last executing test programs:

8m3.01619704s ago: executing program 32 (id=288):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x3, 'dh\x00', 0x20, 0x7, 0x49}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e21, 0x3, 'wrr\x00', 0x4, 0x81, 0x5}, {@rand_addr=0xac1414aa, 0x4e23, 0x3, 0x1cb, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0)

7m38.718152741s ago: executing program 33 (id=350):
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000180)='./file1\x00', 0x800000, &(0x7f0000000480)=ANY=[@ANYBLOB='acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reconstruct_alloc,no_data_io,hash,\x00'], 0xfe, 0x5963, &(0x7f000000b7c0)="$eJzs3W2QXFXdIPBzu3synZm8TAJIBJkMgSiCmglvhS+l0fWtAKlQWErYKAxkgtEkpJIgEFCCCy4UYKGlpagf0EJq0WhRBatESuRlE1ZRitWltpBa3UU/8BTykBLIQ1k+zlMzfU+n507fuT09PSEhv18lc/ucvv0/5957+vb9n+6ZDgAAABwSdt+wZe85R33o118afuXaj/58w3WhtzxWX40r9KXLK1+rHrI/dVcWjS2z4+ItV//wLwOXfOBX9/T84NVda45d+4cPHnbJA589c+ft33n45bn3/fPZorhxPJ24r5y8kIRQ/cWeb3x51+NHjtYlIYRy0rc9hAXJwocXJMn4EIN/DyGsSQuLMvHvfeWUtaPL627uHlc/P7Oe8X5oq6bjbNveK04Kf3z/qut/u/gnP+7a8fz2fask1YbxFMK8ixof3xVCmJ3+HxVHWxyPccyuDCH0NDzujIJ+Hddi/5fllI9Ol7PSZW9BnHj/kky5lFkvW466MsuegvamK68f7a5XZE6mnHQobpTXz1i/IF3+LF2eOMX45fg/CaUkVOrdX5/sGyOh4bglIRk7ltV6uVQ/tiHd/kw5yZRLmXK5K7NdY+2mA62cnt1LYXx/Spn6eDqupPXHNp6rmzgvp/6N6bKaPlFfjeWQvVHTO+FGfbvGxH7tmaQv+0Op4RzUrL5+4NOD0ZvW9SYLJzxmpIl4365Vtywtr35kd19OP5J7kjR+0lb8bb9ZMOfTP7rp8uzrej3+RaU0fqmt+H8664kXL7jp+9/OjX9bjF9uK/7JD/a8cNajNyzJ3T974v6ptBV/6NnHbl18+MU7cvt/R4xfbSv+ip1PdM/d++BDuf0fjPtndlvxn3n3h/9891P3P58bP8T4PW3FX71z01e6+/eekBv/obh/etsbPy/tOP3p/v7nBvLiPxnjz20r/l3bb3/XnfNvPjP3+K6M+6evrfhnH//A9XP23n9M3rkzuaNTr5wAh6bD0musG9Nyu3nmdDXkC98aqNSu+eak/+d2sqHMxedoO/M6GR8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQghHnPQ/P/L/P9H3QiUtd6c3ninVlrF+VgjJ7BDClq1Dm7eu23jpwGcvu3zzxqH1A0NbB4Y3bt181cCpbxvYPLxp/dBVo/cOvv2U2uMWhqS2TI6Z0Hb3yMhIqW98XWzvPx2/449Lz/iXv4YweMTv+yu5/V92+4Y7D2/yMyNZMfK+DZef8/vTvpduV1/ar74m/RoZGRkJOf361/P/cefX9vzlhBAG3zBZvx575r2/HNehsYp9cVKl7lDrUHfS07Qf9V6n/Yn7q7J23frhwcn37+jjyznb8Z+vfv7va6/86j9q+7eaux0t7t/ZK0bWl7656ux//+Y1tYqifr1Wx71of8etiP2L+6+a7u956XbNy9muSs523fDbh576xVE3vbw9DFZeWjyx7aLt6koHQFfyxpbajS30JAvG1VfT9eMRj49btnXDpmVbrtr29nUbhi4dvnR44zuXn7r89MHTTj9t2diWL5vG9nc12f7Y/ptb3P79M57mf377z+LP1sZTUb+KxsNov4r3R2OP8p5/Ped9+evvvP3Rc2oVtXE+K3ecx7Xr55N02TN6nJeHhvE2cV81266i/RBCGGi2H158+cxw5P9Zd33ReajxyDT+zEhWjDy+5G/fO+O7i95Tq9gv5/nGDrV5nq/3el9/xvZXNT0eIwfo/u0O5XS7epv2a/njj3bdsvuvX6j3b9ascOXQ1q2bl9d+zkl7Oic5umm/srVxuxaP/SyHdLeE+jBtMl7D2Dmo1r/s+TOunt2rvel9vcnCptuVFe/bteqWpeXVj+zO29PJPbUWZ4e5tWXyppw112ceWK53uFn7B+rzr2h89H/ku/d94r6fnjphfJxc+1m0XUnOdv3kqbu+/oOv/tefdm67PvLeJ/r+9n8/s7RWcbCcV+q9TvuTNJ5XTg6h6Pm3ODTfjtznX6n59kx8/p02aTv71m8ebyBT7g3ltp6vJz/Y88JZj96wJPf5uqfV5+s140rlgufrgTJ+ss+vpDK+HzP3/Bo3UJIVI7+68bDtD1+78qhaRdG4rq/dbFyf0kL+kbNdv7zg6f7LBv7L/+7ceeOHb7v3wj8MrfhiraL94x770pnjXk33bzVn/9Z7HfPOxv37jksuW7+mVn/gXv+my4L8J55Ktly17XND69cPb97S2na1+noa28nu5XZfT+PZbWHBdpUmbNfM3Whlf7X6fIv9X9P2/hr/fOsNSVuvC9t+s2DOp3900+V9Ex6VNnRRKY1faiv+n8564sULbvr+t3Pj3xbjV9qKP/TsY7cuPvziHbnx70jS+NW24q/Y+UT33L0PPpQbfzD2f3Zb8Z9594f/fPdT9z+fGz/E+L3t7f+Xdpz+dH//c7nxn0zSdkavkUK495VT1tbKydh8RrWhH13j+hWy5SRTLmXK5cZyLWvf10A5ScbXx/XG6ofCsQ19aeaTOfXxKqy6qLZ8NZZD9sbk9QeaUsO5v1l9kjRUAAAcguL7//EaNL7/P5xeJ+XPNMA+083DFuXEjXnYvvmcWePuX5TGj4+P84D97wiDo8vrBmoX+lN9HyE+H7LznLGdE44bH6ONec7ZjXfkzb8vyZRjv2rz5ZWGPDQ1Ma+phBbe/5rYzuTz75nNL54fH7hxQrcGGuatssevK50xa/Z5h0x/K6MR8sZHdl4sfp6jf15YOdZei+Mj+zmaeByyn6OJ7RyVOXG2+zmaovdnisZH7PYk42Osy8Xvb0w8fmGS/bvv+DWPlj1+Uzje1dH1Z/r92Q7MGzY9pe2/ecOZfT/MvGRO/PQJdmDPG+6rj9tRSeuL5hM/kVPfqfnEeLqI/dozSV/2h8L5xHqFK2Xg4BLz//gaMZr/j16A/1tmvaLr0OxVY4yX+zmhcvP+FOUdEz+n19PW6/jqnZu+0t2/94Tc65yHWv3cz6ZxpZ6Cz/0U7celmXLhfsx52SnK97LtFO337OcyesPctvb7Xdtvf9ed828+M3e/r6xdPxXv96+PK80t2O8HQb7QPP6hkS/MyjYS7ztU8oWZnj97zfKR9INPM5WPfHxi1e++eO6R9UKr+UjPhBv17Rpz0OUjXfu3XwDAwSPm//X3z9L8///FFdLriKK89cRMOcbLzVtzrk/y8taPpcsrM+v3pr9RMdXr5rOPf+D6OXvvPyY3b7mj1Tz0v40r9RXmodPLm3PziJUtfF68a2JD8b6YZ+XmEfU8a3p5Ym7/63ni9PL03Pj1PH16eXTu/qnn0dObB8iNX58HONjz3IL5ukxjsdjqfN3rNo9Of312pvLo83Lqp/q+Xu+EG/XtGiOPBgB4bcX8P17Gxfz/0cx6032fPTcv6Mh1e+W57N8Dqcd/cn/llTOd9+XnrbObtFHfPy3nrTOd10/v86LF8xIHe1480/NCMztPdsjnxWmj8mIAAA5kMf+Pv4ycn/9PLz9plr91jctPXr/5+WTx5ecHS35+IM9/9bcw/yX/9754Mfk/AMDrW8z/4689xr//9z/Scvbv1svTc+LL0+Xpk42flvP0zs+zBZ8DeG3nARr+0qN5AAAAXgtdY5nSxN+z/1S6zP6efd7v5V+Qs36rKunl8cVbNw8PX3j5pjVDW4cv3HjZmuEtF16xed3WrcMba+tNN2/MzVvSvLErVNL90Xy9bN42P/17CPNz/h5Cdv0Y9uixGxP/HkK22dkFf0dg3/Frrb95x680yfrNxkfe8c6L/8mc9aP68b/kMydfuHbLhes2rtu6bmj9um3D49cbzVp7pvC9mXG3TOn7UjM/JihN/fs7O9OP0oR+dKX7I+/72ZNMPxakPVmQ9/0HOf3+9f/62uePH/nH3SEMHlF+07T2X7Ji5L+fP/yxrbt/v2m0/6VJ+19fM+1X0feVZteP21NZf9mWrSetvezyjdlvlGxPnM8o1cszNJ+RPv3LLc5PrM6pn+rnFMoTbhyYWp6fAABgnPj+f7yeje8ffjW9gIr1refp03v/ODdPH2wtT89+L1lRnp5dP25vq3l6dZp5erb9ojy92frN8vS8vDsv/sdz1p+q1sfJ9D7nkTtOLmptnGS/z6BonGTXn+o4SaY5TrLtF42TZus3Gyd5xz0v/rk56+dpfTxM73M5uePhttbGw1sz5aLxkF1/quOhNM3xkG2/aDw0W7/ZeMg7vnnxz8lZv1Xjx8fowBgbF8MXXnHZ5s81rDfT338x/f7N7Pd/tKv1/s/s575mvv8z+7myme//9D5Xltv/J6c3E9Z6/2f2+yDbtd/ma9MPmxV9/qxoHndVTv1U53FnTbhxYDKPC6+dmP/Ht3ti/n9zuuz020AH//ek+d7jpvE79D1mRdcxXs8naewA4PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDXdlUVjy903bNl7zlEf+vWXhl+59qM/33DdW67+4V8GLvnAr+7p+cGru9Ycu/YPHzzskgc+e+bO27/z8Mtz7/vns4WB+8Z+Vk5Mi9UQkheSEKq/2PONL+96/MjRuiSEUE76toewIFn48IIkE2Hw7yGENfV+jr/z3ldOWTu6vO7m7nH18zNBstsVesuxP439DOHKwi3iIFRNx9m2vVecFP74/lXX/3bxT37cteP57ftWSaoN4ymEeRc1Pr4rhDA7/T8qjrZF8cHpcmUIoafhcWcU9Ou4Fvu/LKd8dLqclS57C+LE+5dkyqXMetly1JVZ9hS0N115/Wh3vSJzMuXsyWi68voZ6xeky5+lyxOnGL8c/yehlIRKvfvrk31jJDQctyQkY8eyWi+X6sc2pNufKSeZcilTLndltmus3XSglZNkfH1cL1MfT8eVtP7YxnN1E+fl1L8xXVbTJ+qrsRyyN2p6J9yob9eY2K89k/Rlfyg1nIOa1dcPfHowetO63mThhMeMNBHv27XqlqXl1Y/s7svpR3JPksZP2oq/7TcL5nz6Rzddvigv/kWlNH6prfh/OuuJFy+46fvfzo1/W4xfbiv+yQ/2vHDWozcsyd0/e+L+qbQVf+jZx25dfPjFO3L7f0eMX20r/oqdT3TP3fvgQ7n9H4z7Z3Zb8Z9594f/fPdT9z+fGz/E+D1txV+9c9NXuvv3npAb/6G4f3pDMnpinOr4eWnH6U/39z83kBf/yRh/blv9v2v77e+6c/7NZ+Ye35Vx//S1Ff/s4x+4fs7e+4/JO3cmd3TqlRPg0HRYeo11Y1puN8+croZ84VsDldo135z0/9xONpQx2s68GYwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDr0++uOfVT57/v3FWVJIQkZ52RJuJ95VkrVgy00e7Qs4/duvjwi3c01i1qIw4AAABQLObhpXpNNSwKVySzw9FN149zBEfHUjK+PjuHEONk5wjajVPqUJxyh+JUOhSnq0NxZnUoTneH4lQL4lRDa3FmTxKnMjoqWuxPz6T9aT1Ob4fizOlQnLkdijOvQ3HmdyhO36RxWh+HCzoUZ2GH4hzWoTiHdyjOER2K84Ypx+luGufIDvUnO6c81XE4N13zqLw4YzfKhXEqSbl+R7P59CPTdo6ZZju9Be3MLXo9brGd2S22c1zmcaUptlNtsZ03T7OdpMV23jrNdkoF7cRxe2W2f7GdWGpx/F/VoTjbOhTn6g7FuaZDcb7QoThf7FCca6cZB6BVMf/fdxXWF7or7wk96RknOwsQ893FYz8nvt7lnZBivDdl6mcVxcsm6pl4i6fav+wEQibekkx917h4lXo+Mkm8amO8pZk7x21vQ7KeZDcgp38nZuq7x/WvyfZmJxYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAb97ppTP3X++85dFZIw+q+pkSbifeVZK1YMtNHurlW3LC2vfmR3Y113pY1AAAAAQKGYh3fVa6qhu7I8dCezxq1XTecBqmm53Fdb9s8LK0eXyUBprNyTLJj0cZX0ccu2bti0bMtV296+bsPQpcOXDm985/JTl58+eNrppy1bu2798GDtZwjdmXhdmXghhLHphy1Xbfvc0Pr1w5u31Cqz/V+UPm5RWk7Sx/W/IwyOLq9L+7+woP+lCe3N3I3iowcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8B7v2F+rmWccB/HmTnCQ7W9vI/mVlPQ39M6oObeuZdDqWFwQHW1t6GEgyPY7iWhyermVrR51xK7jNFkXYKJRKL6zU4ebwZn/cEPeHQmVWC55aZBu6C71QNp10oxfSEek5eXOSnKQ5xrkz6+dzkTd5nt/z/N4nFwe+7wkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MGarI2OV8pj1eEohKhHTb2LZC6djePSAH2/9PyO7+VGzqxqHctlBtgIAAAA6CvJ4UPNkXzIZdIhHa6a+rQstEyEmdwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8/5msjY5XymPVi6MQoh419S6SuXQ2jksD9H3jnSc//erIyF9ax4oD7AMAAAD0l+TwVHMkH4pheRiKrmqrS54NLO5Y31mX7LNkjnWdzw561S2fY901c6z7aJ+6jY3r7gAAAAD/+5L8n2mOFEIus6Bn/u+X65O6pR116cZ1kN8KAAAAAP+ZJP/nmiPFkMsUm3l9rnl/WUddsr7f/+2T9St7rO/3//wNjetc/k+fn0MNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDfN1kbHa+Ux6rpKISoR029i2QunY3j0gB9174w/Ldbjj60rHUslxlgIwAAAKCvJIfPRO98yGWGw1C4eCr3j9x06OkvPP3saAhhOuZns2H35p077147/ZrUrTl+dOi7x9765qy6NdOv83ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgfTNZGx2vlMeqF0UhRD1q6l0kc+lsHJcG6Pv6Zz//p8dPPfdm61hxgH0AAACA/pIcPpP986EYsiEbrpj61Jr1z0l1rO/1zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4cNzz9fu+tnliYsvd3njjjTfNN/P9lwkAAHi/LQ1RqP+brtw033cNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8GEzWRscr5bFqPgoh6lFT7yKZS2fjuDRA3/j5E7kFZ154qXWs2LVy4QC7AwAAAK2SHD6T/fOhGIbCULh86lO3ZwJT+b/wAd4kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8KEyWRsdr5THqguiEKIeNfUukrl0No5LA/R9bM/BzxxZ9J2bW8dymQE2AgAAAPpKcni2OZIPuczHQi5c3fg80b4gSjeu3Z8LzKzb0bZseM7ram3r0nNet7fjZJnGaabX5ZP9CtPX5rrS7HWllnXF0GxfalsX9retWtDnPgMAAADMoyT/55ojhZDL5Fpy7o/b6gtyLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQw2RtdLxSHqtGUQhRj5p6F8lcOhvHpQH63vfrj1zy5Z/s2xUWzowVB9gHAAAA6C/J4TPZPx+KYUlYGJZM5f5QaK9P6v5eOXvk0X/8eVUIq684OZLp3PYHyZtfvn7ji50vIaTaq1MhLGr0i3r0+9VvH713Rf3s4yGsvjx99ax+4fz92reM689UtmzYeezkjj5fDgAAAFwgkvw/1BwphFzmrp75P0neffJ/01QAX3Tvnp9d1nhtJPKOFalCo1+qR7/PrXjyjyvX/fWtc/n/fP0+eXDbkcvaGk6PdIjiennbro0nrzucSk493T/d0T/5Xr74jTf/uXX3I2en++dDvjG+ONOt/+zXDhfF9YnUger69w7U2vtnepz/od+8dOoXi/e9e67/O0uHm/2vOc/5z99/+NaH919/8OjG9v4hhFK3/m+/e3O48vd3Pth5/uGOjVu/+dbXDlFcP77s9OF1h4o3tPePOvon3/9PTz22/0ePfPvZpH/yW5FVy+faP9XR/5W9l+55+YFNi9v7p3qc/8XbXh3ZXvrW7zrPf0fbrpmedzH7/E9c+9Ttr22O7++cAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLBM1kbHK+WxaioKIepRU+8imUtn47g0QN83bjnx9m37fvj91rHiAPsAAAAA/SU5fCb750MxZEM2DE/l/mcqWzbsPHZyRyhMz0aNa2Zi+z07P751+6677pinOwcAAADmKsn/meZIIeQyK8JQI/+Xt+3aePK6w6kk/6eS/L/1zoktq0Oz7pW9l+55+YFNi5vPCUKY+llA/lzdp2bqbrrxROH0H766smvd2pm648tOH153qHhDUhda69aE5vOJJ6596vbXNsf3N++vte4TX9k+0Xg8kew7fOvD+68/eHRj8xyN63Bj36RuInWguv69A7WkLt245hvnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABmm6yNjlfKY9WQDiHqUVPvIplLZ+O4NEDf9St+/uAlZ55b0jqWywywEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/YgcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgr79RMaR9nHAfx5dpM322zSJu0LRsU0rYpSDxYFEb2oqEgrUvBUKVJt7UEUBBGlHkylFUtVvAhWL0VUUKMUFGwsllZJxX/FiwcVFKoHoRQD2qV4UMnuM9vNdMfVSRXUzweGJ88zM9/5zTzPzmYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/lEG+saa7eEd9zduOeeGjx6968QjN71z77aLHn71u4lN1324d/ClkzObV2z58vplm/bfvWZ69/OHfhp+65ejPYMfajWrUrcWQjweQ6i9O/vMYzMfnzU3FkMI1TgyGcJoXHpoNOYSVv8cQtjcrnP+zjdPXL5lrt22a2De+JJcSP6+Qr2a1dMyMr9e/l1qaZ1tbTx4Sfj62vXbP13+xuv9U8cmTx0Sax3rKYTFGzvP7w8hLErbnGy1jWUnp3ZdCGGw47wre9R1/h+s/9KC/rmp/V9q6z1ysv0rc/1K7rh8P9Ofawd7XG+hiuooe1wvQ7l+/mW0UEV1ZuOjqX07tav+ZH4122KoxNDXLv+eeGqNhI55iyE257LW7lfacxvS/ef6Mdev5PrV/tx9Na+bFlo1xvnj2XG58ex13JfGV3S+q7u4tWD87NTW0gf1ZNYP+T9a6qf90b6vpqyu2d+p5e9Q6XgHdRtvT3yajHoaq8elp53zaxfZvpn1T1xY3fDe4ZGCOuLemPJjqfytn4wO3f7azgfGivI3VlJ+pVT+N2uP/HDbzheeK8x/Osuvlsq/7MDg8bXv71hZ+Hxms+fTVyr/jqMfPLn8/3dOdZvrZv6eLL9WKv+a6SMDw40DBwvrX509n0Wl8r+6+sZvX/l837HC/JDlD5bK3zB931MD442LC/MPtj4K9eYKLbF+fpy64ovx8e8nivI/y57/cJf82DP/5cndV724ZNeawvW5Lns+I6Xqv/mC/duHGvvOK3p3xj1n6psT4L9pWfof6/HUL/s7c6E6fi88O9HX+gYaStvwmbxQztx1Fv+F+QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MYOHJAAAAAACPr/uh2BAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwVAAD//5KRHK0=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x1fe)
fallocate(r0, 0x10, 0x400000002, 0x7fff)

4m40.123083743s ago: executing program 34 (id=1369):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x46, 0x50, 0xd3, 0x10, 0xc45, 0x800a, 0xdb47, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xcd, 0xa6, 0x37}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001080)={0x84, &(0x7f0000000c40)={0x0, 0x0, 0x1, "f1"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3m47.378886573s ago: executing program 35 (id=1758):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f00000001c0)={[{@nodiscard}, {@disable_ext_identify}, {@noheap}, {@alloc_mode_reuse}, {@noquota}, {@disable_roll_forward}, {@background_gc_on}, {@nogc_merge}, {@checkpoint_diasble}, {@user_xattr}, {@fsync_mode_strict}, {@adaptive_mode}, {@noinline_dentry}, {@noinline_dentry}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1a37c1, 0x42)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0)

3m23.838856295s ago: executing program 9 (id=1923):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x800080, &(0x7f00000003c0)=ANY=[@ANYBLOB="766572626f73652c6a6f75726e616c5f7472616e736163735d60b65f6e616d65732c6e6f7265636f766572792c636f6d7072657373696f6e3d6c7a342c657261737572655f636f64652c636f6de512657373696f6e3d7a7374642c696e6c696e655f646174612c7265636f6e7352727563745f616c6c6f632c636f6d7072657373696f6e3d677a69702c6e6f636f772c72772c736d61636b5e5b402c6673636f6e746578743d756e636f6e6669fe0a645f752c61707072616973652c6f626a5f726f6c653d2c6f626a5f757365723d2c00cceb99cf8efdbbc6ae4181a26bbff460c1c8ed816462d332da99e1c9d501b2f84418795039cb396aaead1ee4cfe08fdb8b98cafc2fc66729648fd8244e38a8ad980cdef833014e304f756960f2584bf7275e4b37d13a426eab66df74902a56a667b4922816529ad484fab6ab007b93cdced73d030400000000000000"], 0x2, 0x594d, &(0x7f0000000540)="$eJzs3X+QXFW9IPBzu3synZlMMgnwiCCTIZD3ePA0E34V6qtn3tv39BUgFQtLCRuFQCYYTUIqCUICSnDBhQUstLQU9Q+0kFo0WlTBKpES+bEJqyjF6lJbSK3son+4hSwpgSxluc7WTN/T6bnTd25Pd09I4POpZG6f07e/53vvPX37ntM90wEAAIC3hH03bTtwwXH/8rPPjr52/b/+aNMNob88UV+NKwymy2veqAw5lHoriyeW2X7xN9d+53fDl//TT+/r+/bre9eduP7X/3zU5Q994tw9d3790VcHHvjLC0VxY3869WA5eSkJofrj/V/+3N4njx2vS0II5WRwVwgLk0WPLkwyIYb/FEJYlxYWZ+68/7Uz1o8vb7i1d1L9gsx6+vtbWzXtZzsPXH1a+M0/rr7xF0u+/72e3S/uOrhKUm3oTyHMv7Tx8T0hhLnp/3Gxt8X+GDvtqhBCX8PjzinI66QW81+eUz4+Xc5Jl/0FceL9SzPlUma9bDnqySz7CtrrVF4e7a5XZF6mnD0ZdSovz1i/MF3+MF2eOsP45fg/CaUkVOrpb0wO9pHQcNySkEwcy2q9XKof25Buf6acZMqlTLnck9muiXbTjlZOksn1cb1MfTwdV9L6ExvP1U1cmFP/tnRZTZ+or8dyyN6o6Z9yo75dE2Je+6fJ5VAoNZyDmtXXD3x6MPrTuv5k0ZTHjDUR79u7+rZl5TWP7RvMySO5L0njJ23F3/nzhfM+9t1brsq+rtfjX1pK45cy8ZOW4j9/3lMvX3zLt76WG/+OGL/cVv6nP9z30nmP37Q0d//sj/un0lb8tS88cfuSoy/bnZv/XTF+ta34K/c81Ttw4OFHcvMfiftnblvxn3vP+3577zMPvpgbP8T4fW3FX7Nny+d7hw6ckhv/kbh/+tuK//wru89+dmjo98ONDzhl4GD8p2P8gbbi37PrznffveDWc3OP76q4fwbbin/+yQ/dOO/AgyfknTuTu7r1ygnw1nRUeo11c1pud5zZqYbxwleHK7WrpHnp/4FuNpS5+BxvZ3434wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABACOGY0/7L+//XhwdfqqTl3vTGc6XaMtbPCSGZG0LYtn3t1u0bNl8x/Ikrr9q6eW567/atO4bP/LvhraNbNq7dMX7vyDvOqN2zKCS1ZXLClLZ7x8bGSoOT62J7/+bk3b9Zds7//kMII8f8aqiSm//yOzfdfXSTnxnJyrH3brrqgl+d9c10uwbTvAab5DU2NjYWcvL6Pxf9+e4v7v/dKSGM/NV0eT3x3D/8ZFJCExUH46RKvaGWUG/S1zSPetaDIfSMPyDNq7J+w8bRken37/jjyznb8W+vffFP66/5wp9r+7eaux0t7t+5K8c2lr6y+vz/95XrahVFeb1Rx71of8etiPnF/VdN9/f8dLvm52xXJWe7bvrFI8/8+LhbXt0VRiqvLJnadtF29aQdsid5W0vtxhb6koWT6qvp+vGIx8ct375py/JtO3a+Y8OmtVeMXjG6+V0rzlxx9shZZ5+1fGLLl3d5+2P7f93i9h+a/rTgU7t+GH+21p+K8iraH+N5Fe+Pxozynn99F37uS++68/ELahVF/TyuXT+fpMu+8eO8IjT0t6n7qtl2Fe2HEMJws/3w8qvnhmP/+4Ybi85DjUem8WdGsnLsyaV//OY531j897WKQ3Keb0yozfN8PeuD+Uzsr2p6PMYO0/3bG8rpdvU3zWvFk4/33LbvD5+u5zdnTrhm7fbtW1fUfs5LM52XHN80r2xt3K4lEz/LId0tod5Nm/TXcT2hll/2/BlXz+7V/vS+/mRR0+3KivftXX3bsvKax/bl7enkP9RanBsGasvk7Tlrbsw8sFxPuFn7h+vzr6h/DL3/Gw98+IEfnDmlf5xe+1m0XUnOdn3/mXu+9O0v/PsfdG+73v8PTw3+8X98fFmt4kg5r9SzTvNJGs8rp4dQ9PxbEppvR+7zr9R8e4qef9l2Dq7fPN5wptwfym09X09/uO+l8x6/aWnu83V/q8/X6yaVygXP18Ol/2SfX0llch6z9/ya1FGSlWM/vfmoXY9ev+q4WkVRv66v3axfn9HC+CNnu35y8bNDVw7/u//WvfPGd/7u/kt+vXblZ2oVk4/73Cl55R/3mEt3jns13b/VnP1bzzrNp9S4f995+ZUb19XqD9/r33RZMP6Jp5JtO3Z+cu3GjaNbt7W2Xa2+nsZ2snu53dfTeHZbVLBdpSnb1Rtv7Oj2jVb2V6vPt5j/urb31+TnW39I2npd2PnzhfM+9t1brhqc8qi0oUtLafxSW/GfP++ply++5Vtfy41/R4xfaSv+2heeuH3J0Zftzo1/V5LGr7YVf+Wep3oHDjz8SG78kZj/3LbiP/ee9/323mcefDE3fojx+9vb/6/sPvvZoaHf58Z/OknbGb9GCuH+185YXysnE/Nw1YY8eiblFbLlJFMuZcrlxnKpNtdab6CcJJPr43pp/YkNuTTzkZz6eBVWXVxbvh7LIXtj+vrDTanh3N+svug6FQDgzS6+/x+vQeP7/6PphVL+TAMc1Ok4bHFO3DgOOzifM2fS/YvT+PHxcR5w6J1hZHx5w3DtQn+m7yPE50N2njO2c8pJk2O0O89ZNP++NFOOedXmyysN49DU1HFNJbQw/z61nenn3zObXzw/PnzzlLSGG+atssevJ50xa/Z5h0y+lfEIef0jOy8WP88xND+smmivxf6R/RxNPA7Zz9HEdo7LnDjb/RxNp/0jpj1N/5hIufj9janHL0yzfw8ev+bRssdvBse7Or7+rL0/e1+cF+t43rDpKe3QzRvO7vth5iVz4qdPsFmeNxy/2dG8YayP21FpcT7xwzn1tWftrnq5rfnE8sGbMa/90+RyKJhPBN6s4vg/vkaMj//HL8D/b2a9ouvQ7FVjjJf7OaFy83yKxh1TP6fX19br+Jo9Wz7fO3TglNzrnEda/dzPlkmlvoLP/RTtx2WZcuF+zJmgKRrvZdsp2u/Zz2X0h4G29vs9u+58990Lbj03d7+vqr2QFu/3L00qDRTs9yNgvNA8vvHCW2K8MNvzZ2/Y5xjSDz7N1njkQzn1M/18Q9+UG/XtmnDEjUd6Dm1eAMCRI47/6++fpeP//xlXSK8jisatp2bKMV7uuDXn+iRv3PqBdHlNZv3+9DcqZnrdfP7JD90478CDJ+SOW+5qdRz6HyeVBgvHoZ2Nm3PHEau683nx3HFEfZzV2TgxN//6OLGzcXpu/Po4vbNxdO7+qY+jO5sHyI1fnwc40se5BfN1mcZisdX5ujftODr99dnZGkdfmFM/03F0/5Qb9e2aYBwNAPDGiuP/eBkXx/+PZ9br9H323HFBl67bs38PpB7/6UM1rpztcd9sj1tne1w/2/MSR/q4eLbnhWZ3nuwtPy5OGzUuBgDgcBbH//EvEeaP/zsbnzQbv/VMGp8YnzeNb3x+mIzPj/T5L+N/74sXM/4HAHhzi+P/+GuP8e///ee0nP279cbpOfGN043Tp+s/LY/Tuz/PFnwO4I2dB2j4mhfzAAAAvBF6JkZKU3/P/qPpMvt79nm/l39xzvqtqqSXx5dt3zo6eslVW9at3T56yeYr141uu+TqrRu2bx/dXFuv03Fj7rglHTf2hEq6P5qvlx23LUj/HsKCnL+HkF0/hj1+4sbUv4eQbXZuwd8ROHj8Wss37/iVplm/Wf/IO9558T+Ss35UP/6Xf/z0S9Zvu2TD5g3bN6zduGHn6OT1xketfTP4vtS4W2b0famZH1OUZv69v93JozQlj550f+R9P3uSyWNhmsnCvO8/yMn7Z//1i586eezP94Ywckz57R3tv2Tl2H+6aPQD2/f9ast4/qVp86+vmeZV9H2l2fXj9lQ2Xrlt+2nrr7xqc/YbJdsT5zNK9fIszWekT/9yi/MTa3LqZ/o5hfKUG4enlucnAACYJL7/H69n4/uHX0gvoGJ96+P0zt4/zh2nj7Q2Ts9+L1nROD27ftzeVsfp1Q7H6dn2i8bpzdZvNk7PG3fnxf9Qzvoz1Xo/6exzHrn95NLW+kn2+wyK+kl2/eb9pJTbT5IO+0m2/aJ+0mz9Zv0k77jnxf9gzvp5Wu8PnX0uJ7c/3NFaf/jbTLmoP2TXn+l5o9Rhf8i2X9Qfmq3frD/kHd+8+BfkrN+qyf1jvGNM9IvRS66+cusnG9ab7e+/6Dy/2f3+j3a1nv/sfu5r9vOf3c+VzX7+nX2uLDf/pzubCWs9/9n9fpd2HbL52vTDZkWfPyuax12dUz/Tedw5U24cnszjwhsnjv/j2z1x/H9ruuz220BH/vek+R6zpvG79D1mRdcxXs/TZbMXzcOA13MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA1vRWFk8s99207cAFx/3Lzz47+tr1//qjTTf8zbXf+d3w5f/00/v6vv363nUnrv/1Px91+UOfOHfPnV9/9NWBB/7yQmHgwYmflVPTYjWE5KUkhOqP93/5c3ufPHa8LgkhlJPBXSEsTBY9ujDJRBj5UwhhXT3PyXfe/9oZ68eXN9zaO6l+QSZIdrtCfznm05hnCNcUbhFHoGraz3YeuPq08Jt/XH3jL5Z8/3s9u1/cdXCVpNrQn0KYf2nj43tCCHPT/+Nib1scH5wuV4UQ+hoed05BXie1mP/ynPLx6XJOuuwviBPvX5oplzLrZctRT2bZV9Bep/LyaHe9IvMy5ezJqKbSdvy8PGP9wnT5w3R56gzjl+P/JJSSUKmnvzE52EdCw3FLQjJxLKv1cql+bEO6/ZlykimXMuVyT2a7JtpNO1o5SSbXx/Uy9fF0XEnrT5zIsZy73Rfm1L8tXVbTJ+rrsRyyN2r6p9yob9eEmNf+3EwOjVLDOahZff3ApwejP63rTxZNecxYE/G+vatvW1Ze89i+wZw8kvuSNH7SVvydP18472PfveWqxXnxLy2l8UttxX/+vKdevviWb30tN/4dMX65rfinP9z30nmP37Q0d//sj/un0lb8tS88cfuSoy/bnZv/XbX4z4RqW/FX7nmqd+DAw4/k5j8S98/ctuI/9573/fbeZx58MTd+iPH72oq/Zs+Wz/cOHTglN/4jcf/3t9d/Xtl99rNDQ78fzov/dIw/0Fb8e3bd+e67F9x6bu7xXRX3z2Bb8c8/+aEb5x148IRqXvy7uvXKCfDWdFR6jXVzWm53nNmphvHCV4crtWu+een/gW42lDHezvxZjA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvTL68786MXvfeDqytJCEnOOmNNxPvKc1auHG6j3bUvPHH7kqMv291Yt7iNOAAAAECxOA4v1WuqYXG4Opkbjm+6fpwjOD6Wksn12TmEGCc7R9BunFKX4pS7FKfSpTg9XYozp0txersUp1oQpxpaizN3mjiV8V7RYj590+bTepz+LsWZ16U4A+3HeXJ1Q5z5BXHi/F9RPgu6tF2D08ZpvR8u7FKcRV2Kc1SX4hzdpTjHdCnOX7URZ06TOMd2KZ/snPJM++FAuuZxeXEmbpQL41SScv2OZvPpx6btnNBhO/0F7QwUvR632M7cFts5KfO40gzbqbbYzl932E7SYjt/22E7pYJ2Yr+9JptfbCeWpm+nEuPs6CxO/Xm0s0txru1SnOu6FOfTXYrzmS7Fub7DOACtiuP/g+O9wdBb+fvQl55xsrMAcby7ZOLn1Ne7vBNSjPf2TP2conjZgXom3pKZ5pedQMjEW5qp75kUr1Ifj0wTr9oYb1nmzsLtzU4oZPI7NVPfWxQvO7EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALPol9ed+dGL3vvB1SEJ4/+aGmsi3lees3LlcBvt7l1927Lymsf2Ndb1VtoIBAAAABSK4/Ceek019FZWhN5kzqT1quk8QDUtlwdry6H5YdX4MhkuTZT7koXTPq6SPm759k1blm/bsfMdGzatvWL0itHN71px5oqzR846+6zl6zdsHB2p/QyhtyBeCGFi+mHbjp2fXLtx4+jWbbXKbP6L08ctTstJ+rihd4aR8eUNaf6LCtorTWlv9m4UHz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+P7t2FyLnVcYB/LwzszPTbWNW+jUNzWbIR4laNIlbSbV0XxAstEnIUpDZ6lqCTbC4aUKbSKxjG7CtCYrQEgiRXBiJxdbiTT9sEftBIFKjATcGaYv2Qi+UVitpyYWkjGR3zuzM7ExmHUvTxt/v4n1nznnOeebMxcL/3QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P01VR2ZqIyOjQ8mISRdamodxLlsPk3LffT98nPbf1AYPr2yeayQ62MjAAAAoKeYwwcaI8VQyGVDNlw1/W5paJoIs7kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4/zNVHZmojI6NX5yEkHSpqXUQ57L5NC330ff1t5/4zCvDw39rHiv1sQ8AAADQW8zhmcZIMZTCsjCQXNVSF58NLGpb314X91k8z7r2Zwfd6pbNs+6aedZ9rEfdhvp9VwAAAIAPv5j/c42RoVDILeia/3vl+li3pK0uW7/381sBAAAA4H8T83+hMVIKhVypkdfnm/eXttXF9b3+bx/Xr+iyvtf/89fX7/5PDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfHlPVkYnK6Nh4Ngkh6VJT6yDOZfNpWu6j75rnB/9xy5EHlzaPFXJ9bAQAAAD0FHP4bPQuhkJuMAyEi6dz//BNB5/64lPPjIQQZmJ+Ph92bdqx4+41M9dYt/rYkYHvH33z23PqVs9cz9sBAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA98xUdWSiMjo2flESQtKlptZBnMvm07TcR9/XPveFvzx28tk3msdKfewDAAAA9BZz+Gz2L4ZSyId8uGL6XXPWPyvTtr7bMwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgwnHPN+/9+qbJyc13e+GFF140Xpzvv0wAAMB7bUlIQu2/dOXG8/2pAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAD4Kp6shEZXRsvJiEkHSpqXUQ57L5NC330Td97nhhwennX2weK/WxDwAAANBbzOGz2b8YSmEgDITLp991eiYwnf+H3scPCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHygTFVHJiqjY+MLkhCSLjW1DuJcNp+m5T76Prr7wGcPL/zezc1jhVwfGwEAAAA9xRyeb4wUQyH38VAIV9ffT7YuSLL1e+fnArPrtrcsG5z3umrLuuy81+1pO1mufpqZdcW439DMvbGuPHdduWldKTTal1vWhX0tqxb0+JwBAAAAzqOY/wuNkaFQyBWacu5PW+qH5FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoIup6shEZXRsPElCSLrU1DqIc9l8mpb76Hvvbz96yVd+tndn81ipj30AAACA3mIOn83+xVAKi8NHwuLp3B+GWutj3T8rZw4/8q+/rgxh1RUnhnPt2/4ovvj1aze+0H4JIdNanQlhYb1f0qXfb37/SHZ57cxjIay6PHv1nH7h3P1at0xrT1c2r99x9MT2Hl8OAAAAXCBi/h9ojAyFQu6urvk/Ju8e+b9hOoAv/MbuX1xWv9YTeduKzFC9X6ZLv88vf+LPK9b+/c2z+f9c/T51YOvhy1oazoy0SdLa6NadG05cdygTTz3TP9vWP34vX/rWG//esuvhMzP9i6FYH1+Uy3XoP/fa5qK0NpnZP77u3f3V1v65Lud/8HcvnvzVor3vnO3/9pLBRv9rznH+c/cfvPWhfdcfOLKhtX8Iodyp/1vv3Byu/OOdD7Sff7Bt4+ZvvvnaJklrx5aeOrT2YOmG1v5JW//4/f/85KP7fvLwd5+J/eNvRVYum2//TFv/l/dcuvul+zcuau2f6XL+F257ZXhb+Tt/aD//HS275rp+irnnf/zaJ29/dVN6X/sUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAhWWqOjJRGR0bzyQhJF1qah3EuWw+Tct99H39luNv3bb3xz+ceVeYvpb6OgEAAADQS8zhs9m/GEohH/JhcDr3P13ZvH7H0RPbw9DMbFK/5ya33bPjE1u27bzrjvP0yQEAAID5ivk/1xgZCoXc8jBQz/+jW3duOHHdoUzM/5mY/7fcObl5VWjUvbzn0t0v3b9xUeM5QQjTPwsonq379GzdTTceHzr1p6+t6Fi3Zrbu2NJTh9YeLN0Q60Jz3erQeD7x+LVP3v7qpvS+xudrrvvkV7dN1h9PxH0Hb31o3/UHjmxonKN+H6zvG+smM/vH1727vxrrsvV7sX5uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCuqerIRGV0bDxkQ0i61NQ6iHPZfJqW++i7bvkvH7jk9LOLm8cKuT42AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+ww4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX26yc0jrKPA/jz7G7ebLNJm7QvWBXTtCpKPVgURPSioiKtSMFTpUi1tQdREESUejCVVixV8SJYvRRRQY1SULCxWFolFf8VLx5UUKgehFIMaEPxYCS7z2w3k4xrJ1VQPx9Ynv09O/Od38w8O5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP0hP+92RnQ9O3XbeTZ88fs/Jx2557/7tlzz6+g8jm2/4eF/fK6cmtqzc+vWNyzYfuHft+J4XD/8y8M5vx7pGP9IaVqeyHkI8EUOovz/53BMTn54zMxdDCNU4OBrCUFx6eCjmEtb8GkLYkore2uwP3z555daZcfvu3lnzS3Ih+fMKjWrWT8vg7H75d6mndbZt6uHLwrfXb9jx+Yq33uwZOz56epNY71hPISze1Ln/zDdkUXrNyFbb8mznNK4PIfR17Hd1l74u/JP9X15Qn5/G/6Wx0SUn+3xVrq7ktsvXmZ7c2NfleAtV1EfZ7brpz9X5h9FCFfWZzQ+l8d00rj7D/Gr2iqESQ63d/n3x9BoJHfcthti8l/V2Xen4NWidf66OubqSq6s9ufNqHjcttGqMs+ez7XLz2eO4luZXdj6r53F7wfy5aaynL+qprA75Ny2NOW/a59WU9TX5B738HSodz6D55ts3Pt2MRpprxKVz9pmeozadfTax4amLqxs/ODJY0EfcF1N+PIP86Xb+ts+G+u98Y9dDy4vyN1VSfqVU/nfrjv50x66XXijMfzbLr5bKv+Jg34l1H+5cVXh9JrPrUyuVf9exj55e8f+7x+a71838vVl+vVT+deNHewemDh4q7H9Ndn0Wlcr/5tqbv3/ty/3HC/NDlt9XKn/j+APP9A5PXVqYf6j1VWg0V2iJ9fPz2FVfDQ//OFKU/0V2/QfmyY9d818d3XPNy0t2ry1cn+uz6zNYqv9bLzqwo39q/wVFz86492z9cgL8Ny1Lf2M9meqy/2cuVMf/C8+P1Fq/QP3pNXA2D5Qzc5zFf2E+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOztwQAIAAAAg6P/rdgQKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATwUAAP//LD0uGQ==")
mount$overlay(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})

