last executing test programs:

2m28.183035477s ago: executing program 3 (id=388):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000003c0)='./file0\x00', 0x300001a, &(0x7f0000000500)=ANY=[], 0x1, 0x2b5, &(0x7f00000000c0)="$eJzs3UFrY1UUAODz0jSNukgRN4qLB7pwVaZu3bTKCGJXSgR1ocXpgCRhIIWAI5iZ1fwCl/4Pf4IbN/4Dwa3gri6qV17ee01iX9PS1hT1+1a3995z7sm7NFnl5PNXR4MHj7J4evJzdLtZtPZiL/7MYjtaUXsS7TivaQ4A+Df4PaX4LV0nst26/WoAgHUoP/9Ld10LALAeH378yfv7Bwf3P8jzbrzcezbpZxExejbpl+v7D+PLGMZR3ItenEakM+X43fcO7kc7L2zH66PppF9Ejj77scq//2vELH43erHdHL+blxbip5P+Zjwfeew/3KxL7cVLzfFvNsRHvxNvvLZQ/0704qcv4lEM40EUsfP4b3bz/J307cnXnxbHFPFZK/pbs31zaWOd9wIAAAAAAAAAAAAAAAAAAAAAwH/bTp5nZfueWf+eYqrqv7NxOlvfyWvby/15yvisTlT2B0pRteiZpviu7q9zL8/zVG2cx7fjlbYfEQAAAAAAAAAAAAAAAAAAAIDC8VePB4fD4dH4VgZ1N4D6a/3XzbM3n9laKrdh89bVz1rsNlDUunJztNuxOuFJKl3+ulr1oc17nrt46QaDrfnlfhTloL6YG2VOf3vgL75d/v14cJhXe+qHPDjMLjurW+f5fnGpEzd9CGlW4WlavtPuWanLUZ1bevKdFxqX/kgpXS3PW7+Ud1TNZLMWG1c7fXPh36FxT/f8XfxwccIL3zI2rvdOAwAAAAAAAAAAAAAAAAAAXKb8ru+To/Fxw+LTlaGtf6woAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFiz8vf/h0fjs0E3IpZnzg2mVfCqPdWgE+PjO36JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/A/8FQAA//9u+0wP")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1341, 0x0)

2m27.820446927s ago: executing program 3 (id=393):
ioperm(0x0, 0x3ff, 0x9)
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000080)={'fscrypt:', @desc1}, &(0x7f0000000140)={0x0, "c6146f97f6c131a79a6bad741b394dc00c300d21dd1247eaf94cc97f924285d0ad63244e813ace0f78a2230539449c56fdc8bd19fd31a7359a756576c9342001"}, 0x48, 0xfffffffffffffffb)
keyctl$chown(0x4, r0, 0x0, 0xffffffffffffffff)

2m27.464627926s ago: executing program 3 (id=395):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm(aes))\x00'}, 0x58)
close(r0)

2m26.748494202s ago: executing program 3 (id=404):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001a00010000000000fbdbdf250a8080fc00000000", @ANYBLOB='\t\x00'], 0x44}}, 0x0)

2m26.426810825s ago: executing program 3 (id=411):
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000001180)=ANY=[], 0x1, 0x17c, &(0x7f0000000380)="$eJzskr9OAkEQxr+9O/5oFDWxooGC+KdQjkONnZbY29lI4ETiocKRKITijDEUFsbSJ+A1THwBLYwPQE1BrM2ZvZ3bLL6C+yvu2/l2ZnZ2c+d+208B+JkOajhEhIkMPhiDBSDHhDcxhD6TfpI+CcE75R2Rf0+a9Xv9JAC+nceKMC6qnud28gC+I09a/sGdgUnU6ms6qPHFKYAwDEPu1QGejgUlxwTQVnKyFrAaXSKUORYNsA6g2G1dF/1ef6vZqjbchnvpmOU9e8e2d53iWdNzbfFlyhF0FXDdBJBKQ8L3EwAeKJ7HLEwZjfbZHE5kbTJ+www9IExZayi1sTK8yrlSSsUx1sDHugmWFLcQdbEQXakCBpOCkqXMJ85KRxvbtSuvPgQDi8tGsGSP0hgJGThqUN4PsChaDallgbRCOiIdk+b+/DJWwL+PFG0EQBK31W63U+KPJFYsXjnSc5YD9cH4qS/G7OXeDGg0Go1Go9FoNBrNf+c3AAD//8PfdhM=")
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

2m25.272524667s ago: executing program 3 (id=422):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc)

2m10.125454747s ago: executing program 32 (id=422):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc)

1m17.937318133s ago: executing program 0 (id=1061):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x8, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1000000}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
readv(r1, &(0x7f0000000640)=[{&(0x7f0000000140)=""/28, 0x1c}, {0x0}], 0x2)

1m17.457561993s ago: executing program 0 (id=1064):
syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYRES8=0x0], 0x1, 0x14c, &(0x7f00000001c0)="$eJzszzFLOgEYx/Hf/e+Uf6VRYGANIjR0FOZ1Yk0NGklCelC4NAl2UaAZCdGotDYEjTVYruJbsCwC64SwN9FyW9AUF+cdlGP777PofZ+Hh7v11Z6MMCDCsVYuHR3rlYq+G97SDlPb7+12wu5eAP+H5s7+XQLYt38lwKwBdn7wA3sHRX2xUC7az2YCkAEkx5yuwNkdtVvAaUsQBLMGEbNAZ8ppqrsn/2oxt81IQPjr5551A8zZ9yaddgXgA8Dp9ULLg6xhWZYFPHXczxz05nPW6KYj8yH9XE1NN3xBETn98RZJwZ6/RbuR12ir2e8ZmU0to/ViqrocUyRFife1FyMdr15A2vCdADvC8D0vgiEpB5wJwOVgZt4LfgCd+qdWGl+pu+9QHXH/FPJBTyMfmPgHUYYAIiIiIiIiIiIiIiIiIiKiv/oOAAD//0rtZa4=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

1m16.909233895s ago: executing program 0 (id=1068):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000400)={{&(0x7f00004be000/0x2000)=nil, 0x2000}, 0xae380f119f16a01e})

1m16.574669393s ago: executing program 0 (id=1071):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000180)='./file2\x00', 0x402, &(0x7f00000001c0)=ANY=[], 0x1, 0x242, &(0x7f0000000380)="$eJzsmL+LE0EUx7+zu5kkIqLNFTYKHhjRSy57KNeE8wTBysYTtdLgrceZvYskK5iA4mFjo52FYGPhP2BxxdV2/gOCFioIFqawEEQOVt7O7GbiJpdltfN9iuE7M2/m/ZjNKwKGYf5bPn/68fHJucWVUwD2YxZFvf7VBoRQ2jLsPzy/e/JZ4/yL1+9fvdk8cH/nz/voSBjuhuZCaQ//DoDKso0g8RTGZ3+RmNWTFRQTfRkWTmh9BQJVrW/AKsT3evgZKoDbELim19tkX63eWve96s22v0pinoY6DS4NI/lSfIMtgVU9pxuFsd/t9VtN3/c6hnD03pitXCJx1ppJ1a8AicGyhYaOluKj+K8+frRFK3Ft5mEl9avDQl0nsbCblAmLKMa1USUx8j/sDPO3i4l7etpW0x+brb4V05Is+b5nd3uN7/+kWKY4NJfveIXSOatXHgDQWweRJwwMTy3B6xQw3LLpSx0xPpr55jKADJ9OJBzjdTDeeEm/aI4EL6aymCCeZor570WuLGIxM9h5m976op9SMeZ4KKa7ECPfj9zLuJQ15jik/BUro9+yclZMTv51A++2Vf8IXwocB2TcPxyjf9WCjTu1bq8/t77RXPPWvE3XXTgjgIen3VrUiNSY6nvD/lyO+tM+oz8XJthKS+JeMwg6dTVKIVFGEHTcaO4aP5tL2+1v1/WxABcAHFMTapsyudFO+RBS2ViRLalK2ohhGIZhGIZhGIZhGIZhGCYrI394HoFAOB1XWf8OAAD//5X0aKk=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
link(&(0x7f0000000040)='./file0/file0\x00', 0x0)

1m15.985590418s ago: executing program 0 (id=1076):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="09000000040000000800000040"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000680)="fccff35fae98d796859f74c4abec12ead02aae8d46cf8b03882e4189b7fb7938eca365ca019fd608361bd486470d29637098bd935c2ed0ff611420c719c46f1c5019b948f0ff8a896beb72bb451ddd17c9dab0399bace0110fabac90de6fb293b2cd58108f492d5f6c565bf4986de06d7c9042843303ef00f2e9a6", &(0x7f0000000580), 0x1000, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r0, &(0x7f0000000580), &(0x7f0000001580)=""/92}, 0x20)

1m12.968314411s ago: executing program 0 (id=1104):
r0 = socket(0xa, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x18, &(0x7f0000000080)=0x200, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x3, @empty, 0x3}, 0x1c)

1m12.318067661s ago: executing program 33 (id=1104):
r0 = socket(0xa, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x18, &(0x7f0000000080)=0x200, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x3, @empty, 0x3}, 0x1c)

34.899557826s ago: executing program 6 (id=1445):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYRES64=0x0, @ANYRESOCT=0x0, @ANYBLOB="9c8fef6ac3865f0fd602b1b7984b79b8b13ba6fb229d6f247ccbeaaa93a0642b8e970f6839911e6d34c9880a99b14cc3f6d7e26ee8"], 0x2, 0x552a, &(0x7f0000000700)="$eJzs3M1rY1UUAPCbpp1vxyIu3M2DQWhhEpp+DLqrOoMf2KGMunAhmiZpyEzSV5o0rV25cCku/E9EwZVL/wYXrt2JC8WdoOTdW5mOjohNm5nO7wcv592b+847NwwD5zUkAE+t2ey3X0rhargYQiiHEK6EUJyX0lFYjeGFEMK1EMLUA0cpzf81cS6EcCmEcHWUPOYspbe+uDG8vvLzW79++/35yW0YeCy8GELobcfzvV6MeTvGe2m+PuwUsbc8TDG+0bufxnmMe62NIsNe/XBdvYhL7bg+397tj+Jmt94YxXZns5jf3oo37A/bh3mKC+7Vd4pxs7VRxE4/L2L7INa1fxD/bzvoD2KeZsr3cZE+DAaHMc639ltxP9v3i9jYGqT5mDdvtvZHcZhiul1o5N1mUcfGcT7px9vbna3d/WxYTsNq7aVq7WaltpM3W4PWcqXea95czuba3dGyyqBV762287zdbVUbeW8+m2s3GpVaLZu71dro1LeyWq26VF2orMynsxvZ63fey7rNbG4UX+1s7Q463X62me9k8Yr5bLG69PJ8dr2WvbO2nq3fvX17bf3dD2+9f+eVtTdfS4uylYfKyuYWFxYXK7WFymJtfiz7b+30O/nfb3Tq+x+V9Oj9f5qKHuP+4VhKky4A4Mkzof5/+vKX3/wwuV0Dk3Zy/f/O3RBOvv8P+v+x+E/973RarP8/c/uHY9H/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8tX6c+eqN4mQ2ji+n+WfS1HNpXAohTIUQ/vgH5XDuSM5yyjPziPUzD9XwXSkUGUb3OJ+OSyGE1XT8/uxJfwoAAABwdn39ybXPY7ceX2YnXRCnKT60mbry0ZjylUIIM7M/jSnb1Ojl+TElK/59T4f9MWUrHmBdGFOy+MhtelzZ/tUH5RiPhgsPhFIMU6dSDgAAcKqOdgKn04UAAAAwCZ/97yvLY62DSUjfxU9f4D8fQ/qD4MUjIwAAAOAJVJp0AQAAAMCJK/p/v/8HAAAAZ1v8/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bu5kZtIAwD8GeD+cmPgqLc00puIKWJlJBjjhEFpAkKyIG0kAaogdxSQgQRHi8LK7RarcdYu/s8khnGGl5/IHyYsTQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANClP9V68ev7xx9tc3b7dh5xyWnbmgEAAOCl2FbrRf1mlvqvm/Nvm1Pvm34REWVEXJq7D2J0ljlocqrb8T9Px1d3avgdUSccrjFujlcR8ak5/r3r+lcAAACA52uzXM3TbD29zPouiGtKizblmy+Z8oqIqGZ/M6WVh7wPmcLq//cwvmVKqxewJpnC0pLbMFfag9S3+3HVbnLSFKkpL37sWORhzOfOqwQAAPIanDX3zUJGV6kHAACArnztuwD6UcTNo8zj5H6cmuaB4PSsBwAAADxBRd8FAAAAAJ2r5/9X2v9vb/8/AAAA6Efa/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAubav1YrNczdvm7Pbt5Pk2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwn/15R4EQCIMw2Lu+M5n7H1YaNDU1qQLh428MBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu7fN24qDgD41/b5SguIEFCGIAQSAyw0vZaWbogBFDHwJyBF6bWEXvnRZqBVhcjChjJ3QTAihAQKW/+Hzq3UpWwdbigSM8g+O+e2J3GFYh/k85Ge3/csy+/73mXI188JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALXx29M4Kw5Lkzitzt28d3Wz6G890Beu795eLVoRJ20m/d/wYvNDstJdIgAAABwcWV3fR8SdfG+96NOlsv7P62uKmv/bpydxXc8/WPfXfV37F+2Xn+8+vz/Q0mSc4qZnt0bDYw+n0vv3ZrnYnvnLK3rlypfPXrLyC0nf23lunJfrmXx948Y7/TI81Ea2AMDfcbTuq6D+fajoB10mBsCB0WsU3nX9ny11mxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAG8Y78WQdJxGx2pvGhVv3rm7O6q/v3l6t26lr13bjy+k9i1vkEXF2azQ81upsFtuly1fOb4xGw4vtBy9FRFejv1VN//wHc1wc0cn6CB41iNk/UWn1ZbeYT0T3q/EYFhMAAB6fvGpFXX8n31svziXLEX98d3/9/2ojjjnr/7sfnrrZHKtZ/w9am+HiW9u+8OnapctXXt+6sHFueG748RvHB28OTpw+efL0WvmsZM0TEwAAAP6ZftWa9X+6/PD+/5FGHHPW/599M/iiOVam/p9puunXdSYAAAAH27Mv//5bMuN80u/H5xvb2xcHk+P+5+OTYwepPrJDVWvW/9ly11kBAAAAbRjvJPft/59pxDHn/v9T37/wY/OeWUQcrvb/j25+MjrT3nQWWht/Ttz1HAEAAOjW4ao19//z8v3/dP+VhzQiXntlElf/BnCu+j9796sfmmM13/8/0d4UF1K6MlmPsl+J6K10nREAAAD/Z09UrSj2f8331j/66cj7fe//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTtzwAAAP//pv8zZw==")
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f00000002c0)=0x20)
statx(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0xffff4a9c0080ffff, 0x0)

32.645736443s ago: executing program 6 (id=1470):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000003d)
fcntl$setownex(r0, 0xf, &(0x7f0000000040))

30.823243536s ago: executing program 6 (id=1487):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x2})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x300)

30.2657838s ago: executing program 6 (id=1495):
syz_mount_image$udf(&(0x7f00000001c0), &(0x7f0000000180)='./file1\x00', 0x1004000, &(0x7f0000000200)=ANY=[@ANYRES16=0x0], 0x1, 0xc34, &(0x7f0000001bc0)="$eJzs3U9sXNd5N+D3XHHEofx9FRM7ipPGxaQtUlmxXP2LqViFO6pptgFkWQjF7AJwJFLqwBRJkFQjG2nBdNNFFwGKoousCLRGgRQNjKYIumRaF0g2XhRZdUW0sBEUXbBFgKwCFvfOGXFIkTYjkhJpP49N/WbunHPnnHvH98qC3jkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAET83iuXz5xNj3sUAMCjdHX0q2fOuf8DwMfKdf//DwAAAAAAAAAAAAAAB12KIp6MFLNXV9N49byjfqVdu3tvbHhk624Dqep5pGpf/tTPnjt/4UsvDF3s5pX29Af032ufjddGr19uvDxzZ3Zucn5+cqIxNt2+OTMxueM97Lb/ZqeqA9C48/rdiVu35hvnnj+/4eV7g+/3P3Fi8NLQs6ef6bYdGx4ZGV1vUt/y4UParsLjaBRxOlI8972fplZEFLH7Y1F/tOd+s4FqEqeqSYwNj1QTmWq3phfKF691D0QR0ejp1Oweo63PRfTVHukctteMWCyHXw74VDm90dnWXOvG1GTjWmtuob3Qnpm+ljqjLefTiCIupoiliFjpf3B3tSiiL1J85/hquhERR7rH4YtVYfD24yj2cY47UI6zUYtYKg7BOTvA+qOIVyPFz945GTfLY5Z/4gsRr5b5g4i3ynwpIpUfjAsR723xOeJw6osi/rw8/5dW00R1PeheV658rfGV6VszPW2715Vf8v7wwJXiMd0fBjblo3HAr031KKJVXfFX08P/ZgcAAAAAAAAAAAAAAACAvTYQRXwmUrzyb39U1RVHVZd+/NLQ7w/+/96a8ac/ZD9l2+cjYrHYWU3u0VwYeC1dS2mntcTqTvdcPYr441z/963HPRgAAAAAAAAAAAAAAAAAAICPtSJ+EilefPdkWoreNcXb07cb11s3pjqrwnbX/u2umb62trbWSJ1s5hzPuZhzKedyzpWcUeT+OZs5xwc6O17Mz5dyLudcyRlHcv+czZzjORdzLuVczrmSM/py/5zNnOM5F3Mu5VzOuZIzDsjavQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHyVFFPGLSPHtb6ymSBHRjBiPTi73P+7RAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACl/lTE9yNF4w+a97f1RUSq/u04Wf5yIZpHy/xkNIfKfCmal3O2quxrfusxjJ/dqaUifhwp+utv3z/h+fzXOs/ufwzirW+uP/tsXyePdF8cfL//iRPHLw2N/NrT2z1OWw3g1JX29N17jbHhkZHRns19+d0/2bNtML9vsTdTJyLm33jz9dbU1OTcwz8oPwK76H6IHqS+gz/T2oEf4SF6EH0HYhiPZ+58DJT3//cixW+/++/dG37n/l+P/9d5dv8OHz//k/X7/4ubd7TD+3/f5n75/l/e07e6/z/Zs+3F/LuRWl9EfeHObO1ERH3+jTdPt++0bk/enpy+cObMl4eGvnz+TO1oRP1We2qy59GeHC4AAAAAAAAAAAAAAACARycV8buRovXj1dSIiHtVvdbgpaFnTz9zJI5U9VYb6rZfG71+ufHyzJ3Zucn5+cmJxth0++bMxORO365elXuNDY/sy2Q+1MA+j3+g/vLM7Btz7dt/uLDl68fql2/ML8y1bm79cgxEEdHs3XKqGvDY8Eg16Kl2a7rqem3LYvpfXi0V8R+R4uaFRvp83pbr/zdX+G+o/1/cvKN9qv//RM+28j1TKuLnkeK3/uLp+Hw1zmPxwDHL7f4mUpy6+LncLo6W7bpj6HyvQKcysGz7P5HiH36xsW23HvLJ9bZnd3xgD4ny/B+PFN//s+/Gr+dtG7//Yevzf2zzjvbp/D/Vs+3Yhu8r2PXUyef/dKR46cm34zfytg/6/o/ud2+czI3vfz/HPp3/T/VsG8zv+5t7M3UAAAAAAAAAAIBDrZaK+NtI8cORvvRC3raTv/83sXlH+/T3vz7ds21ib9Yr+tAHuz6oAAAAAHBA1FIRP4kUtxfevl9DvbH+u6f+83fW6z+H06ZXqz/n+5XqewP28s//eg3m9x3f/bQBAAAAAAAAAAAAAAAAAADgQEmpiBfyeurjVT3/xLbrqS9Hilf+67ncLp0o23XXgR+sfq1fnZk+fXlqauZma6F1Y2qyMTrbujlZ9n0qUqz+9edy36JaX7273nxnjff1tdjnIsXI33XbdtZi765N/tR627Nl209Eiv/8+41tu+tYf2q97bmy7V9Fiq//09ZtT6y3PV+2/W6k+NHXG922x8q23e9H/fR62+dvzhT7cFYAAAAAAAAAAAAAAAAAAAD4uKmlIv40Uvz3naX7tfx5/f9az9PKW9/sWe9/k3vVOv+D1fr/2z1+mPX/q+8VWNzuXQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KMpRRFvRorZq6tpub983lG/0p6+e29seGTrbgOp6nmkal/+1M+eO3/hSy8MXezmB/ffa5+J10avX268PHNndm5yfn5yojE23b45MzG54z3stv9mp6oD0Ljz+t2JW7fmG+eeP7/h5XuD7/c/cWLw0tCzp5/pth0bHhkZ7WnTV3vod39A2mb70SjiLyPFc9/7afphf0QRuz8WH/LZ2W8D1SROVZMYGx6pJjLVbk0vlC9e6x6IIqLR06nZPUaP4FzsSjNisRx+OeBT5fRGZ1tzrRtTk41rrbmF9kJ7Zvpa6oy2nE8jiriYIpYiYqX/wd3VoojXI8V3jq+mf+6PONI9Dl+8OvrVM+e2H0exj3PcgXKcjVrEUnEIztkB1h9F/GOk+Nk7J+Nf+iP6ovMTX4h4tcwfRLwVnfOdyg/GhYj3tvgccTj1RRH/W57/S6vpnf7yetC9rlz5WuMr07dmetp2ryuH/v7wKB3wa1M9ivhRdcVfTf/qv2sAAAAAAAAAAAAAAACAA6SIX40UL757MlX1wfdritvTtxvXWzemOmV93dq/bs302traWiN1splzPOdizqWcyzlXckaR++dslllfWxvPzxdzLuVczrmSM47k/jmbOcdzLuZcyrmccyVn9OX+OZs5x3Mu5lzKuZxzJWcckNo9AAAAAAAAAAAAAAAAAADgo6Wo/knx7W+sprX+zvrS49HJZeuBfuT9XwAAAP//M3/28g==")
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c})

