last executing test programs:

8.886279623s ago: executing program 2 (id=977):
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
ftruncate(r0, 0x2007ffb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r0, 0x0)
r1 = open(&(0x7f0000000f00)='./bus\x00', 0x161142, 0x6)
r2 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x1000000201005)
r3 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0xfe33)

8.669768392s ago: executing program 2 (id=980):
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x3, 0x5012, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0xe, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000000000001"], 0x0)
writev(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="6dc100167f", 0x5}], 0x1)
syz_emit_ethernet(0x138, &(0x7f0000000000)=ANY=[@ANYBLOB="ff02"], 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket(0x2, 0x1, 0x0)
r1 = socket(0x2, 0x1, 0x0)
connect$unix(r1, &(0x7f0000000000), 0x10)
r2 = dup2(r1, r0)
setsockopt$sock_int(r2, 0xffff, 0x1, &(0x7f0000000240)=0x5, 0x4)
sendto$inet(r1, &(0x7f0000000300)="b1e81c", 0x3, 0x401, 0x0, 0x0)

8.416216794s ago: executing program 2 (id=984):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'vlan0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608eee812002c001e0089e9aaa911d7c2290f0088481327c9167c643c4a1b788061", 0x24, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

8.35376072s ago: executing program 2 (id=985):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000001c0), 0x10, 0x0, r2}, 0x90)
write$cgroup_devices(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1e030600f7ff980128846360864666702c1ffe80"], 0xffdd)

6.813790615s ago: executing program 3 (id=1001):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, 0x0, 0xc0448a4)

6.583892314s ago: executing program 3 (id=1002):
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
ftruncate(r0, 0x2007ffb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r0, 0x0)
r1 = open(&(0x7f0000000f00)='./bus\x00', 0x161142, 0x6)
r2 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x1000000201005)
r3 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0xfe33)

6.501760702s ago: executing program 3 (id=1003):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0x40047451, 0x2000000c)

4.91534447s ago: executing program 1 (id=1009):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000140)={0x0, 0x1d, '\x00', [@jumbo, @hao={0xc9, 0x10, @mcast1}, @generic={0x0, 0xce, "a7be576ed1e5bf657f6063d566864399c1260792f542eb0e33a63d130426e99a4e97726f32ee613984ca1a128db21c468cfb2a9d976d25db771f9ba74d91a08d458bbd2c99032ebcef624194afa6c6970c11deb7bfa9590f69af962c2628cb28fb4421265c92791404f28c65d4b06e0143ca61090c2006428e0da55b2dc8f229a87e82690a73cbf303d10baffecf486f7a0055a94b414e4f463cdd5ff2c59d5c3b4d37e79ab72c44b07acbb2429e21eb81d4e63e5630ae6097c5d27b95fa67be39b2950f189befeb34fb1696792d"}]}, 0xf0)
listen(r0, 0x6)
syz_emit_ethernet(0x92, &(0x7f0000000040)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "101040", 0x5c, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x17, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x5, "03c0ab"}, @window={0x3, 0x3}, @mss={0xfe, 0x4}, @sack_perm={0x4, 0x2}, @generic={0x0, 0xa, "8bfbd54ae56dd076"}, @timestamp={0x8, 0xa}, @sack_perm={0x4, 0x2}, @md5sig={0x13, 0x12, "7232407c80067615774fdbb46eb86cc8"}, @generic={0x0, 0xa, "111fad2ea7434823"}, @exp_fastopen={0xfe, 0x5, 0xf989, "b4"}]}}}}}}}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.bfq.io_queued\x00', 0x26e1, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r1, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x8, 0x10, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa}]}}}}}}}, 0x0)
accept4(r1, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000001b00)=ANY=[@ANYBLOB="68010000", @ANYRES16=r5, @ANYBLOB="01002cbd7000000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="49013300d00002000802110000010802110000005050505050500000000007264b060101a6ccc8abc349272ca9f6d2c245fb5f41c6d9ff2d9b25a00416bdc54aaf1d4a6632de092066f62d5f02a7279b910209ad0f9d00cfc0f62a3fc612ac783c9b8e1298316694ad0e9aac269d05c10e5915a4710090fb35ceec9033748809f19c590ba7ab2b4a3bdac10085a419942d861ff3e03a2594f57d79d972939cd1ec6fb82069a32817f0c2f5edfbf707e7b47608b9822fef9262fc0000490ead474b2a59254533fd409785869d9dab21430d2cf7695ee38e3e44a6af76dd256ef5a42825b945fda019d6f7ab3a99ea3b750e65106958e9ce1c3aa391037ec2a74b995240edb4c5a4d5926d2eab08851ca67338314b165f309b1abcc1b907822e04b45ad2fa0263acf205d297398bc16cd87e2f0ec03f106fc1df86ed000000702b2e8019a6d1063d30eaafdcc8329168b58f471ffb4cc92117bf0399d9fd74f064f2c1520e1089c5bc2e464abf9e58fabbab6636a47948893c519bf1ba515a24c26ebeecb30c9c5b00"/405], 0x168}}, 0x0)
sendmsg$NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x14, r5, 0x800, 0x70bd26, 0x25dfdbfc, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000380), r3)
sendmsg$BATADV_CMD_SET_HARDIF(r3, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000040)={&(0x7f0000000300)={0x54, r7, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xfffffff8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x7fff}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x40}, 0x8040)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r9, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="050040000000000000002e00000008000300", @ANYRES32=r10, @ANYBLOB="0a0034000202020202020000080026006c090000"], 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000580)=ANY=[@ANYBLOB="500000000802110000010802110000000802110000000000000000000000000064000100ff0202060270"], 0x2b)
socket$nl_generic(0x10, 0x3, 0x10)

3.879578211s ago: executing program 2 (id=1010):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='nobarrier,mode=lfs,fsync_mode=strict\x00acl,\x00'], 0x2, 0x5535, &(0x7f000000af80)="$eJzs3EtvG1UUAODjPJq+KBFiAauOVCElUm3V6UOwK9CKh2hVFViwAsd2Lbe2J4odJ2TFgiViwT9BILFiyW9gwZodYgFig5CCPDMpTUml0NoJSb5PGp+519dnzrWqSmcmcgDH1nzyx2+lOBenImI6Is5GZOel4shcz8NLEXE+IqYeOUrF/MOJExFxOiLOzUXM5zlLxVtfXRxeuPrru79//+PczJmvv/vpYWLg2HklIror+fl6N49pK4/3i/nasJ3F7pVhEfM3ug+KcZrH9eZylmG9tr2ulsXLrXx9urLWH8V7nVp9FFvte9n8Si+/YH/Y2s6TfeB+bTUbN5rLWWz30yy2NvO6Njbz/9s2+4M8T6PI92mWPgaD7ZjPNzea+X5WHmSx3hsU83netNHcGMVhEYvLRT3tNLI6lp/lm/5/e6/dW9tIhs3VfjvtJVcr1Vcr1Wvl6mraaA6aV8q1buPalWSh1RktKw+ate71Vpq2Os1KPe0uJguter1crSYLN5rL7VovqVYrlyuXylcXi7OLyVu3P0w6jWRhFN9o99YG7U4/uZeuJvknFpOlyuXXFpML1eT9W3eSO3dv3rx154OPb3x0+/Vb77xZLPpXWcnC0qWlpXL1UnmpuriHTf758tbWUdj/50XR/3X/MCmlXeZOPnn53CRrATgkJtf/xx76f+C4mH1sPLn+f/VuxB77/5mn7/9D/z8Wh6r/fdr+fzL7n4kjsH94Jrv1/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAs/z37zdnYyn4/PFPPPFVMvFONSRExFxNYupuPEjpzTRZ7ZJ6yffayGH0qRZRhdY644TkfE9eL46/lJfwsAAABwdH372fkv8249f5k/6ILYT/lNm6mzn4wpXykiZud/GVO2qdHLi2NKlv37nomNMWXLbmCdHFOy/JbbzLiy7cn0jnDykVDKw9S+lgMAAOyLnZ3A/nYhAAAA7KcvDroADkYpth9lbj8Lzv7y/p8Hgqd2jAAAAIBDqHTQBQAAAAATl/X/fv8PAAAAjrb89/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mbnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYogbSQBqiB3FJCBBEeB4WIRJE8thX0fZIZxoIfMwgO80YaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6dFetFzdXv6/b5uz27eSZDQAAAHDOtlov6iez1P/a3P/e3PrZ9IuIKCPi3Np9FJ9OMkdNTvXK66sXY7iNqBMOnzFpri8R8ae5Hn50/S0AAADA5dosV/O0Wk8Ps6EHRJ9S0ab89jdTXhER1ew+U1p5yPuVKaz+fY/jf6a0uoA1zRSWSm7jXGnvUv/dj1W76bOmSE359vuzzR0AAOjR6KTpdxUCAABAn/4NPQCGUcTTVuZxK3CSmmZ77/NJDwAAAPiAiqEHAAAAAHSuXv87/w8AAAAuWzr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/szzsKhEAYhMHe9Z3J3P+w0qCpqUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/RykMwkAYBjdtWvVNcv/Dyi/JGUSYAeFjFxcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwIseKNr/6rPgmzqrqmSZ+GY+q+meV2LJK7PlhzIN93Bfbc88CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi537+Y2iigMA/mZmZymoca2mhxojiQe9SFkQ5GY8aBoP/gkmTVmwsvgDehBCTHrxZnrmYvRojFFTb/wPnCHhgjcOPWDiWTO/2ldowmrozJb9fJI37zuTyZvve0tIv/umBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAxvb7u3FWHAZVnNbX7jy8sVr0dx/pC7c27y0WrYiTNpM+HF6LT5KF6GSu/WQAAACYDVlT34cQ7udby0WfDsr6P2/uKWr+H16o4qaef7Tub/qm9i/aH78/eGXnQYPqOcWgF9bGo5OPp9I7uFlOtxefeEevXPnyu5es/EDSjzZe3s7L9Uy+u337g34ZHmkjWwDg/zjR9HXQ/DxU9MMuEwNgZvSiwrup/7NBtzkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtGF7IzzXxEkIYbG3GxfuPryxul9/a/PeYtPO3ry5GY9ZDJGHEC6sjUcnw1yLs5luV69dv7QyHo+utB+8HkJ42iM3/0SedPN79X2XPplg5BAOaBGOd7TyMxak9Yc9LfkcjqCj/5AAAHhm5XUrirb7+dZycS2ZD+GfH/fW/29GcZiw/n/w6dk78bPi+n/Y2gyn39L65S+Xrl67/vba5ZWLo4ujz985NXx3ePrcmTPnlsrvSqpj12kCAABwiPXrFtf/6fzj+//HojhMWP9/9f3wm/hZmfp/X7ubfl1nAgAAMNteOv73X8k+15N+P3y9sr5+ZVgdd85PVccOUv3PjtQtrv+z+a6zAgAAANqwvZHs2f8/H8Vhwv3/53969Zd4zCyEcLTe/z+x+sX4fHvTmWoH88vDv+650vUcAQAA6NbRusX7/3n5/n+688pDGkJ4640qrv8M4ET1f/bhtz/Hz4rf/z/d3hSnUrpQrUfZL4TQW+g6IwAAAJ5lc2UblPX/n/nW8me/Hfu47/1/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLb9GwAA//8xJz2D")
open(&(0x7f0000000200)='./bus\x00', 0x141042, 0x0)
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
write$FUSE_STATFS(r0, &(0x7f0000001800)={0x60, 0x0, 0x0, {{0x5, 0x6, 0x10000004, 0x7d, 0x4, 0x4, 0x6, 0x6007}}}, 0x60)
ftruncate(r0, 0x2ff8)

3.827211485s ago: executing program 3 (id=1011):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000400)=0xa4, 0x4)
syz_emit_ethernet(0x66, &(0x7f0000000d80)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "828bf7", 0x30, 0x3a, 0x0, @private0, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x3a, 0x0, @private1, @ipv4={'\x00', '\xff\xff', @empty}}}}}}}}, 0x0)
recvmmsg(r0, &(0x7f0000002780)=[{{0x0, 0xfffffffffffffde1, 0x0}}], 0x1, 0x2140, 0x0)

3.737898733s ago: executing program 4 (id=1013):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, 0x0, 0xc0448a4)

3.711107956s ago: executing program 3 (id=1014):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./bus\x00', 0x300000a, &(0x7f00000002c0)={[{@nodatacow}, {@compress_force_algo={'compress-force', 0x3d, 'lzo'}}, {@nodiscard}, {@metadata_ratio={'metadata_ratio', 0x3d, 0x8}}, {@ref_verify}, {@metadata_ratio={'metadata_ratio', 0x3d, 0x8001}}, {@nobarrier}, {@thread_pool={'thread_pool', 0x3d, 0x8}}, {@nodiscard}, {@enospc_debug}, {@ssd_spread}, {@barrier}]}, 0x3, 0x55a3, &(0x7f000000e0c0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
rename(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0)
rename(&(0x7f0000000140)='./file1\x00', &(0x7f0000001900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x4c02, &(0x7f0000000140))
r2 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x80044940, &(0x7f00000005c0)={<r3=>0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r4=>0x0, 0x0, <r5=>0x0})
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000001580)=ANY=[@ANYRES16=r5, @ANYRESDEC=r4, @ANYBLOB="12a4095a2aac12f0bfcb206d982e44066381388d27f14002d8d7431d3947f6399c7ff9f5193fc0398653e5a67bbb319f02bf4ac6f6ccd5acbfe1350cc3a6d2d48cf6c089ddf67171ffb3b15988e7b394c5daf3e12ca05e4dbdad7edd45f10cbc296a53a530d4c2d203ee650d5fff3a9b5aae78794fe84327e508172cdd72eeff5af4d6db9379bef20dde8e64b91d31a84ce8a7598bb78cc85108874811fc650f0520a5", @ANYRESOCT=r4, @ANYRESDEC=r3, @ANYRES64=r0, @ANYRESDEC=0x0, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRES8, @ANYRES16], 0x2, 0x0, &(0x7f0000000000))