3m20.644549302s ago: executing program 9 (id=1938):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000200)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="150d2abd7000fbdbdf251100000008000300", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x4)

3m17.491744995s ago: executing program 9 (id=1957):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x81008e, &(0x7f0000003f80)=ANY=[@ANYBLOB="726f6469722c7379735f696d6d757461626c652c6572726f72733d636f6e74696e75652c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c636865636b3d7374726963742c636f6465706167653d3935302c696f636861727365743d63703836302c696f636861727365743d63703433372c73686f72746e616d653d77696e6e742c696f636861727365743d63703933322c6e6f6e756d7461696c3d302c6e66732c726f6469722c757466383d312c73686f72746e616d653d6d697865642c757466383d302c00e23bb66df271dc392ed708", @ANYRES16=0x0], 0x4, 0x2ca, &(0x7f0000000740)="$eJzs3T9rJGUYAPBnks3uqMWmEAsRHNDiquNyrYUbJQeHqZQttNHg7YFkF2EPAoo4d5WtjaWfQBC0utYPYOM3EGwFO684GJnZmdtsdjPuwu3FP79fkyczz/O+zzv7JiGBffPRK5PTO1ncffDFr5GmSewMYhCPktiPnWjcjwWDrwMA+Dd7VBTxRzGzSV0SEen22gIAtmjjn/8/bL0lAGDL3nv/g3cOj4+P3s2yNG5Nvjoblr/Zlx9n9w/vxicxjlHciH48jiiemMW3iqLIO1lpP16f5GfDsnLy4c/1+Ie/R1T1B9GP/erSYv3t46ODbOZcfV728Xw9/6Csv9npx4sr5r99fHRzRX0Mu3Httbr/iPtxPfrxy8fxaYzjTtXEvP7Lgyx7u/jmz7T6i0ZZn+Rnw16VN1fsPuvXBgAAAAAAAAAAAAAAAAAAAACA/67r9dk5vajO7ykv1efv7D4uP9mLrLG/eD7PrD5pBrpwPlBexLfN+To3spd6RZ04r+/Ey53oXM2qAQAAAAAAAAAAAAAAAAAA4J/l3mefn56Mx6NpW7B2cnMaQPO2/uWcIo9onasKBqPpw+bKq9Ge3JvPtVOH41HZyMqq2G1ykojWNspFtD+WpxY8V/W84tZ33286YPr3OXsX5/oxnva6mg1zepKsfoa9J69O2mySh+dzumtskirozoI3l24VK7ffZUF35a3+GuXJ4jgvVEHeUhVJW2Nv/BaxF9Hs+fTiKrqXbezxaK8Krl36pXeSxmjaXfuxLH+vSJzWAQAAAAAAAAAAAAAAAAAAW7X8Jv9zHrSW7hS9rbUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM/U/P//bxDkdfHsyk9vtSR3Y3rvipcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8BfAQAA///b9VfV")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
poll(&(0x7f0000000080)=[{r0, 0xd004}], 0x1, 0xfffffffe)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

3m17.172006665s ago: executing program 9 (id=1962):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@debug}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@block_validity}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0)

3m16.637177095s ago: executing program 9 (id=1963):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r0, 0x3ba0, &(0x7f0000000280)={0x48, 0x13, r2})

3m15.553656099s ago: executing program 9 (id=1970):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan1\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000000c0)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r2, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c0001800500020000000000080004000500000008000100020000002400"], 0x7c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

3m14.636119077s ago: executing program 36 (id=1970):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan1\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000000c0)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r2, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c0001800500020000000000080004000500000008000100020000002400"], 0x7c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

2m11.827769809s ago: executing program 4 (id=2417):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r1)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x44, r2, 0x1, 0x0, 0x0, {0x4, 0x74, 0x609}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x2}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bond0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}]}, 0x44}, 0x1, 0xffffffff00000003}, 0x0)

2m11.469325631s ago: executing program 4 (id=2418):
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)

2m11.277454784s ago: executing program 4 (id=2420):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f00000003c0)='./bus\x00', &(0x7f0000000540)='system.posix_acl_access\x00', &(0x7f00000000c0)={{}, {}, [], {0x4, 0x1}, [], {0x10, 0x6}}, 0x24, 0x0)
getxattr(&(0x7f0000000140)='./bus\x00', &(0x7f00000001c0)=@known='system.posix_acl_access\x00', 0x0, 0x0)

2m11.208098462s ago: executing program 4 (id=2421):
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2008802, &(0x7f00000000c0)={[{@allow_utime={'allow_utime', 0x3d, 0xd85}}, {@errors_remount}, {@uid={'uid', 0x3d, 0xee00}}, {@keep_last_dots}, {@namecase}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@gid={'gid', 0x3d, 0xee01}}, {@dmask={'dmask', 0x3d, 0x1}}, {@errors_continue}, {@errors_continue}]}, 0x1, 0x152f, &(0x7f00000037c0)="$eJzs3AucTVX7OPDnWWvtMSSdJrkMa61nc5LLIklySZJLkiRJkltC0iSvJCSG3JKGJCSXIbkMIblMTBr3+/2SkCRNkoTklqz/Z8r81Vvv/33f39svv/9vnu/nsz+znrP2s/ba85yzz977nJlvug6r1aR29UZEBP8R/OVHIgDEAsAgALgGAAIAKB9XPi6zP6fExP9sI+zP9VDKlZ4Bu5K4/tkb1z974/pnb1z/7I3rn71x/bM3rn/2xvVnLDvbMqPgtbxk34Xv/2dn/P7/v0hG6XFfrCt9fTeAmH81hev//z/8D3K5/v9rBf/KSlz/7I3rn13FXukJsP8B+PWfHeT4hz1c/+yN689Ydvbre8GxcOXvR//VC0Sy92cgV/r5xxhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsezjrL1MAkNW+0vNijDHGGGOMMcbYn8fnuNIzYIwxxhhjjDHG2H8/BAESFAQQAzkgFnJCLhAAMVn910IcXAd54XrIB/mhABSEeCgEhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDSUgZugLNwM5eAWKA+3QgW4DSpCJagMVeB2qAp3QDW4E6rDXVADakItqA13Qx24B+rCvVAP7oP6cD80gAegITwIjeAhaAwPQxN4BJrCo9AMmkMLaAmt/kv5L0BPeBF6QW9IhD7QF16CftAfBsBAGAQvw2B4BYbAq5AEQ2EYvAbD4XUYAW/ASBgFo+FNGANvwVgYB+NhAiTDRJgEb8NkeAemwFSYBtMhBWbATHgXZsFsmAPvwVx4H+bBfFgACyEVPoBFsBjS4ENYAh9BOiyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBR/DbvgE9sBe2Aefwn747N/MP/N3+d0QEFCgQIUKYzAGYzEWc2EuzI25MQ/mwQhGMA7jMC/mxXyYDwtgAYzHeCyMhdGgQULCIlgEoxjFYlgMi2NxLIkl0aHDMlgGy+LNWA7LYXksjxWwAlbESlgJq2AVrIpVsRpWw+pYHWtgDayFtfBuvBv7YF2si/WwHtbH+lm3p7ARNsLG2BibYBNsik2xGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHTABE7AjdsRO2Ak7Y2fsgl2wK3bFbtgdu2e8kAPwRXwRe2MN0Qf7Yl/sh0k5BuBAHIgv42B8BV/BVzEJh+IwfA1fw9dxBJ7GkTgKR+NorCrewrE4DklMwGRMxkk4CSfjZJyCU3EqTscUnIEzcSbOwtk4G9/Dufg+vo/zcT4uxFRMxUW4GNMwDZfgGUzHpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsatuBW343bciTvxY1QA+Anuxb2YhPtxPx7AA3gQD+IhPIQZmIGH8TAewSN4FI/iMTyGx/EEnsQTeApP4Wk8g2fxLJ7H83gBn4v/qvHHJdYmgcikhBIxIkbEiliRS+QSuUVukUfkEREREXEiTuQVeUU+kU8UEAVEvIgXhUVhYYQRJMLMI4WIiqgoJoqJ4qK4KClKCiecKCPKiLKirCgnyony4lZRQdwmKopKoq2rIqqIqqKdqybuFNVFdVFD1BS1RG1RW9QRdURdUVfUE/VEfVFfNBAPiIaiDw7Ah0RmZZqIodhUDMNmormQl45QrcUIbCPainbiCTEKR2IH0doliKdFRzEWO4m/iXH4rOgiJmBX8bzoJrqLHuIF0VO0cb1EbzEF+4i+Yjr2E/3FADFQzMKa4j2cm7OWeFUkiaFimHhNLMTXxQjxhhgpRonR4k0xRrwlxopxYryYIJLFRDFJvC0mi3fEFDFVTBPTRYqYIWaKd8UsMVvMEe+JueJ9MU/MFwvEQpEqPhCLxGKRJj4US8RHIl0sFcvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHaxQ+wUu8THYrf4ROwRe8U+8anYLz4TB8Tn4qD4QhwSX4oM8ZU4LL4WR8Q34qj4VhwT34nj4oQ4Kb4Xp8QP4rQ4I86Kc+K8+FFcED+Ji8ILkCiFlFLJQMbIHDJW5pS55FUytwyyjv8yTl4n88rrZT6ZXxaQBWW8LCQLSy2NtJJkKIvIojIqb5DF5I2yuCwhS8pS0snSsoy8SZaVN8ty8hZZXt4qK8jbZEVZSVaWVeTtsqq8Q0Lkl23UkDVlLVlb3i0T4R5ZV94r68n7ZH15v2wgH5AN5YOykXxINpYPyybyEdlUPiqbyeayhWwpW8nHZGv5uGwj28p28gnZXj4pO8inZIJ8WnaU/tJT5FnZRT4nu8rnZTfZXfaQP8mL0stesreEPiD7ypdkP9lfDpAD5SD5shwsX5FD5KsySQ6Vw+Rrcrh8XY6Qb8iRcpQcLd+UY+RbcqwcJ8fLCTJZTpST5NtysnxHTpFT5TQ5XabIGXLApZHmSPlP89/+g/whP299s9wit8ptcrvcIXfKXfJjuVvulnvkHrlP7pP75X55QB6QB+VBeUgekhkyQx6Wh+UReUQelUflMXlMHpcn5Dn5vTwlf5Cn5Rl5Rp6T5+V5eeHS7wAUKqGkUipQMSqHilU5VS51lcqtrlZ51DUqoq5Vceo6lVddr/Kp/KqAKqjiVSFVWGlllFWkQlVEFVVRdQNeesKokqqUcqq0KqNu+nfyVTF1oyquSvwmP2t+if9gfq1UK9VatVZtVBvVTrVT7VV71UF1UAkqQXVUHVUn1Ul1Vp1VF9VFdVVdVTfVTfVQPVRP1VP1Ur1UokpUfdVLqp/qrwaogWqQellk7sMQNUQlqSQ1TA1Tw9VwNUKNUCPVSDVajVZj1Bg1Vo1V49V4layS1SQ1SU1Wk9UUNUVNU9NUikpRM9VMNUvNUnPUHDVXzVXz1Dy1QC1QqSpVLVKLVJpKU0vUEpWulqqlarlarlaqlWq1Wq3WqrVqvVqvNqqNKl1tUVvUNrVN7VA71C61S+1Wu9UetUftU/vUfrVfHVAH1EF1UB1Sh1SGylCH1WF1RB1RR9VRdUwdU8fVcXVSnVSn1Cl1Wp1WZ9VZdV6dVxfUBXVRXcw87QtEIAIVqCAmiAlig9ggV5AryB3kDvIEeYJIEAnigrggb3B9kC/IHxQICgbxQaGgcKADE9hAXCp6NLghKBbcGBQPSgQlg1KBC0oHZYKbgrLBzUG54JagfHBrUCG4LagYVAoqB1WC24OqwR1BteDOoHpwV1AjqBnUCmoHdwd1gnuCusG9Qb3gvqB+cH/QIHggaBg8GDQKHgoaBw8HTYJHgqbBo0GzoHnQImgZtPpTx/f+dP7HXS/dWyfqPrqvfkn30/31AD1QD9Iv68H6FT1Ev6qT9FA9TL+mh+vX9Qj9hh6pR+nR+k09Rr+lx+pxeryeoJP1RD1Jv60n63f0FD1VT9PTdYqeoWfqd/UsPVvP0e/pufp9PU/P1wv0Qp2qP9CL9GKdpj/US/RHOl0v1cv0cr1Cr9Sr9Gq9Rq/V6/R6vUFv1Jv0Zr1Fb9Xb9Ha9Q+/Uu/THerf+RO/Re/U+/anerz/TB/Tn+qD+Qh/SX+oM/ZU+rL/WR/Q3+qj+Vh/T3+nj+oQ+qb/Xp/QP+rQ+o8/qc/q8/lFf0D/pi9pnntxnvr0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSavyWvymXymgClg4k28KWwKm0xkyBQxRUzURE0xU8wUN8VNSVPSOONMGVPGlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3G5uN3eYO8yd5k5zl7nL1DQ1TW1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDPNTAvTwrQyrUxr09q0MW1MO9POtDftTQfTwSSYBNPRdDSdTCfT2XQ2XUwX09V0Nd1MN9PD9DA9TU/Ty/QyiSbR9DV9TT/TzwwwA8wgM8gMNoPNEDPEJJkkM8wMM8PNcDPCjDAjzSgzOvNE1bxlxppxZryZYJJNsplkJpnJZrKZYqaYaWaaSTEpZqaZaWaZWWaOmWPmmrlmnplnFpgFJtWkmkVmkUkzaWaJWWLSTbpZZpaZFWaFWWVWmTVmjVln1pkNsMFsMpvMFrPFbDPbzA6zw+wyu8xus9vsMXvMPrPP7Df7zQFzwBw0B80hc8hkmAxz2Bw2R8wRc9QcNcfMMXPcHDcnzUlzypwyp81pc9acNedN/kvvl97E2pw2l73K5rZX2zz2Gvv3cQFb0MbbQraw1Tafzf+b2Fhri9sStqQtZZ0tbcvYm34XV7SVbGVbxd5uq9o7bLXfxXXsPbauvdfWs/fZ2vbu38T17f22gX3ENkQEsM1tY9vSNrGP2Kb2UdvMNrctbEvb3j5pO9inbIJ92na0z/wuXmQX2zV2rV1n19s9dq89a8/ZI/Ybe97+aHvZ3naQfdkOtq/YIfZVm2SH/i4ebd+0Y+xbdqwdZ8fbCb+Lp9npNsXOsDPtu3aWnf27ONV+YOfaNDvPzrcL7MKf48w5pdkP7RL7kU23ASyzy+0Ku9Kusqv/71yX2412k91sd9tP7Da73e6wO+2urBNhu9fus5/a/fYze9h+bQ/aL+whe9Rm2K9+jjP376j91h6z39nj9oQ9ab+3p+wPKis7c9+/tz/Zi9ZbICQgSYoCiqEcFEs5KRddRbnpaspD11CErqU4uo7y0vWUj/JTASpI8VSICpMmQ5aIQipCRSlKN1DW9EpSKXJUmsrQTVSWbqZydAuVp1upAt1GFakSVaYqdDtVpTuoGt1J1ekuqkE1qRbVprupDt1Ddeleqkf3UX26nxrQA9SQHqRG9BA1poepCT1CTelRakbNqQW1pFb0GLWmx6kNtaV29AS1pyepAz1FCfQ0daRnqBP9jTrTs9SFnqOu9Dx1o+7Ug16gnvQi9aLelEh9qC+9RP2oPw2ggTSIXqbB9AoNoVcpiYbSMHqNhtPrNILeoJE0ikbTmzSG3qKxNI7G0wRKpok0id6myfQOTaGpNI2mUwrNoJn0Ls2i2TSH3qO59D7No/m0gBZSKn1Ai2gxpdGHtIQ+onRaSstoOa2glbSKVtMaWkvraD1toI20iTbTFtpK22g77aCdtIs+pt30Ce2hvbSPPqX99BkdoM/pIH1Bh+hLyqCv6DB9TUfoGzpK3/re9B0dpxN0kr6nU/QDnaYzdJbO0Xn6kS7QT3SRPEGIoQhlqMIgjAlzhLFhzjBXeFWYO7w6zBNeE0bCa8O48Lowb3h9mC/MHxYIC4bxYaGwcKhDE9qQwjAsEhYNo+ENYbHwxrB4WCIsGZYKXVg6LBPeFJYNbw7LhbeE5cNbwwrhbWHFsFL4yH1VwtvDquEdYbXwzrB6eFdYI6wZ1gprh3eHdcJ7wrrhvWG98L6wXHh/2CB8IGwYPhg2Ch8KG4cPh03CR8Km4aNhs7B52CJsGbYKHwtbh4+HbcK2YbvwqrB9+GTYIXwqTAifDjuGz/zcf//irP4nftefGPYJ+4YvhS+F3t8rF0QXRlOjH0QXRRdH06IfRpdEP4qmR5dGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R72vnQMcOuGkUy5wMS6Hi3U5XS53lcvtrnZ53DUu4q51ce46l9dd7/K5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd4Mr5m50xV0JV9KVcs6VdmVcS9fKtXKt3eOujWvr2rkn3BPuSfeke8o95Z52Hd0zrpP7m+vsnnVd3HPuOfe86+a6ux7uBdfTTczzy2sy0fV1fV0/188NcAPcIDfIDXaD3RA3xCW5JDfMDXPD3XA3wo1wI91IN9qNdmPcGDfWjXXj3XiX7JLdJDfJTXaT3RQ3xU1z01yKS3Ez3Uw3y81yVWf/spV5bp5b4Ba4VJfqFrnMc8Y0t8Qtceku3S1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73G632+3x1/wyqNvvDrgD7qA76A65L12G+8oddl+7I+4bd9R9646579xxd8KddN+7U+4Hd9qdcWfdOXfe/eguuJ/cReddcmRiZFLk7cjkyDuRKZGpkWmR6ZGUyIzIzMi7kVmR2ZE5kfcicyPvR+ZF5kcWRBZGUiMfRBZFFkfSIh9GlkQ+iqRHlkaWRZZHVkRWRrwvtC30RXxRH/U3+GL+Rl/cl/AlfSnvfGlfxt/ky/qbfTl/iy/vb/UV/G2+oq/kK/tHfTPf3LfwLX0r/5hv7R/3bXxb384/4dv7J30H/5RP8E/7jv4Z38n/zXf2z/ou/jnf1T/vu/nuvod/wff0L/pevrdP9H18X/+S7+f7+wF+oB/kX/aD/St+iH/VJ/mhfph/zQ/3r/sR/g0/0o/yo2Pe9GOyLpFhgk/2E/0k/7af7N/xU/xUP81P9yl+hp/p3/Wz/Gw/x7/n5/r3/Tw/3y/wC32q/8Av8ot9mv/QL/Ef+XS/NOumsV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mt/sdfqff5T/2u/0nfo/f6/f5T/1+/5k/4D/3B/0X/pD/0mf4r/xh/7U/4r/xR/23/pj/zh/3J/xJ/70/5X/wp/0Zf9af8+f9j/6C/8lf5L9ZY4wxxhj7l0y83BS/7fnldn6fP8gRv1q5LwBcvb1gxq/7M88oN+T7pd1fxLePAMDTvbs+lLXUqJGYmHhp3XQJQdH5AFmfBGX6+asHl+Kl0A6ehARoC2X/cP79Rffz9E/Gj94KkOtXObFwOb48/ucAmPgH4z/2xOhFFcKzcf+P8ecDFC96OScnXI6XQruf76+0hXL/YP75W/+T+ef8Ihmgza9ycsPl+PL8y8Dj8Awk/GZNxhhjjDHGGGPsF/1F5c5Z159Z3/j8o+vzeHU5Jwdcjv/Z9TljjDHGGGOMMcauvGe793jqsYSEtp3//Ua1/1LWv9xoCv9dI3PjDxveA2Q9ogDgPxwQILMh/8q92PqXbCvp0kvn77tWnPMB/M8o5Z/RuMIHJsYYY4wxxtif7vJJ/28fV1dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0V/w7sSu9j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtiV9n8CAAD//7wUAB0=")
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x10000, &(0x7f00000000c0)={[{@subsystem='hugetlb'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
r0 = fspick(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

2m10.652246303s ago: executing program 4 (id=2425):
unshare(0x400)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="05000000050000000100000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0xe, &(0x7f0000000000)=ANY=[@ANYBLOB="0082010105000000852000000400000000000000000300000000000000000000184100000004000000000000000000009500000000000000950000000000000014583000ffffffff18160000", @ANYRES32=r0, @ANYBLOB="000000000000000045abffff00000000183800000400"/32], &(0x7f0000000580)='syzkaller\x00', 0xa, 0x5, &(0x7f0000000140)=""/5, 0x40f00, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x7, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[r0, r0, r0, r0, 0xffffffffffffffff, r0], 0x0, 0x10, 0xfffffffe, @void, @value}, 0xc3)

2m9.317612513s ago: executing program 4 (id=2435):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x1fd, 0x1}, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001080)={0x14, 0x38, 0x301, 0x270bd26, 0x25dfdbfa, {0x9}}, 0x14}}, 0x20004814)

2m8.420487834s ago: executing program 37 (id=2435):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x1fd, 0x1}, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001080)={0x14, 0x38, 0x301, 0x270bd26, 0x25dfdbfa, {0x9}}, 0x14}}, 0x20004814)

44.849713214s ago: executing program 5 (id=3379):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000540)=@v2={0x2, @adiantum, 0x18, '\x00', @a})

44.42959066s ago: executing program 5 (id=3386):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r1}, &(0x7f0000000a00), &(0x7f0000000a40)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r1}, &(0x7f0000000880), &(0x7f00000008c0)=r0}, 0x20)

43.991999664s ago: executing program 5 (id=3393):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffff}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_CE_THRESHOLD={0x8, 0xc, 0x2ff5bc3c}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

43.726572447s ago: executing program 5 (id=3397):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[])

43.56996351s ago: executing program 5 (id=3400):
syz_usb_connect(0x0, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f60c01a83d88008135048567c566a31077d12879017186ecd8521f2b5fb5c13ad79bdd908334ee2e55c41099f7e58f48ff5fa4cfdb9dfc630f7d62592d0771fcb1fb3b4178a87352d8fecc2f93cedf2cb609acadd006c4a0cf360d38ee48e15bec3"], 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x4a243)
close(r0)

43.17977206s ago: executing program 5 (id=3405):
sendmsg(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040)=@rxrpc=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x7fffffff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x9}}, 0x80, 0x0}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="d800000010008104687da3aa7143a0b8c81d080b25000000e8fe55a1180015000600149b000000120800030043000040a8002b000a", 0x35}], 0x1}, 0x20000880)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xfe33)

42.731272206s ago: executing program 38 (id=3405):
sendmsg(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040)=@rxrpc=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x7fffffff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x9}}, 0x80, 0x0}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="d800000010008104687da3aa7143a0b8c81d080b25000000e8fe55a1180015000600149b000000120800030043000040a8002b000a", 0x35}], 0x1}, 0x20000880)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xfe33)

35.332032929s ago: executing program 3 (id=3476):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
recvmmsg(r0, &(0x7f0000001cc0)=[{{0x0, 0x0, &(0x7f0000000740)=[{0x0}, {&(0x7f00000007c0)=""/45, 0x2d}], 0x2}, 0x1b3}], 0x1, 0x10002, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)

34.898574892s ago: executing program 3 (id=3484):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='fdinfo\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
unshare(0x2a020480)
fchdir(r0)

33.79533832s ago: executing program 3 (id=3493):
r0 = msgget(0x2, 0x3a8)
msgrcv(r0, 0x0, 0x0, 0x3, 0x1000)
msgrcv(r0, 0x0, 0x0, 0x0, 0x0)
msgctl$IPC_RMID(r0, 0x0)