29.392996575s ago: executing program 6 (id=1503):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002b80)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0, 0x0, 0x5}, 0x18)
getresuid(0x0, 0x0, 0x0)

28.54436854s ago: executing program 6 (id=1511):
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file1\x00', 0x2000040, &(0x7f0000000000)={[{@codepage={'codepage', 0x3d, 'cp949'}}, {@uid}, {@iocharset={'iocharset', 0x3d, 'cp936'}}]}, 0x1, 0x302, &(0x7f00000008c0)="$eJzs3c9qE0EcB/DvTDZt+oe6thXBi6Va0Eux6qF4iUiu3j2J2qQQXCq2FdSLrXgUH8C7r+DFN/Ci+AJ6EgQfoLeR+e1sskl2J6Yk2bT9fiDpZnZm9zfsbHZ+C82CiM6se7Wfn279ti8FlFACcAfQACpAAOACLlZe7Ow396NG3behkrSwL4W4peqps7XTyGpq20kLJ7SfAsyny9JU75bpmIwxd38VHQQVTs7+DBqYduehrK+MOa5ROQAuFx3DuKUPsDrCEV5iocBwiIhoArjrv3aXiXkpUtAaWHOX/VN1/T8qOoDhuh31FBlvg9T1X2Z3Rtnje05WtfM9SbTsep1kif0CseOj3FU2hXhkdUwwVb+sUmLRM9vNAOtbh6hrvEXVSVVblvd6PHQTfaJdzchNPfK3Vsb92bg3MqPsloS03Ywa03YhFX8SwdJge/T44l/9x/1VX9V39VCF+Ih6a/4XGGUPkxypsOtI6bKN/0b+luekla0F17Fqtao7qpyXnVxye3D69LKSnZGkt5ncIDhoReCLU/a9iM7bCnHvNvq0WspqFbY+5bRa7mhVciNhfetZ5L2VMhpJF9UH9UCt4i8+o5aa/2sb3xpSZ6bvq15JTTcy4v5MZdcMpGbYc+Vony4rrQic6YH7RkDe3bIc7/EEm1jYe/X6aSmKGrt24XHGwvP5XeVKyu+AzDpDXgiize5VJXha4aBdYqw3xvzvvswou3N9qBu03x+7G4hL7OmTVdmeZa0SPdLDdIYXat/gG5CTtXCYHhJdC8YAOatG9j1FE2RPJQddPgaYKToiGjM771Jx/iczeTerkwTFvoWeebo/yUTHFjdaGVznVHBR3mcHyuDm8jM4t0fVjBo3c3JGybmuXAOupgoVvHsMXZynhKrhBx7x/j8RERERERERERERERERERERERER0Ukzjn9CKLqPREREREREREREREREREREREREREREREQn3bGe/5v1G/Hy/N9wwOf/xk+Kkp8DX2mX9nv+LxENx78AAAD//1Lod7w=")
mount$nfs(0x0, &(0x7f0000000240)='./bus\x00', 0x0, 0x201008, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x18d)

27.765064517s ago: executing program 34 (id=1511):
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file1\x00', 0x2000040, &(0x7f0000000000)={[{@codepage={'codepage', 0x3d, 'cp949'}}, {@uid}, {@iocharset={'iocharset', 0x3d, 'cp936'}}]}, 0x1, 0x302, &(0x7f00000008c0)="$eJzs3c9qE0EcB/DvTDZt+oe6thXBi6Va0Eux6qF4iUiu3j2J2qQQXCq2FdSLrXgUH8C7r+DFN/Ci+AJ6EgQfoLeR+e1sskl2J6Yk2bT9fiDpZnZm9zfsbHZ+C82CiM6se7Wfn279ti8FlFACcAfQACpAAOACLlZe7Ow396NG3behkrSwL4W4peqps7XTyGpq20kLJ7SfAsyny9JU75bpmIwxd38VHQQVTs7+DBqYduehrK+MOa5ROQAuFx3DuKUPsDrCEV5iocBwiIhoArjrv3aXiXkpUtAaWHOX/VN1/T8qOoDhuh31FBlvg9T1X2Z3Rtnje05WtfM9SbTsep1kif0CseOj3FU2hXhkdUwwVb+sUmLRM9vNAOtbh6hrvEXVSVVblvd6PHQTfaJdzchNPfK3Vsb92bg3MqPsloS03Ywa03YhFX8SwdJge/T44l/9x/1VX9V39VCF+Ih6a/4XGGUPkxypsOtI6bKN/0b+luekla0F17Fqtao7qpyXnVxye3D69LKSnZGkt5ncIDhoReCLU/a9iM7bCnHvNvq0WspqFbY+5bRa7mhVciNhfetZ5L2VMhpJF9UH9UCt4i8+o5aa/2sb3xpSZ6bvq15JTTcy4v5MZdcMpGbYc+Vony4rrQic6YH7RkDe3bIc7/EEm1jYe/X6aSmKGrt24XHGwvP5XeVKyu+AzDpDXgiize5VJXha4aBdYqw3xvzvvswou3N9qBu03x+7G4hL7OmTVdmeZa0SPdLDdIYXat/gG5CTtXCYHhJdC8YAOatG9j1FE2RPJQddPgaYKToiGjM771Jx/iczeTerkwTFvoWeebo/yUTHFjdaGVznVHBR3mcHyuDm8jM4t0fVjBo3c3JGybmuXAOupgoVvHsMXZynhKrhBx7x/j8RERERERERERERERERERERERER0Ukzjn9CKLqPREREREREREREREREREREREREREREREQn3bGe/5v1G/Hy/N9wwOf/xk+Kkp8DX2mX9nv+LxENx78AAAD//1Lod7w=")
mount$nfs(0x0, &(0x7f0000000240)='./bus\x00', 0x0, 0x201008, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x18d)

21.756805122s ago: executing program 5 (id=1565):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_exit\x00', r0}, 0x10)
sysfs$1(0x1, 0x0)

21.402508221s ago: executing program 5 (id=1568):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x2000007}]}}]}, 0x40}}, 0x4000010)

20.878851617s ago: executing program 5 (id=1572):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0x12, &(0x7f0000000100)=0x80, 0x4)
getsockopt$packet_int(r0, 0x107, 0x12, 0x0, &(0x7f0000001600))

20.342846511s ago: executing program 5 (id=1575):
syz_mount_image$exfat(&(0x7f0000002100), &(0x7f0000000000)='./file0\x00', 0x2008802, &(0x7f0000002180)={[{@allow_utime={'allow_utime', 0x3d, 0xd85}}, {@errors_remount}, {@uid={'uid', 0x3d, 0xee00}}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@namecase}, {@keep_last_dots}, {@gid={'gid', 0x3d, 0xee01}}, {@dmask={'dmask', 0x3d, 0x1}}, {@errors_continue}, {@errors_continue}]}, 0x1, 0x152f, &(0x7f00000037c0)="$eJzs3AucTVX7OPDnWWvtMSSdJrkMa61nc5LLIklySZJLkiRJkltC0iSvJCSG3JKGJCSXIbkMIblMTBr3+/2SkCRNkoTklqz/Z8r81Vvv/33f39svv/9vnu/nsz+znrP2s/ba85yzz977nJlvug6r1aR29UZEBP8R/OVHIgDEAsAgALgGAAIAKB9XPi6zP6fExP9sI+zP9VDKlZ4Bu5K4/tkb1z974/pnb1z/7I3rn71x/bM3rn/2xvVnLDvbMqPgtbxk34Xv/2dn/P7/v0hG6XFfrCt9fTeAmH81hev//z/8D3K5/v9rBf/KSlz/7I3rn13FXukJsP8B+PWfHeT4hz1c/+yN689Ydvbre8GxcOXvR//VC0Sy92cgV/r5xxhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsezjrL1MAkNW+0vNijDHGGGOMMcbYn8fnuNIzYIwxxhhjjDHG2H8/BAESFAQQAzkgFnJCLhAAMVn910IcXAd54XrIB/mhABSEeCgEhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDSUgZugLNwM5eAWKA+3QgW4DSpCJagMVeB2qAp3QDW4E6rDXVADakItqA13Qx24B+rCvVAP7oP6cD80gAegITwIjeAhaAwPQxN4BJrCo9AMmkMLaAmt/kv5L0BPeBF6QW9IhD7QF16CftAfBsBAGAQvw2B4BYbAq5AEQ2EYvAbD4XUYAW/ASBgFo+FNGANvwVgYB+NhAiTDRJgEb8NkeAemwFSYBtMhBWbATHgXZsFsmAPvwVx4H+bBfFgACyEVPoBFsBjS4ENYAh9BOiyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBR/DbvgE9sBe2Aefwn747N/MP/N3+d0QEFCgQIUKYzAGYzEWc2EuzI25MQ/mwQhGMA7jMC/mxXyYDwtgAYzHeCyMhdGgQULCIlgEoxjFYlgMi2NxLIkl0aHDMlgGy+LNWA7LYXksjxWwAlbESlgJq2AVrIpVsRpWw+pYHWtgDayFtfBuvBv7YF2si/WwHtbH+lm3p7ARNsLG2BibYBNsik2xGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHTABE7AjdsRO2Ak7Y2fsgl2wK3bFbtgdu2e8kAPwRXwRe2MN0Qf7Yl/sh0k5BuBAHIgv42B8BV/BVzEJh+IwfA1fw9dxBJ7GkTgKR+NorCrewrE4DklMwGRMxkk4CSfjZJyCU3EqTscUnIEzcSbOwtk4G9/Dufg+vo/zcT4uxFRMxUW4GNMwDZfgGUzHpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsatuBW343bciTvxY1QA+Anuxb2YhPtxPx7AA3gQD+IhPIQZmIGH8TAewSN4FI/iMTyGx/EEnsQTeApP4Wk8g2fxLJ7H83gBn4v/qvHHJdYmgcikhBIxIkbEiliRS+QSuUVukUfkEREREXEiTuQVeUU+kU8UEAVEvIgXhUVhYYQRJMLMI4WIiqgoJoqJ4qK4KClKCiecKCPKiLKirCgnyony4lZRQdwmKopKoq2rIqqIqqKdqybuFNVFdVFD1BS1RG1RW9QRdURdUVfUE/VEfVFfNBAPiIaiDw7Ah0RmZZqIodhUDMNmormQl45QrcUIbCPainbiCTEKR2IH0doliKdFRzEWO4m/iXH4rOgiJmBX8bzoJrqLHuIF0VO0cb1EbzEF+4i+Yjr2E/3FADFQzMKa4j2cm7OWeFUkiaFimHhNLMTXxQjxhhgpRonR4k0xRrwlxopxYryYIJLFRDFJvC0mi3fEFDFVTBPTRYqYIWaKd8UsMVvMEe+JueJ9MU/MFwvEQpEqPhCLxGKRJj4US8RHIl0sFcvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHaxQ+wUu8THYrf4ROwRe8U+8anYLz4TB8Tn4qD4QhwSX4oM8ZU4LL4WR8Q34qj4VhwT34nj4oQ4Kb4Xp8QP4rQ4I86Kc+K8+FFcED+Ji8ILkCiFlFLJQMbIHDJW5pS55FUytwyyjv8yTl4n88rrZT6ZXxaQBWW8LCQLSy2NtJJkKIvIojIqb5DF5I2yuCwhS8pS0snSsoy8SZaVN8ty8hZZXt4qK8jbZEVZSVaWVeTtsqq8Q0Lkl23UkDVlLVlb3i0T4R5ZV94r68n7ZH15v2wgH5AN5YOykXxINpYPyybyEdlUPiqbyeayhWwpW8nHZGv5uGwj28p28gnZXj4pO8inZIJ8WnaU/tJT5FnZRT4nu8rnZTfZXfaQP8mL0stesreEPiD7ypdkP9lfDpAD5SD5shwsX5FD5KsySQ6Vw+Rrcrh8XY6Qb8iRcpQcLd+UY+RbcqwcJ8fLCTJZTpST5NtysnxHTpFT5TQ5XabIGXLApZHmSPlP89/+g/whP299s9wit8ptcrvcIXfKXfJjuVvulnvkHrlP7pP75X55QB6QB+VBeUgekhkyQx6Wh+UReUQelUflMXlMHpcn5Dn5vTwlf5Cn5Rl5Rp6T5+V5eeHS7wAUKqGkUipQMSqHilU5VS51lcqtrlZ51DUqoq5Vceo6lVddr/Kp/KqAKqjiVSFVWGlllFWkQlVEFVVRdQNeesKokqqUcqq0KqNu+nfyVTF1oyquSvwmP2t+if9gfq1UK9VatVZtVBvVTrVT7VV71UF1UAkqQXVUHVUn1Ul1Vp1VF9VFdVVdVTfVTfVQPVRP1VP1Ur1UokpUfdVLqp/qrwaogWqQellk7sMQNUQlqSQ1TA1Tw9VwNUKNUCPVSDVajVZj1Bg1Vo1V49V4layS1SQ1SU1Wk9UUNUVNU9NUikpRM9VMNUvNUnPUHDVXzVXz1Dy1QC1QqSpVLVKLVJpKU0vUEpWulqqlarlarlaqlWq1Wq3WqrVqvVqvNqqNKl1tUVvUNrVN7VA71C61S+1Wu9UetUftU/vUfrVfHVAH1EF1UB1Sh1SGylCH1WF1RB1RR9VRdUwdU8fVcXVSnVSn1Cl1Wp1WZ9VZdV6dVxfUBXVRXcw87QtEIAIVqCAmiAlig9ggV5AryB3kDvIEeYJIEAnigrggb3B9kC/IHxQICgbxQaGgcKADE9hAXCp6NLghKBbcGBQPSgQlg1KBC0oHZYKbgrLBzUG54JagfHBrUCG4LagYVAoqB1WC24OqwR1BteDOoHpwV1AjqBnUCmoHdwd1gnuCusG9Qb3gvqB+cH/QIHggaBg8GDQKHgoaBw8HTYJHgqbBo0GzoHnQImgZtPpTx/f+dP7HXS/dWyfqPrqvfkn30/31AD1QD9Iv68H6FT1Ev6qT9FA9TL+mh+vX9Qj9hh6pR+nR+k09Rr+lx+pxeryeoJP1RD1Jv60n63f0FD1VT9PTdYqeoWfqd/UsPVvP0e/pufp9PU/P1wv0Qp2qP9CL9GKdpj/US/RHOl0v1cv0cr1Cr9Sr9Gq9Rq/V6/R6vUFv1Jv0Zr1Fb9Xb9Ha9Q+/Uu/THerf+RO/Re/U+/anerz/TB/Tn+qD+Qh/SX+oM/ZU+rL/WR/Q3+qj+Vh/T3+nj+oQ+qb/Xp/QP+rQ+o8/qc/q8/lFf0D/pi9pnntxnvr0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSavyWvymXymgClg4k28KWwKm0xkyBQxRUzURE0xU8wUN8VNSVPSOONMGVPGlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3G5uN3eYO8yd5k5zl7nL1DQ1TW1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDPNTAvTwrQyrUxr09q0MW1MO9POtDftTQfTwSSYBNPRdDSdTCfT2XQ2XUwX09V0Nd1MN9PD9DA9TU/Ty/QyiSbR9DV9TT/TzwwwA8wgM8gMNoPNEDPEJJkkM8wMM8PNcDPCjDAjzSgzOvNE1bxlxppxZryZYJJNsplkJpnJZrKZYqaYaWaaSTEpZqaZaWaZWWaOmWPmmrlmnplnFpgFJtWkmkVmkUkzaWaJWWLSTbpZZpaZFWaFWWVWmTVmjVln1pkNsMFsMpvMFrPFbDPbzA6zw+wyu8xus9vsMXvMPrPP7Df7zQFzwBw0B80hc8hkmAxz2Bw2R8wRc9QcNcfMMXPcHDcnzUlzypwyp81pc9acNedN/kvvl97E2pw2l73K5rZX2zz2Gvv3cQFb0MbbQraw1Tafzf+b2Fhri9sStqQtZZ0tbcvYm34XV7SVbGVbxd5uq9o7bLXfxXXsPbauvdfWs/fZ2vbu38T17f22gX3ENkQEsM1tY9vSNrGP2Kb2UdvMNrctbEvb3j5pO9inbIJ92na0z/wuXmQX2zV2rV1n19s9dq89a8/ZI/Ybe97+aHvZ3naQfdkOtq/YIfZVm2SH/i4ebd+0Y+xbdqwdZ8fbCb+Lp9npNsXOsDPtu3aWnf27ONV+YOfaNDvPzrcL7MKf48w5pdkP7RL7kU23ASyzy+0Ku9Kusqv/71yX2412k91sd9tP7Da73e6wO+2urBNhu9fus5/a/fYze9h+bQ/aL+whe9Rm2K9+jjP376j91h6z39nj9oQ9ab+3p+wPKis7c9+/tz/Zi9ZbICQgSYoCiqEcFEs5KRddRbnpaspD11CErqU4uo7y0vWUj/JTASpI8VSICpMmQ5aIQipCRSlKN1DW9EpSKXJUmsrQTVSWbqZydAuVp1upAt1GFakSVaYqdDtVpTuoGt1J1ekuqkE1qRbVprupDt1Ddeleqkf3UX26nxrQA9SQHqRG9BA1poepCT1CTelRakbNqQW1pFb0GLWmx6kNtaV29AS1pyepAz1FCfQ0daRnqBP9jTrTs9SFnqOu9Dx1o+7Ug16gnvQi9aLelEh9qC+9RP2oPw2ggTSIXqbB9AoNoVcpiYbSMHqNhtPrNILeoJE0ikbTmzSG3qKxNI7G0wRKpok0id6myfQOTaGpNI2mUwrNoJn0Ls2i2TSH3qO59D7No/m0gBZSKn1Ai2gxpdGHtIQ+onRaSstoOa2glbSKVtMaWkvraD1toI20iTbTFtpK22g77aCdtIs+pt30Ce2hvbSPPqX99BkdoM/pIH1Bh+hLyqCv6DB9TUfoGzpK3/re9B0dpxN0kr6nU/QDnaYzdJbO0Xn6kS7QT3SRPEGIoQhlqMIgjAlzhLFhzjBXeFWYO7w6zBNeE0bCa8O48Lowb3h9mC/MHxYIC4bxYaGwcKhDE9qQwjAsEhYNo+ENYbHwxrB4WCIsGZYKXVg6LBPeFJYNbw7LhbeE5cNbwwrhbWHFsFL4yH1VwtvDquEdYbXwzrB6eFdYI6wZ1gprh3eHdcJ7wrrhvWG98L6wXHh/2CB8IGwYPhg2Ch8KG4cPh03CR8Km4aNhs7B52CJsGbYKHwtbh4+HbcK2YbvwqrB9+GTYIXwqTAifDjuGz/zcf//irP4nftefGPYJ+4YvhS+F3t8rF0QXRlOjH0QXRRdH06IfRpdEP4qmR5dGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R72vnQMcOuGkUy5wMS6Hi3U5XS53lcvtrnZ53DUu4q51ce46l9dd7/K5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd4Mr5m50xV0JV9KVcs6VdmVcS9fKtXKt3eOujWvr2rkn3BPuSfeke8o95Z52Hd0zrpP7m+vsnnVd3HPuOfe86+a6ux7uBdfTTczzy2sy0fV1fV0/188NcAPcIDfIDXaD3RA3xCW5JDfMDXPD3XA3wo1wI91IN9qNdmPcGDfWjXXj3XiX7JLdJDfJTXaT3RQ3xU1z01yKS3Ez3Uw3y81yVWf/spV5bp5b4Ba4VJfqFrnMc8Y0t8Qtceku3S1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73G632+3x1/wyqNvvDrgD7qA76A65L12G+8oddl+7I+4bd9R9646579xxd8KddN+7U+4Hd9qdcWfdOXfe/eguuJ/cReddcmRiZFLk7cjkyDuRKZGpkWmR6ZGUyIzIzMi7kVmR2ZE5kfcicyPvR+ZF5kcWRBZGUiMfRBZFFkfSIh9GlkQ+iqRHlkaWRZZHVkRWRrwvtC30RXxRH/U3+GL+Rl/cl/AlfSnvfGlfxt/ky/qbfTl/iy/vb/UV/G2+oq/kK/tHfTPf3LfwLX0r/5hv7R/3bXxb384/4dv7J30H/5RP8E/7jv4Z38n/zXf2z/ou/jnf1T/vu/nuvod/wff0L/pevrdP9H18X/+S7+f7+wF+oB/kX/aD/St+iH/VJ/mhfph/zQ/3r/sR/g0/0o/yo2Pe9GOyLpFhgk/2E/0k/7af7N/xU/xUP81P9yl+hp/p3/Wz/Gw/x7/n5/r3/Tw/3y/wC32q/8Av8ot9mv/QL/Ef+XS/NOumsV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mt/sdfqff5T/2u/0nfo/f6/f5T/1+/5k/4D/3B/0X/pD/0mf4r/xh/7U/4r/xR/23/pj/zh/3J/xJ/70/5X/wp/0Zf9af8+f9j/6C/8lf5L9ZY4wxxhj7l0y83BS/7fnldn6fP8gRv1q5LwBcvb1gxq/7M88oN+T7pd1fxLePAMDTvbs+lLXUqJGYmHhp3XQJQdH5AFmfBGX6+asHl+Kl0A6ehARoC2X/cP79Rffz9E/Gj94KkOtXObFwOb48/ucAmPgH4z/2xOhFFcKzcf+P8ecDFC96OScnXI6XQruf76+0hXL/YP75W/+T+ef8Ihmgza9ycsPl+PL8y8Dj8Awk/GZNxhhjjDHGGGPsF/1F5c5Z159Z3/j8o+vzeHU5Jwdcjv/Z9TljjDHGGGOMMcauvGe793jqsYSEtp3//Ua1/1LWv9xoCv9dI3PjDxveA2Q9ogDgPxwQILMh/8q92PqXbCvp0kvn77tWnPMB/M8o5Z/RuMIHJsYYY4wxxtif7vJJ/28fV1dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0V/w7sSu9j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtiV9n8CAAD//7wUAB0=")
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x20, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x101091, 0x0)