3.455003148s ago: executing program 1 (id=1015):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000940)='./bus\x00', 0x8, &(0x7f00000004c0)={[{@autodefrag}, {@acl}, {@max_inline={'max_inline', 0x3d, [0x54]}}, {@ssd}, {@compress_algo={'compress', 0x3d, 'lzo'}}, {@ssd}, {@noenospc_debug}, {@barrier}, {@nodiscard}, {@acl}]}, 0x1, 0x55a4, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569H33HvrFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vujlRmD2XzllB11x7Q9AUd8+Mj5aGxsU+xmnbQ87xu0zkztibda16HsQMN2+V1+EDtpPrL3p548MqT/3j6vvPXTt3Wbj6Xs0lz0ztadZjZNqvzNddrnsdogs+TXvD2K9hLGmqnK4Rw/J8+X/bMnJd23/jBqydOvP2Fi6+etvCaKROfHfSLsf947S53T7u8YP7f8NHz//hyjrflebljqx/WJ3Pz+EhdTGysT+bmAAAA0Gv0hqOmXx396kunPnT3oheXH1fx3XG/Omm3+oqzv99x/K4rx3/x0ivbH9+lYP4/tLTz//GUf13uaFeHMKErccGAEHbrejwJ/Cx25+QBIezVlWrJDxyWCqwO4Qtdif2zVaVK9I0lhqYCv6/PBCakAmtioCUVuDEGlqQCF8bAilRgRgysTgUOj4HQnj+OA+oz4yg5UBMDrclGXBGvQninPraW2lbrslUBAABsJ5nZYWX+3ZxrHbY1Q5xerqjpKUO8ArtohupUDekZbHZaVbSGip5qKO+phuy4F3308AtqLuup5oLLMMryM3w45DvlAybu/aO7bhxxU/OLE7/77tjjv/LnN99dvf8//fd7zpl/3QEF8/+mj57/V3fTkbKC8/8hTO76G3OXZyId2XhrS14GAAAAYBtc9djSJ2844Kj/c9/L9935pWtvKF999df/7ysbL9h71HHDy/r+3bdXFMz/J5R2/X88JtInJ3N4NB6GmD0ghKb8QFLtwYWB5Kx3v0wAAAAAeoPs+fjsufD2zG1yiXZ6Pl2Yv2Ur88cT/xO6zX/5pr9+9svXPnniwmH7bLjiv535Qdnnx/5ul2PXjnz8rT2H/UND38Lr/1tKu/6/Nv826cSa2IsrB4TQNyfwSOxlZ6DL0Bh4+dD8QGb8a+IGWByrylyYkK1qcSzRGgNNqcCyYiV+my2xW34g82RlG78gO472TImcAAAAAHzi4uGAeF4+Xv9/z+QDvrT/oJfGvLjnvQtfm7D0hFNrf7jPLbu+PqBj0pgDJxxyxDMF8//Wrbv+v2seXHB5f0e/EEZWhNAn/cWAR2uThQFjoK4sk7i/NqmrT7qq82pDGN85sHRVr2TW/69IrzH4RE1SVQzstvdPNw3rTNxQE8LI3MAz37x+TGdifiqQbfwbNSEM6RxtuvGVfZPGK9ONX9M3hD1zAtmqTu4bQmdjVemqHqzO/I5BuqrbqkMYmBPIVnVgdQgLAwC9VPxXOjP3wXkLz549vaOj7YwdmIjH8GvCrPaOtsYZczpmVhfp08xUn/OWMTqvcEyl/vLN85kliqYOuX14Kens9wSbctvKHMcvuHAwcz/uC1V2jbO5Mu/u6PSQh+9T2ETI2ZMqNuTyHTzk2txKtjyJBfXH/FWhX+i7YF7bGY1nTZ8//4xRyd9Sszcnf+NppmRbjUpvq9ru+lbCy6PoalkpH3db7Zdbycj5p80dOW/h2SPaT5t+Stspbd9pHjuquXnMV8eOaR7ZOaqm5G8PQ92vu6pTQ918fYnj2o5D3b0ip5JP4lNDQkKityWmLyk7f8K0X9//rT3WnHbWSXv8/R4zR5z0V5f/Zu6JjYdM/tX1f7m2YP4/96Pn//FTJ37yZ9ZnKHb+vyGe5k8e33KavzUGlpV6/r+h2Nn87IUBQ1OBRTGwyGl+AAAAPhvi4ch4NDMelb6u7p/uPnLmjEPe/+UJU67+27HjTj1r/b4NF1997JL/sP6dJauOeLtg/r+otO//b6f1/7NL13+t2DL/+8cSTcXW/08v859d/39RsfX/08v8Z9f/X/YprP+/IBtIbZJ3rP8PAAB8Fnxy6//3uLx/+gcCCjL0uLx/+gcCCjL0uIx/qT8QsNXr/8/p+IvaQZfPGXfoiLk/fmTV3ksG3val5yf+ep+lB424d+Ut7426tWD+v6S0+b+F+wEAAGDn8dAv+3774neH3f/UI+8fWXbpbzfedPxftR1wyB8GNp8y+eia79/0bwXz/2Wlzf8/+fX/QrHr/4cWC7QUWxjQ+n8AAAD0UsXW/7t54MtDV88fceNjP3/zlpdafzFz/Gv/bskPvjJ9WNPNa9b9pmHG+oL5/4rS5v/xsovyvNyxNx/WJ2vahfSadhvrs18ZAAAAgN6hPDQ2VpaYN29l1MM+fpvrMkuBflQ619P3DVq1oPyhq8qqN/7gkmmHNJ577Jlzjrxo/fdrn/xJ7dTG6jMK5v+rS5v/530v44HaSfWXvT3x4A9XnvzH0/edv3bqlvP/AAAAwI5T6nEJAAAAAAAAAAAAAADg0/dU69KDPhh19Bsz9xr1p28c+8IPFn/xm4/8zbV/PvPnh9+3V/vmYVMKvv8fJneVK/b9//i7f/H7Bbvm5Y6t9rz+X+b+lGNuXdi1ZOGj9SHskxuYff7sz4XMb/PvlxtYNXX/wZ2J89Ml7nvx8Nc6E9PSgaNG7PJeZ2J8KtAaF0n8QjoQf1Xxvf6pQFxe8cl0IG6PFelAVSZwSf9kHGXpbbWhLtlWZelt9VxdCANyAtltdXdd0kZZeoBXpQLZAZ6eDsQBTsoEytO9urVf0qsYqItF/6Zf0isAAHZacS+wMsxq72hrirvw8Xb3ivzbKG/JsvMKqy0rsfnnM0uTTR1y+/BS0n3S+6Jbfmu8MlR3DmFUwe5qbpayrlFun1p62HS7FhlyT6u9lRcpl7a1m66q+IhqkhE1zpjTMbOyx4GP7jlLc0WPWUYVTHZys5R3bdISaimhLyWMqMRtU0KX4/3y0NjYJ5VrXAw2hDw9vSJK/b5+7jp/xV4FuXn+tubaS/sM7vP+v42/6KEHB1R2nDq57aLdH/vngaNm/viHD7Ze8/uC+X9DafP/6txxvZf5MYBF8Zf1Dh4QQmuJIwIAAIDPvv957vI7TpyzZsOs1RXP/u53s8uPO7Fy8zl3nXP2Rc/dv/ioS/79zdsaX1H21KYT39h01l+/8ZOvXPfwWS8dPuOsuyatO2R9W/WN3/2L5acOKZj/Dy1t/h+PYGVOBSdHO1bH3/+/YEAIXT+t35AEfhaHe/KAEPbqSrXEEskP6n8tlmhKAj+LB0z2jyVaW/Kr6hsDK1KB39dnAqtTgTUxkDlK8dOQOZRzRX0IY7pSk/NLzI0lGlKB42JgaCrQGANNqUD/GJiQCrzZPxNoSQX+MQZCe/62urN/ZlsBAABsjcw8qzL/bkjP81ZU9JShrKcMtT1lKO8pQ3VPGYqNIt6/I2aoTF28UpaTqTJda02qloIM8cfwt7pfBRnCb/NzpgsWNB2vP8heb1CWn2HcD+9oPehr83686eIfPX7kgRceueTKty89ut/gK5/93+3n9uu/qbZg/t9U2vy/Nv82aX1NnP9v+f2/JPBI7N6V8dLxoTHw8qH5gcyBgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4eIAgHqaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKIxzHq4tfj96gL4XM5BziyJdpqkxJVqYbDwzXJN9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35yjL9k2XqhO2qhJB4ZVJYHadGBORRKIR36ygXvKkwBss+xRwfiCylzqktXQfbkir7/Pym+CpodXcAy0m3zdfedqR6lOP5A5ppq1dU9bQXXsEAVvj9Xebb3x3dbg3Za7I5XZQ9m8JVQdyme2zZq+oGN+fCT3m6wFdtDznPst1VLS2+F1uOjj97Zn1ekONKU+Ppq6L9f967AsVvdA7aT6y96eePDKk/94+r7z104tuRtFxC8KH3zr3AOey9m8O1p1yLzmet3nSYvPk974b2Copy2EsPyCWU8+8S/vP1+xvvm/HDh2+W1vPrb8Jwc9MGvEFzZc8uWNb717VMH8v6W0+X9F6rbLB3FjzhsQwvCcjfto3PwTBySfgzmB5FNyYGEgOeW+vr7oJycAAABsb9nDHdnjBe2Z2+SC8PQ8uTB/y1bmj8crJnSbv9R+DxzzD9879KrXv/H19btf/ujSp9b9pzdfOWLaoQ9senrFytebj/380wXz/9aPnv/3TXXT+X/n/9lBnP/v1s5+KLpv+oFF23QouqA6dgjn/7u1s7/bnP/vlvP/zv93x/n/Hjj/362d/Wkr2Euaa6crhNA64Ibbf1E7fXi/K8751oy1P3/6naZxL9Sde/Sd/+PwxeGa81b9uWD+P7e0+b/1/7pftC+7/l9rsfX/5hZb/2+R9f8AAIAdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fVq//V3vS2Se9Uv/WXtdMvP0/3zn9wudPOvHZffs8f8LtJ9w08urhL315Q8H8f1Fp8//4cuiX23pvWf9v6OQiVS2JgbkWBgQAAGBnVOwAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ+uFQ8u/uLmxfscdNOzn7/p8H9dtmbW3r86YPPoMSc3Dl88sOzKv/uXtwYtWPhG26Qzr22ZvvyaDSuXhtDeVa4sKV720KDy8tF/OOau2654uGna4CnnVmfqrczcfjEvd2z1w/oQluU8UhcTG+s772wJTDnm1oUVnYlH60PYJzcw+/zZn+tM3Fgfwn65gVVT9x/cmTg/XeK+Fw9/rTMxLR04asQu73UmxmcCZenuXtc/6W5ZuruX9Q9hQE4g291v98+vKtvGf8wEytNt3FyXtBEDdbHoj+qSNmKgI5Zo7xvCyIoQ+qSr+nV1UlWfdFV/X51U1Sdd1X+tDmF8CKEiXdWLVUlVFemRr61KqoqB3fb+6aZhnYllVSGMzA08883rx3QmTk8Fso1/vSqEIZ0vmXTjd1QmjVemG7+qMoQ9QwhV6RL/WpGUqEqXeKUihIE5gWzjp1aEsDDwmRA/fGbmPjhv4dmzp3d0tJ2xAxNVmbZqwqz2jrbGGXM6Zlan+lRMWU5683kff+zPbzpnRuft1CG3Dy8lXZEpV9nV5ebKvLujd/bex37V5lay5fkoqD/mrwr9Qt8F89rOaDxr+vz5Z4xK/paavTn52ycTTbbVqN6yrfbLrWTk/NPmjpy38OwR7adNP6XtlLbvNI8d1dw85qtjxzSP7BxVU/J3ewz1+k9+qLtX5FTySXwASEhI9LZEed6nW9PO/kFesKO/paOVobrrA7pgWpGbpaxrlNtj0Id9zBF/nP2UHkc0qmDiUJCluecsowsmE1uy1CRZuvbrCiaHuTWVd23SeL88NDb2KbYdGvLv5m7et7Zh867LbLpS0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/jx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQeOBQAAAACE+VuH0bMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcCgAA//9aTM01")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
symlink(0x0, 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
rename(&(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r0, &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

3.454763878s ago: executing program 4 (id=1016):
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
removexattr(0x0, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000000))
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r4, 0x6, 0x21, &(0x7f0000000100)="c44060c1d081382bc2cc31ff94e37574", 0x10)
listen(r4, 0x0)
shutdown(r4, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r6 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x0)
keyctl$KEYCTL_MOVE(0x1e, 0x0, r6, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x50}}, 0x0)

2.532126388s ago: executing program 4 (id=1017):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2804018, &(0x7f0000000a40), 0x6, 0x763, &(0x7f0000000280)="$eJzs3M9rHGUfAPDvTLNNf+R9Ny+88L56EKGFFkonSXNpT40Xb4VCwWsNySSETLIhu6ndWLD1H9D2oiCIevboVSj1D/AmBQXvomiNB/GyMpsfpTG73TRJt6SfD0z2+8zOPN/nmx2e7ECeCeCl9Xr5I4kYioirEVFN1venEXG0HR2LuL1+3NqjW1PllkSrde3XpDwt1lrVymZfG6fGyWifEv+PiAeViHPv/zNvvbk6P1kU+fJGe6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/++2b9+5991Xjg9cGzicx0a47NmrrsZtdWf+dVGJi2/7Fg0jWR0m/BwAAQE/K7/lHImKg/S21GkfaEQAAAHCYtAZbAAAAwKGXRL9HAAAAAByszf8D2Fzbe1DrYDv55Y2IGN4p/0B7DXHEsahExIm15ImVCcn6abAnt+9ExP2J7dffF+UVdnuPfY9uaz+5RvroHntnP9wv55+JneafdGv+iR3mn4HNZyfsUef573H+Ix3mv6s95vj601cqHfPfiXh1YKf8yVb+pEP+t3vM//MOz3/Y1Po84syOf3+SJ3J1eT7ExMxc0fXxAw/+OvuwW/0nOuVPute/1GP97679Pt9pLinznz3V/fPfKX95TXy4MY40Iu5uvJbte9tynFr4/ptu9U9HtJ7l8/+sx/p//HLwZo+HAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQFsaEUORpNlWnKZZFnEyIv4bJ9KiVm+cm6mtLE6X70UMRyWdmSvy0YiorreTsj3Wjh+3L2xrj0fEf344vp50rsizqVox3e/iAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2HIyIoYiSbOISCPij2qaZlnEQA/nDj6H8QEAAAD7ZLjfAwAAAAAOnPt/AAAAOPye9f4/2edxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIfa1StXyq219ujWVNmevtFcma/dOD+d1+ezhZWpbKq2vJTN1mqzRZ5N1Rae1l9Rqy2NXYqVmyONvN4YqTdXry/UVhYb1+cWJmfz63nluVQFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAbg21tyTNIiJtx2maZRH/iojhqCQzc0U+GhH/joiH1cpg2R7r96ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYd/Xm6vxkUeTLgucUJLHPHV6IiBegLsFugvci4gUYRpeg3zMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD9UG+uzk8WRb5c7/dIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6K/0pyQiyu1M9fTQ9nePJn9W268R8c4n1z66OdloLI+V+3/b2t/4eGP/hX6MHwAAAF4Kl3dz8OZ9+uZ9PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQK/qzdX5yaLIl/cWXI7maivpcEy/awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7N3wEAAP//EMDD7w==")
mkdir(0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000600)='./bus\x00', 0x1c14744, &(0x7f0000000100), 0xff, 0x490, &(0x7f0000000f40)="$eJzs3M9vFFUcAPDvTLf8VFoRf4AkVtHY+KOlBZSDHjSaeNBEowc81rYQZKGG1kQI0WIMHg2Jd+PRxL/Akyejnky8eNC7ISFKTAAvrpndmba77lT6cxf380kW3tt5M+99++btvr632wB61lD2TxJxR0T8EhEDjWxzgaHGfzeuXZi8ee3CZBK12hu/J/Vy169dmCyKFuftzDPDaUT6cZJX0mz23PlTE9Xq9Nk8Pzp3+t3R2XPnnzp5euLE9InpM+NHjx4+NPbM0+NHms47sso4s/iu7/tgZv/el9+6/Orksctvf/9V1t40P740jvUylAX+R62u9dij611Zh/1dW4wzqXS6NdyqvojIuqu/Pv4Hoi8WO28gXvqoo40DNlT2mr21/PB8DfgfS6LTLQA6o3ijz37/zR/9mzT16ApXn2/8ApTFfiN/NI5UFtYGNvIHMhQRx+b/+jx7RMs6RK3NugEAwFp9k81/nmya/+XzjzTuXVJuV743NBgRd0XE7oi4OyL2RMQ9EfWy90XE/Susv3Vr6N/7MOmVVQV2i7L537P53lbz/K+Y/cVgX567sx5/f3L8ZHX6YP4zGY7+rVl+rN3Fi0u8+NOnZfUvnf9lj6z+Yi6YX+RKpWWBbmpibmK9JqVXL0bsq7SLP1nYCUgiYm9E7FvZpXcViZOPf7m/rNB/x7+Mddhnqn0R8Vij/+ejJf5Csvz+5Oi2qE4fHG3cFX1t6vjhx0uvldW/pvjXQdb/O5rv/5YSA38mS/drZ1dex6VfPyndW62s8v7fkrxZ39Pdkj/3/sTc3NmxiC3JK/V80/Pji+cW+aJ8Fv/wgfbjf3d+Thb/AxGxP+LnYtg9mPfdQxHxcEQcWCb+71545J2yY93Q/1NtX/8W7v/B5v5feaLv1Ldfl9XfGn+S5xdLZP1/uJ4azp+pv/7ltpdct7w52/ISq72bAQAA4PaT1j8bn6QjC+k0HRlpfIZ/T+xIqzOzc08cn3nvzFTjM/SD0Z8W658DS9ZDx5L5/IqN/Hi+VlwcP5SvG3/Wtz1Jojo9MjlTnepw7NDrdpaM/8xv7RazI+K5TW0hsKF8Xwt6V+v4TzvUDmDzef+H3mX8Q+8y/qF3FeP/9SXPfdhSpmQvALjNef+H3mX8Q+9aGP8XO9sOYPN5/4ee1O5L8sXfOFjDV/7XlKgs8+39Lk0Uq6Pd0p5TSURsbBWRdkekpYnI/4hFt7Rn5YmbtVWeXllmdN9qojOvRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOvtnwAAAP//aP7lHQ==")
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
setsockopt$inet_tcp_int(r5, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r5, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
sendto$inet(r5, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0)
splice(r5, 0x0, r4, 0x0, 0x7ffff041, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000480))

2.260362032s ago: executing program 0 (id=1019):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'vlan0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608eee812002c001e0089e9aaa911d7c2290f0088481327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548", 0x36, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

