last executing test programs:

10.896606837s ago: executing program 2 (id=710):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
pipe2(&(0x7f0000001440)={<r1=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r1, 0x4, 0xfffffffffffff000)
close_range(r0, 0xffffffffffffffff, 0x0)

10.696756529s ago: executing program 2 (id=712):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f0000000240)=0x1000, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e20, 0x1b, @local, 0x3}, 0x1c)

10.575886316s ago: executing program 2 (id=713):
r0 = syz_io_uring_setup(0x6d5d, &(0x7f0000000080)={0x0, 0x5b2c, 0x0, 0x0, 0x2f1}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x2, 0x0, 0x0, 0x0, 0x0)

10.497507531s ago: executing program 2 (id=714):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000640)='./file2\x00', 0x10050, &(0x7f00000000c0)={[{@errors_remount}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7}}]}, 0x3, 0x51e, &(0x7f0000000680)="$eJzs3dFrJHcdAPDvTLLX5C41qfqgBWuxlUvV2ySN1wYfqoLoU0Gt+HrGZBNCNtkj2bSXUGyKf4AgogVf9MkXwT9AkL74LkJB30VFkXrVB4X2RmZ29u6y2U1yuJuB5POBX3Z+M7Pz/f427G9/v51hJ4BL6+mImI2IsYh4LiKmy/VpWeKwU/L93rv7+kpeksiyV95NIinXdY/1WPl4rXzaRER882sR302Ox93dP9hcbjYbO2V9rr2VvJ9lBzc2tpbXG+uN7cXFhReWXly6uTQ/lHbORMRLX/nrj3/wi6++9JvPvfanW3+f/V6e1n+z7I3oaccwdZpeK16LrvGI2BlFsIqMFy3suFlxLgAAnCwf7384Ij5VjP+nY6wYzQEAAAAXSfbFqXg/icgAAACACyuNiKlI0np5ve9UpGm93rmG96NxNW22dtufXWvtba/m2yJmopaubTQb8+W1AzNRS/L6QnmNbbf+fE99MSKeiIgfTU8W9fpKq7la9ZcfAAAAcElc65n//3u6M/8vHFacHAAAADA8M1UnAAAAAIyc+T8AAABcfOb/AAAAcKF9/eWX85J173+9+ur+3mbr1Rurjd3N+tbeSn2ltXO7vt5qrRe/2bd12vGardbtz8f23p25dmO3Pbe7f3Brq7W33b61ceQW2AAAAMA5euKTb/8xiYjDL0wWJXel3FaLyMYe3nm8igyBUUkfZee/jC4P4Pw9/Pk+WWEewPkzpIfLq1Z1AkDlklO2D7x453fDzwUAABiN6x8ffP7/3bVKUwNGrDz/n5w2/wcunrGqEwAq0zn/dy/rqDob4DzVThoBmBTAhZcO5/z/KZcSJjoUAACo2FRRkrRezgOmIk3r9YjHi9sC1JK1jWZjPiI+FBF/mK49ltcXimcmRvMAAAAAAAAAAAAAAAAAAAAAAAAAcEZZlkQGAAAAXGgR6d+6d+a6Pv3sVO/3A1eS/0wXjxHx2k9f+cmd5XZ7ZyFf/8/769tvleufr+IbDAAAAKBXd57enccDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDC9d/f1lW45z7j/+HJEzPSLPx4TxeNE1CLi6r+SGH/oeUlEjA0h/uGbEfGxfvGTPK2YKbM4Ev9KRBoRk8OK3/f1PyF+dOJfG0J8uMzezvufL/V7/6XxdPHY//03Xpb/1+D+L73f/40N6P8eH3TQ2tHqk+/8am5g/Dcjnhzv3/904yf58frEf+aMbfzOtw4OBm3Lfh5xvV//lxyNNdfeuj23u39wY2Nreb2x3theXFx4YenFpZtL83NrG81G+bdvjB9+4tf3HtQ+ONb+qyf0v0X7B7z+z56x/R+8c+fuRzqLPf+ZqMXPsmz2mf7//8JnjsfvfvZ9utwrr+evYfrWt/vGf+qXv39qUG55+1cHtH/ilPbPnrH9z33j+38+464AwDnY3T/YXG42GzsWLDzCQj7urDyNJJI4vmm5+sQ6C2+U77HlZvfdNqQj/7acHI0y+Yr6IwAAYHQeDPp7tyTVJAQAAAAAAAAAAAAAAAAAAACX0Kk/AzZoUxoRZ/w5sd6Yh9U0FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgRP8LAAD//0mN1e4=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000000340)={0x2020}, 0xcb0a)

9.858256848s ago: executing program 2 (id=719):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000700000006"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

9.384650586s ago: executing program 2 (id=721):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
io_getevents(0x0, 0x4, 0x0, 0x0, 0x0)

8.903859784s ago: executing program 32 (id=721):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
io_getevents(0x0, 0x4, 0x0, 0x0, 0x0)

6.303441784s ago: executing program 4 (id=735):
pipe2(&(0x7f0000000000)={<r0=>0x0, <r1=>0x0}, 0x0)
r2 = fanotify_init(0x0, 0x0)
fanotify_mark(r2, 0x1, 0x11, r1, 0x0)
readv(r0, 0x0, 0x0)

5.977375763s ago: executing program 4 (id=736):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e2793b10d10501200006010203010902120008000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000380)={0x44, &(0x7f0000000140)={0x20, 0xd, 0x2, "837b"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4.378711936s ago: executing program 0 (id=743):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000880)={[{@nouid32}, {@nodioread_nolock}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x9}}, {@nodioread_nolock}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000001280)="fd6c", 0x2}], 0x1, 0xe7b, 0x0, 0x4)
write$binfmt_elf64(r0, &(0x7f0000000900)=ANY=[], 0x18b0)

4.30931229s ago: executing program 3 (id=744):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x9, 0x8, 0x2, 0xd}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000080000850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000000), &(0x7f0000000140)=r1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.986879599s ago: executing program 0 (id=746):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x2000000000000000, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000080)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0x400, @loopback, 0x6}, {0xa, 0x4e20, 0x8, @empty, 0x4}, r1, 0x8}}, 0x48)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f00000003c0), r1, 0x2}}, 0x18)

3.912135563s ago: executing program 3 (id=747):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==")
chdir(&(0x7f0000000240)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x20000, 0x1)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})

3.784411101s ago: executing program 4 (id=748):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000008dc0)={0x0, 0x0, &(0x7f0000008cc0)=[{&(0x7f0000008a40)="7c72bf03f7d9c0fd0826786ffcfb99e55c1272594d5be5c7f1de9562bbf652", 0x1f}, {&(0x7f0000008c80)="9d", 0x7fffefe1}], 0x2}, 0x0)

3.535965195s ago: executing program 1 (id=750):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_GET(r0, &(0x7f00000060c0)={0x0, 0x0, &(0x7f0000006080)={&(0x7f0000005cc0)={0x14, r1, 0x647270ab066efff7, 0x70bd2c, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x800)
syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r0)

3.353603456s ago: executing program 0 (id=751):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000008c0)={0x41, 0x0, 0x1}, 0x10)

3.27824326s ago: executing program 3 (id=752):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000040)='notify_on_release\x00', 0x2, 0x0)
sendfile(r1, r1, 0x0, 0x100000000)

3.196037885s ago: executing program 1 (id=753):
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_SHUTDOWN={0x22, 0x41, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r3}})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

2.947162819s ago: executing program 1 (id=754):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./bus\x00', 0x0, &(0x7f0000000440), 0x1, 0x559d, &(0x7f0000005680)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x143442, 0x0)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000000)={0x4, 0x5, 0x2, 0x0, 0x2, [0xd, 0x82000025, 0x0, 0x1]})

2.903875111s ago: executing program 3 (id=755):
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="646f74732c747a3d5554432c646f74732c6e6f646f74732c636865636b3d7374726963742c666c7573682c6e6f646f74732c6e6f646f74732c71756965742c00a8f43e0a9765c2419bbc93d3bb042cde7dc609bd874b9221aab9404318121ead7505cda193a13e6d2fd30034c9c4f457dc798a67d4d30285c0590475ba33482c83a51b42d7f7ea92b35388ec28309e3b4b8a758575baa63a8679030bf6423a4759c2bb9f9353f43cc4c825234e791353a87ed0bcade85e0808d879b38514fafbba"], 0x1, 0x168, &(0x7f0000000a40)="$eJzs27GK1FAUBuAzJqurNluLRcDGalArS0VWEAOKMoVWCrs2Gxlwmmg1z+AT+GI+gihTTXdFo5OZiDgoMbrzfU0O+RM4t0guJ5Bnl1+eHE1nL6YPF7E/GkV+K4pYjuIgzkQWjXkAAKfJMqX4lFJK5+Zx/l2klIbuCADom/0fAHbPL/f/mwM1BgD0xvwPALvn8ZOn92+X5eGjotiP+DCvJ/WkOTb53Xvl4bXiq4P2rkVdT7JVfr3Js818Ly58y280ebGZn42rV5r8S3bnQdnJL8ZR/8sHAACAnTBeje5r8/3Hdr4fj4vvOvN/U619H+jM73lcyv/eOgCA7c1evzl5XlXHrxT/Q5G3Z96//Qf6UfxQ5FV1vDd8G39cDP1mAvrWPvRDdwIAAAAAAAAAAAAAAPzM7/4hFNn2Fw+9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOj6HAAA//8nKlEY")
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000))
rename(&(0x7f0000000000)='./bus/file0\x00', &(0x7f0000000080)='./file0\x00')

2.788663988s ago: executing program 4 (id=756):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0xffff, @local}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000100)={0x17, 0x2, 0x8000, 0x6, r1}, 0x10)

2.576230281s ago: executing program 3 (id=757):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f00000004c0)=ANY=[], 0x21, 0x5548, &(0x7f000000ae40)="$eJzs3E1vG1UXAOBjp2nffrwlQizYdVCFlEi1Vacfgl2BVny2qgosWIFju5Zb2xPFrhu66oIlYsE/QSCxYslvYMGaHWIBYocE8txJoS2VKsWOSfM80vjMvXPnzL2jJNKZiRzAgbWS/f5rJU7G0YhYiogTEcV+pdwKl1J4MSJORUT1H1ul7H/QcTgijkXEyWnylLNSHvryzOT0hV/e+e27H44cOv7Vtz8ubtXAor0cEYPNtH93kGLeTfFW2d+c9Io4OD8pYzowuF228xTvdjaKDHebO+OaRTzXTePzzTujabzZb7amsdu7WfRvDtMFR5PuTp7ihFvNraLd7mwUsTfKi9i9l+a1fS/9bbs3Gqc87TLfp0X6GI93YurvbHfSejZvF7E1HJf9KW/e7mxP46SM5eWilffbxTw2dnOn/9Neeq83vLOdTTpbo14+zC7UG6/UGxdrja283Rl3zteag/bF89lqtz8dVht3moNL3Tzv9jv1Vj5Yy1a7rVat0chWL3c2es3h/Uajfq5+tnZhLUt7Z7I3r32Y9dvZ6jS+3hveGff6o+xmvpWlM9ay9fq5V9ey043s/avXs+s3rly5ev2Djy9/dO21q2+/UQ56bFrZ6vrZ9fVa42xtvbG2uxsw0/Vnc17/Z+WkZ7h+2JXKoicAsP+o/4FFmF/9v3Uj4vH6vzrj+j/U/zOxr+rfg17/z2H9sCvqfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA+un5a/fKnZWUvt42f//suv5sl2JiGpE/PkvluLwQzmXyjzLTxi//Mgcvq9EkWF6jSPldiwiLpXbH8/N+y4AAADAs+ub+6e+SNV6+lh5qrOOznlW7JH00KZ64pMZ5atExPLKzzPKVp1+vDCjZMXP96HYnlG24gHW/2aULD1yOzSrbE+l+HV/N4UHKylCJYXqo2fMbLUAAMDCLD0U9rYKAQAAYC99/sQjt/d0HuyxSuy8ytx5F1z85/3fL/uOprZXfwAAALB/VRY9AQAAAGDuivrf9/8BAADAsy19/x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBf7NxNbtpAGAbgz8Yu9E9FVfe9SndwjB6hyy4rDtBLcAR6hV6AM5BdjhBBhMdBISIJxGNQoueR7MGWeT3mZzEz0gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECfrurF9N+f73+75qw33eR5GgAAAOCQVb2YNi/G6fhje/5ze+pre1xERBkRh8bug3i3lzloc+pHrq8f9OF/RJOwvcew3T5ExI+0beJL358CAAAAvEnVdreczSdptJ5240v3is5O+A7TpE356WemWxcRUY+vM6WV27xvmcKa33cVvzOlNRNYo0xhacqtypV2lObvvpu1G91ritSUT78/27MDAABnNNhrzjsKAQAA4Jx+XboD9OH9s1cUcbeUuVsKHKZmtBdhsQ8AAABer+LSHQAAAAB614z/T6n/F8fU/6uy1/+LG/X/AAAA4MVS/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6tKoX0+VsPumas950k+dpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhlf95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmf7Q8U1yh4iouBBL3a7ra29iQclePBPEEK6rbFbf7Q52FKEXLxJzr2IHkUEJd76D3jqTWihl3rrYQ8VRPCyMrMz2UkTcGPIzJp8PvDmfXcymfd9MxDynTcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURu9M4yTbdCZxXOy79/jWStbff6LP3Nl4sJi1LI7qTPr/4aXqh6jbXCIAAAAcHUlZ34cQHqabS1kfd/L6Py2PyWr+b5+ZxGU9/2TdX/Zl7Z+1X35+9MLWQJ3JONlJL60OB6d3ptI6uFnOt2f/9YhWfuXzZy9JfkPi99efH6X59Yy+vnv33XYeHqsjWwDgvzhV9kVQ/j6U9f0mEwPgyGhVCu+i/v8r6TScFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEANRuvhqTKOQgiLrWmcuf/41spu/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8HEJoavS3i+lf+XCGg0No5PocVPD3eDze03cdbz7nfQVxcbNnOLg9Lzk3HzT4QwkAgEMpLVpW1z9MN5eyfdFCCOPvttf/r1XiMGP9/+ij8/eqY1Xr/35tM5x/vbWrn/Wu37j5xurV5cuDy4NP3jzTf6t/9sK5cxd6+bOSnicmAAAA7E+7aNX6P17Yuf5/shKHGev/z7/pfzkd6bd8q/7fabro13QmAAAAR9tzr/z5R7TL/qjdDl8sr61d60+2W5/PTLYNpLpnx4pWrf+ThaazAgAAAOowWo+2rf9frMRhxvX/p79/8cfqOZMQwoli/f/UyqfDi/VNZ67V8efETc8RAACAZp0oWnX9P83f/4+3XnmIQwivvzqJi38DOFP9n7z31Q/VsZLK+/9n65viXIq7k+uR990QWt1tX/61scQAAAA4lI4XLSv2f083lz7+6eQHbe//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTtnwAAAP//gQBD5A==")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x17c)
write$FUSE_POLL(r0, &(0x7f0000000100)={0x18, 0xfffffffffffffffe, 0x0, {0x8}}, 0x18)

2.560133122s ago: executing program 4 (id=758):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3cb140bb}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
close(0x3)

2.251964609s ago: executing program 4 (id=759):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0x100, 0x70bd2a, 0x1, {0x0, 0x0, 0x0, 0x0, {0x2, 0xe}, {0xffff, 0xffff}, {0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4800000010000104000000000000c90000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000008000300", @ANYRES32=0x0, @ANYBLOB="2000128008000100677470001400028008000100", @ANYRES64], 0x48}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.776576337s ago: executing program 0 (id=760):
r0 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x1f0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x6, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x2, 0x0)