19.596424442s ago: executing program 5 (id=1581):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c00208893fdd4787adad4209069"], 0x6, 0x2b0, &(0x7f0000000280)="$eJzs3T9vI0UYB+B3E3vtg8IuqBASK0FBdbpcS+MI5aQIVyAXQAEn7k5CsYV0J0XijzBX0dJQ8gmQkOj4EjQU9Ei0SHRccdKi9e7GTlg72QgnwD1Pk8ns/Gbe3YwTpfD4g5dmR/eyePD481+j309iZxSjeJLEMHai9mWcMvo6AID/sid5Hn/kpTa5JCL62ysLANiilb//Ny4U+GHrJQEAW/b2O+++uT8eH7yVZf24M/vqeFL8Z198La/vP4iPYhr341YM4mlEfqJs38nzfN7JCsN4dTY/nhTJ2fs/VfPv/x6xyO/FIIaLrtP5w/HBXlZayc+LOp6r1h8V+dsxiBca1j8cH9xuyMckjddeWan/Zgzi5w/j45jGvUURy/wXe1n2Rv7Nn5+9V5RX5JP58aS3GLeU717xjwYAAAAAAAAAAAAAAAAAAAAAgP+xm9XZOb1YnN9TdFXn7+w+Lb7pRlYbnj6fp8wn9URnzgea5/Ftfb7OrSzL8mrgMt+JFzvRuZ67BgAAAAAAAAAAAAAAAAAAgH+XR598enR3Or3/8B9p1KcB1G/rv+w8o5Wel6NhzDBOenrLJXeqZTfMHLv1mCRiYxnFjK2K756/+prGjXWp775v++j654/pXqLClo16dx3dTZqfYS/qnn69SX5cHZPGBddK113KW22/tPFS2voFkj6/aMw3jIlkU2Gv/1Y+uaonOXsX6eKpNsa7VaN8LTTtjVb7+e+/KxKndQAAAAAAAAAAAAAAAAAAwFYt3/TbcPHxmtAvh+WH/Mdwy9UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNVYfv5/i8a8Cl9gcBoPH13zLQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAM+CsAAP//yylfnw==")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)

14.128536757s ago: executing program 5 (id=1623):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x5)

13.317789138s ago: executing program 35 (id=1623):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x5)

6.887884001s ago: executing program 1 (id=1664):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001980)={0x765, {"a2e3ad084fc752f91b2909094bf70e0dd038e7ff7fc6e5539b3245078b089b39353b0e1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b33300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)

6.345055054s ago: executing program 1 (id=1665):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000240)='./file0\x00', 0x8c0, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x4447, &(0x7f000000cd00)="$eJzs3b1PHGcaAPB3BnwGfx32ufBJJ91KZ+k+hcDV3WHpMMbGYHOOnNhFmvUCa5tkYS1YohQuSGcpVaQUUQorkdJRWUhp0jh/QpqUTm0pKdJEimSFaHdnMTPsmg3ZhWD9fsUO834+8OzMvmNp/caJyr355dz8cq6wmCvP3lk+l3unXFpZKIZ4jzSd/9DezU97uvE+edmYn3cscpq5fvHy67fOhfDl3NfPNjY2NkJVb2hqeMvPP3z/YHbrsSHO9KmO22SoQ81n2I03Qwint8VV1RNC6AshRCGEC0nZWHLsDyEcT+puPXj/dq5D0Tx+Wjyffz79cH3k7NTao/Vmv3tdFMLHpT/+6+7Ct3/pGfnmH61H/OJoh0IDAAAAAAAAAAAAAAAAAOAAmLhx/eZrQ8PhSRR616Lt39edSI6tvh+70TF/flmYfz/Rsd8YAAAAAAAAAAAAAAAAAAAAfntefP8/F51q8v3/8eQ42qL/xv+6HyPdM/n/6+OXhoaT/d+jbfX/Toq+u9ATTjbZ9z27//uFTP/m+79vn2e3GvE15h0IUTyYOo/jwcEQPk02fj8THYlL5eXKP++UVxbnOhbGgZXOf333/lR2kg3928x/PJYZv8X+/x30h23vpur57c69xV5p6fz3tGz32XtRW9f/xUy/vcg/u5fOf2+trH9rg9H6DaCa/w96d87/eGb8buX/RAghF1VjzaXuANU1TLW81XqFtHT+D9XKUrfO5A/Z6vr/MZP/S5nx9+v+v5r9IKKpdP5/VyvrS7U4XHut5T/e+fq/nBl/P/JfjX+1XrjR3bkPvnT+67kOvakmtb9ku/f/icz4LfN/+NfFfTNO4jwRpd4Ba1G9vNX/V0daOv992+pfPP/Fba3/rmT679XzX2PexvNf4/b/t6j+/Edz6fz3t2zX7vU/menX7fv/aG39x26l83+kVpZeOw/UXtvN/1Rm/G7lv/ZU0tfI/4v7yU+H6+WfWP+1JZ3/o/XCeGuL1dprbf0X7bz+v5oZfz/Wf9X4V+PuzvqqSOf/WMt21fx/1cbn/7VMv+7nP4Qh/9a3a+n8H2/Zrnb99+2c/+lMv27n/6/dHBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgABhLjgMhigdT53E8OBjCxeT8TDgSzRTm8jOl8uzbyyGMJ+W5cCq6WyrPFEr5+cXyXDFfKJXKsyFcSupPh75ouVSu5BcK9y9vjtUf3SsWliozxUIlhDCRlP8pHG+MNTNfWSjcDyFc2az7fVxeun+vsJifm1/679DQ0FCY3IzhZFR8t1JcrNRnr9eGMLXZdyDaElyt+upmLMeit8orS4uFUq382pY+pfJsobSlz3RS92E4GVWWVhZnC5VivlS+25hvP40mx/HJG2/cuDa8rf52VD+O7W1YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPxCT0b+81EIobd+FocQRhs/RM3aP35aPJ9/Pv1wfeTs1Nqj9Wet2gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwM/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYZeOURMIojAAv5kUSbocI9WSdGk3BEJSZIPgCfQYHkaP4iW8g4WFrYUIsou67sI2Wn1f82B+Zt6DeQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAMN+javz/9h6R4mn/GLGcrtbn+W9d55/d9x/uMCO38/NXfZ3+MF3lH/XRpszHdLedTaKjNhatPWnv02Wf5965+vatb76m70ukXEREWeevKeeiGPYWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIEdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCxAAAAAIAwf+so+jYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfgUAAP//X0cdRQ==")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
truncate(&(0x7f0000000280)='./file1\x00', 0x1fefff)

5.184547392s ago: executing program 7 (id=1669):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe)
ioctl$TIOCSSOFTCAR(r0, 0x80047437, &(0x7f0000000080)=0x3)

4.832143497s ago: executing program 7 (id=1673):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="000000000600000008"])
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)

4.672056982s ago: executing program 1 (id=1674):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_SCRNMAP(r0, 0x560b, 0x0)

4.347119141s ago: executing program 7 (id=1678):
syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f00000001c0)='./bus\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x9, 0xad7, &(0x7f0000000d00)="$eJzs3U2MW0cBAODx7nqzm6TEKQkNaWgTCm356abZXcJPBEmVCImoqRCXShGXKE1LRAgSRQKqSiQ5caNVFSRO/IhTL1VBSO0FRT1xqUQjVUg9FQ4ciIKoxAECidHaM97niZ1n74/tjb9Peh7Pm3meec/Pz+93JgBja6Lxuri4qxLC5TdfOfb3h/82uzTmcCtHrfE6VYhVQwiVGJ/KPu/9yWZ484MXT3cKK2G+8Zri4anrrWm3hBAuhL3hSqiF3Zevvvz2/JMnLh6/tO+dVw9dW5+5BwCA8fL1K4cWd/7lT/dvv/HaA0fCpjR66U1j/7wWR2yN+/1H4o5/2v+fCO3xSmEoms7yTcVhYrY932SHfMVyqlm+qS7lT2flV7vk2xTuXP5kYVyn+YaNLK3HtVCZmGuLT0zMzTWPyUPjuH66Mnf+7Llnnx9SRYE1968HQwh7C8PRS+3xURsOj0AdsqGxb9FDvvoI1LVkqI9kHY8Mrqwb9aaBlLd5+Mu2vm3YWyCApvx64W0u5GcWVqf1aVO9lX/9iYnO08MaGPT631f500MuPyj/NxdtcVg7d+valOYr/Y62xnh+HSG/f6n77y+/0tE+Nr8eUe2xnt2uI2yU6wvd6jk54HqsVLf65+vF3erLMUzL4StZevH3k3+nG+U7Bjr7d37+32AwjMrwRus/tji+PV5dTRn14W16gBGX3zdXT9dHo/y+vjx9U0n6TEn6bEn65pL0LSXpMM5+9/2fhpcqy8f5+TF9v+fD03m2e2L4oT7rk5+P7Lf8/L7ffq22/Px+Yhhlb5x6+swXnjl5tXn/f6W1/t+K63s63KjF39aVmCGdL8zPq7fu/a+1lzPRJd+9WX3u6ZC/8X5He77KjuXPCYXtzG312NU+3bZu+fa056tl+WbjMJOdMM73TzZn06X9j7RdTctrKpvfajYf01k90nZlewxnAqxeWh+73f+f1s9doVp59uy5M4/HeFpP/zhZ3bQ0/sCA6w2sXq/P/+wK7c//bG2Nr04UtwvblsdXmtuF1+PntY+fb5XTPn4hxtP/3LcmZxvj505/99wzaz/7MNae/9EL3z517tyZ7635m7Rn3OtUC7MhrEM1BvDmq6NRjX7epC9nVOrjzci9udNWY/P6b5iAdbf/x82dgMfOfufUc2eeO3N+4eDBhfn5g19cWNzf2K/fX9y7L7owhNoCa2n5T3/YNQEAAAAAAAAAAAB69YPjx66++9bn32s+/7/8/F96/j/d+Zue//9J9vx//px8eg4+PQe4vUN6I0/WwOp0lq8ahw9n9d2RlbMzm+4jMWz14xef/0/F5e26pvrcl42vdolmzQnc1l7KdNYGSd5f4MdjeCmGvw4wRJXZzqNjWNa+dVrXU/sUhXYp6toH3jjS95bWhvSEV3r+u2O7ToUve/sA6sjaG8TjhMOeR6Czf4xV+9//XJ7xodfF0H2YGmx5Px/fdaLedS+91x5sANbGsPv/TOc9U3j+D1+bWRpStutPtG8v8/ZLoR9/frc9Pur9T653+Xm/fYMuf9jzP+j+P1vNGfe8/csaQK6trNz//OLae4Viw+5ey8/nP7UDvaO/8m/E8tPcPBJ6K7/+q6z8/IJQj/6blb+5x/Jvm/89Kyv/f7H8tNgefajX8ps1rky01yM/b5yu/+XnjZOb2fyntj3vUP43Xug0/yvsqPFWLB/G2UbpZ7Zf2X5Ea6d95f3/RhfWtv/fVmWzzVp+H8bnYjxtiNN9Dnl/J/3WP91fkf4HdmafXyn5f9P/78b2pRiW/R5S/79pfazFv/xCvLEsU7zaYdnerdsa2KjeH6vrf2swnFz3MmaGPo8jPxzpI29lvetTn1zBdK1+4oa8LOv1+vqe0Cox1MIZ+vIf9nHCsMsf9vIvk/f/m+/D5/3/5ul5/795et7/b54+G7+hbul5/7/58sz7/83T78s+d7l/4Ctt+W5Pb/poSfruzumtw/b7S6bfU5L+sZL0fa30w205UvoDJdM/WJJ+b0n6QyXpnyhJ/2RJ+sMl6Y8W0ot9QKf0T5VMf7dLz6OM6/zDOMufz/P7h/GRrv90+/3vKEkHNq6fvXbg6MnffrPWfP5/unU+JF3HOxLj1Xj89MMYz697h0J8Ke2tGP9rlj7q5ztgnOTtZ+T/74+UpAMbV7rPy+8bxlBlpvPoGJa1W9VtP5+N5dMx/EwMPxvDx2I4F8P9MTwQw/kB1Y/1cfT13x96qbJ8vL8tS+/1fvL8eaC2dqJCCAs91ic/P9Dv/ex5O379Wm35K3wcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGgmGq+Li7sqIVx+85VjT584u39pzOFWjlrjdaoQq7amC+HxGE7G8Jfxzc0PXjxdDG/FsBLmQyVUWuPDU9dbJW0JIVwIe8OVUAu7L199+e35J09cPH5p3zuvHrq2fksAAAAA7n7/DwAA///rRgta")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x87142, 0x1bc)
sendfile(r0, r0, 0x0, 0x7a680000)

3.769797368s ago: executing program 4 (id=1680):
r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000100)='asymmetric\x00', &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)='keyring\x00', r0)
keyctl$restrict_keyring(0xa, r0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e')

3.667698173s ago: executing program 7 (id=1681):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000180), 0x4)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd1, &(0x7f0000000000)=0x3, 0x4)

3.484306687s ago: executing program 1 (id=1682):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x101}, {{0x0, 0x0, 0x0}, 0x80020001}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000440)=""/183, 0xb7}, {&(0x7f0000000340)=""/238, 0xee}, {&(0x7f0000000040)=""/45, 0x2d}, {&(0x7f00000008c0)=""/4096, 0x1000}, {&(0x7f0000000640)=""/68, 0x44}, {&(0x7f00000006c0)=""/237, 0xed}], 0x6}, 0x80000000}], 0x4, 0x0, 0x0)

3.39175681s ago: executing program 4 (id=1683):
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_ALLOW_SUSPEND(r0, 0x5522)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000140)={0x2, 0x3, 0x0, 0xff81, 0x0, 0x3, 0x0})

3.277371587s ago: executing program 4 (id=1684):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@ipv4_newroute={0x1c, 0x1a, 0x1, 0x203, 0x0, {0xa, 0x0, 0x20, 0x15, 0xfc, 0x0, 0x0, 0x0, 0x2000}}, 0x1c}}, 0x200000c0)

3.104499094s ago: executing program 4 (id=1685):
r0 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e22, 0x7, @local, 0x8000}, 0x1c)
sendto$inet6(r0, &(0x7f00000000c0)="800034ca269bb73c", 0x8, 0x2004c080, &(0x7f0000000040)={0xa, 0xfffd, 0xc9, @mcast2, 0x8000000}, 0x1c)

3.020201607s ago: executing program 4 (id=1687):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x10a900, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x2})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

2.264587492s ago: executing program 2 (id=1693):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000040)='./file2\x00', 0x8, &(0x7f0000000240)={[{@barrier}, {@autodefrag}, {@ref_verify}, {@compress_algo={'compress', 0x3d, 'no'}}, {@clear_cache}, {@noacl}, {@noenospc_debug}, {@nodatacow}, {@nospace_cache}]}, 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000180)=0xffffffff)

1.453915087s ago: executing program 2 (id=1694):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x19, 0x3, 0xb, 0x3, 0x7, 0xd})

839.890827ms ago: executing program 2 (id=1695):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$bt_hci(r0, &(0x7f00000002c0)={0x27}, 0x6)

679.880275ms ago: executing program 2 (id=1696):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x3, 0x14, &(0x7f0000000f00)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x29}}, @printk={@i, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xd0}}]}, &(0x7f0000000040)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r1, 0x0, 0xe, 0x0, &(0x7f0000000340)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xa86, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

468.226136ms ago: executing program 2 (id=1697):
r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000000300), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000380)='asymmetric\x00', &(0x7f00000002c0)=@keyring={'key_or_keyring:', r0})

461.65379ms ago: executing program 7 (id=1698):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000", @ANYRES32=0x1], 0x50)
r0 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8936, &(0x7f0000000000))

458.453243ms ago: executing program 1 (id=1699):
r0 = memfd_create(&(0x7f0000000b40)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x84\xcdN\xf7\xf6\b~\xed_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xadNaC\xa6\xf9\xa7>c\x84\xd8\xfa\xf1\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8g8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZH\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\xea\x82\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\x0f\x8eS\xaeX\x93\x7f\xd3\xb9a\xe4\xe0\xbd\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x84\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1#\xe7N\x89\xf8\xe8+\xa1\x82\x13\xb2\xa9\xef\xa5\xf8\x8b \x00\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)2\xe2\xd6\x81\x00b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|&k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc2Ru2Ht\re\xa1\xf6\xbd\xaa\xb0\x83}i\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf\xa4O\xb4\xed\xc8\xccH\xd1=\x81\x00\x00\x00\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xd6\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\x86C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17U\xf0\x16K\xf9&@\xb1[\xe2j$F1n@\xde\n%t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5#\x7f\xa8\x1f\x14\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebk\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x850\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96\x87\xc0e\xab\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!\xec\xf7$\xc2\xbaU \x98\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\"k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xec\x01\'\t\x89(\xf9\x98B\xaf\xde*\x91\xd5k\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\xdfC\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84\x0e\xa7U\xc7}\xea.U`\x1b*\xcep\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xc9\xcfw\xf3\x02\x1b\xde\xc3\x86\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x13\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcdQ\xdf\x83\xbdjp,\xe8\xbb\xe6\xc6Db\xb8\xd6\xcd\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd4k7L\x8a\xa3Z\xf9%{\xfax\x9a\x04\'/\x90\xe6\xe2\xe9\xf1@o\x0ez\xb8\xce\xbeF\x0fkE\xf4ry\x92n\xff\xcb\xf8e\xf3j\xc5[wK\x91\xdb\xf7-r\xd3\x1bx\x9b$\x91\x03q~@\xd8R\x11\x05|\x8f\xb4\xc9\x16\x87C\xab\x96\xc4\xef\xea\xb9\r\xf5\xf3\xbe\x8a\t\xc7\x88\xc0sL;.\xcf\x1d\xc4^\xb0l\xbb\x97\xc5\xf6n\xca\x18M\xb8\x81\xff\xa9~\xf7\xa3\xa6\xd3\x15I\xecXG\x89\xa8\b\x8b\xcc\xe8\x88\xa07Z\x03\xff14\x87I\xc7\\vK<m2\x16\x03\xcd\xc1\xa8.\x7f\x16qlk\xf1\xf1y\x8c\xde\xd6|\xa1(\xf4\x12O\xca3\xf8%1\x8d\xd7\a\xfeJ\xe6\x8bc\xb3\x1bKC.\xafB\x8d\xdd\xf9\x1e\x9d\xa7\x13\x00\x14\xc7\xa1\xf3\x1e\xcb\x19\x13z`\xac\xf3\xd1x\x1b#}\xfaYR\xc5#Zoag@\x18\xfa*\xb4\xc4\x04\x03V\x87\xc5\xe7\xb5\x9bJ\x85-\x7f\xfe\xc0\xb7g\xe8\'`\x96q\x88[\xf8\xe8L\x12\x85\xf5t\x99\x0e}\xd3H\xed\xda\xf3>\xd8\x12\x8cXc5%\x03\x8d`\xdayC\x9b\x9a\xd9c\xe9\xb4\v\x99\x87\xe4\x00\x8a\x8eS\x8e\f\x05ZH\xa2\x0e\xbc\x9c\x95\b2Cf6\x9a\xe7\xb9\x86\xbe\xd0\xda\x91\xc1sl\x11PA\x93\xa5\x93\xc8\xf1w\x7fp6z\xbf\xe8[\'u\xb8\xd2$K\x12\rt\x87\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00r\xe2`\xdf\xd2\xb3\xaf\xe9\xc4!Z\xb4&\xa2\x12\xe2i\x91kC$A\xafR\xb3\xff\x1d=Z\x0e\xde\x99\xec\x10\xb4+\x13\'\x92>\x14\x00\a\xb6R\x8b\xdcz\xc3\xd1Y\xd6\xd9;s \xb0\x938\xb7D9\xdcN\xbd\xdbn\xe35\xa7\x02\x9c\xc1\xd9\x13?\xc9\xd7\xab\x9c\xf3\x82\xd1\xee^kk\xce\xdbn\x02\x1f\x80\t\xdbr\xa9\xcc\xf1\xcb\x9f@\x8c\xfc\x02W/p\x97\xb0\xbd\x8f\xdb|n2a\xee\x95u\x83\xca\x8a>}\xd3\xd0\xff6.pa\x17\xe3e\xd2\x7f\xf6\xbc\x9d\x112\x1b\x14<B\x91\xc0{{\x9d@\xb3a\xad\x14\xe9\xcc|\xd7\xa1\xc6\xb9F\x04\xce]\xb9Y\xbd\xbd\f\xa4F;q\xec\x83\x9bM\x93\xa4\x9c\xdd\x93\xa0\x82E\x02d\xd4RAI\xd9O\x17\xa6P#\xa35\a\xf6\xbb\t>p\xa1\xd6u\xefn\xb4\xa3\x05D\x8c\xc5l\xcc\b\xeb\xf42\xe9\xf15\xf3\xf2\xee\xd6\xed\t\xb3\xf7\x1a\x7f\xe6\xb4z\x19\xe1\xb4w\xf7\xa6\xd7\\\xfa\x96\xe2\xf9\xb1\x81\xba\xdfg\xadI\x1c\xde*_\xd5\xdf\xeeA\xcd \x91\xc9\xd4\xd1\xcd*.t\x80]\xd5~\xfb\xfb>\x9d\x91Kq]N\x87\x0f\x04L\xd4(\xf2G \xfdr~:\xc4\xc3\xfe\x14G\xadG~^l\xe0:(Y`\x0e\x90\xfa\x1c\xb6\f6\x92B\x92\xd3\xa9BG\xd2*AB\x1e\x01\xf0m+\x02\x87\x81aj;\xb6y.g\xeb\xc4\x0f\xd3\x85\xa5\x00\xa1\xa6iP\x0f\x02\x14\x90q\x94\xab\xb3\x0f\x01=\x06\x98\xa8\x87\xd9=\xce\xbef<\x1d\v\xba[\xd8]\x9e\xf30\xb8\xf1\b\x06M\x18w\xdc\x0e\x98?\x04G\xf9\x99\xab\xc1\xc0z\xe9Fu\x03\x9aj\xc0]\xb47\xd5\xb8]\x98y@\x8c\x8fM\x8c],\x1b\x03\xaa\'gv\xeb\xbf\xa8d\"\x94e3Q\xfci\xdf\xad\x819\xd1\xf3\xaa\xc8i\xf2\x8a\xc4CU3\x87Ns\x9f\x9f\xcd\x05\x06g\x9aRBg\x98\x10Ch\x1c\x96\xd3\xce', 0x7)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000002, 0x10012, r0, 0x0)
read(r0, &(0x7f0000000000)=""/269, 0xfffffdef)