2.183680479s ago: executing program 0 (id=1020):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f0000000400)={[{@dioread_lock}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@noquota}, {@mb_optimize_scan}, {@barrier_val}, {@grpjquota}, {@jqfmt_vfsold}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
open(0x0, 0x14927e, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
ftruncate(r0, 0x2007ffb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r0, 0x0)
r1 = open(&(0x7f0000000f00)='./bus\x00', 0x161142, 0x6)
r2 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x1000000201005)
r3 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0xfe33)

1.778856324s ago: executing program 2 (id=1021):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000001c0), 0x10, 0x0, r2}, 0x90)
write$cgroup_devices(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1e030600f7ff980128846360864666702c1ffe80"], 0xffdd)

1.558945803s ago: executing program 0 (id=1022):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001"], 0x68}}, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, 0x0, 0x0)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72)

1.558578294s ago: executing program 4 (id=1023):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26}, 0x10)
sendmsg$inet(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000780)='}', 0x1}], 0x1}, 0x20008855)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f00000002c0)=r0}, 0x20)
sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000440)='>', 0x1}], 0x1}, 0x0)

1.391722458s ago: executing program 1 (id=1024):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000400)=0xa4, 0x4)
syz_emit_ethernet(0x6a, &(0x7f0000000d80)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "828bf7", 0x34, 0x3a, 0x0, @private0, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x3a, 0x0, @private1, @ipv4={'\x00', '\xff\xff', @empty}, [], "1e520b4c"}}}}}}}, 0x0)
recvmmsg(r0, &(0x7f0000002780)=[{{0x0, 0xfffffffffffffde1, 0x0}}], 0x1, 0x2140, 0x0)

1.226738552s ago: executing program 4 (id=1025):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, 0x0, 0xc0448a4)

1.164113348s ago: executing program 0 (id=1026):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x6, 0x6, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)=r1}, 0x20)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000740)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)

1.052254888s ago: executing program 1 (id=1027):
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
removexattr(0x0, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000000))
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r4, 0x6, 0x21, &(0x7f0000000100)="c44060c1d081382bc2cc31ff94e37574", 0x10)
listen(r4, 0x0)
shutdown(r4, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r6 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x0)
keyctl$KEYCTL_MOVE(0x1e, 0x0, r6, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x50}}, 0x0)

1.020598991s ago: executing program 0 (id=1028):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000140)={0x0, 0x1d, '\x00', [@jumbo, @hao={0xc9, 0x10, @mcast1}, @generic={0x0, 0xce, "a7be576ed1e5bf657f6063d566864399c1260792f542eb0e33a63d130426e99a4e97726f32ee613984ca1a128db21c468cfb2a9d976d25db771f9ba74d91a08d458bbd2c99032ebcef624194afa6c6970c11deb7bfa9590f69af962c2628cb28fb4421265c92791404f28c65d4b06e0143ca61090c2006428e0da55b2dc8f229a87e82690a73cbf303d10baffecf486f7a0055a94b414e4f463cdd5ff2c59d5c3b4d37e79ab72c44b07acbb2429e21eb81d4e63e5630ae6097c5d27b95fa67be39b2950f189befeb34fb1696792d"}]}, 0xf0)
listen(r0, 0x6)
syz_emit_ethernet(0x92, &(0x7f0000000040)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "101040", 0x5c, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x17, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x5, "03c0ab"}, @window={0x3, 0x3}, @mss={0xfe, 0x4}, @sack_perm={0x4, 0x2}, @generic={0x0, 0xa, "8bfbd54ae56dd076"}, @timestamp={0x8, 0xa}, @sack_perm={0x4, 0x2}, @md5sig={0x13, 0x12, "7232407c80067615774fdbb46eb86cc8"}, @generic={0x0, 0xa, "111fad2ea7434823"}, @exp_fastopen={0xfe, 0x5, 0xf989, "b4"}]}}}}}}}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.bfq.io_queued\x00', 0x26e1, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r1, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x8, 0x10, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa}]}}}}}}}, 0x0)
accept4(r1, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000001b00)=ANY=[@ANYBLOB="68010000", @ANYRES16=r5, @ANYBLOB="01002cbd7000000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="49013300d00002000802110000010802110000005050505050500000000007264b060101a6ccc8abc349272ca9f6d2c245fb5f41c6d9ff2d9b25a00416bdc54aaf1d4a6632de092066f62d5f02a7279b910209ad0f9d00cfc0f62a3fc612ac783c9b8e1298316694ad0e9aac269d05c10e5915a4710090fb35ceec9033748809f19c590ba7ab2b4a3bdac10085a419942d861ff3e03a2594f57d79d972939cd1ec6fb82069a32817f0c2f5edfbf707e7b47608b9822fef9262fc0000490ead474b2a59254533fd409785869d9dab21430d2cf7695ee38e3e44a6af76dd256ef5a42825b945fda019d6f7ab3a99ea3b750e65106958e9ce1c3aa391037ec2a74b995240edb4c5a4d5926d2eab08851ca67338314b165f309b1abcc1b907822e04b45ad2fa0263acf205d297398bc16cd87e2f0ec03f106fc1df86ed000000702b2e8019a6d1063d30eaafdcc8329168b58f471ffb4cc92117bf0399d9fd74f064f2c1520e1089c5bc2e464abf9e58fabbab6636a47948893c519bf1ba515a24c26ebeecb30c9c5b00"/405], 0x168}}, 0x0)
sendmsg$NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x14, r5, 0x800, 0x70bd26, 0x25dfdbfc, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000380), r3)
sendmsg$BATADV_CMD_SET_HARDIF(r3, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000040)={&(0x7f0000000300)={0x54, r7, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xfffffff8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x7fff}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x40}, 0x8040)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r9, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0)

1.019669501s ago: executing program 4 (id=1029):
syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x8031, 0xffffffffffffffff, 0x5d52e000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
ioctl$SIOCGETNODEID(0xffffffffffffffff, 0x89e1, 0x0)
sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, 0x0, 0x0)

138.662888ms ago: executing program 3 (id=1030):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'vlan0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608eee812002c001e0089e9aaa911d7c2290f0088481327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c", 0x3f, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

80.269353ms ago: executing program 1 (id=1031):
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000000)=[@in], 0x10)
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r0, 0x0, 0x0, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x76, &(0x7f0000000140)=@assoc_value={r2}, 0x8)

11.152739ms ago: executing program 1 (id=1032):
syz_mount_image$udf(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x18008, &(0x7f0000000000)=ANY=[], 0xfe, 0x4b1, &(0x7f0000000140)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x4c02, &(0x7f0000000140))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)

0s ago: executing program 0 (id=1033):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f0000000400)={[{@dioread_lock}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@noquota}, {@mb_optimize_scan}, {@barrier_val}, {@grpjquota}, {@jqfmt_vfsold}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
open(0x0, 0x14927e, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
ftruncate(r0, 0x2007ffb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r0, 0x0)
r1 = open(&(0x7f0000000f00)='./bus\x00', 0x161142, 0x6)
r2 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x1000000201005)
r3 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0xfe33)

kernel console output (not intermixed with test programs):

