loop5: detected capacity change from 0 to 512
[  451.902915][ T7934] EXT4-fs error (device loop5): ext4_do_update_inode:5222: inode #3: comm syz.5.994: corrupted inode contents
[  451.987620][ T7934] EXT4-fs error (device loop5): ext4_dirty_inode:6058: inode #3: comm syz.5.994: mark_inode_dirty error
[  452.071524][ T7934] EXT4-fs error (device loop5): ext4_do_update_inode:5222: inode #3: comm syz.5.994: corrupted inode contents
[  452.141232][ T7934] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #3: comm syz.5.994: mark_inode_dirty error
[  452.208875][ T7934] Quota error (device loop5): write_blk: dquota write failed
[  452.221893][ T7934] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  452.241826][ T7934] EXT4-fs error (device loop5): ext4_acquire_dquot:6234: comm syz.5.994: Failed to acquire dquot type 0
[  452.270106][ T7934] EXT4-fs error (device loop5): ext4_do_update_inode:5222: inode #16: comm syz.5.994: corrupted inode contents
[  452.317612][ T7934] EXT4-fs error (device loop5): ext4_dirty_inode:6058: inode #16: comm syz.5.994: mark_inode_dirty error
[  452.331090][ T7920] loop1: detected capacity change from 0 to 32768
[  452.347403][ T7934] EXT4-fs error (device loop5): ext4_do_update_inode:5222: inode #16: comm syz.5.994: corrupted inode contents
[  452.362113][ T7934] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #16: comm syz.5.994: mark_inode_dirty error
[  452.378883][ T7934] EXT4-fs error (device loop5): ext4_do_update_inode:5222: inode #16: comm syz.5.994: corrupted inode contents
[  452.402339][ T7934] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem
[  452.411537][ T7934] EXT4-fs error (device loop5): ext4_do_update_inode:5222: inode #16: comm syz.5.994: corrupted inode contents
[  452.431372][ T7934] EXT4-fs error (device loop5): ext4_truncate:4279: inode #16: comm syz.5.994: mark_inode_dirty error
[  452.484987][ T7920] JBD2: Ignoring recovery information on journal
[  452.490447][ T7934] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem
[  452.526161][ T7934] EXT4-fs (loop5): 1 truncate cleaned up
[  452.571428][ T7934] EXT4-fs (loop5): mounted filesystem without journal. Opts: resuid=0x0000000000000000,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  452.619522][ T7920] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  452.670213][ T7934] ext4 filesystem being mounted at /113/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  452.672042][ T5009] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  452.861257][ T7950] loop3: detected capacity change from 0 to 512
[  452.944560][ T5009] usb 5-1: Using ep0 maxpacket: 8
[  452.967592][ T7950] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  453.026634][ T7950] ext4 filesystem being mounted at /158/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  453.069082][ T4184] ocfs2: Unmounting device (7,1) on (node local)
[  453.076408][ T7950] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.1001: iget: bad i_size value: 2533274857506816
[  453.296259][ T5009] usb 5-1: unable to get BOS descriptor or descriptor too short
[  453.421786][ T7966] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.1001: iget: bad i_size value: 2533274857506816
[  453.863640][ T5009] usb 5-1: config 4 interface 0 has no altsetting 0
[  454.009049][ T7969] loop1: detected capacity change from 0 to 512
[  454.151422][ T7969] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  454.195344][ T7969] ext4 filesystem being mounted at /199/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  454.242145][ T5009] usb 5-1: string descriptor 0 read error: -22
[  454.248704][ T5009] usb 5-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  454.293180][ T7969] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1003: iget: bad i_size value: 2533274857506816
[  454.320560][ T5009] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[  454.357155][ T7977] loop5: detected capacity change from 0 to 128
[  454.621175][ T7978] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1003: iget: bad i_size value: 2533274857506816
[  455.031932][ T5009] usb 5-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  455.055330][ T5009] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  455.066224][ T5009] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  455.073575][ T5009] usb 5-1: media controller created
[  455.092649][ T5009] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  455.126992][ T5009] zl10353_read_register: readreg error (reg=127, ret==0)
[  455.206407][ T5009] usb 5-1: USB disconnect, device number 11
[  455.799328][ T8000] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  458.016091][ T4819] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  458.281855][ T4819] usb 2-1: Using ep0 maxpacket: 16
[  459.375055][ T4819] usb 2-1: New USB device found, idVendor=04dd, idProduct=8002, bcdDevice=fc.b6
[  459.466804][ T4819] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  459.531758][ T4819] usb 2-1: Product: syz
[  459.569816][ T4819] usb 2-1: config 0 descriptor??
[  459.661869][ T4819] usb 2-1: can't set config #0, error -71
[  459.702520][ T4819] usb 2-1: USB disconnect, device number 7
[  459.772361][ T8027] loop1: detected capacity change from 0 to 1024
[  460.178598][ T4374] hfsplus: b-tree write err: -5, ino 4
[  460.502028][ T5009] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  460.582157][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  460.725565][ T8044] loop4: detected capacity change from 0 to 128
[  460.783866][ T8044] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  460.922138][ T5009] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  460.950894][ T5009] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  460.980815][ T5009] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  461.011129][ T5009] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.061408][ T5009] usb 6-1: config 0 descriptor??
[  461.118342][ T5009] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  461.140767][ T5009] dvb-usb: bulk message failed: -22 (3/0)
[  461.180192][ T5009] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  461.229110][ T5009] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  461.244988][ T5009] usb 6-1: media controller created
[  461.265219][ T5009] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  461.322896][ T5009] dvb-usb: bulk message failed: -22 (6/0)
[  461.350155][ T8035] dvb-usb: bulk message failed: -22 (4/0)
[  461.360032][ T5009] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  461.435861][ T5009] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input10
[  461.477605][ T5009] dvb-usb: schedule remote query interval to 150 msecs.
[  461.499642][ T5009] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  461.557786][ T5009] usb 6-1: USB disconnect, device number 8
[  461.573061][ T8043] loop3: detected capacity change from 0 to 32768
[  461.632785][ T5009] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  461.731427][ T8043] XFS (loop3): Mounting V5 Filesystem
[  461.780959][ T8043] XFS (loop3): Ending clean mount
[  462.030827][ T4195] XFS (loop3): Unmounting Filesystem
[  462.909245][ T8059] loop1: detected capacity change from 0 to 4096
[  462.990471][ T8059] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[  463.134762][ T8044] ntfs3: loop1: ntfs_sync_fs r=1a failed, -22.
[  463.257503][ T8044] ntfs3: loop1: ntfs_sync_fs r=1a failed, -22.
[  463.337907][ T4184] ntfs3: loop1: ntfs_sync_fs r=1a failed, -22.
[  463.480041][ T4184] ntfs3: loop1: ntfs_evict_inode r=1a failed, -22.
[  463.516517][ T4184] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  464.111495][ T8082] loop4: detected capacity change from 0 to 1024
[  464.176959][ T8082] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  464.206856][ T8084] loop1: detected capacity change from 0 to 16
[  464.249003][ T8084] erofs: (device loop1): mounted with root inode @ nid 36.
[  464.313771][ T8084] attempt to access beyond end of device
[  464.313771][ T8084] loop1: rw=524288, want=34359738368, limit=16
[  464.375669][ T8084] attempt to access beyond end of device
[  464.375669][ T8084] loop1: rw=0, want=34359738368, limit=16
[  464.439039][   T26] audit: type=1800 audit(1771859398.063:35): pid=8084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1043" name="file3" dev="loop1" ino=41 res=0 errno=0
[  467.408267][ T8108] loop1: detected capacity change from 0 to 128
[  467.542077][ T8108] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  467.589285][ T8108] ext4 filesystem being mounted at /209/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  467.691758][ T4225] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  467.941881][ T4225] usb 6-1: Using ep0 maxpacket: 16
[  468.062177][ T4225] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  468.083505][ T4225] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  468.114325][ T4225] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[  468.134129][ T8121] loop1: detected capacity change from 0 to 64
[  468.143892][ T4225] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  468.164088][ T4225] usb 6-1: config 0 descriptor??