33.506640275s ago: executing program 3 (id=3497):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9"], 0x1, 0x61d0, &(0x7f000000cb40)="$eJzs3c2OHFfZB/Cn+ms+8saxsojyWghNEgMJIf4MxhAgyQIWbFggb5GtySSycADZBjmRhSeaDQsuAoTEEhBLVlxAFmzZcQFYspGArFKoZs4Z1zTd7rGd6eqZ8/tJk6qnTtX0qfy7prtdVX0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjvffcHZ6uIuPzztOB4xP9FP6IXsdLUaxGxsnY8rz+IiOdjuzmei4jhUkSVG5+JeD0iPj4Wce/+7fVm0bl99uM7f/zbb3/41Pf/+vvh6X//6Wb/jWnr3br1q3/9+c7j7y8AAACUqK7rukof80+kz/e9rjsFAMxFfv2vk7xcvXD15oL1R61Wq9WHsG6rJ7vTLiJis71N857B6XgAOGQ245Ouu0CH5F+0QUQ81XUngIVWdd0BDsS9+7fXq5Rv1X49WNtpz9eC7Ml/s9q9v2PadJbxa0zm9fzain48O6U/K3PqwyLJ+ffG87+80z5K6x10/vMyLf/Rzq1Pxcn598fzH3N08u9NzL9UOf/BI+Xflz8AAAAAACyw/O//xzs+/7v05LuyLw87/7s2pz4AAAAAAAAAwGftScf/21UZ/w8AAAAWVfNZvfHrYw+WTfsutmb5pSri6bH1gcKkm2VWu+4HAAAAAAAAAAAAAJRksHMN76UqYhgRT6+u1nXd/LSN14/qSbc/7ErffyhZ13/kAQBgx8fHxu7lryKWI+JS+q6/4erqal0vr6zWq/XKUn4/O1parldan2vztFm2NNrHG+LBqG5+2XJru7ZZn5dntY//vuaxRnV/Hx2bjw4DB4CI2Hk1uucV6Yip62ei63c5HA6O/6PH8c9+dP08BQAAAA5eXdd1lb7O+0Q659/rulMAwFzk1//x8wJqtVqtVquPXt1WT3anXUTEZnub5j2D4fgB4JDZjE+67gIdkn/RBhHxfNedABZa1XUHOBD37t9er1K+Vfv1II3vnq8F2ZP/ZrW9Xd5+0nSW8WtM5vX82op+PDulP8/NqQ+LJOffG8//8k77KK130PnPy7T8m/083kF/upbz74/nP+bo5N+bmH+pcv6DR8q/L38AAAAAAFhg+d//jy/U+d/R4+7OTA87/7t2YI8KAAAAAAAAAAfr3v3b6/m+13z+/3MT1nP/59GU86/kX6Scf7r/f/fCm5fH1uu35u++/SD/f96/vf67m//4/zzdb/5LeaZKz6wqPSOq9EjVIE0fc8em2Br2R80jDatef5Cu+amH78bVuBYbcWbPur10PDxoP7unvenpcLu97u+0n9vTPthtz9uf39M+TFc61Su5/VSsx0/iWryz3d60Lc3Y/+UZ7fWM9px/3/FfpJz/oPXT5L+a2quxaePuR73/Oe7b00mP89bVz//yzMHvzkxb0d/dt7Zm/17soD/b/0+eGsXPbmxcP3Xrys2b189GmuxZei7S5DOW8x+mn5z/yy/ttOe/++3j9e5Ho0fOf1FsxWBq/i+15pv9fWXOfetCzn+UfnL+76T2ycf/Yc5/+vH/agf9AQAAAAAAAAAAAAAAgIep63r7FtG3IuJCuv+nq3szAYD5yq//dZKXz6vuP+72f9i7H131X62ec10tWH/mWn9aL1Z/1AtZ/2fB+rNwdVs92ZvtIiL+0t6mec/wi0m/DABYZJ9GxN+77gSdkX/B8vf9NdOTXXcGmKsbH3z4oyvXrm1cv9F1TwAAAAAAAACAx5XH/1xrjf98sq7rO2Pr7Rn/9e1Ye9LxPwd5ZneA0SkDVfcffZ8eZqs36vdaw42/ENPG/x7uzj1s/O/BjMcbzmgfzWhfmtG+PKN94o0eLTn/F1rjnZ+MiBNjw6+XMP7r+Jj3Jcj5v9h6Pjf5f2lsvXb+9W8Oc/69Pfmfvvn+T0/f+ODD166+f+W9jfc2fnz+7Nkz5y9cuHjx4ul3r17bOLPz3w57fLBy/nnsa9eBliXnnzOXf1ly/l9ItfzLkvP/YqrlX5acf36/J/+y5PzzZx/5lyXn/0qq5V+WnP+XUy3/suT8X021/MuS8/9KquVflpz/a6mWf1ly/qdSLf+y5PxPp3qf+a8cdL+Yj5x/PsPl+C9Lzj9f2SD/suT8z6Va/mXJ+Z9PtfzLkvN/PdXyL0vO/6upln9Zcv4XUi3/suT8v5Zq+Zcl538x1fIvS87/66mWf1ly/t9ItfzLkvN/I9XyL0vO/5upln9Zcv7fSrX8y5Lz/3aq5V+WnP+bqZZ/WR58/78ZM2bM5Jmu/zIBAAAAAAAAAAAAAOPmcTlx1/sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/2YEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUV9u4tRq67vgP4mb1540BiIKROasLGMcY4m+z6El9oXUy4NtxKQij0gu1612bBN7x2CTSqHQVKJIyKKtqGh7aAUJuXCqvigVaA8oBaVaoE7QN9QVSoPERVQAGpKq0gW82c//+/M7OzM7ve8ebMOZ+PlPyyM2fmnDnzn9n92vnuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM3ufMPsp2pZltVqtfyCTVn2ovq8YWJT45LXvrDHBwAAAKzdLxr/fu7mdMHhFdyoaZt/uuPbX11YWFjI3jf8p6OfW1hIV0xk2eiGLGtcF139wftrzdsEj2fjtaGmr4d67H64x/UjPa4f7XH9WI/rN/S4frzH9UtOwBI3ZLV0Z9sa/7kpP6XZLdlo47ptHW71eG3DUP3cpdtmtcZtFkZPZHPZqWw2m27ZPt+21tj+63fW9/XWLO5rqGlfW+or5CePHo/HUAvneFvLvhbvM/rR67OJn/7k0eN/feHZ2zrNnqeh5f7y49yxtX6cnwiX5MdayzakcxKPc6jpOLd0eE6GW46z1rhd/b/bj/O5FR7n8OJhrqv253w8G2r893ca52mklnU4T1vCZT+7K8uyy4uH3b7Nkn1lQ9nGlkuGFp+f8XxF1u+jvpRemo2sap3euYJ1Wp8z21rXaftrIj7/d4bbjSxzDM1P048eG2t63n++cC3rNKo/6uVeK+1rsN+vlaKswbguvtN40E90XIPbwuN/dPvya7Dj2umwBtPjblqDW3utwaGx4cYxpyeh1rjN4hrc1bL9cGNPtcZ8Znv3NTh14fS5qfmPffyeudPHTs6enD2zZ9eu6T379h04cGDqxNyp2en839d4totvYzaUXgNbw7mLr4FXt23bvFQXvji25P33Wl+H411eh5vatu3363Ck/cHV1ucFuXRN56+N99RP+viVoWyZ11jj+dm59tdhetxNr8ORptdhx+8pHV6HIyt4Hda3ObdzZT+zjDT90+kYlv9esLY1uKlpDbb/PNK+Bvv980hR1uB4WBff27n894It4XifmFztzyPDS9Zgerjhvad+Sfp5f/xAY3Ral7fXr7hxLLs4P3v+3keOXbhwflcWxrp4WdNaaV+vG5seU7ZkvQ6ter0enrvjids7XL4pnKvxe+r/Gl/2uapvs/fe7s9V47tb5/PZcunuLIw+W+/z2em7ef18jmXZ57/12IPfePTzb1j2fNbz5iem1v6zeMqlTe+/o8u8/8bc/3y+v3RXjw+PjuSv3+F0dkZb3o9bn6qRxntXrbHv56ZW9n48Gv5Z7/fjW7q8H29u27bf78ej7Q8uvh/Xev1px9q0P5/jYZ2cmu7+flzfZvPu1a7Jka7vx3eFWQvn/zUhKaRc1LR2llu3aV8jI6PhcY3EPbSu0z0t24+GbFbf11O7r22d7rgrv6/h9OgWrdc6nWjbtt/rNP3Z13LrtNbrT9+uTfvzOR7WxS17uq/T+jZP7137e+cN8T+b3jvHeq3B0eGx+jGPpkXYeL/PFm6Ia/De7Hh2NjuVzTSuHWusp1pjX5P3rWwNjoV/1vu9cnOXNbijbdt+r8H0fWy5tVcbWfrg+6D9+RwP6+LJ+7qvwfo2b9zf359dd4RL0jZNP7u2//nacn/mdXvbabpea2UkHOe39nf/s9n6NqcOrDZndj9Pd4dLbuxwntpfv8u9pmay9TlPm8NxPntg+fNUP576Np87uML1dDjLsksfub/x573h71f+7uJ3v9ry9y6d/k7n0kfu//GLT/zjao4fgMH3fD425t/rmv5maiV//w8AAAAMhJj7h8JM5H8AAAAojZj74/8Vnsj/AAAAUBox94+EmVQk/29+47Nzz1/KUjN/IYjXp9PwQL5d7LhOh68nFhbVL7//y7P//Q+XVrbvoSzLfv7AH3TcfvMD8bhyE+E4r76p9fIlvnrPivZ99OFLab/N/fUvhPuPj2ely6BTBXc6y7Kv3/yZxn4m3n+lMZ9+4GhjPnj5icfr2zx3MP863v6Zl+Xb/0Uo/x4+cazl9s+E8/DDMKff1vl8xNt95cprtux/7+L+4u1qW29qPOwnP5Dfb/w9OZ99PN8+nufljv8bn37qK/XtH3lV5+O/NNT5+J8K9/vlMP/3Ffn2zc9B/et4u0+G44/7i7e790vf7Hj8Vz+Vb3/uzfl2R8OM+98Rvt725mfnms/XI7VjLY8re0u+Xdz/9Hf/uHF9vL94/+3HP37kSsv5aF8fT/9bfj9TbdvHy+N+or9v23/9fprXZ9z/U390tOU899r/1QefeUX9ftv3f3fbduc+srOx/8X7a/2NTX/5yc903F88nsN/e67l8Rx+d3gdh/0/+YGwHsP1/3c1v7/2365w9N2t7z9x+y9sutTyeKK3/jTf/9XXnWzMDeM3bLzxRS++6fIr6+cuy76zIb+/Xvs/+VdnW47/i7fm5yNeHzv67ftfTtz/+Y9Onjk7f3FuJp3VR29u/O6ct+fHE4/35vDe2v71kbMXPjh7fmJ6YjrLJsr7K/Su2ZfC/HE+LnffemHJO+jOh8Pzefuff33j9n/9dLz839+TX37lbfn3rVeH7T4bLt8Unr/V7X+pJ++8tfH6rj0djnBh6e8LXost2/7rwIo2DI+//eeCuN7PvfyDjfNQv67xfSO+rtd4/N+fye/na+G8LoTfzLz11sX9NW8ffzfClYfy1/uaz194m4vP69+E5/sdP8zvPx5XfLzfDz/HfHNz6/tdXB9fuzTUfv+N3+JxObyfZJfz6+NW8Xxfee7WjocXfw9Jdvm2xtd/ku7ntlU9zOXMf2x+6tTcmYuPTF2Ynb8wNf+xjx85ffbimQtHGr/L88iHet1+8f1pY+P9aWZ2396s8W51Nh/X2Qt9/OcePj6zf3r7zOyJYxdPXHj43Oz5k8fn54/PzsxvP3bixOxHe91+bubQrt0H9+zfPXlybubQgYMH9xycnDtztn4Y+UH1sG/6w5Nnzh9p3GT+0N6Du+67b+/05OmzM7OH9k9PT17sdfvG96bJ+q1/f/L87KljF+ZOz07Oz3189tCug/v27e752wBPnzsxPzF1/uKZqYvzs+en8scycaFxcf17X6/bU07z/5H/PNuulv8ivuxdd+9Lv5+17suPLXtX+SZtv0D02fC7aP75JecOrOTrmPtHw0wqkv8BAACgCmLuHwszkf8BAACgNGLu3xBmIv8DAABAacTcPx5mUpH8X7r+/+ZLK9q//r/+f/P50v+vWP//oaL1//P3C/3//lhr/17/P9D/1//X/9f/1/+nD4rW/4+5/4Ysq2T+BwAAgCqIuX9jmIn8DwAAAKURc/+NYSbyPwAAAJRGzP0vCjOpSP7X/9f/1//X/9f/77x//f/BpP/fnf5/D/r/U1m1+v+X+3n8+v/6/yxVtP5/zP0vDjOpSP4HAACAKoi5/6YwE/kfAAAASiPm/pvDTOR/AAAAKI2Y+zeFmVQk/+v/6//r/+v/6/933r/+/2DS/+9O/78H/X+f/6//r/9PXxWt/x9z/0vCTCqS/wEAAKAKYu5/aZiJ/A8AAADFM3JtN4u5/2VhJkvy/zXuAAAAAHjBxdx/S9ZWBK/I3//r/+v/F7//vyFdp/+v/58Vsv8/nOn/F4f+f3f6/z3o/+v/6//r/9NXRev/N3J/Np69PMykIvkfAAAAqiDm/lvDTOR/AAAAKI2Y+38pzET+BwAAgNKIuX9zmElF8r/+v/5/8fv/Pv9f/7/o/X+f/18k+v/d6f/3oP+v/6//r/9PXxWt/x9z/21hJhXJ/wAAAFAFMfffHmYi/wMAAEBpxNz/y2Em8j8AAACURsz9W8JMKpL/9f8L3v+PzVH9f/1//X/9f/3/FdH/707/vwf9f/1//X/9f/qqaP3/mPtfEWZSkfwPAAAAVRBz/x1hJvI/AAAAlEbM/a8MM5H/AQAAoDRi7p8IM6lI/tf/L3j/P+/Bj/n8f/1//X/9f/3/ldH/707/vwf9f/3/vvT/Fy7p/+v/kyta/z/m/jvDTCqS/wEAAKAKYu7fGmYi/wMAAEBpxNx/V5iJ/A8AAAClEXP/tjCTiuR//f+B6P9n+v/6//r/+v/6/yuj/9+d/n8P+v/6/z7/X/+fvipa/z/m/leFmVQk/wMAAEAVxNy/PcxE/gcAAIDSiLn/1WEm8j8AAACURsz9O8JMKpL/9f/1//X/9f/1/zvvX/9/MOn/d6f/34P+v/6//r/+P31VtP5/zP2vCTOpSP4HAACAKoi5f2eYifwPAAAApRFz/91hJvI/AAAAlEbM/ZNhJhXJ//r/+v/6//r/+v+d96//P5j0/7vT/+9B/1//X/9f/5++Klr/P+b+e8JMKpL/AQAAoApi7r83zET+BwAAgNKIuX8qzET+BwAAgNKIuX86zKQi+V//X/9f/1//f1X9/1cu3q/+f07/v1j0/7vT/+9B/1///wXv/4/q/1MqRev/x9y/K8ykIvkfAAAAqiDm/t1hJvI/AAAAlEbM/XvCTOR/AAAAKI2Y+/eGmVQk/+v/6//r/+v/+/z/zvvX/x9M+v/d9b//Hx+i/r/+v/6/z//X/2epovX/Y+6/L8ykIvkfAAAAqiDm/n1hJvI/AAAAlEbM/fvDTOR/AAAAKI2Y+w+EmVQk/+v/6//r/+v/6/933r/+/2DS/+/O5//3oP+v/6//r//PGj30h81fFa3/H3P/wTCTiuR/AAAAqIKY+18bZiL/AwAAQGnE3P8rYSbyPwAAAJRGzP2/GmZSkfyv/9/SPa8/XP1//X/9f/3/Bv3/waT/353+fw/6//r/+v/6//TVsv3/EL3Xu/8fc/+hMJOK5H8AAACogpj7fy3MRP4HAACA0oi5/3VhJvI/AAAAlEbM/YfDTCqS//X/ff6//r/+v/5/5/2vd/9/LN6v/v+a6P93p//fg/6//r/+v/4/fVW0z/+Puf/1YSYVyf8AAABQBTH33x9mIv8DAABAacTc/4YwE/kfAAAASiPm/jeGmVQk/+v/6//r/+v/6/933r/P/x9M+v/d6f/3oP+v/6//r/9PXxWt/x9z/5vCTCqS/wEAAKAKYu5/c5iJ/A8AAAClEXP/W8JM5H8AAAAojZj73xpmUpH8r/+v/6//r/+v/995//r/g0n/vzv9/x70//X/9f/1/+mrovX/Y+7/9TCTiuR/AAAAqIKY+x8IM5H/AQAAoDRi7n9bmIn8DwAAAKURc//bw0wqkv/1//X/9f/1//X/O+9f/38w6f93N2D9/1/cFC7X/8/p/xf7+Ffb/x9p+/q69P9/sFz/f2FD++31/7keitb/j7n/HWEmFcn/AAAAUAUx978zzET+BwAAgNKIuf9dYSbyPwAAAJRGzP2/EWZSkfyv/18/jsX2sv5/Wfv/Q/r/+v/6/xWh/9/dgPX/ff5/G/3/Yh+/z//X/2epovX/Y+5/d5hJRfI/AAAAVEHM/Q+Gmcj/AAAAUBox9z8UZiL/AwAAQGnE3P+eMJOK5H/9f5//X43+v8//z/T/9f8rQv+/O/3/HvT/9f+L1v//T/1/BlvR+v8x9z8cZlKR/A8AAABVEHP/e8NM5H8AAAAojZj7fzPMRP4HAACA0oi5/31hJhXJ//r/g9L/nxjQ/v9j+v/Xsf9/x035dvr/+v8s0v/vTv+/B/1//f+i9f99/j8Drmj9/5j73x9msvL8P77iLQEAAIAXRMz9vxVmUpG//wcAAIAqiLn/t8NM5H8AAAAojZj7fyfMpCL5X/9/UPr/Pv8/0//3+f9tj0f/X/+/k/Xr/8d3Hv1//X/9/0j/X/9f/592Rev/x9z/u2EmFcn/AAAAUAUx938gzET+BwAAgIHQ6f/Jbhdz/5EwE/kfAAAASiPm/qNhJhXJ//r/+v/6/wXt///Z1n/53rffeXSX/r/+v/7/qqzr5//XX/w+/1//X/8/0f/X/9f/p13R+v8x9x8LM6lI/gcAAIAqiLn/98JM5H8AAAAojZj7j4eZyP8AAABQGjH3z4SZVCT/6//r/+v/F7T/P8Cf/x/Ph/5/q771/+Obrv5/R3n/Pq2i69v/f+9iT1z/f7X9/7GOl+r/6/8P8vHr/+v/s1TR+v8x98+GmVQk/wMAAEAVhNw/dCKfi1fI/wAAAFAaMfefDDOR/wEAAKA0Yu7/YJhJRfK//r/+v/6//r/P/++8/279/9qIz/8vqtS//1njhaL/36Y4/f/O9P/1/wf5+PX/9f9Zqmj9/5j758JMKpL/AQAAoApi7v9QmIn8DwAAAKURc/+Hw0zkfwAAACiNmPtPhZlUJP/r/+v/6//r/+v/d95/YT//X/+/q7X27/X/A/3/avf//0f/X/9f/5/+KFr/P+b+02EmFcn/AAAAUAUx958JM5H/AQD+n707abKzLvs4fvp5wpNO8SzcuXBjlUtfAgtd6wtw4caNVZYLJ1ScCc4jioqzIjgPOIAgooLzAE4ozqDiPA84IUrFonNdV9Ldd9+nOzndfd///+ezyCVtmnOkUgm/dL7eANCM3P2PjVvsfwAAAGhG7v7HxS2d7H/9/9n0/6cqZf3/5vc/if7/Qfr/nV5f/6//b5n+f5z+fwn9v+f/6//1/6zU1Pr/3P2Pj1s62f8AAADQg9z9T4hb7H8AAABoRu7+8+MW+x8AAACakbv/iXFLJ/t/S/+/tuiz/8+M1/P/W+r/Pf9/x9fX/+v/W3aw/f9F9/7Mp//X/+v/g/5/V/3/0Z0+X/9Pi6bW/+fuf1Lc0sn+BwAAgB7k7n9y3GL/AwAAQDNy918Qt9j/AAAA0Izc/U+JWzrZ/6t7/v+xjY/PtP8v+n/9/8YH9P/6f/3/bHn+/7ie+v/zbz33MXdee7/r9vL6+n/9v+f/6/9Zran1/7n7nxq3dLL/AQAAoAe5+58Wt9j/AAAA0Izc/U+PW+x/AAAAaEbu/mfELZ3s/9X1/7N+/n/R/+v/Nz6g/9f/6/9nS/8/rqf+/0xeX/+v/9f/6/9Zran1/7n7nxm3dLL/AQAAoAe5+58Vt9j/AAAA0Izc/RfGLfY/AAAANCN3//G4pZP9r//f//7/Hv2//j+u/l//r//ff/r/cfr/JfT/+n/9v/6flZpa/5+7/6K4pZP9DwAAAD3I3f/suMX+BwAAgGbk7n9O3GL/AwAAQDNy9z83bulk/+v/Pf9f/6//1/8Pv77+f570/+P0/0vo/8+2nz9H/6//1/9zuj32/3eP/LS9kv4/d//z4pZO9j8AAAD0IHf/8+MW+x8AAACakbv/BXGL/Q8AAADNyN3/wrilk/2v/9f/6//1/2fc/2//obdB/z9M/38w9P/jJtP/rx0Z/LD+f/b9v+f/6//1/2wytef/5+5/UdzSyf4HAACAHuTuf3HcMrL/9/yb+QAAAMChyt3/krjF1/8BAABg9rI6y93/0rilk/2v/9f/6//1/57/P/z6Y/3/dae9P/3/tOj/x02m/9+B/l//P+f3r//X/7Pd1Pr/3P0vi1s62f8AAADQg9z9F8ct9j8AAAA0I3f/y+MW+x8AAACakbv/FXFLJ/t/uP8/9d/r/3dH/7/5/ev/h398rKr/z7+j/n+0/3+w5//3Sf8/7uD7/6P6/81/f/3/Pjrs9994/39s2efr/xkytf4/d/8lcUsn+x8AAAB6kLv/lXGL/Q8AAADNyN3/qrjF/gcAAIBm5O5/ddzSyf73/H/9v/5/fv2/5/+fdJjP/18ceP9/RP+/S/r/cZ7/v4T+X/+v//f8f1Zqav1/7v5L45ZO9j8AAAD04NK7Fhu7/zWLhf0PAAAAc3T6nx3Y+gdKQ+7+18Yt9j8AAAA0I3f/6+KWTva//l//r//X/+v/h19/Wv2/5//vlv5/nP5/Cf3/fvTzRxrr/y/b6fOn0P9fqP9nYjb1/zec+vhh9f+5+18ft3Sy/wEAAKAHufvfELfY/wAAANCM3P1vjFvsfwAAAGhG7v43xS2d7P997/+P7fza+n/9v/5f/6//1/+vmv5/nP5/Cf2/5/97/r/+n5U61f9v/vnwsPr/3P1vjls62f8AAADQg9z9b4lb7H8AAABoRu7+y+IW+x8AAACakbv/rXFLJ/vf8//1//p//b/+f/j19f/zpP8fp/9fQv+v/9f/6/9ZqU3P/z/NYfX/ufsvj1s62f8AAADQg9z9V8Qt9j8AAAA0I3f/2+IW+x8AAACakbv/7XFLJ/tf/7+//X9+XP+v/1/o//X/+v8D0W3/vzb0K9F2O/T/Nz/q+EM3f0T/r//X/+v/9f+swCT6/xOn/u0yd/874pZO9j8AAAD0IHf/O+MW+x8AAACakbv/XXGL/Q8AAADNyN3/7rhlj/v/Pit9VwdH/+/5//p//b/+f/j19f/z1G3/v0ue/7+E/l//r//X/7NSk+j/T/vr3P3viVt8/R8AAACakbv/vXGL/Q8AAADNyN3/vrjF/gcAAIBm5O5/f9zSyf7X/+v/9f/6f/3/8Oufaf+/vhim/z8Y+v9x+v8l9P/6f/2//p+Vmlr/n7v/yrilk/0PAAAAPcjd/4G4xf4HAACAZuTu/2DcYv8DAABAM3L3fyhu6WT/6//1//p//b/+f/j1Pf9/nvT/4/T/i8XiqpE3MNT/nziq/9f/6//1/5yhqfX/ufs/HLd0sv8BAACgB7n7r4pb7H8AAABoRu7+q+MW+x8AAACakbv/I3FLJ/tf/6//1//r//X/w6+v/58n/f84/f8Snv+v/9f/6/9Zqan1/7n7r4lbOtn/AAAA0IPc/dfGLfY/AAAANCN3/0fjFvsfAAAAmpG7/7q4pZP9r//X/+v/9f/70v8f1/9vpf8/GPvX/y/0//p//f8S+n/9v/6frQ6q/787fr5f1v/n7v9Y3NLJ/gcAAIAe5O6/Pm6x/wEAAKAZufs/HrfY/wAAANCM3P2fiFs62f/6f/2//l//7/n/w6+v/58nz/8fp/9fQv+v/9f/6/9ZqYPq/3fq/bf+de7+T8Ytnex/AAAA6EHu/hviFvsfAAAAmpG7/8a4xf4HAACAZuTu/1Tc0sn+1//r/zf3/4uF/l//r/8/6QD6//WF/n/l9P/j9P9L6P/b7P//Z9FQ/39sx8/X/zNFU+v/c/d/Om7pZP8DAABAD3L3fyZusf8BAACgGbn7Pxu32P8AAADQjNz9n4tbWtr/9+ycvs2//z+65RP1/4vF4rYLPP9f/z/y+vr/yfT/9U9V/786+v9x+v8l9P9t9v+e/6//59BMrf/P3f/5uKWl/Q8AAACdy93/hbjF/gcAAIBm5O7/Ytxi/wMAAEAzcvd/KW7pZP/Pv//f+on6/8VZPf9f/7/xAf2//l//P1tn299fvh6/pun/9f/6/8F+fm2Hf+9Z6P/1//p/Bkyt/8/d/+W4pZP9DwAAAD3I3X9T3GL/AwAAQDNy998ct9j/AAAA0Izc/V+JWzrZ//p//b/+f579/7r+X/+v/x80lef/n3feQ27R/+v/W+z/x+j/9f/6f7aaWv+fu/+rcUsn+x8AAAB6kLv/a3GL/Q8AAADNyN3/9bjF/gcAAIBm5O7/RtzSyf7f3v+fszhZqJ401P9Ho6b/P43+f/P71/8P//jw/H/9v/5//02l//f8/zN7//p//f+c3/+e+v/7b/98/T8tmlr/n7v/lrilk/0PAAAAPcjd/824xf4HAACAZuTu/1bcYv8DAABAM3L33xq3dLL/Pf9f/6//1//r/4dfX/8/T/r/cfr/JfT/Z9/P58+q+v/5Pv//f/X/rM7U+v/c/d+OWzaG3wP+/wz/ZwIAAAATkrv/O3FLJ1//BwAAgB7k7v9u3GL/AwAAQDNy938vbulk/+v/9f/6f/2//n/49fX/86T/H6f/X6Kf/n996IOH3c+frcN+/830/57/zwpNrf/P3f/9uKWT/Q8AAABtu2vj29z9P4hb7H8AAABoRu7+H8Yt9j8AAAA0I3f/bXFLJ/tf/6//b7//f4T+f8vr6//1/y3T/+ev6MP0/0v00/8POux+fu7vX/+v/2e7qfX/uftvj1s62f8AAADQg9z9P4pb7H8AAABoRu7+H8ct9j8AAAA0I3f/T+KWTva//r+v/n9t0WP/7/n/+n/9f0/m0/9fcWToo57/r//X/8/3/ev/9f9sN7X+P3f/HWtHutz/AAAAMFcPe+Cjb9/t971j49v1xU/jFvsfAAAAmpG7/2dxi/0PAAAAzcjd//O4pZP9r//vq//v8/n/+n/9v/6/J/Pp/4fp//X/+v/5vn/9v/6f7abW/+fu/0XcctrwG/w/6AEAAAAOz//t7bvn7v9l3NLJ1/8BAACgB7n7fxW3bNv/J3b5p9oBAACAqcnd/+u4pZOv/+v/J97/L/ap/4/vp/8/Sf+v/x96ff3/POn/x51l/39iTf+v/x+h/9f/6//Zamr9f+7+669ZdLn/AQAAoFGbfkfhNxvfri9+G7fY/wAAANCM3P2/i1vsfwAAAGhG7v7fxy2d7H/9/8T7/zN6/v+x+k+e/995/3/x+uDr6//1/y3T/4/z/P8l9P/6f/2//p+V2kP/vzFI97v/z93/h7ilk/0PAAAAPcjd/8e4xf4HAACAZuTu/1PcYv8DAABAM3L3/zlu6WT/6/8Pof+/5Ohisa/9/y6e/6//76P/3+H12+n/73vu8Zse/sirr9T/c8pB9v/5Y0H/r//X/5+k/9f/6//ZamrP/8/d/5e4pZP9DwAAAD3I3X9n3GL/AwAAQDNy9/81brl3/994WO8KAAAAWKXc/X+LWzr5+r/+v8Xn/8+z/89/1ofQ/x+fX/+fTXHv/b/n/+v/t/P8/3H6/yX0//p//b/+n5WaWv+fu//vcUsn+x8AAAB6kLv/H3FL7v+1Pf/WPQAAADAxufv/Gbf4+j8AAAA0I3f/XXFLJ/tf/6//n0r/nzz//9Tnef7/Sfp//f9e6P/H6f+X0P/r//X/+n9Wamr9f+7+f8Utnex/AAAA6EHu/rvjFvsfAAAAmpG7/99xi/0PAAAAzcjd/5+4pZP9r//X/+v/9f/6/+HX1//Pk/5/nP5/Cf2//l//r/9npabW/+fu/28AAAD//xDQcaQ=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0)

32.346460648s ago: executing program 3 (id=3512):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x2)
read(r0, 0x0, 0x0)
readv(r0, &(0x7f00000008c0)=[{&(0x7f00000002c0)=""/156, 0x9c}], 0x1)

31.582214214s ago: executing program 3 (id=3517):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xb, 0xe, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0xa4bf, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x4, &(0x7f0000001800)={{r0}, &(0x7f0000001780)=0x4, &(0x7f00000017c0)='%-010d \x00'}, 0x20)

31.158642841s ago: executing program 39 (id=3517):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xb, 0xe, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0xa4bf, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x4, &(0x7f0000001800)={{r0}, &(0x7f0000001780)=0x4, &(0x7f00000017c0)='%-010d \x00'}, 0x20)

3.874653878s ago: executing program 2 (id=3781):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet_sctp(r0, &(0x7f0000003f40)=[{&(0x7f0000000000)=@in={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000040)="1c", 0x1}], 0x1, &(0x7f0000000200)=[@init={0x18, 0x84, 0x0, {0xc71f, 0xfff, 0x8, 0xc4}}], 0x18, 0x48060}], 0x1, 0x200000d0)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000002c00)={0x0, 0x8e}, &(0x7f0000002c40)=0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

3.873971668s ago: executing program 0 (id=3782):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000002080)={0x0, 0x10, &(0x7f0000002040)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f00000020c0)=0x10)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100), &(0x7f0000000140)=0x4)

3.478800946s ago: executing program 0 (id=3786):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000940)=[{{&(0x7f0000000140)={0xa, 0x4e24, 0x9, @remote, 0x5}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000000480)="e36e1be41a47", 0x6}], 0x1}}], 0x1, 0x40040d4)
shutdown(r0, 0x1)
getsockopt$bt_hci(r0, 0x84, 0x85, &(0x7f0000002380)=""/4107, &(0x7f00000000c0)=0x1012)

3.350741871s ago: executing program 6 (id=3788):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000300)={[{@utf8no}, {@uni_xlateno}, {@fat=@nfs_nostale_ro}, {@uni_xlate}, {@fat=@umask={'umask', 0x3d, 0x9}}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@utf8no}, {@numtail}, {@numtail}, {@rodir}]}, 0x2a, 0x358, &(0x7f0000001f80)="$eJzs3TtsW1UYAODfva6dVpRkQKpgMmyVUNUEMcCUqCpSRQYosngtBJryyDWVYmEpDHWygBhBLEgwsXWAsTNiQMDGwEqRUAGx0C1SKy6y7419/SgNIDc8vm+wfp3z//ecc3tU31jxyQvLsXH+cFy4fv1azM1Vorp8ejl2K7EQhyKJ3HYAAP8lu1kWv2a522e/d3Qvqs14XgDA7PTf/18+NmyoD8NKxImvXnz0QOYFAMzOfn7+TyKemNpxcZYzAwBmZTfG3v8fGOke+5i/OvidAADg3+upZ597fGU14lyjMRfRervT7DSj9JH/yoV4NdJYj1MxHzcj8geF/Gmh9/rY2dUzpxo9Py5Es1fRaUa0up1m/qSwkvTr67EY87FQ1GeD+qRXv9ivb0TEdrc/frQqnebhOFqM/93RWI+lmI97Juojzq6eWWoUF2i29uq7ETsxt7eI3vxPxnx881JcjDTOR692OP9Li43G6Wx1pL5zud7PAwAAAAAAAAAAAAAAAAAAAACAWTjZGFgYnH+Ttbqdt86NJyyMnI/TzLuL84F28vOBsvre6TzvJOPnA42ez9NpVuPQga4cAAAAAAAAAAAAAAAAAAAA/jnaW7VYS9P1zfbWmxv9oJoH3WFL+/UvP/n8SJRy+sFrybAlqvnlRnKKtihVJTEozwblWTKSUwRJxDD58pXBjMs59cEqJsp7QX2iq1LMaS1Nj93/w4fTqn4btiSxeYsrF0GlGL/U1bo7b/qDqlsHS7fJuZpl2dSu3kQ+mKyKSkR14h/u7wS1Ivji2iv3PtQ+/nC/67Pi0IcTD84/ffX9j3/eWEujuDVpWtts38z+8qBJaf9Uivu8PWUnTA92hi07m+2tteTbX565792vx5KT6fsnK7e8MdJV2sZp+un46LU86N2B/az08JTNPz14/sZg9/75m3n8o+W1K5e+/2m/VaX/JBzUAQAAAAAAAAAAAAAAAAAAd0Tpu+L7kn+t+5EnI6I225kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ0z/Pv/pWBnomU/wY1uTHbV1zfbcdfEsIf6r0cOYMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwv/R4AAP//Co12rg==")
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@FILEID_UDF_WITH_PARENT={0x14, 0x52, {{0x7fff, 0x6, 0x7}, 0x0, 0x9}}, &(0x7f0000000180), 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

3.215960844s ago: executing program 0 (id=3789):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
get_robust_list(0x0, &(0x7f00000001c0)=0x0, &(0x7f0000000200))

3.179398104s ago: executing program 2 (id=3790):
syz_mount_image$bcachefs(&(0x7f0000000000), &(0x7f0000005900)='./bus\x00', 0x10000, &(0x7f0000000340)=ANY=[@ANYBLOB='fsck,inline_data,nocow,degraded,str_hash=siphash,norecovery,discard,reconstruct_alloc,erasure_code,acl,no_splitbrain_check,hash,uid=', @ANYRESDEC=0x0, @ANYRES64], 0xfb, 0x58d9, &(0x7f000000b240)="$eJzs3XuQXFWdOPBzu2cynZk8JgEkgkyGQBRBzYRX4aM0+vNVgFQsLCX8ojCQCUaTkEqCQEAJLrhQgIWWlqL+gRZSi0aLKlglUiKPTVhFKVaX2kJqZRf9wy1kSQlkKct1tmb6nk7Pnb5ze7p7QgKfTyVz+5y+/T3nnnv6Tn/P9EwHAAAAXhV2X7tl71lHvO8Xnx958aoP/mTD1aGvPF5fiTv0p9vLXq4esj/1dC0a32bnxRuu+N4fBi98z8/v7P3uS7vWHL32t+895MJ7P3X6zlu++cALc+/+29NFceN8On5fOXk2CaHy0z1f/cKuRw4fq0tCCOWkf3sIC5KFDyxIMiGG/hJCWJMWFmXuvOvFk9aOba++oWdC/fzMfub7q1slnWfb9l56Qvjdu1dd86vFP/xB945ntu/bJanUzacQ5p1f//juEMLs9P+YONvifIyTdmUIobfucacV9OuYJvu/LKd8ZLqdlW77CuLE+5dkyqXMftly1J3Z9ha01668frS6X5E5mXL2YtSuvH7G+gXp9sfp9vhpxi/H/0koJaGr1v31yb45EurOWxKS8XNZqZVLtXMb0uPPlJNMuZQpl7szxzXebjrRykkysT7ul6mPl+OutP7o+mt1A2fn1L823VbSJ+pLsRyyN6r6Jt2oHde42K89U/RlfyjVXYMa1ddOfHoy+tK6vmThpMeMNhDv27XqxqXl1Q/u7s/pR3JnksZPWoq/7ZcL5nzi+9dfkv2+Xot/fimNX2op/lNnPPrcudd/5xu58W+O8cstxT/xvt5nz3jo2iW547Mnjk9XS/GHn374psWHXrAjt/+3xviVluKv2Ploz9y9992f2/+hOD6zW4r/5Nvf//s7Hr/nmdz4IcbvbSn+6p2bvtgzsPe43Pj3x/Hpa23+PL/j1CcGBv44mBf/sRh/bkvxb99+y9tum3/D6bnnd2Ucn/6W4p957L3XzNl7z1F5187k1k595wR4dTokfY11XVpuNc9sV12+8PXBruprvjnp/7mdbChjrJ15MxgfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFenw0745w/850f7n+1Kyz3pjSdL1W2snxVCMjuEsGXr8Oat6zZeNPipiy/ZvHF4/eDw1sGRjVs3Xz548psGN49sWj98+di9Q28+qfq4hSGpbpOjJrU9Ojo6WuqfWBfb+3/H7vjd0tP+608hDB32m4Gu3P4vu2XDbYc2+JqRrBh914ZLzvrNKd9Oj6s/7Vd/Tr9CTr/++5y/3vblPX84LoSh10zVr4effOfPJnRovGJfnFSpJ1Q71JP0NuxHrddpf+J4da1dt35kqHh8yznH8f+veOYvay/70l+r41vJPY4mx3f2itH1pa+tOvN/v3ZlteJAPe9F4x2PIvYvjl8lHe956XHNyzmurpzjuvZX9z/+0yOuf2F7GOp6fvHktouOqzudAN3Ja5tqN7bQmyyYUF9J949nPD5u2dYNm5ZtuXzbm9dtGL5o5KKRjW9dfvLyU4dOOfWUZeNHvqzDxx/bf32Tx79/5tP8z2z/cfza3Hwq6lfReIz1q3g86nuU9/zrPfsLX3nrLQ+dVa0omudx79r1JN32jp3n5aFuvk0eq0bHVTQOIYTBRuPw3Aunh8P/bd01Rdeh+jNT/zUjWTH6yJI/f/u0by16R7Viv1zn6zvU4nW+1ut9/Rkfr0p6Pg7U8e0J5fS4+hr2a/kjD3XfuPtPn631b9ascNnw1q2bl1e/zkl7Oic5smG/srXxuBaPfy2HdFhCbZo2mK9jukO1f9nrZ9w9O6p96X19ycKGx5UV79u16sal5dUP7s4b6eTOaouzw9zqNnldzp7rMw8s1zrcqP2DdX4MfOBbd3/07h+dPGl+nFj9WnRcSc5x/fDx27/y3S/9/Y86d1wfeOej/X/+908urVYcLNeVWq/T/iT115UTQyh6/i0OjY8j9/lXanw8Rc+/bDv79m8cbzBT7gvllp6vJ97X++wZD127JPf5uqfZ5+uVE0rlgufrgTJ/Xr7n14SJkqwY/fl1h2x/4KqVR1QriuZ1be9G8/qkJvKPnOP62blPDFw8+Hf/2rnrxvfedNd5vx1e8blqxYFy3ivp+FZyxrfW65h31o/vWy68eP2aav2B+/o33RbkP/FSsuXybZ8eXr9+ZPOW5o6r2e+nsZ3sKLf6/TRe3RYWHFdp0nHN3I1mxqvZ51vs/5qWx2vi860vJC19X9j2ywVzPvH96y/pn/SotKHzS2n8Ukvxnzrj0efOvf4738iNf3OM39VS/OGnH75p8aEX7MiNf2uSxq+0FH/Fzkd75u697/7c+EOx/7Nbiv/k29//+zsev+eZBvHHAychxu9rbfyf33HqEwMDf8zt/2PV8Rn7OieEcNeLJ62tlpPQnT7fYj+66x83/tplQjnJlEuZcrk7c3Czwr4GykkysT7ul9YfXdeXRj6WUx9fhVUWVbcvxXLI3pi6/kBTqrv2N6ovep0KAPBKF3/+H1+Dxp//j6QvlPJXGmCfdvOwRTlxYx62bz1n1oT7F6Xx4+PjOuDAW8LQ2PbqweoL/emuc8bnQ3adM7Zz3DETY7S6zlm0/r4kU479qq6Xd9XloanJeU1XaGL9fXI7U6+/Zw6/eH188LpJ3RqsW7fKnr/udMWs0fsdMv3dNBYhb35k18Xi+zkG5oWV4+01OT+y76OJ5yH7PprYzhGZC2er76Npd37Ebk8xP8a7XPzzjcnnL0wxvvvOX+NoSyYEGh2dxvmujO0/0z+fPfjXDWf252HWJXPip0+wA33dMNbH4+hqcj3xozn1nVpPjJeL2K89U/Rlf7CeCLxSxfw/fo8Yy//HXoD/T2a/oteh2VeNMV7u+4TKjftTlHdMfp9eb0vfx1fv3PTFnoG9x+W+zrm/2ff9bJpQ6i1430/ROC7NlAvHMWeBpijfy7ZTNO7Z92X0hbktjfvt2295223zbzg9d9xXVr+RFo/7VyaU5haMu3whJ7584YDIF2Z6/exly0fSNz7NVD7ykZz66eYjvZNu1I5r3EGXj3Tv334BAAePmP/Xfn6W5v//kdmvKG89PlOO8XLz1pzXJ3l564fS7WWZ/fvS36iY7uvmM4+995o5e+85KjdvubXZPPQfJpT6C/PQ9vLm3DxiZWfeL56bR9TyrPbyxNz+1/LE9vL03Pi1PL29PDp3fGp5dHvrALnxa+sAB3ueO7Prda/YPDr99dmZyqPPzqmfbh7dN+lG7bjGyaMBAF5eMf+PL+Ni/v9QZr92X7fn5gUdet2e/XsgtfiP7a+8cqbzvpnOW2c6r5/pdYmDPS+e6XWhmV0nkxen5ZC9USUvBgDgQBDz/9lpOT//by8/yc3favmJ/LxhfPn5AZKfH+zrX/J/+X8x+T8AwCtbzP/jrz3Gv//3T2k5+3fr5ek58eXp8vSc+HOnlafP9DqbdQDrAMWsAwAAvLJ0j2dKk3/P/uPpNvt79nm/l39uzv7N6hr/HfsQLti6eWTkvEs2rRneOnLexovXjGw579LN67ZuHdlY3a/dvDE3b0nzxu7QlY5H4/2yedv89O8hzM/5ewjZ/WPYI8dvTP57CNlmZxf8HYF956+5/uadv9IU+zeaH3nnOy/+x3L2j2rn/8JPnnje2i3nrdu4buu64fXrto1M3G8sa+2d9LmZ8Y9ITv7czDgs0/rczMyXSUrT//zOzvSjNKkf3el45H0+e5Lpx4K0JwvyPv8gp9+/+Jcvf+bY0b/eEcLQYeXXtTV+yYrRfzxn5ENbd/9m01j/S1P2v7Zn2q+izyvN7h+Pp2v9xVu2nrD24ks2Zj9RsjVxPaNUK8/QekY6tctNrk+szqmf7vpEedKNA1PT6xMAAEwQf/4fX8/Gnx9+KX0BFeubz9Pb+/lxbp4+1Fyenv1csqI8Pbt/PN5m8/RKm3l6tv2iPL3R/o3y9Ly8Oy/+R3L2n67m50l77/PInSfnNzdPsp9nUDRPsvtPd54kbc6TbPtF86TR/o3mSd55z4v/4Zz98zQ/H9p7X07ufLi5ufnwxky5aD5k95/ufCi1OR+y7RfNh0b7N5oPeec3L/5ZOfs3a+L8GJsY4/Ni5LxLL9786br9ZvrzL9rv38x+/kermu//zL7va+b7P7PvK5v5/rf3+1+5/X9sOithk6+izfd/Zj/fpVX7bb02fbNZ0fvPitZxV+XUT3cdd9akGwcm67jw8on5f/xxT8z/b0i3nf4x0MH/OWk+x6xh/A59jlnR6xjfz6do7ADg+zkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAc3q6Fo1vd1+7Ze9ZR7zvF58fefGqD/5kw9VvuOJ7fxi88D0/v7P3uy/tWnP02t++95AL7/3U6Ttv+eYDL8y9+29PFwbur26OT4uVEJJnkxAqP93z1S/seuTwsbokhFBO+reHsCBZ+MCCJBNh6C8hhDW1fk68864XT1o7tr36hp4J9fMzQbLHFfrKsT8T+hkuKzwiDkKVdJ5t23vpCeF37151za8W//AH3Tue2b5vl6RSN59CmHd+/eO7Qwiz0/9j4mxbFB+cbleGEHrrHndaQb+OabL/y3LKR6bbWem2ryBOvH9JplzK7JctR92ZbW9Be+3K60er+xWZkylnL0btyutnrF+Qbn+cbo+fZvxy/J+EUhK6at1fn+ybI6HuvCUhGT+XlVq5VDu3IT3+TDnJlEuZcrk7c1zj7aYTrZwkE+vjfpn6eDnuSuuPrr9WN3B2Tv1r020lfaK+FMshe6Oqb9KN2nGNi/3aM0Vf9odS3TWoUX3txKcnoy+t60sWTnrMaAPxvl2rblxaXv3g7v6cfiR3Jmn8pKX42365YM4nvn/9JYvy4p9fSuOXGsUfb3Sq+E+d8ehz517/nW/kxr85xi+31P8T7+t99oyHrl2SOz574vh0tRR/+OmHb1p86AU7cvt/a4xfaSn+ip2P9szde9/9uf0fiuMzu6X4T779/b+/4/F7nsmNH2L83pbir9656Ys9A3uPy41/fxyfvpbiP/X8jlOfGBj442Be/Mdi/Lktxb99+y1vu23+Dafnnt+VcXz6W4p/5rH3XjNn7z1H5V07k1s79Z0T4NXpkPQ11nVpudU8s111+cLXB7uqr/nmpP/ndrKhjLF25s1gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXpl+feXJHz/nXR9e1ZWEkOTsM9pAvK88a8WKwRbaHX764ZsWH3rBjvq6RS3EAQAAAIrFPLxUq6mEReHSZHY4suH+cY3gyFhKJtZn1xBinOwaQatxSh2KU+5QnK4OxenuUJxZHYrT06E4lYI4ldBcnNlTxik13Z/eDsXp61CcOR2KM7dDceZ1KM78DsXpnzJO8/NwQYfiLOxQnEM6FOfQDsU5rENxXjP+tdx2nMM71J/smvJ05+HcdM8j8uIk6fEWxOlKyrU7Gq2nx3aOarOdvibbyf1+3GQ7s5ts55jM40rTbKfSZDuvb7OdpMl23thmO6WCduK8vSzbv9hOLDU5/y/vUJxtHYpzRYfiXNmhOJ/tUJzPdSjOVW3GAWhWzP/35Xv9oafrHaE3veJkVwFivrt4/Ovk73d5F6QY73WZ+lnZeNkw2UQ9E2/xdPuXXUDIxFuSqe+eEK+rlo9MEa9SH29p5s5Jx5vtX3ZBIdO/4zP1PUXxsgsLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCDfn3lyR8/510fXhWSMPavodEG4n3lWStWDLbQ7q5VNy4tr35wd31dT1cLgQAAAIBCMQ/vrtVUQk/X8tCTzJqwXyVdB6ik5XJ/dTswL6wc2yaDpfFyb7Jgysd1pY9btnXDpmVbLt/25nUbhi8auWhk41uXn7z81KFTTj1l2dp160eGql9D6CmIF0IYX37Ycvm2Tw+vXz+yeUu1Mtv/RenjFqXlJH3cwFvC0Nj26rT/CwvaK01qb+ZuFJ89AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+j127C5HzKuMAft6Z2ZnptjEr/ZqGZjPko0QtmsStpFq6LwgW2iRkKchsdS3BJljcNKFNSqxjG7CtCYrQEgiR3ERisbV40w9bxH4QiNRowI1B2qK90Aul1UpaciEpI9mdMzszmclsx9Kk6e93Me/MOc85z3vmYuH/7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDhmqqOTFRGx8YHkxCSLjW1DuJcNp+m5T76fv35rT8uDJ9c3jxWyPWxEQAAANBTzOEDjZFiKOSyIRuumv60ODRNhNncDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfPxMVUcmKqNj4xcnISRdamodxLlsPk3LffR9450nv/Dq8PA/msdKfewDAAAA9BZzeKYxUgylsCQMJFe11MVnAwva1rfXxX0WzrGu/dlBt7olc6y7Zo51n+pRt65+3REAAADgoy/m/1xjZCgUcvO65v9euT7WLWqry9av/fxWAAAAAPj/xPxfaIyUQiFXauT1ueb9xW11cX2v/9vH9cu6rO/1//y19av/0wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAR8dUdWSiMjo2nk1CSLrU1DqIc9l8mpb76LvqhcF/3XLoocXNY4VcHxsBAAAAPcUcPhu9i6GQGwwD4eLp3D980/6nv/r0syMhhJmYn8+HHRu2bbt71cxrrFt55NDAjw6/9b0z6lbOvJ6zAwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+YqerIRGV0bPyiJISkS02tgziXzadpuY++r3/pK397/PhzbzaPlfrYBwAAAOgt5vDZ7F8MpZAP+XDF9KfmrH9apm19t2cGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIXjnu/c9+0Nk5Mb7/bmvH6ThvPiNrz52Lw513+ZAACAD9qikITa+3Tl+nN91wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPlgqjoyURkdGy8mISRdamodxLlsPk3LffRNnz9amHfyhZeax0p97AMAAAD0FnP4bPYvhlIYCAPh8ulPnZ4JTOf/oQ/xJgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDzylR1ZKIyOjY+Lwkh6VJT6yDOZfNpWu6j72M7933x4Pwf3tw8Vsj1sREAAADQU8zh+cZIMRRynw6FcHX982TrgiRbv3Z+LjC7bmvLssE5r6u2rMvOed2utpPl6qeZWVeM+w3NXBvrymeuKzetK4VG+3LLurCnZdW8HvcZAAAA4ByK+b/QGBkKhVyhKef+vKV+SM4FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALqYqo5MVEbHxpMkhKRLTa2DOJfNp2m5j773/f6Tl3zjF7u3N4+V+tgHAAAA6C3m8NnsXwylsDB8Iiyczv1hqLU+1v27curgo//5+/IQVlxxbDjXdf/fvn7ji+0vIWRaizIhzK/3S7r0+90fH713ae3U4yGsuDx79fvt17plWnumsnHttsPHtp7liwEAAIALSMz/A42RoVDI3dU1/8fkPff8n49v59+781eXxUTetiIzVO+X6dLvy0uf/Ouy1f9863T+P1u/z+3bfPCyequZ15mRNklaG928fd2x6w5k4qln+mfb+sfv5WvfffO/m3Y8cmqmfzEU6+MLcp36n/na5qK0NpnZO77mvb3V1v65Lud/6A8vHf/Ngt3vnu7/zqLBRv9rznL+s/cfvPXhPdfvO7SutX8Iodyp/9vv3hyu/POdD7aff7Bt4+Zvvvm1TZLWjiw+cWD1/tINrf2Ttv7x+//l8cf2/OyRHzwb+8ffiixfMtf+mbb+r+y6dOfLD6xf0No/0+X8L9726vCW8vf/1H7+O/o+/xPXPnX7axvS+9unAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALixT1ZGJyujYeCYJIelSU+sgzmXzaVruo+8btxx9+7bdP/1J81ipj30AAACA3mIOn83+xVAK+ZAPg9O5/5nKxrXbDh/bGoZmZpP6NTe55Z5tn9m0Zftdd5yjOwcAAADmKub/XGNkKBRyS8NAPf+Pbt6+7th1BzIx/2di/t905+TGFaFR98quS3e+/MD6BY3nBCFM/yygeLru87N1N914dOjEX761rGPdqtm6I4tPHFi9v3RDrAvNdStD4/nEE9c+dftrG9L7G/fXXPfZb26ZrD+eiPsO3vrwnuv3HVrXOEf9OljfN9ZNZvaOr3lvbzXWZevXYv3cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCZpqojE5XRsfGQDSHpUlPrIM5l82la7qPvmqW/fvCSk88tbB4r5PrYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2K+/EKmqOA7g58zMtuPMru5q0Fa0rlYU9pAURNRLRUVohNCTIWFpPkRBEFHYQ2toJFb0EmS9SFRQbSEU5CaJFmv0T3rpoYIC6yEQaaEcpIeK3T13nL3uberuFpSfDwxnzpl7v/d37zl7dgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5TemtD0+3hHQ+2bjvvpk8ev+fEY7e8d/+2Sx59/YeRTTd8vLfxysmJzSu2fH3jsk37710zvvvFQ7/0v/Pb0a7Bj8w0q1K3HkI8HkOovz/53BMTn54zNRZDCNU4MBrCYFx6aDDmElb/GkLY3K5z9odvn7hyy1S7bVfvrPEluZD8fYVmNatnxsDsevl/qad1trX18GXh2+vXb/98+Vtv9owdGz11SKx3rKcQFm/sPL8nhLAovaZkq20oOzm160IIjY7zru5S14V/sf7LC/rnp/as1Da75GSfr8z1K7nj8v1MT65tdLnefBXVUfa4bvpy/fxmNF9FdWbjg6l9N7Wr/mZ+NXvFUImh1i7/vnhqjYSOeYshTs9lvd2vtOc2pPvP9WOuX8n1qz25+5q+blpo1Rg7x9u7eWX2eHs7rqXxFZ179RxuLxg/N7X19Id6MuuH/JsZzdPetO9rWlbX5J/U8m+odOxBc423Jz5NRjONNePS0875fQ7ZZxPrn7q4uuGDwwMFdcS9MeXHUvlbPxvsu/ONnQ8NFeVvrKT8Sqn879Ye+emOnS+9UJj/bJZfLZV/xYHG8bUf7lhZ+Hwms+dTK5V/19GPnl5+9t1jhfXvyfLrpfKvGz/S2986cLCw/tXZ81lUKv+ba2/+/rUv9x0rzA9ZfqNU/obxB57pHW5dWph/MHs+zXLr5+exq74aHv5xpCj/iyy/v1T+q6O7r3l5ya41hfO7Lns+A6Xyb71o//a+1r4LivbOuGeh/nMCnJmWpe9YT6Z+2d+Z89Xxe+H5kdrMd76+9OpfyAvlTF1n8T+YDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAMHJAAAAACC/r9uR6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFMBAAD//0UcMHA=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
open(&(0x7f0000000000)='./file1\x00', 0x8042, 0x0)
pwrite64(r0, &(0x7f0000000240)="cfd9", 0x2, 0x10000)

3.156478203s ago: executing program 8 (id=3792):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x66)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x0, 0x0}, 0x10)

3.051815896s ago: executing program 0 (id=3794):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000101c1b021b00000000000109022400010000400009040000010300400009210000000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x9, "0400"}]}}, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000100)={0x40, 0x3, 0x5, 'N\x00\x00\x00\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

2.952831895s ago: executing program 8 (id=3795):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f00000002c0)=0x3ced, 0x4)

2.784895301s ago: executing program 8 (id=3797):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f000000c300)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}], {0x14}}, 0x68}}, 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000c00)={0x20, 0x17, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x10}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x0)

2.622076835s ago: executing program 8 (id=3800):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0xba98575a95aeb70d)
ioctl$TUNGETFILTER(r0, 0x801054db, 0x0)

2.605440409s ago: executing program 6 (id=3801):
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, {0x16}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.942789572s ago: executing program 8 (id=3809):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x1c5ed000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@restrict={0x0, 0x0, 0x0, 0x4}]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

1.81997027s ago: executing program 7 (id=3810):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)={0x2c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x5, 0x2, [{0x2, 0x5}]}]}]}]}, 0x2c}}, 0x4000)

1.810575854s ago: executing program 6 (id=3811):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f00000001c0)=ANY=[@ANYRES16=0x0], 0x0, 0x1ca, &(0x7f00000004c0)="$eJzsmb+uEkEUxr+Z3QvcG2NiY2GjiTfxmlyW3UUNjQU+gQn4r5PIStAFDGwBJBbExsbH8BUsqCzs7Gy1UBMTCymt18xw2B35J8QQSTy/hNlvZs7MnDnAVwAYhvlv+frl5+dXt0rVUwBncIwsjX+30hhpxH/Kkfj4+l377PPx/H4CQBxvfr4N4G3ZQkT9OP599TE9q5CJvgOJq6TvQcAh/RASd0kHEHhA+omhO4ckwsB51Anrj5th4KrGU42vmuJ8fpORQB1AjvITxnxvMHxaC8OgOy8O4tk5C1Pbij/Uz56UJW4a9VPv1/2XL0aqP6uNa9TPg4RHugiBCukSsnAcJy2Jcf8Ldrq/tcn990Gcy6+LOd2DDFn8AyGMkUMl1Bc6GTk/Gb9fXPVtl4ld2u2VQZ69MPXh6O92zpAJLI1J/VNZ7hXDn2zYiX8UotazQm8wzDdbtUbQCNq+X7zhXnPd635BG9G0XeN/Oe1PR8b+BytiMyKDfi2Kul4fiLpe0venreG4lTedH3qN1P4ncXJ5uof6qOhrZ5efIegl9VOpE2tl8gzDMAzDMAzDMAzDMAzDMFtxEUL/Ckp/VMUr8G/r6F8BAAD///ckZMc=")
r0 = fspick(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

1.661139235s ago: executing program 1 (id=3813):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000004f80)=@newsa={0x138, 0x10, 0x633, 0x0, 0x0, {{@in6=@private0, @in=@broadcast, 0x0, 0x4000, 0x0, 0x8004, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in=@rand_addr=0x64010100, 0x4d2, 0x32}, @in6=@dev={0xfe, 0x80, '\x00', 0x1a}, {0x327, 0x0, 0x0, 0x0, 0xfff, 0xfffffffffffffffc, 0x20000000000}, {0x0, 0x0, 0x0, 0x800}, {0x8f}, 0x70bd29, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1.565506103s ago: executing program 7 (id=3814):
syz_mount_image$exfat(&(0x7f0000000340), &(0x7f0000000080)='./file0\x00', 0x1000000, &(0x7f0000000200)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=0x0, @ANYBLOB=',discard,allow_utime=0000000000002,iocharset=cp857,sys_tz,allow_utime=00000000000000000000004,namecase=1,iocharset=maciceland,utf8,iocharset=iso8859-3,\x00'], 0x81, 0x1505, &(0x7f0000002c80)="$eJzs3Au8jdXWMPAx5pwPm6SV5D7HHA8ruUySJJeEXJIkSZLcEpIkSUJyyy0JScg95B6SW0ju9/s9SY4kSUJCkvn9VOd1ztd7vvrec77Pe949/r/fs/cc+1ljrPGssfdaz3p+e+9v2g2sVKdy+VrMDP8U/PVTVwBIAYA+AHAdAEQAUCxTsUyX96fT2PWfuxPxr/Xw1KvdgbiaZP6pm8w/dZP5p24y/9RN5p+6yfxTN5l/6ibzFyI12zot+/Wypd7tz1//d//n3XL9/9+QvP7/j/WnftJk/qmbzD91k/mnbjL/1E3mn7rJ/FM3mX/qJvMXIjW72tef/w22vz5UV7uPP9ii/1Le1f3uE0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRWpwPVxgA+Ov6avclhBBCCCGEEEKIf52Q9mp3IIQQQgghhBBCiP/3EMBoMNFf43SQHq6BDHAtZITrIAHXQya4ATLDjZAFskI2yA45ICfkAgsEDhhiyA15IAk3QV64GfJBfigABcFDISgMt0ARuBWKwm1QDGYvBLgDSkBJKAWl4U4oA3dBWSgH5eFuqAAVoRJUhnugCtwLVeE+qAb3Q3V4AGrAg1ATHoJa8DDUhkegDjwKdeExqAf1oQE0hEb/pfyXoBO8DJ2hC3SFbtAdXoEe0BN6QW/oA69CX3gN+sHr0B8GwEB4AwbBmzAY3oIhMBSGwdswHEbASBgFo2EMjIV3YByMhwnwLkyESTAZpsBUmAbT4T2YATNhFrwPs+EDmANzYR7MhwXwISyERbAYPoIl8DEshWWwHFbASlgFq2ENrIV1sB42wEbYBJthC2yFbbAddsBO2AW7YU+5vfAJ7INPYT98Bgfg8//L/HPw9/ntERBQoUKDBtNgGkzBFEyP6TEDZsCMmBETmMBMmAkzY2bMglkwG2bDHJgDc2EuJCRkZMyNuTGJScyLeTEf5sMCWAA9eiyMhbEI3opFsSgWw2JYHItjCSyJJbE0lsYyWAbLYlksf8dcAKyAlbAS3oP34L1YFatiNayG1bE61sAaWBNrYi2shbWxNtbBOlgX62I9rIcNsAE2wkbYGBtjE2yCzbAZNsfm2AJbYEtsia2wFbbG1tgG22BbbIvtsB22xw7YAV/Cl/BlfBm7YAXVDbtjd+yBPbAX9sbe+Cr2xdfwNXwd++MAHIhv4Bv4Jg7GszgEh+IwHIZl1AgciaOQ1Rgci2NxHI7DCTgBJ+IknIRTcCpOw+k4HWfgTJyJ7+Ns/AA/wLk4F+fjAlyAC3ERLsbFuATP4VJchstxBa7EVbgS1+BaXIPrcQOux024CbfgFtyG23AH7sBduAv34B78BD/BT/FT7I8H8AAexIN4CA/hYTyMR/AIHsWj264BwON4HE/gCTyJp/A0nsIzeAbP4jk8j+fxAl7Ai/hCjq9q78m/rj+oy4wyKo1Ko1JUikqv0qsMKoPKqDKqhEqoTCqTyqwyqywqi8qmsqkcKofKpXIpUqRYxSq3yq2SKqnyqrwqn8qnCqgCyiuvCqvCqogqooqqoqqYul0VV3eoEqqkaupLq9KqjGrmy6pyqrwqryqoiqqSqqwqqyqqiqqqqqpqqpqqrqqrGupBVVN1w174sLo8mTpqANZVA7Geqq8aqIbqTXxcNVaDsYlqqpqpJ9VQHIItVGPfUj2jWqmR2Fo9p0bh86qtGoPt1IuqveqgOqqXVCfVxHdWXdRE7Ka6qynYQ/VUvVRvNQMrqssTq6ReV/3VADVQvaHm45tqsHpLDVFD1TD1thquRqiRapQarcaoseodNU6NVxPUu2qimqQmqylqqpqmpqv31Aw1U81S76vZ6gM1R81V89R8tUB9qBaqRWqx+kgtUR+rpWqZWq5WqJVqlVqt1qi1ap1arzaojWqT2qy2qK1qm9qudqidapfarfaoveoTtU99qvarz9QB9bk6qP6iDqkv1GH1pTqivlJH1dfqmPpGHVffqhOqizqpTqnT6nt1Rv2gzqpz6rz6UV1QP6mL6md1SQUFGrXSWhsd6TQ6rU7R6XR6fY3OoK/VGfV1OqGv15n0DTqzvlFn0Vl1Np1d59A5dS5tNWmnWcc6t86jk/omnVffrPPp/LqALqi9LqQL61t0EX2rLqpv08X07bq4vkOX0CV1KV1a36nL6Lt0WV1Ol9d36wq6oq6kK+t7dBV9r66q79PV9P26un5A19AP6pr6IV1LP6xr60d0Hf2orqsf0/V0fd1AN9SN9OO6sX5CN9FNdTP9pG6un9It9NO6pX5Gt9LP6tb6Od1GP6/b6hd0O/2ibq876I76Z31JB91Zd9FddTfdXb+ie+ieupfurfvoV3Vf/Zrup1/X/fUAPVC/oQfpN/Vg/ZYeoofqYfptPVyP0CP1KD1aj9Fj9Tt6nB6vJ+h39UQ9SU/WU/RUPU33+q3SrD+RP/4/ye/3y71v0Vv1Nr1d79A79S69W+/Re/VevU/v0/v1fn1AH9AH9UF9SB/Sh/VhfUQf0Uf1UX1MH9PH9XF9Qp/QJ/Up/aP+Xp/RP+iz+pw+p3/UF/QFffG3xwAMGmW0MSYyaUxak2LSmfTmGpPBXGsymutMwlxvMpkbTGZzo8lisppsJrvJYXKaXMYaMs6wiU1uk8ckzU0mr7nZ5DP5TQFT0HhTyBQ2t/zT+f+gvxWTfz1ZMY1MI9PYNDZNTBPTzDQzzU1z08K0MC1NS9PKtDKtTWvTxrQxbU1b0860M+1Ne9PRdDSdTCfTGcF0NV1Nd/OK6WF6ml6mt+ljXjV9TV/Tz/Qz/U1/M9AMNIPMIDPYDDZDzBBjAGC4GW5GmpFmtBltxpqxZpwZZyaYCWaimWgmm8lmqplqppvpZoaZYWaZWWa2mW3mmDlmnplnFpgFZqFZaBabxWaJWWKWmmVmmVlhVphVZpVZY9aYdWad2WA2mE1mk1lqtpqtZrvZbnaanWa32W32mr1mn9ln9pv95oA5YA6ag+aQOWQOm8PmiDlijpqj5pg5Zo6b4+aEOWFOmpPmtDltzpgz5qw5a86b8+aCuWAumovmkrlkIIJIRSoykYnSRGmilCglSh+ljzJEGaKMUcYoESWiTFGmKHN0Y5Qlyhpli7JHOaKcUa7IRhS5iKM4yh3liZLRTVHe6OYoX5Q/KhAVjHxUKCoc3RIViW6Nika3RcWi26Pi0R1RiahkVCoqHd0ZlYnuispG5aLy0d1RhahiVCmqHN0TVYnujapG90XVovuj6tEDUY3owahm9FBUK3o4qh09EtWJHo3qRo9F9aL6UYOoYdToX1o/hLNZn/CdbRebFrrZ7vYV28P2tL1sb9vHvmr72tdsP/u67W8H2IH2DTvIvmkH27fsEDvUDrNv2+F2hB1pR9nRdowda9+x4+x4O8G+ayfaSXaynWKn2ml2un3PzrAz7Sz7vp1tP7Bz7Fw7z863C+yHdqFdZBfbj+wS+7FdapfZ5XaFXWlX2dV2jV1r19n1doPdaDfZzXaL3Wq32e12h91pd9nddo/daz+x++yndr/9zB6wn9uDNuW38/kv7RH7lT1qv7bH7Df2uP3WnrDf2ZP2lD1tv7dn7A/2rD1nz9sf7QX7k71of7aXbLh8cn/55Z0MGUpDaSiFUig9pacMlIEyUkZKUIIyUSbKTJkpC2WhbJSNclAOykW56DImptyUm5KUpLyUl/JRPipABciTp8JUmIpQESpKRakYFaPiVJxKUAkqRaXoTrqT7qK7qByVo7vpbqpIFakyVaYqVIWqUlWqRtWoOlWnGlSDalJNqkW1qDbVpjpUh+pSXapH9agBNaBG1IgaU2NqQk2oGTWj5tScWlALakktqRW1otbUmtpQG2pLbakdtaP21J46UkfqRJ2oM3WmrtSVulN36kE9qBf1oj7Uh/pSX+pH/ag/9aeBNJAG0SAaTINpCA2lYfQ2DacRNJJG0WgaQ2NpLI2jcTSBJtBEmkiTaTJNpak0nabTDJpBs2gWzabZNIfm0DyaRwtoAS2khbSYFtMSWkJLaSktp+W0klbSalpNa2ktraf1tJE20mbaTFtpK22n7bSTdtJu2k17aS/to320n/bTATpAB+kgHaJDdJgO0xE6QkfpKB2jY3ScjtMJOkEn6SSdptN0hs7QWTpL5+k8XaCf6CL9TJcoUIpL59K7a1wGd63L6K5z/3uczWV3OVxOl8tZl8Vl/buYnHP5XH5XwBV03hVyhd0tv4tLuJKulCvt7nRl3F2u7O/iKmt3/vqL6O5+V9nd46q4e11Vd5+r5u531d0DroZ71NV0j7larr6r7Rq6Ou5RV9c95uq5+q6Ba+iau6dcC/e0a+meca3cs7+LF7pFbq1b59a7DW6f+9Sddz+6Y+4bd8H95Dq7Lq6Pe9X1da+5fu51198N+F08zL3thrsRbqQb5Ua7Mb+LJ7spbqqb5qa799wMN/N38QL3oZvtFrs5bq6b5+b/El/uabH7yC1xH7ulbplb7la4lW6VW+3W/EevK9wmt9ltcXvdJ2672+F2ul1ut9vzS3z5OPa7z9wB97k76r52h9wX7rA77o64r36JLx/fcfetO+G+cyfdKXfafe/OuB/cWXful+O/fOzfu5/dJRccMLJizYYjTsNpOYXTcXq+hjPwtZyRr+MEX8+Z+AbOzDdyFs7K2Tg75+CcnIstEztmjjk35+Ek38R5+WbOx/m5ABdkz4W4MN/CRfhWLsq3cTG+nYvzHVyCS3IpLs13chm+i8tyOS7Pd3MFrsiVuDLfw1X4Xq7K93E1vp+r8wNcgx/kmvwQ1+KHuTY/wnX4Ua7Lj3E9rs8NuCE34se5MT/BTbgpN+MnuTk/9evTYRHgVvwst+bnuA0/z235BW7HL3J77sAd+SXuxC9zZ+7CXbkbd+dXuAf35F7cm/vwq9yXX+N+/Dr35wE8kN/gQfwmD+a3eAgP5WH8Ng/nETySR/FoHsNj+R0ex+N5Ar/LE3kST+YpPJWn8XR+j2fwTJ7F7/Ns/oDn8Fyex/N5AX/IC3kRL+aPeAl/zEt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7CW3kbb+cdjLyLd/Me3suf8D7+lPfzZ3yAP+eD/Bc+xF/wYf6Sj/BXfJS/5mP8DR/nb/kEf8cn+RSf5u/5DP/AZ/kcn+cf+QL/xBf5Z77EgSHGWMU6NnEUp4nTxilxujh9fE2cIb42zhhfFyfi6+NM8Q1x5vjGOEucNc4WZ49zxDnjXLGNKXYxx3GcO84TJ+Ob4rzxzXG+OH9cIC4Y+7hQXDi+JS4S3xoXjW+Li8W3x8XjO+ISccn40ftLx3fGZeK74rJxubh8fHdcIa4YV4orx/fEVeJ746rxfXG1+P64aPxAXCN+MK4ZPxTXih+Oa8ePxHXiR+O68WNxvbh+3CBuGDeKH48bx0/ETeKmcbP4ybh5/FTcIn46bhk/E7eKn/3D/V3jbnH3+JX4lTiE+/S85PzkguSHyYXJRcnFyY+SS5IfJ5cmlyWXJ1ckVyZXJVcn1yTXJtcl1yc3JDcmNyU3J7ckQ6icFjx65bU3PvJpfFqf4tP59P4an8Ff6zP663zCX+8z+Rt8Zn+jz+Kz+mw+u8/hc/pc3nryzrOPfW6fxyf9TT6vv9nn8/l9AV/Qe1/IF/YNfSPfyDf2T/gmvqlv5p/0T/qn/FP+af+0f8a38s/61v4538Y/79v6F/wL/kXf3nfwHf1LvpN/2Xf2XXxX39V39919D9/D9/K9fB/fx/f1fX0/38/39/39QD/QD/KD/GA/2A/xQ/wwP8wP98P9SD/Sj/aj/Vg/1o/z4/wEP8FP9BP9ZD/ZT/VT/XQ/3c/wM/wsP8vPzjfbz/Fz/Dw/zy/wC/xCv9Av9ov9Er/EL/VL/XK/3K/0K/1qv9qv9Wv9er/eb/Qb/Wa/2W/1W/12v93v9Dv9br/b7/V7/T6/z+/3+/0Bf8Af9AfPB3/IH/Zf+iP+K3/Uf+2P+W/8cf+tP+G/8yf9KX/af+/P+B/8WX/On/c/+gv+J3/R/+wv+eDHJt5JjEuMT0xIvJuYmJiUmJyYkpiamJaYnngvMSMxMzEr8X5iduKDxJzE3MS8xPzEgsSHiYWJRYnFiY8SSxIfJ5YmliWWJ1YkViZWJULIuT0OuUOekAw3hbzh5pAv5A8FQsHgQ6FQONwSioRbQ9FwWygWbg/Fwx2hRCgZSoXHQr1QPzQIDUOj8HhoHJ4ITULT0Cw8GZqHp0KL8HRoGZ4JrcKzoXV4LrQJz4e24YXQLrwY2ocOoWN4KXQKL4fOQYeuoVvoHl4JPULP0Cv0Dn3Cq6FveC30C6+H/mFAGBjeCIPCm2FweCsMCUPDsPB2GB5GhJFhVBgdxoSx4Z0wLowPE8K7YWKYFCaHKWFqmBamh/fCjDAzzArvh9nhgzAnzA3zwvywIHwYFoZFYXH4KCwJH4elYVlYHlYESFkVVoc1YW1YF9aHDWFj2BQ2hy1ha9gWtocdYWfYFXaHPWFv+CTsC5+G/eGzcCB8Hg6Gv4RD4YtwOHwZjoSvwtHwdTgWvgnHw7fhRPgunAynwunwfTgTfghnw7lwPvwYLoSfwsXwc7gkf7MmhBBCCPGnjP+D/d3+LlL/8VH99pXuAHDtjuxH/vZWGgA2Zvl13VPlaJ4AgGe6tHv4r1uFCl27dv3ttks1RHnmAkDiSn4auBIvg2bwFLSEplDkP+2vp+pwgf+gfvJ2gPR/k5MCV+Ir9W/9B/VHzP7D+nMB8uW5kpMOrsRX6hf9Xe3ol/pZG/9B/XRfjAVo8jd5GeBKfKV+YXgCnoWWf3dLIYQQQgghhBDiVz1VqTZ/9P728vvzHOZKTlq4Ev/R+3MhhBBCCCGEEEJcfc936Pj04y1bNm3zDxbl/vEuWaSWRZr/Hm382y8A/lu08ecWV/uZSQghhBBCCPGvduWk/2p3IoQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCpF7/P/6d2NU+RiGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOJq+18BAAD//6/mMEE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x5412, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x42242, 0x0)