307.054626ms ago: executing program 2 (id=1700):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000440)={[{@bsdgroups}, {@noblock_validity}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@debug}, {@errors_remount}]}, 0x1, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c000140"], 0x118}}, 0x0)

226.729583ms ago: executing program 1 (id=1701):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={0x4000000, {}, {0x2, 0x0, @dev}, {0x2, 0x0, @empty}, 0x2a0})
ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x0, {}, {0x2, 0x0, @multicast2}, {0x2, 0x4e21, @empty}, 0xab852ebbeefbd6b1})

158.605µs ago: executing program 7 (id=1702):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x14, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x101}, [@printk={@llu, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20000002}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa8}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

0s ago: executing program 4 (id=1703):
r0 = socket(0x11, 0x3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bind$packet(r0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

0 arch=c000003e syscall=9 compat=0 ip=0x7fb486d8e963 code=0x7ffc0000
[  183.217148][   T49] hfsplus: b-tree write err: -5, ino 4
[  183.228869][ T7942] netlink: 56 bytes leftover after parsing attributes in process `syz.6.756'.
[  183.257097][   T30] audit: type=1326 audit(1752070150.734:1809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7926 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb486d8d3df code=0x7ffc0000
[  183.306673][ T7942] netlink: 8 bytes leftover after parsing attributes in process `syz.6.756'.
[  183.352453][ T7945] loop4: detected capacity change from 0 to 512
[  183.383284][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.408587][   T30] audit: type=1326 audit(1752070150.754:1810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7926 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb486d8e9b7 code=0x7ffc0000
[  183.419091][ T7945] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.757: casefold flag without casefold feature
[  183.475268][   T30] audit: type=1326 audit(1752070150.804:1811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7926 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb486d8d290 code=0x7ffc0000
[  183.513465][   T30] audit: type=1326 audit(1752070150.804:1812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7926 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb486d8e52b code=0x7ffc0000
[  183.536716][   T30] audit: type=1326 audit(1752070150.804:1813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7926 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb486d8d58a code=0x7ffc0000
[  183.561018][   T30] audit: type=1326 audit(1752070150.804:1814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7926 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb486d8d58a code=0x7ffc0000
[  183.585925][ T7945] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.757: couldn't read orphan inode 15 (err -117)
[  183.637554][ T7945] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.867490][ T7956] loop2: detected capacity change from 0 to 512
[  183.907562][ T7958] netlink: 'syz.6.763': attribute type 29 has an invalid length.
[  183.920453][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.961951][ T7956] EXT4-fs (loop2): orphan cleanup on readonly fs
[  183.967842][ T7962] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  183.986222][ T7958] netlink: 'syz.6.763': attribute type 29 has an invalid length.
[  184.029359][ T7956] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  184.112530][ T7956] EXT4-fs (loop2): 1 truncate cleaned up
[  184.128539][ T7956] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  184.414940][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.686966][ T5986] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  184.867309][ T5986] usb 5-1: Using ep0 maxpacket: 8
[  184.894368][ T5986] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  184.958930][ T5986] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  184.993395][ T5986] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.073804][ T5986] usb 5-1: config 0 descriptor??
[  185.560027][ T5986] arvo 0003:1E7D:30D4.000D: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.4-1/input0
[  185.751263][ T6025] usb 5-1: USB disconnect, device number 5
[  185.794008][ T8008] loop0: detected capacity change from 0 to 16
[  185.875925][ T8008] erofs (device loop0): dirblkbits 250 isn't supported
[  185.904538][ T7689] udevd[7689]: incorrect erofs checksum on /dev/loop0
[  185.961575][ T8006] fido_id[8006]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  186.174942][ T7987] loop2: detected capacity change from 0 to 32768
[  186.248295][ T7987] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  186.277023][ T7987] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  186.518082][ T5841] ocfs2: Unmounting device (7,2) on (node local)
[  186.621998][ T8025] loop1: detected capacity change from 0 to 512
[  186.706739][ T8025] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  186.857796][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.867029][ T6025] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  187.032442][ T8004] loop6: detected capacity change from 0 to 32768
[  187.072436][ T6025] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.089247][ T6025] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  187.110439][ T6025] usb 5-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  187.121919][ T6025] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.133301][ T6025] usb 5-1: config 0 descriptor??
[  187.135463][ T8004] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  187.467257][ T8004] XFS (loop6): Ending clean mount
[  187.484039][ T8004] XFS (loop6): Quotacheck needed: Please wait.
[  187.570045][ T6025] playstation 0003:054C:0DF2.000E: unbalanced delimiter at end of report description
[  187.597365][ T8004] XFS (loop6): Quotacheck: Done.
[  187.662093][ T6025] playstation 0003:054C:0DF2.000E: Parse failed
[  187.691946][ T6025] playstation 0003:054C:0DF2.000E: probe with driver playstation failed with error -22
[  187.721317][ T8058] loop1: detected capacity change from 0 to 64
[  187.790361][ T6025] usb 5-1: USB disconnect, device number 6
[  187.826790][ T7469] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  188.277497][ T5863] Bluetooth: hci6: command 0x0405 tx timeout
[  188.312983][ T8069] loop0: detected capacity change from 0 to 256
[  188.861082][ T8085] netlink: 'syz.4.816': attribute type 2 has an invalid length.
[  188.917816][ T8086] netlink: 104 bytes leftover after parsing attributes in process `syz.5.817'.
[  188.919142][ T8089] loop1: detected capacity change from 0 to 256
[  189.040580][ T8089] FAT-fs (loop1): Directory bread(block 64) failed
[  189.064584][ T8089] FAT-fs (loop1): Directory bread(block 65) failed
[  189.130766][ T8089] FAT-fs (loop1): Directory bread(block 66) failed
[  189.188227][ T8089] FAT-fs (loop1): Directory bread(block 67) failed
[  189.194923][ T8089] FAT-fs (loop1): Directory bread(block 68) failed
[  189.225691][ T8089] FAT-fs (loop1): Directory bread(block 69) failed
[  189.246105][ T8089] FAT-fs (loop1): Directory bread(block 70) failed
[  189.277328][ T8089] FAT-fs (loop1): Directory bread(block 71) failed
[  189.314458][ T8089] FAT-fs (loop1): Directory bread(block 72) failed
[  189.337307][ T8089] FAT-fs (loop1): Directory bread(block 73) failed
[  189.715782][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  189.715828][   T30] audit: type=1326 audit(1752070157.623:1823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.2.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  189.841975][   T30] audit: type=1326 audit(1752070157.623:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.2.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  189.951151][   T30] audit: type=1326 audit(1752070157.673:1825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.2.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  189.995306][   T67] kworker/u8:4: attempt to access beyond end of device
[  189.995306][   T67] loop1: rw=1, sector=1224, nr_sectors = 544 limit=256
[  190.021736][   T30] audit: type=1326 audit(1752070157.673:1826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.2.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  190.047147][   T67] kworker/u8:4: attempt to access beyond end of device
[  190.047147][   T67] loop1: rw=1, sector=1800, nr_sectors = 128 limit=256
[  190.097001][   T30] audit: type=1326 audit(1752070157.673:1827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.2.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  190.101513][   T67] kworker/u8:4: attempt to access beyond end of device
[  190.101513][   T67] loop1: rw=1, sector=1960, nr_sectors = 1472 limit=256
[  190.182222][   T30] audit: type=1326 audit(1752070157.673:1828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.2.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  190.256797][   T30] audit: type=1326 audit(1752070157.673:1829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.2.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  190.285193][   T30] audit: type=1326 audit(1752070157.673:1830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.2.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  190.507828][ T8136] loop1: detected capacity change from 0 to 1024
[  190.530382][ T8132] loop2: detected capacity change from 0 to 1024
[  190.573077][ T8132] hfsplus: bad catalog entry type
[  190.683824][ T1325] hfsplus: b-tree write err: -5, ino 4
[  190.838746][ T8142] loop5: detected capacity change from 0 to 1024
[  190.955301][ T8142] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.072023][ T8157] netlink: 8 bytes leftover after parsing attributes in process `syz.1.847'.
[  191.072915][ T8154] loop0: detected capacity change from 0 to 64
[  191.081338][ T8157] netlink: 4 bytes leftover after parsing attributes in process `syz.1.847'.
[  191.107499][ T8155] netlink: 12 bytes leftover after parsing attributes in process `syz.4.846'.
[  191.167883][    T9] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  191.219856][ T5842] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.339262][    T9] usb 3-1: Using ep0 maxpacket: 8
[  191.381046][    T9] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  191.414136][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.453871][ T8161] loop1: detected capacity change from 0 to 1024
[  191.460740][    T9] usb 3-1: Product: syz
[  191.492619][    T9] usb 3-1: Manufacturer: syz
[  191.523760][    T9] usb 3-1: SerialNumber: syz
[  191.558845][    T9] usb 3-1: config 0 descriptor??
[  191.821378][    T9] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  191.872249][ T8161] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6
[  191.933160][ T8161] netlink: 20 bytes leftover after parsing attributes in process `syz.1.850'.
[  191.947925][ T5210] udevd[5210]: worker [7682] terminated by signal 33 (Unknown signal 33)
[  191.972650][ T5210] udevd[5210]: worker [7682] failed while handling '/devices/virtual/block/loop1'
[  192.226955][    T9] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  192.309227][    T9] usb 3-1: USB disconnect, device number 6
[  192.416592][ T8190] loop5: detected capacity change from 0 to 512
[  192.454714][ T8190] EXT4-fs (loop5): orphan cleanup on readonly fs
[  192.482556][ T8190] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.861: corrupted in-inode xattr: overlapping e_value 
[  192.562172][ T8193] loop0: detected capacity change from 0 to 2048
[  192.598016][ T8190] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.861: couldn't read orphan inode 15 (err -117)
[  192.627437][ T8190] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  192.633501][ T8193] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  192.777226][ T5842] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.328618][ T8211] loop5: detected capacity change from 0 to 256
[  193.336579][ T8210] loop1: detected capacity change from 0 to 512
[  193.343183][ T8212] loop2: detected capacity change from 0 to 512
[  193.366504][ T8210] EXT4-fs: Ignoring removed nobh option
[  193.369642][ T8213] loop0: detected capacity change from 0 to 1024
[  193.380646][ T8210] EXT4-fs: Ignoring removed nobh option
[  193.388781][ T8212] EXT4-fs: Ignoring removed mblk_io_submit option
[  193.454910][ T8210] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  193.482504][ T8212] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  193.503422][ T8210] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.869: invalid indirect mapped block 4294967295 (level 2)
[  193.528765][ T8212] EXT4-fs (loop2): orphan cleanup on readonly fs
[  193.554516][ T8212] Quota error (device loop2): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  193.570357][ T8210] EXT4-fs (loop1): 1 truncate cleaned up
[  193.580137][ T8210] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.594470][ T8212] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  193.626281][ T8212] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  193.635392][ T8211] FAT-fs (loop5): Directory bread(block 64) failed
[  193.667179][ T8211] FAT-fs (loop5): Directory bread(block 65) failed
[  193.695217][   T30] audit: type=1800 audit(1752070161.593:1831): pid=8210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.869" name="file2" dev="loop1" ino=16 res=0 errno=0
[  193.734711][ T8211] FAT-fs (loop5): Directory bread(block 66) failed
[  193.757920][ T8212] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.872: bg 0: block 40: padding at end of block bitmap is not set
[  193.762221][ T8211] FAT-fs (loop5): Directory bread(block 67) failed
[  193.838755][ T8211] FAT-fs (loop5): Directory bread(block 68) failed
[  193.881908][ T8211] FAT-fs (loop5): Directory bread(block 69) failed
[  193.886053][ T8212] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  193.901252][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.922296][ T8211] FAT-fs (loop5): Directory bread(block 70) failed
[  193.940147][ T8211] FAT-fs (loop5): Directory bread(block 71) failed
[  193.958778][ T8212] EXT4-fs (loop2): 1 truncate cleaned up
[  193.979679][ T8212] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  194.008334][ T8211] FAT-fs (loop5): Directory bread(block 72) failed
[  194.037564][ T8211] FAT-fs (loop5): Directory bread(block 73) failed
[  194.044992][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  194.051575][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  194.090812][ T8220] netlink: 24 bytes leftover after parsing attributes in process `syz.0.873'.
[  194.172822][ T8212] EXT4-fs error (device loop2): ext4_get_link:106: inode #16: comm syz.2.872: bad symlink.
[  194.324841][ T8199] loop4: detected capacity change from 0 to 32768
[  194.361409][ T8226] tipc: Started in network mode
[  194.386930][ T8226] tipc: Node identity aaaaaaaaaa2a, cluster identity 4711
[  194.404059][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.449275][ T8226] tipc: Enabled bearer <eth:batadv0>, priority 10
[  194.507448][ T8199] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  194.602004][ T8238] netlink: 8 bytes leftover after parsing attributes in process `syz.6.880'.
[  194.719732][ T8199] XFS (loop4): Ending clean mount
[  195.059711][ T8246] loop0: detected capacity change from 0 to 128
[  195.079079][ T5843] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  195.157830][ T8246] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  195.244060][ T8246] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  195.324005][ T8253] loop1: detected capacity change from 0 to 8
[  195.411984][ T8246] EXT4-fs error (device loop0): __ext4_find_entry:1626: inode #2: comm syz.0.881: checksumming directory block 0
[  195.458117][ T8246] EXT4-fs error (device loop0): __ext4_find_entry:1626: inode #2: comm syz.0.881: checksumming directory block 0
[  195.579883][ T5932] tipc: Node number set to 8432298
[  195.683225][ T5853] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  195.889845][ T8265] loop4: detected capacity change from 0 to 1024
[  195.926839][ T8265] EXT4-fs: Ignoring removed bh option
[  196.022848][ T8265] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.363984][ T8279] loop1: detected capacity change from 0 to 1764
[  196.364879][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.503078][ T8281] netlink: 44 bytes leftover after parsing attributes in process `syz.0.896'.
[  196.558405][ T8281] netlink: 28 bytes leftover after parsing attributes in process `syz.0.896'.
[  196.599921][ T8284] loop2: detected capacity change from 0 to 1024
[  196.682216][ T8284] hfsplus: bad catalog entry type
[  196.768694][ T8285] loop6: detected capacity change from 0 to 4096
[  196.796800][ T8285] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512).
[  196.898773][   T67] hfsplus: b-tree write err: -5, ino 4
[  197.583784][ T8311] netlink: 3 bytes leftover after parsing attributes in process `syz.5.911'.
[  197.761777][ T8317] loop1: detected capacity change from 0 to 64
[  197.837867][   T30] audit: type=1800 audit(1752070165.742:1832): pid=8317 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.913" name="file2" dev="loop1" ino=19 res=0 errno=0
[  198.258992][ T8327] loop0: detected capacity change from 0 to 8
[  198.326969][ T8332] loop2: detected capacity change from 0 to 512
[  198.388161][ T8332] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  198.478480][ T8332] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.919: bg 0: block 104: invalid block bitmap
[  198.560204][ T8332] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  198.607542][ T8332] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.919: invalid indirect mapped block 1 (level 1)
[  198.671718][ T8332] EXT4-fs (loop2): 1 truncate cleaned up
[  198.687463][ T8295] loop4: detected capacity change from 0 to 32768
[  198.691317][ T8332] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.726685][ T8295] XFS (loop4): Invalid device [./file0], error=-16
[  199.045455][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.442155][ T8359] loop6: detected capacity change from 0 to 2048
[  199.591274][ T8359] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.880459][ T7469] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.978925][ T5919] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  200.148588][ T5919] usb 2-1: Using ep0 maxpacket: 8
[  200.157302][ T5919] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  200.178621][ T5919] usb 2-1: config 179 has no interface number 0
[  200.184959][ T5919] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  200.206185][ T5919] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  200.226327][ T5919] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  200.243785][ T8347] loop5: detected capacity change from 0 to 32768
[  200.244196][ T5919] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  200.274143][ T5919] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  200.290072][ T8347] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.927 (8347)
[  200.297311][ T5919] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.372046][ T8367] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  200.398576][ T5946] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  200.422501][ T8347] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  200.470968][ T8347] BTRFS info (device loop5): using sha256 (sha256-x86_64) checksum algorithm
[  200.500339][ T8347] BTRFS info (device loop5): using free-space-tree
[  200.562678][ T5946] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  200.616773][ T5946] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  200.652848][ T8398] loop6: detected capacity change from 0 to 1024
[  200.727336][ T5946] usb 5-1: New USB device found, idVendor=046d, idProduct=c626, bcdDevice= 0.00
[  200.748605][ T5946] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.879972][ T5946] usb 5-1: config 0 descriptor??
[  200.911747][ T8376] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  200.920990][ T5971] hfsplus: b-tree write err: -5, ino 4
[  201.035929][ T5842] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  201.127765][ T5919] usb 2-1: USB disconnect, device number 5
[  201.127832][    C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  201.141989][    C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  201.360524][ T5946] logitech 0003:046D:C626.000F: unbalanced delimiter at end of report description
[  201.424245][ T5946] logitech 0003:046D:C626.000F: parse failed
[  201.459100][ T5946] logitech 0003:046D:C626.000F: probe with driver logitech failed with error -22
[  201.570367][ T5986] usb 5-1: USB disconnect, device number 7
[  201.956328][ T8422] netlink: 56 bytes leftover after parsing attributes in process `syz.5.954'.
[  201.995903][ T8422] netlink: 24 bytes leftover after parsing attributes in process `syz.5.954'.
[  202.027454][ T8423] usb usb1: check_ctrlrecip: process 8423 (syz.2.955) requesting ep 01 but needs 81
[  202.360998][ T8429] loop6: detected capacity change from 0 to 524287999
[  202.389255][   T30] audit: type=1326 audit(1752070170.302:1833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8431 comm="syz.5.961" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f096e58e929 code=0x0
[  202.396907][ T8429] Buffer I/O error on dev loop6, logical block 0, async page read
[  202.451846][ T8435] loop2: detected capacity change from 0 to 512
[  202.480864][ T8429] Buffer I/O error on dev loop6, logical block 0, async page read
[  202.498476][ T8435] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  202.501629][ T8429] Buffer I/O error on dev loop6, logical block 0, async page read
[  202.515696][ T8404] loop0: detected capacity change from 0 to 32768
[  202.528877][ T8429] Buffer I/O error on dev loop6, logical block 0, async page read
[  202.537852][ T8429] Buffer I/O error on dev loop6, logical block 0, async page read
[  202.576363][ T8429] Buffer I/O error on dev loop6, logical block 0, async page read
[  202.581815][ T8404] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  202.585432][ T8429] Buffer I/O error on dev loop6, logical block 0, async page read
[  202.604476][ T8429] Buffer I/O error on dev loop6, logical block 0, async page read
[  202.613086][ T8429] ldm_validate_partition_table(): Disk read failed.
[  202.620243][ T8429] Buffer I/O error on dev loop6, logical block 0, async page read
[  202.623017][ T8435] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.629299][ T8429] Buffer I/O error on dev loop6, logical block 0, async page read
[  202.649491][ T8429] Dev loop6: unable to read RDB block 0
[  202.655573][ T8429]  loop6: unable to read partition table
[  202.667252][ T8429] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  202.678604][ T8435] ext4 filesystem being mounted at /183/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  202.715879][ T8435] EXT4-fs: Cannot change journaled quota options when quota turned on
[  202.812976][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.905600][ T8404] XFS (loop0): Ending clean mount
[  202.917406][ T8453] loop6: detected capacity change from 0 to 512
[  202.965178][ T8453] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  202.966708][ T8404] XFS (loop0): Quotacheck needed: Please wait.
[  203.046029][ T8453] EXT4-fs (loop6): 1 truncate cleaned up
[  203.069289][ T8453] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.132189][ T7469] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.180438][ T8458] pim6reg9: entered allmulticast mode
[  203.194087][ T8404] XFS (loop0): Quotacheck: Done.
[  203.404572][ T8462] veth0_to_bond: entered allmulticast mode
[  203.521992][ T5853] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  203.537594][ T8468] loop2: detected capacity change from 0 to 256
[  203.601587][ T8468] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xc5dfab67, utbl_chksum : 0xe619d30d)
[  204.764924][ T8497] loop5: detected capacity change from 0 to 128
[  204.807929][ T8497] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  204.906003][ T8497] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  204.924825][ T8498] loop4: detected capacity change from 0 to 4096
[  204.944112][ T8505] netlink: 24 bytes leftover after parsing attributes in process `syz.0.987'.
[  205.041571][ T8509] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  205.328619][ T8518] netlink: 32 bytes leftover after parsing attributes in process `syz.2.990'.
[  205.388706][ T8518] tipc: Invalid UDP bearer configuration
[  205.388779][ T8518] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  205.699472][ T8530] netlink: 8 bytes leftover after parsing attributes in process `syz.0.996'.
[  205.875739][ T8530] macvlan2: entered promiscuous mode
[  205.908666][ T5932] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  205.938655][ T8530] macvlan2: entered allmulticast mode
[  205.962839][ T8530] erspan0: entered allmulticast mode
[  206.034632][ T8542] Bluetooth: MGMT ver 1.23
[  206.145245][ T5932] usb 5-1: Using ep0 maxpacket: 32
[  206.173936][ T5932] usb 5-1: config 0 has an invalid interface number: 219 but max is 0
[  206.191902][ T5932] usb 5-1: config 0 has no interface number 0