1.505208023s ago: executing program 0 (id=761):
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x1, &(0x7f0000000140)=ANY=[], 0xfe, 0x6241, &(0x7f000000ea80)="$eJzs3c1vHGcdB/DfvvolNLVyqEqEkJuWl1KaxEkJgQJtD3Dg0gOKuKFErltFpICSgNLKIq4sJA6c+AtASBwR4og48Af0wJUbJ05EspFAPTFo7OeJZze7Xbu2d9aez0dyZn7zzK6f8XdnXzIz+wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEN/9zvdWWhFx82dpwVLEp6IT0Y5YKOvliFhYXsrrdyPi2dhpjmciojcXUd5+55+nI16JiA/PRmxtr6+Wi6/ssx/f/uPff/eDM2/+7Q+9S//90/3Oq+PWe/DgV//588PDbTMAAAA0TVEURSt9zD+fPt+36+4UADAV+fW/SPLyU1//+p9v/mWW+qNWq9Vq9RTqqmK0h9UiIjaqtynfMzgcDwAnzEZ8VHcXqJH8G60bEWfq7gQw01p1d4BjsbW9vtpK+baqrwfLu+35XJCB/Ddaj6/vGDedZPgck2k9vjajE+fG9GdhSn2YJTn/9nD+N3fb+2m9485/Wsbl39+99Klxcv6d4fyHnJ782yPzb6qcf/dA+XfkDwAAAAAAMyz///9Szcd/5w6/Kfvyccd/l6fUBwAAAAAAAAA4aocd/+8x4/8BAADAzCo/q5d+c3Zv2bjvYiuX32hFPDW0PtAw6WKZxbr7AQAAAAAAAAAAAABN0t09h/dGK6IXEU8tLhZFUf5UDdcHddjbn3RN335osrqf5AEAYNeHZ/O1/L3dBa2I+Yi4kb7rr7e4uFgU8wuLxWKxMJffz/bn5ouFyufaPC2XzfX38Ya42y/KO5uv3K5q0uflSe3D91f+rn7R2UfHjkj6Y8aY5hoDB4D0AhWx5RXplCmKp8e9+YAB9v9TaCmW6n5cMfvqfpgCAAAAx68oiqKVvs77fDrm3667UwDAVOTX/+HjAoeq22PaI47m/tVqtVqtVn+iuqoY7WG1iIiN6m3K9wyG4weAE2YjPqq7C9RI/o3WjYhn6+4EMNNadXeAY7G1vb7aSvm2qq8HaXz3fC7IQP4brZ3b5duPmk4yfI7JtB5fm9GJc2P688yU+jBLcv7t4fxv7rb303rHnf+0jMu/v3PJXPPk/DvD+Q85Pfm3R+bfVDn/7oHy78gfAAAAAABmWP7//yXHf/MmAwAAAAAAAMCJs7W9vpqve83H/z8zYj3Xf55OOf/WQfNfSPPyP9Fy/u2h/L84tF6nMv/ojb39/9/b66u/v/+vT+fpfvOfyzOt9MhqpUdEK/2mVjdND7N1T9rsdfrlb+q12p1uOuen6L0dt+NOrMXlgXXb6e+x174y0F72tDfQfmWgvftE+9WB9l763oFiIbdfjNX4cdyJt3bay7a5Cds/P6G9mNCe8+94/m+knH/38c+575f5L6b21tC09OiD9hP7fXU66ve8fvuzv7x8/Jsz0WZ0Hm9bVbl9F2roz87f5Ew/fnpv7e7FB7fu37+7EmkysPRKpMkRy/n3dn7m9p7/n99tz8/71f310Qf9A+c/KzajOzb/5yvz5fa+OOW+1SHn308/Of+3Uvvo/f8k5z9+/3+phv4AAAAAAAAAAAAAAADAxymKYucS0dcj4lq6/qeuazMBgOnKr/9Fkper1Wq1Wq0+fXVVMdpr1SIi/lq9Tfme4eej7gwAmGX/i4h/1N0JaiP/Bsvf91dOX6i7M8BU3Xvv/R/eunNn7e69unsCAAAAAAAAAHxSefzP5cr4zy9ExNLQegPjv74Ry4cd/7ObZx4PMHrEA32Psdnud9qV4cafi53xuS+OG//7Qjw5/nceE7dT3Y4xehPa+xPa5ya0z49cupfWyAs9KnL+z1XGOy/zPz80/HoTxn8dHvO+CXL+FyqP5zL/LwytV82/+O3M5b+x3xU3oz2Q/6X77/7k0r333n/59ru33ll7Z+1HV1dWLl+9du369euX3r59Z+3y7r/H0+sZkPPPY187D7RZcv45c/k3S87/c6mWf7Pk/D+favk3S84/v9+Tf7Pk/PNnH/k3S87/xVTLv1ly/l9KtfybZWt7fa7M/6VUy79Z8v7/5VTLv1ly/i+nWv7NkvO/mGr5N0vO/1Kq95G/r4c/RXL++QiX/b9Zcv4rqZZ/s+T8r6Ra/s2S87+aavk3S87/lVTLv1ly/l9JtfybJed/LdXyb5ac/1dTLf9myflfT7X8myXn/7VUy79Zcv5fT7X8myXn/2qq5d8sOf9vpFr+zZLz/2aq5d8sOf9vpVr+zZLzfy3V8m+Wve//N2NmFmZ+cbR32IkZ2a6TNlP3MxMAAAAAAAAAAAAAMGwapxPXvY0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2LvXGLnO+n7gZ/bmtUOIgRCc/A1sEmOMs2TXl/jCHxcTrg1QbgmFXrBd79os+IbXLoEi2TRQImFUVIGavmgLCLWRqgqr4gWtKM2LqpdXpX1B31RUlZAaVSEKqEhtRbPVzHmexzOzszO73vF69jyfj2T/dmfOzDlz5szsftf+7gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGh295tmP18riqL+p/HX5qJ4Qf3jjRObG5e97mZvIQAAALBa/9v4+7nb0gWHl3GjpmX+9hX/8K2FhYWF4oPDXxn98sJCumKiKEY3FEXjuujqv32o1rxM8FgxXhtq+nyox+qHe1w/0uP60R7Xj/W4fkOP68d7XL9oByyysfx5TOPOtjU+3Fzu0uL2YrRx3bYOt3qstmFoKP4sp6HWuM3C6IlirjhVzBbTLcuXy9Yay3/n7vq63l7EdQ01rWtr/Qj58aePx22ohX28rWVd1+4z+tEbi4mf/PjTx//owjN3dpo9d0PL/ZXbueOe+nZ+NlxSbmut2JD2SdzOoabt3NrhORlu2c5a43b1j9u387llbufwtc1cU+3P+Xgx1Pj4e439NNL8Y720n7aGy/7r3qIoLl/b7PZlFq2rGCo2tVwydO35GS+PyPp91A+lFxcjKzpO717GcVqfM9taj9P210R8/u8OtxtZYhuan6YffWZs0fO+0uM0qj/qpV4r7cdgv18rg3IMxuPie40H/XjHY3BbePyf3r70Mdjx2OlwDKbH3XQM3tPrGBwaG25sc3oSao3bXDsGd7UsP9xYU60xn97e/RicunD63NT8Jz/12rnTx07Onpw9s2fXruk9+/YdOHBg6sTcqdnp8u/r3NuDb1MxlF4D94R9F18Dr25btvlQXfha/16H411eh5vblu3363Ck/cHV1uYFufiYLl8bD9d3+viVoWKJ11jj+dm5+tdhetxNr8ORptdhx68pHV6HI8t4HdaXObdzed+zjDT96bQNN+prweamY7D9+5H2Y7Df348MyjE4Ho6Lf9m59NeCrWF7H59c6fcjw4uOwfRww3tP/ZL0/f74gcbodFzeVb/ilrHi4vzs+fsfPXbhwvldRRhr4iVNx0r78bqp6TEVi47XoRUfr4fnXvH4XR0u3xz21fhr63+NL/lc1ZfZe3/356rx1a3z/my5dHcRRp+t9f7s9NW8vj9TluyyP+vLfHZq9d+Lp1za9P47usT7b8z9z5frS3f12PDoSPn6HU57Z7Tl/bj1qRppvHfVGut+bmp578ej4c9avx/f3uX9eEvbsv1+Px5tf3Dx/bjW66cdq9P+fI6H4+TUdPf34/oyW3av9Jgc6fp+fG+YtbD/XxOSQspFTcfOUsdtWtfIyGh4XCNxDa3H6Z6W5UdDNquv68nd13ec7ri3vK/h9OiuWavjdKJt2X4fp+n9aqnjtNbrp2/Xp/35HA/Hxe17uh+n9WWe2rv6986N8cOm986xXsfg6PBYfZtH00FYvt8vbIzH4P3F8eJscaqYaVw71jieao11TT6wvGNwLPxZ6/fKLV2OwR1ty/b7GExfx5Y69mojix98H7Q/n+PhuHjige7HYH2ZN+/v7/euO8IlaZmm713bf7621M+87mrbTTfyZ1717fzr/d1/Nltf5tSBlebM7vvpvnDJLR32U/vrd6nX1EyxNvtpS9jOZw4svZ/q21Nf5ssHl3k8HS6K4tLHH2z8vDf8+8qfXfz+t1r+3aXTv+lc+viDz9564m9Wsv0ArH/Pl2NT+bWu6V+mlvPv/wAAAMC6EHP/UJiJ/A8AAACVEXN//F/hifwPAAAAlRFz/0iYSSb5f8ubn5l7/lKRmvkLQbw+7YaHyuVix3U6fD6xcE398ge/MfvTv7i0vHUPFUXxs4d+o+PyWx6K21WaCNt59S2tly++4aVlrf/oI9eWa+6vfzXcf3w8yz0MOlVwp4ui+M5tX2ysZ+JDVxrzqYeONub7Lj/+WH2Z5w6Wn8fbP/2ScvnfD+XfwyeOtdz+6bAffhjm9Ds67494u29eec3W/R+4tr54u9o9L2w87Cc+XN5v/D05X3qsXD7u56W2/y+/8OQ368s/+qrO239pqPP2Pxnu9xth/vfLy+Wbn4P65/F2nwvbH9cXb3f/17/bcfuvfr5c/txby+WOhhnXvyN8vu2tz8w1769Ha8daHlfxtnK5uP7p7/924/p4f/H+27d//MiVlv3Rfnw89U/l/Uy1LR8vj+uJ/rxt/fX7aT4+4/qf/K2jLfu51/qvvu/pl9fvt33997UtN9x2+/bf2PQHn/tix/XF7Tn8p+daHs/h94bXcVj/Ex8Ox2O4/n+ufrFlvdHR97a+/8Tlv7r5Usvjid7+k3L9V99wsjH/feKnv3fLC2594eVX1vddUXzv/eX99Vr/yT8827L9X7tjZ+P5iNfHjn77+pcS13/+E5Nnzs5fnJtp2quN353zznJ7Noxv3FTf3tvCe2v750fOXvjI7PmJ6Ynpopio7q/Qu25fD/PZclxe6e13PhKez7t+9zubtv/jF+Ll//xwefmVd5Rft14dlvtSuHxz+fwt1Fa5/ifuvqPx+q49VX7e0mPvg63b/uPAshYMj7/9+4J4vJ976Uca+6F+XePrRnxdr3L7fzBT3s+3w35dCL+Z+Z47rq2vefn4uxGuvL98va96/4W3ufi8/nF4vt/1w/L+43bFx/uD8H3Md7e0vt/F4+Pbl4ba77/xWzwuh/eT4nJ5fVwq7u8rz93RcfPi7yEpLt/Z+Px30v3cuaKHuZT5T85PnZo7c/HRqQuz8xem5j/5qSOnz148c+FI43d5Hvlor9tfe3/a1Hh/mpndt7eY3lgUxdlieg3esG7M9tc/Wt72n3vk+Mz+6e0zsyeOXTxx4ZFzs+dPHp+fPz47M7/92IkTs5/odfu5mUO7dh/cs3/35Mm5mUMHDh7cc3By7szZ+maUG9XDvumPTZ45f6Rxk/lDew/ueuCBvdOTp8/OzB7aPz09ebHX7Rtfmybrt/71yfOzp45dmDs9Ozk/96nZQ7sO7tu3u+dvAzx97sT8xNT5i2emLs7Pnp8qH8vEhcbF9a99vW5PNc3/a/n9bLta+Yv4inffty/9fta6b3xmybsqF2n7BaLPhN9F8/cvOndgOZ/H3D8aZpJJ/gcAAIAcxNw/FmYi/wMAAEBlxNy/IcxE/gcAAIDKiLl/PMwkk/yv/6//v7z+f3m9/n9e/f9zHy97peu9/x/78/r/ebjJ/f9Vr1//X/+/ev3/5ffn1/v26//r/7PYoPX/Y+7fWBRZ5n8AAADIQcz9m8JM5H8AAACojJj7bwkzkf8BAACgMmLuf0GYSSb5P4f+/3s6LLbC/v/uXoWr6vf/1835/zcW+v/6/839//jk6P9nY8X9+w883PKp/n+g/6//r/+v/6//z6qNLnnNzer/x9x/a5hJJvkfAAAAchBz/wvDTOR/AAAAqIyY+28LM5H/AQAAoDJi7t8cZpJJ/s+h/9+J8/9Xtv/v/P/6//09/3/Txuj/rw/O/99d5/7/2C2LLtL/X2H/f1z/fz32/0f7u/2D3f/vufn6/9wQg3b+/5j7XxRmkkn+BwAAgBzE3P/iMBP5HwAAACoj5v6XhJnI/wAAAFAZMfffHmaSSf7X/9f/1//X/9f/77z+3uf/Lz/S/x8s+v/dOf9/D87/n1f/v8/bP9j9/36f/3/0Le231/+nk0Hr/8fc/9Iwk0zyPwAAAOQg5v47wkzkfwAAAKiMmPtfFmYi/wMAAEBlxNy/Jcwkk/yv/6//r/+v/6//33n9vfv/Jf3/waL/353+fw/6//r/+v/L6/93+OZX/59OevX/H3x9+T69Vv3/mPvvDDPJJP8DAABADmLuvyvMRP4HAACAyoi5//+Fmcj/AAAAUBkx928NM8kk/+v/6//r/+fV/79vTP9f/7/a9P+70//vQf9f/1//f5nn/19sJf3/Db3ujMro1f9/9337Gm+B7f3/DvmqL/3/mPtfHmaSSf4HAACAHMTc/4owE/kfAAAAKiPm/leGmcj/AAAAUBkx90+EmWSS//X/q9X//5O/euKVhf6//n+P9Ve0/x8PA/3/zOn/d6f/34P+v/6//v+a9P/Jx/X2/zvoS/8/5v67w0wyyf8AAACQg5j77wkzkf8BAACgMmLuvzfMRP4HAACAyoi5f1uYSSb5X/+/Wv3/SP9f/7/b+iva/0/0//Om/99B04tU/78H/X/9/+z7//G7X/1/+mPQ+v8x978qzCST/A8AAAA5iLl/e5iJ/A8AAACVEXP/q8NM5H8AAACojJj7d4SZZJL/9f/1//X/9f/1/zuvX/9/fdL/726l/f8x/X/9f/3/zPr/zv9Pfw1a/z/m/teEmWSS/wEAACAHMffvDDOR/wEAAKAy4v/fLP