last executing test programs:

2m30.557160999s ago: executing program 3 (id=113):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000340)=ANY=[@ANYBLOB="0180c2000010aaaaaaaaaabb080045"], 0x0)

2m30.250301574s ago: executing program 3 (id=115):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = socket$kcm(0x1e, 0x1, 0x0)
sendmsg$kcm(r1, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000300)="80", 0xfdef}], 0x1}, 0x0)

2m29.91249798s ago: executing program 3 (id=116):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000080)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x24, r1, 0x93da7d9f096fa291, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_OUT_LEVEL={0x8, 0x2a, 0x6}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000040}, 0x4000810)

2m29.753890252s ago: executing program 3 (id=117):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000f80)='./file1\x00', 0x0, 0x1000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x8442, 0x5c)
ioctl$FS_IOC_RESVSP(r0, 0x40305839, 0x0)

2m29.167462182s ago: executing program 3 (id=120):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1, 0x1, {0x0, 0x1, 0x3}, 0xfd}, 0x18)
sendmsg$can_j1939(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)="1c38970ca3e808d389a28282d0c6d5d7556e07fe13693067d6a529850ac4f4f4160c5307071bc52729452c4d854d4031c4e700fab891441f56ab063e4eac6f6c1f0704d553ff1d259b7c56eb63e59147de87402ea5842b8e25f201e6c13592afb14b372418d5c7e46ddef14a2126b51e483cd61ff235f4f572b2e95d37cb9072d1e950e89a1b8c01b78dac0af4214bd556ac7dc1442a1c3b27c5b516682e1819b7b6484910f6e4bc88878c4f23a23aac3c0bc47abaa3df56940c9234f41b8a99550087c90f953d6457ef3cca1f5da00115b4c88621653f6fd56571cddfdaf5cc9bd84abe10fdb83e277c3d6b6ed6ccfd6987bc840a1d2a1cd278ca92f1764826a5041e3394bbbc10724e432c067b6d5dcf9a820d25c803cf80f5a34b8efe2f8627f9a750281425560a71bee3546c396a0a404567b7b86a73c37f63f04ba551cfe0d0b5a75edbd5e74c71be8e29ceb149f76214ab64e9294e5a1bdde805fd6793e40f3f2ab085aee3a08b54d1deb8458f5e2480380ec43cc639734b7e08473275622feb977290ce40cacc3c4a113661755996e61a756e8854ebfd5dd71a336423b5875df15576861989e63187a213b57e50852869b613b1cad83989a1ccc02a5908d937fb14b6750385a9b4028e1008ce0dddb403d689524276b0150c22e068166a98f045886bc9f20db4fccdbe714eea664aaa9aaa29d70c67c62441ba976fa9b4a9a5016c43c270df77e91730bcfcd25e2323516af7d03c0e8bfb0ba7095b31c9673076b6bae829648bb2367bbc0fe6eec00369f65c5307fd3304c8db18f6f80fd8a84eccdef2a2c98a9d711607e1be948438449ba31f8cec46666395d8cfcd818e6fb8946cbdb3f1dc9daeafdad4bd02ec0e5293e0ec8488ca115e96d3ad5c9cb22c8754d4ec650b65c1d1cb4879f65d6329a429b7b024ecd00a8bf680a2817d5e6c3a19939423d041e8c0bcab7a43abf5b502758005ab0b8bcdf2bd35c267c988a9413f7df71ea9c984abc781df7296dff82a3109abe8b56f06ebcd1e82dab85dc64e1f628b0acf22ba092e6db5bec3e859346fa5a7f0b8c3cb65fcd78b06a0af94ba908ee56094f41548e4f444acb479245fa54b99567d71abde33bb5552d3e6ec33e7a85c272b4a551a68470b71e591ee52dbf629be8ed65891117088aabe387f1466af9a7a843a9e739ea8165f80cb5cb36cf6fac41b931c8ee75e2e87c2b3b8cd0057b392da30726dde03369e68039c9480973c3ea994282baddf61fbb7a93c3667b837f7f547ae66cad03db89de21ae340be48b0e56e560d761d175ac7120a8880ff9efd95aa5f335aa7c99ae4910ad02443e2ee3fae2aedbd233f5f52ea1f65872463a637605dacab03c4218c4ac0b8067b433192f5488cf2f9f742a181776bbaff4975b4f2b918212e94dc719e773cbda7b776072df9d43d92916b4621d9aeaaf6bf31d7e94b6d79b255dc8bc9194acd4259bd9a1d95e2080e4e4d85ec7539161a4f1fff317339ee3c8a622f87e9c3bc3aead2d7415777fad15e7609d6d777bda4e837738ba31703605beff568d3293d3dbb0241a97c590b0e51cb0925cdc8f72e67d93b04ab4d4be4318daae50523c4d094c11dd53c19773a3400069979524e69c0a0c95bcba3e8bcc54fbcba133392bac0342afa0f8a7ec1c84d904530e6c13361113b83df6d1558dbacde0057a52b9f8b8b43fc0df50c29754b2853499e3de1f6d3cadc5ddac892e1424c603cb34674a8ec7148bef37f596061d4b8d1148cf2e14e9753c614d56cf054a5cb26a0226b243546be7eb099c4b0113bddd891cf51cb88b7efedb680b7d53c60fb244f2fafa1cbbca5db09a33b191e65340a58c7c56103871fc85d64e880e42d7e16a742c202058e061c4158711742c0f5d608254744baf5924b85e5b090225e630a471d6595a1fb3ef09fef8e66fc9e892364b8229e4ff657f1604d4fba06452e8572149084e44be7e3df08a03604739719edcb21f7c00c73f0a46183ac1a92f5eb554878284f7622eddc13716684883cce79e32c35456ec96dae3295204819ecf99cddbcf77ca55711c7cb43df9d6097cd57fddf3266bcb569ecf843c8de4fc4e8c93579209f68f2080ab9298e98ec8897a46c7d6c9e341fae89c4bd11fd43ee9b12d3d5a3c6bcee613c31edc7b767b053a69fc168b9e0a5f2d858635e94a345aefdd4b23f0a36e2ddabdac01727268061ac739356d92b1a51870c675da66826ed10d30bf6f3f8cfabbb565b2a2266a4e9d1a78c38b7f8481e3e70ec4d88e0383194b0ddbe4be7ef668817771bd6443712b43ddc966d8a47ab6951446af1c6b7d4f1a611e0386d8b39fa6f9b9d3ff2bb679b8d64af8416bf21d11c9303668c5d5ad527b6f4cf0163ebeb76c0f9b5f0696ca9f931b09bdb1a39f03d6f605ced5b650bb79e2f76eeea2278bc84612a6de7b5f0cb4595338150a55dabfdd08a8365ba922791a1503cf8cfe0272c43ce77c9173733f61ae9fa3496f1c67f794b53ffbc295e2db1969943a92d4a8c0ba14374d55d4534e6de499c5b76950c9aa5b8be557f462b4cacb6ed9afe01cdae86e7ede3ebdfcb860ae793bca53dbb0263886334a8211b80c721ea0dd0e06cc9315e3a3b7903b45a8e47bee4812847b0d0ed8c440b3dcbc27e7676f8b80220fe8866b9c901e67b65753bd5a5e63fecb37cd168864164dfa7531266504ea56b63cf26d00f9cb60714675736e89de2f080cabd0962aa5d90693e8a3200794233d5c35c6266801d6c70e9614ce9d19c06e25719fbb0890e8fd2acd9cbb9297fa36bffe510c01d2e55ee25cedf4b70c8768aa658f359ca814f2ae11b6430aefde20144219c5386b31f51adc32d9d3063d347d5c3631e5fb05b46910ce810aa622d04018721799f569472205f06f1dcc26bd5248e3c11b2193db08c365b6327b974aafa3c8515535e789109621fda9241caabfe4bd0b71865ff6aeefdf09d76cfcc54efec1f07a0258dbab4e6cf74d18ef26a0c1ffa4d0e4fa67b177ca8fb156fefff17804033e4cda685a224684e501b60b4a2cd15b79eb426859c5818807fa65714dafd3314f9d5bab8d36d63ed5cb60311ccf513e1e3a7adfb0d3703f23ff90c12e66ea6db093696476286a970716690bcb6fb8ef7165ddbb858d9c8d40048b8dc268f2bb0ee65a5fd5cf385350b6de99532b7b902662f0e8d5bb107dabb0c65b67d61bf8ee72e30d340a13c354c4100488da17c727a3ca7ef5311af1813f15d89383f300c189060f621ab46d84e19c389f15dec2d303e850b610b827fae602395430b442cdcf7af7132dcdcb80f248afe2d60f7183de4ffc8cd01310001bf859923c76208ea0f80e9652293e164f54917a7eea84966ced72353f890fcbe5e9994ad80f55793433585c5b3d71e90220995b7d6d5c07a0f1a523b90bf67501ec9e69c8fb00096693a306d3014bebe3ba9ba9d3e31db36155681d9bd7b34cec97f346f07308de598013b42cb1b851a87aadd0072b3b218d5f815bdd87f6173916518226fc590dd91c251f32d7fae14edfc35ae8f166d14cd0df80fc243d4db77d1b9bc02c655b86e4476e5919aa5bcac8c2f7387c469ec78986f5e73a2b6787f16c4a5f007fc8fe7ad91519ffa80b519d3b4a233f0b91ba7630cd0ed656f57f185c36f021e0a5c852cabd94157f24725ebcaee36650ead2b22918c960c8ab6f125cf20cab37dcb5c36ac8cfa9e6264d5075b5c86e6c1b8455512f54d333d4491f94b9ec967489ffb40f8835aea6cbf2a33be22ea91a771d1f4c2bc2017ffd805cc04d23dec291ef2a023b45b6a52a91acac8316d46c96695d4282e5dce8a8e8b8f98a6bc45d201c3d00a68a9314cc2c1348c546a553fdc8c1418b8ebc731f40a86c15d40a6977fbe5a9a392627cf7dd34507e63726644403175fa90caeff546b01d632e1a41042cf85e06573b0a08bdf889eafd0e4aafd656951ade883d99fc9be729e1a62cea082bffbf608e4131c083bccc033e71d5a6b9f056b1974fac86df5fa44cde3df1fc0a5c0ff552371dd4187b77a2804843a6b13885ce01b12feacdb692caec54c3ddeff6232c9cb59cbb73ab3709c3c2eba734c89be3b13b153c15e3f9b8d93fe52193c77be3b268157081aeba98bf798862506a20305d998cde3bf76c966176d9f2142269f98d927236303fa65ca55290d1ebb6e24e65c6c122fb3ed8f947531d9e77f394bc23e3280d7a237874e05aca0d9e62402f9a6f0ab5c55e20c49c2e9821212d9cc90095753fea03d97330120a79911962bf98e78ee47b9e2969738bdcd7e34848fbecb6d3bfe269e1563bdda2599515f9de0a77f6a0b14f8a5e05dca43ffa1ac1dc96d9e6149a6bee551cd7ba398987dd3756a57a481215e3c86c4c4af1dbc9333eac789e7c5a2a3895a3bf8ac2db8b4824329ffe8aefb43ba417ebdf37ee1f81af686d7bf8adc4ff0f017b1c4d64e5ed5d47f44d8e27be0a47799cc1567049d29b8bbc8ca277601738c47aea6b5250c6423ab7e73dccb89eec796531db2d0dfe35bf720beb9adaead2f75c599c1b2cfbcab228f19493224c51947218643cb4869c349c142198a107475552d762ff975877e0082c37a234101ef96a5a7e1d16a7eec66651adf1a78cc9ef133ba76d4cefae48fe25d2003737a845c1f1348bcc6f2964b3793b80feb4fdd619f53a1a762e15d4859f8ca96cc5b5a35be9df6a3ba08cf2d6a409e976862fb203a5657185997e4fa62a9e70a03ff8be94c3afe33d1a4fb45e72aea89079663ea08c8c77c669fe2ea1cf5e99cd5852d6a7ec7320d1d2733e4b5de714caa139feb7c225dcf8fe09ed025a17dfd7b6a53bfb83484d14466bae89b4c14af3c148c95f337b56d6fb69eb38436c021bace566b666e4b752562889588bffa9445b2f24cd0bf313a2cc0fe6ef6cd9923da5c727bb3a49924e5988805ee4654fda3c101480294d2cd89837c749d82a159259e0774a846b3a6b7b0ad00578ade66cccdf8871ccaad83d56f57853348da55e4dfe30c9155fd9c7366d30bb345601a693dcfad693dceb6e1ad4e035e6747a69f7fc40e3a86d2dbf325208fc9319b021d1a6107d697841aa6b3aebfd8c69680a4b225e4a24d6831e4e9a13c4e604924a23601ac90e64b955ecb3274332ee4cd209ece20b887fc4c0b246a4f251b1b88b138420790171991abfecfb34ec0f26af28b71692f7bc409ec594e3c316e473ce2cc37cf6350cc02a4b9d1118d1d6d72ebc2d8514510f348a15a7e279b4ad864ab150a4f17932700f8698b877d36ba3d4e8631af3f4fa129542346d62d81aae914cb73244089f2f7faba17ccddd0c234a11a5bcd5e69996ff6413f453fc5f9a2cdb2e5b51a5d6cbf0bdb5c2c733455685493644ca5cf9a8d6630677843edf688031355a9a65308cc591f896324fd7885df8284f133ad081720a4f60f4577f1581a14d5f285698047637125a2534354dd030db106aeb769ee99931913d9b7e10e4d42a4589e1922362bc97984996e64bc9f269320bfd8a31187f5166a07ec3ed01cfdff6e735a2e5e2e686dc448f0b1e7e30c6e01a487bad3997a2b39f4ed575bcdeeabacbf86931ea1d154b0e618794b3c6eb6840961849ea7a0feb83c77a674084fade0190d8d5ae883449b1d84e6ade9d87f881749a145272c4d4166ee836551ed72add29c1f310af2f46c77aa7e2553678a2c58c55a365eb4a2b318f27fff482eb04f0413d7082694f4c47b00e7b371231d4c2465d392219470e4eb6ec99b1b46df340bd609c74d649e5d45dd10d1e475", 0x1000}, 0x1, 0x0, 0x0, 0x801}, 0x24000000)

2m26.622796794s ago: executing program 3 (id=137):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_ADD_TX_TS(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x1c, r1, 0x1, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x48800}, 0x4044)

2m26.189336522s ago: executing program 32 (id=137):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_ADD_TX_TS(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x1c, r1, 0x1, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x48800}, 0x4044)

2m15.271019973s ago: executing program 2 (id=184):
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in=@loopback, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x3, 0x7}}, 0xe8)
sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0)

2m14.614637094s ago: executing program 2 (id=188):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000240)=ANY=[@ANYBLOB='\'cpu'], 0x5)

2m14.385128768s ago: executing program 2 (id=191):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x30004001)
setsockopt$sock_attach_bpf(r0, 0x6, 0xd, &(0x7f0000000000), 0x4)
getsockopt(r0, 0x5, 0x3, 0x0, 0x0)