6 using dummy_hcd
[  133.729146][ T4829] journal_path: Lookup failure for './bus'
[  133.760111][ T4827] loop3: detected capacity change from 0 to 40427
[  133.796080][ T4829] EXT4-fs: error: could not find journal device path
[  133.796077][ T4827] F2FS-fs (loop3): Invalid segment/section count (31 != 24 * 1)
[  133.796101][ T4827] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  133.837621][ T4834] loop2: detected capacity change from 0 to 512
[  133.837709][ T4827] F2FS-fs (loop3): invalid crc value
[  133.868631][ T4827] F2FS-fs (loop3): Found nat_bits in checkpoint
[  133.917711][ T4827] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  133.924953][ T4827] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  133.938052][ T4827] syz.3.280: attempt to access beyond end of device
[  133.938052][ T4827] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  134.076689][ T4836] loop0: detected capacity change from 0 to 2048
[  134.379793][ T4836] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  134.393811][ T4834] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  134.431129][ T4834] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038 (0x7fffffff)
[  134.586368][    T7] usb 2-1: Using ep0 maxpacket: 16
[  134.596708][ T4299] syz-executor: attempt to access beyond end of device
[  134.596708][ T4299] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  134.694644][   T27] audit: type=1800 audit(1725743940.326:14): pid=4836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.283" name="file2" dev="loop0" ino=16 res=0 errno=0
[  134.741174][    T7] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  134.764960][    T7] usb 2-1: config 0 has no interfaces?
[  134.824153][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  134.841824][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  134.941176][    T7] usb 2-1: New USB device found, idVendor=0456, idProduct=f000, bcdDevice=f3.7f
[  134.971477][    T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.979671][    T7] usb 2-1: Product: syz
[  134.990061][    T7] usb 2-1: Manufacturer: syz
[  134.994874][    T7] usb 2-1: SerialNumber: syz
[  135.026820][    T7] usb 2-1: config 0 descriptor??
[  135.814520][   T22] usb 2-1: USB disconnect, device number 16
[  135.924688][ T4854] loop0: detected capacity change from 0 to 2048
[  136.067974][ T4854] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  136.086912][ T4854] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038 (0x7fffffff)
[  136.531960][ T4872] netlink: 8 bytes leftover after parsing attributes in process `syz.1.291'.
[  136.760959][    T7] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  136.991184][    T7] usb 5-1: device descriptor read/64, error -71
[  137.013497][ T4883] overlayfs: missing 'lowerdir'
[  137.183269][ T4882] loop2: detected capacity change from 0 to 40427
[  137.201231][ T4882] F2FS-fs (loop2): Invalid segment/section count (31 != 24 * 1)
[  137.208908][ T4882] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  137.219082][ T4882] F2FS-fs (loop2): invalid crc value
[  137.252856][ T4882] F2FS-fs (loop2): Found nat_bits in checkpoint
[  137.281650][    T7] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  137.303369][ T4882] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  137.310453][ T4882] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  137.325296][ T4882] syz.2.295: attempt to access beyond end of device
[  137.325296][ T4882] loop2: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  137.502207][    T7] usb 5-1: device descriptor read/64, error -71
[  137.642503][    T7] usb usb5-port1: attempt power cycle
[  137.780863][ T3646] syz-executor: attempt to access beyond end of device
[  137.780863][ T3646] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  138.160908][    T7] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  138.191751][ T4889] loop3: detected capacity change from 0 to 512
[  138.259609][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  138.286645][    T7] usb 5-1: device descriptor read/8, error -71
[  138.296003][ T4889] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  138.326106][ T4889] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038 (0x7fffffff)
[  138.384283][ T4895] loop1: detected capacity change from 0 to 2048
[  138.439381][ T4895]  loop1: p3 < > p4 < >
[  138.467729][ T4895] loop1: partition table partially beyond EOD, truncated
[  138.479497][ T4897] loop0: detected capacity change from 0 to 512
[  138.492341][ T4895] loop1: p3 start 4284289 is beyond EOD, truncated
[  138.502747][ T4897] journal_path: Lookup failure for './bus'
[  138.508604][ T4897] EXT4-fs: error: could not find journal device path
[  138.577283][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  138.597399][ T4895] __loop_clr_fd: partition scan of loop1 failed (rc=-16)
[  138.602755][    T7] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  138.604955][ T3631] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  138.638992][ T4895] loop1: detected capacity change from 0 to 2048
[  138.645891][ T3631] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  138.694230][ T4897] loop0: detected capacity change from 0 to 2048
[  138.701841][ T3631] Buffer I/O error on dev loop1p4, logical block 0, async page read
[  138.721596][ T4897] EXT4-fs error (device loop0): __ext4_fill_super:5399: inode #2: comm syz.0.299: casefold flag without casefold feature
[  138.740989][    T7] usb 5-1: device descriptor read/8, error -71
[  138.766576][ T4897] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  138.800157][ T4897] EXT4-fs (loop0): Errors on filesystem, clearing orphan list.
[  138.830151][ T4897] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  138.871099][    T7] usb usb5-port1: unable to enumerate USB device
[  138.979419][ T3631] udevd[3631]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  138.981222][ T4893] loop2: detected capacity change from 0 to 40427
[  139.056932][ T4893] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  139.067965][ T4893] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  139.083548][ T4893] F2FS-fs (loop2): invalid crc value
[  139.133329][ T4893] F2FS-fs (loop2): Found nat_bits in checkpoint
[  139.175208][ T4909] loop1: detected capacity change from 0 to 512
[  139.219404][ T4909] EXT4-fs (loop1): 1 truncate cleaned up
[  139.221787][ T4893] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  139.234488][ T4893] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  139.235993][ T4909] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  139.657608][ T4918] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.304: Directory hole found for htree leaf block 0
[  140.059346][ T4932] netlink: 8 bytes leftover after parsing attributes in process `syz.3.310'.
[  140.225771][ T4930] loop2: detected capacity change from 0 to 40427
[  140.230444][ T4934] loop4: detected capacity change from 0 to 512
[  140.250722][ T4930] F2FS-fs (loop2): Invalid segment/section count (31 != 24 * 1)
[  140.258633][ T4930] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  140.268487][ T4930] F2FS-fs (loop2): invalid crc value
[  140.282845][ T4930] F2FS-fs (loop2): Found nat_bits in checkpoint
[  140.326530][ T4930] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  140.333639][ T4930] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  140.347187][ T4930] syz.2.306: attempt to access beyond end of device
[  140.347187][ T4930] loop2: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  140.418999][ T4934] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  140.456914][ T4934] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038 (0x7fffffff)
[  140.801730][ T3646] syz-executor: attempt to access beyond end of device
[  140.801730][ T3646] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  140.876514][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  141.008386][ T4941] loop4: detected capacity change from 0 to 512
[  141.079225][ T4941] EXT4-fs (loop4): 1 truncate cleaned up
[  141.097115][ T4941] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  141.287440][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  141.431329][ T4944] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.313: Directory hole found for htree leaf block 0
[  141.989851][ T4949] loop2: detected capacity change from 0 to 2048
[  142.048641][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  142.080392][ T4949] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  142.100998][ T4949] ext4 filesystem being mounted at /59/file0 supports timestamps until 2038 (0x7fffffff)
[  142.186292][ T4953] loop4: detected capacity change from 0 to 512
[  142.198707][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  142.225708][ T4953] EXT4-fs (loop4): 1 truncate cleaned up
[  142.263263][ T4955] loop1: detected capacity change from 0 to 512
[  142.270934][ T4953] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  142.426997][ T4959] loop0: detected capacity change from 0 to 512
[  142.487554][ T4955] EXT4-fs (loop1): 1 truncate cleaned up
[  142.513809][ T4955] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  142.528568][ T4959] EXT4-fs (loop0): 1 truncate cleaned up
[  142.544797][ T4959] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  142.690862][ T4962] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.316: Directory hole found for htree leaf block 0
[  142.900142][ T4968] EXT4-fs error (device loop0): ext4_add_entry:2484: inode #2: comm syz.0.317: Directory hole found for htree leaf block 0
[  143.512948][ T4970] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.315: Directory hole found for htree leaf block 0
[  143.720796][    C0] sched: RT throttling activated
[  144.179496][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  144.221186][   T14] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  144.393084][ T4974] loop0: detected capacity change from 0 to 1024
[  144.417841][ T4975] overlayfs: missing 'lowerdir'
[  144.456391][ T4974] EXT4-fs: Ignoring removed nomblk_io_submit option
[  144.488334][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  144.509248][ T4974] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  144.518289][   T14] usb 4-1: Using ep0 maxpacket: 8
[  144.650964][   T14] usb 4-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  144.670876][   T14] usb 4-1: config 179 has 0 interfaces, different from the descriptor's value: 1
[  144.690346][   T14] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  144.710902][   T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.851053][ T3684] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  145.070513][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  145.184522][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  145.317008][ T4984] loop1: detected capacity change from 0 to 40427
[  145.324761][ T4984] F2FS-fs (loop1): Invalid segment/section count (31 != 24 * 1)
[  145.332543][ T4984] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  145.371429][ T4984] F2FS-fs (loop1): invalid crc value
[  145.390930][ T3684] usb 1-1: Using ep0 maxpacket: 32
[  145.399154][ T4984] F2FS-fs (loop1): Found nat_bits in checkpoint
[  145.442356][ T4984] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  145.449442][ T4984] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  145.463265][ T4984] syz.1.322: attempt to access beyond end of device
[  145.463265][ T4984] loop1: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  145.751337][ T3684] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  145.786204][ T4988] loop4: detected capacity change from 0 to 512
[  145.800356][ T3684] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  145.870454][ T3684] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  145.895820][ T3684] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.938092][ T4988] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  145.958664][ T3684] usb 1-1: config 0 descriptor??
[  145.972129][ T4988] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038 (0x7fffffff)
[  146.011925][ T3684] hub 1-1:0.0: bad descriptor, ignoring hub
[  146.017879][ T3684] hub: probe of 1-1:0.0 failed with error -5
[  146.056818][ T3684] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  146.077867][   T22] usb 4-1: USB disconnect, device number 6
[  146.089886][ T3643] syz-executor: attempt to access beyond end of device
[  146.089886][ T3643] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  146.115890][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  146.241424][ T5001] loop2: detected capacity change from 0 to 512
[  146.385584][ T5001] EXT4-fs (loop2): 1 truncate cleaned up
[  146.395179][ T5001] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  147.196659][ T5007] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.328: Directory hole found for htree leaf block 0
[  147.559112][ T4619] usb 1-1: USB disconnect, device number 9
[  147.646241][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  147.654242][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  147.796706][ T5018] netlink: 8 bytes leftover after parsing attributes in process `syz.4.329'.
[  147.879373][   T27] audit: type=1326 audit(1725743953.506:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5022 comm="syz.0.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  147.903238][ T5024] loop1: detected capacity change from 0 to 512
[  147.953611][   T27] audit: type=1326 audit(1725743953.506:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5022 comm="syz.0.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  147.958290][ T5026] loop3: detected capacity change from 0 to 2048
[  147.982815][   T27] audit: type=1326 audit(1725743953.506:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5022 comm="syz.0.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  147.982852][   T27] audit: type=1326 audit(1725743953.506:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5022 comm="syz.0.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  147.982875][   T27] audit: type=1326 audit(1725743953.506:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5022 comm="syz.0.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  148.064121][ T5028] netlink: 20 bytes leftover after parsing attributes in process `syz.2.336'.
[  148.114301][ T5024] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 33619980: comm syz.1.334: invalid block
[  148.190863][ T5026] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  148.199517][ T5026] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038 (0x7fffffff)
[  148.232833][ T5024] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.334: attempt to clear invalid blocks 1024 len 1
[  148.268521][ T5024] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[  148.292639][ T5024] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.334: invalid indirect mapped block 1819213824 (level 0)
[  148.307327][ T5024] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.334: invalid indirect mapped block 33554432 (level 2)
[  148.347338][ T5024] EXT4-fs (loop1): 1 truncate cleaned up
[  148.370550][ T5024] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  149.140259][ T5038] loop0: detected capacity change from 0 to 40427
[  149.153051][ T5039] overlayfs: missing 'lowerdir'
[  149.244123][ T5038] F2FS-fs (loop0): Invalid segment/section count (31 != 24 * 1)
[  149.251969][ T5038] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  149.275870][ T5038] F2FS-fs (loop0): invalid crc value
[  149.353923][ T5035] loop2: detected capacity change from 0 to 512
[  149.453800][ T5038] F2FS-fs (loop0): Found nat_bits in checkpoint
[  149.513575][ T5038] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  149.520962][ T5038] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  149.535023][ T5038] syz.0.337: attempt to access beyond end of device
[  149.535023][ T5038] loop0: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  149.753663][ T5035] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038 (0x7fffffff)
[  149.972766][ T3644] syz-executor: attempt to access beyond end of device
[  149.972766][ T3644] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  150.495754][ T4619] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  150.553274][ T5064] loop4: detected capacity change from 0 to 512
[  150.607645][ T5064] ext4 filesystem being mounted at /74/bus supports timestamps until 2038 (0x7fffffff)
[  150.741706][ T4619] usb 4-1: Using ep0 maxpacket: 8
[  151.001021][ T4619] usb 4-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  151.017516][ T4619] usb 4-1: config 179 has 0 interfaces, different from the descriptor's value: 1
[  151.028954][ T5076] Cannot find set identified by id 0 to match
[  151.050984][ T4619] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  151.067793][ T5082] loop4: detected capacity change from 0 to 2048
[  151.095897][ T4619] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.170524][ T5082] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038 (0x7fffffff)
[  151.253247][ T5091] loop2: detected capacity change from 0 to 512
[  151.288151][ T5091] EXT4-fs error (device loop2): ext4_orphan_get:1422: comm syz.2.353: bad orphan inode 15
[  151.624238][ T5091] ext4_test_bit(bit=14, block=5) = 0
[  151.693216][ T5092] loop1: detected capacity change from 0 to 40427
[  151.705216][ T5092] F2FS-fs (loop1): Invalid segment/section count (31 != 24 * 1)
[  151.712967][ T5092] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  151.734208][ T5097] overlayfs: missing 'lowerdir'
[  151.800847][ T5092] F2FS-fs (loop1): invalid crc value
[  151.975020][ T5092] F2FS-fs (loop1): Found nat_bits in checkpoint
[  152.019474][ T5092] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  152.026695][ T5092] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  152.040298][ T5092] syz.1.352: attempt to access beyond end of device
[  152.040298][ T5092] loop1: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  152.267932][ T3639] EXT4-fs unmount: 8 callbacks suppressed
[  152.267949][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  152.521145][ T3643] syz-executor: attempt to access beyond end of device
[  152.521145][ T3643] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  152.542979][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  152.791999][ T5106] netlink: 8 bytes leftover after parsing attributes in process `syz.2.356'.
[  153.520018][ T5114] loop1: detected capacity change from 0 to 512
[  153.602042][ T5114] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  153.615327][ T5114] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038 (0x7fffffff)
[  153.746836][ T5120] loop2: detected capacity change from 0 to 128
[  153.759190][ T5120] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  153.780566][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  153.800103][ T5120] ext4 filesystem being mounted at /71/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  154.024083][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  154.245577][ T5131] loop4: detected capacity change from 0 to 2048
[  154.403550][ T5131] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  154.432682][ T5131] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038 (0x7fffffff)
[  154.466924][ T5136] loop2: detected capacity change from 0 to 40427
[  154.475630][ T5136] F2FS-fs (loop2): Invalid segment/section count (31 != 24 * 1)
[  154.483407][ T5136] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  154.487973][   T26] usb 4-1: USB disconnect, device number 7
[  154.500058][ T5136] F2FS-fs (loop2): invalid crc value
[  154.527701][ T5136] F2FS-fs (loop2): Found nat_bits in checkpoint
[  154.624060][ T5136] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  154.632087][ T5136] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  154.645565][ T5136] syz.2.365: attempt to access beyond end of device
[  154.645565][ T5136] loop2: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  154.827761][ T5148] overlayfs: missing 'lowerdir'
[  155.354666][ T3646] syz-executor: attempt to access beyond end of device
[  155.354666][ T3646] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  155.385711][ T5155] netlink: 8 bytes leftover after parsing attributes in process `syz.3.371'.
[  155.425342][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  155.906649][   T27] audit: type=1326 audit(1725743961.536:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5162 comm="syz.0.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  155.949368][   T27] audit: type=1326 audit(1725743961.576:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5162 comm="syz.0.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  156.009925][ T5163] loop4: detected capacity change from 0 to 512
[  156.011820][   T27] audit: type=1326 audit(1725743961.616:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5162 comm="syz.0.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  156.064938][ T5168] netlink: 'syz.1.377': attribute type 3 has an invalid length.
[  156.083644][ T5168] netlink: 16 bytes leftover after parsing attributes in process `syz.1.377'.
[  156.092913][   T27] audit: type=1326 audit(1725743961.616:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5162 comm="syz.0.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  156.092949][   T27] audit: type=1326 audit(1725743961.616:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5162 comm="syz.0.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  156.092976][   T27] audit: type=1326 audit(1725743961.616:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5162 comm="syz.0.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  156.093003][   T27] audit: type=1326 audit(1725743961.616:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5162 comm="syz.0.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  156.093028][   T27] audit: type=1326 audit(1725743961.616:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5162 comm="syz.0.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  156.224306][ T5175] tmpfs: Unknown parameter 'noswap'
[  156.248035][ T5163] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  156.285488][ T5163] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038 (0x7fffffff)
[  156.290696][ T5179] loop3: detected capacity change from 0 to 128
[  156.319321][   T27] audit: type=1326 audit(1725743961.616:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5162 comm="syz.0.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  156.342573][   T27] audit: type=1326 audit(1725743961.616:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5162 comm="syz.0.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8237f7cef9 code=0x7ffc0000
[  156.345330][ T5179] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  156.687364][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  156.706767][ T5182] loop1: detected capacity change from 0 to 40427
[  156.708560][ T5179] ext4 filesystem being mounted at /28/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  156.730714][ T5187] loop2: detected capacity change from 0 to 2048
[  156.761841][ T5182] F2FS-fs (loop1): Invalid segment/section count (31 != 24 * 1)
[  156.769568][ T5182] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  156.797287][ T5182] F2FS-fs (loop1): invalid crc value
[  156.817144][ T5182] F2FS-fs (loop1): Found nat_bits in checkpoint
[  156.846116][ T5187] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  156.860359][    T7] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  156.878690][ T5187] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038 (0x7fffffff)
[  156.886287][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  156.899504][ T5182] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  156.906654][ T5182] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  156.922498][ T5182] syz.1.381: attempt to access beyond end of device
[  156.922498][ T5182] loop1: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  157.304727][ T5197] overlayfs: missing 'lowerdir'
[  158.111161][    T7] usb 1-1: Using ep0 maxpacket: 8
[  158.211752][ T3763] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.291136][    T7] usb 1-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  158.313292][    T7] usb 1-1: config 179 has 0 interfaces, different from the descriptor's value: 1