/fq/wPAAAAVRRz/2SYSSb5X/9f/z+n/n9N/1//X/+/8vT/u3P+/x70//X/9f/1/+mrQev/x9z/2jCTTPI/AAAA5CDm/vvDTOR/AAAAqIyY+6fCTOR/AAAAqIyY+6fDTDLJ//r/+v859f+d/1//X/+/+vT/u9P/70H/X/+/av3/otD/56YatP5/zP27wkwyyf8AAACQg5j7d4eZyP8AAABQGTH37wkzkf8BAACgMmLu3xtmkkn+1//X/9f/1//X/++8fv3/9alb//4ry7i9/n+g/6//r/9fjf6/8/9zkw1a/z/m/gfCTDLJ/wAAAJCDmPv3hZnI/wAAAFAZMffvDzMJ+b/T/+sGAAAA1peY+w+EmWTy7//6/xXp///m37WsW/9f/7/b+vvT/9+o/x+m/v9gqej5/9tfFtdtffb/n0+PX/9f/3+Qt1//X/+fxQat/x9z/8Ewk0zyPwAAAOQg5v7XhZnI/wAAAFAZMff//zAT+R8AAAAqI+b+14eZZJL/9f8r0v9vo/+v/99t/c7/r/9fZRXt//fN+uz/L3H+/yH9f/3/1W//WB+3X/9/Of3/Db3uhoq58f3/+NHy+v8x9x8KM8kk/wMAAEAOYu7/uTAT+R8AAAAqI+b+N4SZyP8AAABQGTH3Hw4zyST/6//r/+v/6//fmP7/G4p2g9j/rx88+v/Vov/fXaX6/87/r/8/YNuv/+/8/yw2aOf/j7n/jWEmmeR/AAAAyEHM/Q+Gmcj/AAAAUBkx978pzET+BwAAgMqIuf/NYSaZ5H/9f/1//X/9f+f/77x+/f/1Sf+/O/3/HvT/9f/1//X/6aub1//f0PH6mPvfEmaSSf4HAACAHMTc/9YwE/kfAAAAKiPm/reFmcj/AAAAUBkx9789zCST/K//r/+v/1/N/v+GLuvX/9f/rzL9/+70/3vQ/9f/1//X/6evBu38/zH3/3yYSSb5HwAAAHIQc/9DYSbyPwAAAFRGzP3vCDOR/wEAAKAyYu5/Z5hJJvlf/1//X/+/mv3/buvX/9f/rzL9/+70/3vQ/9f/1//X/6evBq3/H3P/u8JMMsn/AAAAkIOY+38hzET+BwAAgMqIuf/dYSbyPwAAAFRGzP3vCTPJJP/3p/9fK8pWq/5/M/3/6+n/L1xqvp3+v/5/0a/+f/1G+v9Z0P/vTv+/hw79/w36//r/+v/6/1y3Qev/x9z/3jCTTPI/AAAA5CDm/veFmcj/AAAAUBkx978/zET+BwAAgMqIuf/hMJNM8r/z/2fZ/08PefD6/87/r//v/P/6/6uj/9+d/n8Pzv+v/78u+/+jYX5sMn5t0v9nUAxa/z/m/kfCTDLJ/wAAAJCDmPs/EGYi/wMAAEBlxNz/i2Em8j8AAABURsz9HwwzyST/6/9n2f8f4PP/V63/P9JyfOTU/x9vej7Tcan/r/+/BvT/u9P/70H/X/9/kPv/4WjeuMTtnf+fQTRo/f+Y+z8UZpJJ/gcAAIAcxNz/S2Em8j8AAABURsz9vxxmIv8DAABAZcTc/ythJpnk/yz6/0OLF9P/1/9v3l/O/+/8/53Wr/+/Pun/d6f/34P+fz79/5H+b//NO/9/Sf+fQTRo/f+Y+381zGTJ4Pfsfy7jYQIAAAADJOb+D4eZZPLv/wAAAJCDmPuPhJnI/wAAAFAZMfcfDTPJJP9n0f/vYOn+fzyjqv6//r/+v/6//v961L/+/8tuLQr9f/1//f/K9v9vwPbr/+v/s9ig9f9j7j8WZpJJ/gcAAIAcxNz/a2Em8j8AAABURsz9x8NM5H8AAACojJj7Z8JMMsn/a93/b+r1jg5m/9/5/6+3//8z/X/9/0D/vzP9/7Xh/P/d6f/3oP+v/6//r/9PXw1a/z/m/tkwk0zyPwAAAFRY+nFwzP0nwkzkfwAAAKiMmPtPhpnI/wAAAFAZMfd/JMwkk/zv/P/6/87/fzP6/yMty+v/l/T/9f/7Qf+/O/3/HvT/9f/1//X/6atB6//H3D8XZpJJ/gcAAIAcxNz/0TAT+R8AAAAqI+b+j4WZyP8AAABQGTH3nwozyST/6//r/+fe/68VxWXn/9f/77R+/f/1Sf+/u/9j7z6a5DqrP463baVZwUtgzYqlWdkLXgBbdlSxNtHkYJmcwUSTwYDJOWeTc87Z5BxNMIaqoTw+50ij7rk90lx13/s8n8/m/KW/xbTwYOqH6luP/n8N/b/+X/+v/2dUU+v/c/dfFbd0sv8BAACgB7n77xu32P8AAADQjNz994tb7H8AAABoRu7++8ctnex//b/+v/f+f7GV9//3//Xt9/93/B3S/+v/N2Gpvz+2+q87KAo/sP+/2+VX31v/r//X/w/S/+v/9f+ca2r9f+7+B8Qtnex/AAAA6EHu/gfGLfY/AAAANCN3/4PiFvsfAAAAmpG7/+q4pZP9r//X/+v/9f/7+v+bvP+v/5837/8Pm0f/f/nu7q7+fxX9/7Q/v/5f/8+yqfX/ufsfHLd0sv8BAACgB7n7HxK32P8AAADQjNz9D41b7H8AAABoRu7+h8Utnex//b/+X/8/l/7/xIzf/4/vB/2//n8D9P/D5tH/e/9f/z/Pz6//1/+z7Pz7/wP/sT1K/5+7/+FxSyf7HwAAAHqQu/8RcYv9DwAAAM3I3f/IuMX+BwAAgGbk7n9U3NLJ/tf/6//1/3Pp/zf0/r/+X/8/czcszvwzQf+/TP+/xpr+f7HQ/w85dD+/+rc3n89/AP2//p9l59//H/gvNUr/n7v/0XHLlYvFiQv9TQIAAACTkrv/MXFLJ3/+DwAAAD3I3X9N3GL/AwAAQDNy95+OWzrZ//p//b/+X/+v/1/99fX/8+T9/2FH7//veuer7tNv/+/9/2He/x+7/7/9O6PJ/l9m3ZGp9f+5+6+NWzrZ/wAAANCD3P2PjVvsfwAAAGhG7v7HxS32PwAAADQjd//j45ZO9r/+f1r9f+YuF97/X7bv153V/+/VLvr/uff/99D/6//1/2vo/4d5/3+NvX/M7dQP9f/6f+//e/+fo5la/5+7/wlxSyf7HwAAAHqQu/+JcYv9DwAAAM3I3f+kuMX+BwAAgGbk7n9y3NLJ/tf/T6v/9/6//t/7//p//f/R6P+H6f/XaOX9/wv8rtl2P39U2/78+n/9P8um1v/n7n9K3NLJ/gcAAIAe5O5/atxi/wMAAEAzcvc/LW6x/wEAAKAZufufHrd0sv/1//r/efT/+RX0//r/i9//J/3/POn/h+n/12il/79A2+7n5/759f/6f5ZNrf/P3f+MuKWT/Q8AAAA9yN3/zLjF/gcAAIBm5O5/Vtxi/wMAAEAzcvc/O27pZP/r//X/8+j/vf+v//f+v/7/cPT/w/T/a+j/9f/6f/0/o5pa/5+7/7q4pZP9DwAAAD3I3f+cuMX+BwAAgGbk7n9u3GL/AwAAQDNy9z8vbulk/+v/V/X/t+j/9f/6f/2//n+m9P/D9P9r6P/1//p//T+jmlD/f9avOrV4ftzSyf4HAACAHuTuf0HcYv8DAABAM3L3vzBusf8BAACgGbn7r49bOtn/+v/JvP+/l/O11f/vLBYL/f+i0/5/56y/n/V9qf/X/2+A/n+Y/n8N/b/+X/+v/2dUE+r/936cu/9FcUsn+x8AAAB6kLv/xXGL/Q8AAADNyN3/krjF/gcAAIBm5O5/adzSyf7X/0+m/9/TVv/v/f9zvz966v+9/79M/78Z+v9h+v819P/6f/2//p9RTa3/z93/srjpxPEL/i0CAAAAE5O7/+VxSyd//g8AAAA9yN3/irjF/gcAAICZum7pZ3L3vzJu6WT/6//H7f9PnPVz+n/9/7nfH/p//b/+/+LT/w/T/6+h/9f/6//1/4xqav1/7v5XxS2d7H8AAADoQe7+G+IW+x8AAACakbv/1XGL/Q8AAADNyN3/mrilk/2v//f+v/5f/6//X/319f/zpP8fpv9fQ/9/YD9/mKex9f9H7v9Pnvk/9f+04Tz6/93d3Wsuev+fu/+1cUsn+x8AAAB6kLv/xrjF/gcAAIBm5O5/Xdxi/wMAAEAzcve/Pm7pZP/r/zvt//NbfV79/+nFYpL9/6X6//30/6vp/zdD/z9M/7+G/t/7/97/1/8zqqm9/5+7/w1xSyf7HwAAAHqQu/+NcYv9DwAAAM3I3f+muMX+BwAAgGbk7n9z3NLJ/tf/d9r/e//f+//6/033/7ct9P8bMYv+f+fgrz/1/v9a/b/+f0B3/f89777vh/p//T/Lptb/5+5/S9zSyf4HAACAHuTuf2vcYv8DAABAM3L3vy1usf8BAACgGbn73x43Hetk/+v/9f/6f/2//n/119/w+/8nFouF/n8Es+j/B0y9/x/n/f9z/1N+hv5f/z/nz6//1/+zbGr9f+7+d8Qtnex/AAAA6EHu/nfGLfY/AAAANCN3/7viFvsfAAAAmpG7/91xSyf7X/+v/9f/6/+b7/+vnUX/7/3/kej/h02j/z+Y/l//P+fPr//X/3N42+r/c/e/J27pZP8DAABAD3L3vzdusf8BAACgGbn73xe32P8AAADQjNz9749bOtn/+n/9//n0//k59f9t9f8nJ9f/n9r3r9fJ+//6/5Ho/4fp/9fQ/+v/9f/X6f8Z09Te/8/d/4G4pZP9DwAAAD3I3f/BuPU/3dr/AAAA0Izc/R+KW+x/AAAAaEbu/g/HLZ3sf/2//t/7//r/5t//1/93Rf8/TP+/hv5f/6//9/4/o5pa/5+7/yNxSyf7HwAAAHqQu/+jcYv9DwAAAM3I3f+xuMX+BwAAgGbk7r8pbulk/+v/9f/6f/2//v+Ov4f6/zbo/4dtpv/f0f/r/6ufvyT+U6D/1/+v+/W0aWr9f+7+j8ctnex/AAAAaM3xFT+Xu/8TcYv9DwAAAM3I3f/JuMX+BwAAgFk6tuLncvd/Km6Z5f5fVaEP0//r//X/+n/9/+qvr/+fp630//lNof/3/n/op/+/y74fze39/3P/++uyhf5f/8/Yptb/5+7/dNwyy/0PAAAArJK7/zNxi/0PAAAAzcjd/9m4xf4HAACAZuTu/1zc0sn+1//r//X/+n/9/+qvr/+fp9H6/5ML7//r//X/G34/f+6fX/+v/2fZ1Pr/3P2fj1s62f8AAADQg9z9X4hb7H8AAABoRu7+L8Yt9j8AAAA0Y2/3Z1zW4f7X/+v/9f/6f/3/6q+v/5+nrbz/r//X/+v/9+j/9f/6f841tf7/S3u/6tTiy3FLJ/sfAAAAepC7/ytxi/0PAAAAzcjd/9W4xf4HAACAZuTu/1rc0sn+1//va89P6/+n2v/v7u5eo/+/ZHGV/n9l/3/zjPv/6/X/I9P/D+u4/z92qA+g/9f/T77/P/e/Jc/Q/zNFU+v/c/d/PW7pZP8DAABAD3L3fyNusf8BAACgGbn7vxm32P8AAADQjNz934pbOtn/+v8JvP9/Sv/v/X/v/y+8/6//H4n+f1jH/f/htNj/nzr8b3/b/fxRbfvze/9f/8+yqfX/ufu/Hbd0sv8BAACgB7n7vxO32P8AAADQjNz9341b7H8AAABoRu7+78Utnex//f/m+v/b/73r5f3/ncXqz6//1//r//X/F5v+f5j+f40W+//zsO1+fu6fX/+v/2fZ1Pr/3P3fj1v2D7/j5/e7BAAAAKYkd/8P4pZO/vwfAAAAepC7/4dxi/0PAAAAzcjd/6O4pZP9r/+fwPv/Dfb/3v9f/f2h/590/3+p/r8N+v9h+v819P/6f/3/SP1/fjfr/3s3tf4/d/+P45ZO9j8AAAD0IHf/T+KWK3e29ZEAAACAkeXu/2nc4s//AQAAoBm5+2+OW87a/6va7lbo//X/+n/9v/5/9dfX/8+T/n/YYfv/k4uj9f9J/6//1//32v97/587bLj/P72u/8/d/7O4xZ//AwAAwOwcP+Dnc/f/PG6x/wEAAKAZuft/EbfY/wAAANCM3P2/jFtuuXRbH2mj9P/6f/3/mv7/1vgG1//r//X/s6D/H+b9/zX0/2P081fo/9vo/xcL/T9Ht+H+f+2Pc/f/Km7x5/8AAADQjNz9v45b7H8AAABoRu7+38Qt9j8AAAA0I3f/b+OWTva//l//f8T+fy/NbLr/9/6//j/o/+dB/z9s+/3/jYNfVv/fRP/v/f9G+n/v/zOGbfT/OwP//9z9v4tbOtn/AAAA0IPc/b+PW+x/AAAAaEbu/j/ELfY/AAAANCN3/x/jlk72/9b6//i3Wv8/+/6//ff/B/v/3YX+X/+v/58W/f+w7ff/w/T/+v85f379v/6fZdvo/wd/vPerTi3+FLd0sv8BAACgB7n7/xy32P8AAADQjNz9f4lb7H8AAABoRu7+v8Ytnex/7//r//X/3v/X/6/++vr/edL/D9P/r1Z/o/T/+n/9v/6fUU2t/8/d/7e4pZP9DwAAAD3I3f/3uMX+BwAAgGbk7r8lbrH/AQAAoBm5+/8RtzSx/4+t/Sv0/7Ps/yuP1v/r//X/+n/20/8P22b/f687rf+y3v/fev+fH0H/r//X/zOKqfX/ufv/Gbc0sf8BAACA2+Xu/1fcYv8DAABAM3L3/ztusf8BAACgGbn7b41bOtn/a/r/k/UX6v8Hef9//+fX/6/+/tD/6//1/xef/n+Y9//X0P97/1//r/9nVFPr/3P3/ydu6WT/AwAAQA9y998Wt9j/AAAA0Izc/f+NW+x/AAAAaEbu/v/FLZ3sf+//z6n/v0L/r//X/+v/9f9r6P+H6f/X0P/r//X/+n9GNbX+P3f//wMAAP//qbtNJQ==")
r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x28)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f0000000680)={0x4, 0x4000000966a, 0x8001, 0x4, 0xd92, 0x0, 0x2401})