2m14.109659042s ago: executing program 2 (id=195):
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000080)='./file2\x00', 0x3210842, &(0x7f0000001800)={[{@errors_remount}, {@noquota}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'iso8859-7'}}, {@errors_continue}, {@noquota}, {@quota}, {@uid}, {@iocharset={'iocharset', 0x3d, 'iso8859-1'}}]}, 0x24, 0x6297, &(0x7f00000089c0)="$eJzs3c1vHGcdB/Df7JtfQtOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFEiCMn/oAeuHLjDyBSggTqAXXQ2M/jzE53vXYS76wzn4/kzPzmmfE+k++Od9cz4ycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjhD358roiIK79KC05EfC76Eb2Ilapei4iVtRP1bV6I7eZ4PiKGSxHV9tv/PBvxekR8fDzi/oM769Xi8/vsx/f//I8//OTYj/7+p+GZ//7lVv+Naevdvv3b//z17qPvLwAAAHRRWZZlkT7mn4yIQfpsDwA8/fLrf5nk5eqFqzcXrD9qtVqtPoJ1XTnZ3XoREZv1bar3DE7HA8ARsxmftN0FWiT/ThtExLG2OwEstKLtDnAo7j+4s16kfIv668HaTnu+FmQs/81i9/6OadNZmteYzOv5tRX9eG5Kf1bm1IdFkvPvNfO/stM+Susddv7zMi3/0c6tT52T8+838294evLvTcy/q3L+gwPl35c/AAAAAAAssPz7/xMtn/9devxd2Ze9zv+uzakPAAAAAAAAAPCkHXT8v0Fj/L9dxv8DAACAhVV9Vq/87vjDZdP+Flu1/HIR8UxjfaBj0s0yq233AwAAAAAAAAAAAAC6ZLBzDe/lImIYEc+srpZlWX3VNeuDetztj7qu7z90Wds/5AEAYMfHxxv38hcRyxFxOf2tv+Hq6mpZLq+slqvlylJ+PztaWi5Xap9r87RatjTaxxviwaisvtlybbu6WZ+XZ7U3v1/1WKOyv4+OzUeLgQNAROy8Gt2f9or0P69XR1NZPhstv8nhiNjj+OeIcvyzH20/TwEAAIDDV5ZlWaQ/530ynfPvtd0pAGAu8ut/87yAWq1Wq9Xqp6+uKye7Wy8iYrO+TfWewXD8AHDEbMYnbXeBFsm/0wYR8ULbnQAWWtF2BzgU9x/cWS9SvkX99SCN756vBRnLf7PY3i5vP2k6S/Mak3k9v7aiH89N6c/zc+rDIsn595r5X9lpH6X1Hj//cuzXhG1dYzQt/2o/T7TQn7bl/PvN/BsO+/ifl63oTcy/q3L+gwPl35c/AAAAAAAssPz7/xMLdf539Ki7M9Ne53/XJm5xeH0BAAAAAAAAgCfl/oM76/m+13z+/wsT1nP/59Mp51/Iv5Ny/r1G/l9trNevzd97+2H+/35wZ/2Pt/71+Tzdb/5LeaZIz6wiPSOK9EjFIE0fZ+8+a2vYH1WPNCx6/UG65qccvhvX4npsxNmxdXvp/+Nh+7mx9qqnw+32sr/Tfn6sfbDbnre/MNY+TFcXlSu5/XSsx8/jeryz3V61Lc3Y/+UZ7eWM9px/3/HfSTn/Qe2ryn81tReNaeXeR73PHPf16aTHeevaF39z9vB3Z6at6O/uW121fy+10J/t/5Njo/jlzY0bp29fvXXrxrlIk7Gl5yNNnrCc/zB97f78f3mnPf/crx+v9z4aHTj/RbEVg6n5v1ybr/b3lTn3rQ05/1H6yvm/k9onH/9HOf/px/+rLfQHAAAAAAAAAAAAAAAA9lKW5fYtom9FxMV0/09b92YCAPOVX//LJC+fV92f8+Op1YdWF8U8Hq9YmP1tof60nPPjD8YXtL3/avWTqOvKyd6sFxHxt/o21XuGX0/6ZgDAIvs0Iv7Zdidojfw7LP+9v2p6qu3OAHN184MPf3r1+vWNGzfb7gkAAAAAAAAA8Kjy+J9rtfGfT5Vlebex3tj4r2/H2uOO/5lvp3k4wOiUgar7B9+nvWz1Rv1ebbjxF2Pa+N/D3bm9xv8ezHi84Yz20Yz2pRntyzPaJ97oUZPzf7E23vmpiDjZGH69C+O/Nse874Kc/0u153OV/1ca69XzL39/lPPvjeV/5tb7vzhz84MPX7v2/tX3Nt7b+NmFc+fOXrh48dKlS2fevXZ94+zOvy32+HDl/PPY164D7Zacf85c/t2S8/9SquXfLTn/L6da/t2S88/v9+TfLTn//NlH/t2S838l1fLvlpz/11It/27J+b+aavl3S87/66mWf7fk/F9Ltfy7Jed/OtXy75ac/5lU7zP/lcPuF/OR889nuBz/3ZLzz1c2yL9bcv7nUy3/bsn5X0i1/Lsl5/96quXfLTn/b6Ra/t2S87+Yavl3S87/m6mWf7fk/C+lWv7dkvP/Vqrl3y05/2+nWv7dkvN/I9Xy75ac/3dSLf9uyfl/N9Xy75ac//dSLf9uyfm/mWr5d8vDv/9vxowZM3mm7Z9MAAAAAAAAAAAAAEDTPC4nbnsfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgp79xoj11nfD/zM3rx2IDEQ8nfyN7BxTGKcTXZ9iS+0LiZcG24lEAq9YLvetVnwDa9dAo1k00CJhFFRRdtQqS0g1OZNhV/wglaA8gK1QqoE7Qv6BlGh8iJCAQWkSrSCbDXnPM+zM7Nz2fWu1zPnfD6S/fOeOTPnmTPPOTu/XX/nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAoztfN/upWpZl9T/5X5uz7AX1f2+c2Jwve/WNHiEAAACwWr/K/37ulrTg8DLu1LDOv7z8O19dWFhYyN47/Oejn1tYSDdMZNnohizLb4uu/vB9tcZ1gsez8dpQw9dDPTY/3OP2kR63j/a4fazH7Rt63D7e4/YlO2CJjcXPY/IH257/c3OxS7Nbs9H8tu1t7vV4bcPQUPxZTq6W32dh9EQ2l53KZrPppvWLdWv5+l+/s76tN2dxW0MN29panyE/e+x4HEMt7OPtTdtafMzoJ6/NJn7+s8eO/92FZ29vV3vuhqbHK8a5Y1t9nJ8IS4qx1rINaZ/EcQ41jHNrm9dkuGmctfx+9X+3jvO5ZY5zeHGY66r1NR/PhvJ/fzffTyONP9ZL+2lrWPaLu7Isu7w47NZ1lmwrG8o2NS0ZWnx9xosZWX+M+lR6cTayonl65zLmab3ObG+ep63HRHz97wz3G+kwhsaX6ScfH2t43X+5cC3zNKo/607HSuscXOtjpV/mYJwX382f9BNt5+D28Pwfu7vzHGw7d9rMwfS8G+bgtl5zcGhsOB9zehFq+X0W5+CupvWH8y3V8vrM3d3n4NSF0+em5j/6sfvmTh87OXty9syeXbum9+zbd+DAgakTc6dmp4u/r3Fv979N2VA6BraFfRePgXta1m2cqgtfHFty/r3W43C8y3G4uWXdtT4OR1qfXG19Dsilc7o4Nt5d3+njV4ayDsdY/vrsXP1xmJ53w3E40nActv2e0uY4HFnGcVhf59zO5b1nGWn4024Mnb8XrG4Obm6Yg63vR1rn4Fq/H+mXOTge5sX3d3b+XrA1jPeJyZW+HxnONjV9Ux1afLrh3FNfkt7vjx/IS7t5eUf9hpvGsovzs+fvf/TYhQvnd2WhrIuXNMyV1vm6qeE5ZUvm69CK5+vhuZc/cUeb5ZvDvhq/r/7XeMfXqr7O3vu7v1b5d7f2+7Np6e4slDW23vuz3Xfz+v4cy7LPf+vjD3/jsc+/ruP+rPebn5ha/Xvx1Jc2nH9HO5x/Y9//fLG99FCPD4+OFMfvcNo7o03n4+aXaiQ/d9XybT83tbzz8Wj4s97n41u7nI+3tKy71ufj0dYnF8/HtV4/7Vid1tdzPMyTU9Pdz8f1dbbsXumcHFkyJxuPsbtCrYX9/6rQKaRTeMPc6TRv07ZGRkbD8xqJW2iep3ua1h8NvVl9W0/tDm8K0yiXN0933FWsP9xwv2i95ulEy7prPU/Tz746zdNar5++XZvW13M8zItb93Sfp/V1nt67+nPnxvjPhnPnWK85ODo8Vh/zaJqE+fk+W9gY5+D92fHsbHYqm8lvHcvnUy3f1uQDyztXjoU/632u3NJlDu5oWXet52D6PtZp7tVGlj75NdD6eo6HefHkA93nYH2d1++/hveuTUuaz5U7wpK0TsN719afr3X6mdcdLbvpes2VkTDOb+3v/rPZ+jqnDqy0z+y+n+4NS25qs59aj99Ox9RMtj77aUsY57MHOu+n+njq63zu4DLn0+Esyy59+MH8573h9yuXLn7vq02/d2n3O51LH37wpy888c8rGT8Ag+/5omwqvtc1/BBtOb//BwAAAAZC7PuHQk30/wAAAFAase+P/ys80f8DAABAacS+fyTUpAz9/x/3XmXL65+de/5SlpL5C0G8Pe2Gh4r1YsZ1Onw9sbCovvzBL8/+9z9dWt7whrIs++VDf9R2/S0PxXEVJsI4r76hefkSX71vWds++siltN3G/PoXwuPH57PcadAugjudZdnXb/lMvp2J913J69MPHc3rw5efeLy+znMHi6/j/Z95SbH+X4fw7+ETx5ru/0zYDz8Kdfot7fdHvN9Xrrxq6/73LG4v3q+27eb8aT/5/uJx4+fkfPbxYv24nzuN/xuffuor9fUffWX78V8aaj/+p8LjfjnU/3lZsX7ja1D/Ot7vk2H8cXvxfvd/6Zttx3/1U8X6595YrHc01Lj9HeHr7W98dq5xfz1aO9b0vLI3FevF7U9/70/z2+PjxcdvHf/4kStN+6N1fjz978XjTLWsH5fH7UT/2LL9+uM0zs+4/af+5GjTfu61/asPP/Oy+uO2bv/elvXOfXhnvv3Fx2v+xKa/+eRn2m4vjufwP5xrej6H3xmO47D9J98f5mO4/X+vFo/X+ukKR9/ZfP6J639h86Wm5xO9+efF9q++5mReN4xv3HTTC1548+VX1Pddln13Q/F4vbZ/8m/PNo3/i7cV+yPeHjP6rdvvJG7//Ecmz5ydvzg3k/bqY7fkn53z1mI8cby3hHNr69dHzl74wOz5iemJ6SybKO9H6F2zL4X606Jc7r72wpIz6M5Hwut5x19+fdPd//bpuPw/3l0sv/KW4vvWPWG9z4blm8Prt7LtL/Xknbflx3ft6TDChaWfF7waW7f/+MCyVgzPv/V9QZzv5176gXw/1G/Lv2/E43qV4//BTPE4Xwv7dSF8MvO22xa317h+/GyEK+8qjvdV779wmouv69+H1/ttPyoeP44rPt8fhPcx39zSfL6L8+Nrl4ZaHz//FI/L4XySXS5uj2vF/X3ludvaDi9+Dkl2+fb86z9Lj3P7ip5mJ/MfnZ86NXfm4qNTF2bnL0zNf/RjR06fvXjmwpH8szyPfLDLXf/qnizLFs9Pm/Lz08zsvr1ZfrY6W5TrbBXjz612/OceOT6zf/rumdkTxy6euPDIudnzJ4/Pzx+fnZm/+9iJE7Mf6XX/uZlDu3Yf3LN/9+TJuZlDBw4e3HNwcu7M2fowikH1sG/6Q5Nnzh/J7zJ/aO/BXQ88sHd68vTZmdlD+6enJy/2un/+vWmyfu8/nDw/e+rYhbnTs5Pzcx+bPbTr4L59u3t+GuDpcyfmJ6bOXzwzdXF+9vxU8VwmLuSL69/7et2fcpr/z+L9bKta8UF82Tvu3Zc+n7Xuyx/v+FDFKi0fIPps+Cyab7/o3IHlfB37/tFQkzL0/wAAAEAu9v1joSb6fwAAACiN2PdvCDXR/wMAAEBpxL5/PNT0XwIq0v+XLv+/5dKyti//L//fuL/k/yuW/39Xv+X/i/OF/P/aWG3+Xv4/kP+X/0/5+bEsy9YnP399xi//L//PjdRv+f/Y92/MMr//BwAAgJKKff+mUBP9PwAAAJRG7PtvCjXR/wMAAEBpxL7/BaEmFen/5f/l/+X/5f/l/9tvX/5/MMn/dyf/30nxidDy//NT2Q3Mz6/F+FeY/7+8luO/Afn/jY1fyP/Tj/ot/x/7/heGmlSk/wcAAIAqiH3/zaEm+n8AAAAojdj33xJqov8HAACA0oh9/+ZQk4r0//L/q8r/p8yV/H/z+OX/m8n/h/kg/y//vw7k/7uT/+9B/v+GXj9/0Mfv+v/y/yzVb/n/2Pe/KNSkIv0/AAAAlNbo4j9j3//iUBP9PwAAAPSfkWu7W+z7XxJqsqT/v8YNAAAAADdc7PtvzVqC4BX5/b/8v+v/y//L/8v/t9/+8vP/w5n8f/+Q/+9O/r8H+X/5/+rm/8cz+X+ug37L/+d9fzaevTTUpCL9PwAAAFRB7PtvCzXR/wMAAEBpxL7//4Wa6P8BAACgNGLfvyXUpCL9v/x/afL/v2h86eT/5f+7bV/+3/X/y0z+vzv5/x7k/+X/q5v/d/1/rot+y//Hvv/2UJOK9P8AAABQBbHvvyPURP8PAAAApRH7/v8faqL/BwAAgNKIff/WUJOK9P/y/32e/4/JUdf/l/+X/+/L/P+4/H/fkf/vTv6/B/l/+X/5f/l/1lS/5f9j3/+yUJOK9P8AAABQBbHvf3moif4fAAAASiP2/a8INdH/AwAAQGnEvn8i1KQi/f9K8v+1y/L/nVzn6/+PLeP6/03k/+X/u21f/t/1/8tM/r87+f8e5P/l/+X/5f9ZU/2W/499/52hJhXp/wEAAKAKYt+/LdRE/w8AAAClEfv+u0JN9P8AAABQGrHv3x5qUpH+3/X/ByL/n8n/y//L/8v/y/8vj/x/d/L/Pcj/y//L/8v/s6bWOP8/1Lpwpfn/2Pe/MtSkIv0/AAAAVEHs++8ONdH/AwAAQGnEvv+eUBP9PwAAAJRG7Pt3hJpUpP+X/5f/l/+X/5f/b799+f/BJP/fnfx/D/L/8v/y//L/rKl+u/5/7PtfFWpSkf4fAAAAqiD2/TtDTfT/AAAAUBqx77831ET/DwAAAKUR+/7JUJOK9P/y//L/8v/y//L/7bcv/z+Y5P+7k//vQf5f/l/+X/6fNdVv+f/Y998XalKR/h8AAACqIPb994ea6P8BAACgNGLfPxVqov8HAACA0oh9/3SoSUX6f/l/+X/5f/n/FeX/X7H4uPL/Bfn//iL/3538fw/y//L/Nzz/Pyr/T6n0W/4/9v27Qk0q0v8DAABAFcS+f3eoif4fAAAASiP2/XtCTfT/AAAAUBqx798balKR/l/+X/5f/l/+3/X/229f/n8wyf93t/b5//gU5f/l/+X/Xf9f/p+l+i3/H/v+B0JNKtL/AwAAQBXEvn9fqIn+HwAAAEoj9v37Q030/wAAAFAase8/EGpSkf5f/l/+X/5f/l/+v/325f8Hk/x/d67/34P8v/z/AOf/63NL/p9+02/5/9j3Hww1qUj/DwAAAFUQ+/5Xh5ro/wEAAKA0Yt//a6Em+n8AAAAojdj3/3qoSUX6f/l/+X/5f/n/fs//j8n/y/+vgPx/d/L/Pcj/y/8PcP7f9f/pR/2W/499/6FQk4r0/wAAAFAFse//jVAT/T8AAACURuz7XxNqov8HAACA0oh9/+FQk4r0//L/65T/jwvl/+X/5f9d/1/+/7qS/+9O/r8H+X/5f/l/+X/WVL/l/2Pf/9pQk4r0/wAAAFAFse9/MNRE/w8AAAClEfv+14Wa6P8BAACgNGLf//pQk4r0//L/rv9/4/P/o01jl/9fvJ/8f0H+X/5/JeT/u5P/70H+X/5f/l/+nzXVb/n/2Pe/IdSkIv0/AAAAVEHs+98YaqL/BwAAgNKIff+bQk30/wAAAFAase9/c6hJRfp/+X/5/xuf/3f9f/n/gvy//P9akP/vbjDz//XdKP+fyf/3/fjl/+X/Warf8v+x7//NUJOK9P8AAABQBbHvfyjURP8PAAAApRH7/reEmuj/AQAAoDRi3//WUJOK9P/y//L/8v/y//L/7bcv/z+Y5P+7G7D8/69uDstd/78g/9/f419p/n+k5evrkv//Yaf8/8KG1vvL/3M99Fv+P/b9bws1qUj/DwAAAFUQ+/63h5ro/wEAAKA0Yt//jlAT/T8AAACURuz7fyvUpCL9v/x/fRyL6WX5f/n/fIH8v/y//P/Akv/vbsDy/+H6//L/kfx/f4/f9f/l/1mq3/L/se9/Z6hJRfp/AAAAqILY9z8caqL/BwAAgNKIff+7Qk30/wAAAFAase9/d6hJRfp/+X/X/5f/l/+X/2+/ffn/wbQ2+f9h+X/5f/l/+f/+yP//l/w/g63f8v+x738k1KQi/T8AAABUQez73xNqov8HAACA0oh9/2+Hmuj/AQAAoDRi3//eUJOK9P/y/4OS/5+Q/19h/n8sLJP/l/+X/68W1//vbuv2H3dOVjaS/5f/l//vj/y/6/8z4Pot/x/7/veFmiy//x9f9poAAADADRH7/t8JNanI7/8BAACgCmLf/7uhJvp/AAAAKI3Y9/9eqElF+n/5/0HJ/7v+f+b6//L/Lc9H/l/+v531y//HM8/A5f9d/78b+X/5f/n/jvn/oR73l/+nnX7L/8e+//dDTSrS/wMAAEAVxL7//aEm+n8AAAAYCO3+T3ar2PcfCTXR/wMAAEBpxL7/aKhJRfp/+X/5f/n/Ps3//8W2f/3+d95+dJf8v/y//P+KrOv1/+sH/+Bd/1/+vxv5f/l/+X/X/2dN9Vv+P/b9x0JNFhu/t7rAPwAAAAy22Pf/QahJRX7/DwAAAFUQ+/7joSb6fwAAACiN2PfPhJpUpP+X/5f/l//v0/z/AF//P+6PQcr/T24YoPx/POnK/7e1rvn/9yzmxOX/V5r/H2u7tDX/X5P/byL/v+LxfzvLMvl/+X9uoH7L/8e+fzbUpCL9PwAAAFRB6PuHThR18Qb9PwAAAJRG7PtPhpro/wEAAKA0Yt//gVCTivT/8v/y//L/8v+u/99++32b/3f9/67k/7vrn/x/e67/L/8/yOOX/5f/Z6l+y//Hvn8u1KQi/T8AAABUQez7Pxhqov8HAACA0oh9/4dCTfT/AAAAUBqx7z8V6v+xd2dPltflHcdPk6aYKSpUKje5yAW5z5/ARbhO/oBccJOLpCqVqoCK+8bgvuK+L6i44IILKOKG4i64obiLivsu4o5aY8308zwz3f3r3+mePqfP73y/r9dFHmkdTxunkA/Dm2/pZP/r//X/+n/9v/5/+PP1/+tJ/z9O/z+H/l//r//X/7NQU+v/c/f/f9zSyf4HAACAHuTuvzxusf8BAACgGbn7r4hb7H8AAABoRu7+B8Qta7n/N+49aCWo/9f/N9v//5v+f6/P1//r/1um/x+n/5/jqPr/i2b6/yVY9fev/9f/s9vU+v/c/Q+MW9Zy/wMAAABDcvc/KG6x/wEAAKAZufuvjFvsfwAAAGhG7v4Hxy2d7P8d/f/GrM/+PzNe/X9L/f+ZXn9zpv/f9vn6f/1/y462/7/61O/59P/6f+//B/2//l//z05T6/9z9z8kbulk/wMAAEAPcvc/NG6x/wEAAKAZufsfFrfY/wAAANCM3P0Pj1s62f8TfP//9H8J3v/f+m39/0L6f+//7/h8/b/+v2Xe/x/XU/9/5V0XXn7fzf98y0E+X/+v/9f/6/9ZrKn1/7n7HxG3dLL/AQAAoAe5+x8Zt9j/AAAA0Izc/Y+KW+x/AAAAWEPHB7+au//RcUsn+3+C/f/W96X/P03/f4T9/zH9v/5f/98C/f+4nvr/c/n8Tvr/4T8onkA/f1gL+/6vm+n/9f8syNT6/9z9j4lbOtn/AAAA0IPc/Y+NW+x/AAAAmK6hvxB7RO7+q+IW+x8AAACakbv/RNzSyf7X/y+///+r/n89+n/v/+v/9f9N0P+P0//P0Uf/vyf9v/f/9f8s2tT6/9z9V8ctnex/AAAA6EHu/sfFLfY/AAAANCN3/+PjFvsfAAAAmpG7/wlxSyf7X//v/X/9v/5f/z/8+fr/9aT/H6f/n0P/f9h+/nz9v/5f/8/ZDtj/3z/yu+2F9P+5+58Yt3Sy/wEAAKAHufufFLfY/wAAANCM3P1PjlvsfwAAAGhG7v6nxC2d7H/9v/5f/6//P+f+f/dPvdP0/8P0/0dD/z9uMv3/xubgl/X/a9//e/9f/6//Z5upvf+fu/+pcUsn+x8AAAB6kLv/aXHLyP4/8J/MBwAAAFYqd//T4xa//g8AAABrL6uz3P3PiFs62f/6f/2//l//7/3/4c8f6/9vOev70/9Pi/5/3GT6/z3o//X/6/z96//1/+w2tf4/d/8z45ZO9j8AAAD0IHf/NXGL/Q8AAADNyN3/rLjF/gcAAIBm5O5/dtzSyf4f7v/P/PP6//3R/2///vX/wz8/FtX/57+j/n+0/7/U+/990v+P0//Pof/X/+v/9+r/j8/78fp/hkyt/8/d/5y4pZP9DwAAAD3I3f/cuMX+BwAAgGbk7n9e3GL/AwAAQDNy9z8/bulk/3v/X/+v/1+//t/7/1tW+f7/7Mj7/039/z7p/8fp/+fQ/+v/9f/j7/+P/F0A9P8MmVr/n7v/BXFLJ/sfAAAAepC7/4Vxi/0PAAAA6+Hsv3Zg519QGnL3vyhusf8BAACgGbn7Xxy3tLP/R9/q1P/r//X/+n/9//DnT6v/9/7/fun/x+n/59D/L6Of32ys/792rx8/hf7/qmX3/yP0/wzZ1v/feubrq+r/c/e/JG5pZ/8DAABA93L3vzRusf8BAACgGbn7Xxa32P8AAADQjNz9L49bOtn/S+//R/7uA/p//b/+X/+v/9f/L5r+f5z+fw79v/f/vf+v/2ehtvX/Z1lV/5+7/xVxSyf7HwAAAHqQu/+VcYv9DwAAAM3I3X9t3GL/AwAAQDNy978qbulk/3v/X/+v/9f/6/+HP1//v54O1d+fp/8v+n/9v/5f/6//ZwGm1v/n7n913NLJ/gcAAIAe5O5/Tdxi/wMAAEAzcvdfF7fY/wAAANCM3P2vjVs62f/6/+X2//l1/b/+f6b/1//r/49Et+//bwz9L9Fue/T/d/zvif/Y/hX9v/5f/6//1/+zT/8w8s9Nov8/eeaPLnP3vy5u6WT/AwAAQA9y978+brH/AQAAoBm5+98Qt9j/AAAA0Izc/dfHLQfc/2PNw7B7Lz7wD1kC/b/3//X/+n/9//Dn6//XU7f9/z55/38O/b/+X/+v/2ehJtH/n/XbufvfGLf49X8AAABoRu7+N8Ut9j8AAAA0I3f/m+MW+x8AAACakbv/LXFLJ/tf/6//1//r//X/w5+v/19P+v9x+v851qn/v/4Q/f/m8JdX3c8f1qq/f/2//p/dptb/5+6/IW7pZP8DAABAD3L3vzVusf8BAACgGbn73xa32P8AAADQjNz9b49bOtn/+n/9v/5f/6//H/58/f960v+P0//PZrMbR76Bof7/5AXT7P+9/z+571//r/9nt6n1/7n73xG3dLL/AQAAoAe5+2+MW+x/AAAAaEbu/pviFvsfAAAAmpG7/51xSyf7X/+v/9f/6/8X0P9v62v1/8P0/0dD/z9O/z/HOr3/r/+f3Pev/9f/s9vU+v/c/e+KWzrZ/wAAANCD3P03xy32PwAAADQjd/+74xb7HwAAAJqRu/+WuKWT/a//1//r//X/3v8f/nz9/3paXv8/0//r//X/c+j/9f/6f3aaWv+fu/89cUsn+x8AAAB6kLv/vXGL/Q8AAADNyN3/vrjF/gcAAIBm5O5/f9zSyf7X/+v/9f/6/2n0/6d+H6T/1/8fnvf/x+n/59D/6//1//p/Fmq4/79qZf1/7v4PxC2d7H8AAADoQe7+W+MW+x8AAACakbv/g3GL/Q8AAADNyN3/obilk/2v/9f/b+//ZzP9v/7f+/9bjqD/PzbT/y+c/n+c/n8O/X+b/f95s4b6/+N7/nj9P1M0tff/c/ffFrd0sv8BAACgB7n7Pxy32P8AAADQjNz9H4lb7H8AAABoRu7+j8Ytnex//b/+3/v/+n/9//Dne/9/Pen/x+n/59D/t9n/e/9f/8/KTK3/z93/sbilk/0PAAAAPcjd//G4xf4HAACAZuTu/0TcYv8DAABAM3L3fzJu6WT/6//1//p//b/+f/jz9f/rSf8/Tv8/h/5f/6//1/+zUFPr/3P3fypu6WT/AwAAQA9y998et9j/AAAA0Izc/XfELfY/AAAANCN3/6fjlk72v/5f/6//X8/+/5j+X/+v/x80lf7/kkv+/U79v/5f/6//1//r/3s3tf4/d/9n4pZO9j8AAAD0IHf/Z+MW+x8AAACakbv/c3GL/Q8AAADNyN3/+bilk/2/u/8/f7ZVqG4Z6v+jUdP/n0X/v/371/8P//zw/r/+X/+/fFPp/73/f27fv/5f/7/O3/+B+v9/2f3j9f+0aGr9f+7+O+OWTvY/AAAA9CB3/xfiFvsfAAAAmpG7/4txi/0PAAAAzcjdf1fc0sn+9/6//l//r//X/w9/vv5/Pen/x+n/59D/6/+9/3/Ff/+d/p/FmVr/n7v/S3FLJ/sfAAAAepC7/8txi/0PAAAAzcjd/5W4xf4HAACAZuTu/2rc0sn+1//r//X/S+j/N4d/fuj/9f/6/+XT/4/T/5ed/9G29NP/Hxv64qr7+cNa9fe/pP7/tgu9/88am1r/n7v/a3FLJ/sfAAAAepC7/+txi/0PAAAAzcjd/424xf4HAACAZuTu/2bc0sn+1/833v+f+o3u+///8v7/js/X/+v/W6b/z/9FH6b/n6Of/n/Qqvv5df/+m3n/X//PAk2t/8/df3fc0sn+BwAAgB7k7v9W3GL/AwAAQDNy9387brH/AQAAoBm5+78Tt3Sy//X/jff/O97/35j12P+v4P3/PX5+6P/1//r/5dP/j9P/z6H/1//r//X/LNTU+v/c/fdsbHa5/wEAAGBd/ee//t/d+/3X3nP6/x6bfTduuXR2cp+/jA0AAABM3Kndv7E5m33v9G/59X8AAABoUe7+78ctnex//X9f/X+f7/8vsf8/9cH6f/2//n9S9P/j9P9z6P/1//p//T8LNbX+P3f/D+KWs4bf5oH/UwIAAABTkrv/h3FLJ7/+DwAAAD3I3f+juGXX/ve3AwQAAIB1lbv/x3FLJ7/+r/+feP8/W1L/H/86/f8W7//r/4c+X/+/nvT/4w7Z/5/c0P/r/0fo//X/+n92mlr/n7v/J3FLJ/sfAAAAGrXtzyjk7v9p3GL/AwAAQDNy9/8sbrH/AQAAoBm5+38et3Sy//X/R97/Z6q+xPf/j9c/8v5/5/3/NccGP1//r/9vmf5/nPf/59D/t9L/X6D/1/8zDVPr/3P3/yJu6WT/AwAAQA9y9/8ybrH/AQAAoBm5+38Vt9j/AAAA0Izc/feeOn/f3/5fSf8f/yad9v8He/9/n/3/P160/bPnvv+v/++j/9/j89vp///pwhO3X/Y/N92g/+eMo+z/8+eC/l//r//fMqH+3/v/+n8mYvH9/+a2Lx60/z+9+2fHZr+OWzrZ/wAAANCD3P33xS32PwAAADQjd/9v4hb7HwAAAJqRu/+3cUsn+9/7/230/zutY/+f/79eQf9/4pz7/+Oz2Wwl/X82xb33/97/1//v5v3/cfr/OfT/+n/9v/6fhVp8/7/9iwft/3P3/y5u6WT/AwAAQA9y9/8+bsn9v3HgP3UPAAAATEzu/j/ELX79HwAAAJqRu/+PcUsn+1//r/+fSv+fvP9/5se19f7/ZRWn9tn/X1z/SP+/XPr/cfr/OfT/+n/9v/6fhZpa/5+7/09xSyf7HwAAAHqQu//+uMX+BwAAgGbk7v9z3GL/AwAAQDNy9/8lbulk/+v/W+3/s4jX/+v/p9L/e//f+/9HQ/8/Tv8/h/5/zfv/+Akz0//r/5mKqfX/ufv/FgAA///MwW5u")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0)