[  158.345322][    T7] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  158.368793][    T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.506685][ T3684] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.511254][ T3643] syz-executor: attempt to access beyond end of device
[  158.511254][ T3643] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  158.554478][ T5201] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.563382][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.580401][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  158.581436][ T5201] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.594714][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.621059][ T5201] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.629793][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.674512][ T5201] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.683028][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.933770][ T5214] netlink: 8 bytes leftover after parsing attributes in process `syz.3.391'.
[  159.538933][ T5220] loop1: detected capacity change from 0 to 128
[  159.616447][ T5220] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  159.680660][ T5220] ext4 filesystem being mounted at /76/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  159.977267][ T5228] loop3: detected capacity change from 0 to 512
[  159.999438][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  160.073888][ T5228] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  160.120731][ T5228] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038 (0x7fffffff)
[  160.170353][ T5238] loop1: detected capacity change from 0 to 736
[  160.456919][ T5237] loop2: detected capacity change from 0 to 40427
[  160.464628][ T5237] F2FS-fs (loop2): Invalid segment/section count (31 != 24 * 1)
[  160.473263][ T5237] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  160.483907][ T5237] F2FS-fs (loop2): invalid crc value
[  160.515778][ T5237] F2FS-fs (loop2): Found nat_bits in checkpoint
[  160.519133][ T5241] loop4: detected capacity change from 0 to 2048
[  160.556999][ T5237] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  160.563863][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  160.564265][ T5237] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  160.583952][ T5237] syz.2.398: attempt to access beyond end of device
[  160.583952][ T5237] loop2: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  160.741203][ T5241] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  160.766797][ T5241] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038 (0x7fffffff)
[  160.772026][ T5247] loop1: detected capacity change from 0 to 128
[  160.807244][ T5247] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  160.839518][ T5247] ext4 filesystem being mounted at /78/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  161.366306][ T5254] overlayfs: missing 'lowerdir'
[  161.754297][ T3646] syz-executor: attempt to access beyond end of device
[  161.754297][ T3646] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  161.801831][ T5255] loop3: detected capacity change from 0 to 512
[  161.856146][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  161.860353][ T5255] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  161.883891][ T5255] EXT4-fs (loop3): 1 truncate cleaned up
[  161.892023][ T5255] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  162.019609][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  162.035771][ T3684] usb 1-1: USB disconnect, device number 10
[  162.337448][ T5265] netlink: 8 bytes leftover after parsing attributes in process `syz.1.406'.
[  162.482207][ T5270] process 'syz.4.409' launched './file0' with NULL argv: empty string added
[  162.492958][ T5267] loop0: detected capacity change from 0 to 512
[  162.578644][ T5267] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  162.593754][ T5267] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038 (0x7fffffff)
[  162.750595][ T5280] loop4: detected capacity change from 0 to 512
[  162.767489][ T5281] netlink: 4 bytes leftover after parsing attributes in process `syz.2.412'.
[  162.830552][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  162.853003][ T5281] netlink: 4 bytes leftover after parsing attributes in process `syz.2.412'.
[  162.884603][ T5280] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  162.902122][ T5280] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038 (0x7fffffff)
[  163.124101][ T5281] netlink: 4 bytes leftover after parsing attributes in process `syz.2.412'.
[  163.179994][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  163.627486][ T5292] loop2: detected capacity change from 0 to 40427
[  163.637665][ T5292] F2FS-fs (loop2): Invalid segment/section count (31 != 24 * 1)
[  163.646354][ T5292] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  163.656401][ T5292] F2FS-fs (loop2): invalid crc value
[  163.671565][ T5292] F2FS-fs (loop2): Found nat_bits in checkpoint
[  163.714575][ T5292] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  163.721707][ T5292] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  163.735655][ T5292] syz.2.415: attempt to access beyond end of device
[  163.735655][ T5292] loop2: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  163.849222][ T5298] loop4: detected capacity change from 0 to 2048
[  163.961754][ T5298] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  164.184898][ T5298] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038 (0x7fffffff)
[  164.591168][ T3646] syz-executor: attempt to access beyond end of device
[  164.591168][ T3646] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  164.672516][ T5307] net_ratelimit: 1018 callbacks suppressed
[  164.672537][ T5307] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.687103][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.700585][ T5307] overlayfs: missing 'lowerdir'
[  164.917092][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  165.139603][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  165.171158][   T26] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  165.330931][ T5314] syz.4.421 uses obsolete (PF_INET,SOCK_PACKET)
[  165.359314][ T4619] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.410894][   T26] usb 1-1: Using ep0 maxpacket: 8
[  165.456417][ T5320] loop1: detected capacity change from 0 to 512
[  165.523371][ T5320] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  165.531235][   T26] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  165.548064][   T26] usb 1-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  165.561845][   T26] usb 1-1: config 179 has no interface number 0
[  165.568664][   T26] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  165.579771][   T26] usb 1-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[  165.591044][ T5320] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038 (0x7fffffff)
[  165.593844][   T26] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  165.612284][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.790503][   T27] kauditd_printk_skb: 11 callbacks suppressed
[  165.790516][   T27] audit: type=1326 audit(1725743971.416:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5332 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88397cef9 code=0x7ffc0000
[  165.845567][   T27] audit: type=1326 audit(1725743971.446:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5332 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88397cef9 code=0x7ffc0000
[  165.918069][   T27] audit: type=1326 audit(1725743971.486:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5332 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe88397cef9 code=0x7ffc0000
[  165.954942][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  165.994891][ T4619] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.045913][   T27] audit: type=1326 audit(1725743971.486:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5332 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88397cef9 code=0x7ffc0000
[  166.138568][ T5344] loop3: detected capacity change from 0 to 2048
[  166.166338][   T27] audit: type=1326 audit(1725743971.486:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5332 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88397cef9 code=0x7ffc0000
[  166.227205][ T5341] loop2: detected capacity change from 0 to 4096
[  166.232979][ T5348] netlink: 8 bytes leftover after parsing attributes in process `syz.4.432'.
[  166.234633][   T27] audit: type=1326 audit(1725743971.496:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5332 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe88397cef9 code=0x7ffc0000
[  166.272607][ T5341] EXT4-fs: Ignoring removed nobh option
[  166.283127][   T27] audit: type=1326 audit(1725743971.496:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5332 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88397cef9 code=0x7ffc0000
[  166.308907][   T27] audit: type=1326 audit(1725743971.496:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5332 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88397cef9 code=0x7ffc0000
[  166.331608][   T27] audit: type=1326 audit(1725743971.496:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5332 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe88397cef9 code=0x7ffc0000
[  166.354141][   T27] audit: type=1326 audit(1725743971.496:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5332 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe88397cef9 code=0x7ffc0000
[  166.377530][ T5344] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  166.406558][ T5344] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038 (0x7fffffff)
[  168.011199][ T5357] overlayfs: missing 'lowerdir'
[  168.116037][ T5341] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  168.192722][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.255539][   T26] usb 1-1: USB disconnect, device number 11
[  168.259676][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  168.751738][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  168.792941][ T5373] loop1: detected capacity change from 0 to 512
[  168.876054][ T5373] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  168.941006][ T5373] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038 (0x7fffffff)
[  169.138599][ T5383] loop0: detected capacity change from 0 to 2048
[  169.238258][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  169.376165][ T5383] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  169.407545][ T5383] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038 (0x7fffffff)
[  169.476721][ T5392] netlink: 68 bytes leftover after parsing attributes in process `syz.2.446'.
[  170.343789][ T5396] overlayfs: missing 'lowerdir'
[  170.530854][   T26] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  170.690120][ T5400] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.724628][ T5400] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.776982][ T5400] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.849192][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  170.871194][   T26] usb 2-1: Using ep0 maxpacket: 8
[  170.915399][ T5406] netlink: 60 bytes leftover after parsing attributes in process `syz.3.452'.
[  170.942249][ T5408] netlink: 12 bytes leftover after parsing attributes in process `syz.0.453'.
[  170.995450][   T26] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  171.008995][   T26] usb 2-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  171.031147][   T26] usb 2-1: config 179 has no interface number 0
[  171.044323][   T26] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  171.076281][   T26] usb 2-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[  171.095488][   T26] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  171.112255][   T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.145781][ T5412] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  171.339223][ T5418] loop3: detected capacity change from 0 to 512
[  171.372855][ T5418] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  171.389136][ T5418] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038 (0x7fffffff)
[  171.421352][ T5399] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.477278][ T5399] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.614281][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  171.717702][ T5427] loop4: detected capacity change from 0 to 512
[  171.907822][ T5436] netlink: 8 bytes leftover after parsing attributes in process `syz.3.461'.
[  171.943382][ T5427] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  172.000276][ T5427] ext4 filesystem being mounted at /101/bus supports timestamps until 2038 (0x7fffffff)
[  172.156786][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  172.466362][ T5444] loop4: detected capacity change from 0 to 2048
[  172.578566][ T5444] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  172.587690][ T5444] ext4 filesystem being mounted at /102/file0 supports timestamps until 2038 (0x7fffffff)
[  172.929835][ T5456] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.938165][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.957405][ T5456] overlayfs: missing 'lowerdir'
[  173.333622][ T3684] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.439569][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  173.583612][    T7] usb 2-1: USB disconnect, device number 17
[  173.586016][ T5458] netlink: 60 bytes leftover after parsing attributes in process `syz.0.469'.
[  173.618767][ T5460] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.937384][ T5464] loop1: detected capacity change from 0 to 512
[  174.027606][ T5464] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  174.081331][ T5464] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038 (0x7fffffff)
[  174.185524][ T5472] loop4: detected capacity change from 0 to 2048
[  174.314556][ T5472] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  174.319026][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  174.385439][   T27] kauditd_printk_skb: 17 callbacks suppressed
[  174.385455][   T27] audit: type=1804 audit(1725743980.016:68): pid=5472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.475" name="/newroot/105/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  174.390297][ T5472] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.475: bg 0: block 234: padding at end of block bitmap is not set
[  174.439157][ T5472] EXT4-fs (loop4): Remounting filesystem read-only
[  174.549907][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  174.924787][ T5489] loop1: detected capacity change from 0 to 512
[  174.995505][ T5489] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  175.014920][ T5491] loop2: detected capacity change from 0 to 2048
[  175.021813][ T5489] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038 (0x7fffffff)
[  175.103121][ T5489] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  175.123073][ T5489] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 13 with max blocks 1 with error 28
[  175.131294][ T5491] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  175.136728][ T5489] EXT4-fs (loop1): This should not happen!! Data will be lost
[  175.136728][ T5489] 
[  175.159140][ T5491] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038 (0x7fffffff)
[  175.160285][ T5489] EXT4-fs (loop1): Total free blocks count 0
[  175.171167][   T27] audit: type=1804 audit(1725743980.806:69): pid=5498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.482" name="/newroot/90/file0/file1" dev="loop1" ino=15 res=1 errno=0
[  175.175318][ T5489] EXT4-fs (loop1): Free/Dirty block details
[  175.214633][ T5489] EXT4-fs (loop1): free_blocks=65280
[  175.245399][ T5489] EXT4-fs (loop1): dirty_blocks=1
[  175.250600][ T5489] EXT4-fs (loop1): Block reservation details
[  175.256691][ T5489] EXT4-fs (loop1): i_reserved_data_blocks=1
[  175.268098][ T5498] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 13 with error 28
[  175.282292][ T3684] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  175.571432][ T5503] overlayfs: missing 'lowerdir'
[  175.650941][ T3684] usb 5-1: Using ep0 maxpacket: 8
[  175.691663][ T5504] loop0: detected capacity change from 0 to 512
[  175.752706][ T3655] Bluetooth: hci1: command 0x0406 tx timeout
[  175.753279][   T48] Bluetooth: hci3: command 0x0406 tx timeout
[  175.754067][ T3654] Bluetooth: hci2: command 0x0406 tx timeout
[  175.861703][ T5508] netlink: 8 bytes leftover after parsing attributes in process `syz.3.488'.
[  175.932045][ T5504] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  175.951037][ T5504] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038 (0x7fffffff)
[  176.034881][ T3684] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  176.043567][ T3684] usb 5-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  176.072285][ T3684] usb 5-1: config 179 has no interface number 0
[  176.078593][ T3684] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  176.091882][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  176.104847][ T3684] usb 5-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[  176.127787][ T5514] loop3: detected capacity change from 0 to 2048
[  176.155769][ T3684] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  176.200556][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  176.211005][ T3684] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.228656][ T5514] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  176.287320][   T27] audit: type=1804 audit(1725743981.916:70): pid=5514 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.489" name="/newroot/55/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  176.291664][ T5520] loop0: detected capacity change from 0 to 512
[  176.329701][ T5514] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.489: bg 0: block 234: padding at end of block bitmap is not set
[  176.368106][ T5514] EXT4-fs (loop3): Remounting filesystem read-only
[  176.385657][ T5520] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  176.396890][ T5520] ext4 filesystem being mounted at /113/file1 supports timestamps until 2038 (0x7fffffff)
[  176.441351][ T5514] syz.3.489 (5514) used greatest stack depth: 18880 bytes left
[  176.451343][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  176.490984][   T26] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  176.665406][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  176.852741][   T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.881313][   T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.905295][   T26] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  176.959040][   T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.995831][   T26] usb 3-1: config 0 descriptor??
[  177.043282][   T26] usbhid 3-1:0.0: can't add hid device: -22
[  177.070195][   T26] usbhid: probe of 3-1:0.0 failed with error -22
[  177.329025][   T26] usb 3-1: USB disconnect, device number 6
[  177.511509][    T7] net_ratelimit: 6 callbacks suppressed
[  177.511527][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.538466][ T5544] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  177.609290][ T5526] loop1: detected capacity change from 0 to 40427
[  177.621983][ T5526] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  177.640924][ T5526] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  177.656786][ T5526] F2FS-fs (loop1): invalid crc value
[  177.692502][ T5526] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  177.766675][ T5526] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  177.778850][ T5526] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  178.115670][ T5555] loop0: detected capacity change from 0 to 2048
[  178.196431][ T5555] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  178.235101][ T5555] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038 (0x7fffffff)
[  178.406066][ T5561] loop3: detected capacity change from 0 to 512
[  178.477875][ T5564] loop2: detected capacity change from 0 to 2048
[  178.564382][ T5564] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  178.581709][   T14] usb 5-1: USB disconnect, device number 7
[  178.627561][ T5561] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  178.648273][ T5561] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038 (0x7fffffff)
[  178.731694][ T5569] overlayfs: missing 'lowerdir'
[  178.990949][   T27] audit: type=1804 audit(1725743984.606:71): pid=5564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.504" name="/newroot/93/file0/bus" dev="loop2" ino=18 res=1 errno=0
[  179.109483][ T5574] netlink: 8 bytes leftover after parsing attributes in process `syz.1.500'.
[  179.146241][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.171788][ T4121] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.181110][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.209620][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  179.215665][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.359054][ T5576] netlink: 12 bytes leftover after parsing attributes in process `syz.1.509'.
[  179.364217][ T5579] loop0: detected capacity change from 0 to 128
[  179.437251][   T26] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.453583][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.484892][ T5579] omfs: Invalid superblock (7b3184f9)
[  179.586572][ T3757] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.460425][ T5594] loop2: detected capacity change from 0 to 128
[  180.478225][ T5594] omfs: Invalid superblock (7b3184f9)
[  180.713896][ T5603] loop1: detected capacity change from 0 to 64
[  180.794825][ T4619] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.900653][ T5605] loop2: detected capacity change from 0 to 2048
[  180.959612][ T5587] loop4: detected capacity change from 0 to 32768
[  180.975052][ T5587] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.512 (5587)
[  181.010685][ T5605] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038 (0x7fffffff)
[  181.205340][ T5587] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  181.276151][   T14] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  181.284900][ T5587] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  181.302348][ T5587] BTRFS info (device loop4): use zlib compression, level 3
[  181.351050][ T5587] BTRFS info (device loop4): using free space tree
[  181.380323][ T5615] netlink: 8 bytes leftover after parsing attributes in process `syz.1.520'.
[  181.516378][ T5618] overlayfs: missing 'lowerdir'
[  181.770873][   T14] usb 4-1: Using ep0 maxpacket: 8
[  181.799433][ T5623] loop1: detected capacity change from 0 to 512
[  181.911344][   T14] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  181.930086][   T14] usb 4-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  181.969212][ T5623] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038 (0x7fffffff)
[  181.994738][   T14] usb 4-1: config 179 has no interface number 0
[  182.019186][ T5587] BTRFS info (device loop4): enabling ssd optimizations
[  182.032869][   T14] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  182.074535][   T14] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  182.106279][   T14] usb 4-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[  182.136621][   T14] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  182.152588][   T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.191133][ T5608] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  182.544344][ T5642] overlayfs: missing 'workdir'
[  182.918883][ T5648] loop1: detected capacity change from 0 to 2048
[  183.089621][ T5648] EXT4-fs mount: 6 callbacks suppressed
[  183.089640][ T5648] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  184.610344][   T14] net_ratelimit: 1 callbacks suppressed
[  184.610364][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  184.634508][   T27] audit: type=1804 audit(1725743990.266:72): pid=5648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.522" name="/newroot/101/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  184.657660][ T5648] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.522: bg 0: block 234: padding at end of block bitmap is not set
[  184.675643][ T3639] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  184.686514][ T5648] EXT4-fs (loop1): Remounting filesystem read-only
[  184.981909][ T5670] loop2: detected capacity change from 0 to 4096