1.139061534s ago: executing program 1 (id=762):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000280))
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000700))

774.346425ms ago: executing program 3 (id=763):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000180)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="cf0400000000000000001300000008000300", @ANYRES32=r2, @ANYBLOB="0400130006001200000000000600b500850100000a0006000802110000010000280011"], 0x64}}, 0x0)

354.53714ms ago: executing program 1 (id=764):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000080)={0x4, 0x204, 0x7, 0x5, r1}, &(0x7f0000000100)=0x10)

145.849512ms ago: executing program 1 (id=765):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6, 0x0, 0x40, 0x7f}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 0 (id=766):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r0, 0x11e, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x63, 0x10, &(0x7f0000002e00), &(0x7f0000001000), 0x8, 0xa0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r0, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

kernel console output (not intermixed with test programs):

7.179457][ T4463] XFS (loop3): Quotacheck: Done.
[   87.257870][   T26] audit: type=1804 audit(1769063751.641:3): pid=4463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.34" name="/newroot/5/file0/file1" dev="loop3" ino=9286 res=1 errno=0
[   87.279282][    C1] vkms_vblank_simulate: vblank timer overrun
[   87.415062][ T4283] XFS (loop3): Unmounting Filesystem
[   87.640252][ T4503] loop0: detected capacity change from 0 to 32768
[   87.703354][ T4503] gfs2: fsid=noquota: Trying to join cluster "lock_nolock", "noquota"
[   87.703436][ T4503] gfs2: fsid=noquota: Now mounting FS (format 1801)...
[   87.807394][ T4503] gfs2: fsid=noquota.s: journal 0 mapped with 5 extents in 0ms
[   88.000221][ T4503] gfs2: fsid=noquota.s: first mount done, others may mount
[   88.529587][    T7] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   88.739579][    T7] usb 5-1: Using ep0 maxpacket: 32
[   88.779653][    T7] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[   88.791725][    T7] usb 5-1: New USB device strings: Mfr=115, Product=0, SerialNumber=0
[   88.800810][    T7] usb 5-1: Manufacturer: syz
[   88.827174][    T7] usb 5-1: config 0 descriptor??
[   88.909516][  T128] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   89.052069][    T7] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[   89.061605][ T4518] loop3: detected capacity change from 0 to 32768
[   89.105078][    T7] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   89.129511][  T128] usb 2-1: Using ep0 maxpacket: 8
[   89.135662][ T4518] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by syz.3.48 (4518)
[   89.138731][  T128] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   89.161826][    T7] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[   89.185559][    T7] usb 5-1: media controller created
[   89.203255][  T128] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   89.226897][  T128] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   89.248197][    T7] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   89.262866][  T128] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   89.278949][  T128] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   89.304433][    T7] az6027: usb out operation failed. (-71)
[   89.321106][  T128] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.378395][    T7] az6027: usb out operation failed. (-71)
[   89.387958][ T4518] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[   89.399717][    T7] stb0899_attach: Driver disabled by Kconfig
[   89.405999][ T4518] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[   89.422140][    T7] az6027: no front-end attached
[   89.422140][    T7] 
[   89.436802][    T7] az6027: usb out operation failed. (-71)
[   89.441871][ T4518] BTRFS info (device loop3): turning on sync discard
[   89.449206][    T7] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[   89.467469][    T7] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input5
[   89.483228][ T4518] BTRFS info (device loop3): turning on async discard
[   89.500436][    T7] dvb-usb: schedule remote query interval to 400 msecs.
[   89.508748][    T7] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[   89.517084][ T4518] BTRFS info (device loop3): using free space tree
[   89.546662][    T7] usb 5-1: USB disconnect, device number 2
[   89.624679][  T128] usb 2-1: GET_CAPABILITIES returned 0
[   89.641222][  T128] usbtmc 2-1:16.0: can't read capabilities
[   89.662493][    T7] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[   89.792740][ T4518] BTRFS info (device loop3): enabling ssd optimizations
[   89.843083][ T4312] usb 2-1: USB disconnect, device number 2
[   89.873866][ T4552] device hsr0 entered promiscuous mode
[   89.903494][ T4552] device hsr0 left promiscuous mode
[   90.142526][ T4283] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[   90.275927][ T4558] loop2: detected capacity change from 0 to 2048
[   90.423376][ T4558] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[   90.503087][ T4558] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   90.743602][ T4574] Driver unsupported XDP return value 0 on prog  (id 6) dev N/A, expect packet loss!
[   91.210986][ T4590] netlink: 'syz.2.71': attribute type 7 has an invalid length.
[   91.250192][ T4590] netlink: 8 bytes leftover after parsing attributes in process `syz.2.71'.
[   91.260018][ T4592] binder: 4591:4592 ioctl c018620c 200000000700 returned -1
[   91.279733][  T128] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   91.291574][ T4594] loop4: detected capacity change from 0 to 256
[   91.367414][ T4594] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x23633d53, utbl_chksum : 0xe619d30d)
[   91.499522][  T128] usb 4-1: Using ep0 maxpacket: 32
[   91.509031][  T128] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[   91.528870][  T128] usb 4-1: New USB device strings: Mfr=115, Product=0, SerialNumber=0
[   91.557692][  T128] usb 4-1: Manufacturer: syz
[   91.593168][  T128] usb 4-1: config 0 descriptor??
[   91.723947][ T4600] loop2: detected capacity change from 0 to 1024
[   91.775714][ T4605] netlink: 8 bytes leftover after parsing attributes in process `syz.4.77'.
[   91.805046][  T128] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[   91.824839][  T128] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   91.845337][  T128] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[   91.859617][  T128] usb 4-1: media controller created
[   91.948057][  T128] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   91.968737][ T4356] hfsplus: b-tree write err: -5, ino 4
[   92.023322][  T128] az6027: usb out operation failed. (-71)
[   92.050136][  T128] az6027: usb out operation failed. (-71)
[   92.056143][  T128] stb0899_attach: Driver disabled by Kconfig
[   92.089504][  T128] az6027: no front-end attached
[   92.089504][  T128] 
[   92.126920][  T128] az6027: usb out operation failed. (-71)
[   92.139895][  T128] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[   92.181743][  T128] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input6
[   92.196730][ T4611] loop2: detected capacity change from 0 to 1024
[   92.226728][ T4611] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   92.240499][  T128] dvb-usb: schedule remote query interval to 400 msecs.
[   92.280652][  T128] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[   92.306785][ T4611] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   92.379313][  T128] usb 4-1: USB disconnect, device number 2
[   92.479841][ T4611] EXT4-fs (loop2): unmounting filesystem.
[   92.569084][  T128] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[   93.018694][ T4621] loop4: detected capacity change from 0 to 32768
[   93.040064][ T4621] (syz.4.88,4621,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   93.055730][ T4621] (syz.4.88,4621,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   93.113595][ T4621] JBD2: Ignoring recovery information on journal
[   93.195079][ T4630] loop3: detected capacity change from 0 to 512
[   93.214234][ T4621] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[   93.233928][ T4621] (syz.4.88,4621,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xdf97dca5. Applying ECC.
[   93.263517][ T4630] EXT4-fs: Invalid gid value -1
[   93.338069][ T4621] (syz.4.88,4621,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xc9ee627, computed 0x45d1f118. Applying ECC.
[   93.351795][ T4621] (syz.4.88,4621,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xc9ee627, computed 0x45d1f118
[   93.364247][ T4621] (syz.4.88,4621,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5
[   93.373075][ T4621] (syz.4.88,4621,1):ocfs2_quota_read:201 ERROR: status = -5
[   93.380580][ T4621] Quota error (device loop4): find_tree_dqentry: Can't read quota tree block 3
[   93.389832][ T4621] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[   93.399267][ T4621] (syz.4.88,4621,1):ocfs2_acquire_dquot:878 ERROR: status = -5
[   93.408882][ T4621] (syz.4.88,4621,1):ocfs2_symlink:1879 ERROR: status = -5
[   93.416268][ T4621] (syz.4.88,4621,1):ocfs2_symlink:2065 ERROR: status = -5
[   93.692304][ T4277] ocfs2: Unmounting device (7,4) on (node local)
[   94.059546][ T4566] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   94.149284][ T4643] loop4: detected capacity change from 0 to 1024
[   94.166298][ T4643] EXT4-fs: inline encryption not supported
[   94.190281][ T4624] loop1: detected capacity change from 0 to 32768
[   94.194373][ T4643] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   94.256564][ T4566] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   94.279343][ T4627] loop2: detected capacity change from 0 to 40427
[   94.285545][ T4566] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   94.304777][ T4627] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   94.313056][ T4627] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   94.327636][ T4627] F2FS-fs (loop2): invalid crc value
[   94.345523][ T4627] F2FS-fs (loop2): Found nat_bits in checkpoint
[   94.373681][ T4566] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   94.393390][ T4643] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   94.437235][ T4624] XFS (loop1): Mounting V5 Filesystem
[   94.445661][ T4566] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[   94.456606][ T4566] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[   94.469588][ T4566] usb 1-1: Product: syz
[   94.473834][ T4566] usb 1-1: Manufacturer: syz
[   94.478558][ T4566] usb 1-1: SerialNumber: syz
[   94.532500][ T4627] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   94.573532][ T4627] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   94.637726][ T4624] XFS (loop1): Ending clean mount
[   94.670727][ T4624] XFS (loop1): Quotacheck needed: Please wait.
[   94.702591][ T4566] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   94.750468][ T4277] EXT4-fs (loop4): unmounting filesystem.
[   94.800257][ T4624] XFS (loop1): Quotacheck: Done.
[   94.940230][   T27] usb 1-1: USB disconnect, device number 2
[   94.949924][   T27] usblp0: removed
[   94.985080][ T4663] netlink: 4 bytes leftover after parsing attributes in process `syz.4.95'.
[   95.092691][ T4270] XFS (loop1): Unmounting Filesystem
[   95.155078][ T4665] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   95.679102][ T4674] loop0: detected capacity change from 0 to 512
[   95.724689][ T4674] EXT4-fs: inline encryption not supported
[   95.779329][ T4674] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   95.841315][ T4674] EXT4-fs (loop0): 1 truncate cleaned up
[   95.847137][ T4674] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   96.134793][ T4272] EXT4-fs (loop0): unmounting filesystem.
[   96.202660][ T4687] loop2: detected capacity change from 0 to 128
[   96.235921][ T4668] loop4: detected capacity change from 0 to 32768
[   96.284065][ T4687] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   96.310118][ T4687] hpfs: filesystem error: improperly stopped
[   96.316343][ T4687] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   96.372569][ T4668] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[   96.408712][ T4668] XFS (loop4): Mounting V5 Filesystem
[   96.428064][ T4687] hpfs: You really don't want any checks? You are crazy...
[   96.465325][ T4687] hpfs: hpfs_map_sector(): read error
[   96.515268][ T4687] hpfs: code page support is disabled
[   96.523474][ T4687] hpfs: hpfs_map_4sectors(): unaligned read
[   96.540842][ T4668] XFS (loop4): Ending clean mount
[   96.556552][ T4687] hpfs: hpfs_map_4sectors(): unaligned read
[   96.577701][ T4687] hpfs: filesystem error: unable to find root dir
[   96.587961][ T4668] XFS (loop4): Quotacheck needed: Please wait.
[   96.674379][ T4668] XFS (loop4): Quotacheck: Done.
[   96.875451][ T4277] XFS (loop4): Unmounting Filesystem
[   97.014233][ T4710] loop2: detected capacity change from 0 to 2048
[   97.092750][ T4710] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   97.494082][ T4693] loop0: detected capacity change from 0 to 32768
[   97.548566][ T4693] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 scanned by syz.0.105 (4693)
[   97.654908][ T4693] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[   97.695308][ T4693] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[   97.701099][ T4725] netlink: 68 bytes leftover after parsing attributes in process `syz.1.119'.
[   97.765067][ T4693] BTRFS info (device loop0): using free space tree
[   98.137661][ T4693] BTRFS info (device loop0): enabling ssd optimizations
[   98.495647][ T4272] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[   98.678754][ T4720] set_capacity_and_notify: 1 callbacks suppressed
[   98.678771][ T4720] loop2: detected capacity change from 0 to 32768
[   98.761640][ T4554] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 10 /dev/loop0 scanned by udevd (4554)
[   98.906928][   T26] audit: type=1800 audit(1769063763.301:4): pid=4720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.117" name="file1" dev="loop2" ino=7 res=0 errno=0
[   98.997743][ T4765] loop3: detected capacity change from 0 to 1024
[   99.080716][ T4770] netlink: 8 bytes leftover after parsing attributes in process `syz.1.127'.
[   99.160956][ T4770] IPVS: Error joining to the multicast group
[   99.569242][ T4782] ax25_connect(): syz.1.132 uses autobind, please contact jreuter@yaina.de
[   99.687412][ T4784] loop2: detected capacity change from 0 to 1024
[   99.877510][ T4784] hfsplus: xattr searching failed
[   99.902003][ T4789] loop1: detected capacity change from 0 to 64
[  100.086259][ T4789] Trying to free block not in datazone
[  100.118735][   T56] hfsplus: bad catalog file entry
[  100.154110][   T56] hfsplus: b-tree write err: -5, ino 3
[  100.418623][ T4772] loop4: detected capacity change from 0 to 32768
[  100.535942][ T4805] netlink: 8 bytes leftover after parsing attributes in process `syz.0.139'.
[  100.573956][ T4772] XFS (loop4): Mounting V5 Filesystem
[  100.729718][ T4772] XFS (loop4): Ending clean mount
[  100.756396][ T4772] XFS (loop4): Quotacheck needed: Please wait.
[  100.838353][ T4772] XFS (loop4): Quotacheck: Done.
[  100.989948][ T4277] XFS (loop4): Unmounting Filesystem
[  101.024978][ T4787] loop3: detected capacity change from 0 to 32768
[  101.050725][ T4787] XFS (loop3): Mounting V5 Filesystem
[  101.154419][ T4787] XFS (loop3): Ending clean mount
[  101.186275][ T4787] XFS (loop3): Quotacheck needed: Please wait.
[  101.232369][ T4830] loop1: detected capacity change from 0 to 128
[  101.261279][ T4787] XFS (loop3): Quotacheck: Done.
[  101.617722][ T4283] XFS (loop3): Unmounting Filesystem
[  101.987656][ T4839] loop2: detected capacity change from 0 to 4096
[  102.031147][ T4839] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512)
[  102.102407][ T4839] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  102.633122][   T26] audit: type=1326 audit(1769063767.011:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4860 comm="syz.2.158" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0bc639acb9 code=0x0
[  102.759139][ T4867] loop1: detected capacity change from 0 to 128
[  102.788714][ T4867] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  102.809496][ T4758] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  102.858393][ T4867] hpfs: filesystem error: improperly stopped
[  102.867771][ T4867] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  102.884923][ T4867] hpfs: You really don't want any checks? You are crazy...
[  102.899190][ T4867] hpfs: hpfs_map_sector(): read error
[  102.914967][ T4867] hpfs: code page support is disabled
[  102.925262][ T4867] hpfs: hpfs_map_4sectors(): unaligned read
[  102.935321][ T4867] hpfs: hpfs_map_4sectors(): unaligned read
[  102.959876][ T4867] hpfs: filesystem error: unable to find root dir
[  102.995616][ T4758] usb 4-1: config 0 has too many interfaces: 204, using maximum allowed: 32
[  103.019607][ T4758] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 204
[  103.055545][ T4758] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.087070][ T4758] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  103.107402][ T4758] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  103.139681][ T4758] usb 4-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00
[  103.152321][ T4758] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.184840][ T4758] usb 4-1: config 0 descriptor??
[  103.527479][ T4884] loop2: detected capacity change from 0 to 2048
[  103.565843][ T4884] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  103.679602][ T4758] input: HID 28bd:0909 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28BD:0909.0001/input/input7
[  103.779626][   T27] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  103.803446][ T4758] uclogic 0003:28BD:0909.0001: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0909] on usb-dummy_hcd.3-1/input0
[  103.924499][ T4758] usb 4-1: USB disconnect, device number 3
[  103.932545][ T4890] loop2: detected capacity change from 0 to 4096
[  103.970008][   T27] usb 5-1: Using ep0 maxpacket: 16
[  103.978785][   T27] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.035994][   T27] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.066664][   T27] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  104.117728][   T27] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  104.163323][   T27] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.198766][ T4891] fido_id[4891]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[  104.215537][   T27] usb 5-1: config 0 descriptor??
[  104.661645][   T27] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0002/input/input8
[  104.683765][ T4902] netlink: 4 bytes leftover after parsing attributes in process `syz.3.177'.
[  104.762921][   T27] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  104.843267][   T27] usb 5-1: USB disconnect, device number 3
[  104.946614][ T4911] loop1: detected capacity change from 0 to 8
[  105.086090][ T4915] loop0: detected capacity change from 0 to 1024
[  105.195170][ T4912] fido_id[4912]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  105.540217][   T56] hfsplus: b-tree write err: -5, ino 4
[  105.699809][ T4570] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  105.911434][ T4570] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  105.942468][ T4570] usb 2-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00
[  105.955219][ T4570] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.985959][ T4570] usb 2-1: config 0 descriptor??
[  106.019794][ T4334] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  106.214522][ T4334] usb 4-1: unable to get BOS descriptor or descriptor too short
[  106.234534][ T4334] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  106.255485][ T4334] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  106.282069][ T4334] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  106.338419][ T4334] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  106.367142][ T4334] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.384736][ T4948] loop2: detected capacity change from 0 to 1024
[  106.394509][ T4334] usb 4-1: Product: syz
[  106.398987][ T4334] usb 4-1: Manufacturer: syz
[  106.405775][ T4570] dragonrise 0003:0079:0006.0003: item fetching failed at offset 2/5
[  106.416694][ T4334] usb 4-1: SerialNumber: syz
[  106.426943][ T4570] dragonrise 0003:0079:0006.0003: parse failed
[  106.445108][ T4570] dragonrise: probe of 0003:0079:0006.0003 failed with error -22
[  106.528102][ T4950] loop0: detected capacity change from 0 to 2048
[  106.586566][ T4950] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found!
[  106.607079][ T4570] usb 2-1: USB disconnect, device number 3
[  106.647508][ T4950] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  106.793333][ T4936] loop4: detected capacity change from 0 to 40427
[  106.873084][ T4936] F2FS-fs (loop4): invalid crc value
[  106.935531][ T4936] F2FS-fs (loop4): Found nat_bits in checkpoint
[  107.038529][ T4959] tap0: tun_chr_ioctl cmd 2147767511
[  107.083593][ T4334] usb 4-1: 0:2 : does not exist
[  107.106583][ T4936] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  107.357534][ T4334] usb 4-1: USB disconnect, device number 4
[  107.496580][ T4277] syz-executor: attempt to access beyond end of device
[  107.496580][ T4277] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  107.572370][ T4964] loop1: detected capacity change from 0 to 4096
[  107.588871][ T4968] loop2: detected capacity change from 0 to 512
[  107.896205][   T56] ntfs3: loop1: ntfs3_write_inode r=5 failed, -22.
[  108.098608][ T4270] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[  108.131074][ T4270] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  108.212292][ T4976] loop4: detected capacity change from 0 to 1024
[  108.385294][ T4975] loop0: detected capacity change from 0 to 4096
[  108.468241][ T4975] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  108.555593][ T4985] hfsplus: xattr searching failed
[  108.707468][ T4976] EXT4-fs: Ignoring removed orlov option
[  108.719583][ T4976] EXT4-fs: Ignoring removed oldalloc option
[  108.733578][   T11] hfsplus: bad catalog file entry
[  108.738876][   T11] hfsplus: b-tree write err: -5, ino 3
[  108.761549][ T4976] EXT4-fs (loop4): Test dummy encryption mode enabled
[  108.826291][ T4976] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  108.940934][ T4994] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  108.971318][ T4994] hpfs: filesystem error: improperly stopped
[  109.000791][ T4994] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  109.029190][ T4994] hpfs: You really don't want any checks? You are crazy...
[  109.065522][ T4994] hpfs: hpfs_map_sector(): read error
[  109.096040][ T4994] hpfs: code page support is disabled
[  109.118142][ T4994] hpfs: hpfs_map_4sectors(): unaligned read
[  109.150157][ T4994] hpfs: hpfs_map_4sectors(): unaligned read
[  109.156146][ T4994] hpfs: filesystem error: unable to find root dir
[  109.231927][ T4272] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22.
[  109.257325][ T4277] EXT4-fs (loop4): unmounting filesystem.
[  109.847179][ T5015] set_capacity_and_notify: 3 callbacks suppressed
[  109.847196][ T5015] loop1: detected capacity change from 0 to 164
[  110.067959][ T5020] loop4: detected capacity change from 0 to 1024
[  110.187878][ T5024] capability: warning: `syz.2.228' uses 32-bit capabilities (legacy support in use)
[  110.222007][ T5022] pimreg: tun_chr_ioctl cmd 2147767507
[  110.286030][ T5024] program syz.2.228 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  110.323729][ T5020] hfsplus: xattr searching failed
[  110.412403][   T11] hfsplus: bad catalog file entry
[  110.417700][   T11] hfsplus: b-tree write err: -5, ino 3
[  110.598117][ T5033] loop0: detected capacity change from 0 to 512
[  110.621059][ T5033] EXT4-fs: Ignoring removed oldalloc option
[  110.646724][ T5029] loop1: detected capacity change from 0 to 4096
[  110.679802][ T5033] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  110.798008][ T5029] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  110.817398][ T5033] EXT4-fs error (device loop0): ext4_xattr_inode_iget:397: comm syz.0.242: Parent and EA inode have the same ino 15
[  110.909831][ T4758] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  110.933527][ T5033] EXT4-fs error (device loop0): ext4_xattr_inode_iget:397: comm syz.0.242: Parent and EA inode have the same ino 15
[  110.961416][ T5033] EXT4-fs (loop0): 1 orphan inode deleted
[  110.967254][ T5033] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  111.005285][ T5045] loop4: detected capacity change from 0 to 1024
[  111.092651][ T4758] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  111.125691][ T4758] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  111.175341][ T4758] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  111.241917][ T4758] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  111.269541][ T4758] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  111.280622][ T4272] EXT4-fs (loop0): unmounting filesystem.