1.564808127s ago: executing program 6 (id=3815):
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f00000001c0)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb1e6badad1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000082c0678198bbc9f3331f03fa00100083794afff0a90000000026b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425200000000000000008fa437e38b8200000000630000000000000000000000000000000000000000000000e91100000000ee65e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a65c020e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba042bb2617f5b3eb59efcdf3e9332827586e6be0cd2d7297ebd5716514942fd941c1152a8df17f7bf8d23188cc812736a6eb35f0004dde29f79717df9065381ba566751a8e1710210f00ca58ff481633fa3fbe088f86e336cce022c8e2233b79af7f3fb562f9863b2842df189b15ae659ffd7fb31258935a7d1eec82952520f62fbf0f4c8d879805ef3e6b576f5bac6cd8ad874081", @ANYRES16], 0x0, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eexBHTNR2l3hYdDewfD6X/OD3vuQ9BgbeMG/23/jq40Gvynr5NNbOnIm1cUR6kCLFWvzt83j19R9/euHWnbs32p3O9s2Urrdvt15LKW28+P17n37z0g/Ti+9+u/Hd+djbfH//161f9i7vXdn//fZH/Sr1qzQcTVOe7o1G0/xeWaSdfjXIUnqnLPKqSP1hVUwO9HvlaDyepXy4s94YT4qqSvlwlgbFLE1HaTqZpfzDvD9MWZal9UbwX3S/flDXdURdPx7noq7r+oloxMV4MtZjI5qxGU/F0/FMXIpn43I8F8/HlfmoVc8bAAAAAAAAAAAAAAAAAAAAThfn/wEAAAAAAAAAAAAAAAAAAGD1bt25e6Pd6WzfTOlCRPnlbne3u/hd9Nu96EcZRVyLZvwW89P/C4v6+lud7WtpbjO+KO//lb+/233sYL41/5zA0nxrkU8H8+ej8Wh+K5pxaXl+a2n+Qrzy8iP5LJrx8wcxijJ24s/sw/xnrZTefLtzKH91Pg4AAABOgyz9Y+n+Pcv+rb/IH+H5wKH99dm4ena1ayeimn0yyMuymBxbcS6O/S8UCsX/XKz6zsRJeHjRVz0TAAAAAAAAAAAAjuIkXidc9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2IFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//8xgdSv")
mprotect(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x5)
ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307202, &(0x7f0000000f00)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

1.559355365s ago: executing program 2 (id=3816):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'gretap0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x2}]}}]}, 0x3c}}, 0x0)

1.303071898s ago: executing program 2 (id=3817):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000001a21428c6c08586dd61bcc1d700006cff000000ffff000000000000000000000100000000000000000000000000000001"], 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.218106143s ago: executing program 7 (id=3818):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@ipv6_newroute={0x38, 0x18, 0x309, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, [@RTA_OIF={0x8, 0x4, r1}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x7}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @SEG6_LOCAL_ACTION={0x8, 0x1, 0xa}}]}, 0x38}}, 0x1000c840)

1.181430222s ago: executing program 1 (id=3819):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in=@broadcast, 0x0, 0xffff, 0x0, 0x0, 0xa}}, {{@in6=@mcast2, 0x0, 0x2b}, 0x0, @in=@empty}}, 0xe4)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x3, 0xffffffff, @mcast2, 0x5}, 0x1c)
close(r0)

1.006487506s ago: executing program 0 (id=3820):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000004c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000500)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fcdbdf253f00000008000300", @ANYRES32=r2, @ANYBLOB=' \x00^'], 0x3c}, 0x1, 0x0, 0x0, 0x4080}, 0x4004000)

1.005440073s ago: executing program 7 (id=3821):
symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
r0 = landlock_create_ruleset(&(0x7f0000000440)={0x6621}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000002200)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2)

952.026105ms ago: executing program 1 (id=3822):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_CONTINUE(r0, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

778.014082ms ago: executing program 1 (id=3823):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000500)=[{{&(0x7f0000000240)={0xa, 0x4e24, 0x9, @dev={0xfe, 0x80, '\x00', 0x14}, 0x6}, 0x1c, &(0x7f0000000680)=[{&(0x7f0000000280)='Q', 0x1}], 0x1}}, {{&(0x7f0000000000)={0xa, 0x4e24, 0x9, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2}, 0x1c, &(0x7f0000000100)=[{&(0x7f00000006c0)="9ad1", 0x2}], 0x1}}], 0x2, 0x4000840)
shutdown(r0, 0x1)
setsockopt(r0, 0x84, 0x7f, &(0x7f00000001c0)="020000000980ffff", 0x8)

751.41536ms ago: executing program 7 (id=3824):
r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x2, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x6, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000080)=0x1)
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x70000, 0x10001, {0x77359400}, {0x0, 0x8, 0x0, 0x0, 0x0, 0x0, "0300"}, 0x5e, 0x1, {0x0}})

728.773422ms ago: executing program 0 (id=3825):
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000000)={[{@shortname_lower}, {@utf8no}, {@fat=@nfs}, {@fat=@discard}, {@utf8}, {@fat=@nfs}, {@shortname_win95}, {@fat=@debug}, {@utf8}]}, 0xfd, 0x2a0, &(0x7f0000000540)="$eJzs3M9rE0EUwPHXtGnTlDY5iKAgPvSil6WNf0GQFsSAUhtRD8LUbjRkTUo2RiJie/Pq31E8ehOs/0Av3ryLlyIIXnqQrnQ3a7Y12B823dh8P1B2ujMvM7s7CW8XdjbvvXlaKblWyTQkkVJJSGpVtkSykpDQUHub8MujErUqVyd+fL5w5/6Dm/lCYXZedS6/cC2nqlMXPzx/+fbSx8bE3XdT78dkI/tw83vuy8bZjXOb2wvhp9caanSxVmuYRcfWpbJbsVRvO7ZxbS1XXbu+q77k1JaXW2qqS5Pp5brtumqqLa3YLW3UtFFvqXlsylW1LEsn0zJohg8dUVybnzf5ngwGcRjvtrNez5vhrpXFtZMYFAAA6C9/5v9yIvn/k7KrZVer++X/CSH/7x0//9/umjTidEju3ADkTbr9/d2N/B8AAAAAAAAAAAAAAAAAAAAAgP/BludlPM/LhNvwb0xEUiIS/h/3ONEbR7j+QzEOF8cs8uJeSsR53Sw2i8E2qM+XpCyO2DKdFPnpz4e2oDx3ozA7rb6srDsr7Xj/JcGxMD6U7R4/E8RrJH6lWUxKOtp/TjJypnt8bk98UkSaxVG5cjkSb0lGPj2Smjiy5M/rTvyrGdXrtwp7+h/32wEAAAAAcBpY+lt29/1vsJqkZWm4bMie+mBn5/mAZPZ5PqCyPiqd+BE5PxLfcQMAAAAAMEjc1ouKcRy7PsiFcTl81CCeOisVTJq/NvY8b2Wn0b93mhCRmI70m4j0wQk/7sLXZ8EFPEjjOH+VAAAAAPRCJ+mPeyQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyugy4eFrY/ytpjke6G4zlKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoD/8CgAA///JRBp/")
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)

611.992642ms ago: executing program 6 (id=3826):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='htcp\x00', 0x5)
listen(r0, 0x4000)
close(r0)

485.596767ms ago: executing program 1 (id=3827):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x2, 0x0, [{0x0, 0xb8, &(0x7f00000004c0)=""/184}, {0x0, 0x0, 0x0}]})
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x1})

375.103499ms ago: executing program 2 (id=3828):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ip6gretap0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x25dfdbff, {0x60, 0x0, 0x0, r2, {0x0, 0x3}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x1}]}}]}, 0x3c}}, 0x44040)

247.893571ms ago: executing program 8 (id=3829):
io_setup(0x23, &(0x7f0000000280)=<r0=>0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/binder0\x00', 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f0000003840)=[&(0x7f0000001540)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
ioctl$BINDER_WRITE_READ(r1, 0x40046208, 0x0)

176.109514ms ago: executing program 1 (id=3830):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(r0, &(0x7f0000001100)={0xa, 0x0, 0x1, @ipv4={'\x00', '\xff\xff', @empty}, 0x9, 0x4}, 0x20)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000140)=0xfc)

166.724989ms ago: executing program 2 (id=3831):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@rights={{0x18, 0x1, 0x1, [r0, r1]}}], 0x18, 0x841}, 0x84)
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)}, 0x0)

86.131675ms ago: executing program 7 (id=3832):
r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x40000)
fcntl$setstatus(r0, 0x4, 0x2000)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x80402)
write$binfmt_elf64(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="7f454c4600000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000003800000000000000000002000000ff"], 0x78)

0s ago: executing program 6 (id=3833):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000d"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x11, 0x15, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x10000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000009}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)

kernel console output (not intermixed with test programs):