2m12.984483701s ago: executing program 2 (id=200):
io_setup(0x2278, &(0x7f0000000180)=<r0=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = eventfd(0x80000000)
io_submit(r0, 0x2, &(0x7f00000002c0)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x2, r2}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x5, 0x2, r1, 0x0, 0x300, 0x0, 0x0, 0x1, r2}])

2m12.178858565s ago: executing program 2 (id=204):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x98, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000000)='./file1\x00', 0x800088c)
fallocate(r0, 0x3, 0x5000000, 0x8000c62)

2m11.333924588s ago: executing program 33 (id=204):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x98, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000000)='./file1\x00', 0x800088c)
fallocate(r0, 0x3, 0x5000000, 0x8000c62)

42.354825136s ago: executing program 0 (id=866):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x14, &(0x7f0000000880)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000440)='kfree\x00', r1}, 0x18)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630b00c145f94cd977", 0x18, 0xffffffffffffffff)

42.326295037s ago: executing program 0 (id=867):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd7, &(0x7f0000000580)=[{}], 0x8, 0x10, &(0x7f0000001f00), &(0x7f0000000540), 0x8, 0x15, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001158000000000000800000850000006d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r0, 0x4d, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xb3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

42.13201539s ago: executing program 0 (id=869):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0xd, <r2=>r0})
mmap$dsp(&(0x7f0000fff000/0x1000)=nil, 0x1002, 0x0, 0x11, r2, 0x0)

41.942721763s ago: executing program 0 (id=871):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000001240)="$eJzs3MtvG1UXAPAzkzj98qUloZRXyyNQEBWPpGkLdMECEEgsioQEC1haSVqVpi1qjESrSKQsygohJPaIJf8CK9ggxAqJLexRpQp1Q8vKaOyZxHZsp2nsuMW/n+T23Hn43uOZa9+ZayeAoTWd/ZNE7I6I3yNisl5s3mC6/t+N6yvzN6+vzCdRrb77V1Lb7u/rK/PFpsV+E42FSOJAm3qXL146U15aWryQl2crZz+aXb546YXTZ8unFk8tnjty/Pixo3Mvv3TkxZ7kORFpHr31wVdvn/iiKf+WPHpkutvKp6vVHlc3WHsa4tEBtoOtGcmPV6nW/ydjpOHoTcabn60VPh1QA4G+qVar1YnOq1erwH9YEs1lXR6GRfFBX1z/trsOfrVvo4/Bu/Za/QIoy/tG/qivGV27Y1Bqub7tpemIeH/1n2+yR/TnPgQAQJMfsvHP89loZ2U+G3usjz/SeKBhu3vyuaGpiLg3IvZGxH1xLvZFxP0RtW0fjIiHtlh/6yTJxvFPevW2ErtF2fjvlXxuq3n8V4z+YmokL+2p5V9KTp5eWjycvyaHorQrK891qePHN377stO6xvFf9sjqL8aCeTuuju5q3mehXClvJ+dG1y5H7B9tl3+yNhOQRMTDEbG/3ROkm9dx+tnvHum0bvP8u+jBRFP124hn6sd/NVryLyTd5ydn/xdLi4dni7Nio19+vfJOp/q3lX8PZMf//23P/7X8p5LG+drlrddx5Y/PO17TTJfyYAvn/2q5Uh5L3qvFY/myT8qVyoW5iLHkRL3RjcuPrO9blIvts/wPHWzf//fG+itxICKyk/jRiHgsIh7Pj90TEfFkRBzskv/Prz/1Yeuy8SL/O+D4L2zp+K8HY9G6pH0wcuan75sqnVoP8/xvdn//O1aLDuVLbuX971badXtnMwAAANx90ojYHUk6sxan6cxM/Tv8+yLSpfPLledOnv/43EL9NwJTUUqLO12TDfdD5/LL+nr5ckTUv1pQrD8aae2+8dcj47XyzPz5pYVBJw9DbqJD/8/8OTLo1gF95wdbMLz0fxheXft/aefaAey8Df2/a5/f1de2ADurzef/+CDaAey8duN/f+8HhkNL/zftB0PE/X8YXvo/DC/9H4bS8nhs/iP5rkHxTLe5+2bBZMR2WziYIEp3RDP6FkTa9yrG+ntq9S1I7sI2bwgG954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQS/8GAAD//3hZ0MA=")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80a053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file2\x00', 0xc08, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

41.161707596s ago: executing program 0 (id=881):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000ec0)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e25, @remote}, 0x3, 0x0, 0x3}}, 0x26)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x20000, @rand_addr=' \x01\x00'}}}, 0x32)

40.730802093s ago: executing program 0 (id=874):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000580)={@local})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000300)={0x0, 0x57, 0x5})

40.419886048s ago: executing program 34 (id=874):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000580)={@local})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000300)={0x0, 0x57, 0x5})

1.994465156s ago: executing program 1 (id=1194):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r1 = dup(r0)
shutdown(r1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x44054, 0x0, 0x0)

1.950432487s ago: executing program 5 (id=1195):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000000400)=""/129, 0x81)

1.826776789s ago: executing program 1 (id=1197):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="580000001000030528bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000300012800c0001006d6163766c616e002000028008000100100000000a0004000000150000000000080003000000000008000500", @ANYRES32=r2], 0x58}, 0x1, 0x0, 0x0, 0x8010}, 0x0)

1.79849646s ago: executing program 5 (id=1198):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xc000, &(0x7f0000000380), 0x2, 0x24d, &(0x7f0000000440)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==")
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000140)=@v1={0x0, @aes256, 0x0, @desc3})

1.621617432s ago: executing program 6 (id=1201):
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140))
r0 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {0x0}], 0x0, 0x2}, 0x20)

1.539563864s ago: executing program 1 (id=1202):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x2, 0x222, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiog2KWwsDBjR7GX3UNIcGkGwEiHxV6WHWUPMJieXFUxANNjYaGchpLHwH7BIkcrCzn9A0EIFwcIrLGxsRmZndm9yc3HDcla+TzF8Z9+befPezbziQBDEf8vXL78+Pzs/PXcKwAGMY5/+/t0BGFOaG/6fXt4/+aJ1YfPNx9fvVg4+3B7cTy4RYueH+l/iuwDezjhIi0jF6t9SjOvJHHihr4DjhNbXwBBofQscV7WOwXBD67uG7kj/ILizmMTB7U4yL8WUHEI5RHJoDp6vt8Ewr+dCCMEM++ra+lI7SeKuIVxtG2KqJIpgS2NW/Wrw0JvhaBnnk1W8/vTJhpzntZky6heCI9RJNMEwq79PYzOvjSqJkf8Rt7+/Y+U/JFumLwNQlmRdidbPkRTLFIcnqy2fkOmcs02HUOUY2Lmqhr5JVnK0KVtXJxNu+V08q3/QCrEuDWYhHg1/AM99AP8oU1NUyiIXY73t97bpmxJ81/ssWHkItvf7U9/rmfOHWL1iPmReI/8tgA9bqn+IVwzHjf7kGv2jkS7fa6yurU8uLrcX4oV4JYqaZxjw+HTUyBqRGq2+1+/Pftaf9hv713bx9biHB+007YZq9JgHH2najbJ5ZDyb2a3Oj5t6WYqLAI6piWxpXrGjY8VgnvLhma9UE7YTQRAEQRAEQRAEQRAEQRBEJY6CZf+ClhBdzrz/BAAA//9oglvV")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000001c0)='./file0\x00')
open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

1.489659205s ago: executing program 4 (id=1203):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x8010}, 0x44830)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f00000000c0)}, 0x10)
sendmmsg(r0, &(0x7f0000000180), 0x4000190, 0x0)

1.422717946s ago: executing program 6 (id=1204):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f00000043c0)=ANY=[@ANYBLOB="2900000005"], 0x29)

1.337817847s ago: executing program 5 (id=1205):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x110, 0x4)
sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800)
recvfrom(r0, 0x0, 0x0, 0x2101, 0x0, 0x0)

1.337400747s ago: executing program 4 (id=1206):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0xfffd, @remote}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@local, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x1000000, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x6}, {0x0, 0x8, 0x0, 0x8}, 0x0, 0x0, 0x1, 0x1, 0x1, 0x3}, {{@in6=@mcast1, 0x2, 0x3c}, 0x0, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

1.230497989s ago: executing program 6 (id=1207):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
sendmsg$inet(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="8b", 0x1}], 0x1}, 0x805)
close(r1)

1.212577129s ago: executing program 1 (id=1208):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0xfffffffffffffffd, {0x0, 0xf0, 0x4}, 0x2}, 0x18)
bind$can_j1939(r0, &(0x7f0000000240)={0x1d, r1, 0x1, {0x2, 0xf0, 0x1}, 0x2}, 0x18)

1.17043845s ago: executing program 4 (id=1209):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000f00)=ANY=[@ANYBLOB="b70200000000e6ccbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe02000000850000001a000000b7000000100000009500000000000000455781a5fee65e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde43a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d1106fb0289ce67a66afd92c3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a060000009b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece6d311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da326018362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f707777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee23483508818b897e3b677d3d342640e328504ae2dbf8fe1d704765de74891f7c8dae85739c50409c62040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528d46362ea0d8d79c79ddca066da478c1b7d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5f001000000100008000000000ed6f6663677df37de0ec0d0f548b273940be5d1fe0aae14d1a76e0741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ce0000000000000000000000000000000064d3210f806a4877e73c19072e358da1cdbef27967e918e6f2bab4a78ce0103a91789340b00db45df429d650e2f6acfbf9bf2f1b23064f3e60a9ded23b652f110940813a14c97abc84ab3cf728efd94ba2895a0884e7f7c53bc60d1b9768a979929055be8565b8a15dffc8692476ff03963b626afbc18750629666d1f449f02271064768c0731aeccb2c342ae3fa9956354e847f086eee8cd78617ad6ae28f121b23c1128b78f521eea8c487ae31f9112db0e671dd47d95ea9653e51da8c99a996656149a65f8e88032ddf35717407"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
syz_emit_ethernet(0x1e, &(0x7f0000000000)={@local, @multicast, @val={@val={0x88a8, 0x5, 0x1}, {0x8100, 0x0, 0x0, 0x3}}, {@llc_tr={0x11, {@snap={0xaa, 0x1, '7', "e36b0d", 0x22eb}}}}}, 0x0)

1.107268831s ago: executing program 5 (id=1210):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r0, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)

1.003050943s ago: executing program 6 (id=1211):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8007}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x3c}}, 0x0)

972.583053ms ago: executing program 4 (id=1212):
connect$packet(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0xf8, 0x0, 0x1, 0x2, 0x6, @broadcast}, 0x14)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r1, 0x34}, 0x10)

925.685744ms ago: executing program 5 (id=1213):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x6, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x2000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

814.530226ms ago: executing program 1 (id=1214):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x10000}, 0x4c094)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x48, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_bridge\x00'}]}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x70}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)

813.991126ms ago: executing program 4 (id=1215):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000180))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
shmget$private(0x0, 0x4000, 0x400, &(0x7f0000ffc000/0x4000)=nil)

784.693136ms ago: executing program 6 (id=1216):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000001d40)=""/4078, 0xfee}, {&(0x7f0000000340)=""/141, 0x8d}, {&(0x7f0000002d40)=""/4116, 0x1005}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/231, 0xe7}], 0x5}}], 0x3ffffbd, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x8031, 0xffffffffffffffff, 0x0)

700.484348ms ago: executing program 5 (id=1217):
setreuid(0xee01, 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioprio_set$uid(0x3, 0xee01, 0x2007)

628.789509ms ago: executing program 1 (id=1218):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000080)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119], 0x1, 0x4421, &(0x7f0000004500)="$eJzs3c9PHGUfAPBnBt63UNsKtYeamLiJTTRqCPSk0kRKaSm0WFNtY7xsF9i26MI2sBgPPeCtiScTD8ZDo4k3Tg0Hr/VP8OKxnpvowYuJSSNmd2eBGXbDSliwzeeTlNl5fu9+d5595jB94kTl9txSbm4pV1jIlWduLp3OfVYuLc8XQ7xPDrp/2tOJOIn9wbly7sIH10+H8NPsL4/X19fXQ1V3aGpoy+s//7g7s/XYEGfqVNtt3tpe+TiEcGLbuKq6Qggf/RhCFEI4m6SNJsfeEMKxUM+7fvfLG7k9Gs2DR8Uz+SdT99aGT02u3l9r/d6jEL4tvfjmrfnfXuka/vX1PeoeAAAAAAAAAAAAAAAAAICn3PjVK9feHxwKD6PQvRptf153PDm2ej52fc+83Pk3CwAAAAAAAAAAAAAAAAAAAP9Rm8//56LjTZ7/H0uOIy3qr7/b+THSORPvXRk7PziU7P8ebct/K0n6/WxX6G+y73t2//ezmfrN93/f3s9uNcbX6LcvRPFA6jyOBwZC+D7Z+P1kdDgulZcqb9wsLy/M7tkwnlrp+Nd3709FJ9nQv934j2ba7/z+/y9s+zZVz2/s3VfsmZaOf1fLcj98EbUV/3OZevsRf3YvHf/uWlrv1gIj9QmgGv+vuneO/1im/U7F/1gIIRdVx5pLzQDVNUw1vdV6hbR0/P9XS0tNnckH2er6/ysT//OZ9g9q/l/J/hDRVDr+/6+l9aRKbF7//fHO1/+FTPsHEf/q+Ff8/rclHf9D9cTuVJHaJ9nu/D+eab9T8b8WJ+M8FqW+AatRPb3V/1dHWjr+PdvyN+//4rbWfxcz9ffr/q/Rb+P+rzH9vxbV7/9oLh3/3pbl2r3+JzL1Oj3/j9TWf+xWOv6Ha2nptXNf7W+78Z/MtN+p+NdWJT2N+G/OJ38fqqd/Z/3XlnT8n6snxltLrNT+1tZ/0c7r/0uZ9g9i/Vcd/0rc2V6fFen4H2lZrhr/n9v4/b+cqdf5+IcwaK2/a+n4H21Zrnb99+wc/6lMvU7H/9VONg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFBhNjn0higdS53E8MBDCueT8ZDgcTRdm89Ol8synSyGMJem5cDy6VSpPF0r5uYXybDFfKJXKMyGcT/JPhJ5oqVSu5OcLdy5stNUb3S4WFivTxUIlhDCepL8Ujjbamp6rzBfuhBAubuQ9H5cX79wuLORn5xbfGRwcHAwTG2Poj4qfV4oLlXrv9dwQJjfq9kVbBlfLvrQxliPRJ+XlxYVCqZZ+eUudUnmmUNpSZyrJ+zr0R5XF5YWZQqWYL5VvNfo7SCPJcWzi6odXLw9ty78R1Y+j+zssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6lh8NvfxNC6K6fxSGEXJS8iJJ/KQ8eFc/kn0zdWxs+Nbl6f+1xszIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyz2+de+vdROR4mp7GfH7+fd/nD+X+n03ff/iDDNyOk8v3f1D3ZR/T6P8thyt2rxPN+uvj5iovZ/Bngz36WDcZ2hu3+bm6/teR8pVRLQlv0k5V9WytwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//z8QH1I=")
syz_mount_image$fuse(0x0, &(0x7f0000002180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
lsetxattr$trusted_overlay_opaque(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)
llistxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)