[  111.296963][ T4758] usb 3-1: Product: syz
[  111.330987][ T4758] usb 3-1: Manufacturer: syz
[  111.347139][ T4758] usb 3-1: SerialNumber: syz
[  111.427852][ T4270] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[  111.470051][ T2903] hfsplus: b-tree write err: -5, ino 4
[  111.615348][ T4758] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  111.846150][ T4334] usb 3-1: USB disconnect, device number 2
[  111.868856][ T4334] usblp0: removed
[  112.235779][ T5051] loop0: detected capacity change from 0 to 32768
[  112.277208][ T5051] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.249 (5051)
[  112.344510][ T5051] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  112.404851][ T5051] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  112.449476][ T5051] BTRFS info (device loop0): setting nodatacow, compression disabled
[  112.457660][ T5051] BTRFS info (device loop0): allowing degraded mounts
[  112.503633][ T5051] BTRFS info (device loop0): max_inline at 0
[  112.524651][ T5051] BTRFS info (device loop0): using free space tree
[  112.756284][ T5104] loop3: detected capacity change from 0 to 1024
[  113.097862][ T4272] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  113.145557][ T2903] hfsplus: b-tree write err: -5, ino 4
[  113.347661][ T5114] loop4: detected capacity change from 0 to 4096
[  113.559788][ T5122] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  113.652225][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802f78cc00: rx timeout, send abort
[  113.663207][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88802f78cc00: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  113.739542][ T5122] usb 3-1: Using ep0 maxpacket: 8
[  113.751212][ T5122] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  113.810930][ T5122] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  113.844811][ T5122] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  113.871524][ T5122] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  113.900285][ T5135] netlink: 28 bytes leftover after parsing attributes in process `syz.1.264'.
[  113.941924][ T5122] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  113.969155][ T5122] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.243511][ T5122] usb 3-1: GET_CAPABILITIES returned 0
[  114.243548][ T5122] usbtmc 3-1:16.0: can't read capabilities
[  114.419530][ T5123] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  114.450734][ T5151] loop0: detected capacity change from 0 to 128
[  114.472070][ T5151] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  114.481714][   T27] usb 3-1: USB disconnect, device number 3
[  114.542068][ T5151] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  114.633398][ T5123] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  114.653825][ T5123] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  114.683583][ T5123] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  114.732009][ T5123] usb 2-1: config 0 interface 0 has no altsetting 0
[  114.753165][ T5123] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  114.776452][ T5123] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  114.790228][ T5123] usb 2-1: config 0 interface 0 has no altsetting 0
[  114.798554][ T5123] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  114.817515][ T5123] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  114.844430][ T5123] usb 2-1: config 0 interface 0 has no altsetting 0
[  114.853077][ T5123] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  114.862587][ T5123] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  114.874140][ T5123] usb 2-1: config 0 interface 0 has no altsetting 0
[  114.882749][ T5123] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  114.892862][ T5123] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  114.910284][ T5123] usb 2-1: config 0 interface 0 has no altsetting 0
[  114.929367][ T5123] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  114.986756][ T5123] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  115.008943][ T5123] usb 2-1: config 0 interface 0 has no altsetting 0
[  115.027652][ T5123] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  115.055141][ T5123] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  115.116844][ T5123] usb 2-1: config 0 interface 0 has no altsetting 0
[  115.146094][ T5123] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  115.159480][   T26] audit: type=1326 audit(1769063780.545:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5166 comm="syz.4.279" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f329699acb9 code=0x0
[  115.203993][ T5123] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  115.223724][ T5123] usb 2-1: config 0 interface 0 has no altsetting 0
[  115.245659][ T5123] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  115.261974][ T5123] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  115.273845][ T5123] usb 2-1: Product: syz
[  115.278215][ T5123] usb 2-1: Manufacturer: syz
[  115.288410][ T5123] usb 2-1: SerialNumber: syz
[  115.307520][ T5123] usb 2-1: config 0 descriptor??
[  115.327087][ T5123] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[  115.361256][ T5174] loop2: detected capacity change from 0 to 256
[  115.647682][    C0] usb 2-1: yurex_control_callback - control failed: -71
[  115.678062][ T5123] usb 2-1: USB disconnect, device number 4
[  115.701037][ T5123] yurex 2-1:0.0: USB YUREX #0 now disconnected
[  115.832401][ T5181] loop3: detected capacity change from 0 to 2048
[  115.854683][ T5181] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  116.287930][ T5199] capability: warning: `syz.2.292' uses deprecated v2 capabilities in a way that may be insecure
[  116.326933][ T5201] loop4: detected capacity change from 0 to 128
[  116.344494][ T5199] loop2: detected capacity change from 0 to 512
[  116.472579][ T5199] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  116.507613][ T5199] ext4 filesystem being mounted at /54/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  116.670867][ T5211] netlink: 'syz.1.295': attribute type 25 has an invalid length.
[  116.688828][ T5211] netlink: 184 bytes leftover after parsing attributes in process `syz.1.295'.
[  116.773769][ T4278] EXT4-fs (loop2): unmounting filesystem.
[  116.919607][ T4570] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  117.114906][ T4570] usb 5-1: config 0 has too many interfaces: 204, using maximum allowed: 32
[  117.136285][ T4570] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 204
[  117.173433][ T4570] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  117.190296][ T4570] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  117.212531][ T5220] sch_tbf: burst 4 is lower than device lo mtu (65550) !
[  117.224651][ T4570] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  117.250835][ T4570] usb 5-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00
[  117.269234][ T4570] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.291438][ T4570] usb 5-1: config 0 descriptor??
[  117.716361][ T4570] input: HID 28bd:0909 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:28BD:0909.0004/input/input9
[  117.779547][ T5123] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  117.828924][ T4570] uclogic 0003:28BD:0909.0004: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0909] on usb-dummy_hcd.4-1/input0
[  117.972316][ T5123] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  117.990264][ T5123] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  118.030330][ T5123] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  118.050755][ T5123] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.083445][ T5123] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  118.107900][ T5123] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  118.136624][ T5123] usb 2-1: Product: syz
[  118.159603][ T5123] usb 2-1: Manufacturer: syz
[  118.181273][ T5122] usb 5-1: USB disconnect, device number 4
[  118.207003][ T5123] cdc_wdm 2-1:1.0: skipping garbage
[  118.220298][ T5123] cdc_wdm 2-1:1.0: skipping garbage
[  118.238936][ T5123] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  118.253855][ T5123] cdc_wdm 2-1:1.0: Unknown control protocol
[  118.353509][ T5233] loop3: detected capacity change from 0 to 32768
[  118.445806][ T5233] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  118.458444][ T5233] XFS (loop3): Mounting V5 Filesystem
[  118.574087][ T5233] XFS (loop3): Ending clean mount
[  118.587678][ T5233] XFS (loop3): Quotacheck needed: Please wait.
[  118.684818][ T5233] XFS (loop3): Quotacheck: Done.
[  118.886110][ T5250] loop4: detected capacity change from 0 to 256
[  118.898823][ T4283] XFS (loop3): Unmounting Filesystem
[  118.973344][ T5250] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  119.030004][ T5250] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  119.095967][ T5122] usb 2-1: USB disconnect, device number 5
[  119.708967][ T5262] loop3: detected capacity change from 0 to 164
[  119.760114][ T5262] Unable to read rock-ridge attributes
[  119.989309][ T5254] loop2: detected capacity change from 0 to 32768
[  120.004489][ T5268] loop0: detected capacity change from 0 to 256
[  120.037476][ T5268] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  120.065778][ T5268] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  120.085702][ T5268] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  120.157403][ T5254] XFS (loop2): Mounting V5 Filesystem
[  120.310031][ T5254] XFS (loop2): Ending clean mount
[  120.361233][ T5254] XFS (loop2): Quotacheck needed: Please wait.
[  120.435676][ T5254] XFS (loop2): Quotacheck: Done.
[  120.696385][ T5285] loop3: detected capacity change from 0 to 4096
[  120.846393][ T5293] loop0: detected capacity change from 0 to 64
[  120.902453][ T4278] XFS (loop2): Unmounting Filesystem
[  120.933776][   T26] audit: type=1800 audit(1769063786.325:7): pid=5293 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.326" name="file1" dev="loop0" ino=22 res=0 errno=0
[  120.943710][ T5293] hfs: request for non-existent node 131072 in B*Tree
[  120.978897][ T5293] hfs: request for non-existent node 131072 in B*Tree
[  121.416267][ T5301] loop4: detected capacity change from 0 to 8
[  121.584107][ T5301] SQUASHFS error: Failed to read block 0x2d7: -5
[  121.602086][ T5291] loop1: detected capacity change from 0 to 32768
[  121.619785][ T5301] SQUASHFS error: Unable to read metadata cache entry [2d5]
[  121.634178][ T5291] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.325 (5291)
[  121.688427][ T5291] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  121.721333][ T5291] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  121.757008][ T5291] BTRFS info (device loop1): using free space tree
[  121.876289][ T5291] BTRFS info (device loop1): enabling ssd optimizations
[  122.075115][ T4270] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  122.492358][ T5333] loop3: detected capacity change from 0 to 8192
[  122.557995][ T5333] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  122.579680][ T5333] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  122.660184][ T5333] REISERFS (device loop3): using ordered data mode
[  122.666781][ T5333] reiserfs: using flush barriers
[  122.681083][ T5333] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  122.698484][ T5333] REISERFS (device loop3): checking transaction log (loop3)
[  122.758622][ T5333] REISERFS (device loop3): Using r5 hash to sort names
[  122.805884][ T5333] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  122.891283][ T5333] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  123.124147][ T5305] loop0: detected capacity change from 0 to 32768
[  123.202210][ T5305] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  123.268816][ T5305] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  123.335453][ T5305] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  123.544624][ T5354] loop1: detected capacity change from 0 to 4096
[  123.550143][ T5305] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  123.700804][ T5354] ntfs: volume version 3.1.
[  123.709212][ T5341] loop2: detected capacity change from 0 to 32768
[  123.763103][ T5341] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.338 (5341)
[  123.819187][ T5354] ntfs: (device loop1): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set koi8-r.  You might want to try to use the mount option nls=utf8.
[  123.879284][ T5341] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  123.909717][   T22] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  123.926422][ T5341] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  123.971294][ T5341] BTRFS info (device loop2): using free space tree
[  124.016342][ T5354] ntfs: (device loop1): ntfs_filldir(): Skipping unrepresentable inode 0x4.
[  124.090663][   T22] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  124.110435][   T22] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  124.129936][   T22] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  124.156933][   T22] usb 4-1: config 0 interface 0 has no altsetting 0
[  124.165540][   T22] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  124.174979][   T22] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  124.186427][   T22] usb 4-1: config 0 interface 0 has no altsetting 0
[  124.199366][   T22] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  124.208991][   T22] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  124.220379][   T22] usb 4-1: config 0 interface 0 has no altsetting 0
[  124.228267][   T22] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  124.238834][   T22] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  124.250825][   T22] usb 4-1: config 0 interface 0 has no altsetting 0
[  124.258758][   T22] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  124.268191][   T22] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  124.300018][   T22] usb 4-1: config 0 interface 0 has no altsetting 0
[  124.319996][ T5341] BTRFS info (device loop2): enabling ssd optimizations
[  124.361741][   T22] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  124.437336][   T22] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  124.499638][   T22] usb 4-1: config 0 interface 0 has no altsetting 0
[  124.534893][   T22] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  124.563678][   T22] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  124.577776][ T4278] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  124.605096][ T5350] loop4: detected capacity change from 0 to 40427
[  124.614161][   T22] usb 4-1: config 0 interface 0 has no altsetting 0
[  124.634041][ T5379] loop1: detected capacity change from 0 to 128
[  124.647049][ T5350] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  124.693429][   T22] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  124.719622][ T5350] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  124.731714][   T22] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  124.761843][ T5350] F2FS-fs (loop4): invalid crc value
[  124.768176][   T22] usb 4-1: config 0 interface 0 has no altsetting 0
[  124.779966][   T22] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  124.789224][   T22] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  124.797756][   T22] usb 4-1: Product: syz
[  124.802195][   T22] usb 4-1: Manufacturer: syz
[  124.807027][   T22] usb 4-1: SerialNumber: syz
[  124.809040][ T5379] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  124.820812][   T22] usb 4-1: config 0 descriptor??
[  124.874850][   T22] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  124.899786][ T5350] F2FS-fs (loop4): Found nat_bits in checkpoint
[  124.914982][ T5379] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.070387][ T5379] fscrypt (loop1, inode 12): Direct key flag not allowed with different contents and filenames modes
[  125.196667][    C1] usb 4-1: yurex_control_callback - control failed: -71
[  125.199176][ T5118] usb 4-1: USB disconnect, device number 5
[  125.251355][ T5350] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  125.258487][ T5350] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  125.273248][ T5118] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  125.328431][ T4270] EXT4-fs (loop1): unmounting filesystem.
[  125.899055][ T5401] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  125.920742][ T5406] netlink: 16 bytes leftover after parsing attributes in process `syz.0.356'.
[  126.474880][ T5420] loop0: detected capacity change from 0 to 256
[  126.509741][ T5123] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  126.546130][ T5420] FAT-fs (loop0): Directory bread(block 64) failed
[  126.583464][ T5404] loop2: detected capacity change from 0 to 32768
[  126.587249][ T5420] FAT-fs (loop0): Directory bread(block 65) failed
[  126.596702][ T5420] FAT-fs (loop0): Directory bread(block 66) failed
[  126.605343][ T5422] loop3: detected capacity change from 0 to 2048
[  126.641506][ T5420] FAT-fs (loop0): Directory bread(block 67) failed
[  126.666960][ T5420] FAT-fs (loop0): Directory bread(block 68) failed
[  126.687205][ T5424] netlink: 132 bytes leftover after parsing attributes in process `syz.1.365'.
[  126.710452][ T5123] usb 5-1: Using ep0 maxpacket: 32
[  126.716373][ T5422] NILFS (loop3): invalid segment: Inconsistency found
[  126.719945][ T5123] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  126.734448][ T5420] FAT-fs (loop0): Directory bread(block 69) failed
[  126.754541][ T5420] FAT-fs (loop0): Directory bread(block 70) failed
[  126.761669][ T5123] usb 5-1: config 0 has no interface number 0
[  126.769844][ T5422] NILFS (loop3): trying rollback from an earlier position
[  126.781823][ T5420] FAT-fs (loop0): Directory bread(block 71) failed
[  126.802364][ T5123] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  126.828381][ T5420] FAT-fs (loop0): Directory bread(block 72) failed
[  126.835211][ T5420] FAT-fs (loop0): Directory bread(block 73) failed
[  126.842402][ T5123] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.908355][ T5123] usb 5-1: Product: syz
[  126.923155][ T5123] usb 5-1: Manufacturer: syz
[  126.927836][ T5123] usb 5-1: SerialNumber: syz
[  126.949013][ T5422] NILFS (loop3): recovery complete
[  126.996959][ T5123] usb 5-1: config 0 descriptor??
[  127.019614][ T5426] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  127.062497][ T5123] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  127.097706][ T5428] loop1: detected capacity change from 0 to 128
[  127.156392][ T5428] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  127.217047][ T5428] hpfs: filesystem error: improperly stopped
[  127.242086][ T5428] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  127.268819][ T5123] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  127.304133][ T5428] hpfs: You really don't want any checks? You are crazy...
[  127.344485][ T5123] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  127.360030][ T5428] hpfs: hpfs_map_sector(): read error
[  127.365514][ T5428] hpfs: code page support is disabled
[  127.380927][ T5428] hpfs: hpfs_map_4sectors(): unaligned read
[  127.387084][ T5428] hpfs: hpfs_map_4sectors(): unaligned read
[  127.467684][ T5428] hpfs: filesystem error: unable to find root dir
[  127.478740][    C0] quatech-serial ttyUSB0: qt2_process_read_urb - status message too short
[  127.679873][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  127.697843][ T5122] usb 5-1: USB disconnect, device number 5
[  127.755838][ T5122] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  127.832106][ T5122] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  127.838007][ T5438] loop2: detected capacity change from 0 to 64
[  127.920386][ T5122] quatech2 5-1:0.51: device disconnected
[  127.938656][ T5442] netlink: 36 bytes leftover after parsing attributes in process `syz.3.370'.
[  128.411682][ T5459] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.379'.
[  128.429620][ T5459] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.379'.
[  128.439339][ T5456] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.379'.
[  128.462297][ T5459] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.379'.
[  128.544451][ T5466] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  128.544451][ T5466] The task syz.4.378 (5466) triggered the difference, watch for misbehavior.
[  128.599674][ T4342] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  128.718068][ T5472] netlink: 16 bytes leftover after parsing attributes in process `syz.2.384'.
[  128.759699][ T4566] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  128.798188][ T5474] netlink: 12 bytes leftover after parsing attributes in process `syz.2.385'.
[  128.804843][ T4342] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  128.817774][ T4342] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  128.827338][ T4342] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  128.838308][ T4342] usb 2-1: config 220 has no interface number 2
[  128.845036][ T4342] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  128.859586][ T4342] usb 2-1: config 220 interface 0 has no altsetting 0
[  128.866665][ T4342] usb 2-1: config 220 interface 76 has no altsetting 0
[  128.874013][ T4342] usb 2-1: config 220 interface 1 has no altsetting 0
[  128.886270][ T4342] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  128.897044][ T4342] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.921615][ T4342] usb 2-1: Product: syz
[  128.926000][ T4342] usb 2-1: Manufacturer: syz
[  128.933195][ T4342] usb 2-1: SerialNumber: syz
[  128.961944][ T4566] usb 4-1: config 0 has an invalid interface number: 255 but max is 0
[  128.973630][ T4566] usb 4-1: config 0 has no interface number 0
[  128.979935][ T4566] usb 4-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  128.995754][ T4566] usb 4-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  129.010249][ T4566] usb 4-1: config 0 interface 255 has no altsetting 0
[  129.017158][ T4566] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  129.026573][ T4566] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.038145][ T4566] usb 4-1: config 0 descriptor??
[  129.050324][ T4566] ums-realtek 4-1:0.255: USB Mass Storage device detected
[  129.166806][ T4342] usb 2-1: Found UVC 7.01 device syz (8086:0b07)
[  129.183728][ T4342] usb 2-1: No valid video chain found.
[  129.193866][ T4342] usb 2-1: selecting invalid altsetting 0
[  129.241546][ T4342] usb 2-1: selecting invalid altsetting 0
[  129.247444][ T4342] usbtest: probe of 2-1:220.1 failed with error -22
[  129.292075][ T2166] usb 4-1: USB disconnect, device number 6
[  129.309814][ T4342] usb 2-1: USB disconnect, device number 6
[  129.752765][ T5486] loop2: detected capacity change from 0 to 32768
[  129.779092][ T5486] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by syz.2.389 (5486)
[  129.855744][ T5486] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  129.877621][ T5486] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  129.889909][ T5488] loop4: detected capacity change from 0 to 32768
[  129.949573][ T5486] BTRFS info (device loop2): using free space tree
[  130.156594][ T5486] BTRFS info (device loop2): enabling ssd optimizations
[  130.413199][ T5514] tipc: Started in network mode
[  130.459622][ T5514] tipc: Node identity ac14140f, cluster identity 4711
[  130.469028][ T5514] tipc: New replicast peer: 172.20.20.42
[  130.505683][ T5514] tipc: Enabled bearer <udp:syz2>, priority 10
[  130.608716][ T4278] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  130.860992][ T5521] loop3: detected capacity change from 0 to 256
[  130.890755][ T5498] loop1: detected capacity change from 0 to 32768
[  130.907804][ T5521] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  130.936507][ T5498] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.394 (5498)
[  130.954703][ T5521] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  131.005679][ T5521] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  131.034978][ T5498] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  131.061167][ T5498] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  131.087592][ T5498] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  131.127000][ T5498] BTRFS info (device loop1): use zstd compression, level 3
[  131.150656][ T5498] BTRFS info (device loop1): using free space tree
[  131.268255][ T5498] BTRFS info (device loop1): enabling ssd optimizations
[  131.377890][ T4270] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  131.671421][ T5337] tipc: Node number set to 2886997007
[  131.909531][ T5123] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  131.924338][ T5554] loop0: detected capacity change from 0 to 256
[  132.109716][ T5123] usb 4-1: Using ep0 maxpacket: 16
[  132.117552][ T5123] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  132.165402][ T5123] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  132.206191][ T5123] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  132.235786][ T5123] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  132.255970][ T5123] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  132.295614][ T5123] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  132.321164][ T5123] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  132.339614][ T5123] usb 4-1: Manufacturer: syz