][ T5904] asix 6-1:0.239 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9
[  519.395707][ T5904] asix 6-1:0.239: probe with driver asix failed with error -71
[  519.424540][ T5904] usb 6-1: USB disconnect, device number 5
[  519.493059][T13968] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2829'.
[  519.519936][T13936] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  519.567591][T13968] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2829'.
[  519.649289][    T9] prodikeys 0003:041E:2801.0010: unknown main item tag 0x0
[  519.679045][    T9] prodikeys 0003:041E:2801.0010: unknown main item tag 0x0
[  519.707239][    T9] prodikeys 0003:041E:2801.0010: unknown main item tag 0x0
[  519.718530][    T9] prodikeys 0003:041E:2801.0010: unknown main item tag 0x0
[  519.726207][T13936] XFS (loop7): Ending clean mount
[  519.732209][    T9] prodikeys 0003:041E:2801.0010: unknown main item tag 0x0
[  519.754204][T13936] XFS (loop7): Quotacheck needed: Please wait.
[  519.762507][T13977] netlink: 120 bytes leftover after parsing attributes in process `syz.2.2831'.
[  519.772068][    T9] prodikeys 0003:041E:2801.0010: hidraw0: USB HID v1.01 Device [HID 041e:2801] on usb-dummy_hcd.3-1/input0
[  519.864269][ T5904] usb 4-1: USB disconnect, device number 22
[  519.915724][T13936] XFS (loop7): Quotacheck: Done.
[  519.938228][T13981] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2833'.
[  519.963651][T13981] ip6gretap0: entered promiscuous mode
[  519.975438][T13981] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2833'.
[  520.063663][ T7760] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  520.165715][T13989] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2837'.
[  520.511234][T13995] loop1: detected capacity change from 0 to 4096
[  520.590050][T13999] loop7: detected capacity change from 0 to 1024
[  520.760903][T14007] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2846'.
[  520.847124][T13995] ntfs3(loop1): ino=1a, mi_enum_attr
[  520.876458][T13995] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  521.097890][T14024] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  521.232654][T14023] loop3: detected capacity change from 0 to 4096
[  521.301735][T14023] ntfs3(loop3): Failed to initialize $Extend/$ObjId.
[  521.519148][T14037] loop7: detected capacity change from 0 to 512
[  521.562041][T14037] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002]
[  521.570325][T14037] System zones: 1-12
[  521.579012][T14037] EXT4-fs error (device loop7): dx_probe:791: inode #2: comm syz.7.2859: Directory hole found for htree index block 0
[  521.631941][T14037] EXT4-fs (loop7): Remounting filesystem read-only
[  521.655705][T14037] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -117
[  521.683039][T14037] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -117
[  521.727161][T14037] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  521.811822][T14053] bridge0: port 2(bridge_slave_1) entered disabled state
[  521.821732][T14053] bridge0: port 1(bridge_slave_0) entered disabled state
[  521.928949][ T7760] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.062184][T14055] loop5: detected capacity change from 0 to 2048
[  522.144124][T14055] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  522.389863][T14069] loop1: detected capacity change from 0 to 2048
[  522.429422][T14069] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  522.508127][T14077] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  522.967350][T14097] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2886'.
[  522.986279][T14095] loop5: detected capacity change from 0 to 1024
[  522.996225][T14097] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2886'.
[  523.011595][T14095] EXT4-fs: Ignoring removed orlov option
[  523.035065][T14095] EXT4-fs: Ignoring removed nomblk_io_submit option
[  523.090715][T14095] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  523.236938][T12958] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.343737][ T5904] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  523.372741][T14112] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2892'.
[  523.571651][ T5904] usb 4-1: Using ep0 maxpacket: 32
[  523.605674][ T5904] usb 4-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  523.635121][ T5904] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.677041][ T5904] usb 4-1: config 0 descriptor??
[  523.692307][ T5904] gspca_main: sq930x-2.14.0 probing 041e:403c
[  524.291029][T14145] block nbd0: server does not support multiple connections per device.
[  524.310013][T14145] block nbd0: shutting down sockets
[  524.571812][ T5904] gspca_sq930x: reg_w 0105 bf00 failed -71
[  524.640668][ T5904] sq930x 4-1:0.0: probe with driver sq930x failed with error -71
[  524.669144][ T5904] usb 4-1: USB disconnect, device number 23
[  524.719726][T14170] loop0: detected capacity change from 0 to 256
[  524.735816][T14170] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  524.754747][T14170] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  524.772946][T14170] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  524.925948][T14174] loop1: detected capacity change from 0 to 512
[  524.942276][T14178] netem: unknown loss type 0
[  524.947766][T14178] netem: change failed
[  524.993083][T14174] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  525.040633][T14174] EXT4-fs (loop1): 1 truncate cleaned up
[  525.048239][T14174] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  525.278772][T11585] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.612688][T14196] loop1: detected capacity change from 0 to 4096
[  525.700959][T14196] ntfs3(loop1): ino=1a, mi_enum_attr
[  525.735297][T14200] loop5: detected capacity change from 0 to 4096
[  525.743511][T14196] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  525.786544][T14200] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  525.807141][T14172] loop7: detected capacity change from 0 to 40427
[  525.849920][T14172] F2FS-fs (loop7): invalid crc value
[  526.054676][T14172] F2FS-fs (loop7): Start checkpoint disabled!
[  526.101748][T14172] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  526.104097][T12958] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  526.206709][   T30] audit: type=1800 audit(1748913549.260:184): pid=14172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2921" name="file1" dev="loop7" ino=10 res=0 errno=0
[  526.252616][T14172] syz.7.2921: attempt to access beyond end of device
[  526.252616][T14172] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  526.331969][T14172] syz.7.2921: attempt to access beyond end of device
[  526.331969][T14172] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  526.376777][T14172] syz.7.2921: attempt to access beyond end of device
[  526.376777][T14172] loop7: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  526.401601][T14192] loop0: detected capacity change from 0 to 32768
[  526.437336][T14192] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2931 (14192)
[  526.484533][T14192] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  526.504641][T14190] loop3: detected capacity change from 0 to 40427
[  526.510056][T14192] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  526.530475][T14192] BTRFS info (device loop0): using free-space-tree
[  526.542209][T14190] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  526.558963][T14190] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  526.573275][ T1140] kworker/u8:8: attempt to access beyond end of device
[  526.573275][ T1140] loop7: rw=2049, sector=45120, nr_sectors = 8 limit=40427
[  526.592879][ T1140] CPU: 0 UID: 0 PID: 1140 Comm: kworker/u8:8 Not tainted 6.15.0-syzkaller-11061-g7f9039c524a3 #0 PREEMPT(full) 
[  526.592920][ T1140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  526.592939][ T1140] Workqueue: writeback wb_workfn (flush-7:7)
[  526.592987][ T1140] Call Trace:
[  526.592997][ T1140]  <TASK>
[  526.593009][ T1140]  dump_stack_lvl+0x189/0x250
[  526.593058][ T1140]  ? __pfx_dump_stack_lvl+0x10/0x10
[  526.593096][ T1140]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  526.593133][ T1140]  ? __pfx_queue_work_on+0x10/0x10
[  526.593160][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.593189][ T1140]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  526.593225][ T1140]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  526.593262][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.593290][ T1140]  ? f2fs_hw_is_readonly+0x39b/0x470
[  526.593331][ T1140]  f2fs_handle_critical_error+0x37c/0x540
[  526.593375][ T1140]  f2fs_write_end_io+0x495/0x810
[  526.593412][ T1140]  ? blkg_put+0x22/0x240
[  526.593470][ T1140]  __submit_merged_bio+0x27a/0x6a0
[  526.593518][ T1140]  __submit_merged_write_cond+0x255/0x530
[  526.593562][ T1140]  f2fs_write_data_pages+0x261d/0x3000
[  526.593649][ T1140]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  526.593706][ T1140]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  526.593797][ T1140]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  526.593833][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.593876][ T1140]  ? trace_f2fs_writepages+0x7f/0x200
[  526.593911][ T1140]  ? f2fs_write_node_pages+0x478/0x6e0
[  526.593950][ T1140]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  526.593991][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.594029][ T1140]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  526.594068][ T1140]  do_writepages+0x32e/0x550
[  526.594102][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.594130][ T1140]  ? reacquire_held_locks+0x127/0x1d0
[  526.594155][ T1140]  ? writeback_sb_inodes+0x372/0x1000
[  526.594193][ T1140]  __writeback_single_inode+0x145/0xff0
[  526.594218][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.594247][ T1140]  ? do_raw_spin_unlock+0x122/0x240
[  526.594283][ T1140]  writeback_sb_inodes+0x6b5/0x1000
[  526.594328][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.594375][ T1140]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  526.594460][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.594488][ T1140]  ? rcu_is_watching+0x15/0xb0
[  526.594520][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.594561][ T1140]  wb_writeback+0x43b/0xaf0
[  526.594614][ T1140]  ? queue_io+0x391/0x590
[  526.594644][ T1140]  ? __pfx_wb_writeback+0x10/0x10
[  526.594697][ T1140]  ? _raw_spin_unlock_irq+0x23/0x50
[  526.594741][ T1140]  wb_workfn+0x409/0xef0
[  526.594799][ T1140]  ? __pfx_wb_workfn+0x10/0x10
[  526.594841][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.594869][ T1140]  ? __lock_acquire+0xab9/0xd20
[  526.594923][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.594956][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.594990][ T1140]  ? _raw_spin_unlock_irq+0x23/0x50
[  526.595024][ T1140]  ? process_scheduled_works+0x9ef/0x17b0
[  526.595062][ T1140]  ? process_scheduled_works+0x9ef/0x17b0
[  526.595104][ T1140]  process_scheduled_works+0xae1/0x17b0
[  526.595188][ T1140]  ? __pfx_process_scheduled_works+0x10/0x10
[  526.595239][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.595281][ T1140]  worker_thread+0x8a0/0xda0
[  526.595311][ T1140]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  526.595359][ T1140]  ? __kthread_parkme+0x7b/0x200
[  526.595401][ T1140]  kthread+0x711/0x8a0
[  526.595436][ T1140]  ? __pfx_worker_thread+0x10/0x10
[  526.595459][ T1140]  ? __pfx_kthread+0x10/0x10
[  526.595485][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.595524][ T1140]  ? _raw_spin_unlock_irq+0x23/0x50
[  526.595557][ T1140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  526.595586][ T1140]  ? lockdep_hardirqs_on+0x9c/0x150
[  526.595621][ T1140]  ? __pfx_kthread+0x10/0x10
[  526.595653][ T1140]  ret_from_fork+0x3fc/0x770
[  526.595695][ T1140]  ? __pfx_ret_from_fork+0x10/0x10
[  526.595742][ T1140]  ? __switch_to_asm+0x39/0x70
[  526.595768][ T1140]  ? __switch_to_asm+0x33/0x70
[  526.595793][ T1140]  ? __pfx_kthread+0x10/0x10
[  526.595825][ T1140]  ret_from_fork_asm+0x1a/0x30
[  526.595877][ T1140]  </TASK>
[  526.595889][ T1140] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  526.619568][T14190] F2FS-fs (loop3): build fault injection rate: 17008
[  527.096142][T14230] __nla_validate_parse: 2 callbacks suppressed
[  527.096166][T14230] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2943'.
[  527.099040][T14190] F2FS-fs (loop3): build fault injection type: 0x1f8
[  527.119709][T14190] F2FS-fs (loop3): build fault injection type: 0x6
[  527.167375][T14190] F2FS-fs (loop3): invalid crc value
[  527.198603][   T30] audit: type=1800 audit(1748913550.251:185): pid=14192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2931" name="file1" dev="loop0" ino=260 res=0 errno=0
[  527.228609][T14192] BTRFS error (device loop0): unable to set label with more than 255 bytes
[  527.350126][ T7677] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  527.451935][T14250] overlayfs: upper fs does not support tmpfile.
[  527.578668][T14190] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  527.629891][T14190] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  527.894689][ T1106] kworker/u8:6: attempt to access beyond end of device
[  527.894689][ T1106] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  527.935983][ T1106] CPU: 1 UID: 0 PID: 1106 Comm: kworker/u8:6 Not tainted 6.15.0-syzkaller-11061-g7f9039c524a3 #0 PREEMPT(full) 
[  527.936021][ T1106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  527.936039][ T1106] Workqueue: writeback wb_workfn (flush-7:3)
[  527.936083][ T1106] Call Trace:
[  527.936093][ T1106]  <TASK>
[  527.936104][ T1106]  dump_stack_lvl+0x189/0x250
[  527.936150][ T1106]  ? __pfx_dump_stack_lvl+0x10/0x10
[  527.936187][ T1106]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  527.936222][ T1106]  ? __pfx_queue_work_on+0x10/0x10
[  527.936248][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.936275][ T1106]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  527.936306][ T1106]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  527.936342][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.936370][ T1106]  ? f2fs_hw_is_readonly+0x39b/0x470
[  527.936409][ T1106]  f2fs_handle_critical_error+0x37c/0x540
[  527.936451][ T1106]  f2fs_write_end_io+0x495/0x810
[  527.936486][ T1106]  ? blkg_put+0x22/0x240
[  527.936544][ T1106]  __submit_merged_bio+0x27a/0x6a0
[  527.936585][ T1106]  __submit_merged_write_cond+0x255/0x530
[  527.936624][ T1106]  f2fs_write_data_pages+0x261d/0x3000
[  527.936700][ T1106]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  527.936734][ T1106]  ? __local_bh_enable_ip+0x12d/0x1c0
[  527.936787][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.936815][ T1106]  ? rcu_is_watching+0x15/0xb0
[  527.936879][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.936955][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.936983][ T1106]  ? unwind_next_frame+0x19ae/0x2390
[  527.937025][ T1106]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  527.937062][ T1106]  do_writepages+0x32e/0x550
[  527.937093][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.937122][ T1106]  ? reacquire_held_locks+0x127/0x1d0
[  527.937146][ T1106]  ? writeback_sb_inodes+0x372/0x1000
[  527.937181][ T1106]  __writeback_single_inode+0x145/0xff0
[  527.937205][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.937233][ T1106]  ? do_raw_spin_unlock+0x122/0x240
[  527.937269][ T1106]  writeback_sb_inodes+0x6b5/0x1000
[  527.937310][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.937353][ T1106]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  527.937422][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.937447][ T1106]  ? rcu_is_watching+0x15/0xb0
[  527.937469][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.937511][ T1106]  wb_writeback+0x43b/0xaf0
[  527.937559][ T1106]  ? queue_io+0x391/0x590
[  527.937586][ T1106]  ? __pfx_wb_writeback+0x10/0x10
[  527.937635][ T1106]  ? _raw_spin_unlock_irq+0x23/0x50
[  527.937675][ T1106]  wb_workfn+0x409/0xef0
[  527.937726][ T1106]  ? __pfx_wb_workfn+0x10/0x10
[  527.937765][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.937793][ T1106]  ? __lock_acquire+0xab9/0xd20
[  527.937841][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.937873][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.937907][ T1106]  ? _raw_spin_unlock_irq+0x23/0x50
[  527.937939][ T1106]  ? process_scheduled_works+0x9ef/0x17b0
[  527.937977][ T1106]  ? process_scheduled_works+0x9ef/0x17b0
[  527.938018][ T1106]  process_scheduled_works+0xae1/0x17b0
[  527.938092][ T1106]  ? __pfx_process_scheduled_works+0x10/0x10
[  527.938140][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.938180][ T1106]  worker_thread+0x8a0/0xda0
[  527.938239][ T1106]  kthread+0x711/0x8a0
[  527.938302][ T1106]  ? __pfx_worker_thread+0x10/0x10
[  527.938326][ T1106]  ? __pfx_kthread+0x10/0x10
[  527.938351][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.938385][ T1106]  ? _raw_spin_unlock_irq+0x23/0x50
[  527.938416][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  527.938448][ T1106]  ? lockdep_hardirqs_on+0x9c/0x150
[  527.938482][ T1106]  ? __pfx_kthread+0x10/0x10
[  527.938519][ T1106]  ret_from_fork+0x3fc/0x770
[  527.938558][ T1106]  ? __pfx_ret_from_fork+0x10/0x10
[  527.938601][ T1106]  ? __switch_to_asm+0x39/0x70
[  527.938625][ T1106]  ? __switch_to_asm+0x33/0x70
[  527.938649][ T1106]  ? __pfx_kthread+0x10/0x10
[  527.938680][ T1106]  ret_from_fork_asm+0x1a/0x30
[  527.938726][ T1106]  </TASK>
[  528.603970][T14259] loop7: detected capacity change from 0 to 32768
[  528.618863][T14259] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.2942 (14259)
[  528.668004][ T1106] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  528.712401][T14259] BTRFS info (device loop7): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  528.729221][T14190] VFS:Filesystem freeze failed
[  528.762223][T14259] BTRFS info (device loop7): using sha256 (sha256-x86_64) checksum algorithm
[  528.771367][T14259] BTRFS info (device loop7): disk space caching is enabled
[  528.823480][T14259] BTRFS warning (device loop7): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  528.974355][T14259] BTRFS info (device loop7): rebuilding free space tree
[  529.074063][T14259] BTRFS info (device loop7): disabling free space tree
[  529.085662][T14259] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  529.141153][T14259] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  529.467368][T14303] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2964'.
[  529.521522][T14303] vlan2: entered allmulticast mode
[  529.608402][ T7760] BTRFS info (device loop7): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  530.047536][T14295] loop0: detected capacity change from 0 to 32768
[  530.275273][T14324] loop7: detected capacity change from 0 to 512
[  530.311885][T14324] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  530.401264][T14324] EXT4-fs (loop7): 1 truncate cleaned up
[  530.429128][T14324] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  530.594900][T14334] loop0: detected capacity change from 0 to 1024
[  530.654062][T14334] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  530.706717][T14334] ext4 filesystem being mounted at /443/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  530.882062][ T7677] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  531.063391][ T7760] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  531.161967][T14346] loop0: detected capacity change from 0 to 2048
[  531.206124][T14346] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  531.235194][T14348] loop3: detected capacity change from 0 to 2048
[  531.271538][T14348] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  531.300567][T14348] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  531.317629][T14328] loop1: detected capacity change from 0 to 32768
[  531.343638][T14328] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2975 (14328)
[  531.388622][T14328] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  531.407279][T14328] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  531.482670][T14328] BTRFS info (device loop1): rebuilding free space tree
[  531.515725][T14328] BTRFS info (device loop1): disabling free space tree
[  531.526536][T14328] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  531.560121][T14328] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  531.950453][T11585] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  532.449813][T14396] loop5: detected capacity change from 0 to 1024
[  532.500571][T14396] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  532.583851][T14396] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  532.640529][T14408] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3002'.
[  532.678370][T14403] loop7: detected capacity change from 0 to 2048
[  532.692108][T14403] NILFS (loop7): invalid segment: Magic number mismatch
[  532.703431][T14403] NILFS (loop7): trying rollback from an earlier position
[  532.723898][   T30] audit: type=1800 audit(1748913555.775:186): pid=14396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2999" name="file2" dev="loop5" ino=16 res=0 errno=0
[  532.739220][T14403] NILFS (loop7): recovery complete
[  532.775965][T14410] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  532.931695][T12958] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.167376][T14419] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3006'.
[  533.189323][T14423] netlink: 'syz.1.3008': attribute type 4 has an invalid length.
[  533.305116][T14389] loop3: detected capacity change from 0 to 32768
[  533.314316][T14389] btrfs: Deprecated parameter 'usebackuproot'
[  533.344841][T14389] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  533.374357][T14389] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2993 (14389)
[  533.419938][T14389] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  533.465101][T14389] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  533.473958][T14389] BTRFS info (device loop3): using free-space-tree
[  533.612385][T14389] BTRFS info (device loop3): rebuilding free space tree
[  533.670104][T14458] loop1: detected capacity change from 0 to 128
[  534.040256][ T5847] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  534.323191][T14455] loop5: detected capacity change from 0 to 32768
[  534.378891][T14479] loop0: detected capacity change from 0 to 1024
[  534.453942][T14479] hfsplus: small file entry
[  534.611581][T14483] loop1: detected capacity change from 0 to 2048
[  534.685934][T14483] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  535.271946][T14502] loop3: detected capacity change from 0 to 128
[  535.308844][T14502] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  535.329685][T14502] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  535.387427][T14505] loop0: detected capacity change from 0 to 512
[  535.419593][T14505] EXT4-fs (loop0): Test dummy encryption mode enabled
[  535.463093][T14505] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #12: comm syz.0.3039: corrupted in-inode xattr: invalid ea_ino
[  535.487801][ T1125] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  535.505890][T14513] loop1: detected capacity change from 0 to 256
[  535.515472][T14505] EXT4-fs (loop0): Remounting filesystem read-only
[  535.545927][T14505] EXT4-fs (loop0): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  535.686896][ T7677] EXT4-fs (loop0): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  535.875180][T14524] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3047'.
[  535.916876][T14524] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3047'.
[  535.959471][T14526] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3048'.
[  536.999975][T14554] loop1: detected capacity change from 0 to 256
[  537.629566][T14573] unknown channel width for channel at 909000KHz?
[  537.951416][   T43] hid-generic 0000:0003:0000.0011: unknown main item tag 0x0
[  537.957119][T14579] loop1: detected capacity change from 0 to 128
[  537.986679][   T43] hid-generic 0000:0003:0000.0011: unknown main item tag 0x0
[  538.040168][   T43] hid-generic 0000:0003:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  538.166859][T14579] FAT-fs (loop1): error, corrupted directory (invalid i_start)
[  538.189554][T14579] FAT-fs (loop1): Filesystem has been set read-only
[  538.553969][T14593] loop0: detected capacity change from 0 to 8192
[  538.566046][T14598] loop3: detected capacity change from 0 to 4096
[  538.595175][T14598] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  538.778680][T14610] loop1: detected capacity change from 0 to 256
[  538.973485][ T7887] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  539.081809][T14617] loop3: detected capacity change from 0 to 4096
[  539.089987][T14617] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  539.137315][T14617] ntfs3(loop3): ino=19, mi_enum_attr
[  539.149630][T14617] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  539.153323][ T7887] usb 8-1: Using ep0 maxpacket: 16
[  539.433863][ T7887] usb 8-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  539.450213][T14622] ntfs3(loop3): ino=1e, "file1" ntfs_rename
[  539.462822][ T7887] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  539.470854][ T7887] usb 8-1: Product: syz
[  539.491115][ T7887] usb 8-1: Manufacturer: syz
[  539.524176][ T7887] usb 8-1: SerialNumber: syz
[  539.539322][ T7887] usb 8-1: config 0 descriptor??
[  539.569798][ T7887] ssu100 8-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  539.780612][T14629] loop3: detected capacity change from 0 to 8
[  539.814816][T14629] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  540.349699][T14620] loop0: detected capacity change from 0 to 40427
[  540.398234][T14620] F2FS-fs (loop0): build fault injection rate: 690
[  540.400378][ T7887] ssu100 8-1:0.0: probe with driver ssu100 failed with error -71
[  540.429404][T14620] F2FS-fs (loop0): invalid crc value
[  540.432966][ T7887] usb 8-1: USB disconnect, device number 12
[  540.482040][T14638] loop3: detected capacity change from 0 to 4096
[  540.712088][T14620] F2FS-fs (loop0): Start checkpoint disabled!
[  540.745376][T14620] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  540.902280][ T1106] kworker/u8:6: attempt to access beyond end of device
[  540.902280][ T1106] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  540.933091][ T1106] CPU: 0 UID: 0 PID: 1106 Comm: kworker/u8:6 Not tainted 6.15.0-syzkaller-11061-g7f9039c524a3 #0 PREEMPT(full) 
[  540.933129][ T1106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  540.933146][ T1106] Workqueue: writeback wb_workfn (flush-7:0)
[  540.933192][ T1106] Call Trace:
[  540.933202][ T1106]  <TASK>
[  540.933214][ T1106]  dump_stack_lvl+0x189/0x250
[  540.933262][ T1106]  ? __pfx_dump_stack_lvl+0x10/0x10
[  540.933298][ T1106]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  540.933336][ T1106]  ? __pfx_queue_work_on+0x10/0x10
[  540.933363][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.933392][ T1106]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  540.933427][ T1106]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  540.933465][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.933493][ T1106]  ? f2fs_hw_is_readonly+0x39b/0x470
[  540.933541][ T1106]  f2fs_handle_critical_error+0x37c/0x540
[  540.933584][ T1106]  f2fs_write_end_io+0x495/0x810
[  540.933620][ T1106]  ? blkg_put+0x22/0x240
[  540.933677][ T1106]  __submit_merged_bio+0x27a/0x6a0
[  540.933720][ T1106]  __submit_merged_write_cond+0x255/0x530
[  540.933763][ T1106]  f2fs_write_data_pages+0x261d/0x3000
[  540.933849][ T1106]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  540.933882][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.933929][ T1106]  ? unwind_next_frame+0xa5/0x2390
[  540.934002][ T1106]  ? ret_from_fork_asm+0x1a/0x30
[  540.934037][ T1106]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  540.934067][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.934120][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.934149][ T1106]  ? __lock_acquire+0xab9/0xd20
[  540.934195][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.934237][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.934278][ T1106]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  540.934317][ T1106]  do_writepages+0x32e/0x550
[  540.934349][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.934377][ T1106]  ? reacquire_held_locks+0x127/0x1d0
[  540.934402][ T1106]  ? writeback_sb_inodes+0x372/0x1000
[  540.934443][ T1106]  __writeback_single_inode+0x145/0xff0
[  540.934468][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.934496][ T1106]  ? do_raw_spin_unlock+0x122/0x240
[  540.934537][ T1106]  writeback_sb_inodes+0x6b5/0x1000
[  540.934566][ T1106]  ? __lock_acquire+0xab9/0xd20
[  540.934614][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.934662][ T1106]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  540.934748][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.934776][ T1106]  ? rcu_is_watching+0x15/0xb0
[  540.934799][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.934841][ T1106]  wb_writeback+0x43b/0xaf0
[  540.934894][ T1106]  ? queue_io+0x391/0x590
[  540.934923][ T1106]  ? __pfx_wb_writeback+0x10/0x10
[  540.934976][ T1106]  ? _raw_spin_unlock_irq+0x23/0x50
[  540.935019][ T1106]  wb_workfn+0x409/0xef0
[  540.935076][ T1106]  ? __pfx_wb_workfn+0x10/0x10
[  540.935117][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.935145][ T1106]  ? __lock_acquire+0xab9/0xd20
[  540.935199][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.935232][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.935267][ T1106]  ? _raw_spin_unlock_irq+0x23/0x50
[  540.935301][ T1106]  ? process_scheduled_works+0x9ef/0x17b0
[  540.935339][ T1106]  ? process_scheduled_works+0x9ef/0x17b0
[  540.935383][ T1106]  process_scheduled_works+0xae1/0x17b0
[  540.935467][ T1106]  ? __pfx_process_scheduled_works+0x10/0x10
[  540.935524][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.935566][ T1106]  worker_thread+0x8a0/0xda0
[  540.935631][ T1106]  kthread+0x711/0x8a0
[  540.935666][ T1106]  ? __pfx_worker_thread+0x10/0x10
[  540.935689][ T1106]  ? __pfx_kthread+0x10/0x10
[  540.935716][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.935750][ T1106]  ? _raw_spin_unlock_irq+0x23/0x50
[  540.935783][ T1106]  ? srso_alias_return_thunk+0x5/0xfbef5
[  540.935811][ T1106]  ? lockdep_hardirqs_on+0x9c/0x150
[  540.935846][ T1106]  ? __pfx_kthread+0x10/0x10
[  540.935879][ T1106]  ret_from_fork+0x3fc/0x770
[  540.935919][ T1106]  ? __pfx_ret_from_fork+0x10/0x10
[  540.935966][ T1106]  ? __switch_to_asm+0x39/0x70
[  540.935990][ T1106]  ? __switch_to_asm+0x33/0x70
[  540.936014][ T1106]  ? __pfx_kthread+0x10/0x10
[  540.936046][ T1106]  ret_from_fork_asm+0x1a/0x30
[  540.936098][ T1106]  </TASK>
[  540.936109][ T1106] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  541.232122][T14640] loop1: detected capacity change from 0 to 32768
[  541.452537][T14640] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3099 (14640)
[  541.516237][T14640] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  541.538323][T14640] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  541.572736][T14640] BTRFS info (device loop1): using free-space-tree
[  541.836960][T14640] BTRFS info (device loop1): rebuilding free space tree
[  542.254783][T11585] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  542.866272][T14699] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3118'.
[  543.142327][T14705] loop0: detected capacity change from 0 to 8
[  543.543479][T14693] loop7: detected capacity change from 0 to 32768
[  543.573463][T14715] loop3: detected capacity change from 0 to 2048
[  543.599554][T14715] NILFS (loop3): invalid segment: Magic number mismatch
[  543.627814][T14693] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.3117 (14693)
[  543.639588][T14715] NILFS (loop3): trying rollback from an earlier position
[  543.681196][T14693] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  543.702936][T14693] BTRFS info (device loop7): using crc32c (crc32c-x86_64) checksum algorithm
[  543.714717][T14715] NILFS (loop3): recovery cancelled because norecovery option was specified for a read/write mount
[  543.771281][T14693] BTRFS info (device loop7): using free-space-tree
[  544.359292][T14745] loop1: detected capacity change from 0 to 64
[  544.552279][ T7760] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  545.295049][T14763] loop7: detected capacity change from 0 to 1024
[  545.406824][T14763] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  545.543324][T14763] ext4 filesystem being mounted at /395/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  545.653875][T14763] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  545.716946][T14763] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 1 with error 28
[  545.743822][T14763] EXT4-fs (loop7): This should not happen!! Data will be lost
[  545.743822][T14763] 
[  545.780357][T14763] EXT4-fs (loop7): Total free blocks count 0
[  545.834421][T14763] EXT4-fs (loop7): Free/Dirty block details
[  545.872780][T14763] EXT4-fs (loop7): free_blocks=4293918720
[  545.878609][T14763] EXT4-fs (loop7): dirty_blocks=0
[  545.921120][T14763] EXT4-fs (loop7): Block reservation details
[  545.982759][T14763] EXT4-fs (loop7): i_reserved_data_blocks=0
[  546.105923][ T7760] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  546.319331][T14767] loop1: detected capacity change from 0 to 32768
[  546.331073][T14548] Set syz1 is full, maxelem 65536 reached
[  546.350929][T14767] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3142 (14767)
[  546.391848][T14788] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3149'.
[  546.394191][T14767] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  546.463622][T14767] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  546.495543][T14767] BTRFS info (device loop1): using free-space-tree
[  546.657677][T14767] BTRFS info (device loop1): rebuilding free space tree
[  546.683361][T14795] sp0: Synchronizing with TNC
[  546.738618][T14767] BTRFS info (device loop1): checking UUID tree
[  547.023997][T11585] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  547.592861][ T5926] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  547.756606][ T5926] usb 1-1: Using ep0 maxpacket: 32
[  547.791387][ T5926] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  547.829092][ T5926] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  547.862586][ T5926] usb 1-1: config 0 descriptor??
[  547.891819][ T5926] gspca_main: sunplus-2.14.0 probing 041e:400b
[  548.521846][T14856] loop7: detected capacity change from 0 to 4096
[  548.560538][T14862] loop5: detected capacity change from 0 to 1024
[  548.686771][T14862] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  548.721706][ T5926] gspca_sunplus: reg_r err -71
[  548.727537][ T5926] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  548.741925][ T5926] usb 1-1: USB disconnect, device number 19
[  549.024318][T14878] loop1: detected capacity change from 0 to 128
[  549.086189][T12958] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  549.113627][T14876] loop3: detected capacity change from 0 to 32768
[  549.177840][T14876] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  549.321206][T14876] XFS (loop3): Ending clean mount
[  549.404053][ T5847] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  550.641536][T14891] loop5: detected capacity change from 0 to 32768
[  550.730183][T14891] (syz.5.3184,14891,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  550.797755][T14891] (syz.5.3184,14891,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  550.917653][T14891] JBD2: Ignoring recovery information on journal
[  551.091584][T14891] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  551.140720][T14919] loop0: detected capacity change from 0 to 8192
[  551.630501][T12958] ocfs2: Unmounting device (7,5) on (node local)
[  551.683453][    T9] usb 8-1: new full-speed USB device number 13 using dummy_hcd
[  551.801216][T14902] loop1: detected capacity change from 0 to 262144
[  551.811786][T14902] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3188 (14902)
[  551.854410][    T9] usb 8-1: config 1 interface 0 has no altsetting 0
[  551.873982][T14902] BTRFS info (device loop1): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  551.884428][T14902] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  551.894415][T14902] BTRFS info (device loop1): using free-space-tree
[  551.904612][    T9] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  551.999036][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  552.019074][    T9] usb 8-1: Product: syz
[  552.032801][    T9] usb 8-1: Manufacturer: syz
[  552.037437][    T9] usb 8-1: SerialNumber: syz
[  552.320252][T11585] BTRFS info (device loop1): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  552.336118][T14950] sch_tbf: burst 0 is lower than device veth0_to_team mtu (1514) !
[  552.488109][    T9] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 13 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  552.849187][T14962] loop5: detected capacity change from 0 to 4096
[  553.177799][T14948] loop0: detected capacity change from 0 to 32768
[  553.422632][T14971] o2cb: This node has not been configured.
[  553.445063][T14971] o2cb: Cluster check failed. Fix errors before retrying.
[  553.480173][T14971] (syz.5.3210,14971,1):user_dlm_register:674 ERROR: status = -22
[  553.513152][T14971] (syz.5.3210,14971,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "bus"
[  553.756200][ T5901] usb 8-1: USB disconnect, device number 13
[  553.771860][ T5901] usblp0: removed
[  554.214705][T14990] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3219'.
[  554.465531][T15000] netlink: 'syz.0.3223': attribute type 10 has an invalid length.
[  554.578092][T15000] team0: Port device wlan1 added
[  554.675563][T15002] vlan3: entered allmulticast mode
[  554.680818][T15002] mac80211_hwsim hwsim26 wlan0: entered allmulticast mode
[  555.076270][   T30] audit: type=1326 audit(1748914091.136:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.7.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2377b8e969 code=0x7ffc0000
[  555.157654][   T30] audit: type=1326 audit(1748914091.136:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.7.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2377b8e969 code=0x7ffc0000
[  555.245265][   T30] audit: type=1326 audit(1748914091.166:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.7.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2377b8e969 code=0x7ffc0000
[  555.329640][   T30] audit: type=1326 audit(1748914091.166:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.7.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2377b8e969 code=0x7ffc0000
[  555.362848][   T30] audit: type=1326 audit(1748914091.166:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.7.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2377b8e969 code=0x7ffc0000
[  555.386207][   T30] audit: type=1326 audit(1748914091.186:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.7.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2377b8e969 code=0x7ffc0000
[  555.408741][   T30] audit: type=1326 audit(1748914091.186:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.7.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2377b8e969 code=0x7ffc0000
[  555.438928][   T30] audit: type=1326 audit(1748914091.186:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.7.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2377b8e969 code=0x7ffc0000
[  555.520849][   T30] audit: type=1326 audit(1748914091.196:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.7.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f2377b8e969 code=0x7ffc0000
[  555.634889][   T30] audit: type=1326 audit(1748914091.196:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.7.3232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2377b8e969 code=0x7ffc0000
[  556.133102][ T5904] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  556.302927][ T5904] usb 8-1: Using ep0 maxpacket: 16
[  556.314662][ T5904] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  556.333094][ T5904] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  556.366080][ T5904] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  556.402783][ T5904] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  556.437576][ T5904] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  556.469381][ T5904] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  556.478722][ T5904] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  556.499001][ T5904] usb 8-1: Manufacturer: syz
[  556.533787][ T5904] usb 8-1: config 0 descriptor??
[  556.595157][T15074] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3257'.
[  556.771110][T15043] loop5: detected capacity change from 0 to 32768
[  556.813793][T15080] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input34
[  556.828825][T15043] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3244 (15043)
[  556.885884][T15043] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  556.896145][ T5904] rc_core: IR keymap rc-hauppauge not found
[  556.900075][T15086] mkiss: ax0: crc mode is auto.
[  556.902026][ T5904] Registered IR keymap rc-empty
[  556.902167][ T5904] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  556.928730][T15043] BTRFS info (device loop5): using crc32c (crc32c-x86_64) checksum algorithm
[  556.992607][T15043] BTRFS info (device loop5): disk space caching is enabled
[  557.010619][ T5904] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  557.049419][T15043] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  557.070237][ T5904] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0
[  557.101621][ T5904] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0/input33
[  557.140992][ T5904] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  557.173063][ T5904] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  557.180226][T15099] loop0: detected capacity change from 0 to 512
[  557.203014][ T5904] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  557.222265][T15099] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  557.262578][ T5904] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  557.296017][T15112] netlink: 'syz.3.3269': attribute type 1 has an invalid length.
[  557.313852][T15112] netlink: 172 bytes leftover after parsing attributes in process `syz.3.3269'.
[  557.313940][ T5904] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  557.351247][T15043] BTRFS info (device loop5): rebuilding free space tree
[  557.398720][ T5904] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  557.421155][T15099] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  557.436716][ T5904] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  557.445359][T15043] BTRFS info (device loop5): disabling free space tree
[  557.452303][T15043] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  557.458732][T15122] loop1: detected capacity change from 0 to 256
[  557.462757][T15099] ext4 filesystem being mounted at /495/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  557.479225][ T5904] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  557.489635][T15043] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  557.502961][ T5904] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  557.514629][T15122] exfat: Deprecated parameter 'utf8'
[  557.533063][ T5904] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  557.564653][ T5904] mceusb 8-1:0.0: Registered  with mce emulator interface version 1
[  557.584810][ T5904] mceusb 8-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  557.634840][ T5904] usb 8-1: USB disconnect, device number 14
[  557.696232][T15130] netlink: 'syz.3.3274': attribute type 4 has an invalid length.
[  557.748060][ T7677] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.818830][T12958] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  558.354658][T15152] loop3: detected capacity change from 0 to 256
[  558.441565][T15152] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  558.495494][    T9] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  558.665209][    T9] usb 2-1: Using ep0 maxpacket: 8
[  558.684423][    T9] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  558.696309][    T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  558.729248][    T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  558.749747][    T9] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  558.779585][    T9] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  558.803849][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  559.071971][    T9] usb 2-1: GET_CAPABILITIES returned 0
[  559.088857][    T9] usbtmc 2-1:16.0: can't read capabilities
[  559.277269][    T9] usb 2-1: USB disconnect, device number 6
[  559.528459][T15170] loop5: detected capacity change from 0 to 32768
[  559.568037][T15170] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  559.794489][T15170] XFS (loop5): Ending clean mount
[  559.806895][T15170] XFS (loop5): Quotacheck needed: Please wait.
[  559.987760][T15170] XFS (loop5): Quotacheck: Done.
[  560.019286][T15197] loop0: detected capacity change from 0 to 1024
[  560.078299][T15197] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  560.186332][T15189] loop7: detected capacity change from 0 to 32768
[  560.196011][T15189] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.3299 (15189)
[  560.237956][T15202] loop3: detected capacity change from 0 to 512