501.467291ms ago: executing program 4 (id=1219):
setresgid(0xee00, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x2a8000, 0x0, 0x0, 0x0, 0x0, 0x0)
exit(0x5)
prlimit64(r0, 0x6, 0x0, 0x0)

0s ago: executing program 6 (id=1220):
syz_mount_image$btrfs(&(0x7f0000000100), &(0x7f0000000040)='./bus\x00', 0x2004018, &(0x7f0000000280)={[{@discard_sync}, {@ssd_spread}, {@ref_verify}, {@noflushoncommit}, {@clear_cache}, {@noflushoncommit}, {@nodatacow}, {@ref_verify}, {@noautodefrag}]}, 0x81, 0x55ae, &(0x7f000000abc0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
r0 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

kernel console output (not intermixed with test programs):

 inode #15: comm syz.4.364: corrupted in-inode xattr: e_value size too large
[  135.406022][   T23] usb 6-1: USB disconnect, device number 3
[  135.430033][ T7290] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.364: couldn't read orphan inode 15 (err -117)
[  135.496566][ T7290] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.705252][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.876540][ T7304] netlink: 8 bytes leftover after parsing attributes in process `syz.4.367'.
[  136.302205][ T7296] loop1: detected capacity change from 0 to 32768
[  136.313628][ T7315] loop0: detected capacity change from 0 to 4096
[  136.360495][ T7296] (syz.1.366,7296,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  136.426726][ T7296] (syz.1.366,7296,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  136.575421][ T7296] JBD2: Ignoring recovery information on journal
[  136.684658][ T7326] loop4: detected capacity change from 0 to 1024
[  136.713075][ T7296] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  136.768188][ T7326] EXT4-fs: inline encryption not supported
[  136.774099][ T7326] EXT4-fs: Ignoring removed bh option
[  136.889975][ T7326] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.383439][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.410790][ T5768] ocfs2: Unmounting device (7,1) on (node local)
[  137.740293][ T7364] loop0: detected capacity change from 0 to 128
[  137.744851][ T7318] loop5: detected capacity change from 0 to 32768
[  137.832651][ T7364] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  137.848404][ T7318] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[  137.881749][ T7364] ext4 filesystem being mounted at /106/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  137.887695][ T7318] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  138.084689][ T5770] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  138.216935][ T7318] XFS (loop5): Ending clean mount
[  138.327192][ T7318] XFS (loop5): Quotacheck needed: Please wait.
[  138.499553][ T7318] XFS (loop5): Quotacheck: Done.
[  138.750115][ T6604] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.258222][   T28] audit: type=1326 audit(1750249306.537:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.0.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  140.329615][   T28] audit: type=1326 audit(1750249306.547:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.0.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  140.385697][ T7413] loop4: detected capacity change from 0 to 40427
[  140.425418][   T28] audit: type=1326 audit(1750249306.547:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.0.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  140.481548][ T7413] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x7
[  140.507912][ T7413] F2FS-fs (loop4): invalid crc value
[  140.510450][   T28] audit: type=1326 audit(1750249306.547:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.0.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  140.535380][ T7413] F2FS-fs (loop4): Found nat_bits in checkpoint
[  140.694236][ T7413] F2FS-fs (loop4): Start checkpoint disabled!
[  140.803189][ T7413] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  140.902667][ T7451] loop0: detected capacity change from 0 to 512
[  140.959984][ T7451] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  140.975934][   T28] audit: type=1800 audit(1750249307.257:28): pid=7413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.396" name="file1" dev="loop4" ino=10 res=0 errno=0
[  140.988978][ T7413] syz.4.396: attempt to access beyond end of device
[  140.988978][ T7413] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  141.065361][ T7451] EXT4-fs (loop0): 1 truncate cleaned up
[  141.075906][ T7451] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.125435][ T7458] loop1: detected capacity change from 0 to 256
[  141.214924][   T28] audit: type=1800 audit(1750249307.497:29): pid=7458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.409" name="file1" dev="loop1" ino=1048607 res=0 errno=0
[  141.337697][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.373737][ T1075] kworker/u4:5: attempt to access beyond end of device
[  141.373737][ T1075] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  141.389990][ T1075] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  141.397352][ T1075] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  141.753385][ T7473] loop5: detected capacity change from 0 to 256
[  142.128182][ T7485] netlink: 72 bytes leftover after parsing attributes in process `syz.1.420'.
[  142.326887][ T5813] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  142.516935][ T5813] usb 6-1: Using ep0 maxpacket: 16
[  142.553563][ T5813] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  142.566824][ T5813] usb 6-1: config 0 has no interface number 0
[  142.596319][ T5813] usb 6-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  142.630622][ T5813] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.660008][ T5813] usb 6-1: Product: syz
[  142.664200][ T5813] usb 6-1: Manufacturer: syz
[  142.685413][ T5813] usb 6-1: SerialNumber: syz
[  142.713861][ T5813] usb 6-1: config 0 descriptor??
[  142.739204][ T5813] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  143.564782][ T5813] gspca_spca1528: reg_w err -71
[  143.606923][ T5813] spca1528: probe of 6-1:0.1 failed with error -71
[  143.631654][ T5813] usb 6-1: USB disconnect, device number 4
[  144.077764][ T7556] lo: entered allmulticast mode
[  145.642766][ T7597] loop0: detected capacity change from 0 to 256
[  146.300041][ T7622] loop5: detected capacity change from 0 to 512
[  146.376912][ T7622] EXT4-fs (loop5): Test dummy encryption mode enabled
[  146.383710][ T7622] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  146.499546][ T7622] EXT4-fs error (device loop5): ext4_orphan_get:1425: comm syz.5.461: bad orphan inode 131083
[  146.574276][ T7622] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.885847][ T7622] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  146.956219][ T7622] overlayfs: upper fs needs to support d_type.
[  147.159648][ T7622] fscrypt (loop5): Error allocating 'xts(aes)' transform: -4
[  147.181053][ T7622] overlayfs: upper fs does not support tmpfile.
[  147.209089][ T7622] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  147.264749][ T7622] overlayfs: failed index dir cleanup (-512)
[  147.277081][ T7622] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  147.444128][ T6604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.816188][ T7674] vivid-000: disconnect
[  147.851259][ T7674] vivid-000: reconnect
[  148.046130][ T7680] loop0: detected capacity change from 0 to 1024
[  148.073954][ T7680] EXT4-fs: Ignoring removed orlov option
[  148.123107][ T7680] EXT4-fs (loop0): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  148.189866][ T7680] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.328428][ T7669] loop5: detected capacity change from 0 to 32768
[  148.371286][ T7690] EXT4-fs error (device loop0): ext4_find_dest_de:2115: inode #12: block 7: comm syz.0.474: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[  148.448284][ T7690] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2867: Unable to expand inode 12. Delete some EAs or run e2fsck.
[  148.467952][ T7689] EXT4-fs error (device loop0): ext4_check_all_de:666: inode #12: block 7: comm syz.0.474: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0
[  148.475894][ T7693] loop1: detected capacity change from 0 to 1024
[  148.513253][ T7669] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  148.588196][ T7693] EXT4-fs: Ignoring removed i_version option
[  148.640726][ T7693] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  148.757881][ T7693] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #3: block 1: comm syz.1.476: lblock 1 mapped to illegal pblock 1 (length 1)
[  148.791672][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.852106][ T7693] Quota error (device loop1): write_blk: dquota write failed
[  148.861874][ T7693] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  148.892266][ T7693] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.476: Failed to acquire dquot type 0
[  148.951788][ T7693] EXT4-fs error (device loop1): ext4_free_blocks:6681: comm syz.1.476: Freeing blocks not in datazone - block = 0, count = 4096
[  149.003438][ T7693] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.476: Invalid inode bitmap blk 0 in block_group 0
[  149.030076][ T7693] EXT4-fs error (device loop1) in ext4_free_inode:363: Corrupt filesystem
[  149.037734][ T1105] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  149.080712][ T7693] EXT4-fs (loop1): 1 orphan inode deleted
[  149.095530][ T1105] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  149.107778][ T7693] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.117694][ T1105] EXT4-fs error (device loop1): ext4_release_dquot:6974: comm kworker/u4:7: Failed to release dquot type 0
[  149.201054][ T7706] loop0: detected capacity change from 0 to 4096
[  149.227332][ T7706] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  149.275292][ T6604] ocfs2: Unmounting device (7,5) on (node local)
[  149.293978][ T7693] EXT4-fs error (device loop1): ext4_nfs_get_inode:1551: inode #12: comm syz.1.476: iget: bad extra_isize 65535 (inode size 256)
[  149.434615][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.683531][ T7717] loop1: detected capacity change from 0 to 512
[  149.755059][ T7717] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  149.808277][ T7717] EXT4-fs (loop1): invalid journal inode
[  149.828195][ T7717] EXT4-fs (loop1): can't get journal size
[  149.858822][ T7717] EXT4-fs (loop1): 1 truncate cleaned up
[  149.865626][ T7717] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.079969][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.091636][ T7730] loop4: detected capacity change from 0 to 64
[  150.109791][ T7732] loop0: detected capacity change from 0 to 64
[  150.234267][ T7730] hfs: request for non-existent node 24 in B*Tree
[  150.268068][ T7730] hfs: request for non-existent node 24 in B*Tree
[  150.304686][ T7737] hfs: request for non-existent node 25 in B*Tree
[  150.337654][ T7737] hfs: request for non-existent node 25 in B*Tree
[  150.446303][ T5770] hfs: node 4:3 still has 2 user(s)!
[  150.699241][ T7750] loop5: detected capacity change from 0 to 1024
[  152.151699][ T7775] loop4: detected capacity change from 0 to 32768
[  152.191125][ T7775] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.497 (7775)
[  152.245079][ T7775] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  152.270775][ T7775] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  152.293839][ T7775] BTRFS info (device loop4): using free space tree
[  152.424784][ T7775] BTRFS info (device loop4): enabling ssd optimizations
[  152.454730][ T7775] BTRFS info (device loop4): auto enabling async discard
[  152.800841][ T6256] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  152.890669][ T7846] loop5: detected capacity change from 0 to 4096
[  152.947133][ T7283] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop4 scanned by udevd (7283)
[  153.004694][ T7851] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  153.112089][ T7846] ntfs3: loop5: ino=5, "/" directory corrupted
[  153.167009][ T7846] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  153.230107][ T7858] ntfs3: loop5: ino=5, "/" directory corrupted
[  153.268390][ T7858] ntfs3: loop5: ino=5, "/" directory corrupted
[  153.563465][ T7866] Bluetooth: MGMT ver 1.22
[  153.669976][ T7869] netlink: 20 bytes leftover after parsing attributes in process `syz.4.525'.
[  153.752558][ T7871] loop5: detected capacity change from 0 to 512
[  153.794161][ T7871] EXT4-fs error (device loop5): ext4_orphan_get:1399: inode #15: comm syz.5.526: casefold flag without casefold feature
[  153.819571][ T7871] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.526: couldn't read orphan inode 15 (err -117)
[  153.864172][ T7871] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.981573][ T7864] loop0: detected capacity change from 0 to 32768
[  154.060531][   T28] audit: type=1326 audit(1750249320.347:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7859 comm="syz.1.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73918e929 code=0x7fc00000
[  154.158935][ T6604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.232768][ T7877] loop4: detected capacity change from 0 to 4096
[  154.244803][ T7877] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512).
[  154.345529][ T7877] ntfs3: loop4: ino=1b, "file0" directory corrupted
[  154.489818][ T7884] Driver unsupported XDP return value 0 on prog  (id 57) dev N/A, expect packet loss!
[  154.568116][ T5813] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  154.757738][ T5813] usb 6-1: Using ep0 maxpacket: 16
[  154.774411][ T5813] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  154.794821][ T5813] usb 6-1: config 0 has no interface number 0
[  154.803365][ T5813] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  154.814693][ T5813] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  154.828563][ T5813] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  154.838167][ T5813] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  154.847455][ T5813] usb 6-1: Product: syz
[  154.851847][ T5813] usb 6-1: SerialNumber: syz
[  154.859425][ T5813] usb 6-1: config 0 descriptor??
[  154.884704][ T5813] cm109 6-1:0.8: invalid payload size 0, expected 4
[  154.909966][ T5813] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.8/input/input10
[  155.157617][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  155.191341][ T7904] capability: warning: `syz.4.540' uses deprecated v2 capabilities in a way that may be insecure
[  155.349282][ T7908] loop0: detected capacity change from 0 to 1024
[  155.402814][ T7908] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.415373][ T7908] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.464085][ T7908] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  155.487083][ T7908] EXT4-fs (loop0): Remounting filesystem read-only
[  155.545148][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.495465][ T7939] loop1: detected capacity change from 0 to 40427
[  156.519527][ T7939] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  156.542220][ T7939] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  156.602667][ T7939] F2FS-fs (loop1): Found nat_bits in checkpoint
[  156.711581][ T7939] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  156.727192][ T7939] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  156.981692][ T7963] loop4: detected capacity change from 0 to 128
[  156.999548][ T7963] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  157.110563][ T7965] loop0: detected capacity change from 0 to 512
[  157.162917][ T7965] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.210798][ T7965] ext4 filesystem being mounted at /169/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  157.314301][   T23] usb 6-1: USB disconnect, device number 5
[  157.370876][   T23] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  157.391470][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.017059][   T23] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  158.216869][   T23] usb 6-1: Using ep0 maxpacket: 32
[  158.224346][   T23] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  158.235799][   T23] usb 6-1: config 0 has no interfaces?
[  158.241744][   T23] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  158.252152][   T23] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.295800][   T23] usb 6-1: config 0 descriptor??
[  158.550624][   T23] usb 6-1: USB disconnect, device number 6
[  158.841509][ T8024] netlink: 8 bytes leftover after parsing attributes in process `syz.0.592'.
[  159.166153][ T8035] loop4: detected capacity change from 0 to 8