[  132.380351][ T5123] usb 4-1: config 0 descriptor??
[  132.683236][ T5575] netlink: 48 bytes leftover after parsing attributes in process `syz.1.413'.
[  132.713473][ T5571] loop0: detected capacity change from 0 to 8192
[  132.783434][ T5571] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  132.817317][ T5571] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  132.826671][ T5123] rc_core: IR keymap rc-hauppauge not found
[  132.836079][ T5123] Registered IR keymap rc-empty
[  132.846025][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  132.846103][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  132.899895][ T5571] REISERFS (device loop0): using ordered data mode
[  132.906481][ T5571] reiserfs: using flush barriers
[  132.915406][ T5571] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  132.932664][ T5123] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  132.959812][ T5560] loop4: detected capacity change from 0 to 32768
[  132.975664][ T5578] sctp: [Deprecated]: syz.1.414 (pid 5578) Use of struct sctp_assoc_value in delayed_ack socket option.
[  132.975664][ T5578] Use struct sctp_sack_info instead
[  132.993601][ T5560] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz.4.406 (5560)
[  133.007553][ T5571] REISERFS (device loop0): checking transaction log (loop0)
[  133.010296][ T5123] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  133.036394][ T5571] REISERFS (device loop0): Using r5 hash to sort names
[  133.060846][ T5123] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  133.080930][ T5560] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  133.099702][ T5123] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input10
[  133.104403][ T5571] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  133.127056][ T5560] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  133.147465][ T5560] BTRFS info (device loop4): turning on sync discard
[  133.163083][ T5560] BTRFS info (device loop4): turning on async discard
[  133.204960][ T5123] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  133.215784][ T5560] BTRFS info (device loop4): using free space tree
[  133.259679][ T5123] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  133.339537][ T5123] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  133.379689][ T5123] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  133.413595][ T5123] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  133.488962][ T5123] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  133.512128][ T5560] BTRFS info (device loop4): enabling ssd optimizations
[  133.532537][ T5123] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  133.589547][ T5123] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  133.629764][ T5123] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  133.659694][ T5123] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  133.710491][ T5123] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  133.741377][ T5123] mceusb 4-1:0.0: Registered  with mce emulator interface version 1
[  133.761363][ T4277] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  133.792919][ T5123] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  133.850798][ T5123] usb 4-1: USB disconnect, device number 7
[  134.043109][ T5572] loop2: detected capacity change from 0 to 40427
[  134.091255][ T5572] F2FS-fs (loop2): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  134.142365][ T5572] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  134.192809][ T5572] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x35f7
[  134.234957][ T5572] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x3ffff
[  134.299321][ T5572] F2FS-fs (loop2): invalid crc value
[  134.399657][ T5572] F2FS-fs (loop2): Found nat_bits in checkpoint
[  134.471166][ T5612] loop0: detected capacity change from 0 to 128
[  134.616542][ T5585] loop1: detected capacity change from 0 to 32768
[  134.628294][ T5572] F2FS-fs (loop2): Start checkpoint disabled!
[  134.649293][ T5612] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  134.668929][ T5616] loop4: detected capacity change from 0 to 256
[  134.706030][ T5612] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.735857][ T5616] FAT-fs (loop4): Directory bread(block 64) failed
[  134.742718][ T5616] FAT-fs (loop4): Directory bread(block 65) failed
[  134.752660][ T5616] FAT-fs (loop4): Directory bread(block 66) failed
[  134.759219][ T5616] FAT-fs (loop4): Directory bread(block 67) failed
[  134.810033][ T5572] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  134.817165][ T5572] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  134.820303][ T5616] FAT-fs (loop4): Directory bread(block 68) failed
[  134.838425][ T5612] fscrypt (loop0, inode 12): Direct key flag not allowed with different contents and filenames modes
[  134.871353][ T5624] netlink: 27 bytes leftover after parsing attributes in process `syz.3.421'.
[  134.899472][ T5616] FAT-fs (loop4): Directory bread(block 69) failed
[  134.916679][ T5585] XFS (loop1): Mounting V5 Filesystem
[  135.024269][ T5616] FAT-fs (loop4): Directory bread(block 70) failed
[  135.049530][ T5585] XFS (loop1): Ending clean mount
[  135.083077][ T5616] FAT-fs (loop4): Directory bread(block 71) failed
[  135.148174][ T5572] syz.2.412: attempt to access beyond end of device
[  135.148174][ T5572] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  135.149801][ T5616] FAT-fs (loop4): Directory bread(block 72) failed
[  135.173927][ T4272] EXT4-fs (loop0): unmounting filesystem.
[  135.213721][ T5616] FAT-fs (loop4): Directory bread(block 73) failed
[  135.372074][ T4270] XFS (loop1): Unmounting Filesystem
[  135.560764][   T30] kworker/u4:2: attempt to access beyond end of device
[  135.560764][   T30] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  135.726435][ T5635] netlink: 68 bytes leftover after parsing attributes in process `syz.0.428'.
[  136.262533][ T5652] loop2: detected capacity change from 0 to 1024
[  136.313236][ T5652] hfsplus: invalid file type 0113366 for inode 2
[  136.357439][ T5652] hfsplus: failed to load root directory
[  136.742858][ T5662] loop2: detected capacity change from 0 to 256
[  136.833845][ T5662] FAT-fs (loop2): Directory bread(block 64) failed
[  136.885797][ T5662] FAT-fs (loop2): Directory bread(block 65) failed
[  136.906058][ T5662] FAT-fs (loop2): Directory bread(block 66) failed
[  136.926215][ T5662] FAT-fs (loop2): Directory bread(block 67) failed
[  136.945694][ T5662] FAT-fs (loop2): Directory bread(block 68) failed
[  136.989960][ T5662] FAT-fs (loop2): Directory bread(block 69) failed
[  137.031256][ T5662] FAT-fs (loop2): Directory bread(block 70) failed
[  137.089194][ T5662] FAT-fs (loop2): Directory bread(block 71) failed
[  137.124552][ T5662] FAT-fs (loop2): Directory bread(block 72) failed
[  137.143692][ T5662] FAT-fs (loop2): Directory bread(block 73) failed
[  138.146143][ T5695] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  138.157831][ T2166] kernel write not supported for file /200/gid_map (pid: 2166 comm: kworker/1:3)
[  138.453003][ T5704] loop2: detected capacity change from 0 to 128
[  138.497762][ T5704] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  138.539145][ T5704] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  138.556951][ T5684] loop3: detected capacity change from 0 to 32768
[  138.613544][ T5684] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.444 (5684)
[  138.710429][ T5684] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  138.776739][ T5684] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  138.828311][ T5684] BTRFS info (device loop3): using free space tree
[  138.858066][ T2903] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  138.944559][ T5718] device erspan0 entered promiscuous mode
[  139.137326][ T5684] BTRFS info (device loop3): enabling ssd optimizations
[  139.320386][ T5118] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  139.369207][ T4283] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  139.519772][ T5118] usb 3-1: Using ep0 maxpacket: 32
[  139.528168][ T5118] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  139.577912][ T5118] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  139.622114][ T5118] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  139.679080][ T5118] usb 3-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  139.724205][ T5118] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  139.765390][ T5118] usb 3-1: Product: syz
[  139.784552][ T5118] usb 3-1: Manufacturer: syz
[  139.805911][ T5118] usb 3-1: SerialNumber: syz
[  139.835590][ T5702] loop0: detected capacity change from 0 to 32768
[  139.867582][ T5727] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  139.914707][ T5118] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input11
[  139.967012][   T26] audit: type=1800 audit(1769063805.355:8): pid=5702 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.450" name="file1" dev="loop0" ino=7 res=0 errno=0
[  140.291311][ T4563] usb 3-1: USB disconnect, device number 4
[  140.291519][    C0] appletouch 3-1:1.0: atp_complete: usb_submit_urb failed with result -19
[  140.393727][ T4563] appletouch 3-1:1.0: input: appletouch disconnected
[  141.089701][ T5764] Zero length message leads to an empty skb
[  141.475303][ T5769] loop2: detected capacity change from 0 to 512
[  142.079001][ T5758] loop0: detected capacity change from 0 to 32768
[  142.244640][ T5758] XFS (loop0): Mounting V5 Filesystem
[  142.302253][ T5784] loop4: detected capacity change from 0 to 2048
[  142.330436][ T5784] NILFS (loop4): invalid segment: Inconsistency found
[  142.337298][ T5784] NILFS (loop4): trying rollback from an earlier position
[  142.505521][ T5784] NILFS (loop4): recovery complete
[  142.511020][ T5773] loop2: detected capacity change from 0 to 40427
[  142.517752][ T5758] XFS (loop0): Ending clean mount
[  142.629783][ T5788] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  142.658905][ T5773] F2FS-fs (loop2): Found nat_bits in checkpoint
[  142.737824][ T4272] XFS (loop0): Unmounting Filesystem
[  142.879786][ T5773] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  143.505714][ T5777] loop3: detected capacity change from 0 to 40427
[  143.566546][ T5777] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x3ffff
[  143.604431][ T5777] F2FS-fs (loop3): invalid crc value
[  143.637203][ T5777] F2FS-fs (loop3): Found nat_bits in checkpoint
[  143.655790][ T5807] process 'syz.1.479' launched '/dev/fd/3' with NULL argv: empty string added
[  143.792743][ T5777] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  144.055642][ T4283] syz-executor: attempt to access beyond end of device
[  144.055642][ T4283] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  144.094248][ T5816] loop1: detected capacity change from 0 to 2048
[  144.141380][ T5816] UDF-fs: bad mount option "vL‘Ëolume=000000000063" or missing value
[  144.542237][ T5827] netlink: 'syz.2.488': attribute type 1 has an invalid length.
[  144.675086][ T5803] loop4: detected capacity change from 0 to 32768
[  144.747230][ T5803] XFS (loop4): Mounting V5 Filesystem
[  144.873251][ T5803] XFS (loop4): Ending clean mount
[  145.028374][ T4277] XFS (loop4): Unmounting Filesystem
[  145.268581][ T5844] loop3: detected capacity change from 0 to 1024
[  145.305533][ T5844] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  145.360691][ T5844] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  145.440001][ T5844] EXT4-fs error (device loop3): ext4_get_journal_inode:5756: inode #32: comm syz.3.484: iget: special inode unallocated
[  145.458822][ T5828] loop0: detected capacity change from 0 to 32768
[  145.501157][ T5844] EXT4-fs (loop3): no journal found
[  145.507272][ T5844] EXT4-fs (loop3): can't get journal size
[  145.560776][ T5844] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  145.568890][ T5844] EXT4-fs error (device loop3): ext4_protect_reserved_inode:160: inode #32: comm syz.3.484: iget: special inode unallocated
[  145.622028][ T5844] EXT4-fs (loop3): failed to initialize system zone (-117)
[  145.654640][ T5828] XFS (loop0): Mounting V5 Filesystem
[  145.669632][ T5844] EXT4-fs (loop3): mount failed
[  145.872698][ T5828] XFS (loop0): Ending clean mount
[  145.912857][ T5828] XFS (loop0): Quotacheck needed: Please wait.
[  146.055213][ T5828] XFS (loop0): Quotacheck: Done.
[  146.209530][ T4563] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  146.308024][ T4272] XFS (loop0): Unmounting Filesystem
[  146.440475][ T4563] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  146.463641][ T4563] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  146.492355][ T4563] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  146.531991][ T4563] usb 2-1: config 0 interface 0 has no altsetting 0
[  146.561245][ T4563] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  146.579578][ T4563] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  146.599480][ T4563] usb 2-1: config 0 interface 0 has no altsetting 0
[  146.631036][ T4563] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  146.655921][ T4563] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  146.693962][ T4563] usb 2-1: config 0 interface 0 has no altsetting 0
[  146.716200][ T4563] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  146.757214][ T4563] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  146.784951][ T4563] usb 2-1: config 0 interface 0 has no altsetting 0
[  146.830809][ T4563] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  146.855654][ T4563] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  146.886083][ T4563] usb 2-1: config 0 interface 0 has no altsetting 0
[  146.902913][ T4563] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  146.924666][ T4563] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  146.959723][ T4563] usb 2-1: config 0 interface 0 has no altsetting 0
[  146.978472][ T4563] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  146.997989][ T4563] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  147.071279][ T4563] usb 2-1: config 0 interface 0 has no altsetting 0
[  147.079213][ T4563] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  147.106240][ T4563] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  147.153416][ T4563] usb 2-1: config 0 interface 0 has no altsetting 0
[  147.176266][ T4563] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  147.198897][ T4563] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  147.219112][ T4563] usb 2-1: Product: syz
[  147.223699][ T4563] usb 2-1: Manufacturer: syz
[  147.228366][ T4563] usb 2-1: SerialNumber: syz
[  147.245384][ T4563] usb 2-1: config 0 descriptor??
[  147.279830][ T5895] loop4: detected capacity change from 0 to 2048
[  147.300648][ T4563] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[  147.439184][ T5895] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  147.485034][ T5904] binder: 5903:5904 ioctl c00c620f 0 returned -14
[  147.611563][    C1] usb 2-1: yurex_control_callback - control failed: -71
[  147.617576][ T5118] usb 2-1: USB disconnect, device number 7
[  147.638268][ T5118] yurex 2-1:0.0: USB YUREX #0 now disconnected
[  147.842247][ T5914] netlink: 36 bytes leftover after parsing attributes in process `syz.0.513'.
[  147.858187][ T5914] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.867109][ T5914] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.890526][ T4277] EXT4-fs (loop4): unmounting filesystem.
[  148.142038][ T5920] loop0: Can't mount, would change RO state
[  148.611880][ T5926] loop1: detected capacity change from 0 to 256
[  148.670453][ T5926] exfat: Deprecated parameter 'namecase'
[  148.702657][ T5926] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  148.756928][ T5926] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  148.834878][ T5928] Bluetooth: MGMT ver 1.22
[  148.895721][ T5916] loop2: detected capacity change from 0 to 32768
[  148.954975][ T5916] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.515 (5916)
[  149.077117][ T5916] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  149.106828][ T5916] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  149.169626][ T5916] BTRFS info (device loop2): using free space tree
[  149.206598][ T5918] loop4: detected capacity change from 0 to 32768
[  149.249608][ T5934] netlink: 4 bytes leftover after parsing attributes in process `syz.1.522'.
[  149.395864][ T5922] loop0: detected capacity change from 0 to 32768
[  149.469922][ T5918] XFS (loop4): Mounting V5 Filesystem
[  149.538583][ T5916] BTRFS info (device loop2): enabling ssd optimizations
[  149.572136][ T5961] loop3: detected capacity change from 0 to 256
[  149.747300][ T5918] XFS (loop4): Ending clean mount
[  149.816939][ T5918] XFS (loop4): Quotacheck needed: Please wait.
[  149.951074][ T5918] XFS (loop4): Quotacheck: Done.
[  150.040193][ T4278] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  150.591619][ T4277] XFS (loop4): Unmounting Filesystem
[  150.908760][ T5974] netlink: 44 bytes leftover after parsing attributes in process `syz.0.530'.
[  151.473707][ T5984] loop4: detected capacity change from 0 to 1024
[  151.722640][ T4364] hfsplus: b-tree write err: -5, ino 4
[  151.867833][ T5970] loop2: detected capacity change from 0 to 32768
[  151.876397][ T5990] netlink: 20 bytes leftover after parsing attributes in process `syz.0.536'.
[  152.011237][ T5970] XFS (loop2): Mounting V5 Filesystem
[  152.101386][ T5970] XFS (loop2): Ending clean mount
[  152.225575][ T5988] loop1: detected capacity change from 0 to 32768
[  152.346433][ T4278] XFS (loop2): Unmounting Filesystem
[  152.431621][ T5976] loop3: detected capacity change from 0 to 40427
[  152.502641][ T5976] F2FS-fs (loop3): invalid crc value
[  152.509088][ T5988] XFS (loop1): Mounting V5 Filesystem
[  152.538187][ T5976] F2FS-fs (loop3): Found nat_bits in checkpoint
[  152.740082][ T5988] XFS (loop1): Ending clean mount
[  152.769269][ T5988] XFS (loop1): Quotacheck needed: Please wait.
[  152.780992][ T5976] F2FS-fs (loop3): Start checkpoint disabled!
[  152.828019][ T5976] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  152.913734][ T5988] XFS (loop1): Quotacheck: Done.
[  153.142430][ T4270] XFS (loop1): Unmounting Filesystem
[  153.270356][   T46] kworker/u4:3: attempt to access beyond end of device
[  153.270356][   T46] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  153.473079][ T6002] loop4: detected capacity change from 0 to 32768
[  153.558655][ T6004] F2FS-fs (loop0): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  153.602543][ T6002] XFS (loop4): Mounting V5 Filesystem
[  153.629478][ T6004] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  153.638402][ T6004] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x35f7
[  153.706543][ T6004] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3ffff
[  153.796733][ T6004] F2FS-fs (loop0): invalid crc value
[  153.811341][ T6002] XFS (loop4): Ending clean mount
[  153.832771][ T6004] F2FS-fs (loop0): Found nat_bits in checkpoint
[  153.846176][ T6002] XFS (loop4): Quotacheck needed: Please wait.
[  153.996139][ T6002] XFS (loop4): Quotacheck: Done.
[  154.017499][ T6004] F2FS-fs (loop0): Start checkpoint disabled!
[  154.079872][ T6004] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  154.097504][ T6004] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  154.119295][ T6028] set_capacity_and_notify: 1 callbacks suppressed
[  154.119311][ T6028] loop1: detected capacity change from 0 to 2048
[  154.207510][ T6028] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  154.299624][ T6004] syz.0.537: attempt to access beyond end of device
[  154.299624][ T6004] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  154.334456][ T6032] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  154.622191][ T4277] XFS (loop4): Unmounting Filesystem
[  154.697002][   T11] kworker/u4:1: attempt to access beyond end of device
[  154.697002][   T11] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  154.949606][ T4563] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  155.152068][ T4563] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  155.194254][ T4563] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.229247][ T4563] usb 2-1: config 0 descriptor??
[  155.254426][ T4563] cp210x 2-1:0.0: cp210x converter detected
[  155.554749][ T6043] loop2: detected capacity change from 0 to 32768
[  155.609861][ T6043] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.549 (6043)
[  155.660091][ T6043] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  155.699529][ T6043] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  155.708317][ T6043] BTRFS info (device loop2): setting nodatacow, compression disabled
[  155.790278][ T6043] BTRFS info (device loop2): enabling auto defrag
[  155.796844][ T6043] BTRFS info (device loop2): max_inline at 0
[  155.845488][ T6043] BTRFS info (device loop2): using free space tree
[  155.857654][ T4563] cp210x 2-1:0.0: failed to get vendor val 0x000e size 678: -71
[  155.868616][ T4563] cp210x 2-1:0.0: GPIO initialisation failed: -71
[  155.908702][ T4563] usb 2-1: cp210x converter now attached to ttyUSB0
[  155.937536][ T4563] usb 2-1: USB disconnect, device number 8
[  155.953013][ T4563] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  155.964147][ T4563] cp210x 2-1:0.0: device disconnected
[  156.159198][ T6069] loop3: detected capacity change from 0 to 1024
[  156.170957][ T6069] EXT4-fs: Ignoring removed orlov option
[  156.258727][ T6069] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  156.369505][   T26] audit: type=1800 audit(1769063821.755:9): pid=6086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.549" name="file2" dev="loop2" ino=261 res=0 errno=0
[  156.686120][ T6092] loop1: detected capacity change from 0 to 1024
[  156.724155][ T4283] EXT4-fs (loop3): unmounting filesystem.
[  156.824775][ T6092] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  156.878533][ T4278] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  156.931813][ T6100] loop0: detected capacity change from 0 to 256
[  156.940149][ T6092] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.989560][ T6100] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  157.049461][ T6100] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  157.138957][ T6092] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: comm syz.1.560: lblock 0 mapped to illegal pblock 0 (length 6)
[  157.228232][ T6100] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  157.748812][ T6094] loop4: detected capacity change from 0 to 32768
[  157.817574][ T4356] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: comm kworker/u4:6: lblock 0 mapped to illegal pblock 0 (length 1)
[  157.887593][ T4356] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  157.896916][   T26] audit: type=1800 audit(1769063823.275:10): pid=6094 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.561" name="file1" dev="loop4" ino=0 res=0 errno=0
[  157.933572][ T6112] loop0: detected capacity change from 0 to 256
[  157.956532][ T4356] EXT4-fs (loop1): This should not happen!! Data will be lost
[  157.956532][ T4356] 
[  158.032305][ T4270] EXT4-fs (loop1): unmounting filesystem.
[  158.223433][ T6116] loop1: detected capacity change from 0 to 128
[  158.306713][ T6116] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  158.361077][ T6116] hpfs: filesystem error: improperly stopped
[  158.367156][ T6116] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  158.407580][ T6116] hpfs: You really don't want any checks? You are crazy...
[  158.419598][    T7] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  158.455013][ T6116] hpfs: hpfs_map_sector(): read error
[  158.460826][ T6116] hpfs: code page support is disabled
[  158.466347][ T6116] hpfs: hpfs_map_4sectors(): unaligned read
[  158.472765][ T6116] hpfs: hpfs_map_4sectors(): unaligned read
[  158.478711][ T6116] hpfs: filesystem error: unable to find root dir
[  158.548153][ T6116] hpfs: filesystem error: invalid bitmap block pointer 00000000 -> 7b3184b5 at trim
[  158.632305][    T7] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  158.664024][    T7] usb 4-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  158.688817][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.760740][    T7] gspca_main: stv0680-2.14.0 probing 041e:4007
[  158.869210][ T6128] netlink: 24 bytes leftover after parsing attributes in process `syz.1.575'.
[  158.977829][ T6130] loop0: detected capacity change from 0 to 64
[  159.442660][ T6148] netlink: 12 bytes leftover after parsing attributes in process `syz.1.583'.
[  159.459640][ T6148] netlink: 58 bytes leftover after parsing attributes in process `syz.1.583'.
[  159.706073][ T6143] loop0: detected capacity change from 0 to 32768
[  159.729298][ T6143] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.581 (6143)
[  159.775866][ T6143] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  159.817616][ T6143] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  159.838119][ T6143] BTRFS info (device loop0): using free space tree