[  560.279597][T15189] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  560.304191][T12958] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  560.321725][T15189] BTRFS info (device loop7): using crc32c (crc32c-x86_64) checksum algorithm
[  560.334964][T15202] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  560.380421][T15202] ext4 filesystem being mounted at /604/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  560.428346][ T7677] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  560.610941][ T5847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  560.631572][T15229] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3310'.
[  560.674125][T15189] BTRFS info (device loop7): rebuilding free space tree
[  560.720883][T15189] BTRFS info (device loop7): disabling free space tree
[  560.730255][T15189] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  560.774487][T15189] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  560.789668][T15233] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3314'.
[  560.835826][T15235] loop1: detected capacity change from 0 to 1024
[  560.906132][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  560.906153][   T30] audit: type=1800 audit(1748914096.966:200): pid=15189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3299" name="bus" dev="loop7" ino=263 res=0 errno=0
[  561.033935][T15235] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  561.066410][ T7760] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  561.163341][   T30] audit: type=1800 audit(1748914097.196:201): pid=15235 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3313" name="file1" dev="loop1" ino=15 res=0 errno=0
[  561.384931][T11585] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.719964][T15252] loop1: detected capacity change from 0 to 4096
[  561.748472][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  561.764505][T15252] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  562.050121][T15252] ntfs3(loop1): Failed to load $Extend (-22).
[  562.060576][T15252] ntfs3(loop1): Failed to initialize $Extend.
[  562.141214][T15264] loop3: detected capacity change from 0 to 256
[  562.194555][T15237] loop0: detected capacity change from 0 to 32768
[  562.260262][T15258] loop7: detected capacity change from 0 to 32768
[  562.274857][T15237] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3315 (15237)
[  562.293480][T15258] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  562.301696][T15258] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  562.328657][T15258] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  562.365196][    T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  562.372019][    T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  562.437568][T15237] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  562.458475][ T5838] Bluetooth: hci4: command tx timeout
[  562.463615][T15269] netlink: 'syz.5.3326': attribute type 1 has an invalid length.
[  562.486085][T15237] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  562.496654][T15237] BTRFS info (device loop0): using free-space-tree
[  562.690294][    T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 318ms
[  562.750649][    T9] gfs2: fsid=syz:syz.0: jid=0: Done
[  562.757294][T15258] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  562.860661][ T7677] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  562.930898][T15258] gfs2: fsid=syz:syz.0: found 1 quota changes
[  563.139140][T15299] bridge0: port 1(bridge_slave_0) entered disabled state
[  563.547486][T15307] loop3: detected capacity change from 0 to 1024
[  563.932924][T15323] loop0: detected capacity change from 0 to 64
[  564.017228][T15323] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  564.023796][T15323] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  564.076774][T15323] vhci_hcd vhci_hcd.0: Device attached
[  564.082507][T15330] loop5: detected capacity change from 0 to 1024
[  564.105785][T15328] vhci_hcd: connection closed
[  564.113470][   T13] vhci_hcd: stop threads
[  564.122404][   T13] vhci_hcd: release socket
[  564.134940][   T13] vhci_hcd: disconnect device
[  564.142878][T15332] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3345'.
[  564.162031][T15330] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  564.381808][T12958] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  564.584060][T15351] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  564.635471][T15351] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  564.799079][T15362] loop0: detected capacity change from 0 to 256
[  564.883275][ T5904] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  564.975057][T15372] loop5: detected capacity change from 0 to 64
[  564.980887][T15371] loop1: detected capacity change from 0 to 2048
[  564.999592][T15372] BFS-fs: bfs_fill_super(): loop5 is unclean, continuing
[  565.016163][T15371] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  565.063402][ T5904] usb 4-1: Using ep0 maxpacket: 16
[  565.081994][ T5904] usb 4-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  565.099601][ T5904] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  565.120659][ T5904] usb 4-1: Product: syz
[  565.126030][ T5904] usb 4-1: Manufacturer: syz
[  565.153117][ T5904] usb 4-1: SerialNumber: syz
[  565.164488][ T5904] usb 4-1: config 0 descriptor??
[  565.326512][T15383] input: syz0 as /devices/virtual/input/input35
[  565.545409][T15387] loop0: detected capacity change from 0 to 1024
[  565.583759][ T5904] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  565.594602][ T5904] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  565.640694][ T5904] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  565.659125][ T5904] usb 4-1: media controller created
[  565.738809][ T5904] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  565.842097][ T5904] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  565.860359][ T5904] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  566.088277][   T43] usb 4-1: USB disconnect, device number 24
[  566.145074][T15385] loop1: detected capacity change from 0 to 32768
[  566.163683][   T43] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  566.204899][T15402] loop7: detected capacity change from 0 to 1024
[  566.211643][T15385] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  566.225056][T15402] EXT4-fs: Ignoring removed bh option
[  566.291627][T15402] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  566.400966][T15417] loop5: detected capacity change from 0 to 128
[  566.406674][T15385] XFS (loop1): Ending clean mount
[  566.424182][T15417] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  566.440143][T15385] XFS (loop1): Quotacheck needed: Please wait.
[  566.500530][T15417] ext4 filesystem being mounted at /124/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  566.575126][T15385] XFS (loop1): Quotacheck: Done.
[  566.584661][ T7760] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  566.599667][T15417] fscrypt (loop5, inode 12): Mutually exclusive encryption flags (0x18)
[  566.771610][T12958] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  566.804081][T11585] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  567.059393][ T5904] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  567.212787][ T5904] usb 8-1: Using ep0 maxpacket: 8
[  567.246901][ T5904] usb 8-1: config 179 has an invalid interface number: 65 but max is 0
[  567.267166][ T5904] usb 8-1: config 179 has no interface number 0
[  567.277333][ T5904] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  567.315564][ T5904] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  567.341807][ T5904] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  567.372799][ T5904] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  567.415531][ T5904] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  567.452750][ T5904] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  567.482558][ T5904] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.533216][T15429] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  567.756748][ T7887] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  567.936725][ T7887] usb 1-1: unable to get BOS descriptor or descriptor too short
[  567.948782][ T7887] usb 1-1: config 13 has an invalid interface number: 50 but max is 3
[  567.972190][ T7887] usb 1-1: config 13 has an invalid descriptor of length 0, skipping remainder of the config
[  568.000656][ T7887] usb 1-1: config 13 has 1 interface, different from the descriptor's value: 4
[  568.016885][ T5904] usb 8-1: USB disconnect, device number 15
[  568.016951][    C1] xpad 8-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  568.031158][    C1] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  568.065669][ T7887] usb 1-1: config 13 has no interface number 0
[  568.078616][ T7887] usb 1-1: config 13 interface 50 altsetting 4 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  568.101583][ T7887] usb 1-1: config 13 interface 50 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  568.129480][ T7887] usb 1-1: config 13 interface 50 has no altsetting 0
[  568.149123][ T7887] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=a9.e8
[  568.163971][ T7887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  568.179859][ T7887] usb 1-1: Product: syz
[  568.188579][ T7887] usb 1-1: Manufacturer: syz
[  568.197275][   T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  568.198825][ T7887] usb 1-1: SerialNumber: syz
[  568.339654][   T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  568.446348][   T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  568.476088][ T7887] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  568.478355][ T1140] usb 1-1: Failed to submit usb control message: -71
[  568.496200][ T7887] usb 1-1: USB disconnect, device number 20
[  568.526527][ T1140] usb 1-1: unable to send the bmi data to the device: -71
[  568.553703][ T1140] usb 1-1: unable to get target info from device
[  568.570370][ T1140] usb 1-1: could not get target info (-71)
[  568.587309][ T1140] usb 1-1: could not probe fw (-71)
[  568.769124][   T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  568.866856][T15482] loop1: detected capacity change from 0 to 512
[  568.934645][T15482] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  569.029537][T15482] ext4 filesystem being mounted at /235/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  569.044642][T15491] xt_CT: You must specify a L4 protocol and not use inversions on it
[  569.085450][   T30] audit: type=1800 audit(1748914105.146:202): pid=15482 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3410" name="file2" dev="loop1" ino=16 res=0 errno=0
[  569.243027][   T12] bridge_slave_1: left allmulticast mode
[  569.248710][   T12] bridge_slave_1: left promiscuous mode
[  569.250359][T11585] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  569.285271][T15494] loop7: detected capacity change from 0 to 2048
[  569.293200][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  569.336554][   T12] bridge_slave_0: left promiscuous mode
[  569.342471][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  569.387903][T15494] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  569.411324][T15494] EXT4-fs (loop7): shut down requested (2)
[  569.483643][T15502] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3417'.
[  569.516161][ T7760] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  569.627185][ T5850] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  569.639257][ T5850] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  569.666833][ T5850] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  569.703173][ T5850] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  569.713705][ T5850] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  570.468042][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  570.481212][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  570.492388][   T12] bond0 (unregistering): Released all slaves
[  570.989761][T15538] loop0: detected capacity change from 0 to 512
[  571.040475][T15527] loop7: detected capacity change from 0 to 32768
[  571.077091][T15538] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  571.143524][T15527] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  571.182899][T15538] ext4 filesystem being mounted at /523/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  571.328055][T15538] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.3433: corrupted inode contents
[  571.397987][T15559] EXT4-fs (loop0): shut down requested (1)
[  571.423925][T15538] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.3433: mark_inode_dirty error
[  571.513934][ T7760] ocfs2: Unmounting device (7,7) on (node local)
[  571.601583][ T7677] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  571.614087][   T13] Quota error (device loop0): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  571.731515][T15567] netlink: 'syz.2.3445': attribute type 10 has an invalid length.
[  571.754369][T15567] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3445'.
[  571.814859][ T5850] Bluetooth: hci4: command tx timeout
[  571.897635][T15566] loop1: detected capacity change from 0 to 4096
[  571.905538][   T12] hsr_slave_0: left promiscuous mode
[  571.929371][   T12] hsr_slave_1: left promiscuous mode
[  571.943573][T15573] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  571.967975][   T12] veth1_macvtap: left promiscuous mode
[  571.977746][   T12] veth0_macvtap: left promiscuous mode
[  571.983598][   T12] veth1_vlan: left promiscuous mode
[  571.989406][   T12] veth0_vlan: left promiscuous mode
[  572.209052][T15579] program syz.0.3450 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  572.941840][T15583] loop1: detected capacity change from 0 to 32768
[  572.965717][   T30] audit: type=1800 audit(1748914109.026:203): pid=15583 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3449" name="file1" dev="loop1" ino=4 res=0 errno=0
[  573.034314][   T30] audit: type=1800 audit(1748914109.036:204): pid=15583 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3449" name="file1" dev="loop1" ino=4 res=0 errno=0
[  573.277998][T15592] loop7: detected capacity change from 0 to 32768
[  573.301373][T15592] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  573.434064][T15592] XFS (loop7): Ending clean mount
[  573.469749][T15592] XFS (loop7): Quotacheck needed: Please wait.
[  573.623857][T15592] XFS (loop7): Quotacheck: Done.
[  573.758555][ T7760] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  573.898981][ T5850] Bluetooth: hci4: command tx timeout
[  574.026922][   T12] team0 (unregistering): Port device team_slave_1 removed
[  574.139663][T15614] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  574.190620][   T12] team0 (unregistering): Port device team_slave_0 removed
[  575.274435][T15567] team0: Port device geneve0 added
[  575.667982][T15639] loop1: detected capacity change from 0 to 256
[  575.727739][T15639] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[  575.810155][T15507] chnl_net:caif_netlink_parms(): no params data found
[  575.820983][T15638] loop0: detected capacity change from 0 to 2048
[  575.882249][T15638] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  575.965844][T15647] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  575.982925][ T5850] Bluetooth: hci4: command tx timeout
[  576.221905][   T12] IPVS: stop unused estimator thread 0...
[  576.415083][   T30] audit: type=1326 audit(1748914112.466:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15663 comm="syz.7.3482" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2377b8e969 code=0x0
[  576.470638][   T30] audit: type=1326 audit(1748914112.526:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15668 comm="syz.3.3484" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe1ad78e969 code=0x0
[  576.610296][T15507] bridge0: port 1(bridge_slave_0) entered blocking state
[  576.625821][T15507] bridge0: port 1(bridge_slave_0) entered disabled state
[  576.637433][T15507] bridge_slave_0: entered allmulticast mode
[  576.659668][T15507] bridge_slave_0: entered promiscuous mode
[  576.696251][T15507] bridge0: port 2(bridge_slave_1) entered blocking state
[  576.720764][T15507] bridge0: port 2(bridge_slave_1) entered disabled state
[  576.739519][T15507] bridge_slave_1: entered allmulticast mode
[  576.755187][T15507] bridge_slave_1: entered promiscuous mode
[  576.862073][T15507] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  576.905595][T15507] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  576.920004][T15681] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3489'.
[  577.033894][T15507] team0: Port device team_slave_0 added
[  577.064788][T15507] team0: Port device team_slave_1 added
[  577.086586][T15684] loop0: detected capacity change from 0 to 512
[  577.117373][T15684] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  577.179474][T15684] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  577.193398][T15684] ext4 filesystem being mounted at /531/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  577.233227][T15507] batman_adv: batadv0: Adding interface: batadv_slave_0
[  577.259558][T15507] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  577.307098][T15684] EXT4-fs (loop0): shut down requested (2)
[  577.383714][T15507] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  577.422896][T15507] batman_adv: batadv0: Adding interface: batadv_slave_1
[  577.440542][ T7677] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  577.450307][T15507] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  577.504391][T15507] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  577.828479][T15507] hsr_slave_0: entered promiscuous mode
[  577.850404][T15700] loop7: detected capacity change from 0 to 4096
[  577.874121][T15507] hsr_slave_1: entered promiscuous mode
[  577.958203][T15700] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[  577.971430][T15700] ntfs3(loop7): Failed to initialize $Extend/$ObjId.
[  578.053148][ T5850] Bluetooth: hci4: command tx timeout
[  578.428683][T15721] loop1: detected capacity change from 0 to 128
[  578.677405][T15704] loop3: detected capacity change from 0 to 32768
[  578.720628][T15704] 
[  578.720628][T15704]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  578.720628][T15704] 
[  578.763357][  T876] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  578.844862][ T5847] ERROR: (device loop3): diWrite: ixpxd invalid
[  578.844862][ T5847] 
[  578.884976][ T5847] ERROR: (device loop3): txCommit: 
[  578.884976][ T5847] 
[  578.913051][  T876] usb 8-1: Using ep0 maxpacket: 32
[  578.949237][  T876] usb 8-1: config 0 interface 0 has no altsetting 0
[  578.965392][  T876] usb 8-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  579.003227][  T876] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  579.018147][  T876] usb 8-1: Product: syz
[  579.026823][  T876] usb 8-1: Manufacturer: syz
[  579.052863][  T876] usb 8-1: SerialNumber: syz
[  579.094013][  T876] usb 8-1: config 0 descriptor??
[  579.514068][ T5847] 
[  579.514068][ T5847]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  579.514068][ T5847] 
[  579.532874][  T876] gs_usb 8-1:0.0: Configuring for 1 interfaces
[  579.544596][ T5847] 
[  579.544596][ T5847]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  579.544596][ T5847] 
[  579.545071][T15731] loop1: detected capacity change from 0 to 32768
[  579.567130][T15731] XFS: ikeep mount option is deprecated.
[  579.580820][T15746] loop0: detected capacity change from 0 to 512
[  579.618941][T15746] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  579.636485][T15731] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  579.644059][T15746] ext4 filesystem being mounted at /540/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  579.764905][T15731] XFS (loop1): Ending clean mount
[  579.778010][ T1099] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  579.797079][   T30] audit: type=1800 audit(1748914115.856:207): pid=15746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3516" name="file1" dev="loop0" ino=15 res=0 errno=0
[  579.812964][T15731] XFS (loop1): Quotacheck needed: Please wait.
[  579.918376][ T7677] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  579.932559][  T876] gs_usb 8-1:0.0: Disabling termination support for channel 0 (-EPROTO)
[  579.939697][T15507] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  579.992421][T15507] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  580.006249][T15731] XFS (loop1): Quotacheck: Done.
[  580.073143][  T876] usb 8-1: USB disconnect, device number 16
[  580.092306][T15761] netlink: 71 bytes leftover after parsing attributes in process `syz.2.3520'.
[  580.125671][ T1099] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  580.191069][T15507] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  580.200539][T11585] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  580.338108][T15507] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  580.455884][ T1099] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  580.760874][ T1099] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  581.034381][T15778] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  581.042397][T15778] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[  581.059564][T15778] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  581.074171][T15778] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[  581.536130][ T1099] bridge_slave_1: left allmulticast mode
[  581.541885][ T1099] bridge_slave_1: left promiscuous mode
[  581.570591][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state
[  581.597273][ T5838] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  581.605492][T15787] loop1: detected capacity change from 0 to 512
[  581.613450][ T5838] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  581.623792][ T1099] bridge_slave_0: left allmulticast mode
[  581.629543][ T1099] bridge_slave_0: left promiscuous mode
[  581.635452][ T5838] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  581.645992][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state
[  581.653822][ T5838] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  581.661849][ T5838] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  581.709554][T15787] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  581.730283][T15787] ext4 filesystem being mounted at /259/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  581.833459][T15791] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  582.029127][T11585] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  582.524945][T15810] loop7: detected capacity change from 0 to 8192
[  582.807962][    T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  583.012037][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  583.049198][    T9] usb 2-1: config 0 has no interfaces?
[  583.056760][    T9] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  583.085599][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  583.126121][    T9] usb 2-1: config 0 descriptor??
[  583.197930][ T1099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  583.219978][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  583.232474][ T1099] bond0 (unregistering): Released all slaves
[  583.260157][T15507] 8021q: adding VLAN 0 to HW filter on device bond0
[  583.273841][T15803] lo: entered promiscuous mode
[  583.282636][T15805] lo: left promiscuous mode
[  583.365322][    T9] usb 2-1: USB disconnect, device number 7
[  583.373628][ T1099] tipc: Left network mode
[  583.403200][T15825] netlink: 'syz.7.3546': attribute type 1 has an invalid length.
[  583.413712][T15507] 8021q: adding VLAN 0 to HW filter on device team0
[  583.428326][T15825] nbd: error processing sock list
[  583.446130][T15825] block nbd0: shutting down sockets
[  583.563600][ T1106] bridge0: port 1(bridge_slave_0) entered blocking state
[  583.570930][ T1106] bridge0: port 1(bridge_slave_0) entered forwarding state
[  583.671263][ T1106] bridge0: port 2(bridge_slave_1) entered blocking state
[  583.678551][ T1106] bridge0: port 2(bridge_slave_1) entered forwarding state
[  583.733151][ T5838] Bluetooth: hci5: command tx timeout
[  583.971247][T15842] loop7: detected capacity change from 0 to 128
[  584.001339][T15842] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  584.033240][T15842] ext4 filesystem being mounted at /464/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  584.064964][ T1099] hsr_slave_0: left promiscuous mode
[  584.081253][ T1099] hsr_slave_1: left promiscuous mode
[  584.107741][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  584.131573][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_0
[  584.141303][T15829] loop0: detected capacity change from 0 to 32768
[  584.153011][T15842] fscrypt (loop7, inode 12): Unsupported encryption flags (0x29)
[  584.162272][T15829] (syz.0.3548,15829,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  584.181178][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  584.196384][T15829] (syz.0.3548,15829,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  584.210024][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_1
[  584.238378][ T7760] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  584.270769][T15829] JBD2: Ignoring recovery information on journal
[  584.290951][ T1099] veth1_macvtap: left promiscuous mode
[  584.297670][ T1099] veth0_macvtap: left promiscuous mode
[  584.303393][ T1099] veth1_vlan: left promiscuous mode
[  584.308777][ T1099] veth0_vlan: left promiscuous mode
[  584.369772][T15829] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  584.689470][T15858] loop7: detected capacity change from 0 to 16
[  584.759282][T15858] erofs (device loop7): mounted with root inode @ nid 36.
[  584.763512][ T7677] ocfs2: Unmounting device (7,0) on (node local)
[  585.160961][T15866] loop7: detected capacity change from 0 to 256
[  585.709407][ T1099] team0 (unregistering): Port device team_slave_1 removed
[  585.818620][ T1099] team0 (unregistering): Port device team_slave_0 removed
[  585.831685][ T5838] Bluetooth: hci5: command tx timeout
[  586.022421][T15872] loop7: detected capacity change from 0 to 32768
[  586.702418][T15847] macvlan2: entered promiscuous mode
[  586.712828][T15847] bridge0: entered promiscuous mode
[  586.725975][T15864] ipvlan0: entered promiscuous mode
[  586.732638][T15864] ipvlan0: left promiscuous mode
[  586.935521][T15874] loop7: detected capacity change from 0 to 32768
[  586.952839][T15874] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.3567 (15874)
[  587.013251][T15874] BTRFS info (device loop7): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  587.066800][T15874] BTRFS info (device loop7): using xxhash64 (xxhash64-generic) checksum algorithm
[  587.087479][T15874] BTRFS info (device loop7): disk space caching is enabled
[  587.123997][T15874] BTRFS warning (device loop7): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  587.181853][T15883] 9pnet_fd: Insufficient options for proto=fd
[  587.334150][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  587.430358][T15874] BTRFS info (device loop7): rebuilding free space tree
[  587.447619][T15769] chnl_net:caif_netlink_parms(): no params data found
[  587.563403][T15874] BTRFS info (device loop7): disabling free space tree
[  587.570362][T15874] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  587.601330][T15874] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  587.654275][T15909] overlayfs: missing 'workdir'
[  587.773624][T15912] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3575'.
[  587.894667][ T5838] Bluetooth: hci5: command tx timeout
[  587.949433][ T7760] BTRFS info (device loop7): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  588.028547][T15919] macsec1: entered promiscuous mode
[  588.179154][T15769] bridge0: port 1(bridge_slave_0) entered blocking state
[  588.212868][T15769] bridge0: port 1(bridge_slave_0) entered disabled state
[  588.220887][T15769] bridge_slave_0: entered allmulticast mode
[  588.261219][T15769] bridge_slave_0: entered promiscuous mode
[  588.291229][    C0] vkms_vblank_simulate: vblank timer overrun
[  588.315484][T15507] 8021q: adding VLAN 0 to HW filter on device batadv0
[  588.331202][T15769] bridge0: port 2(bridge_slave_1) entered blocking state
[  588.344386][T15769] bridge0: port 2(bridge_slave_1) entered disabled state
[  588.351681][T15769] bridge_slave_1: entered allmulticast mode
[  588.382893][T15769] bridge_slave_1: entered promiscuous mode
[  588.429442][    T9] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[  588.593371][T15769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  588.612563][    T9] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  588.635724][T15769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  588.645204][    T9] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  588.683847][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  588.690518][    T9] usb 2-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  588.732835][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  588.766695][T15933] loop7: detected capacity change from 0 to 512
[  588.779766][    T9] usb 2-1: config 0 descriptor??
[  588.842409][T15933] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -2
[  588.867414][T15769] team0: Port device team_slave_0 added
[  588.882997][T15933] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.3577: invalid indirect mapped block 2683928664 (level 1)
[  588.883664][T15930] nbd: illegal input index -116350251
[  588.904429][T15769] team0: Port device team_slave_1 added
[  588.912534][T15933] EXT4-fs (loop7): Remounting filesystem read-only
[  588.929378][T15933] EXT4-fs (loop7): 1 truncate cleaned up
[  588.949723][T15917] loop0: detected capacity change from 0 to 32768
[  588.955605][T15933] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  589.002633][T15917] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  589.039964][T15769] batman_adv: batadv0: Adding interface: batadv_slave_0
[  589.052245][T15933] EXT4-fs (loop7): shut down requested (1)
[  589.069157][T15769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  589.108412][T15769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  589.122337][T15769] batman_adv: batadv0: Adding interface: batadv_slave_1
[  589.145722][ T7760] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  589.155922][T15917] XFS (loop0): Ending clean mount
[  589.164664][T15769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  589.191147][T15769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  589.197561][T15917] XFS (loop0): Quotacheck needed: Please wait.
[  589.222450][    T9] hid-steam 0003:28DE:1102.0012: unknown main item tag 0x0
[  589.273607][    T9] hid-steam 0003:28DE:1102.0012: unknown main item tag 0x0
[  589.323213][    T9] hid-steam 0003:28DE:1102.0012: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.1-1/input0
[  589.422119][T15917] XFS (loop0): Quotacheck: Done.
[  589.461028][T15769] hsr_slave_0: entered promiscuous mode
[  589.463276][    T9] hid-steam 0003:28DE:1102.0012: Steam Controller 'XXXXXXXXXX' connected
[  589.484979][    T9] input: Steam Controller as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:28DE:1102.0012/input/input36
[  589.513168][    T9] hid-steam 0003:28DE:1102.0013: unknown main item tag 0x0
[  589.520986][    T9] hid-steam 0003:28DE:1102.0013: unknown main item tag 0x0
[  589.532118][T15769] hsr_slave_1: entered promiscuous mode
[  589.539914][    T9] hid-steam 0003:28DE:1102.0013: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.1-1/input0
[  589.550352][T15769] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  589.561675][    T9] usb 2-1: USB disconnect, device number 8
[  589.575171][T15769] Cannot create hsr debugfs directory
[  589.648809][    T9] hid-steam 0003:28DE:1102.0012: Steam Controller 'XXXXXXXXXX' disconnected
[  589.816144][ T7677] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  589.980555][ T5838] Bluetooth: hci5: command tx timeout
[  590.113476][ T5901] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  590.191066][T15507] veth0_vlan: entered promiscuous mode
[  590.231748][T15507] veth1_vlan: entered promiscuous mode
[  590.304105][ T5901] usb 8-1: Using ep0 maxpacket: 32
[  590.318601][ T5901] usb 8-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  590.336600][T15966] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3593'.
[  590.373527][ T5901] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  590.381579][ T5901] usb 8-1: Product: syz
[  590.410528][ T5901] usb 8-1: Manufacturer: syz
[  590.422429][ T5901] usb 8-1: SerialNumber: syz
[  590.430428][T15507] veth0_macvtap: entered promiscuous mode
[  590.453851][ T5901] usb 8-1: config 0 descriptor??
[  590.464736][ T5901] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  590.509372][T15507] veth1_macvtap: entered promiscuous mode
[  590.635931][T15507] batman_adv: batadv0: Interface activated: batadv_slave_0
[  590.675819][T15507] batman_adv: batadv0: Interface activated: batadv_slave_1
[  590.716348][T15507] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  590.749189][T15507] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  590.762517][T15976] input: syz1 as /devices/virtual/input/input37
[  590.780372][T15507] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  590.809747][T15507] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  591.152151][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  591.180682][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  591.268415][T15984] loop1: detected capacity change from 0 to 2048
[  591.277143][ T5901] gspca_ov534_9: reg_w failed -71
[  591.296128][T15984] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  591.309481][ T1099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  591.332394][T15769] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  591.348132][ T1099] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  591.408230][T15769] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  591.429392][T15769] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  591.450506][T15969] syz.0.3589 (15969): drop_caches: 2
[  591.482399][T15769] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  591.573423][ T5901] gspca_ov534_9: Unknown sensor 0000
[  591.573524][ T5901] ov534_9 8-1:0.0: probe with driver ov534_9 failed with error -22
[  591.631541][ T5901] usb 8-1: USB disconnect, device number 17
[  591.670570][T15991] loop0: detected capacity change from 0 to 512
[  591.766566][T15991] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  591.787510][T15991] ext4 filesystem being mounted at /558/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  591.827571][T15991] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  591.903284][T15769] 8021q: adding VLAN 0 to HW filter on device bond0
[  591.994754][T15769] 8021q: adding VLAN 0 to HW filter on device team0
[  592.054576][ T1340] bridge0: port 1(bridge_slave_0) entered blocking state
[  592.061758][ T1340] bridge0: port 1(bridge_slave_0) entered forwarding state
[  592.104389][ T1340] bridge0: port 2(bridge_slave_1) entered blocking state
[  592.111611][ T1340] bridge0: port 2(bridge_slave_1) entered forwarding state
[  592.136635][T16001] openvswitch: netlink: Multiple metadata blocks provided
[  592.651442][T15989] loop1: detected capacity change from 0 to 32768
[  592.695632][T16012] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3610'.
[  592.734418][T15989] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  592.826369][T15989] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  592.851390][T15989] XFS (loop1): Starting recovery (logdev: internal)
[  592.888674][T15989] XFS (loop1): Ending recovery (logdev: internal)
[  593.046421][T11585] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  593.110309][T16030] x_tables: duplicate underflow at hook 3
[  593.142339][T15769] 8021q: adding VLAN 0 to HW filter on device batadv0
[  593.303233][  T876] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  593.304876][T16034] netlink: 100 bytes leftover after parsing attributes in process `syz.6.3616'.
[  593.376390][T16003] loop0: detected capacity change from 0 to 32768
[  593.433296][T16003] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3607 (16003)
[  593.506815][  T876] usb 8-1: Using ep0 maxpacket: 16
[  593.528577][  T876] usb 8-1: config 0 has no interfaces?
[  593.582792][T16003] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  593.609839][  T876] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  593.619229][T16003] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  593.652198][T16003] BTRFS info (device loop0): using free-space-tree
[  593.666394][  T876] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  593.706020][  T876] usb 8-1: Manufacturer: syz
[  593.740423][  T876] usb 8-1: config 0 descriptor??
[  593.970501][ T7677] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  594.045814][T16027] lo: entered promiscuous mode
[  594.066918][T16027] tunl0: entered promiscuous mode
[  594.139167][T16067] loop1: detected capacity change from 0 to 4096
[  594.146533][T16027] gre0: entered promiscuous mode
[  594.186925][T16067] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  594.205338][T16027] gretap0: entered promiscuous mode
[  594.223476][T16027] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  594.289104][ T7887] usb 8-1: USB disconnect, device number 18
[  594.323293][T15769] veth0_vlan: entered promiscuous mode
[  594.331183][T16067] ntfs3(loop1): Failed to load $Extend (-22).
[  594.363309][T16067] ntfs3(loop1): Failed to initialize $Extend.
[  594.396050][T15769] veth1_vlan: entered promiscuous mode
[  594.404256][T16073] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  594.500746][T15769] veth0_macvtap: entered promiscuous mode
[  594.545740][T15769] veth1_macvtap: entered promiscuous mode
[  594.626149][T15769] batman_adv: batadv0: Interface activated: batadv_slave_0
[  594.695665][T15769] batman_adv: batadv0: Interface activated: batadv_slave_1
[  594.729118][T15769] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  594.758519][T15769] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  594.792867][T15769] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  594.822237][T15769] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  594.908810][T16083] loop6: detected capacity change from 0 to 128
[  594.934882][T16083] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  594.994797][T16083] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  595.049708][T16087] loop7: detected capacity change from 0 to 256
[  595.103907][T16087] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  595.151244][T16087] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=512, location=512
[  595.208665][T16087] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found
[  595.229426][T16087] UDF-fs: Scanning with blocksize 512 failed
[  595.280008][T16087] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  595.317044][T16087] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  595.518716][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  595.552886][ T5926] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  595.572052][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  595.581149][T16087] overlayfs: upper fs needs to support d_type.
[  595.592310][T16087] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  595.599837][T16087] overlayfs: failed to set xattr on upper
[  595.605995][T16087] overlayfs: ...falling back to redirect_dir=nofollow.
[  595.613141][T16087] overlayfs: ...falling back to index=off.
[  595.622794][T16087] overlayfs: ...falling back to uuid=null.
[  595.681935][ T1106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  595.698550][ T1106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  595.734159][ T5926] usb 1-1: Using ep0 maxpacket: 8
[  595.745208][ T5926] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  595.759593][ T5926] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  595.811685][ T5926] pvrusb2: Hardware description: Terratec Grabster AV400
[  595.836000][ T5926] pvrusb2: **********
[  595.840788][ T5926] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  595.867358][ T5926] pvrusb2: Important functionality might not be entirely working.
[  595.881264][ T5926] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  595.905697][ T5926] pvrusb2: **********
[  596.037797][ T2343] pvrusb2: Invalid write control endpoint
[  596.080551][   T30] audit: type=1326 audit(1748914132.136:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16108 comm="syz.7.3640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2377b8e969 code=0x7ffc0000
[  596.153232][   T30] audit: type=1326 audit(1748914132.166:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16108 comm="syz.7.3640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f2377b8e969 code=0x7ffc0000
[  596.242114][T16094] pvrusb2: Invalid write control endpoint
[  596.250416][   T30] audit: type=1326 audit(1748914132.166:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16108 comm="syz.7.3640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2377b8e969 code=0x7ffc0000
[  596.292200][T11873] usb 1-1: USB disconnect, device number 21
[  596.296167][ T2343] pvrusb2: Invalid write control endpoint
[  596.337434][ T2343] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  596.365618][ T2343] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  596.398703][ T2343] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  596.414823][ T2343] pvrusb2: Device being rendered inoperable
[  596.428890][ T2343] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  596.438143][ T2343] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  596.464052][ T2343] pvrusb2: Attached sub-driver cx25840
[  596.474808][ T2343] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  596.525669][ T2343] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  596.536553][T16124] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3647'.
[  596.778083][T16133] wg2: entered promiscuous mode
[  596.799871][T16133] wg2: entered allmulticast mode
[  597.252824][T11873] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  597.432799][T11873] usb 8-1: Using ep0 maxpacket: 16
[  597.454408][T11873] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  597.483139][T11873] usb 8-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[  597.522990][T11873] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  597.568686][T11873] usb 8-1: config 0 descriptor??
[  597.589536][   T51] Bluetooth: hci5: command 0x0405 tx timeout
[  597.989592][T16140] loop6: detected capacity change from 0 to 40427
[  598.009939][T11873] apple 0003:05AC:024B.0014: unknown main item tag 0x6
[  598.026701][T16140] F2FS-fs (loop6): invalid crc value
[  598.051901][T11873] apple 0003:05AC:024B.0014: invalid report_size 24312
[  598.081625][T11873] apple 0003:05AC:024B.0014: item 0 2 1 7 parsing failed
[  598.113284][T11873] apple 0003:05AC:024B.0014: parse failed
[  598.119148][T11873] apple 0003:05AC:024B.0014: probe with driver apple failed with error -22
[  598.148502][T16174] loop8: detected capacity change from 0 to 1024
[  598.207623][T16174] EXT4-fs error (device loop8): ext4_orphan_get:1419: comm syz.8.3669: bad orphan inode 196608
[  598.219133][ T5901] usb 8-1: USB disconnect, device number 19
[  598.270218][T16140] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  598.282520][T16174] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  598.393817][T16140] syz.6.3655: attempt to access beyond end of device
[  598.393817][T16140] loop6: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  598.448355][T16140] CPU: 1 UID: 0 PID: 16140 Comm: syz.6.3655 Not tainted 6.15.0-syzkaller-11061-g7f9039c524a3 #0 PREEMPT(full) 
[  598.448401][T16140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  598.448417][T16140] Call Trace:
[  598.448427][T16140]  <TASK>
[  598.448439][T16140]  dump_stack_lvl+0x189/0x250
[  598.448490][T16140]  ? __pfx_dump_stack_lvl+0x10/0x10
[  598.448533][T16140]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  598.448570][T16140]  ? __pfx_queue_work_on+0x10/0x10
[  598.448597][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.448627][T16140]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  598.448662][T16140]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  598.448698][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.448726][T16140]  ? f2fs_hw_is_readonly+0x39b/0x470
[  598.448766][T16140]  f2fs_handle_critical_error+0x37c/0x540
[  598.448807][T16140]  f2fs_write_end_io+0x495/0x810
[  598.448843][T16140]  ? blkg_put+0x22/0x240
[  598.448896][T16140]  __submit_merged_bio+0x27a/0x6a0
[  598.448927][T16140]  ? up_write+0x1c4/0x420
[  598.448961][T16140]  __submit_merged_write_cond+0x44c/0x530
[  598.449002][T16140]  f2fs_sync_node_pages+0x1871/0x1a10
[  598.449060][T16140]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  598.449092][T16140]  ? irqentry_exit+0x74/0x90
[  598.449159][T16140]  ? f2fs_write_checkpoint+0xe33/0x1de0
[  598.449203][T16140]  ? up_write+0x1c4/0x420
[  598.449227][T16140]  ? do_raw_spin_unlock+0x122/0x240
[  598.449263][T16140]  f2fs_write_checkpoint+0xe5f/0x1de0
[  598.449330][T16140]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  598.449417][T16140]  ? __pfx_down_write+0x10/0x10
[  598.449457][T16140]  f2fs_issue_checkpoint+0x3ac/0x570
[  598.449501][T16140]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  598.449549][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.449577][T16140]  ? __lock_acquire+0xab9/0xd20
[  598.449630][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.449659][T16140]  ? __up_read+0x280/0x680