[  468.633986][ T4225] lua 0003:1E7D:2C2E.0003: item fetching failed at offset 1/5
[  468.878100][ T8127] loop1: detected capacity change from 0 to 32768
[  468.927320][ T4225] lua 0003:1E7D:2C2E.0003: parse failed
[  468.976159][ T4225] lua: probe of 0003:1E7D:2C2E.0003 failed with error -22
[  469.165839][ T4225] usb 6-1: USB disconnect, device number 9
[  469.369607][ T8111] loop4: detected capacity change from 0 to 40427
[  469.392210][ T8127] XFS (loop1): Mounting V5 Filesystem
[  469.453662][ T8111] F2FS-fs (loop4): invalid crc value
[  469.524164][ T8111] F2FS-fs (loop4): Found nat_bits in checkpoint
[  469.575383][ T7624] XFS (loop1): Metadata CRC error detected at xfs_agf_read_verify+0x192/0x250, xfs_agf block 0x1 
[  469.632674][ T7624] XFS (loop1): Unmount and run xfs_repair
[  469.638480][ T7624] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[  469.653077][ T8154] overlayfs: failed to clone upperpath
[  469.674864][ T7624] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 03 ff  XAGF............
[  469.821772][ T7624] 00000010: 00 00 00 01 00 00 00 02 00 00 00 00 00 00 00 01  ................
[  469.843553][ T8111] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  469.851263][ T7624] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  469.881879][ T7624] 00000030: 00 00 00 04 00 00 0b a2 00 00 0b a0 00 00 00 00  ................
[  469.890821][ T7624] 00000040: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  469.936222][ T7624] 00000050: 00 00 00 00 00 00 00 01 00 00 00 05 00 00 00 01  ................
[  469.955904][ T7624] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  469.971869][ T7624] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  469.987450][ T8158] loop5: detected capacity change from 0 to 4096
[  469.994522][ T8127] XFS (loop1): metadata I/O error in "xfs_read_agf+0x252/0x510" at daddr 0x1 len 1 error 74
[  470.004989][ T8127] XFS (loop1): Error -117 reserving per-AG metadata reserve pool.
[  470.013954][ T8127] XFS (loop1): Corruption of in-memory data (0x8) detected at xfs_fs_reserve_ag_blocks+0x1bf/0x1f0 (fs/xfs/xfs_fsops.c:577).  Shutting down filesystem.
[  470.029558][ T8127] XFS (loop1): Please unmount the filesystem and rectify the problem(s)
[  470.038287][ T8127] XFS (loop1): Ending clean mount
[  470.044673][ T8127] XFS (loop1): Failed to initialize disk quotas.
[  470.051255][ T8127] XFS (loop1): Error -5 reserving per-AG metadata reserve pool.
[  470.243137][ T8158] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  470.341214][ T8142] loop3: detected capacity change from 0 to 32768
[  470.485778][ T8142] XFS (loop3): Mounting V5 Filesystem
[  470.508687][ T5050] ntfs3: loop5: ntfs_evict_inode r=5 failed, -22.
[  470.840224][ T8174] loop1: detected capacity change from 0 to 4096
[  470.959560][ T8142] XFS (loop3): Ending clean mount
[  470.986156][ T8177] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1071'.
[  470.996200][ T8142] XFS (loop3): Quotacheck needed: Please wait.
[  471.009390][ T8174] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512)
[  471.916739][ T8184] loop5: detected capacity change from 0 to 512
[  471.954334][ T8142] XFS (loop3): Quotacheck: Done.
[  472.062257][ T4184] ntfs3: loop1: ntfs_evict_inode r=1e failed, -22.
[  472.076522][ T4184] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  472.167211][ T8184] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  472.210114][ T4195] XFS (loop3): Unmounting Filesystem
[  472.284285][ T8184] ext4 filesystem being mounted at /130/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  472.424439][ T8184] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1073: iget: bad i_size value: 2533274857506816
[  472.810324][ T8203] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1073: iget: bad i_size value: 2533274857506816
[  473.972301][ T8217] loop4: detected capacity change from 0 to 32768
[  474.731286][ T8217] XFS (loop4): Mounting V5 Filesystem
[  474.907342][ T5008] XFS (loop4): Metadata CRC error detected at xfs_agf_read_verify+0x192/0x250, xfs_agf block 0x1 
[  474.979960][ T5008] XFS (loop4): Unmount and run xfs_repair
[  475.005977][ T5008] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  475.034145][ T5008] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 03 ff  XAGF............
[  475.067927][ T5008] 00000010: 00 00 00 01 00 00 00 02 00 00 00 00 00 00 00 01  ................
[  475.108178][ T5008] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  475.138523][ T5008] 00000030: 00 00 00 04 00 00 0b a2 00 00 0b a0 00 00 00 00  ................
[  475.168637][ T5008] 00000040: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  475.193995][ T5008] 00000050: 00 00 00 00 00 00 00 01 00 00 00 05 00 00 00 01  ................
[  475.221900][ T5008] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  475.241259][ T5008] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  475.253969][ T8217] XFS (loop4): metadata I/O error in "xfs_read_agf+0x252/0x510" at daddr 0x1 len 1 error 74
[  475.264626][ T8217] XFS (loop4): Error -117 reserving per-AG metadata reserve pool.
[  475.273209][ T8217] XFS (loop4): Corruption of in-memory data (0x8) detected at xfs_fs_reserve_ag_blocks+0x1bf/0x1f0 (fs/xfs/xfs_fsops.c:577).  Shutting down filesystem.
[  475.288611][ T8217] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  475.297052][ T8217] XFS (loop4): Ending clean mount
[  475.302575][ T8217] XFS (loop4): Failed to initialize disk quotas.
[  475.309073][ T8217] XFS (loop4): Error -5 reserving per-AG metadata reserve pool.
[  475.391246][ T8246] loop1: detected capacity change from 0 to 4096
[  475.403410][ T8246] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  475.560317][ T8246] ntfs: volume version 3.1.
[  475.657633][ T8246] ntfs: (device loop1): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set ascii.  You might want to try to use the mount option nls=utf8.
[  475.785334][ T8246] ntfs: (device loop1): ntfs_filldir(): Skipping unrepresentable inode 0x4.
[  475.850889][ T8251] loop5: detected capacity change from 0 to 512
[  475.972384][ T8251] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[  476.034479][ T8251] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  476.237175][ T8251] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e12c, mo2=0102]
[  476.295884][ T8251] System zones: 1-12
[  476.336523][ T8251] EXT4-fs (loop5): orphan cleanup on readonly fs
[  476.417183][ T8251] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.1092: invalid indirect mapped block 12 (level 1)
[  476.503755][ T8251] EXT4-fs (loop5): Remounting filesystem read-only
[  476.535638][ T8251] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.1092: invalid indirect mapped block 2 (level 2)
[  476.619418][ T8251] EXT4-fs (loop5): Remounting filesystem read-only
[  476.656110][ T8251] EXT4-fs (loop5): 1 truncate cleaned up
[  476.792217][ T8251] EXT4-fs (loop5): mounted filesystem without journal. Opts: noinit_itable,mblk_io_submit,noload,errors=remount-ro,abort. Quota mode: none.
[  477.655417][ T8270] loop1: detected capacity change from 0 to 764
[  477.693726][ T8273] tipc: Started in network mode
[  477.698641][ T8273] tipc: Node identity , cluster identity 4711
[  477.727531][ T8277] loop4: detected capacity change from 0 to 512
[  477.775740][ T8270] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  477.797916][ T8270] UDF-fs: Scanning with blocksize 512 failed
[  477.844941][ T8270] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  477.890401][ T8277] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  477.923405][ T8270] UDF-fs: Scanning with blocksize 1024 failed
[  477.937912][ T8270] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  477.951588][ T8270] UDF-fs: Scanning with blocksize 2048 failed
[  477.959800][ T8270] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  477.971992][ T8270] UDF-fs: Scanning with blocksize 4096 failed
[  477.978497][ T8277] ext4 filesystem being mounted at /230/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  478.765901][ T5007] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  479.502080][ T5007] usb 6-1: Using ep0 maxpacket: 16
[  479.659863][ T8289] loop3: detected capacity change from 0 to 8192
[  479.672010][ T5007] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  479.716837][ T8289] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  479.728060][ T5007] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  479.738434][ T8289] REISERFS (device loop3): using ordered data mode
[  479.745129][ T8289] reiserfs: using flush barriers
[  479.755770][ T8289] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  479.774538][ T8289] REISERFS (device loop3): checking transaction log (loop3)
[  479.786707][ T8289] REISERFS (device loop3): Using r5 hash to sort names
[  479.802595][ T8289] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  479.828341][ T5007] usb 6-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  479.853638][ T8311] loop1: detected capacity change from 0 to 512
[  479.856527][ T8289] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  479.894139][ T5007] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.926094][ T5007] usb 6-1: config 0 descriptor??