[  159.872907][ T6145] loop2: detected capacity change from 0 to 32768
[  159.896640][    T7] stv0680 4-1:4.0: Could not get descriptor 0200
[  159.994167][ T6145] XFS (loop2): Mounting V5 Filesystem
[  160.099211][    T7] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  160.121008][    T7] stv0680 4-1:4.0: last error: 34,  command = 0x4
[  160.138571][    T7] usb 4-1: USB disconnect, device number 8
[  160.152206][ T6145] XFS (loop2): Ending clean mount
[  160.165152][ T6143] BTRFS info (device loop0): enabling ssd optimizations
[  160.173174][ T6145] XFS (loop2): Quotacheck needed: Please wait.
[  160.284070][ T6145] XFS (loop2): Quotacheck: Done.
[  160.560373][ T4278] XFS (loop2): Unmounting Filesystem
[  160.580211][ T4272] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  160.886855][ T6188] loop3: detected capacity change from 0 to 2048
[  160.983900][ T6177] loop1: detected capacity change from 0 to 32768
[  160.993926][ T6188] EXT4-fs: Ignoring removed mblk_io_submit option
[  161.031626][ T6177] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop1 scanned by syz.1.587 (6177)
[  161.098585][ T6177] BTRFS info (device loop1): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  161.109843][ T6177] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  161.118637][ T6177] BTRFS info (device loop1): using free space tree
[  161.141212][ T6188] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  161.186170][ T6188] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.591: bg 0: block 234: padding at end of block bitmap is not set
[  161.226835][ T6186] loop4: detected capacity change from 0 to 32768
[  161.326512][ T6188] EXT4-fs (loop3): Remounting filesystem read-only
[  161.347387][ T6200] loop0: detected capacity change from 0 to 2048
[  161.443404][ T6200] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  161.550417][ T4283] EXT4-fs (loop3): unmounting filesystem.
[  161.581529][ T6177] BTRFS info (device loop1): enabling ssd optimizations
[  161.861816][ T4270] BTRFS info (device loop1): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  162.003939][   T14] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  162.028337][ T6222] loop4: detected capacity change from 0 to 256
[  162.231857][   T14] usb 4-1: Using ep0 maxpacket: 16
[  162.242642][   T14] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  162.261786][   T14] usb 4-1: config 0 interface 0 has no altsetting 0
[  162.284678][   T14] usb 4-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  162.304934][   T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.350110][   T14] usb 4-1: config 0 descriptor??
[  162.409207][ T4272] EXT4-fs (loop0): unmounting filesystem.
[  162.646308][ T6232] loop0: detected capacity change from 0 to 512
[  162.695935][ T6232] EXT4-fs: Ignoring removed i_version option
[  162.757555][ T6232] EXT4-fs: Mount option(s) incompatible with ext3
[  162.808863][   T14] nzxt-smart2 0003:1E71:2009.0005: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.3-1/input0
[  163.274683][ T4757] usb 4-1: USB disconnect, device number 9
[  163.329501][ T4564] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  163.471766][ T6235] loop1: detected capacity change from 0 to 32768
[  163.536212][ T4564] usb 5-1: Using ep0 maxpacket: 16
[  163.541576][ T6226] loop2: detected capacity change from 0 to 40427
[  163.549162][ T6235] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.600 (6235)
[  163.563016][ T4564] usb 5-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[  163.579984][ T4564] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.592978][ T6226] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  163.598848][ T4564] usb 5-1: Product: syz
[  163.608934][ T4564] usb 5-1: Manufacturer: syz
[  163.616936][ T6226] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  163.626417][ T4564] usb 5-1: SerialNumber: syz
[  163.645151][ T6235] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  163.658223][ T6235] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  163.670557][ T6235] BTRFS info (device loop1): using free space tree
[  163.691420][ T6226] F2FS-fs (loop2): invalid crc value
[  163.721888][ T6226] F2FS-fs (loop2): Found nat_bits in checkpoint
[  163.901507][ T4564] usb 5-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state
[  163.921784][ T4564] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  163.932701][ T4564] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0)
[  163.964549][ T4564] usb 5-1: media controller created
[  163.971514][ T6226] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  163.986269][ T6226] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  163.998602][ T4564] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  164.039871][ T6235] BTRFS info (device loop1): enabling ssd optimizations
[  164.126032][ T6263] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  164.217426][ T6263] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  164.281500][ T4564] zl10353_read_register: readreg error (reg=127, ret==-110)
[  164.403346][ T4564] dvb_usb_gl861: probe of 5-1:157.0 failed with error -5
[  164.507525][ T4564] usb 5-1: USB disconnect, device number 6
[  164.747820][ T4270] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  165.180726][   T26] audit: type=1326 audit(1769063830.575:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51db99acb9 code=0x7ffc0000
[  165.243650][ T6273] mmap: syz.0.608 (6273) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  165.282074][   T26] audit: type=1326 audit(1769063830.615:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51db99acb9 code=0x7ffc0000
[  165.377629][   T26] audit: type=1326 audit(1769063830.615:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51db99acb9 code=0x7ffc0000
[  165.445810][   T26] audit: type=1326 audit(1769063830.615:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f51db99acb9 code=0x7ffc0000
[  165.567129][   T26] audit: type=1326 audit(1769063830.615:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51db99acb9 code=0x7ffc0000
[  165.657110][   T26] audit: type=1326 audit(1769063830.615:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51db99acb9 code=0x7ffc0000
[  165.691757][ T6280] set_capacity_and_notify: 1 callbacks suppressed
[  165.691774][ T6280] loop4: detected capacity change from 0 to 8192
[  165.724876][ T6286] loop3: detected capacity change from 0 to 2048
[  165.746116][   T26] audit: type=1326 audit(1769063830.615:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51db99acb9 code=0x7ffc0000
[  165.795056][ T6283] loop0: detected capacity change from 0 to 4096
[  165.857288][   T26] audit: type=1326 audit(1769063830.615:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51db99acb9 code=0x7ffc0000
[  165.893050][ T6286] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  165.929772][ T6286] UDF-fs: Scanning with blocksize 512 failed
[  165.975924][ T6283] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  166.000552][   T26] audit: type=1326 audit(1769063830.635:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f51db99acb9 code=0x7ffc0000
[  166.027649][ T6286] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  166.116811][   T26] audit: type=1326 audit(1769063830.635:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz.0.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51db99acb9 code=0x7ffc0000
[  166.190294][ T6283] overlayfs: upper fs does not support tmpfile.
[  166.290441][ T6283] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  166.358443][ T6283] overlayfs: failed to verify origin (/, ino=5, err=-22)
[  166.420960][ T6283] overlayfs: failed to verify upper root origin
[  166.648521][ T4356] ntfs3: loop0: ntfs3_write_inode r=9 failed, -22.
[  166.674191][ T4272] ntfs3: loop0: ntfs_sync_fs r=9 failed, -22.
[  166.688168][ T4272] ntfs3: loop0: ntfs_evict_inode r=9 failed, -22.
[  166.870512][ T6302] netlink: 8 bytes leftover after parsing attributes in process `syz.4.621'.
[  166.909741][ T6302] netlink: 4 bytes leftover after parsing attributes in process `syz.4.621'.
[  166.959599][ T6302] netlink: 'syz.4.621': attribute type 18 has an invalid length.
[  167.117155][ T6288] loop2: detected capacity change from 0 to 32768
[  167.178876][ T6288] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.604 (6288)
[  167.245928][ T6288] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  167.275966][ T6307] program syz.4.623 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  167.291179][ T6288] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  167.304165][ T6305] loop0: detected capacity change from 0 to 4096
[  167.307118][ T6288] BTRFS info (device loop2): setting nodatasum
[  167.345298][ T6305] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512)
[  167.377817][ T6288] BTRFS info (device loop2): use zlib compression, level 3
[  167.404464][ T6288] BTRFS info (device loop2): using free space tree
[  167.483138][ T6290] loop1: detected capacity change from 0 to 40427
[  167.516427][ T6288] BTRFS info (device loop2): enabling ssd optimizations
[  167.627764][ T6290] F2FS-fs (loop1): Found nat_bits in checkpoint
[  167.937409][ T6290] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  168.144462][ T6339] loop0: detected capacity change from 0 to 4096
[  168.230075][ T4278] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  168.255963][ T6343] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  168.309766][ T4270] syz-executor: attempt to access beyond end of device
[  168.309766][ T4270] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  168.350403][ T6345] netlink: 4 bytes leftover after parsing attributes in process `syz.3.630'.
[  168.653655][ T6351] netlink: 64859 bytes leftover after parsing attributes in process `syz.4.634'.
[  169.288996][ T6361] loop4: detected capacity change from 0 to 2048
[  169.392474][ T6361]  loop4: p1 < > p3
[  169.407698][ T6361] loop4: p3 size 134217728 extends beyond EOD, truncated
[  169.789057][ T5966] udevd[5966]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  169.804684][ T4554] udevd[4554]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  169.842927][ T6376] loop4: detected capacity change from 0 to 512
[  169.920604][ T6376] EXT4-fs: Ignoring removed orlov option
[  169.948548][ T6376] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  169.995134][ T6376] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  170.008597][ T6375] loop2: detected capacity change from 0 to 4096
[  170.096399][ T6376] EXT4-fs error (device loop4): ext4_iget_extra_inode:4756: inode #15: comm syz.4.644: corrupted in-inode xattr
[  170.182639][ T6376] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.644: couldn't read orphan inode 15 (err -117)
[  170.208600][ T6386] netlink: 28 bytes leftover after parsing attributes in process `syz.3.648'.
[  170.265686][ T6376] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  170.590511][ T4278] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22.
[  170.597030][ T4278] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  170.679186][ T4277] EXT4-fs (loop4): unmounting filesystem.
[  171.001070][ T6399] input: syz0 as /devices/virtual/input/input12
[  171.374942][ T6405] loop2: detected capacity change from 0 to 2048
[  171.407805][ T6405] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  171.450021][ T6405] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  171.526213][ T6409] loop1: detected capacity change from 0 to 512
[  171.652140][ T6409] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  171.673090][ T6409] ext4 filesystem being mounted at /126/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.747098][ T6413] loop4: detected capacity change from 0 to 1024
[  171.828155][ T6413] EXT4-fs: Ignoring removed nobh option
[  171.861782][ T6413] EXT4-fs: Ignoring removed bh option
[  171.870580][ T6414] __quota_error: 10 callbacks suppressed
[  171.870597][ T6414] Quota error (device loop1): do_check_range: Getting block 67108864 out of range 0-8
[  171.900994][ T6413] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  171.969182][ T6409] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  172.018358][ T6409] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  172.043632][ T6413] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  172.111560][ T6409] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.658: Failed to acquire dquot type 0
[  172.192534][ T6425] loop2: detected capacity change from 0 to 512
[  172.220711][ T6425] EXT4-fs: Ignoring removed orlov option
[  172.247731][ T6425] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  172.277242][ T6425] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  172.432665][ T4270] EXT4-fs (loop1): unmounting filesystem.
[  172.452526][ T6425] EXT4-fs error (device loop2): ext4_iget_extra_inode:4756: inode #15: comm syz.2.663: corrupted in-inode xattr
[  172.515248][ T4277] EXT4-fs (loop4): unmounting filesystem.
[  172.518307][ T6425] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.663: couldn't read orphan inode 15 (err -117)
[  172.593633][ T6425] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  172.767743][ T6430] tipc: Started in network mode
[  172.787975][ T6430] tipc: Node identity ac14140f, cluster identity 4711
[  172.796702][ T4278] EXT4-fs (loop2): unmounting filesystem.
[  172.824772][ T6430] tipc: New replicast peer: 255.255.255.255
[  172.833568][ T6430] tipc: Enabled bearer <udp:syz2>, priority 10
[  172.874620][ T6432] af_packet: tpacket_rcv: packet too big, clamped from 46 to 4294967286. macoff=82
[  172.926886][ T6424] loop0: detected capacity change from 0 to 40427
[  172.975500][ T6424] F2FS-fs (loop0): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  172.995574][ T6424] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  173.052330][ T6424] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x35f7
[  173.085992][ T6424] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3ffff
[  173.143699][ T6424] F2FS-fs (loop0): invalid crc value
[  173.196497][ T6424] F2FS-fs (loop0): Found nat_bits in checkpoint
[  173.220626][ T6442] loop1: detected capacity change from 0 to 8
[  173.257284][ T6442] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  173.280901][ T5966] udevd[5966]: incorrect cramfs checksum on /dev/loop1
[  173.301010][ T6446] loop2: detected capacity change from 0 to 512
[  173.415122][ T6446] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  173.424583][ T6424] F2FS-fs (loop0): Start checkpoint disabled!
[  173.430130][ T6446] ext4 filesystem being mounted at /128/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.461020][ T5966] udevd[5966]: incorrect cramfs checksum on /dev/loop1
[  173.470725][ T6424] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  173.477821][ T6424] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  173.548803][ T4278] EXT4-fs (loop2): unmounting filesystem.
[  173.565180][ T4281] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  173.574289][ T4281] Bluetooth: hci2: Injecting HCI hardware error event
[  173.584634][ T4281] Bluetooth: hci2: hardware error 0x00
[  173.598535][ T6424] syz.0.662: attempt to access beyond end of device
[  173.598535][ T6424] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  173.821094][    T9] kworker/u4:0: attempt to access beyond end of device
[  173.821094][    T9] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  173.951892][ T4564] tipc: Node number set to 2886997007
[  174.099587][ T5118] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  174.317292][ T5118] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  174.348600][ T5118] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  174.362116][ T4757] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  174.383041][ T5118] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  174.402714][ T5118] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.421356][ T5118] usb 3-1: Product: syz
[  174.436064][ T5118] usb 3-1: Manufacturer: syz
[  174.442762][ T5118] usb 3-1: SerialNumber: syz
[  174.498578][ T6449] loop4: detected capacity change from 0 to 32768
[  174.560338][ T6449] XFS (loop4): Mounting V5 Filesystem
[  174.579632][ T4757] usb 1-1: Using ep0 maxpacket: 32
[  174.593081][ T4757] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  174.610779][ T4757] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  174.624635][ T4757] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  174.640773][ T4757] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.686668][ T4757] usb 1-1: config 0 descriptor??
[  174.695546][ T6455] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  174.716389][ T6449] XFS (loop4): Ending clean mount
[  174.723395][ T4757] hub 1-1:0.0: USB hub found
[  174.731963][ T6455] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  174.754001][ T6449] XFS (loop4): Quotacheck needed: Please wait.
[  174.771531][ T5118] cdc_ether: probe of 3-1:1.0 failed with error -22
[  174.817850][ T5118] usb 3-1: USB disconnect, device number 5
[  174.848022][ T6449] XFS (loop4): Quotacheck: Done.
[  174.919719][ T4757] hub 1-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  175.022215][ T4277] XFS (loop4): Unmounting Filesystem
[  175.358689][ T4757] hid-generic 0003:046D:C31C.0006: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.0-1/input0
[  175.443871][ T5118] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  175.579869][ T6476] loop3: detected capacity change from 0 to 32768
[  175.639640][ T5118] usb 3-1: Using ep0 maxpacket: 8
[  175.655045][ T5118] usb 3-1: config index 0 descriptor too short (expected 301, got 72)
[  175.670125][ T4561] usb 1-1: USB disconnect, device number 3
[  175.673775][ T5118] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  175.697308][ T5118] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  175.719565][ T4281] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  175.764276][ T5118] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  175.784546][ T5118] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  175.808516][ T5118] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.836069][ T6491] loop1: detected capacity change from 0 to 1024
[  175.852226][ T5118] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  175.888370][ T5118] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  175.909119][ T5118] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.928448][ T6476] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  175.949995][ T6491] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  175.977842][ T6491] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.997373][ T6476] XFS (loop3): Mounting V5 Filesystem
[  176.055290][ T6476] XFS (loop3): Ending clean mount
[  176.064726][ T6491] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: block 3: comm syz.1.684: lblock 3 mapped to illegal pblock 3 (length 1)
[  176.083142][ T6476] XFS (loop3): Quotacheck needed: Please wait.
[  176.118573][ T4757] XFS (loop3): Metadata CRC error detected at xfs_allocbt_read_verify+0x3a/0xd0, xfs_cntbt block 0x10 
[  176.162937][ T4757] XFS (loop3): Unmount and run xfs_repair
[  176.172530][ T5118] usb 3-1: usb_control_msg returned -71
[  176.178281][ T5118] usbtmc 3-1:16.0: can't read capabilities
[  176.194932][ T6491] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  176.207894][ T4757] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  176.220024][ T6491] EXT4-fs (loop1): This should not happen!! Data will be lost
[  176.220024][ T6491] 
[  176.228290][ T5118] usbtmc 3-1:16.0: Failed to submit iin_urb
[  176.235896][ T5118] usbtmc: probe of 3-1:16.0 failed with error -90
[  176.270435][ T4757] 00000000: 41 42 33 43 00 00 00 02 ff ff ff ff ff ff ff ff  AB3C............
[  176.279448][ T4757] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[  176.298756][ T6499] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: comm syz.1.684: lblock 0 mapped to illegal pblock 0 (length 3)
[  176.324181][ T5118] usb 3-1: USB disconnect, device number 6
[  176.330150][ T4757] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  176.339253][ T4757] 00000030: 00 00 00 00 20 bb 84 11 00 00 04 4e 00 00 00 02  .... ......N....
[  176.357748][ T4757] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  176.378917][ T6499] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 117
[  176.406112][ T4757] 00000050: 00 00 00 00 00 00 07 00 00 00 00 00 00 00 00 00  ................
[  176.419342][ T4757] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  176.433940][ T4757] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  176.448867][   T46] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x10 len 8 error 74
[  176.476885][ T6499] EXT4-fs (loop1): This should not happen!! Data will be lost
[  176.476885][ T6499] 
[  176.505534][ T6476] XFS (loop3): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  176.586410][ T4364] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: block 4: comm kworker/u4:7: lblock 4 mapped to illegal pblock 4 (length 2)
[  176.614454][ T6476] XFS (loop3): Metadata CRC error detected at xfs_allocbt_read_verify+0x3a/0xd0, xfs_cntbt block 0x10 
[  176.632228][ T4364] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2 with error 117
[  176.639621][ T6476] XFS (loop3): Unmount and run xfs_repair
[  176.655182][ T4364] EXT4-fs (loop1): This should not happen!! Data will be lost
[  176.655182][ T4364] 
[  176.661011][ T6476] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  176.682149][ T4270] EXT4-fs (loop1): unmounting filesystem.
[  176.682184][ T6476] 00000000: 41 42 33 43 00 00 00 02 ff ff ff ff ff ff ff ff  AB3C............
[  176.697694][ T6476] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[  176.707279][ T6476] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  176.728450][ T6476] 00000030: 00 00 00 00 20 bb 84 11 00 00 04 4e 00 00 00 02  .... ......N....
[  176.757443][ T6476] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  176.775277][ T6476] 00000050: 00 00 00 00 00 00 07 00 00 00 00 00 00 00 00 00  ................
[  176.795953][ T6476] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  176.821949][ T6476] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  176.861999][ T6476] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x10 len 8 error 74
[  176.915291][ T6476] XFS (loop3): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x54f/0x9c0 (fs/xfs/xfs_trans_buf.c:296).  Shutting down filesystem.
[  176.930611][ T6476] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  177.008731][ T6513] 8021q: adding VLAN 0 to HW filter on device bond1
[  177.025295][ T4283] XFS (loop3): Unmounting Filesystem
[  177.056120][ T6513] bond0: (slave bond1): Enslaving as an active interface with an up link
[  177.569266][ T6528] netlink: 4 bytes leftover after parsing attributes in process `syz.3.697'.
[  177.975557][ T6526] loop4: detected capacity change from 0 to 40427
[  177.995060][ T6526] F2FS-fs (loop4): build fault injection attr: rate: 690, type: 0x3ffff
[  178.011313][ T6526] F2FS-fs (loop4): invalid crc value
[  178.019301][ T6526] F2FS-fs (loop4): Found nat_bits in checkpoint
[  178.062413][ T6526] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  178.279555][ T4281] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  178.281446][ T4285] Bluetooth: hci5: command 0x1003 tx timeout
[  178.667578][ T6546] loop1: detected capacity change from 0 to 128
[  178.847391][ T4270] FAT-fs (loop1): error, invalid access to FAT (entry 0x0fff0000)
[  178.863523][ T4270] FAT-fs (loop1): Filesystem has been set read-only
[  179.083001][ T6559] loop1: detected capacity change from 0 to 2048
[  179.139096][ T6559] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  179.499649][ T5118] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  179.522946][ T6577] loop2: detected capacity change from 0 to 512
[  179.580672][ T6577] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  179.609000][ T6577] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e028, mo2=0002]
[  179.631782][ T6577] System zones: 0-1, 15-15, 18-18, 34-34
[  179.638749][ T6577] EXT4-fs (loop2): orphan cleanup on readonly fs
[  179.682673][ T6577] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[  179.689029][ T4270] EXT4-fs (loop1): unmounting filesystem.
[  179.699573][ T5118] usb 4-1: Using ep0 maxpacket: 16
[  179.705195][ T6577] EXT4-fs warning (device loop2): ext4_enable_quotas:7087: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  179.730993][ T5118] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  179.749313][ T6577] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  179.767527][ T5118] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  179.778334][ T5118] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.788719][ T5118] usb 4-1: Product: syz
[  179.799859][ T6577] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.714: bg 0: block 40: padding at end of block bitmap is not set
[  179.809270][ T5118] usb 4-1: Manufacturer: syz
[  179.828442][ T5118] usb 4-1: SerialNumber: syz
[  179.845304][ T5118] usb 4-1: config 0 descriptor??
[  179.864432][ T6577] EXT4-fs (loop2): Remounting filesystem read-only