[  598.449697][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.449724][T16140]  ? f2fs_sync_fs+0x200/0x3d0
[  598.449759][T16140]  f2fs_do_sync_file+0x86a/0x1860
[  598.449809][T16140]  ? __pfx_f2fs_do_sync_file+0x10/0x10
[  598.449898][T16140]  ? __fget_files+0x2a/0x420
[  598.449926][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.449954][T16140]  ? __fget_files+0x3a0/0x420
[  598.449988][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.450022][T16140]  ? f2fs_sync_file+0xe9/0x160
[  598.450061][T16140]  ? __pfx_f2fs_sync_file+0x10/0x10
[  598.450097][T16140]  __x64_sys_fdatasync+0xb9/0x110
[  598.450134][T16140]  do_syscall_64+0xfa/0x3b0
[  598.450155][T16140]  ? lockdep_hardirqs_on+0x9c/0x150
[  598.450191][T16140]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  598.450215][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.450243][T16140]  ? exc_page_fault+0x9f/0xf0
[  598.450281][T16140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  598.450306][T16140] RIP: 0033:0x7f05adf8e969
[  598.450328][T16140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  598.450349][T16140] RSP: 002b:00007f05aed9a038 EFLAGS: 00000246 ORIG_RAX: 000000000000004b
[  598.450376][T16140] RAX: ffffffffffffffda RBX: 00007f05ae1b5fa0 RCX: 00007f05adf8e969
[  598.450394][T16140] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  598.450410][T16140] RBP: 00007f05ae010ab1 R08: 0000000000000000 R09: 0000000000000000
[  598.450426][T16140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  598.450442][T16140] R13: 0000000000000000 R14: 00007f05ae1b5fa0 R15: 00007ffeb179d2e8
[  598.450480][T16140]  </TASK>
[  598.806087][T16140] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  598.813313][T16140] CPU: 0 UID: 0 PID: 16140 Comm: syz.6.3655 Not tainted 6.15.0-syzkaller-11061-g7f9039c524a3 #0 PREEMPT(full) 
[  598.813345][T16140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  598.813360][T16140] Call Trace:
[  598.813371][T16140]  <TASK>
[  598.813382][T16140]  dump_stack_lvl+0x189/0x250
[  598.813430][T16140]  ? __pfx_dump_stack_lvl+0x10/0x10
[  598.813465][T16140]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  598.813500][T16140]  ? __pfx_queue_work_on+0x10/0x10
[  598.813525][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.813552][T16140]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  598.813585][T16140]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  598.813621][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.813648][T16140]  ? f2fs_hw_is_readonly+0x39b/0x470
[  598.813689][T16140]  f2fs_handle_critical_error+0x37c/0x540
[  598.813731][T16140]  f2fs_write_end_io+0x495/0x810
[  598.813793][T16140]  __submit_merged_bio+0x27a/0x6a0
[  598.813823][T16140]  ? up_write+0x1c4/0x420
[  598.813858][T16140]  __submit_merged_write_cond+0x44c/0x530
[  598.813901][T16140]  f2fs_sync_node_pages+0x1871/0x1a10
[  598.813967][T16140]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  598.813999][T16140]  ? irqentry_exit+0x74/0x90
[  598.814073][T16140]  ? f2fs_write_checkpoint+0xe33/0x1de0
[  598.814119][T16140]  ? up_write+0x1c4/0x420
[  598.814143][T16140]  ? do_raw_spin_unlock+0x122/0x240
[  598.814181][T16140]  f2fs_write_checkpoint+0xe5f/0x1de0
[  598.814255][T16140]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  598.814362][T16140]  ? __pfx_down_write+0x10/0x10
[  598.814406][T16140]  f2fs_issue_checkpoint+0x3ac/0x570
[  598.814449][T16140]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  598.814493][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.814520][T16140]  ? __lock_acquire+0xab9/0xd20
[  598.814577][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.814604][T16140]  ? __up_read+0x280/0x680
[  598.814645][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.814672][T16140]  ? f2fs_sync_fs+0x200/0x3d0
[  598.814708][T16140]  f2fs_do_sync_file+0x86a/0x1860
[  598.814762][T16140]  ? __pfx_f2fs_do_sync_file+0x10/0x10
[  598.814864][T16140]  ? __fget_files+0x2a/0x420
[  598.814892][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.814920][T16140]  ? __fget_files+0x3a0/0x420
[  598.814955][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.814983][T16140]  ? f2fs_sync_file+0xe9/0x160
[  598.815024][T16140]  ? __pfx_f2fs_sync_file+0x10/0x10
[  598.815059][T16140]  __x64_sys_fdatasync+0xb9/0x110
[  598.815097][T16140]  do_syscall_64+0xfa/0x3b0
[  598.815118][T16140]  ? lockdep_hardirqs_on+0x9c/0x150
[  598.815155][T16140]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  598.815178][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  598.815206][T16140]  ? exc_page_fault+0x9f/0xf0
[  598.815245][T16140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  598.815274][T16140] RIP: 0033:0x7f05adf8e969
[  598.815296][T16140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  598.815317][T16140] RSP: 002b:00007f05aed9a038 EFLAGS: 00000246 ORIG_RAX: 000000000000004b
[  598.815342][T16140] RAX: ffffffffffffffda RBX: 00007f05ae1b5fa0 RCX: 00007f05adf8e969
[  598.815361][T16140] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  598.815377][T16140] RBP: 00007f05ae010ab1 R08: 0000000000000000 R09: 0000000000000000
[  598.815393][T16140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  598.815409][T16140] R13: 0000000000000000 R14: 00007f05ae1b5fa0 R15: 00007ffeb179d2e8
[  598.815453][T16140]  </TASK>
[  598.815464][T16140] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  599.203197][T16140] CPU: 1 UID: 0 PID: 16140 Comm: syz.6.3655 Not tainted 6.15.0-syzkaller-11061-g7f9039c524a3 #0 PREEMPT(full) 
[  599.203236][T16140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  599.203252][T16140] Call Trace:
[  599.203262][T16140]  <TASK>
[  599.203274][T16140]  dump_stack_lvl+0x189/0x250
[  599.203323][T16140]  ? __pfx_dump_stack_lvl+0x10/0x10
[  599.203361][T16140]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  599.203398][T16140]  ? __pfx_queue_work_on+0x10/0x10
[  599.203425][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.203454][T16140]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  599.203489][T16140]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  599.203533][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.203562][T16140]  ? f2fs_hw_is_readonly+0x39b/0x470
[  599.203601][T16140]  f2fs_handle_critical_error+0x37c/0x540
[  599.203643][T16140]  f2fs_write_end_io+0x495/0x810
[  599.203700][T16140]  __submit_merged_bio+0x27a/0x6a0
[  599.203732][T16140]  ? up_write+0x1c4/0x420
[  599.203778][T16140]  __submit_merged_write_cond+0x44c/0x530
[  599.203821][T16140]  f2fs_sync_node_pages+0x1871/0x1a10
[  599.203879][T16140]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  599.203912][T16140]  ? irqentry_exit+0x74/0x90
[  599.203980][T16140]  ? f2fs_write_checkpoint+0xe33/0x1de0
[  599.204025][T16140]  ? up_write+0x1c4/0x420
[  599.204049][T16140]  ? do_raw_spin_unlock+0x122/0x240
[  599.204085][T16140]  f2fs_write_checkpoint+0xe5f/0x1de0
[  599.204152][T16140]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  599.204241][T16140]  ? __pfx_down_write+0x10/0x10
[  599.204281][T16140]  f2fs_issue_checkpoint+0x3ac/0x570
[  599.204326][T16140]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  599.204370][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.204399][T16140]  ? __lock_acquire+0xab9/0xd20
[  599.204452][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.204481][T16140]  ? __up_read+0x280/0x680
[  599.204526][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.204555][T16140]  ? f2fs_sync_fs+0x200/0x3d0
[  599.204590][T16140]  f2fs_do_sync_file+0x86a/0x1860
[  599.204642][T16140]  ? __pfx_f2fs_do_sync_file+0x10/0x10
[  599.204732][T16140]  ? __fget_files+0x2a/0x420
[  599.204761][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.204789][T16140]  ? __fget_files+0x3a0/0x420
[  599.204825][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.204853][T16140]  ? f2fs_sync_file+0xe9/0x160
[  599.204894][T16140]  ? __pfx_f2fs_sync_file+0x10/0x10
[  599.204931][T16140]  __x64_sys_fdatasync+0xb9/0x110
[  599.204969][T16140]  do_syscall_64+0xfa/0x3b0
[  599.204991][T16140]  ? lockdep_hardirqs_on+0x9c/0x150
[  599.205028][T16140]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.205052][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.205081][T16140]  ? exc_page_fault+0x9f/0xf0
[  599.205120][T16140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.205144][T16140] RIP: 0033:0x7f05adf8e969
[  599.205166][T16140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  599.205188][T16140] RSP: 002b:00007f05aed9a038 EFLAGS: 00000246 ORIG_RAX: 000000000000004b
[  599.205215][T16140] RAX: ffffffffffffffda RBX: 00007f05ae1b5fa0 RCX: 00007f05adf8e969
[  599.205235][T16140] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  599.205251][T16140] RBP: 00007f05ae010ab1 R08: 0000000000000000 R09: 0000000000000000
[  599.205267][T16140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  599.205283][T16140] R13: 0000000000000000 R14: 00007f05ae1b5fa0 R15: 00007ffeb179d2e8
[  599.205323][T16140]  </TASK>
[  599.205333][T16140] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  599.596558][T16140] CPU: 1 UID: 0 PID: 16140 Comm: syz.6.3655 Not tainted 6.15.0-syzkaller-11061-g7f9039c524a3 #0 PREEMPT(full) 
[  599.596593][T16140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  599.596610][T16140] Call Trace:
[  599.596620][T16140]  <TASK>
[  599.596631][T16140]  dump_stack_lvl+0x189/0x250
[  599.596682][T16140]  ? __pfx_dump_stack_lvl+0x10/0x10
[  599.596721][T16140]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  599.596758][T16140]  ? __pfx_queue_work_on+0x10/0x10
[  599.596785][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.596814][T16140]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  599.596849][T16140]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  599.596886][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.596914][T16140]  ? f2fs_hw_is_readonly+0x39b/0x470
[  599.596956][T16140]  f2fs_handle_critical_error+0x37c/0x540
[  599.596999][T16140]  f2fs_write_end_io+0x495/0x810
[  599.597061][T16140]  __submit_merged_bio+0x27a/0x6a0
[  599.597091][T16140]  ? up_write+0x1c4/0x420
[  599.597126][T16140]  __submit_merged_write_cond+0x44c/0x530
[  599.597170][T16140]  f2fs_sync_node_pages+0x1871/0x1a10
[  599.597237][T16140]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  599.597270][T16140]  ? irqentry_exit+0x74/0x90
[  599.597353][T16140]  ? f2fs_write_checkpoint+0xe33/0x1de0
[  599.597400][T16140]  ? up_write+0x1c4/0x420
[  599.597425][T16140]  ? do_raw_spin_unlock+0x122/0x240
[  599.597463][T16140]  f2fs_write_checkpoint+0xe5f/0x1de0
[  599.597538][T16140]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  599.597638][T16140]  ? __pfx_down_write+0x10/0x10
[  599.597682][T16140]  f2fs_issue_checkpoint+0x3ac/0x570
[  599.597727][T16140]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  599.597772][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.597800][T16140]  ? __lock_acquire+0xab9/0xd20
[  599.597856][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.597885][T16140]  ? __up_read+0x280/0x680
[  599.597925][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.597953][T16140]  ? f2fs_sync_fs+0x200/0x3d0
[  599.597990][T16140]  f2fs_do_sync_file+0x86a/0x1860
[  599.598045][T16140]  ? __pfx_f2fs_do_sync_file+0x10/0x10
[  599.598149][T16140]  ? __fget_files+0x2a/0x420
[  599.598177][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.598205][T16140]  ? __fget_files+0x3a0/0x420
[  599.598242][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.598296][T16140]  ? f2fs_sync_file+0xe9/0x160
[  599.598336][T16140]  ? __pfx_f2fs_sync_file+0x10/0x10
[  599.598372][T16140]  __x64_sys_fdatasync+0xb9/0x110
[  599.598411][T16140]  do_syscall_64+0xfa/0x3b0
[  599.598433][T16140]  ? lockdep_hardirqs_on+0x9c/0x150
[  599.598469][T16140]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.598493][T16140]  ? srso_alias_return_thunk+0x5/0xfbef5
[  599.598521][T16140]  ? exc_page_fault+0x9f/0xf0
[  599.598559][T16140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.598583][T16140] RIP: 0033:0x7f05adf8e969
[  599.598605][T16140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  599.598627][T16140] RSP: 002b:00007f05aed9a038 EFLAGS: 00000246 ORIG_RAX: 000000000000004b
[  599.598653][T16140] RAX: ffffffffffffffda RBX: 00007f05ae1b5fa0 RCX: 00007f05adf8e969
[  599.598671][T16140] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  599.598686][T16140] RBP: 00007f05ae010ab1 R08: 0000000000000000 R09: 0000000000000000
[  599.598703][T16140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  599.598719][T16140] R13: 0000000000000000 R14: 00007f05ae1b5fa0 R15: 00007ffeb179d2e8
[  599.598764][T16140]  </TASK>
[  599.598775][T16140] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  599.753163][ T5838] Bluetooth: hci3: command 0x0406 tx timeout
[  599.839092][T16194] Bluetooth: MGMT ver 1.23
[  600.068218][T16201] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3679'.
[  600.161549][T15769] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  600.667372][T16224] loop7: detected capacity change from 0 to 128
[  600.709317][T16224] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  600.782749][T16224] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  601.103115][T11873] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  601.225264][T16244] loop6: detected capacity change from 0 to 64
[  601.268928][T16244] hfs: unable to locate alternate MDB
[  601.280755][T11873] usb 2-1: config 0 has no interfaces?
[  601.286886][T11873] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  601.299106][T16244] hfs: continuing without an alternate MDB
[  601.319602][T11873] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  601.364358][T11873] usb 2-1: config 0 descriptor??
[  601.374156][   T30] audit: type=1800 audit(1748914137.436:211): pid=16244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3699" name="file1" dev="loop6" ino=18 res=0 errno=0
[  601.555839][T16260] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3705'.
[  601.610481][T11873] usb 2-1: USB disconnect, device number 9
[  601.990459][T16274] loop6: detected capacity change from 0 to 256
[  602.012813][T16274] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  602.042752][T16274] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  602.104181][T16274] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  602.740383][T16270] loop0: detected capacity change from 0 to 32768
[  603.292882][   T43] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  603.416827][T16322] loop6: detected capacity change from 0 to 1024
[  603.482445][   T43] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  603.523324][   T43] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  603.593335][T16322] Quota error (device loop6): do_check_range: Getting block 64 out of range 1-5
[  603.602454][T16322] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[  603.612871][   T43] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  603.621930][   T43] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  603.642875][T16322] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.3731: Failed to acquire dquot type 0
[  603.673642][   T43] usb 9-1: SerialNumber: syz
[  603.689710][T16322] EXT4-fs error (device loop6): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  603.721402][T16322] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #13: comm syz.6.3731: corrupted inode contents
[  603.738568][T16322] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #13: comm syz.6.3731: mark_inode_dirty error
[  603.790649][T16322] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #13: comm syz.6.3731: corrupted inode contents
[  603.854354][T16322] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #13: comm syz.6.3731: mark_inode_dirty error
[  603.858870][T16309] loop1: detected capacity change from 0 to 32768
[  603.894985][T16322] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #13: comm syz.6.3731: corrupted inode contents
[  603.926230][   T43] usb 9-1: 0:2 : does not exist
[  603.947858][T16309] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  603.960181][   T43] usb 9-1: USB disconnect, device number 2
[  603.966168][T16322] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem
[  603.968105][T16309] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  604.019023][T16322] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #13: comm syz.6.3731: corrupted inode contents
[  604.041693][T16322] EXT4-fs error (device loop6): ext4_truncate:4597: inode #13: comm syz.6.3731: mark_inode_dirty error
[  604.066910][T16322] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem
[  604.077308][T16322] EXT4-fs (loop6): 1 truncate cleaned up
[  604.088044][T16322] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  604.099596][T16309] XFS (loop1): Ending clean mount
[  604.117285][T16351] loop0: detected capacity change from 0 to 256
[  604.139207][T16309] XFS (loop1): Quotacheck needed: Please wait.
[  604.205475][T16309] XFS (loop1): Quotacheck: Done.
[  604.210698][T16351] FAT-fs (loop0): Directory bread(block 64) failed
[  604.231915][T16351] FAT-fs (loop0): Directory bread(block 65) failed
[  604.255966][T16351] FAT-fs (loop0): Directory bread(block 66) failed
[  604.298778][T16351] FAT-fs (loop0): Directory bread(block 67) failed
[  604.316024][T11585] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  604.322839][T16351] FAT-fs (loop0): Directory bread(block 68) failed
[  604.365399][T16351] FAT-fs (loop0): Directory bread(block 69) failed
[  604.373262][T16351] FAT-fs (loop0): Directory bread(block 70) failed
[  604.379922][T16351] FAT-fs (loop0): Directory bread(block 71) failed
[  604.380436][T15507] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  604.417731][T16351] FAT-fs (loop0): Directory bread(block 72) failed
[  604.448986][T16351] FAT-fs (loop0): Directory bread(block 73) failed
[  605.088570][T16365] loop7: detected capacity change from 0 to 4096
[  605.267133][T16376] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  605.323484][T16365] ntfs3(loop7): Failed to initialize $Extend/$ObjId.
[  605.444104][T16359] loop8: detected capacity change from 0 to 32768
[  605.517768][T16359] JBD2: Ignoring recovery information on journal
[  605.710735][T16359] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  605.766130][T16394] netlink: 120 bytes leftover after parsing attributes in process `syz.1.3758'.
[  605.869934][T16359] OCFS2: ERROR (device loop8): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #65: signature = 
[  605.952936][T16359] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  605.972998][T16359] OCFS2: File system is now read-only.
[  605.982895][T16359] (syz.8.3745,16359,1):ocfs2_find_entry_id:407 ERROR: status = -30
[  606.104308][T16359] OCFS2: ERROR (device loop8): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #65: signature = 
[  606.163175][T16359] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  606.186511][T16359] (syz.8.3745,16359,0):ocfs2_assign_bh:2417 ERROR: status = -30
[  606.206368][T16359] (syz.8.3745,16359,0):ocfs2_inode_lock_full_nested:2512 ERROR: status = -30
[  606.229989][T16359] (syz.8.3745,16359,0):ocfs2_mknod:272 ERROR: status = -30
[  606.267103][T16359] (syz.8.3745,16359,0):ocfs2_create:675 ERROR: status = -30
[  606.363739][T16407] netlink: 'syz.1.3763': attribute type 11 has an invalid length.
[  606.371973][T15769] ocfs2: Unmounting device (7,8) on (node local)
[  606.396751][T16407] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3763'.
[  606.934077][    C0] vkms_vblank_simulate: vblank timer overrun
[  607.469410][T16451] sctp: [Deprecated]: syz.0.3782 (pid 16451) Use of int in maxseg socket option.
[  607.469410][T16451] Use struct sctp_assoc_value instead
[  607.990845][T16465] loop6: detected capacity change from 0 to 256
[  608.129714][T16465] FAT-fs (loop6): Directory bread(block 64) failed
[  608.150224][T16465] FAT-fs (loop6): Directory bread(block 65) failed
[  608.170307][T16465] FAT-fs (loop6): Directory bread(block 66) failed
[  608.197859][T16474] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3793'.
[  608.205739][T16465] FAT-fs (loop6): Directory bread(block 67) failed
[  608.238000][T16474] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3793'.
[  608.255526][T16465] FAT-fs (loop6): Directory bread(block 68) failed
[  608.280692][T16465] FAT-fs (loop6): Directory bread(block 69) failed
[  608.285644][T16474] netlink: 2 bytes leftover after parsing attributes in process `syz.7.3793'.
[  608.310313][T16465] FAT-fs (loop6): Directory bread(block 70) failed
[  608.338117][T16465] FAT-fs (loop6): Directory bread(block 71) failed
[  608.365374][T16465] FAT-fs (loop6): Directory bread(block 72) failed
[  608.371961][T16465] FAT-fs (loop6): Directory bread(block 73) failed
[  608.461811][ T5901] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  608.623164][ T5901] usb 1-1: Using ep0 maxpacket: 16
[  608.640155][ T5901] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  608.667019][ T5901] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  608.713684][ T5901] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  608.741343][ T5901] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.783851][ T5901] usb 1-1: config 0 descriptor??
[  608.796419][T16491] syzkaller0: tun_chr_ioctl cmd 2148553947
[  609.211406][ T5901] corsair 0003:1B1C:1B02.0015: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.0-1/input0
[  609.499697][T16514] loop6: detected capacity change from 0 to 16
[  609.554985][T16514] erofs (device loop6): mounted with root inode @ nid 36.
[  609.613905][ T5926] usb 1-1: USB disconnect, device number 22
[  609.709411][T16518] loop7: detected capacity change from 0 to 256
[  609.741283][T16518] exfat: Deprecated parameter 'namecase'
[  609.760084][T16518] exfat: Deprecated parameter 'utf8'
[  609.817618][T16518] exFAT-fs (loop7): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d)
[  610.260187][T16526] loop6: detected capacity change from 0 to 8192
[  610.334011][T16540] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3820'.
[  610.594940][T16546] loop0: detected capacity change from 0 to 128
[  610.688697][T16546] FAT-fs (loop0): Directory bread(block 162) failed
[  610.704766][T16546] FAT-fs (loop0): Directory bread(block 163) failed
[  610.773318][T16546] FAT-fs (loop0): Directory bread(block 164) failed
[  610.804073][T16546] FAT-fs (loop0): Directory bread(block 165) failed
[  610.862819][T16546] FAT-fs (loop0): Directory bread(block 166) failed
[  610.880834][T16546] FAT-fs (loop0): Directory bread(block 167) failed
[  610.982951][T16546] FAT-fs (loop0): Directory bread(block 168) failed
[  610.992799][T16546] FAT-fs (loop0): Directory bread(block 169) failed
[  611.093061][T16546] FAT-fs (loop0): Directory bread(block 162) failed
[  611.189796][T16546] FAT-fs (loop0): Directory bread(block 163) failed
[  611.196728][T16565] 
[  611.199066][T16565] =====================================================
[  611.206005][T16565] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[  611.213473][T16565] 6.15.0-syzkaller-11061-g7f9039c524a3 #0 Not tainted
[  611.220255][T16565] -----------------------------------------------------
[  611.227199][T16565] syz.7.3832/16565 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  611.234938][T16565] ffff888027b1a210 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x199/0x4d0
[  611.243701][T16565] 
[  611.243701][T16565] and this task is already holding:
[  611.251074][T16565] ffff888029872230 (&dev->event_lock#2){..-.}-{3:3}, at: input_inject_event+0xab/0x320
[  611.253934][T16546] syz.0.3825: attempt to access beyond end of device
[  611.253934][T16546] loop0: rw=3, sector=226, nr_sectors = 6 limit=128
[  611.260774][T16565] which would create a new lock dependency:
[  611.260789][T16565]  (&dev->event_lock#2){..-.}-{3:3} -> (&new->fa_lock){....}-{3:3}
[  611.260857][T16565] 
[  611.260857][T16565] but this new dependency connects a SOFTIRQ-irq-safe lock:
[  611.260869][T16565]  (&dev->event_lock#2){..-.}-{3:3}
[  611.260899][T16565] 
[  611.260899][T16565] ... which became SOFTIRQ-irq-safe at:
[  611.260911][T16565]   lock_acquire+0x120/0x360
[  611.260947][T16565]   _raw_spin_lock_irqsave+0xa7/0xf0
[  611.260978][T16565]   input_inject_event+0xab/0x320
[  611.261000][T16565]   kd_sound_helper+0x101/0x210
[  611.261028][T16565]   input_handler_for_each_handle+0x101/0x1c0
[  611.261055][T16565]   call_timer_fn+0x17e/0x5f0
[  611.261087][T16565]   __run_timer_base+0x61a/0x860
[  611.261115][T16565]   run_timer_softirq+0xb7/0x180
[  611.261144][T16565]   handle_softirqs+0x286/0x870
[  611.355272][T16565]   __irq_exit_rcu+0xca/0x1f0
[  611.359970][T16565]   irq_exit_rcu+0x9/0x30
[  611.364311][T16565]   sysvec_apic_timer_interrupt+0xa6/0xc0
[  611.370040][T16565]   asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  611.376106][T16565]   free_pages_and_swap_cache+0x1a1/0x520
[  611.381924][T16565]   tlb_flush_mmu+0x3a0/0x680
[  611.386605][T16565]   unmap_page_range+0x398b/0x4580
[  611.391721][T16565]   unmap_vmas+0x399/0x580
[  611.396141][T16565]   exit_mmap+0x248/0xb50
[  611.400471][T16565]   __mmput+0x118/0x420
[  611.404638][T16565]   exit_mm+0x1da/0x2c0
[  611.408794][T16565]   do_exit+0x640/0x22e0
[  611.413038][T16565]   do_group_exit+0x21c/0x2d0
[  611.417718][T16565]   get_signal+0x1286/0x1340
[  611.422314][T16565]   arch_do_signal_or_restart+0x9a/0x750
[  611.427967][T16565]   exit_to_user_mode_loop+0x75/0x110
[  611.433355][T16565]   do_syscall_64+0x2bd/0x3b0
[  611.438039][T16565]   entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  611.444024][T16565] 
[  611.444024][T16565] to a SOFTIRQ-irq-unsafe lock:
[  611.451033][T16565]  (tasklist_lock){.+.+}-{3:3}
[  611.451071][T16565] 
[  611.451071][T16565] ... which became SOFTIRQ-irq-unsafe at:
[  611.463688][T16565] ...
[  611.463702][T16565]   lock_acquire+0x120/0x360
[  611.470873][T16565]   _raw_read_lock+0x36/0x50
[  611.475474][T16565]   __do_wait+0xde/0x740
[  611.479727][T16565]   do_wait+0x1f8/0x520
[  611.483885][T16565]   kernel_wait+0xab/0x170
[  611.488305][T16565]   call_usermodehelper_exec_work+0xbe/0x230
[  611.494294][T16565]   process_scheduled_works+0xae1/0x17b0
[  611.499933][T16565]   worker_thread+0x8a0/0xda0
[  611.504608][T16565]   kthread+0x711/0x8a0
[  611.508769][T16565]   ret_from_fork+0x3fc/0x770
[  611.513454][T16565]   ret_from_fork_asm+0x1a/0x30
[  611.518305][T16565] 
[  611.518305][T16565] other info that might help us debug this:
[  611.518305][T16565] 
[  611.528974][T16565] Chain exists of:
[  611.528974][T16565]   &dev->event_lock#2 --> &new->fa_lock --> tasklist_lock
[  611.528974][T16565] 
[  611.541971][T16565]  Possible interrupt unsafe locking scenario:
[  611.541971][T16565] 
[  611.550286][T16565]        CPU0                    CPU1
[  611.555821][T16565]        ----                    ----
[  611.561177][T16565]   lock(tasklist_lock);
[  611.565423][T16565]                                local_irq_disable();
[  611.572172][T16565]                                lock(&dev->event_lock#2);
[  611.579396][T16565]                                lock(&new->fa_lock);
[  611.586167][T16565]   <Interrupt>
[  611.589608][T16565]     lock(&dev->event_lock#2);
[  611.594474][T16565] 
[  611.594474][T16565]  *** DEADLOCK ***
[  611.594474][T16565] 
[  611.602608][T16565] 6 locks held by syz.7.3832/16565:
[  611.607799][T16565]  #0: ffff888029874118 (&evdev->mutex){+.+.}-{4:4}, at: evdev_write+0x1a1/0x480
[  611.617005][T16565]  #1: ffff888029872230 (&dev->event_lock#2){..-.}-{3:3}, at: input_inject_event+0xab/0x320
[  611.627161][T16565]  #2: ffffffff8e13f080 (rcu_read_lock){....}-{1:3}, at: input_inject_event+0xbc/0x320
[  611.636858][T16565]  #3: ffffffff8e13f080 (rcu_read_lock){....}-{1:3}, at: input_pass_values+0x8d/0x890
[  611.646486][T16565]  #4: ffffffff8e13f080 (rcu_read_lock){....}-{1:3}, at: mousedev_notify_readers+0x2c/0xc00
[  611.656622][T16565]  #5: ffffffff8e13f080 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x53/0x4d0
[  611.665716][T16565] 
[  611.665716][T16565] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[  611.676119][T16565] -> (&dev->event_lock#2){..-.}-{3:3} {
[  611.681711][T16565]    IN-SOFTIRQ-W at:
[  611.685694][T16565]                     lock_acquire+0x120/0x360
[  611.691860][T16565]                     _raw_spin_lock_irqsave+0xa7/0xf0
[  611.698741][T16565]                     input_inject_event+0xab/0x320
[  611.705344][T16565]                     kd_sound_helper+0x101/0x210
[  611.711762][T16565]                     input_handler_for_each_handle+0x101/0x1c0
[  611.719492][T16565]                     call_timer_fn+0x17e/0x5f0
[  611.725841][T16565]                     __run_timer_base+0x61a/0x860
[  611.732382][T16565]                     run_timer_softirq+0xb7/0x180
[  611.738900][T16565]                     handle_softirqs+0x286/0x870
[  611.745336][T16565]                     __irq_exit_rcu+0xca/0x1f0
[  611.751586][T16565]                     irq_exit_rcu+0x9/0x30
[  611.757488][T16565]                     sysvec_apic_timer_interrupt+0xa6/0xc0
[  611.764780][T16565]                     asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  611.772414][T16565]                     free_pages_and_swap_cache+0x1a1/0x520
[  611.779717][T16565]                     tlb_flush_mmu+0x3a0/0x680
[  611.785970][T16565]                     unmap_page_range+0x398b/0x4580
[  611.792653][T16565]                     unmap_vmas+0x399/0x580
[  611.798645][T16565]                     exit_mmap+0x248/0xb50
[  611.804537][T16565]                     __mmput+0x118/0x420
[  611.810271][T16565]                     exit_mm+0x1da/0x2c0
[  611.815991][T16565]                     do_exit+0x640/0x22e0
[  611.821800][T16565]                     do_group_exit+0x21c/0x2d0
[  611.828042][T16565]                     get_signal+0x1286/0x1340
[  611.834203][T16565]                     arch_do_signal_or_restart+0x9a/0x750
[  611.841412][T16565]                     exit_to_user_mode_loop+0x75/0x110
[  611.848536][T16565]                     do_syscall_64+0x2bd/0x3b0
[  611.854777][T16565]                     entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  611.862318][T16565]    INITIAL USE at:
[  611.866215][T16565]                    lock_acquire+0x120/0x360
[  611.872295][T16565]                    _raw_spin_lock_irqsave+0xa7/0xf0
[  611.879065][T16565]                    input_inject_event+0xab/0x320
[  611.885599][T16565]                    kbd_led_trigger_activate+0xbc/0x100
[  611.892637][T16565]                    led_trigger_set+0x52d/0x950
[  611.898977][T16565]                    led_trigger_set_default+0x215/0x250
[  611.906009][T16565]                    led_classdev_register_ext+0x73d/0x930
[  611.913209][T16565]                    input_leds_connect+0x517/0x790
[  611.919826][T16565]                    input_register_device+0xcee/0x10b0
[  611.926773][T16565]                    atkbd_connect+0x70e/0x9c0
[  611.932940][T16565]                    serio_driver_probe+0x82/0xa0
[  611.939362][T16565]                    really_probe+0x26d/0x9a0
[  611.945445][T16565]                    __driver_probe_device+0x18c/0x2f0
[  611.952309][T16565]                    driver_probe_device+0x4f/0x430
[  611.958922][T16565]                    __driver_attach+0x452/0x700
[  611.965276][T16565]                    bus_for_each_dev+0x233/0x2b0
[  611.971694][T16565]                    serio_handle_event+0x1a2/0x860
[  611.978303][T16565]                    process_scheduled_works+0xae1/0x17b0
[  611.985438][T16565]                    worker_thread+0x8a0/0xda0
[  611.991595][T16565]                    kthread+0x711/0x8a0
[  611.997231][T16565]                    ret_from_fork+0x3fc/0x770
[  612.003454][T16565]                    ret_from_fork_asm+0x1a/0x30
[  612.009784][T16565]  }
[  612.012274][T16565]  ... key      at: [<ffffffff99df8260>] input_allocate_device.__key.5+0x0/0x20
[  612.021304][T16565] 
[  612.021304][T16565] the dependencies between the lock to be acquired
[  612.021319][T16565]  and SOFTIRQ-irq-unsafe lock:
[  612.035253][T16565]   -> (tasklist_lock){.+.+}-{3:3} {
[  612.040572][T16565]      HARDIRQ-ON-R at:
[  612.044721][T16565]                         lock_acquire+0x120/0x360
[  612.051234][T16565]                         _raw_read_lock+0x36/0x50
[  612.057750][T16565]                         __do_wait+0xde/0x740
[  612.063910][T16565]                         do_wait+0x1f8/0x520
[  612.069987][T16565]                         kernel_wait+0xab/0x170
[  612.076336][T16565]                         call_usermodehelper_exec_work+0xbe/0x230
[  612.084239][T16565]                         process_scheduled_works+0xae1/0x17b0
[  612.091801][T16565]                         worker_thread+0x8a0/0xda0
[  612.098391][T16565]                         kthread+0x711/0x8a0
[  612.104467][T16565]                         ret_from_fork+0x3fc/0x770
[  612.111065][T16565]                         ret_from_fork_asm+0x1a/0x30
[  612.117833][T16565]      SOFTIRQ-ON-R at:
[  612.121987][T16565]                         lock_acquire+0x120/0x360
[  612.128676][T16565]                         _raw_read_lock+0x36/0x50
[  612.135191][T16565]                         __do_wait+0xde/0x740
[  612.141353][T16565]                         do_wait+0x1f8/0x520
[  612.147429][T16565]                         kernel_wait+0xab/0x170
[  612.153764][T16565]                         call_usermodehelper_exec_work+0xbe/0x230
[  612.161663][T16565]                         process_scheduled_works+0xae1/0x17b0
[  612.169216][T16565]                         worker_thread+0x8a0/0xda0
[  612.175854][T16565]                         kthread+0x711/0x8a0
[  612.181935][T16565]                         ret_from_fork+0x3fc/0x770
[  612.188543][T16565]                         ret_from_fork_asm+0x1a/0x30
[  612.195314][T16565]      INITIAL USE at:
[  612.199378][T16565]                        lock_acquire+0x120/0x360
[  612.205808][T16565]                        _raw_write_lock_irq+0xa2/0xf0
[  612.212669][T16565]                        copy_process+0x224f/0x3c00
[  612.219269][T16565]                        kernel_clone+0x21e/0x870
[  612.225691][T16565]                        user_mode_thread+0xdd/0x140
[  612.232377][T16565]                        rest_init+0x23/0x300
[  612.238454][T16565]                        start_kernel+0x47d/0x500
[  612.244889][T16565]                        x86_64_start_reservations+0x24/0x30
[  612.252263][T16565]                        x86_64_start_kernel+0x143/0x1c0
[  612.259291][T16565]                        common_startup_64+0x13e/0x147
[  612.266148][T16565]      INITIAL READ USE at:
[  612.270656][T16565]                             lock_acquire+0x120/0x360
[  612.277568][T16565]                             _raw_read_lock+0x36/0x50
[  612.284430][T16565]                             __do_wait+0xde/0x740
[  612.290934][T16565]                             do_wait+0x1f8/0x520
[  612.297359][T16565]                             kernel_wait+0xab/0x170
[  612.304043][T16565]                             call_usermodehelper_exec_work+0xbe/0x230
[  612.312296][T16565]                             process_scheduled_works+0xae1/0x17b0
[  612.320212][T16565]                             worker_thread+0x8a0/0xda0
[  612.327193][T16565]                             kthread+0x711/0x8a0
[  612.333613][T16565]                             ret_from_fork+0x3fc/0x770
[  612.340557][T16565]                             ret_from_fork_asm+0x1a/0x30
[  612.347668][T16565]    }
[  612.350335][T16565]    ... key      at: [<ffffffff8de0c058>] tasklist_lock+0x18/0x40
[  612.358245][T16565]    ... acquired at:
[  612.362232][T16565]    lock_acquire+0x120/0x360
[  612.366924][T16565]    _raw_read_lock+0x36/0x50
[  612.371606][T16565]    send_sigio+0x101/0x370
[  612.376116][T16565]    dnotify_handle_event+0x169/0x440
[  612.381502][T16565]    fsnotify+0x1814/0x1a80
[  612.386015][T16565]    vfs_mkdir+0x477/0x510
[  612.390438][T16565]    do_mkdirat+0x247/0x590
[  612.394944][T16565]    __x64_sys_mkdirat+0x87/0xa0
[  612.399879][T16565]    do_syscall_64+0xfa/0x3b0
[  612.404557][T16565]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  612.410624][T16565] 
[  612.412940][T16565]  -> (&f_owner->lock){....}-{3:3} {
[  612.418273][T16565]     INITIAL USE at:
[  612.422249][T16565]                      lock_acquire+0x120/0x360
[  612.428557][T16565]                      _raw_write_lock_irq+0xa2/0xf0
[  612.435246][T16565]                      __f_setown+0x67/0x370
[  612.441237][T16565]                      generic_setlease+0xd60/0x1240
[  612.447924][T16565]                      fcntl_setlease+0x3a2/0x4c0
[  612.454346][T16565]                      do_fcntl+0x6a9/0x1910
[  612.460338][T16565]                      __se_sys_fcntl+0xc8/0x150
[  612.466673][T16565]                      do_syscall_64+0xfa/0x3b0
[  612.472912][T16565]                      entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  612.480541][T16565]     INITIAL READ USE at:
[  612.484956][T16565]                           lock_acquire+0x120/0x360
[  612.491639][T16565]                           _raw_read_lock_irqsave+0xaf/0x100
[  612.499109][T16565]                           send_sigio+0x38/0x370
[  612.505533][T16565]                           dnotify_handle_event+0x169/0x440
[  612.512910][T16565]                           fsnotify+0x1814/0x1a80
[  612.519409][T16565]                           fsnotify_move+0x1d7/0x5b0
[  612.526170][T16565]                           vfs_rename+0x8cd/0xec0
[  612.532677][T16565]                           do_renameat2+0x878/0xc50
[  612.539360][T16565]                           __x64_sys_rename+0x82/0x90
[  612.546208][T16565]                           do_syscall_64+0xfa/0x3b0
[  612.552882][T16565]                           entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  612.560952][T16565]   }
[  612.563528][T16565]   ... key      at: [<ffffffff99ae9400>] file_f_owner_allocate.__key+0x0/0x20
[  612.572473][T16565]   ... acquired at:
[  612.576359][T16565]    lock_acquire+0x120/0x360
[  612.581038][T16565]    _raw_read_lock_irqsave+0xaf/0x100
[  612.586503][T16565]    send_sigio+0x38/0x370
[  612.590928][T16565]    kill_fasync+0x24d/0x4d0
[  612.595527][T16565]    lease_break_callback+0x26/0x30
[  612.600722][T16565]    __break_lease+0x6a5/0x1620
[  612.605582][T16565]    do_dentry_open+0xd62/0x1970
[  612.610520][T16565]    vfs_open+0x3b/0x340
[  612.614764][T16565]    path_openat+0x2ee5/0x3830
[  612.619534][T16565]    do_filp_open+0x1fa/0x410
[  612.624214][T16565]    do_sys_openat2+0x121/0x1c0
[  612.629097][T16565]    __x64_sys_openat+0x138/0x170
[  612.634122][T16565]    do_syscall_64+0xfa/0x3b0
[  612.638790][T16565]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  612.644849][T16565] 
[  612.647161][T16565] -> (&new->fa_lock){....}-{3:3} {
[  612.652294][T16565]    INITIAL USE at:
[  612.656183][T16565]                    lock_acquire+0x120/0x360
[  612.662258][T16565]                    _raw_write_lock_irq+0xa2/0xf0
[  612.668762][T16565]                    fasync_remove_entry+0xf1/0x1c0
[  612.675356][T16565]                    lease_modify+0x1ca/0x3c0
[  612.681428][T16565]                    locks_remove_file+0x4bf/0xea0
[  612.687935][T16565]                    __fput+0x3ab/0xa70
[  612.693657][T16565]                    task_work_run+0x1d4/0x260
[  612.699833][T16565]                    exit_to_user_mode_loop+0xec/0x110
[  612.706687][T16565]                    do_syscall_64+0x2bd/0x3b0
[  612.712840][T16565]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  612.720298][T16565]    INITIAL READ USE at:
[  612.724623][T16565]                         lock_acquire+0x120/0x360
[  612.731126][T16565]                         _raw_read_lock_irqsave+0xaf/0x100
[  612.738415][T16565]                         kill_fasync+0x199/0x4d0
[  612.744835][T16565]                         sock_wake_async+0x137/0x160
[  612.751589][T16565]                         sock_def_write_space+0x390/0x430
[  612.758797][T16565]                         sk_setsockopt+0x218c/0x2d30
[  612.765558][T16565]                         do_sock_setsockopt+0x201/0x3e0
[  612.772577][T16565]                         __x64_sys_setsockopt+0x18b/0x220
[  612.779773][T16565]                         do_syscall_64+0xfa/0x3b0
[  612.786310][T16565]                         entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  612.794196][T16565]  }
[  612.796681][T16565]  ... key      at: [<ffffffff99ae9420>] fasync_insert_entry.__key+0x0/0x20
[  612.805363][T16565]  ... acquired at:
[  612.809158][T16565]    lock_acquire+0x120/0x360
[  612.813865][T16565]    _raw_read_lock_irqsave+0xaf/0x100
[  612.819326][T16565]    kill_fasync+0x199/0x4d0
[  612.823921][T16565]    mousedev_notify_readers+0x6f1/0xc00
[  612.829552][T16565]    mousedev_event+0x602/0x1320
[  612.834487][T16565]    input_handle_events_default+0xd4/0x1a0
[  612.840415][T16565]    input_pass_values+0x288/0x890
[  612.845530][T16565]    input_event_dispose+0x330/0x6b0
[  612.850805][T16565]    input_inject_event+0x1fe/0x320
[  612.855996][T16565]    evdev_write+0x2fc/0x480
[  612.860583][T16565]    vfs_write+0x27e/0xa90
[  612.864993][T16565]    ksys_write+0x145/0x250
[  612.869490][T16565]    do_syscall_64+0xfa/0x3b0
[  612.874160][T16565]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  612.880223][T16565] 
[  612.882538][T16565] 
[  612.882538][T16565] stack backtrace:
[  612.888420][T16565] CPU: 0 UID: 0 PID: 16565 Comm: syz.7.3832 Not tainted 6.15.0-syzkaller-11061-g7f9039c524a3 #0 PREEMPT(full) 
[  612.888450][T16565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  612.888463][T16565] Call Trace:
[  612.888474][T16565]  <TASK>
[  612.888485][T16565]  dump_stack_lvl+0x189/0x250
[  612.888524][T16565]  ? __pfx_dump_stack_lvl+0x10/0x10
[  612.888558][T16565]  ? __pfx__printk+0x10/0x10
[  612.888582][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.888612][T16565]  validate_chain+0x1f05/0x2140
[  612.888648][T16565]  __lock_acquire+0xab9/0xd20
[  612.888682][T16565]  ? kill_fasync+0x199/0x4d0
[  612.888712][T16565]  lock_acquire+0x120/0x360
[  612.888742][T16565]  ? kill_fasync+0x199/0x4d0
[  612.888780][T16565]  _raw_read_lock_irqsave+0xaf/0x100
[  612.888812][T16565]  ? kill_fasync+0x199/0x4d0
[  612.888843][T16565]  ? __pfx__raw_read_lock_irqsave+0x10/0x10
[  612.888875][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.888903][T16565]  kill_fasync+0x199/0x4d0
[  612.888934][T16565]  ? kill_fasync+0x53/0x4d0
[  612.888967][T16565]  mousedev_notify_readers+0x6f1/0xc00
[  612.888999][T16565]  ? mousedev_notify_readers+0x2c/0xc00
[  612.889025][T16565]  mousedev_event+0x602/0x1320
[  612.889051][T16565]  input_handle_events_default+0xd4/0x1a0
[  612.889081][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.889109][T16565]  ? input_pass_values+0x8d/0x890
[  612.889134][T16565]  input_pass_values+0x288/0x890
[  612.889159][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.889187][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.889211][T16565]  ? input_handle_event+0x70c/0xf30
[  612.889233][T16565]  input_event_dispose+0x330/0x6b0
[  612.889262][T16565]  input_inject_event+0x1fe/0x320
[  612.889283][T16565]  ? input_inject_event+0xbc/0x320
[  612.889305][T16565]  evdev_write+0x2fc/0x480
[  612.889330][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.889355][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.889384][T16565]  ? __pfx_evdev_write+0x10/0x10
[  612.889410][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.889435][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.889459][T16565]  ? security_file_permission+0x75/0x290
[  612.889489][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.889515][T16565]  ? rw_verify_area+0x258/0x650
[  612.889533][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.889558][T16565]  ? __pfx_evdev_write+0x10/0x10
[  612.889585][T16565]  vfs_write+0x27e/0xa90
[  612.889610][T16565]  ? __pfx_vfs_write+0x10/0x10
[  612.889630][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.889656][T16565]  ? __fget_files+0x2a/0x420
[  612.889683][T16565]  ? __fget_files+0x2a/0x420
[  612.889707][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.889732][T16565]  ? __fget_files+0x3a0/0x420
[  612.889757][T16565]  ? __fget_files+0x2a/0x420
[  612.889785][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.889812][T16565]  ksys_write+0x145/0x250
[  612.889834][T16565]  ? __pfx_ksys_write+0x10/0x10
[  612.889854][T16565]  ? rcu_is_watching+0x15/0xb0
[  612.889877][T16565]  ? do_syscall_64+0xbe/0x3b0
[  612.889899][T16565]  do_syscall_64+0xfa/0x3b0
[  612.889918][T16565]  ? lockdep_hardirqs_on+0x9c/0x150
[  612.889950][T16565]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  612.889971][T16565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  612.889996][T16565]  ? exc_page_fault+0x9f/0xf0
[  612.890028][T16565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  612.890049][T16565] RIP: 0033:0x7f2377b8e969
[  612.890070][T16565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  612.890089][T16565] RSP: 002b:00007f2378a7e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  612.890113][T16565] RAX: ffffffffffffffda RBX: 00007f2377db5fa0 RCX: 00007f2377b8e969
[  612.890129][T16565] RDX: 0000000000000078 RSI: 00002000000003c0 RDI: 0000000000000004
[  612.890145][T16565] RBP: 00007f2377c10ab1 R08: 0000000000000000 R09: 0000000000000000
[  612.890159][T16565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  612.890173][T16565] R13: 0000000000000000 R14: 00007f2377db5fa0 R15: 00007ffdf0e1a4e8
[  612.890197][T16565]  </TASK>
[  613.375340][T16546] syz.0.3825: attempt to access beyond end of device
[  613.375340][T16546] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128