[  479.942974][ T8313] loop4: detected capacity change from 0 to 8192
[  480.004606][ T8311] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  480.022592][ T8311] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  480.038083][ T8313] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
[  480.051951][ T8313] REISERFS (device loop4): using ordered data mode
[  480.055290][ T8311] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e12c, mo2=0102]
[  480.076642][ T8313] reiserfs: using flush barriers
[  480.086984][ T8311] System zones: 1-12
[  480.104257][ T8313] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  480.122561][ T8311] EXT4-fs (loop1): orphan cleanup on readonly fs
[  480.129210][ T8311] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1110: invalid indirect mapped block 12 (level 1)
[  480.170931][ T8313] REISERFS (device loop4): checking transaction log (loop4)
[  480.210246][ T8313] REISERFS (device loop4): Using r5 hash to sort names
[  480.242201][ T8311] EXT4-fs (loop1): Remounting filesystem read-only
[  480.249224][ T8311] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1110: invalid indirect mapped block 2 (level 2)
[  480.265257][ T8313] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  480.275636][ T8311] EXT4-fs (loop1): Remounting filesystem read-only
[  480.285389][ T8311] EXT4-fs (loop1): 1 truncate cleaned up
[  480.291272][ T8311] EXT4-fs (loop1): mounted filesystem without journal. Opts: noinit_itable,mblk_io_submit,noload,errors=remount-ro,abort. Quota mode: none.
[  480.425665][ T5007] hid-multitouch 0003:1FD2:6007.0004: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.5-1/input0
[  480.659948][ T7629] usb 6-1: USB disconnect, device number 10
[  481.841509][ T8343] loop4: detected capacity change from 0 to 64
[  482.171837][ T7629] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  482.371721][ T7624] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  482.428356][ T8340] loop3: detected capacity change from 0 to 40427
[  482.451938][ T7629] usb 2-1: Using ep0 maxpacket: 16
[  482.528866][ T8362] overlayfs: failed to clone upperpath
[  482.682448][ T7629] usb 2-1: config 1 has an invalid interface number: 69 but max is 0
[  482.699143][ T7629] usb 2-1: config 1 has no interface number 0
[  482.710781][ T7629] usb 2-1: config 1 interface 69 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  482.903220][ T7629] usb 2-1: config 1 interface 69 altsetting 2 bulk endpoint 0x81 has invalid maxpacket 64
[  482.914240][ T8340] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x1ffff
[  482.936420][ T7629] usb 2-1: config 1 interface 69 has no altsetting 0
[  482.962600][ T8340] F2FS-fs (loop3): invalid crc value
[  482.980546][ T8340] F2FS-fs (loop3): Found nat_bits in checkpoint
[  483.013798][ T7624] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  483.028902][ T7624] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.050398][ T7624] usb 5-1: config 0 descriptor??
[  483.105207][ T7624] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  483.150829][ T8340] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  483.181997][ T7629] usb 2-1: New USB device found, idVendor=0bb4, idProduct=0a7e, bcdDevice=60.c4
[  483.203152][ T7629] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  483.255133][ T7629] usb 2-1: Product: syz
[  483.259517][ T7629] usb 2-1: Manufacturer: syz
[  483.277074][ T7629] usb 2-1: SerialNumber: syz
[  483.312176][ T7624] gp8psk: usb in 128 operation failed.
[  483.342338][ T8345] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  483.352000][ T8345] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  483.361817][ T7624] gp8psk: usb in 137 operation failed.
[  483.367406][ T7624] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  483.393140][ T7629] ipaq 2-1:1.69: PocketPC PDA converter detected
[  483.432839][ T4195] attempt to access beyond end of device
[  483.432839][ T4195] loop3: rw=2049, want=45104, limit=40427
[  483.472303][ T7624] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[  483.515633][ T7624] usb 5-1: media controller created
[  483.554090][ T7624] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  483.587256][ T7624] gp8psk_fe: Frontend attached
[  483.592908][ T7624] usb 5-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  483.612024][ T7629] ipaq: probe of 2-1:1.69 failed with error -71
[  483.639576][ T7629] usb 2-1: USB disconnect, device number 8
[  483.646868][ T7624] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  483.969483][ T8383] loop3: detected capacity change from 0 to 512
[  484.001891][ T7624] gp8psk: usb in 137 operation failed.
[  484.007650][ T7624] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[  484.027823][ T7624] gp8psk: found Genpix USB device pID = 203 (hex)
[  484.050831][ T7624] usb 5-1: USB disconnect, device number 12
[  484.183121][ T7624] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[  484.235283][ T8383] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  484.253148][ T8383] ext4 filesystem being mounted at /179/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  484.961464][ T8394] overlayfs: failed to clone upperpath
[  484.970539][ T8400] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1146'.
[  485.532381][ T4819] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  485.891990][ T4819] usb 2-1: config 0 interface 0 altsetting 69 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  485.912496][ T4819] usb 2-1: config 0 interface 0 altsetting 69 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  485.945915][ T8403] loop4: detected capacity change from 0 to 40427
[  485.968393][ T4819] usb 2-1: config 0 interface 0 has no altsetting 0
[  485.990881][ T4819] usb 2-1: New USB device found, idVendor=17ef, idProduct=61ae, bcdDevice= 0.00
[  486.031385][ T4819] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.064040][ T8403] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x1ffff
[  486.132200][ T4819] usb 2-1: config 0 descriptor??
[  486.134031][ T8403] F2FS-fs (loop4): invalid crc value
[  486.153584][ T8408] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  486.416478][ T8403] F2FS-fs (loop4): Found nat_bits in checkpoint
[  486.564468][ T8408] loop1: detected capacity change from 0 to 64
[  486.741504][ T8408] hfs: keylen 9474 too large
[  486.789214][ T8408] hfs: get root inode failed
[  486.961505][ T8403] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  487.047738][ T4191] attempt to access beyond end of device
[  487.047738][ T4191] loop4: rw=2049, want=45104, limit=40427
[  487.213162][ T8443] overlayfs: failed to clone upperpath
[  487.561138][ T4819] hid-generic 0003:17EF:61AE.0005: hidraw0: USB HID v0.04 Device [HID 17ef:61ae] on usb-dummy_hcd.1-1/input0
[  487.762070][ T7629] usb 2-1: USB disconnect, device number 9
[  487.882568][ T8454] loop3: detected capacity change from 0 to 512
[  488.034949][ T8457] overlayfs: failed to clone upperpath
[  488.326970][ T8454] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  488.368183][ T8454] ext4 filesystem being mounted at /185/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  488.396507][ T8464] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1162'.
[  488.465561][ T8454] EXT4-fs error (device loop3): ext4_do_update_inode:5222: inode #2: comm syz.3.1166: corrupted inode contents
[  488.486769][ T8464] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1162'.
[  488.543306][ T8466] EXT4-fs (loop3): shut down requested (2)
[  488.593045][ T8464] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1162'.
[  488.615133][ T8470] loop1: detected capacity change from 0 to 512
[  488.640479][ T8464] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1162'.
[  488.698402][ T4235] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  488.729422][ T8470] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  488.784982][ T8470] ext4 filesystem being mounted at /230/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  489.225642][ T8488] loop3: detected capacity change from 0 to 512
[  489.608957][ T8495] overlayfs: failed to clone upperpath
[  489.747857][ T8481] loop4: detected capacity change from 0 to 131072
[  489.765422][ T8488] EXT4-fs (loop3): Ignoring removed oldalloc option
[  489.820602][ T8481] F2FS-fs (loop4): invalid crc value
[  489.844429][ T8488] EXT4-fs (loop3): mounted filesystem without journal. Opts: acl,nodiscard,oldalloc,,errors=continue. Quota mode: none.