[  159.378882][ T8043] netlink: 16 bytes leftover after parsing attributes in process `syz.0.600'.
[  159.407553][ T8043] bridge0: port 2(bridge_slave_1) entered forwarding state
[  159.860131][ T5768] cgroup: fork rejected by pids controller in /syz1
[  159.978751][ T8041] loop5: detected capacity change from 0 to 32768
[  160.225243][ T8047] loop4: detected capacity change from 0 to 32768
[  160.310965][ T8047] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  160.487170][ T3483] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.488040][ T8047] XFS (loop4): Ending clean mount
[  160.570100][ T8066] netlink: 8 bytes leftover after parsing attributes in process `syz.0.608'.
[  160.601354][ T8066] netlink: 24 bytes leftover after parsing attributes in process `syz.0.608'.
[  160.786864][ T6256] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  160.798633][ T3483] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.978781][ T3483] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.107566][ T3483] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.236194][   T23] IPVS: starting estimator thread 0...
[  161.255185][ T8072] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  161.356970][ T8073] IPVS: using max 18 ests per chain, 43200 per kthread
[  161.697424][ T5773] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  161.709007][ T5773] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  161.718752][ T5773] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  161.734247][ T5773] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  161.749062][ T5773] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  161.756374][ T5773] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  162.260862][ T8070] loop0: detected capacity change from 0 to 40427
[  162.287896][ T8099] loop5: detected capacity change from 0 to 1024
[  162.330706][ T8070] F2FS-fs (loop0): Found nat_bits in checkpoint
[  162.338475][ T8099] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.449767][ T8070] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  162.507400][ T6604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.568444][ T5770] syz-executor: attempt to access beyond end of device
[  162.568444][ T5770] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  162.612628][ T5770] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  162.798904][ T8117] IPv6: Can't replace route, no match found
[  163.509982][ T8079] chnl_net:caif_netlink_parms(): no params data found
[  163.791201][ T8140] netlink: 4 bytes leftover after parsing attributes in process `syz.5.628'.
[  163.808329][ T5087] Bluetooth: hci2: command tx timeout
[  164.054377][ T3483] hsr_slave_0: left promiscuous mode
[  164.079172][ T3483] hsr_slave_1: left promiscuous mode
[  164.106991][ T3483] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  164.125711][ T3483] batman_adv: batadv0: Removing interface: batadv_slave_0
[  164.136617][ T3483] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  164.156022][ T3483] batman_adv: batadv0: Removing interface: batadv_slave_1
[  164.176364][ T3483] bridge_slave_1: left allmulticast mode
[  164.183057][ T3483] bridge_slave_1: left promiscuous mode
[  164.233997][ T3483] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.329159][ T3483] bridge_slave_0: left allmulticast mode
[  164.334830][ T3483] bridge_slave_0: left promiscuous mode
[  164.371289][ T3483] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.394507][ T8135] loop4: detected capacity change from 0 to 32768
[  164.429521][ T8135] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.627 (8135)
[  164.472892][ T8135] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  164.503357][ T8135] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  164.525162][ T8135] BTRFS info (device loop4): force clearing of disk cache
[  164.554653][ T8135] BTRFS info (device loop4): setting nodatacow, compression disabled
[  164.580138][ T3483] veth1_macvtap: left promiscuous mode
[  164.585688][ T3483] veth0_macvtap: left promiscuous mode
[  164.591232][ T8135] BTRFS info (device loop4): turning off barriers
[  164.606886][ T8135] BTRFS info (device loop4): enabling auto defrag
[  164.611969][ T3483] veth1_vlan: left promiscuous mode
[  164.613312][ T8135] BTRFS info (device loop4): turning on sync discard
[  164.626295][ T3483] veth0_vlan: left promiscuous mode
[  164.657059][ T8135] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  164.700725][ T8135] BTRFS info (device loop4): trying to use backup root at mount time
[  164.716906][ T8135] BTRFS info (device loop4): enabling ssd optimizations
[  164.723872][ T8135] BTRFS info (device loop4): using spread ssd allocation scheme
[  164.762765][ T8135] BTRFS info (device loop4): using free space tree
[  164.906152][   T59] BTRFS warning (device loop4): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xb6fb6650 level 0
[  164.956576][ T8135] BTRFS warning (device loop4): couldn't read tree root
[  164.981393][ T8135] BTRFS warning (device loop4): try to load backup roots slot 1
[  165.047278][   T11] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x7a216cc0 level 0
[  165.073899][ T8135] BTRFS warning (device loop4): couldn't read tree root
[  165.095175][ T8135] BTRFS warning (device loop4): try to load backup roots slot 2
[  165.122506][ T8163] loop5: detected capacity change from 0 to 32768
[  165.135435][   T11] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  165.155092][ T8135] BTRFS warning (device loop4): couldn't read tree root
[  165.162739][ T8135] BTRFS warning (device loop4): try to load backup roots slot 3
[  165.215117][ T8135] BTRFS info (device loop4): rebuilding free space tree
[  165.309938][ T8135] BTRFS info (device loop4): checking UUID tree
[  165.697238][ T6256] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  165.906902][ T5087] Bluetooth: hci2: command tx timeout
[  166.128847][ T8197] loop4: detected capacity change from 0 to 1024
[  166.156161][ T8197] EXT4-fs: Ignoring removed nobh option
[  166.182834][ T8197] EXT4-fs: Ignoring removed bh option
[  166.232994][ T8197] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.304229][ T8195] loop5: detected capacity change from 0 to 32768
[  166.361216][ T8197] EXT4-fs error (device loop4): ext4_xattr_inode_iget:440: comm syz.4.640: inode #327696: comm syz.4.640: iget: illegal inode #
[  166.403643][ T8197] EXT4-fs (loop4): Remounting filesystem read-only
[  166.446872][ T8197] EXT4-fs warning (device loop4): ext4_xattr_inode_inc_ref_all:1146: inode #18: comm syz.4.640: cleanup dec ref error -5
[  166.466895][ T8197] EXT4-fs warning (device loop4): ext4_xattr_block_set:2202: inode #18: comm syz.4.640: dec ref error=-5
[  166.500350][ T3483] team0 (unregistering): Port device team_slave_1 removed
[  166.533542][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.574373][ T3483] team0 (unregistering): Port device team_slave_0 removed
[  166.670878][ T3483] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  166.807127][ T3483] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  166.885799][ T8206] loop4: detected capacity change from 0 to 512
[  166.907953][ T8206] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  167.038405][ T8206] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.051135][ T8206] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.151234][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.756472][ T3483] bond0 (unregistering): Released all slaves
[  167.895529][ T8079] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.906183][ T8079] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.919923][ T8079] bridge_slave_0: entered allmulticast mode
[  167.929847][ T8079] bridge_slave_0: entered promiscuous mode
[  167.939173][ T8079] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.946488][ T8079] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.959524][ T8079] bridge_slave_1: entered allmulticast mode
[  167.966962][ T5087] Bluetooth: hci2: command tx timeout
[  167.977141][ T8079] bridge_slave_1: entered promiscuous mode
[  168.279046][ T8079] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  168.325815][ T8079] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  168.490686][ T8079] team0: Port device team_slave_0 added
[  168.524310][ T8079] team0: Port device team_slave_1 added
[  168.789085][ T8079] batman_adv: batadv0: Adding interface: batadv_slave_0
[  168.796697][ T8079] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.856909][ T8079] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  168.934600][ T8079] batman_adv: batadv0: Adding interface: batadv_slave_1
[  168.947161][ T8079] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.028626][ T8079] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  169.268114][ T8079] hsr_slave_0: entered promiscuous mode
[  169.626402][ T8079] hsr_slave_1: entered promiscuous mode
[  169.707771][ T8079] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  169.727301][ T8079] Cannot create hsr debugfs directory
[  169.758899][ T8288] netlink: 4 bytes leftover after parsing attributes in process `syz.0.666'.
[  170.051777][ T5087] Bluetooth: hci2: command tx timeout
[  170.057531][  T966] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  170.251585][  T966] usb 6-1: Using ep0 maxpacket: 16
[  170.269965][  T966] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  170.287104][  T966] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  170.308590][  T966] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  170.317871][  T966] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.344424][  T966] usb 6-1: Product: syz
[  170.350851][  T966] usb 6-1: Manufacturer: syz
[  170.371076][  T966] usb 6-1: SerialNumber: syz
[  170.734327][ T8296] loop4: detected capacity change from 0 to 40427
[  170.788454][ T8296] F2FS-fs (loop4): build fault injection attr: rate: 690, type: 0x7ffff
[  170.808691][  T966] usb 6-1: cannot find UAC_HEADER
[  170.845089][ T8296] F2FS-fs (loop4): invalid crc value
[  170.872606][ T8296] F2FS-fs (loop4): Found nat_bits in checkpoint
[  170.902449][  T966] snd-usb-audio: probe of 6-1:1.0 failed with error -22
[  170.996788][   T28] audit: type=1326 audit(1750249337.277:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8323 comm="syz.0.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  171.033278][  T966] usb 6-1: USB disconnect, device number 7
[  171.076695][ T8296] F2FS-fs (loop4): Start checkpoint disabled!
[  171.084700][   T28] audit: type=1326 audit(1750249337.277:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8323 comm="syz.0.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  171.112093][ T7283] udevd[7283]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  171.136349][   T28] audit: type=1326 audit(1750249337.327:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8323 comm="syz.0.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  171.163912][ T8296] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  171.201358][ T8079] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  171.216727][ T8079] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  171.237570][ T8079] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  171.240751][ T8079] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  171.259837][   T28] audit: type=1326 audit(1750249337.327:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8323 comm="syz.0.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  171.259879][   T28] audit: type=1326 audit(1750249337.327:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8323 comm="syz.0.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  171.259916][   T28] audit: type=1326 audit(1750249337.327:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8323 comm="syz.0.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  171.259952][   T28] audit: type=1326 audit(1750249337.327:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8323 comm="syz.0.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  171.259987][   T28] audit: type=1326 audit(1750249337.337:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8323 comm="syz.0.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  171.260023][   T28] audit: type=1326 audit(1750249337.337:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8323 comm="syz.0.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  171.260060][   T28] audit: type=1326 audit(1750249337.337:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8323 comm="syz.0.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faef578e929 code=0x7ffc0000
[  171.276997][ T8296] F2FS-fs (loop4): inject no more block in inc_valid_block_count of f2fs_map_blocks+0x161f/0x3c00
[  171.416960][ T8079] 8021q: adding VLAN 0 to HW filter on device bond0
[  171.478337][ T3483] kworker/u4:11: attempt to access beyond end of device
[  171.478337][ T3483] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  171.478404][ T3483] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  171.479400][ T3483] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  171.521002][ T8079] 8021q: adding VLAN 0 to HW filter on device team0
[  171.687189][ T1105] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.694342][ T1105] bridge0: port 1(bridge_slave_0) entered forwarding state
[  171.784592][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.791784][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.970273][ T8340] netlink: 8 bytes leftover after parsing attributes in process `syz.5.680'.
[  172.224465][ T8346] netlink: 16 bytes leftover after parsing attributes in process `syz.5.683'.
[  172.303328][ T8353] netlink: 24 bytes leftover after parsing attributes in process `syz.0.684'.
[  172.445688][ T8079] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.556330][ T8079] veth0_vlan: entered promiscuous mode
[  172.586005][ T8079] veth1_vlan: entered promiscuous mode
[  172.630147][ T8366] loop5: detected capacity change from 0 to 512
[  172.667302][ T8366] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.677189][ T8079] veth0_macvtap: entered promiscuous mode
[  172.687987][ T5813] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  172.721389][ T8366] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.734178][ T8079] veth1_macvtap: entered promiscuous mode
[  172.764475][ T8363] loop0: detected capacity change from 0 to 4096
[  172.809225][ T8079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.843109][ T8366] EXT4-fs error (device loop5): ext4_xattr_block_find:1886: inode #12: comm syz.5.688: corrupted xattr block 6: invalid header
[  172.864611][ T8079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.893006][ T5813] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.904752][ T8079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.916652][ T5813] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  172.936631][ T8079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.948846][ T5813] usb 5-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  172.959108][ T8079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.970943][ T5813] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.979726][ T8079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.999981][ T5813] usb 5-1: config 0 descriptor??
[  173.018791][ T8079] batman_adv: batadv0: Interface activated: batadv_slave_0
[  173.056382][ T6604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.069149][ T8079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.102843][ T8079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.155413][ T8079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.188430][ T8079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.232522][ T8079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.250221][ T8079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.263113][ T8079] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.313118][ T8079] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.332775][ T8079] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.351281][ T8079] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.369084][ T8079] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  173.511205][ T1075] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.525030][ T1075] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.563943][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.576641][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.829485][ T5813] hid-led: probe of 0003:0FC5:B080.0004 failed with error -71
[  173.844875][ T5813] usb 5-1: USB disconnect, device number 4
[  173.968157][  T966] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  174.177357][  T966] usb 2-1: Using ep0 maxpacket: 16