[  184.994001][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  185.120426][ T5674] usb 4-1: USB disconnect, device number 8
[  185.162171][ T5679] loop1: detected capacity change from 0 to 128
[  185.321704][ T5679] omfs: Invalid superblock (7b3184f9)
[  185.483938][ T5682] loop0: detected capacity change from 0 to 40427
[  185.506449][ T4145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  185.515158][ T5682] F2FS-fs (loop0): Invalid segment/section count (31 != 24 * 1)
[  185.516127][ T3763] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  185.522896][ T5682] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  185.552092][ T5682] F2FS-fs (loop0): invalid crc value
[  185.560544][ T5686] loop4: detected capacity change from 0 to 512
[  185.574615][ T5686] EXT4-fs (loop4): 1 truncate cleaned up
[  185.580295][ T5686] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  185.606312][ T5686] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.535: Directory hole found for htree leaf block 0
[  185.646983][ T5682] F2FS-fs (loop0): Found nat_bits in checkpoint
[  185.908879][ T5682] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  185.916270][ T5682] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  186.067947][ T5694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.076540][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.105472][ T5682] syz.0.533: attempt to access beyond end of device
[  186.105472][ T5682] loop0: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  186.785756][   T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.966138][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  186.972079][ T5690] netlink: 8 bytes leftover after parsing attributes in process `syz.3.534'.
[  187.059774][ T5692] loop1: detected capacity change from 0 to 512
[  187.181617][ T3644] syz-executor: attempt to access beyond end of device
[  187.181617][ T3644] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  187.277789][ T5692] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  187.303092][ T5692] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038 (0x7fffffff)
[  189.033552][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.367576][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  189.670923][ T4619] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  189.921269][ T4619] usb 4-1: Using ep0 maxpacket: 8
[  190.041317][ T4619] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  190.084184][ T4619] usb 4-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  190.225768][ T4619] usb 4-1: config 179 has no interface number 0
[  190.267498][ T4619] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  190.300936][ T4619] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  190.320829][ T4619] usb 4-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[  190.340867][ T4619] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  190.360277][ T4619] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.421334][ T5725] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  190.600010][ T5736] loop2: detected capacity change from 0 to 512
[  190.670529][ T5736] EXT4-fs (loop2): 1 truncate cleaned up
[  190.687671][ T5736] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  190.748416][ T5736] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.547: Directory hole found for htree leaf block 0
[  190.754389][ T5731] loop0: detected capacity change from 0 to 32768
[  190.823890][ T5743] netlink: 8 bytes leftover after parsing attributes in process `syz.1.548'.
[  191.072388][ T4195] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  191.084697][ T5731] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.540 (5731)
[  191.284682][ T3763] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  191.619076][ T5731] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  191.823351][ T5731] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  191.857893][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  191.882939][ T5731] BTRFS info (device loop0): use zlib compression, level 3
[  191.928899][ T5731] BTRFS info (device loop0): using free space tree
[  192.247931][ T4195] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.326675][ T5731] BTRFS info (device loop0): enabling ssd optimizations
[  192.566655][ T5787] loop2: detected capacity change from 0 to 512
[  193.080603][ T5790] overlayfs: missing 'workdir'
[  194.155329][ T5787] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  194.234243][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.264912][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[  194.277207][ T5787] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038 (0x7fffffff)
[  194.420701][ T5798] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.447362][ T3644] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  194.473115][ T5798] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.482794][ T5798] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.493091][ T5798] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.502125][ T5798] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.526281][ T3684] usb 4-1: USB disconnect, device number 9
[  194.650903][ T5801] loop1: detected capacity change from 0 to 512
[  194.687378][ T5801] EXT4-fs (loop1): 1 truncate cleaned up
[  194.694300][ T5801] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  194.720206][ T5801] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.561: Directory hole found for htree leaf block 0
[  194.939886][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  194.955385][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.644404][ T5818] netlink: 8 bytes leftover after parsing attributes in process `syz.0.560'.
[  195.754889][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  196.389423][ T5837] loop3: detected capacity change from 0 to 512
[  196.457678][ T5837] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  196.466894][ T5837] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038 (0x7fffffff)
[  196.547757][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  196.654728][ T5838] loop2: detected capacity change from 0 to 32768
[  196.662431][ T5838] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.571 (5838)
[  196.672802][   T14] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  196.686695][ T5838] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  196.698417][ T5838] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  196.707542][ T5838] BTRFS info (device loop2): use zlib compression, level 3
[  196.711248][    T9] net_ratelimit: 1 callbacks suppressed
[  196.711261][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.724798][ T5838] BTRFS info (device loop2): using free space tree
[  196.737516][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.767092][ T5838] BTRFS info (device loop2): enabling ssd optimizations
[  196.931019][   T14] usb 5-1: Using ep0 maxpacket: 8
[  197.086454][ T5863] overlayfs: missing 'workdir'
[  197.523803][ T3646] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  197.541369][   T14] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  197.550257][   T14] usb 5-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  197.560853][   T14] usb 5-1: config 179 has no interface number 0
[  197.567139][   T14] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  197.578694][   T14] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  197.590176][   T14] usb 5-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[  197.603809][   T14] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  197.619930][   T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.671895][ T5840] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  197.991456][ T4195] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.412440][   T14] usb 5-1: USB disconnect, device number 8
[  199.586476][ T5878] netlink: 8 bytes leftover after parsing attributes in process `syz.0.584'.
[  199.638016][ T5876] loop1: detected capacity change from 0 to 2048
[  199.717753][ T5876] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  199.727516][ T5876] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038 (0x7fffffff)
[  200.657171][ T5887] loop0: detected capacity change from 0 to 2048
[  200.724613][ T5887] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  200.788359][   T27] audit: type=1804 audit(1725744006.416:73): pid=5887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.579" name="/newroot/130/file0/bus" dev="loop0" ino=18 res=1 errno=0
[  200.815468][ T5887] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.579: bg 0: block 234: padding at end of block bitmap is not set
[  200.865048][ T5887] EXT4-fs (loop0): Remounting filesystem read-only
[  201.140951][    T7] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  201.847382][  T102] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.856141][ T3768] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.884802][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  202.039074][ T5908] loop0: detected capacity change from 0 to 512
[  202.053105][ T5909] overlayfs: missing 'lowerdir'
[  202.113388][ T5908] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  202.135662][ T5908] ext4 filesystem being mounted at /131/file1 supports timestamps until 2038 (0x7fffffff)
[  202.369173][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  202.830379][ T5906] loop3: detected capacity change from 0 to 32768
[  202.873442][ T5906] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.588 (5906)
[  202.927833][ T5906] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  202.959615][ T5906] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  203.000881][ T5906] BTRFS info (device loop3): use zlib compression, level 3
[  203.022945][ T5906] BTRFS info (device loop3): using free space tree
[  203.065886][ T5927] netlink: 8 bytes leftover after parsing attributes in process `syz.2.592'.
[  203.113606][  T102] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.182431][ T5906] BTRFS info (device loop3): enabling ssd optimizations
[  203.443282][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  203.582659][ T5950] overlayfs: missing 'workdir'
[  204.225522][ T5954] loop1: detected capacity change from 0 to 2048
[  204.262185][ T4299] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  204.313860][ T5954] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  204.372763][ T5954] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.597: bg 0: block 234: padding at end of block bitmap is not set
[  204.374031][   T27] audit: type=1804 audit(1725744010.006:74): pid=5954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.597" name="/newroot/113/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  204.445230][ T5960] loop4: detected capacity change from 0 to 512
[  204.455601][ T5954] EXT4-fs (loop1): Remounting filesystem read-only
[  204.478715][ T5963] netlink: 8 bytes leftover after parsing attributes in process `syz.2.609'.
[  204.507419][ T5960] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  204.523165][ T5960] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038 (0x7fffffff)
[  204.566320][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  204.684117][ T5966] loop0: detected capacity change from 0 to 2048
[  204.736110][ T5966] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  204.846864][   T27] audit: type=1804 audit(1725744010.476:75): pid=5966 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.612" name="/newroot/138/file0/bus" dev="loop0" ino=18 res=1 errno=0
[  204.848757][ T5966] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.612: bg 0: block 234: padding at end of block bitmap is not set
[  204.893021][ T5966] EXT4-fs (loop0): Remounting filesystem read-only
[  204.982961][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  205.045646][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.117009][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  205.380758][ T5989] netlink: 8 bytes leftover after parsing attributes in process `syz.0.617'.
[  205.505338][ T5994] loop4: detected capacity change from 0 to 2048
[  205.546643][ T5994] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  205.561794][ T5994] ext4 filesystem being mounted at /127/file0 supports timestamps until 2038 (0x7fffffff)
[  205.615809][ T5995] device syzkaller0 entered promiscuous mode
[  205.721050][ T3720] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  205.907338][ T6000] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.916389][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.937250][ T6000] overlayfs: missing 'lowerdir'
[  205.986120][ T3720] usb 3-1: Using ep0 maxpacket: 8
[  206.111108][ T3720] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  206.119520][ T3720] usb 3-1: config 179 has no interface number 0
[  206.126288][ T3720] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  206.155157][ T3720] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  206.168036][ T3720] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  206.180507][ T3720] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  206.194282][ T3720] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  206.203845][ T3720] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.231221][ T5991] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  206.659072][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  207.603013][ T4121] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.625595][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.117443][ T6012] netlink: 8 bytes leftover after parsing attributes in process `syz.0.624'.
[  208.194158][ T6014] loop4: detected capacity change from 0 to 512
[  208.241434][ T4156] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.245221][ T6016] loop3: detected capacity change from 0 to 2048
[  208.256639][ T6014] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  208.266258][ T6014] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038 (0x7fffffff)
[  208.305635][ T6016] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  208.366213][   T27] audit: type=1804 audit(1725744013.996:76): pid=6016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.618" name="/newroot/77/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  208.426104][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  208.436979][ T4121] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm kworker/u4:10: bg 0: block 234: padding at end of block bitmap is not set
[  208.496780][    T7] usb 3-1: USB disconnect, device number 7
[  208.514817][ T4121] EXT4-fs (loop3): Remounting filesystem read-only
[  208.558867][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  208.727426][ T6011] loop1: detected capacity change from 0 to 32768
[  208.752501][ T6011] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.613 (6011)
[  208.816600][ T6011] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  208.847351][ T6011] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  208.863357][ T6011] BTRFS info (device loop1): use zlib compression, level 3
[  208.879041][ T6011] BTRFS info (device loop1): using free space tree
[  209.051844][ T6011] BTRFS info (device loop1): enabling ssd optimizations
[  209.469832][ T6055] overlayfs: missing 'workdir'
[  210.013904][ T6057] loop2: detected capacity change from 0 to 2048
[  210.034355][ T3643] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  210.106137][ T6057] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  210.160978][ T6057] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038 (0x7fffffff)
[  210.261892][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.312172][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.343284][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.401081][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.433849][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.463300][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.511078][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.105050][ T6071] device syzkaller0 entered promiscuous mode
[  211.736456][ T6081] loop0: detected capacity change from 0 to 512
[  211.809573][ T6081] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  211.828885][ T6081] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038 (0x7fffffff)
[  211.829160][ T6083] overlayfs: missing 'lowerdir'
[  212.081005][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  212.361071][ T5673] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  212.451715][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  212.605564][ T5673] usb 5-1: Using ep0 maxpacket: 8
[  212.725421][ T5673] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  212.726304][   T46] net_ratelimit: 247 callbacks suppressed
[  212.726319][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  212.733800][ T5673] usb 5-1: config 179 has no interface number 0
[  212.743492][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  212.747823][ T5673] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  212.773102][ T5673] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  212.784959][ T5673] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  212.795513][ T5673] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  212.808846][ T5673] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  212.818128][ T5673] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.843683][ T6091] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  213.362441][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.187725][ T6096] netlink: 8 bytes leftover after parsing attributes in process `syz.2.635'.
[  214.336845][ T6102] loop2: detected capacity change from 0 to 2048
[  214.428359][ T6102] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  214.477982][   T27] audit: type=1804 audit(1725744020.106:77): pid=6102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.636" name="/newroot/124/file0/bus" dev="loop2" ino=18 res=1 errno=0
[  214.805544][ T4156] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm kworker/u4:12: bg 0: block 234: padding at end of block bitmap is not set
[  214.833653][ T4156] EXT4-fs (loop2): Remounting filesystem read-only
[  214.848717][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  214.999946][ T6125] loop3: detected capacity change from 0 to 512
[  215.123407][ T6125] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  215.147707][ T6125] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038 (0x7fffffff)
[  215.181707][ T6130] loop2: detected capacity change from 0 to 2048
[  215.216803][ T6130] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  215.232286][ T6130] ext4 filesystem being mounted at /126/file0 supports timestamps until 2038 (0x7fffffff)
[  215.272186][ T5673] usb 5-1: USB disconnect, device number 10
[  215.388965][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  215.625193][ T6141] netlink: 8 bytes leftover after parsing attributes in process `syz.3.647'.
[  216.661909][ T6159] overlayfs: missing 'lowerdir'
[  216.899986][ T6158] device syzkaller0 entered promiscuous mode
[  217.004305][ T6165] loop3: detected capacity change from 0 to 2048
[  217.061346][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  217.110910][   T14] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  217.163309][ T6165] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  217.218756][   T27] audit: type=1804 audit(1725744022.846:78): pid=6165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.656" name="/newroot/86/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  217.269251][ T4121] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm kworker/u4:10: bg 0: block 234: padding at end of block bitmap is not set
[  217.296140][ T6174] loop1: detected capacity change from 0 to 2048
[  217.304665][ T4121] EXT4-fs (loop3): Remounting filesystem read-only
[  217.335502][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  217.361092][   T14] usb 1-1: Using ep0 maxpacket: 8
[  217.383435][ T6174] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  217.409912][ T6174] ext4 filesystem being mounted at /126/file0 supports timestamps until 2038 (0x7fffffff)
[  217.481158][   T14] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  217.489905][   T14] usb 1-1: config 179 has no interface number 0
[  217.496444][   T14] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  217.509819][   T14] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  217.521481][   T14] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  217.532897][   T14] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  217.548923][   T14] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  217.562673][   T14] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  217.571813][   T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.601271][ T6147] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  217.626163][   T14] xpad: probe of 1-1:179.65 failed with error -5
[  217.922021][ T6187] overlayfs: missing 'lowerdir'
[  218.353136][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  218.477700][ T3709] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.485850][ T4195] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.496700][ T5673] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.507402][ T6189] loop1: detected capacity change from 0 to 512
[  218.678821][ T6189] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  218.695139][ T6189] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038 (0x7fffffff)
[  218.895370][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  219.756194][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.910211][   T14] usb 1-1: USB disconnect, device number 12
[  220.391749][ T3766] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  220.471190][   T14] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  220.771292][   T14] usb 1-1: Using ep0 maxpacket: 8
[  220.911431][   T14] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  220.935687][   T14] usb 1-1: config 179 has no interface number 0
[  220.969114][   T14] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  220.987363][   T14] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  220.999640][   T14] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  221.019799][   T14] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  221.040465][   T14] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  221.059213][   T14] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  221.068715][   T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.111624][ T6199] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  221.138540][   T14] xpad: probe of 1-1:179.65 failed with error -5
[  221.837466][   T48] Bluetooth: hci5: command 0x0406 tx timeout
[  222.844986][ T6209] netlink: 8 bytes leftover after parsing attributes in process `syz.1.664'.
[  223.061744][ T6225] netlink: 8 bytes leftover after parsing attributes in process `syz.4.681'.
[  223.813412][ T5673] usb 1-1: USB disconnect, device number 13
[  223.897722][ T6237] loop3: detected capacity change from 0 to 512
[  223.933504][ T6234] loop1: detected capacity change from 0 to 2048
[  223.987945][ T6234] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  223.997952][ T6237] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  224.031076][ T6237] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038 (0x7fffffff)
[  224.107212][ T6246] loop2: detected capacity change from 0 to 2048
[  224.163610][ T4145] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm kworker/u4:11: bg 0: block 234: padding at end of block bitmap is not set
[  224.199531][ T6246] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  224.202111][ T4145] EXT4-fs (loop1): Remounting filesystem read-only
[  224.212309][ T6246] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038 (0x7fffffff)
[  224.217683][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  224.231483][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  224.240091][ T4120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  224.249255][ T5673] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  224.250198][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  224.553570][ T6255] overlayfs: missing 'lowerdir'
[  224.976737][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  225.038414][ T6262] device syzkaller0 entered promiscuous mode
[  226.076202][ T6281] loop2: detected capacity change from 0 to 512