[  489.891419][ T8481] F2FS-fs (loop4): Found nat_bits in checkpoint
[  489.948690][ T8481] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  489.983482][ T8488] fscrypt (loop3, inode 18): Direct key flag not allowed with different contents and filenames modes
[  490.968854][ T8513] loop1: detected capacity change from 0 to 512
[  491.013039][ T8514] loop3: detected capacity change from 0 to 1024
[  491.202049][ T8513] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1183: invalid indirect mapped block 10 (level 1)
[  491.242401][ T8513] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1183: invalid indirect mapped block 8 (level 1)
[  491.300402][ T8513] EXT4-fs (loop1): 1 truncate cleaned up
[  491.309597][ T8513] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  493.159819][ T8518] loop5: detected capacity change from 0 to 32768
[  493.339209][ T8534] loop1: detected capacity change from 0 to 512
[  493.538650][ T8534] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  493.599530][ T8534] ext4 filesystem being mounted at /235/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  493.650679][ T8534] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1190: iget: bad i_size value: 2533274857506816
[  493.698255][ T8518] XFS (loop5): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent.
[  493.712677][ T8542] loop3: detected capacity change from 0 to 512
[  493.800513][ T8547] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1190: iget: bad i_size value: 2533274857506816
[  493.917756][ T8549] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1190'.
[  494.009536][ T5008] XFS (loop5): Metadata CRC error detected at xfs_inobt_read_verify+0x3a/0xd0, xfs_inobt block 0xc 
[  494.042780][ T5008] XFS (loop5): Unmount and run xfs_repair
[  494.048648][ T5008] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[  494.064060][ T5008] 00000000: 49 41 42 33 00 00 00 02 ff ff ff ff ff ff ff ff  IAB3............
[  494.083750][ T8542] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  494.134526][ T5008] 00000010: 00 00 00 00 00 00 00 0c 00 00 00 01 00 00 00 80  ................
[  494.165134][ T8542] ext4 filesystem being mounted at /192/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  494.187904][ T5008] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  494.210306][ T5008] 00000030: 00 00 00 00 72 1a c9 82 00 00 24 40 00 00 40 37  ....r.....$@..@7
[  494.223917][ T5008] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  494.233404][ T5008] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  494.242904][ T5008] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  494.252400][ T5008] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  494.261552][ T8518] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0xc len 4 error 74
[  494.271164][ T8542] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.1191: iget: bad i_size value: 2533274857506816
[  494.306183][ T8518] XFS (loop5): Failed to read root inode 0x2440, error 117
[  494.580206][ T8559] loop4: detected capacity change from 0 to 512
[  494.633569][ T8556] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.1191: iget: bad i_size value: 2533274857506816
[  494.686664][ T8559] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  494.716834][ T8558] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1191'.
[  494.926818][ T8559] EXT4-fs (loop4): 1 truncate cleaned up
[  494.946543][ T8559] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  495.042785][ T8568] loop1: detected capacity change from 0 to 256
[  495.260376][ T8568] attempt to access beyond end of device
[  495.260376][ T8568] loop1: rw=2049, want=296, limit=256
[  495.286119][ T8573] overlayfs: failed to clone upperpath
[  495.603458][ T8580] loop5: detected capacity change from 0 to 512
[  495.635453][ T8582] loop4: detected capacity change from 0 to 512
[  495.715910][ T8580] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  495.734629][ T8580] ext4 filesystem being mounted at /146/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  495.767428][ T8580] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1202: iget: bad i_size value: 2533274857506816
[  496.080969][ T8592] loop1: detected capacity change from 0 to 4096
[  496.192099][ T8592] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[  496.206192][ T8593] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1202: iget: bad i_size value: 2533274857506816
[  496.267027][ T8577] loop3: detected capacity change from 0 to 32768
[  496.568504][ T8592] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  496.586347][ T8592] ntfs3: loop1: Failed to load $Extend.
[  496.595565][ T8602] loop4: detected capacity change from 0 to 512
[  496.652803][ T8577] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  496.735995][ T8602] EXT4-fs (loop4): 1 truncate cleaned up
[  496.737783][   T26] audit: type=1800 audit(1771859430.363:36): pid=8592 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1206" name="file2" dev="loop1" ino=31 res=0 errno=0
[  496.761878][ T8602] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsddf,,errors=continue. Quota mode: none.
[  496.787264][ T8602] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1209: bg 0: block 465: padding at end of block bitmap is not set
[  496.807337][ T8602] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 28
[  496.852882][ T8602] EXT4-fs (loop4): This should not happen!! Data will be lost
[  496.852882][ T8602] 
[  496.863476][ T8602] EXT4-fs (loop4): Total free blocks count 0
[  496.870622][ T8602] EXT4-fs (loop4): Free/Dirty block details
[  496.877401][ T8602] EXT4-fs (loop4): free_blocks=0
[  496.882981][ T8602] EXT4-fs (loop4): dirty_blocks=2
[  496.888396][ T8602] EXT4-fs (loop4): Block reservation details
[  496.895902][ T8602] EXT4-fs (loop4): i_reserved_data_blocks=2
[  496.968452][ T4299] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  497.021931][ T4299] EXT4-fs (loop4): This should not happen!! Data will be lost
[  497.021931][ T4299] 
[  497.103902][ T8610] overlayfs: failed to clone upperpath
[  497.165464][ T4195] ocfs2: Unmounting device (7,3) on (node local)
[  498.193899][ T8627] loop1: detected capacity change from 0 to 1024
[  498.275193][ T8616] loop3: detected capacity change from 0 to 40427
[  498.328636][ T8616] F2FS-fs (loop3): invalid crc value
[  498.368781][ T8616] F2FS-fs (loop3): Found nat_bits in checkpoint
[  498.390485][ T8627] EXT4-fs (loop1): mounted filesystem without journal. Opts: nojournal_checksum,nombcache,barrier,nogrpid,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,usrquota,jqfmt=vfsold,bsdgroups,init_itable,,errors=continue. Quota mode: writeback.
[  498.589104][ T8616] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  498.789466][ T4195] attempt to access beyond end of device
[  498.789466][ T4195] loop3: rw=2049, want=45104, limit=40427
[  499.331229][ T8655] overlayfs: failed to clone upperpath
[  499.454595][ T8644] loop4: detected capacity change from 0 to 32768
[  499.604224][ T8644] XFS (loop4): Mounting V5 Filesystem
[  499.689826][ T8675] overlayfs: failed to clone upperpath
[  499.698389][ T8674] loop1: detected capacity change from 0 to 512
[  499.863202][ T8674] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  499.891997][ T8674] ext4 filesystem being mounted at /248/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  499.984004][ T8671] loop3: detected capacity change from 0 to 4096
[  499.990406][ T8674] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1230: iget: bad i_size value: 2533274857506816
[  500.185350][ T8644] XFS (loop4): Ending clean mount
[  500.203892][ T8644] XFS (loop4): Quotacheck needed: Please wait.
[  500.568772][ T8644] XFS (loop4): Quotacheck: Done.
[  500.644112][ T4195] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22.
[  500.692664][ T8644] XFS (loop4): User initiated shutdown received.
[  500.699391][ T8644] XFS (loop4): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:495).  Shutting down filesystem.
[  500.728893][ T4195] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  500.761875][ T8644] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  500.790252][ T8688] loop5: detected capacity change from 0 to 512
[  500.878694][ T4191] XFS (loop4): Unmounting Filesystem
[  500.977373][ T8688] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  501.062039][ T8688] ext4 filesystem being mounted at /150/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  501.156044][ T8688] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1233: iget: bad i_size value: 2533274857506816
[  501.408327][ T8688] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1233: iget: bad i_size value: 2533274857506816
[  501.463278][ T8698] loop3: detected capacity change from 0 to 4096
[  501.474919][ T8699] netlink: 164 bytes leftover after parsing attributes in process `syz.5.1233'.