[  206.198082][ T5932] usb 5-1: config 0 interface 219 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  206.298701][ T5932] usb 5-1: config 0 interface 219 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  206.325195][ T8551] loop6: detected capacity change from 0 to 256
[  206.351141][ T5932] usb 5-1: config 0 interface 219 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[  206.390636][ T8548] loop5: detected capacity change from 0 to 512
[  206.408516][ T5932] usb 5-1: config 0 interface 219 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  206.429923][ T8548] EXT4-fs: Ignoring removed oldalloc option
[  206.460254][ T5932] usb 5-1: config 0 interface 219 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  206.481167][ T5932] usb 5-1: config 0 interface 219 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  206.506074][ T5932] usb 5-1: config 0 interface 219 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  206.525654][ T5932] usb 5-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[  206.536378][ T5932] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.570686][ T5932] usb 5-1: Product: syz
[  206.575603][ T5932] usb 5-1: Manufacturer: syz
[  206.577104][ T8548] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.588447][ T5932] usb 5-1: SerialNumber: syz
[  206.638854][ T8548] ext4 filesystem being mounted at /193/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  206.670602][ T5932] usb 5-1: config 0 descriptor??
[  206.678930][ T8528] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  206.709144][ T8551] FAT-fs (loop6): Directory bread(block 64) failed
[  206.746245][ T8551] FAT-fs (loop6): Directory bread(block 65) failed
[  206.766591][   T30] audit: type=1800 audit(1752070174.672:1834): pid=8548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1003" name="file1" dev="loop5" ino=15 res=0 errno=0
[  206.789249][ T8551] FAT-fs (loop6): Directory bread(block 66) failed
[  206.795851][ T8551] FAT-fs (loop6): Directory bread(block 67) failed
[  206.898946][ T8551] FAT-fs (loop6): Directory bread(block 68) failed
[  206.949199][ T5932] etas_es58x 5-1:0.219: Starting syz syz (Serial Number syz)
[  206.957902][ T8551] FAT-fs (loop6): Directory bread(block 69) failed
[  207.003806][ T8551] FAT-fs (loop6): Directory bread(block 70) failed
[  207.032719][ T5842] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.055469][ T8551] FAT-fs (loop6): Directory bread(block 71) failed
[  207.091560][ T8551] FAT-fs (loop6): Directory bread(block 72) failed
[  207.147709][ T8551] FAT-fs (loop6): Directory bread(block 73) failed
[  207.148292][ T5932] etas_es58x 5-1:0.219: could not parse product info: '424242424242'
[  207.177516][ T8568] loop1: detected capacity change from 0 to 164
[  207.375190][ T5932] usb 5-1: USB disconnect, device number 8
[  207.403479][ T5932] etas_es58x 5-1:0.219: Disconnecting syz syz
[  208.204538][ T8598] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1022'.
[  208.458628][ T5932] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  208.566616][ T8606] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1025'.
[  208.587606][ T8606] netlink: 2 bytes leftover after parsing attributes in process `syz.5.1025'.
[  208.628551][ T5932] usb 5-1: Using ep0 maxpacket: 16
[  208.658974][ T5932] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  208.683263][ T5932] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  208.779019][ T5932] usb 5-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  208.788143][ T5932] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.833966][ T5932] usb 5-1: Product: syz
[  208.838275][ T5932] usb 5-1: Manufacturer: syz
[  208.870098][ T5932] usb 5-1: SerialNumber: syz
[  208.905905][ T5932] usb 5-1: config 0 descriptor??
[  209.191328][ T5932] appledisplay 5-1:0.0: Error while getting initial brightness: -71
[  209.223944][ T5932] appledisplay 5-1:0.0: probe with driver appledisplay failed with error -71
[  209.270315][ T5932] usb 5-1: USB disconnect, device number 9
[  209.339751][ T8602] loop2: detected capacity change from 0 to 32768
[  209.429006][ T8602] JBD2: Ignoring recovery information on journal
[  209.580536][ T8602] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  209.823466][ T5841] ocfs2: Unmounting device (7,2) on (node local)
[  210.384362][ T8653] loop2: detected capacity change from 0 to 2048
[  210.420197][ T8653] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  210.456933][ T8653] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  211.076763][ T8662] loop4: detected capacity change from 0 to 32768
[  211.130607][ T8662] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  211.138942][ T8662] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  211.161710][ T8662] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms
[  211.171004][ T8662] gfs2: fsid=syz:syz.0: gfs2_check_dirent: name length is greater than space in dirent (not first in block)
[  211.183308][ T8662] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 4 2075, function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 589
[  211.197841][ T8662] gfs2: fsid=syz:syz.0: G:  s:SH n:2/81b f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1
[  211.208850][ T8662] gfs2: fsid=syz:syz.0:  H: s:SH f:H e:0 p:8662 [syz.4.1047] gfs2_lookup_meta+0xa7/0x170
[  211.219042][ T8662] gfs2: fsid=syz:syz.0:  I: n:4/2075 t:4 f:0x00 d:0x00000201 s:3864 p:0
[  211.227417][ T8662] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  211.234975][ T8662] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  211.243828][ T8662] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  211.255371][ T8662] gfs2: fsid=syz:syz.0: File system withdrawn
[  211.261594][ T8662] CPU: 1 UID: 0 PID: 8662 Comm: syz.4.1047 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  211.261627][ T8662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  211.261643][ T8662] Call Trace:
[  211.261652][ T8662]  <TASK>
[  211.261662][ T8662]  dump_stack_lvl+0x189/0x250
[  211.261702][ T8662]  ? __pfx_dump_stack_lvl+0x10/0x10
[  211.261733][ T8662]  ? __pfx__printk+0x10/0x10
[  211.261770][ T8662]  ? kobject_uevent_env+0x36b/0x8c0
[  211.261820][ T8662]  gfs2_withdraw+0x111e/0x14f0
[  211.261875][ T8662]  ? __pfx_gfs2_withdraw+0x10/0x10
[  211.261913][ T8662]  ? __pfx__printk+0x10/0x10
[  211.261956][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.261986][ T8662]  ? gfs2_consist_inode_i+0xf5/0x110
[  211.262026][ T8662]  gfs2_dirent_scan+0x545/0x690
[  211.262065][ T8662]  ? __pfx_gfs2_dirent_find+0x10/0x10
[  211.262101][ T8662]  ? __pfx_gfs2_dirent_find+0x10/0x10
[  211.262137][ T8662]  gfs2_dirent_search+0x2e0/0x7e0
[  211.262171][ T8662]  ? __pfx_inode_dio_wait+0x10/0x10
[  211.262201][ T8662]  ? __pfx_wake_up_bit+0x10/0x10
[  211.262239][ T8662]  ? __pfx_gfs2_dirent_search+0x10/0x10
[  211.262271][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.262301][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.262330][ T8662]  ? gfs2_glock_nq+0x10bb/0x1900
[  211.262378][ T8662]  gfs2_dir_search+0x4c/0x220
[  211.262419][ T8662]  gfs2_lookupi+0x3d9/0x5a0
[  211.262465][ T8662]  ? __pfx_gfs2_lookupi+0x10/0x10
[  211.262507][ T8662]  ? gfs2_lookup_meta+0xa7/0x170
[  211.262545][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.262572][ T8662]  ? sprintf+0xd9/0x120
[  211.262605][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.262634][ T8662]  ? crc32_le_base+0x1f7/0x250
[  211.262675][ T8662]  gfs2_lookup_meta+0xa7/0x170
[  211.262712][ T8662]  ? __pfx_gfs2_lookup_meta+0x10/0x10
[  211.262747][ T8662]  ? __kasan_kmalloc+0x93/0xb0
[  211.262778][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.262814][ T8662]  ? init_journal+0x1238/0x2260
[  211.262854][ T8662]  init_journal+0x1297/0x2260
[  211.262904][ T8662]  ? init_inodes+0xdb/0x320
[  211.262944][ T8662]  ? __pfx_init_journal+0x10/0x10
[  211.262996][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.263024][ T8662]  ? snprintf+0xda/0x120
[  211.263060][ T8662]  ? init_inodes+0xdb/0x320
[  211.263095][ T8662]  ? __pfx_snprintf+0x10/0x10
[  211.263129][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.263157][ T8662]  ? gfs2_glock_nq_num+0x13d/0x170
[  211.263201][ T8662]  init_inodes+0xdb/0x320
[  211.263239][ T8662]  gfs2_fill_super+0x1939/0x20e0
[  211.263294][ T8662]  ? __pfx_gfs2_fill_super+0x10/0x10
[  211.263327][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.263361][ T8662]  ? init_locking+0xb8/0x210
[  211.263393][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.263423][ T8662]  ? sb_set_blocksize+0x104/0x180
[  211.263451][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.263480][ T8662]  ? setup_bdev_super+0x4c1/0x5b0
[  211.263515][ T8662]  get_tree_bdev_flags+0x40e/0x4d0
[  211.263545][ T8662]  ? __pfx_gfs2_fill_super+0x10/0x10
[  211.263581][ T8662]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  211.263613][ T8662]  ? rcu_is_watching+0x15/0xb0
[  211.263651][ T8662]  gfs2_get_tree+0x51/0x1e0
[  211.263690][ T8662]  vfs_get_tree+0x92/0x2b0
[  211.263724][ T8662]  do_new_mount+0x24a/0xa40
[  211.263769][ T8662]  __se_sys_mount+0x317/0x410
[  211.263819][ T8662]  ? __pfx___se_sys_mount+0x10/0x10
[  211.263851][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.263888][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.263917][ T8662]  ? __x64_sys_mount+0x20/0xc0
[  211.263955][ T8662]  do_syscall_64+0xfa/0x3b0
[  211.263979][ T8662]  ? lockdep_hardirqs_on+0x9c/0x150
[  211.264019][ T8662]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.264043][ T8662]  ? srso_alias_return_thunk+0x5/0xfbef5
[  211.264071][ T8662]  ? exc_page_fault+0x9f/0xf0
[  211.264112][ T8662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.264136][ T8662] RIP: 0033:0x7f75e35900ca
[  211.264158][ T8662] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.264180][ T8662] RSP: 002b:00007f75e4497e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  211.264205][ T8662] RAX: ffffffffffffffda RBX: 00007f75e4497ef0 RCX: 00007f75e35900ca
[  211.264224][ T8662] RDX: 0000200000000100 RSI: 0000200000012500 RDI: 00007f75e4497eb0
[  211.264242][ T8662] RBP: 0000200000000100 R08: 00007f75e4497ef0 R09: 0000000000200001
[  211.264260][ T8662] R10: 0000000000200001 R11: 0000000000000246 R12: 0000200000012500
[  211.264276][ T8662] R13: 00007f75e4497eb0 R14: 000000000001260a R15: 00002000000000c0
[  211.264316][ T8662]  </TASK>
[  211.264331][ T8662] gfs2: fsid=syz:syz.0: can't find local "sc" file#0: -5
[  212.303095][ T8684] loop1: detected capacity change from 0 to 1024
[  212.334013][ T8688] loop5: detected capacity change from 0 to 2048
[  212.368117][ T8684] EXT4-fs: Ignoring removed orlov option
[  212.402101][ T8688] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  212.414672][ T8684] EXT4-fs: Ignoring removed nomblk_io_submit option
[  212.550691][ T8684] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  212.750349][ T8702] loop2: detected capacity change from 0 to 2048
[  212.901577][ T8702] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  212.961190][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.337068][ T8712] loop1: detected capacity change from 0 to 256
[  213.378200][ T8713] loop0: detected capacity change from 0 to 16
[  213.386165][ T8712] exfat: Deprecated parameter 'utf8'
[  213.409675][ T8713] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  213.432274][ T8712] exfat: Deprecated parameter 'utf8'
[  213.531550][ T5839] udevd[5839]: incorrect cramfs checksum on /dev/loop0
[  213.584794][ T8712] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d)
[  213.597234][ T5932] IPVS: starting estimator thread 0...
[  213.685978][ T5864] udevd[5864]: incorrect cramfs checksum on /dev/loop0
[  213.699083][ T8720] IPVS: using max 26 ests per chain, 62400 per kthread
[  213.706162][ T5946] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  213.880170][ T5946] usb 6-1: Using ep0 maxpacket: 8
[  213.887729][ T5946] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  213.928776][ T5946] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  214.002948][ T5946] usb 6-1: New USB device found, idVendor=056e, idProduct=00e6, bcdDevice= 0.00
[  214.054688][ T5946] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.090775][ T8691] loop6: detected capacity change from 0 to 32768
[  214.108537][ T8691] XFS: noikeep mount option is deprecated.
[  214.125865][ T5946] usb 6-1: config 0 descriptor??
[  214.167044][ T8692] loop4: detected capacity change from 0 to 32768
[  214.210705][ T8691] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  214.236613][ T8735] loop0: detected capacity change from 0 to 16
[  214.394942][ T8735] erofs (device loop0): mounted with root inode @ nid 36.
[  214.537881][ T8691] XFS (loop6): Ending clean mount
[  214.632873][ T5946] elecom 0003:056E:00E6.0010: reserved main item tag 0xe
[  214.656045][ T8691] XFS (loop6): Quotacheck needed: Please wait.
[  214.684859][ T8745] loop2: detected capacity change from 0 to 512
[  214.697534][ T5946] elecom 0003:056E:00E6.0010: unknown main item tag 0x0
[  214.710950][ T5853] syz-executor: attempt to access beyond end of device
[  214.710950][ T5853] loop0: rw=0, sector=103079215096, nr_sectors = 8 limit=16
[  214.744381][ T5946] elecom 0003:056E:00E6.0010: hidraw0: USB HID v0.00 Device [HID 056e:00e6] on usb-dummy_hcd.5-1/input0
[  214.750244][ T8745] EXT4-fs: Ignoring removed mblk_io_submit option
[  214.817487][ T5853] erofs (device loop0): failed to readdir of logical block 0 of nid 46
[  214.825630][ T8691] XFS (loop6): Quotacheck: Done.
[  214.877349][ T8745] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[  214.910452][ T5946] usb 6-1: USB disconnect, device number 6
[  214.940958][ T5853] erofs (device loop0): bogus i_mode (0) @ nid 281474976710655
[  215.027717][ T5853] erofs (device loop0): bogus i_mode (0) @ nid 281474976710655
[  215.067098][ T8745] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.1073: attempt to clear invalid blocks 2 len 1
[  215.172382][ T8745] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  215.256064][ T7469] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  215.274724][ T8751] fido_id[8751]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  215.288340][ T8745] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1073: invalid indirect mapped block 1819239214 (level 0)
[  215.423046][ T8745] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1073: invalid indirect mapped block 1819239214 (level 1)
[  215.539368][ T8745] EXT4-fs (loop2): 1 truncate cleaned up
[  215.547201][ T8745] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.891794][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.172543][   T30] audit: type=1326 audit(1752070184.082:1835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.5.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f096e58e929 code=0x7ffc0000
[  216.287170][   T30] audit: type=1326 audit(1752070184.082:1836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.5.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f096e58e929 code=0x7ffc0000
[  216.387653][   T30] audit: type=1326 audit(1752070184.092:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.5.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f096e58e929 code=0x7ffc0000
[  216.520735][   T30] audit: type=1326 audit(1752070184.092:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.5.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f096e58e929 code=0x7ffc0000
[  216.586165][ T8796] loop6: detected capacity change from 0 to 512
[  216.602749][ T5861] Bluetooth: hci0: command 0x0406 tx timeout
[  216.608121][ T5859] Bluetooth: hci2: command 0x0406 tx timeout
[  216.609838][ T5854] Bluetooth: hci1: command 0x0406 tx timeout
[  216.614808][ T5859] Bluetooth: hci4: command 0x0406 tx timeout
[  216.620912][ T5861] Bluetooth: hci3: command 0x0406 tx timeout
[  216.651076][   T30] audit: type=1326 audit(1752070184.092:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.5.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f096e58e929 code=0x7ffc0000
[  216.688843][   T30] audit: type=1326 audit(1752070184.092:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.5.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f096e58e929 code=0x7ffc0000
[  216.712875][   T30] audit: type=1326 audit(1752070184.092:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.5.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f096e58e929 code=0x7ffc0000
[  216.741783][   T30] audit: type=1326 audit(1752070184.092:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.5.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f096e58e929 code=0x7ffc0000
[  216.754330][ T8796] EXT4-fs: Ignoring removed oldalloc option
[  216.930951][ T8796] EXT4-fs (loop6): 1 truncate cleaned up
[  216.950990][ T8796] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.252167][ T7469] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.516310][ T8818] loop6: detected capacity change from 0 to 64
[  217.577589][ T8818] hfs: unable to locate alternate MDB
[  217.584459][ T8818] hfs: continuing without an alternate MDB
[  217.622921][ T8822] loop1: detected capacity change from 0 to 1024
[  217.738544][ T8822] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.085720][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.163671][   T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.430734][   T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.453777][ T8837] loop4: detected capacity change from 0 to 256
[  218.598363][ T8837] FAT-fs (loop4): Directory bread(block 64) failed
[  218.661526][ T8837] FAT-fs (loop4): Directory bread(block 65) failed
[  218.668213][ T8837] FAT-fs (loop4): Directory bread(block 66) failed
[  218.732343][ T8837] FAT-fs (loop4): Directory bread(block 67) failed
[  218.744731][   T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.770041][ T8837] FAT-fs (loop4): Directory bread(block 68) failed
[  218.776638][ T8837] FAT-fs (loop4): Directory bread(block 69) failed
[  218.817263][ T8837] FAT-fs (loop4): Directory bread(block 70) failed
[  218.859278][ T8846] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1115'.
[  218.875258][ T8837] FAT-fs (loop4): Directory bread(block 71) failed
[  218.915422][ T8837] FAT-fs (loop4): Directory bread(block 72) failed
[  218.956002][ T8837] FAT-fs (loop4): Directory bread(block 73) failed
[  219.162664][   T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.734471][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  219.752340][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  219.764682][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  219.774497][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  219.786061][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  219.883710][   T49] bridge_slave_1: left allmulticast mode
[  219.898442][   T49] bridge_slave_1: left promiscuous mode
[  219.921488][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.042659][   T49] bridge_slave_0: left allmulticast mode
[  220.082790][   T49] bridge_slave_0: left promiscuous mode
[  220.111251][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.655211][ T8849] loop5: detected capacity change from 0 to 32768
[  220.687374][ T8891] loop2: detected capacity change from 0 to 1024
[  220.714218][ T8849] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  220.804567][ T8891] hfsplus: bad catalog entry type
[  220.832642][ T8849] XFS (loop5): Ending clean mount
[  220.976991][   T13] hfsplus: b-tree write err: -5, ino 4
[  221.010207][ T5842] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  221.659717][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  221.695858][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  221.715028][ T8911] loop2: detected capacity change from 0 to 512
[  221.715332][   T49] bond0 (unregistering): Released all slaves
[  221.729433][ T8909] loop5: detected capacity change from 0 to 512
[  221.756860][ T8909] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  221.879950][ T5860] Bluetooth: hci4: command tx timeout
[  221.966719][ T8909] EXT4-fs (loop5): 1 truncate cleaned up
[  221.991391][ T8911] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.045896][ T8909] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.079235][ T8911] ext4 filesystem being mounted at /217/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  222.101457][   T49] tipc: Disabling bearer <eth:batadv0>
[  222.236128][ T8911] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1141: bg 0: block 145: padding at end of block bitmap is not set
[  222.270631][   T49] tipc: Left network mode
[  222.324512][ T8929] loop1: detected capacity change from 0 to 512
[  222.405054][ T5842] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.444990][ T8929] EXT4-fs warning (device loop1): dx_probe:861: inode #2: comm syz.1.1146: dx entry: limit 1024 != root limit 124
[  222.502685][ T8929] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.1146: Corrupt directory, running e2fsck is recommended
[  222.525326][ T8929] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  222.534013][ T8929] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.1146: corrupted in-inode xattr: invalid ea_ino
[  222.554068][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.567148][ T8929] EXT4-fs (loop1): Remounting filesystem read-only
[  222.672449][ T8929] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.959873][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.264904][ T8955] loop5: detected capacity change from 0 to 256
[  223.280669][ T8958] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1152'.
[  223.413850][ T8955] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[  223.488589][ T8955] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  223.959424][ T5860] Bluetooth: hci4: command tx timeout
[  223.964557][ T8977] sp0: Synchronizing with TNC
[  224.077372][ T8975] loop6: detected capacity change from 0 to 4096
[  224.190717][ T8975] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.373480][   T49] hsr_slave_0: left promiscuous mode
[  224.452221][   T49] hsr_slave_1: left promiscuous mode
[  224.488701][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  224.531050][ T7469] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.540639][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  224.667873][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  224.715037][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  224.944714][   T49] veth1_macvtap: left promiscuous mode
[  224.964257][   T49] veth0_macvtap: left promiscuous mode
[  225.009485][   T49] veth1_vlan: left promiscuous mode
[  225.017659][   T49] veth0_vlan: left promiscuous mode
[  225.156082][ T9003] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1174'.
[  225.256610][ T9003] netlink: 43 bytes leftover after parsing attributes in process `syz.6.1174'.
[  225.301579][ T9003] netlink: 'syz.6.1174': attribute type 6 has an invalid length.
[  225.322690][ T9006] block nbd4: not configured, cannot reconfigure
[  225.366080][ T9003] netlink: 'syz.6.1174': attribute type 5 has an invalid length.
[  225.426598][ T9003] netlink: 43 bytes leftover after parsing attributes in process `syz.6.1174'.
[  225.840875][ T9011] loop4: detected capacity change from 0 to 4096
[  225.953114][ T9014] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  226.047188][ T5860] Bluetooth: hci4: command tx timeout
[  226.075309][ T9016] loop2: detected capacity change from 0 to 512
[  226.182946][ T9016] EXT4-fs: Ignoring removed oldalloc option
[  226.208499][ T8999] loop5: detected capacity change from 0 to 32768
[  226.277519][ T9016] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1180: Parent and EA inode have the same ino 15
[  226.394216][ T9016] EXT4-fs (loop2): 1 orphan inode deleted
[  226.423460][ T9013] loop6: detected capacity change from 0 to 32768
[  226.452073][ T8999] JBD2: Ignoring recovery information on journal
[  226.520084][ T9016] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.566956][ T9013] debugfs: Directory 'B1DE653C5FFC4D88B33B244AAB9EB3E9' with parent 'ocfs2' already present!
[  226.594682][ T8999] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  226.698256][ T9013] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  226.765528][ T9016] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.1180: unexpected EA_INODE flag
[  226.853809][ T8999] OCFS2: ERROR (device loop5): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #17056 has bad parent pointer (0, expected 74)
[  226.929018][ T8999] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  226.948892][ T8999] OCFS2: File system is now read-only.
[  226.958358][ T9013] (syz.6.1179,9013,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0
[  226.965222][ T8999] (syz.5.1172,8999,1):ocfs2_search_one_group:1738 ERROR: status = -30
[  226.986901][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.054070][ T8999] (syz.5.1172,8999,1):ocfs2_claim_suballoc_bits:1989 ERROR: status = -30
[  227.067196][ T9013] (syz.6.1179,9013,1):ocfs2_prepare_dir_for_insert:4294 ERROR: status = -2
[  227.103108][ T9013] (syz.6.1179,9013,1):ocfs2_rename:1483 ERROR: status = -2
[  227.131139][ T8999] (syz.5.1172,8999,1):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30
[  227.150774][ T9033] netlink: ct family unspecified