[  226.126991][ T6281] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  226.136551][ T6281] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038 (0x7fffffff)
[  226.161021][   T14] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  226.248966][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  226.263743][ T6286] loop1: detected capacity change from 0 to 512
[  226.312941][ T6286] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  226.347235][ T6286] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038 (0x7fffffff)
[  226.446544][   T14] usb 5-1: Using ep0 maxpacket: 8
[  226.462606][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  226.541900][ T6293] loop1: detected capacity change from 0 to 2048
[  226.578724][   T14] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  226.587267][   T14] usb 5-1: config 179 has no interface number 0
[  226.593847][   T14] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  226.605222][   T14] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  226.607523][ T6293] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  226.618229][   T14] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  226.636673][   T14] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  226.646743][   T14] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  226.660020][   T14] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  226.669107][   T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.695476][ T6277] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  226.723095][   T14] xpad: probe of 5-1:179.65 failed with error -5
[  226.758424][ T3669] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm kworker/u4:5: bg 0: block 234: padding at end of block bitmap is not set
[  226.786082][ T3669] EXT4-fs (loop1): Remounting filesystem read-only
[  226.795417][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  227.381515][ T6304] loop2: detected capacity change from 0 to 2048
[  227.475725][ T6304] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  227.493443][ T6304] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038 (0x7fffffff)
[  227.909097][ T6310] overlayfs: missing 'lowerdir'
[  228.353428][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  228.847011][ T3766] usb 5-1: USB disconnect, device number 11
[  229.395791][ T6274] netlink: 8 bytes leftover after parsing attributes in process `syz.3.688'.
[  229.498417][ T6325] loop2: detected capacity change from 0 to 512
[  229.579071][ T6327] loop3: detected capacity change from 0 to 2048
[  229.621551][ T6327] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  229.641178][ T6325] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  229.652520][ T6325] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038 (0x7fffffff)
[  229.773609][ T3709] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm kworker/u4:7: bg 0: block 234: padding at end of block bitmap is not set
[  229.814497][ T6338] loop0: detected capacity change from 0 to 2048
[  229.820447][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  229.828688][ T3709] EXT4-fs (loop3): Remounting filesystem read-only
[  229.894240][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  229.928183][ T6338] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  230.016890][ T5665] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.019356][ T6352] netlink: 8 bytes leftover after parsing attributes in process `syz.2.715'.
[  230.081481][ T6338] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038 (0x7fffffff)
[  230.092935][ T3709] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.107351][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.618905][ T3766] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.800139][ T6359] overlayfs: missing 'lowerdir'
[  231.058320][ T6361] netlink: 'syz.1.718': attribute type 1 has an invalid length.
[  231.279339][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  231.420937][ T3766] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  231.520462][ T6376] loop2: detected capacity change from 0 to 512
[  231.534732][ T6374] loop1: detected capacity change from 0 to 2048
[  231.604482][ T6374] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  231.618701][ T6376] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  231.668643][ T6376] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038 (0x7fffffff)
[  231.679956][ T3766] usb 4-1: Using ep0 maxpacket: 8
[  231.702290][   T27] audit: type=1804 audit(1725744037.336:79): pid=6374 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.725" name="/newroot/142/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  231.796198][ T6393] netlink: 8 bytes leftover after parsing attributes in process `syz.4.731'.
[  231.821286][ T3766] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  231.864630][ T3766] usb 4-1: config 179 has no interface number 0
[  232.065381][ T3766] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  232.291118][ T3766] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  232.342821][ T6397] netlink: 'syz.0.732': attribute type 1 has an invalid length.
[  232.429035][ T3766] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  232.455034][ T3766] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  232.475087][ T3766] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  232.499252][ T3766] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  232.517182][ T3766] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.569926][ T5665] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm kworker/u4:16: bg 0: block 234: padding at end of block bitmap is not set
[  232.584774][ T6355] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  232.586886][ T5665] EXT4-fs (loop1): Remounting filesystem read-only
[  232.601525][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  232.609285][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  232.744772][ T6404] loop2: detected capacity change from 0 to 2048
[  232.788120][ T6404] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  232.831091][ T6404] ext4 filesystem being mounted at /145/file0 supports timestamps until 2038 (0x7fffffff)
[  233.281497][ T6424] overlayfs: missing 'lowerdir'
[  233.800109][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  233.902855][ T6430] loop4: detected capacity change from 0 to 512
[  233.926931][ T6429] loop1: detected capacity change from 0 to 2048
[  233.999476][ T6430] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  234.009320][ T6429] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  234.024360][ T6430] ext4 filesystem being mounted at /161/file1 supports timestamps until 2038 (0x7fffffff)
[  234.080210][   T27] audit: type=1804 audit(1725744039.706:80): pid=6429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.744" name="/newroot/145/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  234.128773][ T3709] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm kworker/u4:7: bg 0: block 234: padding at end of block bitmap is not set
[  234.162367][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  234.163115][ T6437] loop0: detected capacity change from 0 to 512
[  234.191692][ T3709] EXT4-fs (loop1): Remounting filesystem read-only
[  234.202694][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  234.204341][ T6437] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  234.238328][ T6437] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038 (0x7fffffff)
[  234.365422][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  234.366147][ T6444] netlink: 'syz.4.746': attribute type 1 has an invalid length.
[  234.500181][ T6449] netlink: 8 bytes leftover after parsing attributes in process `syz.1.747'.
[  235.274658][ T4618] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.283642][ T3687] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.395402][ T5804] usb 4-1: USB disconnect, device number 10
[  235.410837][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  235.462217][ T6465] loop2: detected capacity change from 0 to 2048
[  235.587172][ T6465] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  235.596023][ T6465] ext4 filesystem being mounted at /150/file0 supports timestamps until 2038 (0x7fffffff)
[  235.662903][ T6473] loop4: detected capacity change from 0 to 2048
[  235.718263][ T6473] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  235.737343][ T6478] loop0: detected capacity change from 0 to 512
[  235.751917][ T3709] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.841256][ T6478] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  235.875941][   T27] audit: type=1804 audit(1725744041.506:81): pid=6473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.760" name="/newroot/165/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  235.886626][ T6478] ext4 filesystem being mounted at /168/file1 supports timestamps until 2038 (0x7fffffff)
[  235.970352][ T6489] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  235.989399][ T6490] overlayfs: missing 'lowerdir'
[  236.023287][ T4145] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm kworker/u4:11: bg 0: block 234: padding at end of block bitmap is not set
[  236.046670][ T6489] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.056069][ T6489] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.082854][ T4145] EXT4-fs (loop4): Remounting filesystem read-only
[  236.109109][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  236.224627][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  236.313381][ T6497] netlink: 8 bytes leftover after parsing attributes in process `syz.3.766'.
[  237.294437][ T6507] device syzkaller0 entered promiscuous mode
[  237.550961][   T22] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  237.714936][ T6523] loop4: detected capacity change from 0 to 512
[  237.747050][ T6525] loop3: detected capacity change from 0 to 2048
[  237.792684][ T6523] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  237.801995][   T22] usb 2-1: Using ep0 maxpacket: 8
[  237.823265][ T6525] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  237.830313][ T6523] ext4 filesystem being mounted at /171/file1 supports timestamps until 2038 (0x7fffffff)
[  237.873907][   T27] audit: type=1804 audit(1725744043.506:82): pid=6525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.779" name="/newroot/103/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  237.876718][ T6525] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.779: bg 0: block 234: padding at end of block bitmap is not set
[  237.914606][ T6525] EXT4-fs (loop3): Remounting filesystem read-only
[  237.933716][   T22] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  237.949991][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  237.953859][   T22] usb 2-1: config 179 has no interface number 0
[  237.989359][   T22] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  238.011297][   T22] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  238.033316][   T22] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  238.048446][   T22] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  238.060057][   T22] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  238.073619][   T22] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  238.082829][   T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.111863][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  238.118746][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  238.139408][ T6510] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  240.242663][ T3766] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  240.702564][ T5674] usb 2-1: USB disconnect, device number 18
[  240.710891][    C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  240.828243][ T6536] netlink: 830 bytes leftover after parsing attributes in process `syz.4.781'.
[  240.839492][ T6543] netlink: 8 bytes leftover after parsing attributes in process `syz.2.783'.
[  240.891121][ T4195] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  240.899619][ T4195] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  240.908913][ T3766] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.165088][ T6561] loop2: detected capacity change from 0 to 512
[  241.239634][ T6563] loop0: detected capacity change from 0 to 2048
[  241.247920][ T6561] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  241.261822][ T6561] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038 (0x7fffffff)
[  241.289368][ T6563] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  241.298103][ T6563] ext4 filesystem being mounted at /171/file0 supports timestamps until 2038 (0x7fffffff)
[  241.414917][ T6577] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.423824][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.477400][ T6577] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.486595][ T3669] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.495181][ T6577] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.511173][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.541284][ T6577] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.554921][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  241.616659][ T6581] overlayfs: missing 'lowerdir'
[  241.631663][ T3766] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  241.749136][ T6587] netlink: 8 bytes leftover after parsing attributes in process `syz.1.798'.
[  242.347387][ T6585] loop2: detected capacity change from 0 to 2048
[  242.507682][ T6585] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  242.601320][   T27] audit: type=1804 audit(1725744048.236:83): pid=6585 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.797" name="/newroot/155/file0/bus" dev="loop2" ino=18 res=1 errno=0
[  242.622832][ T3766] usb 4-1: Using ep0 maxpacket: 8
[  242.632948][ T6585] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.797: bg 0: block 234: padding at end of block bitmap is not set
[  242.741130][ T3766] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  242.756665][ T3766] usb 4-1: config 179 has no interface number 0
[  242.764447][ T6585] EXT4-fs (loop2): Remounting filesystem read-only
[  242.771088][ T3766] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  242.784610][ T6593] device syzkaller0 entered promiscuous mode
[  242.792456][ T3766] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  242.816152][ T3766] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  242.827614][ T3766] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  242.839317][ T3766] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  242.853100][ T3766] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  242.888654][ T3766] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.923929][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  242.931303][ T6574] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  243.278510][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  244.294182][ T6624] loop2: detected capacity change from 0 to 2048
[  244.324224][ T6624] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  244.346059][   T27] audit: type=1804 audit(1725744049.976:84): pid=6624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.814" name="/newroot/160/file0/bus" dev="loop2" ino=18 res=1 errno=0
[  244.372928][ T6624] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.814: bg 0: block 234: padding at end of block bitmap is not set
[  244.411735][ T6624] EXT4-fs (loop2): Remounting filesystem read-only
[  244.428758][ T3687] usb 4-1: USB disconnect, device number 11
[  244.434815][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  244.434893][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  244.514957][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  244.966559][ T6645] loop3: detected capacity change from 0 to 2048
[  245.026768][ T6645] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  245.040909][ T6645] ext4 filesystem being mounted at /109/file0 supports timestamps until 2038 (0x7fffffff)
[  245.080946][ T3766] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  245.331043][ T3766] usb 1-1: Using ep0 maxpacket: 8
[  245.377534][ T6653] overlayfs: missing 'lowerdir'
[  245.481144][ T3766] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  245.494972][ T3766] usb 1-1: config 179 has no interface number 0
[  245.501860][ T3766] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  245.521024][ T3766] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  245.538085][ T3766] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  245.550150][ T3766] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  245.568587][ T3766] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  245.591867][ T3766] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  245.607732][ T3766] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.661176][ T6641] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  246.080651][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  246.303420][ T6659] loop3: detected capacity change from 0 to 2048
[  246.418530][ T6659] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  246.521527][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  246.641327][   T46] net_ratelimit: 1 callbacks suppressed
[  246.641346][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  246.655095][   T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  246.665151][ T5804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  247.641372][ T6619] netlink: 8 bytes leftover after parsing attributes in process `syz.4.812'.
[  247.990417][ T6685] loop2: detected capacity change from 0 to 2048
[  248.006023][ T6686] loop3: detected capacity change from 0 to 2048
[  248.080624][ T6685] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  248.118597][ T6686] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  248.128994][ T6686] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038 (0x7fffffff)
[  248.228946][    T7] usb 1-1: USB disconnect, device number 14
[  248.247770][    C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  248.256121][    C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  248.321225][ T6686] overlayfs: missing 'lowerdir'
[  248.332694][ T6703] netlink: 8 bytes leftover after parsing attributes in process `syz.4.843'.
[  248.986331][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  249.066933][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  249.155934][ T6707] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  249.165689][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  249.208196][ T6705] device syzkaller0 entered promiscuous mode
[  249.214903][ T6707] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  249.262990][ T6713] dccp_xmit_packet: Payload too large (65475) for featneg.
[  249.332597][ T6713] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  249.370636][ T6713] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  249.379434][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  249.649952][ T6725] loop1: detected capacity change from 0 to 2048
[  249.730734][ T6725] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  249.738281][ T6731] loop2: detected capacity change from 0 to 2048
[  249.771014][ T6725] ext4 filesystem being mounted at /165/file0 supports timestamps until 2038 (0x7fffffff)
[  249.802884][ T6731] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  249.994519][ T6725] overlayfs: missing 'lowerdir'
[  250.453294][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  250.564829][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  250.896089][    T7] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  251.186580][    T7] usb 2-1: Using ep0 maxpacket: 8
[  251.333046][    T7] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  251.341783][    T7] usb 2-1: config 179 has no interface number 0
[  251.348380][    T7] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  251.360033][    T7] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  251.372178][    T7] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  251.383680][    T7] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  251.395698][    T7] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  251.410451][    T7] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  251.420164][    T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.451225][ T6745] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  251.751343][   T11] net_ratelimit: 6 callbacks suppressed
[  251.751362][   T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  251.765155][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  251.774329][ T3768] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  252.130402][ T6770] loop2: detected capacity change from 0 to 2048
[  252.226537][ T6770] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  252.240746][ T6770] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038 (0x7fffffff)
[  252.507147][ T6770] overlayfs: missing 'lowerdir'
[  252.597210][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  253.343295][ T6739] netlink: 8 bytes leftover after parsing attributes in process `syz.0.857'.
[  253.596779][ T6789] loop3: detected capacity change from 0 to 2048
[  253.630441][ T6789] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  253.646315][ T6792] dccp_xmit_packet: Payload too large (65475) for featneg.
[  253.674603][   T27] audit: type=1804 audit(1725744059.306:85): pid=6789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.875" name="/newroot/120/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  253.806318][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  253.910401][ T3768] usb 2-1: USB disconnect, device number 19
[  253.920855][    C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  253.929192][    C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  253.967181][ T6804] loop2: detected capacity change from 0 to 2048
[  254.062633][ T6804] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  254.090986][ T6804] ext4 filesystem being mounted at /183/file0 supports timestamps until 2038 (0x7fffffff)
[  254.391221][ T6820] netlink: 8 bytes leftover after parsing attributes in process `syz.4.884'.
[  254.832579][ T6822] overlayfs: missing 'lowerdir'
[  255.222488][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  255.501484][ T6837] loop1: detected capacity change from 0 to 2048
[  255.535733][ T6845] dccp_xmit_packet: Payload too large (65475) for featneg.
[  255.593792][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[  255.624276][ T6837] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  255.680204][   T27] audit: type=1804 audit(1725744061.306:86): pid=6837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.893" name="/newroot/169/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  255.801732][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  256.007077][ T6859] loop2: detected capacity change from 0 to 2048
[  256.061095][ T3687] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  256.076652][ T6866] netlink: 8 bytes leftover after parsing attributes in process `syz.1.899'.
[  256.356813][ T6859] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  256.381118][ T3687] usb 1-1: Using ep0 maxpacket: 8
[  256.503495][ T6859] ext4 filesystem being mounted at /186/file0 supports timestamps until 2038 (0x7fffffff)
[  256.531572][ T3687] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  256.556119][ T3687] usb 1-1: config 179 has no interface number 0
[  256.609532][ T3687] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  256.737641][ T3687] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  256.756620][ T3687] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  256.847221][ T3687] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  256.899779][ T3669] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  256.927916][ T3687] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  256.967565][ T3687] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  256.977109][ T3687] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.101593][ T6878] overlayfs: missing 'lowerdir'
[  257.858439][ T3669] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  257.869665][ T5674] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  258.050101][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  258.061519][ T6854] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  258.240919][ T6883] netlink: 808 bytes leftover after parsing attributes in process `syz.4.907'.