[  174.193532][  T966] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  174.217549][  T966] usb 2-1: New USB device found, idVendor=0e8f, idProduct=0003, bcdDevice= 0.00
[  174.230539][  T966] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.249109][  T966] usb 2-1: config 0 descriptor??
[  174.626871][   T23] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  174.680962][  T966] pantherlord 0003:0E8F:0003.0005: item fetching failed at offset 3/5
[  174.743040][  T966] pantherlord 0003:0E8F:0003.0005: parse failed
[  174.756873][  T966] pantherlord: probe of 0003:0E8F:0003.0005 failed with error -22
[  174.836683][   T23] usb 1-1: Using ep0 maxpacket: 32
[  174.851664][   T23] usb 1-1: config 0 interface 0 has no altsetting 0
[  174.882054][   T23] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  174.934460][   T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.975158][   T23] usb 1-1: config 0 descriptor??
[  174.981571][  T966] usb 2-1: USB disconnect, device number 5
[  175.483523][ T8457] loop4: detected capacity change from 0 to 16
[  175.528113][ T8457] erofs: (device loop4): mounted with root inode @ nid 36.
[  175.600747][ T8457] syz.4.703: attempt to access beyond end of device
[  175.600747][ T8457] loop4: rw=0, sector=8, nr_sectors = 16 limit=16
[  175.650568][ T8457] erofs: (device loop4): z_erofs_readahead: readahead error at folio 19 @ nid 36
[  175.690507][ T8457] erofs: (device loop4): z_erofs_readahead: readahead error at folio 18 @ nid 36
[  175.704561][ T8457] syz.4.703: attempt to access beyond end of device
[  175.704561][ T8457] loop4: rw=524288, sector=8, nr_sectors = 16 limit=16
[  175.737251][ T8457] syz.4.703: attempt to access beyond end of device
[  175.737251][ T8457] loop4: rw=524288, sector=67108872, nr_sectors = 16 limit=16
[  175.782998][   T23] corsair-psu 0003:1B1C:1C09.0006: unknown main item tag 0x0
[  175.800371][ T8457] syz.4.703: attempt to access beyond end of device
[  175.800371][ T8457] loop4: rw=524288, sector=67108880, nr_sectors = 16 limit=16
[  175.837012][   T23] corsair-psu 0003:1B1C:1C09.0006: unknown main item tag 0x0
[  175.847406][   T23] corsair-psu 0003:1B1C:1C09.0006: unknown main item tag 0x0
[  175.867691][   T23] corsair-psu 0003:1B1C:1C09.0006: unknown main item tag 0x0
[  175.895280][   T23] corsair-psu 0003:1B1C:1C09.0006: unknown main item tag 0x0
[  175.930230][   T23] corsair-psu 0003:1B1C:1C09.0006: hidraw0: USB HID v4.08 Device [HID 1b1c:1c09] on usb-dummy_hcd.0-1/input0
[  176.327696][   T23] corsair-psu 0003:1B1C:1C09.0006: unable to initialize device (-110)
[  176.344503][   T23] corsair-psu: probe of 0003:1B1C:1C09.0006 failed with error -110
[  176.394278][   T23] usb 1-1: USB disconnect, device number 6
[  176.476539][ T8493] loop1: detected capacity change from 0 to 256
[  176.998878][ T8501] loop4: detected capacity change from 0 to 512
[  177.034849][ T8501] EXT4-fs: Ignoring removed nomblk_io_submit option
[  177.063463][ T8501] EXT4-fs: Ignoring removed i_version option
[  177.120964][ T8501] EXT4-fs (loop4): 1 orphan inode deleted
[  177.158283][ T8501] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.365304][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.671123][ T8496] loop5: detected capacity change from 0 to 32768
[  177.701217][ T8496] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 10
[  177.734634][ T8522] loop1: detected capacity change from 0 to 512
[  177.825829][ T8522] EXT4-fs: Ignoring removed mblk_io_submit option
[  177.875853][ T8522] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  177.891945][ T7283] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 10
[  177.917293][ T8522] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  177.927040][ T8522] System zones: 1-12
[  177.956988][ T8522] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2244: inode #15: comm syz.1.716: corrupted in-inode xattr: e_value size too large
[  178.036005][ T8506] loop0: detected capacity change from 0 to 32768
[  178.053367][ T8522] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.716: couldn't read orphan inode 15 (err -117)
[  178.100289][ T8522] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.150831][ T8506] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  178.185712][ T8079] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.208899][ T8539] netlink: 8 bytes leftover after parsing attributes in process `syz.4.718'.
[  178.413479][ T8544] loop1: detected capacity change from 0 to 1024
[  178.503770][ T8506] XFS (loop0): Ending clean mount
[  178.504703][ T8544] hfsplus: bad catalog entry type
[  178.548823][ T8506] XFS (loop0): Quotacheck needed: Please wait.
[  178.643227][ T8546] loop4: detected capacity change from 0 to 128
[  178.651341][ T1105] hfsplus: b-tree write err: -5, ino 4
[  178.685379][ T8506] XFS (loop0): Quotacheck: Done.
[  178.747712][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  178.747725][   T28] audit: type=1800 audit(1750249345.027:42): pid=8546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.721" name="file0" dev="loop4" ino=1048616 res=0 errno=0
[  178.884530][ T8546] syz.4.721: attempt to access beyond end of device
[  178.884530][ T8546] loop4: rw=0, sector=121, nr_sectors = 8 limit=128
[  179.028324][   T59] kworker/u4:4: attempt to access beyond end of device
[  179.028324][   T59] loop4: rw=1, sector=129, nr_sectors = 912 limit=128
[  179.053977][   T28] audit: type=1800 audit(1750249345.337:43): pid=8506 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.714" name="file2" dev="loop0" ino=9287 res=0 errno=0
[  179.132515][ T5770] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  179.361142][ T8552] tipc: Started in network mode
[  179.386200][ T8552] tipc: Node identity ac1414aa, cluster identity 4711
[  179.419144][ T8552] tipc: Enabled bearer <udp:s>, priority 10
[  179.793597][ T8567] syz.1.732: attempt to access beyond end of device
[  179.793597][ T8567] nbd1: rw=0, sector=64, nr_sectors = 1 limit=0
[  179.808137][ T8567] syz.1.732: attempt to access beyond end of device
[  179.808137][ T8567] nbd1: rw=0, sector=256, nr_sectors = 1 limit=0
[  179.851193][ T8567] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  179.897303][ T8567] syz.1.732: attempt to access beyond end of device
[  179.897303][ T8567] nbd1: rw=0, sector=512, nr_sectors = 1 limit=0
[  179.924021][ T8567] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  179.945737][ T8567] syz.1.732: attempt to access beyond end of device
[  179.945737][ T8567] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0
[  179.979360][ T8567] syz.1.732: attempt to access beyond end of device
[  179.979360][ T8567] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0
[  180.012600][ T8567] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  180.043141][ T8567] syz.1.732: attempt to access beyond end of device
[  180.043141][ T8567] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0
[  180.064225][ T8567] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  180.080315][ T8567] syz.1.732: attempt to access beyond end of device
[  180.080315][ T8567] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0
[  180.095980][ T8567] syz.1.732: attempt to access beyond end of device
[  180.095980][ T8567] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0
[  180.113161][ T8567] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  180.135739][ T8567] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  180.154930][ T8567] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  180.171759][ T8567] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  180.203555][ T8567] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1)
[  180.302662][ T8570] loop4: detected capacity change from 0 to 32768
[  180.319990][ T8570] (syz.4.733,8570,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  180.359841][ T8573] loop0: detected capacity change from 0 to 1024
[  180.370381][ T8570] (syz.4.733,8570,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  180.404979][ T8573] EXT4-fs: inline encryption not supported
[  180.414549][ T8573] EXT4-fs: Ignoring removed bh option
[  180.448168][ T8570] JBD2: Ignoring recovery information on journal
[  180.547132][ T8573] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.549605][ T5812] tipc: Node number set to 2886997162
[  180.636887][ T8570] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  180.705122][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.829129][ T8583] loop5: detected capacity change from 0 to 4096
[  181.003029][ T6256] ocfs2: Unmounting device (7,4) on (node local)
[  181.188597][ T8576] loop1: detected capacity change from 0 to 32768
[  181.256288][ T8593] loop5: detected capacity change from 0 to 16
[  181.282218][ T8576] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  181.317285][ T8593] erofs: (device loop5): mounted with root inode @ nid 36.
[  181.426022][ T8593] erofs: (device loop5): z_erofs_readahead: readahead error at folio 19 @ nid 36
[  181.444467][ T8586] loop0: detected capacity change from 0 to 32768
[  181.502924][ T8593] erofs: (device loop5): z_erofs_readahead: readahead error at folio 18 @ nid 36
[  181.507810][ T8586] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  181.551898][ T8586] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  181.620672][ T8576] XFS (loop1): Ending clean mount
[  181.641096][ T8576] XFS (loop1): Quotacheck needed: Please wait.
[  181.654265][ T8608] loop4: detected capacity change from 0 to 256
[  181.812265][ T8576] XFS (loop1): Quotacheck: Done.
[  181.863387][ T8586] XFS (loop0): Ending clean mount
[  181.878248][ T8586] XFS (loop0): Quotacheck needed: Please wait.
[  181.928496][   T28] audit: type=1800 audit(1750249348.197:44): pid=8576 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.734" name="file2" dev="loop1" ino=9287 res=0 errno=0
[  181.971159][ T8586] XFS (loop0): Quotacheck: Done.
[  182.011391][ T8079] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  182.075407][ T8613] tipc: Started in network mode
[  182.114017][ T8613] tipc: Node identity ac1414aa, cluster identity 4711
[  182.141153][ T8613] tipc: Enabled bearer <udp:s>, priority 10
[  182.275246][ T8617] loop5: detected capacity change from 0 to 128
[  182.336896][   T28] audit: type=1800 audit(1750249348.617:45): pid=8617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.745" name="file0" dev="loop5" ino=1048617 res=0 errno=0
[  182.543841][ T5770] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  182.753517][ T8622] loop4: detected capacity change from 0 to 1024
[  182.757708][   T27] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  182.820039][ T8622] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.860229][ T8622] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.941780][   T28] audit: type=1800 audit(1750249349.217:46): pid=8622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.747" name="file1" dev="loop4" ino=15 res=0 errno=0
[  182.970834][   T27] usb 2-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  182.996201][   T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.014740][   T27] usb 2-1: Product: syz
[  183.024657][   T27] usb 2-1: Manufacturer: syz
[  183.038200][   T27] usb 2-1: SerialNumber: syz
[  183.063999][   T27] usb 2-1: config 0 descriptor??
[  183.082971][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.266883][   T23] tipc: Node number set to 2886997162
[  183.437771][  T966] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  183.506540][   T27] airspy 2-1:0.0: Board ID: 00
[  183.513440][   T27] airspy 2-1:0.0: Firmware version: 
[  183.626832][  T966] usb 1-1: Using ep0 maxpacket: 16
[  183.646037][  T966] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  183.674128][  T966] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  183.695766][  T966] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  183.716861][  T966] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.740834][  T966] usb 1-1: Product: syz
[  183.752823][  T966] usb 1-1: Manufacturer: syz
[  183.766852][  T966] usb 1-1: SerialNumber: syz
[  183.909350][   T27] airspy 2-1:0.0: usb_control_msg() failed -71 request 0e
[  183.921432][ T8644] loop4: detected capacity change from 0 to 32768
[  183.941973][   T27] airspy 2-1:0.0: Registered as swradio24
[  183.968480][   T27] airspy 2-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  183.975453][ T8643] loop5: detected capacity change from 0 to 40427
[  183.984032][   T27] usb 2-1: USB disconnect, device number 6
[  184.034219][ T8644] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  184.050370][ T8643] F2FS-fs (loop5): build fault injection attr: rate: 0, type: 0x7
[  184.068355][ T8644] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  184.103670][ T8643] F2FS-fs (loop5): invalid crc value
[  184.117864][ T8643] F2FS-fs (loop5): Found nat_bits in checkpoint
[  184.230413][  T966] usb 1-1: cannot find UAC_HEADER
[  184.247177][ T8643] F2FS-fs (loop5): Start checkpoint disabled!
[  184.266337][ T8643] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  184.276047][  T966] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  184.355448][ T8644] XFS (loop4): Ending clean mount
[  184.376007][ T7283] udevd[7283]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  184.377103][   T28] audit: type=1800 audit(1750249350.657:47): pid=8643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.763" name="file1" dev="loop5" ino=10 res=0 errno=0
[  184.421485][ T8644] XFS (loop4): Quotacheck needed: Please wait.
[  184.425628][ T8643] bio_check_eod: 10 callbacks suppressed
[  184.425641][ T8643] syz.5.763: attempt to access beyond end of device
[  184.425641][ T8643] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  184.491714][ T8644] XFS (loop4): Quotacheck: Done.
[  184.561754][   T23] usb 1-1: USB disconnect, device number 7
[  184.609205][ T6256] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  184.656034][   T42] kworker/u4:2: attempt to access beyond end of device
[  184.656034][   T42] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  184.683329][   T42] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  184.694679][   T42] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  184.694925][ T8658] loop1: detected capacity change from 0 to 128
[  184.777222][   T28] audit: type=1800 audit(1750249351.047:48): pid=8658 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.757" name="file0" dev="loop1" ino=1048618 res=0 errno=0
[  184.844723][ T8660] syz.1.757: attempt to access beyond end of device
[  184.844723][ T8660] loop1: rw=0, sector=121, nr_sectors = 8 limit=128
[  184.971127][ T1075] kworker/u4:5: attempt to access beyond end of device
[  184.971127][ T1075] loop1: rw=1, sector=129, nr_sectors = 912 limit=128
[  185.377637][ T8671] loop5: detected capacity change from 0 to 512
[  185.396206][ T8671] EXT4-fs: Ignoring removed nomblk_io_submit option
[  185.403824][ T8671] EXT4-fs: Ignoring removed i_version option
[  185.463660][ T8671] EXT4-fs (loop5): 1 orphan inode deleted
[  185.480955][ T8671] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.635028][ T6604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.837260][ T8678] syz.5.762: attempt to access beyond end of device
[  185.837260][ T8678] nbd5: rw=0, sector=64, nr_sectors = 1 limit=0
[  185.893555][ T8678] syz.5.762: attempt to access beyond end of device
[  185.893555][ T8678] nbd5: rw=0, sector=256, nr_sectors = 1 limit=0
[  185.962645][ T8678] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  185.973072][ T8678] syz.5.762: attempt to access beyond end of device
[  185.973072][ T8678] nbd5: rw=0, sector=512, nr_sectors = 1 limit=0
[  186.016880][ T8678] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  186.043987][ T8678] syz.5.762: attempt to access beyond end of device
[  186.043987][ T8678] nbd5: rw=0, sector=64, nr_sectors = 2 limit=0
[  186.086273][   T28] audit: type=1326 audit(1750249352.357:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8686 comm="syz.1.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  186.121718][ T8678] syz.5.762: attempt to access beyond end of device
[  186.121718][ T8678] nbd5: rw=0, sector=512, nr_sectors = 2 limit=0
[  186.161385][   T28] audit: type=1326 audit(1750249352.357:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8686 comm="syz.1.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  186.214284][ T8678] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  186.274267][ T8678] syz.5.762: attempt to access beyond end of device
[  186.274267][ T8678] nbd5: rw=0, sector=1024, nr_sectors = 2 limit=0