[  227.159215][ T9033] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  227.166347][ T9013] (syz.6.1179,9013,1):ocfs2_rename:1699 ERROR: status = -2
[  227.180107][ T8999] (syz.5.1172,8999,1):ocfs2_claim_new_inode:2298 ERROR: status = -30
[  227.188228][ T8999] (syz.5.1172,8999,1):ocfs2_claim_new_inode:2313 ERROR: status = -30
[  227.225448][ T8999] (syz.5.1172,8999,1):ocfs2_mknod_locked:638 ERROR: status = -30
[  227.259454][ T8999] (syz.5.1172,8999,1):ocfs2_mknod:385 ERROR: status = -30
[  227.280543][ T8999] (syz.5.1172,8999,1):ocfs2_mknod:502 ERROR: status = -30
[  227.316380][ T7469] ocfs2: Unmounting device (7,6) on (node local)
[  227.359050][ T8999] (syz.5.1172,8999,1):ocfs2_mkdir:658 ERROR: status = -30
[  227.472517][ T8999] syz.5.1172 (8999) used greatest stack depth: 18984 bytes left
[  227.632999][ T5842] ocfs2: Unmounting device (7,5) on (node local)
[  227.689313][ T6025] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  227.880707][ T6025] usb 2-1: Using ep0 maxpacket: 8
[  227.899451][ T6025] usb 2-1: unable to get BOS descriptor or descriptor too short
[  227.920604][ T6025] usb 2-1: config 4 interface 0 has no altsetting 0
[  227.940702][ T6025] usb 2-1: string descriptor 0 read error: -22
[  227.952594][ T6025] usb 2-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  227.972970][ T6025] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.992239][ T6025] usb 2-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  228.005395][ T6025] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  228.029356][ T6025] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  228.036655][ T6025] usb 2-1: media controller created
[  228.119220][   T51] Bluetooth: hci4: command tx timeout
[  228.138950][ T6025] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  228.452779][   T49] team0 (unregistering): Port device team_slave_1 removed
[  228.647551][   T49] team0 (unregistering): Port device team_slave_0 removed
[  228.713999][ T9046] loop6: detected capacity change from 0 to 32768
[  228.776126][ T9046] 
[  228.776126][ T9046]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  228.776126][ T9046] 
[  228.950249][ T7469] 
[  228.950249][ T7469]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  228.950249][ T7469] 
[  228.993729][ T7469] 
[  228.993729][ T7469]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  228.993729][ T7469] 
[  229.240497][ T6025] zl10353_read_register: readreg error (reg=127, ret==0)
[  229.371512][ T6025] usb 2-1: USB disconnect, device number 6
[  229.419918][ T9050] loop5: detected capacity change from 0 to 32768
[  229.683438][ T9066] loop2: detected capacity change from 0 to 256
[  229.758226][ T9066] exfat: Deprecated parameter 'namecase'
[  229.782532][ T9066] exfat: Deprecated parameter 'utf8'
[  229.847062][ T9066] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  230.376711][ T9076] netlink: 172 bytes leftover after parsing attributes in process `syz.1.1208'.
[  230.410919][ T9076] netlink: 192 bytes leftover after parsing attributes in process `syz.1.1208'.
[  230.852586][ T9040] netlink: 750 bytes leftover after parsing attributes in process `syz.4.1190'.
[  231.022104][ T5918] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  231.145256][ T8863] chnl_net:caif_netlink_parms(): no params data found
[  231.182030][ T9099] loop4: detected capacity change from 0 to 256
[  231.222868][ T5918] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  231.250521][ T5918] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.298335][ T5918] usb 6-1: config 0 interface 0 has no altsetting 0
[  231.350166][ T5918] usb 6-1: New USB device found, idVendor=0c70, idProduct=f010, bcdDevice= 0.00
[  231.399753][ T5918] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.419735][ T9099] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  231.548098][ T5918] usb 6-1: config 0 descriptor??
[  231.716634][   T30] audit: type=1326 audit(1752070199.621:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9113 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  231.767712][   T30] audit: type=1326 audit(1752070199.651:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9113 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  231.792540][   T30] audit: type=1326 audit(1752070199.681:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9113 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  231.816122][   T30] audit: type=1326 audit(1752070199.681:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9113 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  231.840338][   T30] audit: type=1326 audit(1752070199.681:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9113 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  231.863221][   T30] audit: type=1326 audit(1752070199.681:1848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9113 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  231.887063][   T30] audit: type=1326 audit(1752070199.681:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9113 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  231.931715][   T30] audit: type=1326 audit(1752070199.681:1850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9113 comm="syz.2.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb486d8e929 code=0x7ffc0000
[  232.036185][ T5918] aquacomputer_d5next 0003:0C70:F010.0011: hidraw0: USB HID v0.00 Device [HID 0c70:f010] on usb-dummy_hcd.5-1/input0
[  232.094997][ T9125] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.1225'.
[  232.120593][ T5919] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  232.129884][ T8863] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.139517][ T9125] netlink: get zone limit has 8 unknown bytes
[  232.149386][ T8863] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.178548][ T8863] bridge_slave_0: entered allmulticast mode
[  232.223428][ T8863] bridge_slave_0: entered promiscuous mode
[  232.253748][ T5918] usb 6-1: USB disconnect, device number 7
[  232.271861][ T8863] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.289932][ T8863] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.307387][ T8863] bridge_slave_1: entered allmulticast mode
[  232.316310][ T5919] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  232.321381][ T8863] bridge_slave_1: entered promiscuous mode
[  232.373050][ T5919] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  232.425591][ T5919] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  232.430987][ T9126] fido_id[9126]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  232.451758][ T5919] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.474541][ T5919] usb 5-1: config 0 descriptor??
[  232.507575][ T5919] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  232.516853][ T5919] dvb-usb: bulk message failed: -22 (3/0)
[  232.617745][ T5919] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  232.689950][ T5919] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  232.729367][ T5919] usb 5-1: media controller created
[  232.736666][ T5919] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  232.746236][ T9119] dvb-usb: bulk message failed: -22 (2/0)
[  232.822249][ T8863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.853519][ T5919] dvb-usb: bulk message failed: -22 (6/0)
[  232.889943][ T5919] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  232.937616][ T8863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  233.027428][ T5919] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input9
[  233.091941][ T5919] dvb-usb: schedule remote query interval to 150 msecs.
[  233.122651][ T5919] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  233.167738][ T5919] usb 5-1: USB disconnect, device number 10
[  233.402908][ T5919] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  233.456964][ T9158] loop2: detected capacity change from 0 to 256
[  233.471840][ T8863] team0: Port device team_slave_0 added
[  233.499285][ T9159] block nbd1: NBD_DISCONNECT
[  233.551781][ T8863] team0: Port device team_slave_1 added
[  233.895105][ T8863] batman_adv: batadv0: Adding interface: batadv_slave_0
[  233.936829][ T8863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.033377][ T8863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  234.108240][ T8863] batman_adv: batadv0: Adding interface: batadv_slave_1
[  234.132864][ T8863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.139850][ T9178] usb usb1: usbfs: process 9178 (syz.2.1245) did not claim interface 0 before use
[  234.202337][ T9180] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  234.253451][ T8863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  234.325614][ T9182] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1247'.
[  234.426793][ T9184] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1248'.
[  234.785694][ T9187] loop6: detected capacity change from 0 to 4096
[  234.846965][ T8863] hsr_slave_0: entered promiscuous mode
[  234.863198][ T9196] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  234.890178][ T8863] hsr_slave_1: entered promiscuous mode
[  234.929833][ T8863] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  234.938498][ T9187] NILFS error (device loop6): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=4096, inode=0, rec_len=0, name_len=0
[  234.987239][ T8863] Cannot create hsr debugfs directory
[  235.073757][ T9187] Remounting filesystem read-only
[  235.099029][ T9187] NILFS error (device loop6): nilfs_readdir: bad page in #2
[  235.346130][ T9169] loop1: detected capacity change from 0 to 32768
[  235.386892][ T9169] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1240 (9169)
[  235.422538][ T9169] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  235.518858][ T9169] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  235.519307][ T9169] BTRFS info (device loop1): using free-space-tree
[  235.852322][ T9208] loop6: detected capacity change from 0 to 4096
[  235.944472][ T9224] loop2: detected capacity change from 0 to 4096
[  235.959000][ T9208] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512).
[  236.012714][ T5847] BTRFS info (device loop1): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  236.107808][ T9194] loop4: detected capacity change from 0 to 32768
[  236.130464][ T9194] XFS: ikeep mount option is deprecated.
[  236.230095][ T9194] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  236.256229][ T9208] ntfs3(loop6): Failed to initialize $Extend/$ObjId.
[  236.284274][ T8863] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  236.387822][ T8863] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  236.498125][ T8863] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  236.629550][ T8863] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  236.639548][ T9194] XFS (loop4): Ending clean mount
[  236.686204][ T9244] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1258'.
[  236.720324][ T9194] XFS (loop4): Quotacheck needed: Please wait.
[  236.807208][ T9247] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1260'.
[  236.862240][ T9247] netlink: 'syz.5.1260': attribute type 4 has an invalid length.
[  236.966069][ T9194] XFS (loop4): Quotacheck: Done.
[  237.396909][ T5843] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  237.513195][ T8863] 8021q: adding VLAN 0 to HW filter on device bond0
[  237.695397][ T8863] 8021q: adding VLAN 0 to HW filter on device team0
[  237.749833][ T9267] loop1: detected capacity change from 0 to 1024
[  237.772651][ T1332] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.779849][ T1332] bridge0: port 1(bridge_slave_0) entered forwarding state
[  237.824635][ T1332] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.831862][ T1332] bridge0: port 2(bridge_slave_1) entered forwarding state
[  237.939948][ T9267] hfsplus: bad catalog entry type
[  238.110295][   T49] hfsplus: b-tree write err: -5, ino 4
[  238.326878][ T9277] loop1: detected capacity change from 0 to 256
[  238.374088][ T9281] ptrace attach of "./syz-executor exec"[5842] was attempted by ""[9281]
[  238.428031][ T9284] loop6: detected capacity change from 0 to 512
[  238.489129][ T9277] FAT-fs (loop1): Directory bread(block 64) failed
[  238.499739][ T9277] FAT-fs (loop1): Directory bread(block 65) failed
[  238.506359][ T9277] FAT-fs (loop1): Directory bread(block 66) failed
[  238.579548][ T9277] FAT-fs (loop1): Directory bread(block 67) failed
[  238.616139][ T9284] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  238.636603][ T9277] FAT-fs (loop1): Directory bread(block 68) failed
[  238.704235][ T9284] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002]
[  238.711540][ T9277] FAT-fs (loop1): Directory bread(block 69) failed
[  238.743119][ T9277] FAT-fs (loop1): Directory bread(block 70) failed
[  238.773193][ T9284] EXT4-fs (loop6): orphan cleanup on readonly fs
[  238.784886][ T9277] FAT-fs (loop1): Directory bread(block 71) failed
[  238.809597][ T9284] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #13: comm syz.6.1272: iget: bad i_size value: 12154761577498
[  238.839829][ T9277] FAT-fs (loop1): Directory bread(block 72) failed
[  238.860995][ T9284] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.1272: couldn't read orphan inode 13 (err -117)
[  238.874006][ T9277] FAT-fs (loop1): Directory bread(block 73) failed
[  238.912848][ T9296] loop4: detected capacity change from 0 to 1024
[  238.958188][ T9284] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  238.996902][ T9296] EXT4-fs: Ignoring removed orlov option
[  239.049447][ T9296] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  239.083089][ T8863] 8021q: adding VLAN 0 to HW filter on device batadv0
[  239.116058][ T9284] EXT4-fs warning (device loop6): dx_probe:861: inode #2: comm syz.6.1272: dx entry: limit 65535 != root limit 120
[  239.161425][ T9284] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.1272: Corrupt directory, running e2fsck is recommended
[  239.181456][ T9296] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.481285][ T7469] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.586486][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.028034][ T9330] loop5: detected capacity change from 0 to 64
[  240.140917][ T9330] hfs: bad catalog entry type 0
[  240.633297][ T8863] veth0_vlan: entered promiscuous mode
[  240.727518][ T8863] veth1_vlan: entered promiscuous mode
[  240.862353][ T8863] veth0_macvtap: entered promiscuous mode
[  240.936848][ T8863] veth1_macvtap: entered promiscuous mode
[  241.061638][ T8863] batman_adv: batadv0: Interface activated: batadv_slave_0
[  241.143487][ T8863] batman_adv: batadv0: Interface activated: batadv_slave_1
[  241.186502][ T8863] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  241.252082][ T8863] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  241.301991][ T8863] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  241.326958][ T8863] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  241.337424][ T9370] loop2: detected capacity change from 0 to 1024
[  241.400305][ T5986] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  241.531151][ T9370] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.592183][ T5986] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  241.656117][ T5986] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  241.704624][ T5986] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  241.747336][ T5986] usb 5-1: New USB device found, idVendor=0853, idProduct=0148, bcdDevice= 0.00
[  241.763422][ T9381] loop6: detected capacity change from 0 to 8
[  241.783815][ T9380] warning: `syz.5.1304' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  241.805502][ T5986] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.855634][ T5986] usb 5-1: config 0 descriptor??
[  241.888391][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.904821][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.952217][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.140499][   T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.168673][   T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.263414][ T9345] loop1: detected capacity change from 0 to 32768
[  242.316457][ T5986] topre 0003:0853:0148.0012: unknown main item tag 0x0
[  242.338400][   T30] audit: type=1800 audit(1752070210.241:1851): pid=9345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1291" name="file1" dev="loop1" ino=4 res=0 errno=0
[  242.368268][ T5986] topre 0003:0853:0148.0012: unknown main item tag 0x0
[  242.458736][ T5986] topre 0003:0853:0148.0012: unknown main item tag 0x0
[  242.532665][ T5986] topre 0003:0853:0148.0012: unknown main item tag 0x0
[  242.581158][ T5986] topre 0003:0853:0148.0012: unknown main item tag 0x0
[  242.623340][ T5986] topre 0003:0853:0148.0012: hidraw0: USB HID v0.00 Device [HID 0853:0148] on usb-dummy_hcd.4-1/input0
[  242.653297][ T5986] usb 5-1: USB disconnect, device number 11
[  242.780518][ T9397] Invalid logical block size (3)
[  243.024607][ T9400] fido_id[9400]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  243.349353][ T5986] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  243.532583][ T5986] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  243.568058][ T5986] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  243.599329][ T5986] usb 3-1: New USB device found, idVendor=1e71, idProduct=200d, bcdDevice= 0.00
[  243.631568][ T5986] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.671286][ T5986] usb 3-1: config 0 descriptor??
[  243.679316][   T24] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  243.904871][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  243.949208][   T24] usb 5-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00
[  243.958321][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.026387][   T24] usb 5-1: config 0 descriptor??
[  244.149910][ T5986] nzxt-smart2 0003:1E71:200D.0013: hidraw0: USB HID v0.00 Device [HID 1e71:200d] on usb-dummy_hcd.2-1/input0
[  244.276392][ T9411] loop7: detected capacity change from 0 to 32768
[  244.356363][ T5986] usb 3-1: USB disconnect, device number 7
[  244.379575][ T9411] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.1314 (9411)
[  244.471610][ T9411] BTRFS info (device loop7): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  244.496605][   T24] holtek_mouse 0003:04D9:A067.0014: hidraw0: USB HID v0.01 Device [HID 04d9:a067] on usb-dummy_hcd.4-1/input0
[  244.516461][ T9411] BTRFS info (device loop7): using blake2b (blake2b-256-generic) checksum algorithm
[  244.568127][ T9411] BTRFS info (device loop7): using free-space-tree
[  244.676926][   T24] usb 5-1: USB disconnect, device number 12
[  244.928574][ T9450] fido_id[9450]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  245.194199][ T9470] loop2: detected capacity change from 0 to 256
[  245.457512][ T8863] BTRFS info (device loop7): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  246.067452][ T9497] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1339'.
[  246.080582][ T9494] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1340'.
[  246.768316][ T9516] loop6: detected capacity change from 0 to 8
[  246.808353][ T9516] SQUASHFS error: lzo decompression failed, data probably corrupt
[  246.859506][ T9516] SQUASHFS error: Failed to read block 0x91: -5
[  246.859534][ T9516] SQUASHFS error: Unable to read metadata cache entry [8f]
[  246.859552][ T9516] SQUASHFS error: Unable to read inode 0x11f
[  247.294484][ T9531] loop5: detected capacity change from 0 to 64
[  247.745542][ T9545] binder: 9544:9545 ioctl c00c6211 0 returned -14
[  247.752178][ T5946] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  247.954762][ T5946] usb 2-1: config 0 has an invalid interface number: 69 but max is 0
[  247.994114][ T5946] usb 2-1: config 0 has no interface number 0
[  248.026444][ T5946] usb 2-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[  248.076812][ T5946] usb 2-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  248.124603][ T5946] usb 2-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  248.139330][ T5946] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.185033][ T5946] usb 2-1: Product: syz
[  248.202878][ T9552] loop4: detected capacity change from 0 to 4096
[  248.209577][ T5946] usb 2-1: Manufacturer: syz
[  248.221648][ T5946] usb 2-1: SerialNumber: syz
[  248.238203][ T9552] ntfs3(loop4): It is recommened to use chkdsk.
[  248.256494][ T5946] usb 2-1: config 0 descriptor??
[  248.271243][ T9552] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00
[  248.284880][ T9540] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  248.309365][ T5946] cyberjack 2-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  248.318670][ T9552] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00
[  248.333072][ T9562] loop6: detected capacity change from 0 to 512
[  248.365790][ T9552] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00
[  248.391259][ T5946] usb 2-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  248.409707][ T9552] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00
[  248.428868][ T9552] ntfs3(loop4): try to read out of volume at offset 0x3fffffc1c00
[  248.459485][ T9552] ntfs3(loop4): try to read out of volume at offset 0x3fffffc2c00
[  248.474692][ T9552] ntfs3(loop4): try to read out of volume at offset 0x3fffffc4c00
[  248.495966][ T9552] ntfs3(loop4): try to read out of volume at offset 0x3fffffc8c00
[  248.507445][ T9552] ntfs3(loop4): try to read out of volume at offset 0x3fffffd0c00
[  248.686732][ T9562] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.735254][ T9562] ext4 filesystem being mounted at /108/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  248.751538][ T5946] usb 2-1: USB disconnect, device number 7
[  248.807567][ T5946] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  248.880364][ T5946] cyberjack 2-1:0.69: device disconnected
[  248.981846][ T7469] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.059900][   T30] audit: type=1326 audit(1752070216.971:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.5.1368" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f096e58e929 code=0x0
[  250.019495][   T24] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[  250.138092][ T9607] loop6: detected capacity change from 0 to 256
[  250.230711][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  250.307178][   T24] usb 2-1: New USB device found, idVendor=1b96, idProduct=000e, bcdDevice= 0.00
[  250.346187][ T9607] FAT-fs (loop6): Directory bread(block 64) failed
[  250.356340][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.415556][ T9607] FAT-fs (loop6): Directory bread(block 65) failed
[  250.453555][ T9607] FAT-fs (loop6): Directory bread(block 66) failed
[  250.491812][   T24] usb 2-1: config 0 descriptor??
[  250.499447][ T9607] FAT-fs (loop6): Directory bread(block 67) failed
[  250.506760][ T9607] FAT-fs (loop6): Directory bread(block 68) failed
[  250.541012][ T9596] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  250.586470][ T9607] FAT-fs (loop6): Directory bread(block 69) failed
[  250.630288][ T9607] FAT-fs (loop6): Directory bread(block 70) failed
[  250.658904][ T9607] FAT-fs (loop6): Directory bread(block 71) failed
[  250.684385][ T9620] loop4: detected capacity change from 0 to 512
[  250.699588][ T9607] FAT-fs (loop6): Directory bread(block 72) failed
[  250.726543][ T9607] FAT-fs (loop6): Directory bread(block 73) failed
[  250.795485][ T9620] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1385: casefold flag without casefold feature
[  250.856455][ T9624] loop5: detected capacity change from 0 to 2048
[  250.922488][ T9620] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1385: couldn't read orphan inode 15 (err -117)
[  250.952489][ T9583] loop2: detected capacity change from 0 to 32768
[  250.976471][ T9624] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  250.978043][ T9620] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.063902][   T24] ntrig 0003:1B96:000E.0015: unbalanced delimiter at end of report description
[  251.102843][   T24] ntrig 0003:1B96:000E.0015: parse failed
[  251.113835][ T9607] syz.6.1379: attempt to access beyond end of device
[  251.113835][ T9607] loop6: rw=2051, sector=1224, nr_sectors = 64 limit=256
[  251.116231][   T24] ntrig 0003:1B96:000E.0015: probe with driver ntrig failed with error -22
[  251.139568][ T9583] JBD2: Ignoring recovery information on journal
[  251.175646][ T7689] udevd[7689]: incorrect nilfs2 checksum on /dev/loop5
[  251.199581][ T9631] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  251.226599][ T8814] udevd[8814]: incorrect nilfs2 checksum on /dev/loop5
[  251.385486][ T9583] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  251.393221][ T5986] usb 2-1: USB disconnect, device number 8
[  251.537451][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.580954][ T9583] (syz.2.1372,9583,0):ocfs2_group_add:495 ERROR: The disk is too old and small. Force to do offline resize.
[  251.787447][ T9640] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1390'.
[  251.840738][ T5841] ocfs2: Unmounting device (7,2) on (node local)
[  252.069984][ T9647] bpf: Bad value for 'uid'
[  252.443199][   T51] Bluetooth: hci5: command 0x0406 tx timeout
[  253.240463][ T9689] syz.4.1410 uses old SIOCAX25GETINFO
[  253.245801][ T9692] netlink: 332 bytes leftover after parsing attributes in process `syz.2.1411'.
[  253.315752][ T9692] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1411'.