[  501.595190][ T8698] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512)
[  501.750783][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  501.757148][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  501.862726][ T8698] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  506.201347][ T8733] loop5: detected capacity change from 0 to 512
[  506.258775][ T8737] loop4: detected capacity change from 0 to 512
[  506.404422][ T8733] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  506.421115][ T8737] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  506.465263][ T8733] ext4 filesystem being mounted at /154/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  506.476988][ T8737] ext4 filesystem being mounted at /250/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  506.497555][ T8733] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1244: iget: bad i_size value: 2533274857506816
[  506.533659][ T8745] netlink: 'syz.1.1248': attribute type 1 has an invalid length.
[  506.541524][ T8745] netlink: 'syz.1.1248': attribute type 2 has an invalid length.
[  506.567958][ T8737] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.1247: iget: bad i_size value: 2533274857506816
[  506.775875][ T8746] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1244: iget: bad i_size value: 2533274857506816
[  506.790954][ T8747] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.1247: iget: bad i_size value: 2533274857506816
[  506.943410][ T8749] netlink: 164 bytes leftover after parsing attributes in process `syz.5.1244'.
[  507.786427][ T8760] loop5: detected capacity change from 0 to 8192
[  507.847424][ T8760] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  507.981956][   T26] audit: type=1800 audit(1771859441.613:37): pid=8760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1251" name="file1" dev="loop5" ino=1048649 res=0 errno=0
[  508.821977][ T8787] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  508.844810][ T8789] loop1: detected capacity change from 0 to 512
[  508.950922][ T8789] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  509.003271][ T8789] ext4 filesystem being mounted at /253/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  509.014192][ T5009] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  509.056906][ T8789] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1262: iget: bad i_size value: 2533274857506816
[  509.271899][ T5009] usb 4-1: Using ep0 maxpacket: 8
[  509.293003][ T8789] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1262: iget: bad i_size value: 2533274857506816
[  509.357915][ T8802] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1262'.
[  509.421910][ T5009] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  509.443333][ T5009] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  509.549143][ T5009] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  509.580119][ T5009] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  509.608643][ T5009] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  509.677942][ T5009] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  509.721810][ T5009] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.051953][ T5009] usb 4-1: GET_CAPABILITIES returned 0
[  510.057601][ T5009] usbtmc 4-1:16.0: can't read capabilities
[  510.636736][ T5009] usb 4-1: USB disconnect, device number 12
[  510.684947][ T8813] loop5: detected capacity change from 0 to 512
[  510.859878][ T8813] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  510.952855][ T8813] ext4 filesystem being mounted at /159/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  511.030622][ T8810] loop4: detected capacity change from 0 to 32768
[  511.059294][ T8813] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1271: iget: bad i_size value: 2533274857506816
[  511.089581][ T8810] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop4 scanned by syz.4.1269 (8810)
[  511.328230][ T8810] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  511.337260][ T8810] BTRFS info (device loop4): turning on flush-on-commit
[  511.391547][ T8834] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1271: iget: bad i_size value: 2533274857506816
[  511.636980][ T8810] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  511.660592][ T8834] netlink: 164 bytes leftover after parsing attributes in process `syz.5.1271'.
[  511.827881][ T8810] BTRFS info (device loop4): trying to use backup root at mount time
[  511.849918][ T8838] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  511.885817][ T8810] BTRFS info (device loop4): disabling tree log
[  511.913036][ T8810] BTRFS info (device loop4): enabling tree log
[  511.949268][ T8810] BTRFS info (device loop4): use zlib compression, level 3
[  511.956710][ T8810] BTRFS info (device loop4): using free space tree
[  512.034619][ T8844] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1277'.
[  512.165344][ T8810] BTRFS info (device loop4): has skinny extents
[  514.330519][ T8810] BTRFS error (device loop4): open_ctree failed: -12
[  514.334911][ T7286] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop4 scanned by udevd (7286)
[  514.378226][ T8840] loop1: detected capacity change from 0 to 32768
[  514.547753][ T8840] XFS (loop1): Mounting V5 Filesystem
[  514.692297][ T8886] lo speed is unknown, defaulting to 1000
[  514.698789][ T8886] lo speed is unknown, defaulting to 1000
[  514.709822][ T8840] XFS (loop1): Ending clean mount
[  514.815785][ T8886] lo speed is unknown, defaulting to 1000
[  514.880316][ T8886] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  514.909015][ T8899] device macvlan0 entered promiscuous mode
[  515.003573][ T8886] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  515.089006][ T4184] XFS (loop1): Unmounting Filesystem
[  515.154136][ T8886] lo speed is unknown, defaulting to 1000
[  515.178386][ T8886] lo speed is unknown, defaulting to 1000
[  515.250713][ T8886] lo speed is unknown, defaulting to 1000
[  515.276726][ T8886] lo speed is unknown, defaulting to 1000
[  515.297351][ T8886] lo speed is unknown, defaulting to 1000
[  517.315447][ T8926] loop1: detected capacity change from 0 to 512
[  517.383022][ T4760] Bluetooth: hci3: command 0x0405 tx timeout
[  517.564826][ T8926] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  517.593052][ T8926] ext4 filesystem being mounted at /257/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  517.656974][ T8938] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1301'.
[  517.929295][ T8926] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1292: iget: bad i_size value: 2533274857506816
[  518.763387][ T8955] loop5: detected capacity change from 0 to 2048
[  518.939618][ T8966] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  519.140395][ T8973] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  519.147865][ T8973] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  519.250535][ T8975] loop4: detected capacity change from 0 to 512
[  519.924394][ T8975] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  519.979100][ T8975] ext4 filesystem being mounted at /260/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  520.282077][ T8975] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.1318: iget: bad i_size value: 2533274857506816
[  521.219948][ T9009] loop4: detected capacity change from 0 to 512
[  522.097763][ T9003] loop5: detected capacity change from 0 to 40427
[  522.118046][ T9009] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  522.214025][ T9003] F2FS-fs (loop5): invalid crc value
[  522.234937][ T9009] ext4 filesystem being mounted at /262/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  522.276020][ T9003] F2FS-fs (loop5): Found nat_bits in checkpoint
[  522.326314][ T9009] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.1329: iget: bad i_size value: 2533274857506816
[  522.444396][ T9003] F2FS-fs (loop5): Start checkpoint disabled!
[  522.615874][ T9027] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1333'.
[  522.629844][ T9003] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  522.643780][ T9027] netlink: 'syz.0.1333': attribute type 7 has an invalid length.
[  522.664451][ T9026] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.1329: iget: bad i_size value: 2533274857506816
[  522.731705][ T9032] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1329'.
[  522.793151][ T9034] loop3: detected capacity change from 0 to 512
[  523.025958][ T4309] attempt to access beyond end of device
[  523.025958][ T4309] loop5: rw=2049, want=40976, limit=40427
[  523.032836][ T9034] EXT4-fs (loop3): Test dummy encryption mode enabled
[  523.080010][ T9034] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  523.172435][ T9040] overlayfs: failed to clone upperpath
[  523.370071][ T9034] EXT4-fs error (device loop3): xattr_find_entry:297: inode #15: comm syz.3.1336: corrupted xattr entries
[  523.469650][ T9034] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2807: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  523.514008][ T9034] EXT4-fs (loop3): 1 orphan inode deleted
[  523.519796][ T9034] EXT4-fs (loop3): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,test_dummy_encryption,,errors=continue. Quota mode: none.
[  524.011082][ T9049] loop4: detected capacity change from 0 to 512
[  524.159112][ T9049] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  524.227198][ T9049] ext4 filesystem being mounted at /264/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  524.292411][ T9049] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.1342: iget: bad i_size value: 2533274857506816
[  524.292889][ T9061] xt_hashlimit: max too large, truncated to 1048576
[  524.675521][ T9067] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1346'.