[  179.875848][ T6577] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6181: Corrupt filesystem
[  179.888515][ T6577] EXT4-fs (loop2): Remounting filesystem read-only
[  179.897516][ T6577] EXT4-fs (loop2): 1 truncate cleaned up
[  179.905572][ T6577] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  179.906029][ T5118] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  179.954847][ T5118] em28xx 4-1:0.0: DVB interface 0 found: bulk
[  180.028938][ T4278] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic f300, entries 1, max 4(0), depth 0(0)
[  180.048573][ T4278] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic f300, entries 1, max 4(0), depth 0(0)
[  180.149498][ T5389] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  180.271120][ T5123] kernel read not supported for file /dsp1 (pid: 5123 comm: kworker/0:17)
[  180.374593][ T5389] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  180.390324][ T5389] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.398621][ T5389] usb 5-1: Product: syz
[  180.408117][ T5389] usb 5-1: Manufacturer: syz
[  180.415476][ T5389] usb 5-1: SerialNumber: syz
[  180.428601][ T5389] usb 5-1: config 0 descriptor??
[  180.441847][ T4278] EXT4-fs (loop2): unmounting filesystem.
[  180.488799][ T5118] em28xx 4-1:0.0: unknown em28xx chip ID (184)
[  180.601749][    T9] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.656717][ T5389] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  180.729001][    T9] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.788403][ T5118] em28xx 4-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  180.819455][ T5118] em28xx 4-1:0.0: board has no eeprom
[  180.850250][    T9] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.929692][ T5118] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  180.937718][ T5118] em28xx 4-1:0.0: dvb set to bulk mode.
[  180.953300][ T4757] em28xx 4-1:0.0: Binding DVB extension
[  180.982379][ T5118] usb 4-1: USB disconnect, device number 10
[  180.989331][ T5118] em28xx 4-1:0.0: Disconnecting em28xx
[  181.033204][    T9] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.300304][ T5389] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71
[  181.321241][ T4757] em28xx 4-1:0.0: Registering input extension
[  181.343960][ T5118] em28xx 4-1:0.0: Closing input extension
[  181.379274][ T5389] usb 5-1: USB disconnect, device number 7
[  181.513408][ T5118] em28xx 4-1:0.0: Freeing device
[  182.235956][ T4285] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  182.248235][ T4285] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  182.249248][ T6613] loop3: detected capacity change from 0 to 2048
[  182.263274][ T4285] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  182.284929][ T4285] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  182.292579][ T4285] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  182.303297][ T6616] loop0: detected capacity change from 0 to 512
[  182.313443][ T6596] loop1: detected capacity change from 0 to 32768
[  182.320769][ T4285] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  182.348120][ T6596] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.723 (6596)
[  182.366331][ T6596] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  182.378463][ T6596] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  182.388435][ T6596] BTRFS info (device loop1): setting nodatasum
[  182.395055][ T6596] BTRFS info (device loop1): use zlib compression, level 3
[  182.406054][ T6613] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  182.431516][ T6596] BTRFS info (device loop1): using free space tree
[  182.470163][ T6616] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  182.479200][ T6616] ext4 filesystem being mounted at /144/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.602642][ T6596] BTRFS info (device loop1): enabling ssd optimizations
[  182.642726][   T26] audit: type=1800 audit(1769063848.035:31): pid=6596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.723" name="file1" dev="loop1" ino=260 res=0 errno=0
[  182.708583][ T6616] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  182.779547][ T6616] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[  182.823565][ T6616] EXT4-fs error (device loop0): ext4_acquire_dquot:6835: comm syz.0.729: Failed to acquire dquot type 0
[  182.882563][ T4270] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  182.916006][ T6616] Quota error (device loop0): do_check_range: Getting block 67108864 out of range 0-8
[  182.939063][ T4283] EXT4-fs (loop3): unmounting filesystem.
[  183.091908][ T5966] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 10 /dev/loop1 scanned by udevd (5966)
[  183.305186][ T4272] EXT4-fs (loop0): unmounting filesystem.
[  183.419502][ T5118] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  183.620006][ T5118] usb 4-1: Using ep0 maxpacket: 8
[  183.628278][ T5118] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  183.681278][ T5118] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  183.745297][ T5118] usb 4-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[  183.772923][ T5118] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.812959][ T5118] usb 4-1: Product: syz
[  183.817215][ T5118] usb 4-1: Manufacturer: syz
[  183.832986][ T5118] usb 4-1: SerialNumber: syz
[  183.852024][ T6612] chnl_net:caif_netlink_parms(): no params data found
[  183.891465][ T5118] usblp0: Disabling reads from problematic bidirectional printer
[  184.095859][ T5118] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 11 if 0 alt 0 proto 1 vid 0x03F0 pid 0x0004
[  184.201491][ T6612] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.222831][ T6612] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.240899][ T6612] device bridge_slave_0 entered promiscuous mode
[  184.320987][ T5118] usb 4-1: USB disconnect, device number 11
[  184.338902][ T5118] usblp0: removed
[  184.343656][ T4561] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  184.359931][ T4281] Bluetooth: hci3: command 0x0409 tx timeout
[  184.474078][ T6670] loop1: detected capacity change from 0 to 1024
[  184.490734][ T6612] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.513201][ T6612] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.541249][ T6612] device bridge_slave_1 entered promiscuous mode
[  184.550149][ T4561] usb 5-1: Using ep0 maxpacket: 16
[  184.567477][ T4561] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[  184.611466][ T4561] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  184.625967][ T6673] loop0: detected capacity change from 0 to 2048
[  184.638351][ T4561] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.678868][ T6673] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found!
[  184.690952][ T4561] usb 5-1: Product: syz
[  184.722139][ T4561] usb 5-1: Manufacturer: syz
[  184.727440][ T4561] usb 5-1: SerialNumber: syz
[  184.751605][ T6673] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  184.769011][ T4561] usb 5-1: config 0 descriptor??
[  184.783897][ T6612] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  184.811133][ T4561] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  184.843962][ T4561] usb 5-1: Detected FT232R
[  185.015683][ T4561] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  185.218380][ T6612] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  185.238963][ T4561] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  185.380159][    T9] device hsr_slave_0 left promiscuous mode
[  185.404755][    T9] device hsr_slave_1 left promiscuous mode
[  185.446339][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  185.456959][ T6690] loop1: detected capacity change from 0 to 128
[  185.473334][ T4564] usb 5-1: USB disconnect, device number 8
[  185.489929][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  185.514778][ T4564] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  185.557662][ T4564] ftdi_sio 5-1:0.0: device disconnected
[  185.636334][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  185.661467][ T6694] loop0: detected capacity change from 0 to 1024
[  185.679908][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  185.710605][ T6694] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  185.741314][    T9] device bridge_slave_1 left promiscuous mode
[  185.751416][ T6694] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.773625][ T6694] EXT4-fs error (device loop0): ext4_map_blocks:745: inode #15: block 3: comm syz.0.743: lblock 3 mapped to illegal pblock 3 (length 1)
[  185.789038][ T6694] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  185.802006][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.809640][ T6694] EXT4-fs (loop0): This should not happen!! Data will be lost
[  185.809640][ T6694] 
[  185.826441][ T6694] EXT4-fs error (device loop0): ext4_map_blocks:745: inode #15: comm syz.0.743: lblock 0 mapped to illegal pblock 0 (length 3)
[  185.840410][ T6694] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 117
[  185.853050][ T6694] EXT4-fs (loop0): This should not happen!! Data will be lost
[  185.853050][ T6694] 
[  185.931440][   T30] EXT4-fs error (device loop0): ext4_map_blocks:745: inode #15: block 4: comm kworker/u4:2: lblock 4 mapped to illegal pblock 4 (length 2)
[  185.966916][    T9] device bridge_slave_0 left promiscuous mode
[  185.982306][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.000608][   T30] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2 with error 117
[  186.060945][   T30] EXT4-fs (loop0): This should not happen!! Data will be lost
[  186.060945][   T30] 
[  186.091514][ T4272] EXT4-fs (loop0): unmounting filesystem.
[  186.195490][ T6704] loop3: detected capacity change from 0 to 512
[  186.211327][    T9] device veth1_macvtap left promiscuous mode
[  186.218566][    T9] device veth0_macvtap left promiscuous mode
[  186.259608][    T9] device veth1_vlan left promiscuous mode
[  186.267044][ T6704] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  186.290996][    T9] device veth0_vlan left promiscuous mode
[  186.402133][ T6704] fs-verity: sha512 using implementation "sha512-avx2"
[  186.432123][ T6704] EXT4-fs warning (device loop3): ext4_begin_enable_verity:137: inode #13: comm syz.3.747: verity is only allowed on extent-based files
[  186.450462][ T4281] Bluetooth: hci3: command 0x041b tx timeout
[  186.634225][ T4283] EXT4-fs (loop3): unmounting filesystem.
[  187.146886][ T6727] loop3: detected capacity change from 0 to 128
[  187.849798][ T6725] loop1: detected capacity change from 0 to 32768
[  187.876137][ T6725] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.754 (6725)
[  187.936268][ T6725] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  187.969082][ T6725] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  188.003618][ T6725] BTRFS info (device loop1): using free space tree
[  188.384601][ T6731] loop3: detected capacity change from 0 to 40427
[  188.408046][ T6725] BTRFS info (device loop1): enabling ssd optimizations
[  188.428120][ T6731] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  188.472657][ T6731] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  188.507045][ T6731] F2FS-fs (loop3): invalid crc value
[  188.520286][ T4285] Bluetooth: hci3: command 0x040f tx timeout
[  188.545916][ T6725] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8)
[  188.620600][ T6731] F2FS-fs (loop3): Found nat_bits in checkpoint
[  188.801102][ T6731] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  188.803229][ T4270] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  188.818511][ T6731] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  189.056171][ T6757] f2fs_ckpt-7:3: attempt to access beyond end of device
[  189.056171][ T6757] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  189.361611][    T9] team0 (unregistering): Port device team_slave_1 removed
[  189.542639][    T9] team0 (unregistering): Port device team_slave_0 removed
[  189.550689][ T6760] loop0: detected capacity change from 0 to 32768
[  189.609602][ T6760] JFS: block map error in dbBackSplit
[  189.615674][ T6760] ERROR: (device loop0): dbDiscardAG: -EIO
[  189.615674][ T6760] 
[  189.651269][ T6760] syz.0.761: attempt to access beyond end of device
[  189.651269][ T6760] loop0: rw=2051, sector=2629632, nr_sectors = 8192 limit=32768
[  189.698290][ T6760] JFS: sb_issue_discard(ffff88805f246000, 328704, 1024, GFP_NOFS, 0) = -5 => failed!
[  189.741755][ T6760] blkno = 50400, nblocks = 400
[  189.766431][ T6760] ERROR: (device loop0): dbFree: block to be freed is outside the map
[  189.766431][ T6760] 
[  189.788641][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  189.867178][ T4272] BUG: Bad page state in process syz-executor  pfn:7541d
[  189.890036][ T4272] page:ffffea0001d50740 refcount:0 mapcount:0 mapping:0000000000000000 index:0x4 pfn:0x7541d
[  189.909728][ T4272] flags: 0xfff18000002046(referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[  189.946858][ T4272] raw: 00fff18000002046 ffffea0001f9b7c8 ffffc90003f77960 0000000000000000
[  189.970337][ T4272] raw: 0000000000000004 ffff88802597bd90 00000000ffffffff 0000000000000000
[  189.983633][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  190.006050][ T4272] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  190.015733][ T4272] page_owner tracks the page as allocated
[  190.040316][ T4272] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 6760, tgid 6758 (syz.0.761), ts 189590113707, free_ts 189438816287
[  190.094774][ T4272]  post_alloc_hook+0x173/0x1a0
[  190.105692][ T4272]  get_page_from_freelist+0x1a1e/0x1ab0
[  190.118188][ T4272]  __alloc_pages+0x1ec/0x4f0
[  190.127546][ T4272]  folio_alloc+0x1c/0x60
[  190.137629][ T4272]  filemap_alloc_folio+0xdb/0x480
[  190.148498][ T4272]  do_read_cache_folio+0x1bb/0x760
[  190.154198][ T4272]  do_read_cache_page+0x32/0x220
[  190.159620][ T4272]  __get_metapage+0x316/0xfa0
[  190.164492][ T4272]  dbAllocCtl+0xd4/0x9b0
[  190.174976][ T4272]  dbAllocAG+0x1e7/0xfe0
[  190.180480][ T4272]  dbDiscardAG+0x2c5/0x8e0
[  190.188389][ T4272]  jfs_ioc_trim+0x42b/0x660
[  190.197841][ T4272]  jfs_ioctl+0x28f/0x3b0
[  190.207880][ T4272]  __se_sys_ioctl+0xfa/0x170
[  190.216038][ T4272]  do_syscall_64+0x4c/0xa0
[  190.224107][ T4272]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  190.231037][ T4272] page last free stack trace:
[  190.235848][ T4272]  free_unref_page_prepare+0x8b4/0x9a0
[  190.242241][ T4272]  free_unref_page_list+0xbb/0x8e0
[  190.247503][ T4272]  release_pages+0x1fa6/0x2220
[  190.255212][ T4272]  __pagevec_release+0x6d/0xe0
[  190.261118][ T4272]  truncate_inode_pages_range+0x352/0x1090
[  190.267173][ T4272]  blkdev_flush_mapping+0x12c/0x290
[  190.272953][ T4272]  blkdev_put+0x47f/0x710
[  190.277479][ T4272]  kill_f2fs_super+0x309/0x3c0
[  190.282662][ T4272]  deactivate_locked_super+0x93/0xf0
[  190.288092][ T4272]  cleanup_mnt+0x42c/0x4b0
[  190.293500][ T4272]  task_work_run+0x1d0/0x260
[  190.298171][ T4272]  exit_to_user_mode_loop+0xe6/0x110
[  190.310171][ T4272]  exit_to_user_mode_prepare+0xee/0x180
[  190.315797][ T4272]  syscall_exit_to_user_mode+0x16/0x40
[  190.325146][ T4272]  do_syscall_64+0x58/0xa0
[  190.330451][ T4272]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  190.350535][ T4272] Modules linked in:
[  190.355206][ T4272] CPU: 0 PID: 4272 Comm: syz-executor Not tainted syzkaller #0
[  190.363071][ T4272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  190.373158][ T4272] Call Trace:
[  190.376475][ T4272]  <TASK>
[  190.379431][ T4272]  dump_stack_lvl+0x188/0x24e
[  190.384144][ T4272]  ? show_regs_print_info+0x12/0x12
[  190.389375][ T4272]  ? swiotlb_print_info+0x60/0x60
[  190.394434][ T4272]  bad_page+0x14b/0x170
[  190.398613][ T4272]  free_unref_page_prepare+0x42a/0x9a0
[  190.404121][ T4272]  ? percpu_ref_put+0x19/0x180
[  190.408948][ T4272]  free_unref_page_list+0xbb/0x8e0
[  190.414118][ T4272]  release_pages+0x1fa6/0x2220
[  190.418951][ T4272]  ? lru_cache_disable+0x30/0x30
[  190.423928][ T4272]  ? mlock_page_drain_local+0x75/0x490
[  190.429855][ T4272]  ? mlock_page_drain_local+0x75/0x490
[  190.435338][ T4272]  ? mlock_page_drain_local+0x289/0x490
[  190.440918][ T4272]  __pagevec_release+0x6d/0xe0
[  190.445714][ T4272]  truncate_inode_pages_range+0x352/0x1090
[  190.451593][ T4272]  ? mapping_evict_folio+0x520/0x520
[  190.456917][ T4272]  ? jfs_alloc_inode+0x60/0x60
[  190.461714][ T4272]  ? evict+0x834/0x8d0
[  190.465829][ T4272]  ? do_raw_spin_unlock+0x11d/0x230
[  190.471069][ T4272]  ? _raw_spin_unlock+0x24/0x40
[  190.475957][ T4272]  ? iput+0x768/0x980
[  190.479986][ T4272]  dbUnmount+0x105/0x170
[  190.484273][ T4272]  jfs_umount+0x1fa/0x360
[  190.488651][ T4272]  jfs_put_super+0x88/0x190
[  190.493277][ T4272]  ? jfs_free_inode+0x20/0x20
[  190.497987][ T4272]  generic_shutdown_super+0x130/0x340
[  190.503392][ T4272]  kill_block_super+0x7c/0xe0
[  190.508097][ T4272]  deactivate_locked_super+0x93/0xf0
[  190.513407][ T4272]  cleanup_mnt+0x42c/0x4b0
[  190.517852][ T4272]  ? lockdep_hardirqs_on+0x94/0x140
[  190.523093][ T4272]  task_work_run+0x1d0/0x260
[  190.527712][ T4272]  ? task_work_cancel+0x220/0x220
[  190.532766][ T4272]  ? exit_to_user_mode_loop+0x3b/0x110
[  190.538342][ T4272]  exit_to_user_mode_loop+0xe6/0x110
[  190.543666][ T4272]  exit_to_user_mode_prepare+0xee/0x180
[  190.549249][ T4272]  syscall_exit_to_user_mode+0x16/0x40
[  190.554740][ T4272]  do_syscall_64+0x58/0xa0
[  190.559185][ T4272]  ? clear_bhb_loop+0x60/0xb0
[  190.563974][ T4272]  ? clear_bhb_loop+0x60/0xb0
[  190.568693][ T4272]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  190.574613][ T4272] RIP: 0033:0x7f51db99bf17
[  190.579059][ T4272] Code: a2 c7 05 7c 96 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  190.598978][ T4272] RSP: 002b:00007ffcd189bed8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  190.607448][ T4272] RAX: 0000000000000000 RBX: 00007f51dba0471f RCX: 00007f51db99bf17
[  190.615448][ T4272] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcd189bf90
[  190.623449][ T4272] RBP: 00007ffcd189bf90 R08: 00007ffcd189cf90 R09: 00000000ffffffff
[  190.631474][ T4272] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcd189d020
[  190.639471][ T4272] R13: 00007f51dba0471f R14: 000000000002e515 R15: 00007ffcd189d060
[  190.647487][ T4272]  </TASK>
[  190.652298][ T4285] Bluetooth: hci3: command 0x0419 tx timeout
[  190.667159][ T4272] Disabling lock debugging due to kernel taint
[  191.049893][    T9] bond0 (unregistering): Released all slaves
[  191.143615][ T6612] team0: Port device team_slave_0 added
[  191.151759][ T6612] team0: Port device team_slave_1 added
[  191.166322][ T6735] netlink: 8 bytes leftover after parsing attributes in process `syz.4.759'.
[  191.178857][ T6736] netlink: 8 bytes leftover after parsing attributes in process `syz.4.759'.
[  191.190063][ T6770] netlink: 36 bytes leftover after parsing attributes in process `syz.3.763'.
[  191.245404][ T6612] batman_adv: batadv0: Adding interface: batadv_slave_0
[  191.252572][ T6612] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.309849][ T6612] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  191.330986][ T6612] batman_adv: batadv0: Adding interface: batadv_slave_1
[  191.349424][ T6612] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.375614][ T6612] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  191.414771][ T6612] device hsr_slave_0 entered promiscuous mode
[  191.422679][ T6612] device hsr_slave_1 entered promiscuous mode
[  191.429250][ T6612] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  191.437308][ T6612] Cannot create hsr debugfs directory
[  191.537690][ T6612] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  191.560675][ T6612] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  191.583918][ T6612] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  191.608730][ T6612] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  191.678803][ T6612] 8021q: adding VLAN 0 to HW filter on device bond0
[  191.693301][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  191.702001][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  191.713798][ T6612] 8021q: adding VLAN 0 to HW filter on device team0
[  191.724563][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  191.740012][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  191.754620][ T4356] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.761784][ T4356] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.773087][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  191.786196][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  191.795281][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  191.804196][ T6674] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.811358][ T6674] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.823816][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  191.841162][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  191.861908][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  191.872664][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  191.884224][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  191.897718][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  191.907229][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  191.924306][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  191.938025][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  191.954022][ T6612] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  192.172751][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  192.182044][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  192.197944][ T6612] 8021q: adding VLAN 0 to HW filter on device batadv0
[  192.502761][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  192.511798][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  192.544287][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  192.558188][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  192.568047][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  192.582148][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  192.592995][ T6612] device veth0_vlan entered promiscuous mode
[  192.606014][ T6612] device veth1_vlan entered promiscuous mode
[  192.626835][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  192.636410][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  192.646146][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  192.656230][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  192.667344][ T6612] device veth0_macvtap entered promiscuous mode
[  192.677894][ T6612] device veth1_macvtap entered promiscuous mode
[  192.695511][ T6612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.707032][ T6612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.717630][ T6612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.730039][ T6612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.741218][ T6612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.753568][ T6612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.765440][ T6612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.777833][ T6612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.792270][ T6612] batman_adv: batadv0: Interface activated: batadv_slave_0
[  192.803037][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  192.812998][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  192.823054][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  192.833057][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  192.843855][ T6612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.855576][ T6612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.866167][ T6612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.877243][ T6612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.887386][ T6612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.898145][ T6612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.908228][ T6612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.919039][ T6612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.933021][ T6612] batman_adv: batadv0: Interface activated: batadv_slave_1
[  192.941795][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  192.959024][ T4356] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  192.970328][ T6612] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  192.979067][ T6612] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  192.988837][ T6612] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.997735][ T6612] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.064445][ T4356] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.073051][ T4356] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.087523][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  193.109085][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.118231][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.129570][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  194.283307][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  194.291949][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  196.359519][ T4281] Bluetooth: hci1: command 0x0406 tx timeout
[  196.359530][ T4285] Bluetooth: hci4: command 0x0406 tx timeout
[  196.359553][ T4285] Bluetooth: hci0: command 0x0406 tx timeout