[  253.378777][ T9692] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1411'.
[  253.467905][ T9700] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1415'.
[  253.520677][ T9700] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1415'.
[  253.600062][ T9700] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1415'.
[  253.665570][ T9700] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1415'.
[  254.229378][ T5986] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  254.434556][ T5986] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  254.467876][ T5986] usb 5-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00
[  254.509022][ T5986] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.555121][ T5986] usb 5-1: config 0 descriptor??
[  254.959362][   T30] audit: type=1326 audit(1752070222.861:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9750 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c04b8e929 code=0x7ffc0000
[  255.029742][ T5986] logitech-djreceiver 0003:046D:C71F.0016: unbalanced collection at end of report description
[  255.067329][   T30] audit: type=1326 audit(1752070222.861:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9750 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c04b8e929 code=0x7ffc0000
[  255.080561][ T5986] logitech-djreceiver 0003:046D:C71F.0016: logi_dj_probe: parse failed
[  255.131527][ T5986] logitech-djreceiver 0003:046D:C71F.0016: probe with driver logitech-djreceiver failed with error -22
[  255.187596][   T30] audit: type=1326 audit(1752070222.891:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9750 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f7c04b8e929 code=0x7ffc0000
[  255.303956][ T5918] usb 5-1: USB disconnect, device number 13
[  255.340865][   T30] audit: type=1326 audit(1752070222.891:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9750 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c04b8e929 code=0x7ffc0000
[  255.368200][ T9766] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1440'.
[  255.429812][   T30] audit: type=1326 audit(1752070222.901:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9750 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f7c04b8e929 code=0x7ffc0000
[  255.449648][ T9763] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1440'.
[  255.488304][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  255.499540][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  255.568306][   T30] audit: type=1326 audit(1752070222.901:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9750 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c04b8e929 code=0x7ffc0000
[  255.592090][ T9771] loop5: detected capacity change from 0 to 512
[  255.634441][   T30] audit: type=1326 audit(1752070222.901:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9750 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c04b8e929 code=0x7ffc0000
[  255.638399][ T9771] EXT4-fs: Ignoring removed bh option
[  255.707807][ T9771] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  255.849527][ T9771] EXT4-fs (loop5): 1 truncate cleaned up
[  255.901001][ T9771] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.978327][   T30] audit: type=1800 audit(1752070223.881:1860): pid=9771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1442" name="file0" dev="loop5" ino=13 res=0 errno=0
[  256.199173][ T5842] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.318710][ T9769] loop1: detected capacity change from 0 to 32768
[  256.341767][ T9785] loop4: detected capacity change from 0 to 512
[  256.387981][ T9785] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1450: iget: bad extended attribute block 1
[  256.474290][ T9769] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  256.515219][ T9785] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1450: couldn't read orphan inode 15 (err -117)
[  256.594836][ T9785] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.808521][ T5847] ocfs2: Unmounting device (7,1) on (node local)
[  256.823084][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.098280][ T9803] loop4: detected capacity change from 0 to 256
[  257.186354][ T9779] loop6: detected capacity change from 0 to 40427
[  257.228330][ T9803] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d)
[  257.254638][ T9779] F2FS-fs (loop6): invalid crc value
[  257.674131][ T9779] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  257.889907][ T9826] loop2: detected capacity change from 0 to 512
[  258.012011][ T9826] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.066330][ T9834] loop5: detected capacity change from 0 to 64
[  258.080600][ T9826] ext4 filesystem being mounted at /284/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  258.200264][ T9831] loop4: detected capacity change from 0 to 4096
[  258.351147][ T9840] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  258.441764][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.643600][ T9844] loop1: detected capacity change from 0 to 256
[  259.355733][ T9860] loop1: detected capacity change from 0 to 2048
[  259.455965][ T9860] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  260.333147][ T9897] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1492'.
[  260.334265][ T9894] mkiss: ax0: crc mode is auto.
[  260.590262][ T9903] loop6: detected capacity change from 0 to 2048
[  260.633320][ T9903] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found!
[  260.653494][ T9907] loop5: detected capacity change from 0 to 64
[  260.691973][ T9903] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  260.881505][ T9910] overlayfs: upper fs needs to support d_type.
[  260.946469][ T9910] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  260.969212][ T9910] overlayfs: failed to set xattr on upper
[  260.999409][ T9910] overlayfs: ...falling back to redirect_dir=nofollow.
[  261.049503][ T9910] overlayfs: ...falling back to index=off.
[  261.089314][ T9910] overlayfs: ...falling back to uuid=null.
[  261.309577][ T6025] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  261.345439][ T7469] UDF-fs: error (device loop6): udf_read_inode: (ino 1317) failed !bh
[  261.390184][ T7469] UDF-fs: error (device loop6): udf_read_inode: (ino 1317) failed !bh
[  261.505444][ T6025] usb 6-1: Using ep0 maxpacket: 32
[  261.520945][ T6025] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  261.539941][ T6025] usb 6-1: config 0 has no interface number 0
[  261.546155][ T6025] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  261.588599][ T6025] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  261.638012][ T6025] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  261.663245][ T6025] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.685263][ T9926] loop2: detected capacity change from 0 to 4096
[  261.700650][ T6025] usb 6-1: config 0 descriptor??
[  261.795395][ T9926] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  261.931689][ T9926] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  261.990134][ T9935] netlink: 204 bytes leftover after parsing attributes in process `syz.4.1510'.
[  262.022127][ T9935] netlink: 'syz.4.1510': attribute type 3 has an invalid length.
[  262.160036][ T6025] ft260 0003:0403:6030.0017: item fetching failed at offset 0/2
[  262.183396][ T6025] ft260 0003:0403:6030.0017: failed to parse HID
[  262.198667][ T6025] ft260 0003:0403:6030.0017: probe with driver ft260 failed with error -22
[  262.335601][   T67] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.385788][ T6025] usb 6-1: USB disconnect, device number 8
[  262.613965][   T67] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.765860][   T67] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.788919][ T9928] loop1: detected capacity change from 0 to 32768
[  262.862729][ T9928] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  263.099195][ T9928] XFS (loop1): Ending clean mount
[  263.116865][   T67] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.184177][ T9928] XFS (loop1): Quotacheck needed: Please wait.
[  263.263135][ T9958] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  263.373802][ T9928] XFS (loop1): Quotacheck: Done.
[  263.521500][ T9967] netlink: 'syz.5.1518': attribute type 27 has an invalid length.
[  263.666327][ T9972] use of bytesused == 0 is deprecated and will be removed in the future,
[  263.719518][ T9972] use the actual size instead.
[  263.886582][ T5847] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  264.181531][   T67] bridge_slave_1: left allmulticast mode
[  264.207567][   T67] bridge_slave_1: left promiscuous mode
[  264.239792][   T67] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.371119][   T67] bridge_slave_0: left allmulticast mode
[  264.404568][   T67] bridge_slave_0: left promiscuous mode
[  264.431733][   T67] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.559562][   T51] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  264.614335][   T51] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  264.628834][   T51] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  264.640738][   T51] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  264.656929][   T51] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  264.962911][T10001] loop1: detected capacity change from 0 to 1024
[  265.192262][   T30] audit: type=1800 audit(1752070233.091:1861): pid=10001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1523" name="file2" dev="loop1" ino=0 res=0 errno=0
[  265.583669][T10013] loop1: detected capacity change from 0 to 8
[  265.738313][ T9989] loop5: detected capacity change from 0 to 32768
[  265.904486][ T9989] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  265.950861][ T9989] (syz.5.1528,9989,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=0, inode=65, rec_len=16, name_len=8
[  266.158292][ T5210] udevd[5210]: worker [7689] terminated by signal 33 (Unknown signal 33)
[  266.167137][ T9998] loop4: detected capacity change from 0 to 32768
[  266.195380][ T5842] ocfs2: Unmounting device (7,5) on (node local)
[  266.234359][ T5210] udevd[5210]: worker [7689] failed while handling '/devices/virtual/block/loop5'
[  266.775892][ T5860] Bluetooth: hci6: command tx timeout
[  267.231676][T10051] loop5: detected capacity change from 0 to 256
[  267.358444][T10051] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  267.419325][T10051] FAT-fs (loop5): Filesystem has been set read-only
[  267.472012][T10056] loop7: detected capacity change from 0 to 736
[  267.488607][T10036] loop1: detected capacity change from 0 to 32768
[  267.519579][T10051] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  267.540931][T10036] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1548 (10036)
[  267.547431][T10051] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  267.615393][T10051] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  267.635586][T10036] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  267.655632][T10051] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  267.665824][T10036] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  267.700824][T10051] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  267.739145][T10051] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  267.759448][   T67] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  267.785871][T10051] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  267.824452][T10051] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  267.847397][   T67] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  267.872006][T10051] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  267.948738][   T67] bond0 (unregistering): Released all slaves
[  267.966169][T10036] BTRFS info (device loop1): rebuilding free space tree
[  267.976871][   T30] audit: type=1800 audit(1752070235.881:1862): pid=10051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1554" name="file1" dev="loop5" ino=1048726 res=0 errno=0
[  268.123613][T10036] BTRFS info (device loop1): disabling free space tree
[  268.189912][T10036] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  268.208030][T10038] loop2: detected capacity change from 0 to 32768
[  268.240284][T10036] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  268.476728][T10038] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  268.842539][ T5860] Bluetooth: hci6: command tx timeout
[  268.853845][ T5841] (syz-executor,5841,1):ocfs2_inode_is_valid_to_delete:886 ERROR: Skipping delete of system file 76
[  268.945180][ T5847] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  269.040508][ T5841] ocfs2: Unmounting device (7,2) on (node local)
[  270.034316][T10087] loop7: detected capacity change from 0 to 32768
[  270.093453][T10087] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.1561 (10087)
[  270.177982][T10087] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  270.257862][T10087] BTRFS info (device loop7): using crc32c (crc32c-x86_64) checksum algorithm
[  270.304357][T10087] BTRFS info (device loop7): using free-space-tree
[  270.331148][T10120] pim6reg: entered allmulticast mode
[  270.376908][T10125] pim6reg: left allmulticast mode
[  270.526710][T10141] loop5: detected capacity change from 0 to 256
[  270.580620][T10141] exfat: Deprecated parameter 'namecase'
[  270.699707][T10087] BTRFS info (device loop7): rebuilding free space tree
[  270.744821][ T9988] chnl_net:caif_netlink_parms(): no params data found
[  270.881538][T10141] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  270.920844][ T5860] Bluetooth: hci6: command tx timeout
[  270.931191][   T67] hsr_slave_0: left promiscuous mode
[  270.994995][   T67] hsr_slave_1: left promiscuous mode
[  271.013420][   T67] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.054577][   T67] batman_adv: batadv0: Removing interface: batadv_slave_0
[  271.131781][   T67] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.156931][ T8863] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  271.188309][   T67] batman_adv: batadv0: Removing interface: batadv_slave_1
[  271.259449][ T6025] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  271.331605][   T67] veth1_macvtap: left promiscuous mode
[  271.369626][   T67] veth0_macvtap: left promiscuous mode
[  271.375393][   T67] veth1_vlan: left promiscuous mode
[  271.432256][   T67] veth0_vlan: left promiscuous mode
[  271.464202][ T6025] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  271.500291][ T6025] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  271.554726][ T6025] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  271.617310][ T6025] usb 5-1: New USB device found, idVendor=12ba, idProduct=0100, bcdDevice= 0.00
[  271.649693][ T6025] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.711718][ T6025] usb 5-1: config 0 descriptor??
[  272.139929][ T6025] sony 0003:12BA:0100.0018: item fetching failed at offset 5/7
[  272.182517][ T6025] sony 0003:12BA:0100.0018: parse failed
[  272.188315][ T6025] sony 0003:12BA:0100.0018: probe with driver sony failed with error -22
[  272.345748][ T6025] usb 5-1: USB disconnect, device number 14
[  272.383118][T10184] loop1: detected capacity change from 0 to 256
[  272.430375][T10184] exfat: Deprecated parameter 'namecase'
[  272.451596][T10184] exfat: Deprecated parameter 'utf8'
[  272.467314][T10184] exfat: Deprecated parameter 'utf8'
[  272.487692][T10184] exfat: Deprecated parameter 'namecase'
[  272.552914][T10184] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  272.999504][ T5860] Bluetooth: hci6: command tx timeout
[  273.619926][   T67] team0 (unregistering): Port device team_slave_1 removed
[  274.220107][   T67] team0 (unregistering): Port device team_slave_0 removed
[  274.291436][ T5919] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  274.314032][T10217] loop2: detected capacity change from 0 to 65536
[  274.392955][T10217] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  274.412617][T10217] XFS (loop2): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  274.461880][ T5919] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  274.472626][T10217] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x40.
[  274.489478][ T5919] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  274.521572][T10217] XFS (loop2): Starting recovery (logdev: internal)
[  274.523388][ T5919] usb 2-1: New USB device found, idVendor=05ac, idProduct=0264, bcdDevice= 0.00
[  274.552634][T10217] XFS (loop2): Ending recovery (logdev: internal)
[  274.559525][ T5919] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.595628][T10217] XFS (loop2): Quotacheck needed: Please wait.
[  274.636872][ T5919] usb 2-1: config 0 descriptor??
[  274.655787][T10222] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  274.684189][T10217] XFS (loop2): Quotacheck: Done.
[  274.787031][ T5841] XFS (loop2): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  274.788407][T10236] [U] 	
[  275.150564][ T5946] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  275.176150][ T5919] apple 0003:05AC:0264.0019: hidraw0: USB HID vff.fa Device [HID 05ac:0264] on usb-dummy_hcd.1-1/input0
[  275.321992][ T5946] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  275.352895][ T5946] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  275.373526][ T5946] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  275.376960][   T24] usb 2-1: USB disconnect, device number 9
[  275.420449][ T5946] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.443564][T10239] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  275.537293][ T5946] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  275.729489][T10239] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  275.736421][T10239] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  275.800218][T10239] vhci_hcd vhci_hcd.0: Device attached
[  275.879024][T10243] vhci_hcd: connection closed
[  275.883103][   T49] vhci_hcd: stop threads
[  275.936009][   T49] vhci_hcd: release socket
[  275.947834][   T49] vhci_hcd: disconnect device
[  275.955079][ T5919] usb 5-1: USB disconnect, device number 15
[  275.962740][ T5946] vhci_hcd: vhci_device speed not set
[  276.584485][T10267] loop2: detected capacity change from 0 to 256
[  276.785524][T10267] FAT-fs (loop2): Directory bread(block 64) failed
[  276.798887][T10267] FAT-fs (loop2): Directory bread(block 65) failed
[  276.820068][T10267] FAT-fs (loop2): Directory bread(block 66) failed
[  276.839606][ T9988] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.847822][ T9988] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.850304][T10267] FAT-fs (loop2): Directory bread(block 67) failed
[  276.897613][T10267] FAT-fs (loop2): Directory bread(block 68) failed
[  276.899689][ T9988] bridge_slave_0: entered allmulticast mode
[  276.917530][T10267] FAT-fs (loop2): Directory bread(block 69) failed
[  276.969133][T10267] FAT-fs (loop2): Directory bread(block 70) failed
[  276.975714][T10267] FAT-fs (loop2): Directory bread(block 71) failed
[  277.005542][ T9988] bridge_slave_0: entered promiscuous mode
[  277.014993][T10267] FAT-fs (loop2): Directory bread(block 72) failed
[  277.027556][ T9988] bridge0: port 2(bridge_slave_1) entered blocking state
[  277.055157][ T9988] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.056135][T10267] FAT-fs (loop2): Directory bread(block 73) failed
[  277.089840][ T9988] bridge_slave_1: entered allmulticast mode
[  277.097770][ T9988] bridge_slave_1: entered promiscuous mode
[  277.291948][ T9988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  277.306475][ T9988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  277.582767][T10275] Invalid ELF header magic: != ELF
[  277.583935][T10256] loop1: detected capacity change from 0 to 32768
[  277.674309][ T9988] team0: Port device team_slave_0 added
[  277.737812][ T9988] team0: Port device team_slave_1 added
[  277.848361][   T12] read_mapping_page failed!
[  277.881768][   T12] ERROR: (device loop1): txCommit: 
[  277.881768][   T12] 
[  277.948154][   T12] ERROR: (device loop1): remounting filesystem as read-only
[  277.989368][   T12] jfs_write_inode: jfs_commit_inode failed!
[  278.153990][ T9988] batman_adv: batadv0: Adding interface: batadv_slave_0
[  278.194893][ T9988] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.257628][ T9988] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  278.339763][T10291] tipc: Started in network mode
[  278.349154][T10291] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  278.436843][T10291] tipc: Enabled bearer <udp:syz0>, priority 10
[  278.462869][T10296] netlink: 'syz.4.1634': attribute type 3 has an invalid length.
[  278.504735][ T9988] batman_adv: batadv0: Adding interface: batadv_slave_1
[  278.539469][ T9988] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.625001][ T9988] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  278.777521][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  278.787002][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  278.797218][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  278.806007][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  278.816062][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  279.064064][T10316] loop1: detected capacity change from 0 to 256
[  279.101192][T10316] exfat: Deprecated parameter 'namecase'
[  279.106901][T10316] exfat: Deprecated parameter 'namecase'
[  279.185742][ T9988] hsr_slave_0: entered promiscuous mode
[  279.218092][T10316] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  279.243136][ T9988] hsr_slave_1: entered promiscuous mode
[  279.264887][ T9988] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  279.277800][ T9988] Cannot create hsr debugfs directory
[  279.360070][T10316] exFAT-fs (loop1): error, data size is invalid(16777215)
[  279.539678][ T5946] tipc: Node number set to 1
[  279.730437][   T67] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.946877][T10304] loop7: detected capacity change from 0 to 32768
[  280.372442][   T67] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.586046][   T24] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  280.723292][   T67] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.796785][T10355] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  280.829111][   T24] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  280.853862][   T24] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  280.889111][   T24] usb 2-1: config 0 interface 0 has no altsetting 0
[  280.910543][   T24] usb 2-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[  280.921289][   T51] Bluetooth: hci2: command tx timeout
[  280.949342][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.962377][   T24] usb 2-1: config 0 descriptor??
[  281.068749][   T67] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.792271][   T67] bridge_slave_1: left allmulticast mode
[  281.822226][   T67] bridge_slave_1: left promiscuous mode
[  281.857812][   T67] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.927618][   T67] bridge_slave_0: left allmulticast mode
[  281.960283][   T67] bridge_slave_0: left promiscuous mode
[  281.989886][   T67] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.190843][   T24] hid-alps 0003:044E:120B.001A: unknown main item tag 0x0
[  282.198039][   T24] hid-alps 0003:044E:120B.001A: unknown main item tag 0x0
[  282.205252][   T24] hid-alps 0003:044E:120B.001A: unknown main item tag 0x0
[  282.212737][   T24] hid-alps 0003:044E:120B.001A: unknown main item tag 0x0
[  282.220110][   T24] hid-alps 0003:044E:120B.001A: unknown main item tag 0x0
[  282.227252][   T24] hid-alps 0003:044E:120B.001A: unknown main item tag 0x0
[  282.234442][   T24] hid-alps 0003:044E:120B.001A: unknown main item tag 0x0
[  282.351450][T10345] loop7: detected capacity change from 0 to 40427
[  282.411873][T10345] F2FS-fs (loop7): build fault injection rate: 690
[  282.434225][   T24] hid-alps 0003:044E:120B.001A: unknown main item tag 0x0
[  282.441472][   T24] hid-alps 0003:044E:120B.001A: unknown main item tag 0x0
[  282.448609][   T24] hid-alps 0003:044E:120B.001A: unknown main item tag 0x0
[  282.456647][T10361] loop4: detected capacity change from 0 to 131072
[  282.465360][   T24] hid-alps 0003:044E:120B.001A: unknown main item tag 0x0
[  282.472546][T10361] F2FS-fs (loop4): Wrong CP boundary, start(512) end(1536) blocks(0)
[  282.473821][T10345] F2FS-fs (loop7): Image doesn't support compression
[  282.482173][T10361] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  282.516066][   T24] hid-alps 0003:044E:120B.001A: hidraw0: USB HID v0.00 Device [HID 044e:120b] on usb-dummy_hcd.1-1/input0
[  282.540198][T10361] F2FS-fs (loop4): invalid journal entries nats 0 sits 64
[  282.547366][T10361] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-22)
[  282.576736][T10345] F2FS-fs (loop7): Image doesn't support compression
[  282.617201][T10345] F2FS-fs (loop7): invalid crc value
[  282.624539][   T24] usb 2-1: USB disconnect, device number 10
[  282.887420][T10380] loop1: detected capacity change from 0 to 64
[  283.009542][   T51] Bluetooth: hci2: command tx timeout
[  283.214213][T10345] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  283.390505][ T8863] syz-executor: attempt to access beyond end of device
[  283.390505][ T8863] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  283.471261][ T8863] CPU: 0 UID: 0 PID: 8863 Comm: syz-executor Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  283.471299][ T8863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  283.471315][ T8863] Call Trace:
[  283.471324][ T8863]  <TASK>
[  283.471334][ T8863]  dump_stack_lvl+0x189/0x250
[  283.471374][ T8863]  ? __pfx_dump_stack_lvl+0x10/0x10
[  283.471402][ T8863]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  283.471440][ T8863]  ? __pfx_queue_work_on+0x10/0x10
[  283.471473][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.471502][ T8863]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  283.471539][ T8863]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  283.471584][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.471612][ T8863]  ? f2fs_hw_is_readonly+0x39b/0x470
[  283.471655][ T8863]  f2fs_handle_critical_error+0x37c/0x540
[  283.471701][ T8863]  f2fs_write_end_io+0x495/0x810
[  283.471723][ T8863]  ? blkg_put+0x22/0x240
[  283.471774][ T8863]  __submit_merged_bio+0x27a/0x6a0
[  283.471819][ T8863]  __submit_merged_write_cond+0x255/0x530
[  283.471864][ T8863]  f2fs_write_data_pages+0x261d/0x3000
[  283.471903][ T8863]  ? __lock_acquire+0xab9/0xd20
[  283.471968][ T8863]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  283.472023][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.472087][ T8863]  ? __mod_zone_page_state+0xd7/0x140
[  283.472128][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.472156][ T8863]  ? folios_put_refs+0x560/0x640
[  283.472210][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.472239][ T8863]  ? __lock_acquire+0xab9/0xd20
[  283.472274][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.472302][ T8863]  ? do_raw_spin_lock+0x121/0x290
[  283.472346][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.472379][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.472408][ T8863]  ? do_raw_spin_unlock+0x122/0x240
[  283.472445][ T8863]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  283.472488][ T8863]  do_writepages+0x32e/0x550
[  283.472522][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.472556][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.472590][ T8863]  ? do_raw_spin_unlock+0x122/0x240
[  283.472633][ T8863]  filemap_fdatawrite+0x191/0x230
[  283.472664][ T8863]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  283.472743][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.472777][ T8863]  ? do_raw_spin_unlock+0x122/0x240
[  283.472821][ T8863]  f2fs_sync_dirty_inodes+0x31f/0x830
[  283.472865][ T8863]  f2fs_write_checkpoint+0x94a/0x1de0
[  283.472919][ T8863]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  283.473002][ T8863]  ? kill_f2fs_super+0x298/0x6c0
[  283.473034][ T8863]  kill_f2fs_super+0x2c3/0x6c0
[  283.473067][ T8863]  ? __pfx_kill_f2fs_super+0x10/0x10
[  283.473091][ T8863]  ? radix_tree_delete_item+0x2b6/0x400
[  283.473138][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.473167][ T8863]  ? shrinker_free+0x2ce/0x3e0
[  283.473208][ T8863]  deactivate_locked_super+0xbc/0x130
[  283.473237][ T8863]  cleanup_mnt+0x425/0x4c0
[  283.473259][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.473288][ T8863]  ? lockdep_hardirqs_on+0x9c/0x150
[  283.473331][ T8863]  task_work_run+0x1d4/0x260
[  283.473376][ T8863]  ? __pfx_task_work_run+0x10/0x10
[  283.473413][ T8863]  ? __x64_sys_umount+0x122/0x160
[  283.473450][ T8863]  ? exit_to_user_mode_loop+0x40/0x110
[  283.473482][ T8863]  exit_to_user_mode_loop+0xec/0x110
[  283.473510][ T8863]  do_syscall_64+0x2bd/0x3b0
[  283.473533][ T8863]  ? lockdep_hardirqs_on+0x9c/0x150
[  283.473572][ T8863]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.473601][ T8863]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.473629][ T8863]  ? exc_page_fault+0x9f/0xf0
[  283.473671][ T8863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.473695][ T8863] RIP: 0033:0x7fc34c78fc57
[  283.473718][ T8863] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  283.473738][ T8863] RSP: 002b:00007ffff92e06e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  283.473764][ T8863] RAX: 0000000000000000 RBX: 00007fc34c810925 RCX: 00007fc34c78fc57
[  283.473781][ T8863] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffff92e07a0
[  283.473797][ T8863] RBP: 00007ffff92e07a0 R08: 0000000000000000 R09: 0000000000000000
[  283.473813][ T8863] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffff92e1830
[  283.473830][ T8863] R13: 00007fc34c810925 R14: 0000000000045098 R15: 00007ffff92e1870
[  283.473869][ T8863]  </TASK>
[  283.473879][ T8863] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  283.813703][T10383] fido_id[10383]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  284.039487][   T24] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  284.212586][   T24] usb 5-1: Using ep0 maxpacket: 32
[  284.228788][   T24] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  284.267468][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  284.295860][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  284.328387][   T24] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  284.367031][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.384445][   T24] usb 5-1: config 0 descriptor??
[  284.397506][T10390] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  284.409378][   T24] hub 5-1:0.0: USB hub found
[  284.639620][   T24] hub 5-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  284.707780][   T67] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  284.740294][   T67] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  284.765523][   T67] bond0 (unregistering): Released all slaves
[  284.844405][   T24] usbhid 5-1:0.0: can't add hid device: -71
[  284.864369][   T24] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  284.939414][   T24] usb 5-1: USB disconnect, device number 16
[  285.090121][   T51] Bluetooth: hci2: command tx timeout
[  285.365166][T10396] loop1: detected capacity change from 0 to 32768
[  285.476884][T10396] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  285.653390][T10396] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  285.916003][T10429] program syz.7.1673 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  285.940343][T10306] chnl_net:caif_netlink_parms(): no params data found
[  286.002844][ T5847] ocfs2: Unmounting device (7,1) on (node local)
[  286.025169][T10431] program syz.7.1673 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  286.090008][T10431] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  286.437617][T10437] loop4: detected capacity change from 0 to 2048
[  286.495272][T10440] loop7: detected capacity change from 0 to 2048
[  286.513196][T10437] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  286.555953][ T8814] udevd[8814]: incorrect nilfs2 checksum on /dev/loop4
[  286.600481][T10443] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  286.646663][T10444] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  286.729189][   T30] audit: type=1800 audit(1752070254.631:1863): pid=10440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1678" name="file2" dev="loop7" ino=16 res=0 errno=0
[  286.801436][T10440] NILFS error (device loop7): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  286.817450][ T9988] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  286.885650][T10448] loop2: detected capacity change from 0 to 512
[  286.900168][T10440] Remounting filesystem read-only
[  286.972879][T10448] EXT4-fs (loop2): orphan cleanup on readonly fs
[  287.013730][ T9988] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  287.029894][T10448] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[  287.038874][T10448] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  287.094600][T10448] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.1679: attempt to clear invalid blocks 2 len 1
[  287.115388][T10448] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1679: invalid indirect mapped block 1819239214 (level 0)
[  287.155568][T10448] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1679: invalid indirect mapped block 1819239214 (level 1)
[  287.166391][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  287.176702][   T51] Bluetooth: hci2: command tx timeout
[  287.223057][T10448] EXT4-fs (loop2): 1 truncate cleaned up
[  287.232119][   T67] hsr_slave_0: left promiscuous mode
[  287.270711][T10448] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  287.290210][   T67] hsr_slave_1: left promiscuous mode
[  287.296985][   T67] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  287.317672][   T67] batman_adv: batadv0: Removing interface: batadv_slave_0
[  287.343136][   T67] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  287.367509][   T67] batman_adv: batadv0: Removing interface: batadv_slave_1
[  287.397178][T10448] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  287.427854][T10448] EXT4-fs error (device loop2): __ext4_remount:6736: comm syz.2.1679: Abort forced by user
[  287.450052][   T67] veth1_macvtap: left promiscuous mode
[  287.456090][   T67] veth0_macvtap: left promiscuous mode
[  287.462203][T10448] EXT4-fs (loop2): Remounting filesystem read-only
[  287.470078][   T67] veth1_vlan: left promiscuous mode
[  287.475425][T10448] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  287.478389][   T67] veth0_vlan: left promiscuous mode
[  287.617191][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.656683][   T67] team0 (unregistering): Port device team_slave_1 removed
[  288.737628][   T67] team0 (unregistering): Port device team_slave_0 removed
[  288.793266][T10485] loop2: detected capacity change from 0 to 32768
[  288.811595][T10485] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1693 (10485)
[  288.837765][T10485] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  288.851554][T10485] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm
[  288.923566][T10485] BTRFS info (device loop2): rebuilding free space tree
[  288.974845][T10485] BTRFS info (device loop2): disabling free space tree
[  288.983714][T10485] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  289.004332][T10485] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  289.200404][ T5841] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  289.588439][T10503] loop2: detected capacity change from 0 to 512
[  289.655362][T10503] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.699162][T10503] ext4 filesystem being mounted at /345/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  289.748921][T10503] EXT4-fs warning (device loop2): verify_group_input:137: Cannot add at group 25 (only 1 groups)
[  289.811558][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.994405][ T9988] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  290.386410][ T9988] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  290.470208][T10306] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.487204][T10306] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.510795][T10306] bridge_slave_0: entered allmulticast mode
[  290.537582][T10306] bridge_slave_0: entered promiscuous mode
[  290.545979][T10524] loop2: detected capacity change from 0 to 1024
[  290.567192][T10306] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.591097][T10306] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.627845][T10524] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  290.638572][T10306] bridge_slave_1: entered allmulticast mode
[  290.680854][   T31] INFO: task syz-executor:5857 blocked for more than 143 seconds.
[  290.694768][T10524] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  290.699802][T10306] bridge_slave_1: entered promiscuous mode
[  290.726527][   T31]       Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0
[  290.745911][T10524] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  290.773523][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  290.790244][   T31] task:syz-executor    state:D stack:21960 pid:5857  tgid:5857  ppid:1      task_flags:0x400140 flags:0x00004004
[  290.796369][T10524] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.1700: lblock 2 mapped to illegal pblock 2 (length 1)
[  290.813046][   T31] Call Trace:
[  290.826777][   T31]  <TASK>
[  290.830270][   T31]  __schedule+0x16f5/0x4d00
[  290.834905][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  290.841389][   T31]  ? schedule+0x165/0x360
[  290.845829][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  290.852612][   T31]  ? __pfx___schedule+0x10/0x10
[  290.857610][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  290.867712][   T31]  ? schedule+0x91/0x360
[  290.877865][   T31]  schedule+0x165/0x360
[  290.883633][   T31]  io_schedule+0x80/0xd0
[  290.888052][   T31]  folio_wait_bit_common+0x6b0/0xb90
[  290.895394][T10524] EXT4-fs (loop2): Remounting filesystem read-only
[  290.909520][   T31]  ? __pfx_folio_wait_bit_common+0x10/0x10
[  290.925983][T10524] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  290.937449][   T31]  ? __pfx_wake_page_function+0x10/0x10
[  290.943992][T10524] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  290.959099][   T31]  ? folios_put_refs+0x559/0x640
[  290.964449][   T31]  ? __pfx_find_lock_entries+0x10/0x10
[  290.984499][T10524] EXT4-fs (loop2): ext4_process_orphan: deleting unreferenced inode 11
[  290.993314][   T31]  __filemap_get_folio+0x139/0xaf0
[  290.998506][   T31]  ? mlock_drain_local+0x28e/0x490
[  291.004797][T10524] EXT4-fs (loop2): 1 orphan inode deleted
[  291.014691][   T31]  truncate_inode_pages_range+0x3ed/0xda0
[  291.023803][T10524] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.041114][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  291.046873][   T31]  ? kasan_save_stack+0x4d/0x60
[  291.054260][   T31]  ? kasan_save_stack+0x3e/0x60
[  291.059830][   T31]  ? deactivate_locked_super+0xbc/0x130
[  291.065508][   T31]  ? cleanup_mnt+0x425/0x4c0
[  291.070559][   T31]  ? task_work_run+0x1d4/0x260
[  291.075365][   T31]  ? exit_to_user_mode_loop+0xec/0x110
[  291.083290][   T31]  ? do_syscall_64+0x2bd/0x3b0
[  291.088089][   T31]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  291.095223][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  291.101251][   T31]  ? __lock_acquire+0xab9/0xd20
[  291.106339][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  291.111967][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  291.117374][   T31]  evict+0x517/0x9c0
[  291.122044][   T31]  ? __pfx_evict+0x10/0x10
[  291.126567][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  291.138201][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  291.146536][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  291.166559][   T31]  evict_inodes+0x636/0x6c0
[  291.174654][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  291.188013][   T31]  ? __pfx_evict_inodes+0x10/0x10
[  291.195661][   T31]  generic_shutdown_super+0x9a/0x2c0
[  291.206193][   T31]  kill_block_super+0x44/0x90
[  291.213208][   T31]  deactivate_locked_super+0xbc/0x130
[  291.218777][   T31]  cleanup_mnt+0x425/0x4c0
[  291.228464][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  291.236234][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  291.251381][   T31]  task_work_run+0x1d4/0x260
[  291.266327][   T31]  ? __pfx_task_work_run+0x10/0x10
[  291.275225][   T31]  ? __x64_sys_umount+0x122/0x160
[  291.286313][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  291.292229][   T31]  exit_to_user_mode_loop+0xec/0x110
[  291.297699][   T31]  do_syscall_64+0x2bd/0x3b0
[  291.303343][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  291.309227][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.318492][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  291.328223][   T31]  ? exc_page_fault+0x9f/0xf0
[  291.337343][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.356209][   T31] RIP: 0033:0x7f3a3ad8fc57
[  291.363290][   T31] RSP: 002b:00007ffe0cdea8d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  291.374015][   T31] RAX: 0000000000000000 RBX: 00007f3a3ae10925 RCX: 00007f3a3ad8fc57
[  291.382736][   T31] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe0cdea990
[  291.392196][   T31] RBP: 00007ffe0cdea990 R08: 0000000000000000 R09: 0000000000000000
[  291.401279][   T31] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe0cdeba20
[  291.410132][   T31] R13: 00007f3a3ae10925 R14: 000000000002357d R15: 00007ffe0cdeba60
[  291.418188][   T31]  </TASK>
[  291.422088][   T31] 
[  291.422088][   T31] Showing all locks held in the system:
[  291.431537][   T31] 3 locks held by kworker/u8:0/12:
[  291.439092][   T31]  #0: ffff88802f980948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  291.473791][   T31]  #1: ffffc90000117bc0 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  291.501787][   T31]  #2: ffffffff8f51d808 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x112/0x14b0
[  291.512349][   T31] 1 lock held by khungtaskd/31:
[  291.517215][   T31]  #0: ffffffff8e13f160 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  291.527826][   T31] 2 locks held by kworker/u8:2/36:
[  291.533762][   T31]  #0: ffff8880b8739f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  291.544501][   T31]  #1: ffffc90000ac7bc0 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  291.558763][   T31] 3 locks held by kworker/u8:3/49:
[  291.565069][   T31]  #0: ffff88801a481148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  291.577746][   T31]  #1: ffffc90000b97bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  291.590315][   T31]  #2: ffffffff8f51d808 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  291.600992][   T31] 5 locks held by kworker/u8:4/67:
[  291.606112][   T31]  #0: ffff88801b2f6148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  291.617844][   T31]  #1: ffffc9000211fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  291.629457][   T31]  #2: ffffffff8f510c10 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[  291.638843][   T31]  #3: ffff888079a314e8 (&wg->device_update_lock){+.+.}-{4:4}, at: wg_destruct+0x116/0x2f0
[  291.650548][   T31]  #4: ffffffff8e144c78 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730
[  291.662133][   T31] 1 lock held by dhcpcd/5505:
[  291.667489][   T31]  #0: ffffffff8f51d808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  291.678197][   T31] 2 locks held by getty/5600:
[  291.683519][   T31]  #0: ffff888034cda0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  291.695213][   T31]  #1: ffffc9000333b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  291.705940][   T31] 1 lock held by syz-executor/5857:
[  291.713019][   T31]  #0: ffff8880654120e0 (&type->s_umount_key#78){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0
[  291.724125][   T31] 3 locks held by syz-executor/9988:
[  291.730369][   T31]  #0: ffffffff8f5839b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  291.738626][   T31]  #1: ffffffff8f5837c8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  291.748228][   T31]  #2: ffffffff8f51d808 (rtnl_mutex){+.+.}-{4:4}, at: wg_set_device+0x15b/0x1fe0
[  291.757840][   T31] 3 locks held by syz-executor/10306:
[  291.763426][   T31]  #0: ffffffff8eca4d60 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  291.773844][   T31]  #1: ffffffff8f51d808 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  291.783540][   T31]  #2: ffffffff8e144c78 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  291.796025][   T31] 1 lock held by dhcpcd/10546:
[  291.801452][   T31]  #0: ffff88807896d008 (&sb->s_type->i_mutex_key#11){++++}-{4:4}, at: sock_close+0x9b/0x240
[  291.812709][   T31] 1 lock held by dhcpcd/10547:
[  291.817492][   T31]  #0: ffff88802543e808 (&sb->s_type->i_mutex_key#11){++++}-{4:4}, at: sock_close+0x9b/0x240
[  291.828488][   T31] 
[  291.831776][   T31] =============================================
[  291.831776][   T31] 
[  291.842130][   T31] NMI backtrace for cpu 0
[  291.842150][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  291.842181][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  291.842196][   T31] Call Trace:
[  291.842206][   T31]  <TASK>
[  291.842217][   T31]  dump_stack_lvl+0x189/0x250
[  291.842252][   T31]  ? __wake_up_klogd+0xd9/0x110
[  291.842289][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  291.842322][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  291.842353][   T31]  ? __pfx__printk+0x10/0x10
[  291.842386][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  291.842432][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  291.842470][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  291.842502][   T31]  ? _printk+0xcf/0x120
[  291.842541][   T31]  ? __pfx__printk+0x10/0x10
[  291.842578][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  291.842606][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  291.842644][   T31]  watchdog+0xfee/0x1030
[  291.842670][   T31]  ? watchdog+0x1de/0x1030
[  291.842707][   T31]  kthread+0x711/0x8a0
[  291.842748][   T31]  ? __pfx_watchdog+0x10/0x10
[  291.842771][   T31]  ? __pfx_kthread+0x10/0x10
[  291.842803][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  291.842836][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  291.842873][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  291.842901][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  291.842951][   T31]  ? __pfx_kthread+0x10/0x10
[  291.842989][   T31]  ret_from_fork+0x3fc/0x770
[  291.843019][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  291.843054][   T31]  ? __switch_to_asm+0x39/0x70
[  291.843087][   T31]  ? __switch_to_asm+0x33/0x70
[  291.843120][   T31]  ? __pfx_kthread+0x10/0x10
[  291.843157][   T31]  ret_from_fork_asm+0x1a/0x30
[  291.843214][   T31]  </TASK>
[  291.843259][   T31] Sending NMI from CPU 0 to CPUs 1:
[  292.046837][    C1] NMI backtrace for cpu 1
[  292.046856][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  292.046882][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  292.046896][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  292.046936][    C1] Code: 5e 3c a1 f5 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 93 2d 19 00 f3 0f 1e fa fb f4 <e9> 33 3c a1 f5 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  292.046955][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6
[  292.046975][    C1] RAX: f17a81d11c64a200 RBX: ffffffff81975c78 RCX: f17a81d11c64a200
[  292.046992][    C1] RDX: 0000000000000001 RSI: ffffffff8d998685 RDI: ffffffff8be29dc0
[  292.047008][    C1] RBP: ffffc90000197f20 R08: ffff8880b8732f5b R09: 1ffff110170e65eb
[  292.047025][    C1] R10: dffffc0000000000 R11: ffffed10170e65ec R12: ffffffff8fa1eff0
[  292.047041][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110039deb40
[  292.047059][    C1] FS:  0000000000000000(0000) GS:ffff888125d1b000(0000) knlGS:0000000000000000
[  292.047078][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  292.047093][    C1] CR2: 000055558b6765c8 CR3: 0000000077581000 CR4: 0000000000350ef0
[  292.047111][    C1] Call Trace:
[  292.047118][    C1]  <TASK>
[  292.047130][    C1]  default_idle+0x13/0x20
[  292.047153][    C1]  default_idle_call+0x74/0xb0
[  292.047178][    C1]  do_idle+0x1e8/0x510
[  292.047211][    C1]  ? __pfx_do_idle+0x10/0x10
[  292.047250][    C1]  cpu_startup_entry+0x44/0x60
[  292.047277][    C1]  start_secondary+0x101/0x110
[  292.047298][    C1]  common_startup_64+0x13e/0x147
[  292.047341][    C1]  </TASK>
[  292.133623][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  292.133647][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  292.133678][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  292.133695][   T31] Call Trace:
[  292.133707][   T31]  <TASK>
[  292.133718][   T31]  dump_stack_lvl+0x99/0x250
[  292.133756][   T31]  ? __asan_memcpy+0x40/0x70
[  292.133783][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.133815][   T31]  ? __pfx__printk+0x10/0x10
[  292.133860][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.133908][   T31]  panic+0x2db/0x790
[  292.133944][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.133986][   T31]  ? __pfx_panic+0x10/0x10
[  292.134014][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.134044][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  292.134081][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.134110][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  292.134136][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  292.134174][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.134209][   T31]  watchdog+0x102d/0x1030
[  292.134241][   T31]  ? watchdog+0x1de/0x1030
[  292.134275][   T31]  kthread+0x711/0x8a0
[  292.134322][   T31]  ? __pfx_watchdog+0x10/0x10
[  292.134345][   T31]  ? __pfx_kthread+0x10/0x10
[  292.134379][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.134413][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  292.134454][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.134484][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  292.134521][   T31]  ? __pfx_kthread+0x10/0x10
[  292.134559][   T31]  ret_from_fork+0x3fc/0x770
[  292.134595][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  292.134630][   T31]  ? __switch_to_asm+0x39/0x70
[  292.134664][   T31]  ? __switch_to_asm+0x33/0x70
[  292.134697][   T31]  ? __pfx_kthread+0x10/0x10
[  292.134735][   T31]  ret_from_fork_asm+0x1a/0x30
[  292.134789][   T31]  </TASK>
[  292.397467][   T31] Kernel Offset: disabled
[  292.401784][   T31] Rebooting in 86400 seconds..