[  525.761846][ T5009] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  525.777490][ T9074] loop1: detected capacity change from 0 to 32768
[  526.015168][ T9100] overlayfs: failed to clone upperpath
[  526.511855][ T5009] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  526.561865][ T5009] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  526.615612][ T5009] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  526.654111][ T5009] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  526.722943][ T9084] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  527.912854][ T7626] usb 6-1: USB disconnect, device number 11
[  528.307137][ T9131] loop4: detected capacity change from 0 to 2048
[  528.450090][ T9131] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  528.508136][ T9131] UDF-fs: Scanning with blocksize 512 failed
[  528.590769][ T9131] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  528.686992][ T9143] loop5: detected capacity change from 0 to 512
[  529.073892][ T9143] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  529.103730][ T9152] overlayfs: failed to clone upperpath
[  529.171864][ T9143] ext4 filesystem being mounted at /174/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  529.259367][ T9143] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1373: iget: bad i_size value: 2533274857506816
[  529.411761][ T7626] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  529.628621][ T9157] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1373: iget: bad i_size value: 2533274857506816
[  529.854492][ T7626] usb 5-1: Using ep0 maxpacket: 16
[  529.916235][    T7] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  530.157376][ T7626] usb 5-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  530.171742][    T7] usb 2-1: Using ep0 maxpacket: 32
[  530.176954][ T7626] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  530.176980][ T7626] usb 5-1: Product: syz
[  530.176996][ T7626] usb 5-1: Manufacturer: syz
[  530.209960][ T7626] usb 5-1: SerialNumber: syz
[  530.232677][ T7626] usb 5-1: config 0 descriptor??
[  530.280692][ T7626] ssu100 5-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  530.322319][    T7] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  530.352343][    T7] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  530.381408][    T7] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  530.397244][    T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  530.421301][ T9164] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1378'.
[  530.441744][    T7] usb 2-1: config 0 descriptor??
[  530.481855][ T7626] ssu100: probe of 5-1:0.0 failed with error -71
[  530.507830][ T7626] usb 5-1: USB disconnect, device number 13
[  531.535390][    T7] ft260 0003:0403:6030.0006: unknown main item tag 0x7
[  531.549751][    T7] ft260 0003:0403:6030.0006: hidraw0: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.1-1/input0
[  531.844634][    T7] ft260 0003:0403:6030.0006: failed to retrieve chip version
[  531.862845][    T7] ft260: probe of 0003:0403:6030.0006 failed with error -71
[  531.888863][    T7] usb 2-1: USB disconnect, device number 10
[  532.790058][ T9201] loop3: detected capacity change from 0 to 4096
[  533.151402][ T9220] loop5: detected capacity change from 0 to 512
[  533.205296][ T9224] 9pnet: Insufficient options for proto=fd
[  533.410025][ T9220] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  533.494381][ T9220] ext4 filesystem being mounted at /177/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  533.584861][ T9220] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1399: iget: bad i_size value: 2533274857506816
[  534.027608][ T9236] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1399: iget: bad i_size value: 2533274857506816
[  534.387766][ T9236] netlink: 164 bytes leftover after parsing attributes in process `syz.5.1399'.
[  536.262258][ T7629] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  536.302367][ T9253] loop1: detected capacity change from 0 to 128
[  536.365012][ T9253] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  536.463346][ T9253] ext4 filesystem being mounted at /267/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  536.480448][ T9253] EXT4-fs warning (device loop1): ext4_group_extend:1847: will only finish group (8193 blocks, 8129 new)
[  536.493482][ T9253] EXT4-fs warning (device loop1): ext4_group_extend:1852: can't read last block, resize aborted
[  536.537522][ T7629] usb 5-1: Using ep0 maxpacket: 16
[  536.692002][ T7629] usb 5-1: config 0 interface 0 has no altsetting 0
[  536.700451][ T7629] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  536.729498][ T7629] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  536.750682][ T9257] loop3: detected capacity change from 0 to 8192
[  536.786620][ T7629] usb 5-1: config 0 descriptor??
[  536.869779][ T9257] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  536.904453][ T9257] REISERFS (device loop3): using ordered data mode
[  536.950393][ T9257] reiserfs: using flush barriers
[  536.981018][ T9257] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  537.004360][ T9266] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1412'.
[  537.040991][ T9257] REISERFS (device loop3): checking transaction log (loop3)
[  537.076887][ T9257] REISERFS (device loop3): Using tea hash to sort names
[  537.128891][ T9257] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  537.287967][ T7629] hid (null): nested delimiters
[  537.301860][ T7629] hid (null): nested delimiters
[  537.306772][ T7629] hid (null): nested delimiters
[  537.347148][ T9270] loop5: detected capacity change from 0 to 4096
[  537.485309][   T21] usb 5-1: USB disconnect, device number 14
[  537.555547][ T7629] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  537.659577][ T9273] sp0: Synchronizing with TNC
[  537.802677][ T7629] usb 4-1: Using ep0 maxpacket: 32
[  537.936605][ T7629] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  538.222783][ T7629] usb 4-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  538.279081][ T7629] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  538.359836][ T7629] usb 4-1: Product: syz
[  538.422203][ T7629] usb 4-1: Manufacturer: syz
[  538.481678][ T7629] usb 4-1: SerialNumber: syz
[  538.754473][ T7629] usb 4-1: config 0 descriptor??
[  539.561707][ T7629] usb 4-1: USB disconnect, device number 13
[  539.585623][ T9285] loop5: detected capacity change from 0 to 4096
[  540.102176][ T9285] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  540.110225][ T9285] ntfs3: loop5: Failed to load $Extend.
[  540.585252][ T9306] loop3: detected capacity change from 0 to 512
[  540.770513][ T9306] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  540.877992][ T9306] ext4 filesystem being mounted at /248/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  540.899654][ T9306] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.1423: iget: bad i_size value: 2533274857506816
[  541.797858][ T9326] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.1423: iget: bad i_size value: 2533274857506816
[  542.215053][ T9308] loop1: detected capacity change from 0 to 32768
[  542.230364][ T9337] loop5: detected capacity change from 0 to 1024
[  542.393104][ T9308] XFS (loop1): Mounting V5 Filesystem
[  542.511340][ T9308] XFS (loop1): Ending clean mount
[  542.522609][ T9308] XFS (loop1): Quotacheck needed: Please wait.
[  542.642552][ T9308] XFS (loop1): Quotacheck: Done.
[  542.664186][ T9337] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  542.680740][ T9346] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  542.691191][ T9346] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  542.713093][ T9337] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  542.763938][ T4184] XFS (loop1): Unmounting Filesystem
[  542.797527][ T4374] hfsplus: b-tree write err: -5, ino 4
[  542.904941][ T4374] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  542.918892][ T9350] overlayfs: failed to clone upperpath
[  543.136614][ T9328] loop4: detected capacity change from 0 to 32768
[  543.488144][ T9328] XFS (loop4): Mounting V5 Filesystem
[  543.650641][ T9328] XFS (loop4): Ending clean mount
[  543.701428][ T9328] XFS (loop4): Quotacheck needed: Please wait.
[  544.603894][ T9328] XFS (loop4): Quotacheck: Done.
[  544.801730][ T9328] XFS (loop4): Metadata CRC error detected at xfs_refcountbt_read_verify+0x3a/0xd0, xfs_refcountbt block 0x28 
[  544.836256][ T9328] XFS (loop4): Unmount and run xfs_repair
[  544.847760][ T9328] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  544.865736][ T9328] 00000000: 52 ff ff ff 7f 00 00 00 ff ff ff ff ff ff ff ff  R...............
[  544.896032][ T9328] 00000010: 00 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00  .......(........
[  544.911728][ T9328] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  544.941736][ T9328] 00000030: 00 00 00 00 bd e7 de 5d 00 00 00 00 00 00 00 00  .......]........
[  544.941766][ T5007] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  544.956363][ T9398] loop1: detected capacity change from 0 to 512
[  544.982052][ T9328] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  544.991050][ T9328] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  545.030516][ T9328] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  545.071309][ T9328] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  545.098858][ T9398] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  545.123137][ T9328] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x28 len 8 error 74
[  545.146885][ T9398] ext4 filesystem being mounted at /277/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  545.177924][ T9328] XFS (loop4): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x156f/0x1b80 (fs/xfs/libxfs/xfs_defer.c:504).  Shutting down filesystem.
[  545.202301][ T5007] usb 6-1: Using ep0 maxpacket: 8
[  545.214853][ T9398] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1452: iget: bad i_size value: 2533274857506816
[  545.229535][ T9328] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  545.289991][ T4191] XFS (loop4): Unmounting Filesystem
[  545.332091][ T5007] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  545.340282][ T5007] usb 6-1: config 0 has no interface number 0
[  545.358878][ T5007] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  545.380531][ T5007] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  545.400778][ T5007] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  545.454827][ T5007] usb 6-1: config 0 descriptor??