[  259.239603][ T6899] loop3: detected capacity change from 0 to 2048
[  259.327911][ T6899] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  259.426236][   T27] audit: type=1804 audit(1725744065.056:87): pid=6899 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.910" name="/newroot/128/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  259.562806][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  259.569251][ T6907] device syzkaller0 entered promiscuous mode
[  259.573831][ T5674] usb 1-1: USB disconnect, device number 15
[  259.575419][    C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  259.589802][    C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  259.742850][ T6920] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  259.760316][ T6919] loop3: detected capacity change from 0 to 2048
[  259.866676][ T6926] netlink: 808 bytes leftover after parsing attributes in process `syz.0.921'.
[  259.888859][ T6919] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  259.902773][ T6919] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038 (0x7fffffff)
[  260.072656][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  260.218552][ T6935] overlayfs: missing 'lowerdir'
[  261.233778][ T4299] EXT4-fs (loop3): unmounting filesystem.
[  262.196735][ T6958] loop1: detected capacity change from 0 to 2048
[  262.264672][ T6958] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  262.324763][   T27] audit: type=1804 audit(1725744067.956:88): pid=6958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.931" name="/newroot/180/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  262.372545][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  262.570898][    T7] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  262.652581][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.662080][ T3768] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.723775][ T6970] netlink: 808 bytes leftover after parsing attributes in process `syz.1.936'.
[  262.807150][ T6972] loop1: detected capacity change from 0 to 2048
[  262.844944][    T7] usb 4-1: Using ep0 maxpacket: 8
[  262.902078][ T6972] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  262.917593][ T6972] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038 (0x7fffffff)
[  262.978937][    T7] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  262.987561][    T7] usb 4-1: config 179 has no interface number 0
[  262.994161][    T7] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  263.005447][    T7] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  263.016903][    T7] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  263.028222][    T7] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  263.039823][    T7] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  263.053527][    T7] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  263.062628][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.091772][ T6962] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  263.233485][ T6976] overlayfs: missing 'lowerdir'
[  263.275057][ T5665] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  263.726668][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  265.639974][ T7004] loop0: detected capacity change from 0 to 2048
[  265.727722][ T7004] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  265.737991][ T7010] loop4: detected capacity change from 0 to 2048
[  265.799114][ T5673] usb 4-1: USB disconnect, device number 12
[  265.799900][ T7010] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  265.813601][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  265.847432][   T27] audit: type=1804 audit(1725744071.476:89): pid=7004 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.946" name="/newroot/192/file0/bus" dev="loop0" ino=18 res=1 errno=0
[  265.852606][ T7010] ext4 filesystem being mounted at /207/file0 supports timestamps until 2038 (0x7fffffff)
[  266.182102][ T7023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  266.190404][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  266.205742][ T7023] overlayfs: missing 'lowerdir'
[  266.337533][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  266.642733][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  266.847474][ T7030] device syzkaller0 entered promiscuous mode
[  266.970325][ T7040] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  267.205814][ T7053] loop4: detected capacity change from 0 to 2048
[  267.298051][ T7053] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  267.342574][   T27] audit: type=1804 audit(1725744072.976:90): pid=7053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.965" name="/newroot/212/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  267.388212][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  267.870963][ T3766] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  268.134043][ T3766] usb 5-1: Using ep0 maxpacket: 8
[  268.261096][ T3766] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  268.269651][ T3766] usb 5-1: config 179 has no interface number 0
[  268.276464][ T3766] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  268.291859][ T3766] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  268.303923][ T3766] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  268.315480][ T3766] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  268.326990][ T3766] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  268.340296][ T3766] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  268.349698][ T3766] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.381341][ T7061] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  268.401697][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  268.410650][ T3768] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  269.039675][ T3669] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  269.492900][ T7066] loop0: detected capacity change from 0 to 2048
[  269.561958][ T7066] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  269.623105][ T7066] ext4 filesystem being mounted at /194/file0 supports timestamps until 2038 (0x7fffffff)
[  270.277684][ T3768] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  270.525555][ T7084] overlayfs: missing 'lowerdir'
[  270.722091][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  270.762297][ T3768] usb 5-1: USB disconnect, device number 12
[  270.770857][    C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  270.905221][ T7097] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  271.101807][ T7104] device syzkaller0 entered promiscuous mode
[  272.115821][ T7125] loop1: detected capacity change from 0 to 2048
[  272.260405][ T7125] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  272.282808][ T7125] ext4 filesystem being mounted at /204/file0 supports timestamps until 2038 (0x7fffffff)
[  272.580935][ T3768] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  272.655806][ T7145] overlayfs: missing 'lowerdir'
[  272.841080][ T3768] usb 1-1: Using ep0 maxpacket: 8
[  272.939372][ T3643] EXT4-fs (loop1): unmounting filesystem.
[  273.037847][ T3768] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  273.046766][ T3768] usb 1-1: config 179 has no interface number 0
[  273.053632][ T3768] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  273.070111][ T3768] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  273.086317][ T3768] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  273.097542][ T3768] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  273.114637][ T3768] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  273.134334][ T3768] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  273.162493][ T3768] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.292482][ T7141] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  274.155972][  T102] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  274.171651][ T3766] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  274.792635][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  274.807086][ T7173] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  275.866885][ T3687] usb 1-1: USB disconnect, device number 16
[  275.880915][    C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  275.889270][    C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  276.844286][ T7175] loop2: detected capacity change from 0 to 40427
[  276.867060][ T7191] loop4: detected capacity change from 0 to 2048
[  276.883075][ T7175] F2FS-fs (loop2): Wrong NAT boundary, start(2560) end(462336) blocks(1024)
[  276.906533][ T7175] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  276.959007][ T7191] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  276.990182][ T7175] F2FS-fs (loop2): Found nat_bits in checkpoint
[  277.007830][ T7191] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038 (0x7fffffff)
[  277.056751][ T7183] loop3: detected capacity change from 0 to 32768
[  277.102346][ T7175] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  277.109733][ T7183] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1014 (7183)
[  277.116007][ T7175] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  277.265245][ T7175] syz.2.1010: attempt to access beyond end of device
[  277.265245][ T7175] loop2: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  277.325919][ T7183] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  277.346732][ T7204] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  277.350947][ T7183] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  277.355044][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  277.372756][ T7204] overlayfs: missing 'lowerdir'
[  277.395201][ T7205] loop0: detected capacity change from 0 to 2048
[  277.409415][ T7183] BTRFS info (device loop3): setting nodatacow, compression disabled
[  277.458198][ T7183] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[  277.471459][ T3646] syz-executor: attempt to access beyond end of device
[  277.471459][ T3646] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  277.481636][ T7183] BTRFS info (device loop3): force lzo compression, level 0
[  277.499201][ T7187] loop1: detected capacity change from 0 to 32768
[  277.501566][ T7205] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  277.533085][ T7187] BTRFS warning: duplicate device /dev/loop1 devid 1 generation 8 scanned by syz.1.1015 (7187)
[  277.535732][ T7183] BTRFS info (device loop3): metadata ratio 8
[  277.551085][ T7183] BTRFS info (device loop3): doing ref verification
[  277.557745][ T7183] BTRFS info (device loop3): metadata ratio 32769
[  277.585347][   T27] audit: type=1804 audit(1725744083.216:91): pid=7205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1020" name="/newroot/204/file0/bus" dev="loop0" ino=18 res=1 errno=0
[  277.629273][ T7183] BTRFS info (device loop3): turning off barriers
[  277.640921][ T7183] BTRFS info (device loop3): enabling ssd optimizations
[  277.668367][ T7183] BTRFS info (device loop3): using spread ssd allocation scheme
[  277.678513][ T7183] BTRFS info (device loop3): turning on barriers
[  277.688364][ T3657] BTRFS warning: duplicate device /dev/loop1 devid 1 generation 8 scanned by udevd (3657)
[  277.690550][ T7183] BTRFS info (device loop3): using free space tree
[  277.721810][ T3644] EXT4-fs (loop0): unmounting filesystem.
[  277.747178][ T3639] EXT4-fs (loop4): unmounting filesystem.
[  278.345502][ T7237] device syzkaller0 entered promiscuous mode
[  278.351098][ T7183] loop3: detected capacity change from 32768 to 0
[  279.156332][ T5673] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  279.245806][ T4299] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  279.287142][ T7254] loop1: detected capacity change from 0 to 128
[  279.412900][ T5673] usb 5-1: Using ep0 maxpacket: 8
[  279.418477][ T7256] loop0: detected capacity change from 0 to 2048
[  279.462528][ T7254] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  279.500514][ T7256] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  279.578519][ T5673] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  279.587311][ T5673] usb 5-1: config 179 has no interface number 0
[  279.596441][   T27] audit: type=1804 audit(1725744085.226:92): pid=7256 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1033" name="/newroot/208/file0/bus" dev="loop0" ino=18 res=1 errno=0
[  279.626565][ T5673] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  279.648628][ T5673] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  279.657397][ T3643] ==================================================================
[  279.667927][ T3643] BUG: KASAN: slab-out-of-bounds in udf_readdir+0xc5f/0x2240
[  279.675334][ T3643] Write of size 45 at addr ffff88807abebcd2 by task syz-executor/3643
[  279.681059][ T5673] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  279.683473][ T3643] 
[  279.683492][ T3643] CPU: 0 PID: 3643 Comm: syz-executor Not tainted 6.1.108-syzkaller #0
[  279.683511][ T3643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  279.700365][ T5673] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  279.705197][ T3643] Call Trace:
[  279.705218][ T3643]  <TASK>
[  279.705225][ T3643]  dump_stack_lvl+0x1e3/0x2cb
[  279.705256][ T3643]  ? nf_tcp_handle_invalid+0x642/0x642
[  279.705280][ T3643]  ? panic+0x764/0x764
[  279.705297][ T3643]  ? _printk+0xd1/0x111
[  279.705314][ T3643]  ? __virt_addr_valid+0x17f/0x530
[  279.705335][ T3643]  ? __virt_addr_valid+0x17f/0x530
[  279.732457][ T5673] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  279.732941][ T3643]  print_report+0x15f/0x4f0
[  279.743397][ T5673] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  279.747082][ T3643]  ? __virt_addr_valid+0x17f/0x530
[  279.747113][ T3643]  ? __virt_addr_valid+0x17f/0x530
[  279.763953][ T5673] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.774702][ T3643]  ? __virt_addr_valid+0x45b/0x530
[  279.774736][ T3643]  ? __phys_addr+0xb6/0x170
[  279.774755][ T3643]  ? udf_readdir+0xc5f/0x2240
[  279.774780][ T3643]  kasan_report+0x136/0x160
[  279.774797][ T3643]  ? udf_readdir+0xc5f/0x2240
[  279.774819][ T3643]  kasan_check_range+0x27f/0x290
[  279.774833][ T3643]  ? udf_readdir+0xc5f/0x2240
[  279.821206][ T7244] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  279.825391][ T3643]  memcpy+0x3c/0x60
[  279.850786][ T3643]  udf_readdir+0xc5f/0x2240
[  279.855410][ T3643]  ? load_block_bitmap+0x520/0x520
[  279.860559][ T3643]  ? __might_sleep+0xb0/0xb0
[  279.865163][ T3643]  ? aa_file_perm+0x3e3/0xf60
[  279.869842][ T3643]  ? trace_raw_output_contention_end+0xd0/0xd0
[  279.875985][ T3643]  ? load_block_bitmap+0x520/0x520
[  279.881086][ T3643]  ? __fdget_pos+0x2ba/0x360
[  279.885659][ T3643]  ? end_current_label_crit_section+0x147/0x170
[  279.891897][ T3643]  ? common_file_perm+0x17d/0x1d0
[  279.896925][ T3643]  ? fsnotify_perm+0x439/0x590
[  279.901672][ T3643]  iterate_dir+0x224/0x560
[  279.906081][ T3643]  ? load_block_bitmap+0x520/0x520
[  279.911180][ T3643]  __se_sys_getdents64+0x209/0x4f0
[  279.916278][ T3643]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  279.922377][ T3643]  ? __x64_sys_getdents64+0x80/0x80
[  279.927561][ T3643]  ? filldir+0x6f0/0x6f0
[  279.931799][ T3643]  ? syscall_enter_from_user_mode+0x2e/0x230
[  279.937807][ T3643]  ? lockdep_hardirqs_on+0x94/0x130
[  279.942998][ T3643]  ? syscall_enter_from_user_mode+0x2e/0x230
[  279.948999][ T3643]  do_syscall_64+0x3b/0xb0
[  279.953404][ T3643]  ? clear_bhb_loop+0x45/0xa0
[  279.958067][ T3643]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  279.963963][ T3643] RIP: 0033:0x7f74c8faf093
[  279.968378][ T3643] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 42 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  279.987995][ T3643] RSP: 002b:00007ffdb049ce98 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  279.996457][ T3643] RAX: ffffffffffffffda RBX: 000055557f33b600 RCX: 00007f74c8faf093
[  280.004464][ T3643] RDX: 0000000000008000 RSI: 000055557f33b600 RDI: 0000000000000005
[  280.012435][ T3643] RBP: 000055557f33b5d4 R08: 0000000000000000 R09: 0000000000000000
[  280.020394][ T3643] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  280.028353][ T3643] R13: 0000000000000010 R14: 000055557f33b5d0 R15: 00007ffdb049f140
[  280.036319][ T3643]  </TASK>
[  280.039323][ T3643] 
[  280.041627][ T3643] Allocated by task 3643:
[  280.046105][ T3643]  kasan_set_track+0x4b/0x70
[  280.050715][ T3643]  __kasan_kmalloc+0x97/0xb0
[  280.055385][ T3643]  udf_readdir+0xb78/0x2240
[  280.059900][ T3643]  iterate_dir+0x224/0x560
[  280.064321][ T3643]  __se_sys_getdents64+0x209/0x4f0
[  280.069438][ T3643]  do_syscall_64+0x3b/0xb0
[  280.073860][ T3643]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  280.079742][ T3643] 
[  280.082069][ T3643] Last potentially related work creation:
[  280.087765][ T3643]  kasan_save_stack+0x3b/0x60
[  280.092516][ T3643]  __kasan_record_aux_stack+0xb0/0xc0
[  280.097870][ T3643]  kvfree_call_rcu+0x116/0x8c0
[  280.102619][ T3643]  ieee80211_ibss_disconnect+0x539/0x700
[  280.108233][ T3643]  ieee80211_ibss_leave+0x21/0x130
[  280.113356][ T3643]  __cfg80211_leave_ibss+0x254/0x510
[  280.118625][ T3643]  cfg80211_leave_ibss+0xd5/0x1c0
[  280.123643][ T3643]  cfg80211_change_iface+0x5fc/0x11c0
[  280.129029][ T3643]  nl80211_set_interface+0x6e6/0x9c0
[  280.134328][ T3643]  genl_rcv_msg+0xc1a/0xf70
[  280.138849][ T3643]  netlink_rcv_skb+0x1cd/0x410
[  280.143627][ T3643]  genl_rcv+0x24/0x40
[  280.147610][ T3643]  netlink_unicast+0x7d8/0x970
[  280.152387][ T3643]  netlink_sendmsg+0xa26/0xd60
[  280.157167][ T3643]  ____sys_sendmsg+0x5a5/0x8f0
[  280.161948][ T3643]  __sys_sendmsg+0x2a9/0x390
[  280.166555][ T3643]  do_syscall_64+0x3b/0xb0
[  280.170989][ T3643]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  280.176986][ T3643] 
[  280.179314][ T3643] The buggy address belongs to the object at ffff88807abebc00
[  280.179314][ T3643]  which belongs to the cache kmalloc-256 of size 256
[  280.193986][ T3643] The buggy address is located 210 bytes inside of
[  280.193986][ T3643]  256-byte region [ffff88807abebc00, ffff88807abebd00)
[  280.207272][ T3643] 
[  280.209594][ T3643] The buggy address belongs to the physical page:
[  280.216021][ T3643] page:ffffea0001eafa80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7abea
[  280.226189][ T3643] head:ffffea0001eafa80 order:1 compound_mapcount:0 compound_pincount:0
[  280.234523][ T3643] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  280.242529][ T3643] raw: 00fff00000010200 ffffea0001f4e300 dead000000000006 ffff888017c41b40
[  280.251126][ T3643] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  280.259719][ T3643] page dumped because: kasan: bad access detected
[  280.266143][ T3643] page_owner tracks the page as allocated
[  280.271859][ T3643] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 2, tgid 2 (kthreadd), ts 59983257787, free_ts 59961882110
[  280.294101][ T3643]  post_alloc_hook+0x18d/0x1b0
[  280.298852][ T3643]  get_page_from_freelist+0x322e/0x33b0
[  280.304383][ T3643]  __alloc_pages+0x28d/0x770
[  280.308952][ T3643]  alloc_slab_page+0x6a/0x150
[  280.313614][ T3643]  new_slab+0x84/0x2d0
[  280.317668][ T3643]  ___slab_alloc+0xc20/0x1270
[  280.322327][ T3643]  __kmem_cache_alloc_node+0x19f/0x260
[  280.327764][ T3643]  kmalloc_trace+0x26/0xe0
[  280.332172][ T3643]  set_kthread_struct+0xb2/0x1f0
[  280.337123][ T3643]  copy_process+0x139d/0x4060
[  280.341832][ T3643]  kernel_clone+0x222/0x920
[  280.346335][ T3643]  kernel_thread+0x152/0x1d0
[  280.350925][ T3643]  kthreadd+0x596/0x760
[  280.355083][ T3643]  ret_from_fork+0x1f/0x30
[  280.359504][ T3643] page last free stack trace:
[  280.364163][ T3643]  free_unref_page_prepare+0xf63/0x1120
[  280.369697][ T3643]  free_unref_page+0x33/0x3e0
[  280.374360][ T3643]  qlist_free_all+0x76/0xe0
[  280.379111][ T3643]  kasan_quarantine_reduce+0x156/0x170
[  280.384558][ T3643]  __kasan_slab_alloc+0x1f/0x70
[  280.389390][ T3643]  slab_post_alloc_hook+0x52/0x3a0
[  280.394491][ T3643]  __kmem_cache_alloc_node+0x137/0x260
[  280.399941][ T3643]  kmalloc_trace+0x26/0xe0
[  280.404342][ T3643]  nsim_fib_event_work+0x19be/0x4120
[  280.409635][ T3643]  process_one_work+0x8a9/0x11d0
[  280.414575][ T3643]  worker_thread+0xd04/0x1200
[  280.419243][ T3643]  kthread+0x28d/0x320
[  280.423308][ T3643]  ret_from_fork+0x1f/0x30
[  280.427719][ T3643] 
[  280.430033][ T3643] Memory state around the buggy address:
[  280.435646][ T3643]  ffff88807abebb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  280.443692][ T3643]  ffff88807abebc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  280.451738][ T3643] >ffff88807abebc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06
[  280.459818][ T3643]                                                                 ^
[  280.467785][ T3643]  ffff88807abebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  280.475832][ T3643]  ffff88807abebd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  280.483874][ T3643] ==================================================================
[  280.496483][ T3768] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  280.496710][ T3643] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  280.496721][ T3643] CPU: 1 PID: 3643 Comm: syz-executor Not tainted 6.1.108-syzkaller #0
[  280.496737][ T3643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  280.496746][ T3643] Call Trace:
[  280.496751][ T3643]  <TASK>
[  280.496756][ T3643]  dump_stack_lvl+0x1e3/0x2cb
[  280.496782][ T3643]  ? nf_tcp_handle_invalid+0x642/0x642
[  280.496803][ T3643]  ? panic+0x764/0x764
[  280.496818][ T3643]  ? preempt_schedule_common+0xa6/0xd0
[  280.496841][ T3643]  ? vscnprintf+0x59/0x80
[  280.496859][ T3643]  panic+0x318/0x764
[  280.496875][ T3643]  ? check_panic_on_warn+0x1d/0xa0
[  280.496892][ T3643]  ? memcpy_page_flushcache+0xfc/0xfc
[  280.496909][ T3643]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  280.496927][ T3643]  ? _raw_spin_unlock+0x40/0x40
[  280.496946][ T3643]  check_panic_on_warn+0x7e/0xa0
[  280.496962][ T3643]  ? udf_readdir+0xc5f/0x2240
[  280.496981][ T3643]  end_report+0x66/0x110
[  280.496995][ T3643]  kasan_report+0x143/0x160
[  280.497010][ T3643]  ? udf_readdir+0xc5f/0x2240
[  280.497029][ T3643]  kasan_check_range+0x27f/0x290
[  280.497044][ T3643]  ? udf_readdir+0xc5f/0x2240
[  280.497061][ T3643]  memcpy+0x3c/0x60
[  280.497077][ T3643]  udf_readdir+0xc5f/0x2240
[  280.497104][ T3643]  ? load_block_bitmap+0x520/0x520
[  280.497122][ T3643]  ? __might_sleep+0xb0/0xb0
[  280.497138][ T3643]  ? aa_file_perm+0x3e3/0xf60
[  280.497160][ T3643]  ? trace_raw_output_contention_end+0xd0/0xd0
[  280.497179][ T3643]  ? load_block_bitmap+0x520/0x520
[  280.497204][ T3643]  ? __fdget_pos+0x2ba/0x360
[  280.497220][ T3643]  ? end_current_label_crit_section+0x147/0x170
[  280.497241][ T3643]  ? common_file_perm+0x17d/0x1d0
[  280.497260][ T3643]  ? fsnotify_perm+0x439/0x590
[  280.497277][ T3643]  iterate_dir+0x224/0x560
[  280.497291][ T3643]  ? load_block_bitmap+0x520/0x520
[  280.497310][ T3643]  __se_sys_getdents64+0x209/0x4f0
[  280.497327][ T3643]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  280.497348][ T3643]  ? __x64_sys_getdents64+0x80/0x80
[  280.497362][ T3643]  ? filldir+0x6f0/0x6f0
[  280.497377][ T3643]  ? syscall_enter_from_user_mode+0x2e/0x230
[  280.497394][ T3643]  ? lockdep_hardirqs_on+0x94/0x130
[  280.497410][ T3643]  ? syscall_enter_from_user_mode+0x2e/0x230
[  280.497428][ T3643]  do_syscall_64+0x3b/0xb0
[  280.497448][ T3643]  ? clear_bhb_loop+0x45/0xa0
[  280.497467][ T3643]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  280.497486][ T3643] RIP: 0033:0x7f74c8faf093
[  280.497499][ T3643] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 42 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  280.497512][ T3643] RSP: 002b:00007ffdb049ce98 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  280.497529][ T3643] RAX: ffffffffffffffda RBX: 000055557f33b600 RCX: 00007f74c8faf093
[  280.497541][ T3643] RDX: 0000000000008000 RSI: 000055557f33b600 RDI: 0000000000000005
[  280.497551][ T3643] RBP: 000055557f33b5d4 R08: 0000000000000000 R09: 0000000000000000
[  280.497560][ T3643] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  280.497571][ T3643] R13: 0000000000000010 R14: 000055557f33b5d0 R15: 00007ffdb049f140
[  280.497587][ T3643]  </TASK>
[  280.504763][ T3643] Kernel Offset: disabled
[  280.813801][ T3643] Rebooting in 86400 seconds..