[  545.522064][ T5007] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  545.570892][ T9411] loop3: detected capacity change from 0 to 512
[  545.624097][ T9411] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  545.706142][ T9411] EXT4-fs (loop3): 1 truncate cleaned up
[  545.726762][ T9411] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  545.845418][ T7626] usb 6-1: USB disconnect, device number 12
[  545.876415][ T9411] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: none.
[  545.922334][ T9416] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1452: iget: bad i_size value: 2533274857506816
[  547.577545][ T9431] loop5: detected capacity change from 0 to 512
[  548.621250][ T9431] 
[  548.623633][ T9431] ======================================================
[  548.630673][ T9431] WARNING: possible circular locking dependency detected
[  548.637730][ T9431] syzkaller #0 Not tainted
[  548.642170][ T9431] ------------------------------------------------------
[  548.649202][ T9431] syz.5.1463/9431 is trying to acquire lock:
[  548.655201][ T9431] ffff88807c0f4bd8 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x20f/0x2df0
[  548.665329][ T9431] 
[  548.665329][ T9431] but task is already holding lock:
[  548.672713][ T9431] ffff888061bad088 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700
[  548.682616][ T9431] 
[  548.682616][ T9431] which lock already depends on the new lock.
[  548.682616][ T9431] 
[  548.693081][ T9431] 
[  548.693081][ T9431] the existing dependency chain (in reverse order) is:
[  548.702117][ T9431] 
[  548.702117][ T9431] -> #1 (&ei->xattr_sem){++++}-{3:3}:
[  548.709704][ T9431]        down_write+0x38/0x60
[  548.714416][ T9431]        ext4_destroy_inline_data+0x24/0xe0
[  548.720339][ T9431]        ext4_writepages+0x670/0x2df0
[  548.725735][ T9431]        do_writepages+0x476/0x6e0
[  548.730881][ T9431]        filemap_fdatawrite_wbc+0x1eb/0x240
[  548.736799][ T9431]        file_write_and_wait_range+0x14d/0x220
[  548.743158][ T9431]        ext4_sync_file+0x1ff/0xae0
[  548.748379][ T9431]        ext4_buffered_write_iter+0x338/0x3b0
[  548.754476][ T9431]        ext4_file_write_iter+0x74d/0x1700
[  548.760310][ T9431]        vfs_write+0x745/0xd60
[  548.765100][ T9431]        __x64_sys_pwrite64+0x19a/0x220
[  548.770670][ T9431]        do_syscall_64+0x4c/0xa0
[  548.775626][ T9431]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  548.782074][ T9431] 
[  548.782074][ T9431] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}:
[  548.790538][ T9431]        __lock_acquire+0x2c42/0x7d10
[  548.795940][ T9431]        lock_acquire+0x19e/0x400
[  548.800992][ T9431]        percpu_down_read+0x46/0x1b0
[  548.806900][ T9431]        ext4_writepages+0x20f/0x2df0
[  548.812294][ T9431]        do_writepages+0x476/0x6e0
[  548.817427][ T9431]        __writeback_single_inode+0x153/0xda0
[  548.823519][ T9431]        writeback_single_inode+0x3cb/0x8e0
[  548.829447][ T9431]        write_inode_now+0x23b/0x2c0
[  548.834864][ T9431]        iput+0x5ab/0x8a0
[  548.839229][ T9431]        ext4_xattr_set_entry+0x34f4/0x3ea0
[  548.845158][ T9431]        ext4_xattr_block_set+0x4fd/0x2d20
[  548.850992][ T9431]        ext4_expand_extra_isize_ea+0xf3f/0x19b0
[  548.857355][ T9431]        __ext4_expand_extra_isize+0x301/0x3e0
[  548.863557][ T9431]        __ext4_mark_inode_dirty+0x469/0x700
[  548.869585][ T9431]        ext4_evict_inode+0xa8d/0x1090
[  548.875199][ T9431]        evict+0x4c9/0x8d0
[  548.879646][ T9431]        ext4_orphan_cleanup+0xad2/0x1320
[  548.885389][ T9431]        ext4_fill_super+0x8e25/0x95a0
[  548.890887][ T9431]        mount_bdev+0x287/0x3c0
[  548.895780][ T9431]        legacy_get_tree+0xe6/0x180
[  548.901015][ T9431]        vfs_get_tree+0x88/0x270
[  548.905993][ T9431]        do_new_mount+0x24a/0xa40
[  548.911047][ T9431]        __se_sys_mount+0x2e3/0x3d0
[  548.916324][ T9431]        do_syscall_64+0x4c/0xa0
[  548.921297][ T9431]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  548.927752][ T9431] 
[  548.927752][ T9431] other info that might help us debug this:
[  548.927752][ T9431] 
[  548.938000][ T9431]  Possible unsafe locking scenario:
[  548.938000][ T9431] 
[  548.945473][ T9431]        CPU0                    CPU1
[  548.950880][ T9431]        ----                    ----
[  548.956263][ T9431]   lock(&ei->xattr_sem);
[  548.960713][ T9431]                                lock(&sbi->s_writepages_rwsem);
[  548.968459][ T9431]                                lock(&ei->xattr_sem);
[  548.975343][ T9431]   lock(&sbi->s_writepages_rwsem);
[  548.980570][ T9431] 
[  548.980570][ T9431]  *** DEADLOCK ***
[  548.980570][ T9431] 
[  548.988732][ T9431] 3 locks held by syz.5.1463/9431:
[  548.993876][ T9431]  #0: ffff88807c0f60e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950
[  549.004028][ T9431]  #1: ffff88807c0f6650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x44a/0x1090
[  549.013554][ T9431]  #2: ffff888061bad088 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700
[  549.022653][ T9451] loop1: detected capacity change from 0 to 1024
[  549.023896][ T9431] 
[  549.023896][ T9431] stack backtrace:
[  549.023905][ T9431] CPU: 1 PID: 9431 Comm: syz.5.1463 Not tainted syzkaller #0
[  549.023932][ T9431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  549.053605][ T9431] Call Trace:
[  549.056909][ T9431]  <TASK>
[  549.059864][ T9431]  dump_stack_lvl+0x188/0x250
[  549.064559][ T9431]  ? load_image+0x400/0x400
[  549.069080][ T9431]  ? show_regs_print_info+0x20/0x20
[  549.074304][ T9431]  ? print_circular_bug+0x12b/0x1a0
[  549.079524][ T9431]  check_noncircular+0x296/0x330
[  549.084482][ T9431]  ? look_up_lock_class+0x71/0x110
[  549.089703][ T9431]  ? add_chain_block+0x940/0x940
[  549.094673][ T9431]  ? lockdep_lock+0xf1/0x1f0
[  549.099296][ T9431]  ? mark_lock+0x94/0x320
[  549.103637][ T9431]  ? _find_first_zero_bit+0xce/0xf0
[  549.108888][ T9431]  __lock_acquire+0x2c42/0x7d10
[  549.113768][ T9431]  ? mark_lock+0x94/0x320
[  549.118115][ T9431]  ? verify_lock_unused+0x140/0x140
[  549.123334][ T9431]  ? verify_lock_unused+0x140/0x140
[  549.128564][ T9431]  ? __lock_acquire+0x13bc/0x7d10
[  549.133611][ T9431]  ? 0xffffffffa004a000
[  549.137786][ T9431]  lock_acquire+0x19e/0x400
[  549.142315][ T9431]  ? ext4_writepages+0x20f/0x2df0
[  549.147358][ T9431]  ? check_noncircular+0x189/0x330
[  549.152486][ T9431]  ? __might_sleep+0xf0/0xf0
[  549.157090][ T9431]  ? read_lock_is_recursive+0x10/0x10
[  549.162486][ T9431]  ? mark_lock+0x94/0x320
[  549.166837][ T9431]  ? __lock_acquire+0x13bc/0x7d10
[  549.171883][ T9431]  percpu_down_read+0x46/0x1b0
[  549.176673][ T9431]  ? ext4_writepages+0x20f/0x2df0
[  549.181903][ T9431]  ext4_writepages+0x20f/0x2df0
[  549.186800][ T9431]  ? rcu_is_watching+0x11/0xa0
[  549.191601][ T9431]  ? lock_release+0xb5/0x8a0
[  549.196233][ T9431]  ? rcu_lock_release+0x5/0x20
[  549.201021][ T9431]  ? verify_lock_unused+0x140/0x140
[  549.206234][ T9431]  ? mark_lock+0x94/0x320
[  549.210662][ T9431]  ? ext4_readpage+0x2e0/0x2e0
[  549.215446][ T9431]  ? __lock_acquire+0x13bc/0x7d10
[  549.220498][ T9431]  ? rcu_lock_release+0x5/0x20
[  549.225305][ T9431]  ? __lock_acquire+0x7d10/0x7d10
[  549.230467][ T9431]  ? do_raw_spin_lock+0x128/0x2f0
[  549.235513][ T9431]  ? do_raw_spin_unlock+0x11d/0x230
[  549.240723][ T9431]  ? ext4_readpage+0x2e0/0x2e0
[  549.245507][ T9431]  do_writepages+0x476/0x6e0
[  549.250138][ T9431]  ? __writepage+0x130/0x130
[  549.254770][ T9431]  ? writeback_single_inode+0x3c0/0x8e0
[  549.260331][ T9431]  ? __lock_acquire+0x7d10/0x7d10
[  549.265365][ T9431]  ? do_raw_spin_lock+0x128/0x2f0
[  549.270406][ T9431]  __writeback_single_inode+0x153/0xda0
[  549.275973][ T9431]  writeback_single_inode+0x3cb/0x8e0
[  549.281358][ T9431]  ? write_inode_now+0x2c0/0x2c0
[  549.286403][ T9431]  write_inode_now+0x23b/0x2c0
[  549.291184][ T9431]  ? bdi_split_work_to_wbs+0x8a0/0x8a0
[  549.296664][ T9431]  ? do_raw_spin_unlock+0x11d/0x230
[  549.301904][ T9431]  iput+0x5ab/0x8a0
[  549.305730][ T9431]  ext4_xattr_set_entry+0x34f4/0x3ea0
[  549.311132][ T9431]  ? ext4_xattr_ibody_set+0x330/0x330
[  549.316522][ T9431]  ? rcu_is_watching+0x11/0xa0
[  549.321303][ T9431]  ? kmem_cache_free+0x14c/0x210
[  549.326253][ T9431]  ? mb_cache_entry_delete_or_get+0x1bd/0x1e0
[  549.332359][ T9431]  ext4_xattr_block_set+0x4fd/0x2d20
[  549.337676][ T9431]  ? ext4_get_inode_loc+0x120/0x120
[  549.342896][ T9431]  ? __ext4_xattr_check_block+0x7d8/0x8d0
[  549.348660][ T9431]  ? ext4_xattr_block_find+0x500/0x500
[  549.354141][ T9431]  ? ext4_xattr_block_find+0x433/0x500
[  549.359616][ T9431]  ext4_expand_extra_isize_ea+0xf3f/0x19b0
[  549.365459][ T9431]  __ext4_expand_extra_isize+0x301/0x3e0
[  549.371111][ T9431]  __ext4_mark_inode_dirty+0x469/0x700
[  549.376791][ T9431]  ext4_evict_inode+0xa8d/0x1090
[  549.381742][ T9431]  ? _raw_spin_unlock+0x24/0x40
[  549.386608][ T9431]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  549.392509][ T9431]  ? do_raw_spin_unlock+0x11d/0x230
[  549.397715][ T9431]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  549.403639][ T9431]  evict+0x4c9/0x8d0
[  549.407549][ T9431]  ? proc_nr_inodes+0x320/0x320
[  549.412418][ T9431]  ? do_raw_spin_unlock+0x11d/0x230
[  549.417637][ T9431]  ? _raw_spin_unlock+0x24/0x40
[  549.422515][ T9431]  ? iput+0x706/0x8a0
[  549.426513][ T9431]  ext4_orphan_cleanup+0xad2/0x1320
[  549.431727][ T9431]  ? ext4_orphan_del+0xbf0/0xbf0
[  549.436692][ T9431]  ? errseq_check_and_advance+0x62/0x120
[  549.442341][ T9431]  ext4_fill_super+0x8e25/0x95a0
[  549.447306][ T9431]  ? ext4_mount+0x40/0x40
[  549.451650][ T9431]  ? set_blocksize+0x1f3/0x370
[  549.456428][ T9431]  ? sb_set_blocksize+0xa5/0xe0
[  549.461288][ T9431]  mount_bdev+0x287/0x3c0
[  549.465631][ T9431]  ? ext4_mount+0x40/0x40
[  549.469968][ T9431]  legacy_get_tree+0xe6/0x180
[  549.474663][ T9431]  ? ext4_errno_to_code+0x160/0x160
[  549.479874][ T9431]  vfs_get_tree+0x88/0x270
[  549.484306][ T9431]  do_new_mount+0x24a/0xa40
[  549.488829][ T9431]  __se_sys_mount+0x2e3/0x3d0
[  549.493520][ T9431]  ? __x64_sys_mount+0xc0/0xc0
[  549.498302][ T9431]  ? lockdep_hardirqs_on+0x94/0x140
[  549.503525][ T9431]  ? __x64_sys_mount+0x1c/0xc0
[  549.508312][ T9431]  do_syscall_64+0x4c/0xa0
[  549.512759][ T9431]  ? clear_bhb_loop+0x30/0x80
[  549.517454][ T9431]  ? clear_bhb_loop+0x30/0x80
[  549.522319][ T9431]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  549.528227][ T9431] RIP: 0033:0x7f3c8a3188ca
[  549.532670][ T9431] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  549.552299][ T9431] RSP: 002b:00007f3c88570e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  549.560723][ T9431] RAX: ffffffffffffffda RBX: 00007f3c88570ee0 RCX: 00007f3c8a3188ca
[  549.568722][ T9431] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f3c88570ea0
[  549.576705][ T9431] RBP: 0000200000000180 R08: 00007f3c88570ee0 R09: 0000000000800700
[  549.584689][ T9431] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  549.592674][ T9431] R13: 00007f3c88570ea0 R14: 000000000000047d R15: 00002000000007c0
[  549.600667][ T9431]  </TASK>
[  549.681240][ T9451] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a015c01c, mo2=0002]
[  549.708617][ T9451] System zones: 0-1, 3-36
[  549.744774][ T9431] EXT4-fs error (device loop5): ext4_xattr_inode_iget:401: inode #11: comm syz.5.1463: iget: bad extra_isize 90 (inode size 256)
[  549.786034][ T9451] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodelalloc,journal_ioprio=0x0000000000000006,resuid=0x0000000000000000,grpquota,debug,bsddf,nodiscard,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  549.812065][ T9431] EXT4-fs error (device loop5): ext4_xattr_inode_iget:406: comm syz.5.1463: error while reading EA inode 11 err=-117
[  549.880178][ T9431] EXT4-fs error (device loop5): ext4_xattr_inode_iget:401: inode #11: comm syz.5.1463: iget: bad extra_isize 90 (inode size 256)
[  549.894271][ T9431] EXT4-fs error (device loop5): ext4_xattr_inode_iget:406: comm syz.5.1463: error while reading EA inode 11 err=-117
[  549.908159][ T9431] EXT4-fs error (device loop5): ext4_xattr_inode_iget:401: inode #18: comm syz.5.1463: iget: bad extra_isize 90 (inode size 256)
[  549.925598][ T9431] EXT4-fs error (device loop5): ext4_xattr_inode_iget:406: comm syz.5.1463: error while reading EA inode 18 err=-117
[  549.940656][ T9431] EXT4-fs error (device loop5): ext4_xattr_inode_iget:401: inode #18: comm syz.5.1463: iget: bad extra_isize 90 (inode size 256)
[  549.958381][ T9431] EXT4-fs error (device loop5): ext4_xattr_inode_iget:406: comm syz.5.1463: error while reading EA inode 18 err=-117
[  549.995211][ T9431] EXT4-fs (loop5): 1 orphan inode deleted
[  550.001054][ T9431] EXT4-fs (loop5): mounted filesystem without journal. Opts: nodioread_nolock,user_xattr,debug_want_extra_isize=0x000000000000005a,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000000007,,errors=continue. Quota mode: none.