[  186.277236][   T28] audit: type=1326 audit(1750249352.357:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8686 comm="syz.1.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  186.326918][ T8678] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  186.364110][ T8678] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  186.382159][   T28] audit: type=1326 audit(1750249352.357:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8686 comm="syz.1.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  186.411410][ T8678] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  186.424461][ T8678] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  186.434301][ T8678] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  186.444067][ T8678] UDF-fs: warning (device nbd5): udf_fill_super: No partition found (1)
[  187.245660][ T8695] loop0: detected capacity change from 0 to 32768
[  187.284195][ T8695] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  187.306843][ T8695] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  187.365784][ T8695] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  187.433080][ T5815] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  187.451381][ T8722] loop1: detected capacity change from 0 to 256
[  187.468565][ T5815] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  187.677863][ T5815] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 209ms
[  187.713805][ T5815] gfs2: fsid=syz:syz.0: jid=0: Done
[  187.731409][ T8695] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  187.900364][ T8695] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block)
[  187.926880][ T8695] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  187.926880][ T8695]   inode = 12 2341
[  187.926880][ T8695]   function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602
[  187.948726][ T8731] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  187.962847][ T8695] gfs2: fsid=syz:syz.0: G:  s:SH n:2/925 f:qob t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1
[  187.974303][ T8695] gfs2: fsid=syz:syz.0:  H: s:SH f:H e:0 p:8695 [syz.0.772] __gfs2_lookup+0x90/0x270
[  187.987231][ T8731] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  187.989426][ T8695] gfs2: fsid=syz:syz.0:  I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0
[  188.010476][ T8695] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  188.019567][ T8695] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  188.046711][ T8695] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  188.048399][ T8731] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  188.076405][ T8695] gfs2: fsid=syz:syz.0: File system withdrawn
[  188.084036][ T8695] CPU: 0 PID: 8695 Comm: syz.0.772 Not tainted 6.6.93-syzkaller #0
[  188.091949][ T8695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  188.097026][ T8731] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  188.101992][ T8695] Call Trace:
[  188.102003][ T8695]  <TASK>
[  188.102012][ T8695]  dump_stack_lvl+0x16c/0x230
[  188.122360][ T8695]  ? kobject_uevent_env+0x363/0x8c0
[  188.127577][ T8695]  ? show_regs_print_info+0x20/0x20
[  188.132788][ T8695]  ? load_image+0x3b0/0x3b0
[  188.137285][ T8695]  ? kobject_uevent_env+0x363/0x8c0
[  188.142503][ T8695]  gfs2_withdraw+0xf16/0x14b0
[  188.147201][ T8695]  ? gfs2_lm+0x220/0x220
[  188.151451][ T8695]  ? load_image+0x3b0/0x3b0
[  188.155957][ T8695]  ? gfs2_consist_inode_i+0xf5/0x110
[  188.161252][ T8695]  gfs2_dirent_scan+0x525/0x650
[  188.166102][ T8695]  ? gfs2_dirent_search+0x7e0/0x7e0
[  188.171294][ T8695]  ? gfs2_dirent_search+0x7e0/0x7e0
[  188.176484][ T8695]  gfs2_dirent_search+0x2e1/0x7e0
[  188.181501][ T8695]  ? gfs2_permission+0x370/0x430
[  188.186425][ T8695]  ? __might_sleep+0xe0/0xe0
[  188.191005][ T8695]  ? gfs2_dir_search+0x220/0x220
[  188.195930][ T8695]  ? gfs2_lookupi+0x5a0/0x5a0
[  188.200596][ T8695]  ? do_raw_spin_lock+0x121/0x2c0
[  188.205614][ T8695]  gfs2_dir_search+0x4d/0x220
[  188.210284][ T8695]  gfs2_lookupi+0x3d9/0x5a0
[  188.214780][ T8695]  ? gfs2_lookup_meta+0x170/0x170
[  188.219794][ T8695]  ? __gfs2_lookup+0x90/0x270
[  188.224456][ T8695]  ? d_alloc_parallel+0x1373/0x1480
[  188.229644][ T8695]  ? __d_lookup+0x8f/0x7c0
[  188.234050][ T8695]  __gfs2_lookup+0x90/0x270
[  188.238544][ T8695]  ? gfs2_atomic_open+0x220/0x220
[  188.243557][ T8695]  ? __d_lookup+0x8f/0x7c0
[  188.247970][ T8695]  ? d_hash_and_lookup+0x1b0/0x1b0
[  188.253090][ T8695]  gfs2_atomic_open+0x92/0x220
[  188.257844][ T8695]  ? gfs2_rename2+0x1d70/0x1d70
[  188.262680][ T8695]  path_openat+0xf27/0x3190
[  188.267191][ T8695]  ? do_filp_open+0x3d0/0x3d0
[  188.271887][ T8695]  do_filp_open+0x1c5/0x3d0
[  188.276382][ T8695]  ? vfs_tmpfile+0x490/0x490
[  188.280975][ T8695]  ? _raw_spin_unlock+0x28/0x40
[  188.285817][ T8695]  ? alloc_fd+0x58f/0x630
[  188.290146][ T8695]  do_sys_openat2+0x12c/0x1c0
[  188.294817][ T8695]  ? do_sys_open+0xe0/0xe0
[  188.299223][ T8695]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  188.305191][ T8695]  ? lock_chain_count+0x20/0x20
[  188.310032][ T8695]  __x64_sys_openat+0x139/0x160
[  188.314877][ T8695]  do_syscall_64+0x55/0xb0
[  188.319286][ T8695]  ? clear_bhb_loop+0x40/0x90
[  188.323963][ T8695]  ? clear_bhb_loop+0x40/0x90
[  188.328641][ T8695]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  188.334542][ T8695] RIP: 0033:0x7faef578e929
[  188.338959][ T8695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.358556][ T8695] RSP: 002b:00007faef6625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  188.366961][ T8695] RAX: ffffffffffffffda RBX: 00007faef59b5fa0 RCX: 00007faef578e929
[  188.374919][ T8695] RDX: 000000000000275a RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  188.382878][ T8695] RBP: 00007faef5810b39 R08: 0000000000000000 R09: 0000000000000000
[  188.390848][ T8695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  188.398806][ T8695] R13: 0000000000000000 R14: 00007faef59b5fa0 R15: 00007ffdffbf6ba8
[  188.406786][ T8695]  </TASK>
[  188.421118][ T8731] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  188.457127][ T8731] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  188.471305][ T8731] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  188.491555][ T8731] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  188.562671][ T8731] UDF-fs: warning (device nbd4): udf_fill_super: No partition found (1)
[  188.726977][ T8727] loop1: detected capacity change from 0 to 40427
[  188.759446][ T8727] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x7
[  188.809484][ T8727] F2FS-fs (loop1): invalid crc value
[  188.832548][ T8727] F2FS-fs (loop1): Found nat_bits in checkpoint
[  188.836410][ T8742] loop5: detected capacity change from 0 to 512
[  188.871827][ T8744] netlink: 72 bytes leftover after parsing attributes in process `syz.4.793'.
[  188.877200][ T8742] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  188.922179][ T8742] EXT4-fs (loop5): 1 truncate cleaned up
[  188.929478][ T8742] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.026483][ T8727] F2FS-fs (loop1): Start checkpoint disabled!
[  189.089491][ T8727] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  189.179760][ T6604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.218563][   T28] audit: type=1800 audit(1750249355.507:53): pid=8727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.784" name="file1" dev="loop1" ino=10 res=0 errno=0
[  189.564854][   T42] bio_check_eod: 19 callbacks suppressed
[  189.564867][   T42] kworker/u4:2: attempt to access beyond end of device
[  189.564867][   T42] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  189.615883][   T42] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  189.623999][   T42] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  189.707355][ T5815] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  189.917392][ T5815] usb 6-1: Using ep0 maxpacket: 32
[  189.928474][ T5815] usb 6-1: config 0 interface 0 has no altsetting 0
[  189.935253][ T5815] usb 6-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  189.966151][ T5815] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.985982][ T5815] usb 6-1: config 0 descriptor??
[  190.090391][ T8768] loop4: detected capacity change from 0 to 512
[  190.133570][ T8768] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  190.180965][ T8768] EXT4-fs (loop4): 1 truncate cleaned up
[  190.189333][ T8774] netlink: 72 bytes leftover after parsing attributes in process `syz.0.807'.
[  190.192096][ T8768] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.351651][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.808670][ T5815] corsair-psu 0003:1B1C:1C09.0007: unknown main item tag 0x0
[  190.823120][ T5815] corsair-psu 0003:1B1C:1C09.0007: unknown main item tag 0x0
[  190.831796][ T5815] corsair-psu 0003:1B1C:1C09.0007: unknown main item tag 0x0
[  190.844529][ T5815] corsair-psu 0003:1B1C:1C09.0007: unknown main item tag 0x0
[  190.854786][ T5815] corsair-psu 0003:1B1C:1C09.0007: unknown main item tag 0x0
[  190.866348][ T5815] corsair-psu 0003:1B1C:1C09.0007: hidraw0: USB HID v4.08 Device [HID 1b1c:1c09] on usb-dummy_hcd.5-1/input0
[  191.209490][ T5815] corsair-psu 0003:1B1C:1C09.0007: unable to initialize device (-110)
[  191.218803][ T5815] corsair-psu: probe of 0003:1B1C:1C09.0007 failed with error -110
[  191.231216][ T5815] usb 6-1: USB disconnect, device number 8
[  191.652040][ T8798] loop0: detected capacity change from 0 to 128
[  191.810191][   T28] audit: type=1326 audit(1750249358.097:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8802 comm="syz.1.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  191.905469][   T28] audit: type=1326 audit(1750249358.097:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8802 comm="syz.1.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  191.927581][    C1] vkms_vblank_simulate: vblank timer overrun
[  191.949877][   T28] audit: type=1326 audit(1750249358.097:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8802 comm="syz.1.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  191.976823][   T28] audit: type=1326 audit(1750249358.097:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8802 comm="syz.1.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  192.013679][ T8806] loop1: detected capacity change from 0 to 256
[  192.073617][   T28] audit: type=1326 audit(1750249358.107:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8802 comm="syz.1.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  192.095680][    C1] vkms_vblank_simulate: vblank timer overrun
[  192.143675][   T28] audit: type=1326 audit(1750249358.107:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8802 comm="syz.1.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  192.174606][   T28] audit: type=1326 audit(1750249358.107:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8802 comm="syz.1.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  192.227871][   T28] audit: type=1326 audit(1750249358.107:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8802 comm="syz.1.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  192.254844][   T28] audit: type=1326 audit(1750249358.107:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8802 comm="syz.1.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  192.276082][ T8814] sch_tbf: burst 0 is lower than device team_slave_0 mtu (1514) !
[  192.276836][    C1] vkms_vblank_simulate: vblank timer overrun
[  192.281961][   T28] audit: type=1326 audit(1750249358.107:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8802 comm="syz.1.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  192.625717][ T8825] lo: entered allmulticast mode
[  193.290009][ T8836] loop4: detected capacity change from 0 to 4096
[  193.323436][ T8836] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512).
[  193.491998][ T8823] loop5: detected capacity change from 0 to 32768
[  193.534656][ T8823] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  193.547515][ T8823] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  193.592018][ T8823] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  193.641472][ T5815] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  193.663851][ T5815] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  193.686176][ T8850] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.841'.
[  193.818956][ T5815] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 155ms
[  193.863252][ T5815] gfs2: fsid=syz:syz.0: jid=0: Done
[  193.877692][ T8823] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  193.987007][ T8823] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block)
[  194.031427][ T8823] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  194.031427][ T8823]   inode = 12 2341
[  194.031427][ T8823]   function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602
[  194.079156][ T8823] gfs2: fsid=syz:syz.0: G:  s:SH n:2/925 f:qob t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1
[  194.104808][ T8823] gfs2: fsid=syz:syz.0:  H: s:SH f:H e:0 p:8823 [syz.5.828] __gfs2_lookup+0x90/0x270
[  194.114740][ T8823] gfs2: fsid=syz:syz.0:  I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0
[  194.124415][ T8823] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  194.160230][ T8823] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  194.179842][ T8823] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  194.195822][ T8867] loop1: detected capacity change from 0 to 64
[  194.200920][ T8823] gfs2: fsid=syz:syz.0: File system withdrawn
[  194.226617][ T8823] CPU: 1 PID: 8823 Comm: syz.5.828 Not tainted 6.6.93-syzkaller #0
[  194.234546][ T8823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  194.240856][ T8867] hfs: request for non-existent node 24 in B*Tree
[  194.244620][ T8823] Call Trace:
[  194.244630][ T8823]  <TASK>
[  194.257249][ T8823]  dump_stack_lvl+0x16c/0x230
[  194.257961][ T8867] hfs: request for non-existent node 24 in B*Tree
[  194.261933][ T8823]  ? kobject_uevent_env+0x363/0x8c0
[  194.261961][ T8823]  ? show_regs_print_info+0x20/0x20
[  194.278756][ T8823]  ? load_image+0x3b0/0x3b0
[  194.283282][ T8823]  ? kobject_uevent_env+0x363/0x8c0
[  194.288507][ T8823]  gfs2_withdraw+0xf16/0x14b0
[  194.293217][ T8823]  ? gfs2_lm+0x220/0x220
[  194.297482][ T8823]  ? load_image+0x3b0/0x3b0
[  194.302019][ T8823]  ? gfs2_consist_inode_i+0xf5/0x110
[  194.307326][ T8823]  gfs2_dirent_scan+0x525/0x650
[  194.310772][ T8867] hfs: request for non-existent node 25 in B*Tree
[  194.312176][ T8823]  ? gfs2_dirent_search+0x7e0/0x7e0
[  194.323777][ T8823]  ? gfs2_dirent_search+0x7e0/0x7e0
[  194.328988][ T8823]  gfs2_dirent_search+0x2e1/0x7e0
[  194.334016][ T8823]  ? gfs2_permission+0x370/0x430
[  194.338942][ T8823]  ? __might_sleep+0xe0/0xe0
[  194.343524][ T8823]  ? gfs2_dir_search+0x220/0x220
[  194.348450][ T8823]  ? gfs2_lookupi+0x5a0/0x5a0
[  194.353110][ T8823]  ? do_raw_spin_lock+0x121/0x2c0
[  194.358130][ T8823]  gfs2_dir_search+0x4d/0x220
[  194.362858][ T8823]  gfs2_lookupi+0x3d9/0x5a0
[  194.367349][ T8823]  ? gfs2_lookup_meta+0x170/0x170
[  194.372360][ T8823]  ? __gfs2_lookup+0x90/0x270
[  194.377043][ T8823]  ? d_alloc_parallel+0x1373/0x1480
[  194.382247][ T8823]  ? __d_lookup+0x8f/0x7c0
[  194.386664][ T8823]  __gfs2_lookup+0x90/0x270
[  194.391158][ T8823]  ? gfs2_atomic_open+0x220/0x220
[  194.396171][ T8823]  ? __d_lookup+0x8f/0x7c0
[  194.400578][ T8823]  ? d_hash_and_lookup+0x1b0/0x1b0
[  194.405684][ T8823]  gfs2_atomic_open+0x92/0x220
[  194.410438][ T8823]  ? gfs2_rename2+0x1d70/0x1d70
[  194.415275][ T8823]  path_openat+0xf27/0x3190
[  194.419795][ T8823]  ? do_filp_open+0x3d0/0x3d0
[  194.424482][ T8823]  do_filp_open+0x1c5/0x3d0
[  194.428974][ T8823]  ? vfs_tmpfile+0x490/0x490
[  194.433568][ T8823]  ? _raw_spin_unlock+0x28/0x40
[  194.438410][ T8823]  ? alloc_fd+0x58f/0x630
[  194.442742][ T8823]  do_sys_openat2+0x12c/0x1c0
[  194.447416][ T8823]  ? do_sys_open+0xe0/0xe0
[  194.451824][ T8823]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  194.457793][ T8823]  ? lock_chain_count+0x20/0x20
[  194.462641][ T8823]  __x64_sys_openat+0x139/0x160
[  194.467487][ T8823]  do_syscall_64+0x55/0xb0
[  194.471894][ T8823]  ? clear_bhb_loop+0x40/0x90
[  194.476557][ T8823]  ? clear_bhb_loop+0x40/0x90
[  194.481235][ T8823]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  194.487143][ T8823] RIP: 0033:0x7f09c018e929
[  194.491550][ T8823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.511145][ T8823] RSP: 002b:00007f09c0f3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  194.519547][ T8823] RAX: ffffffffffffffda RBX: 00007f09c03b5fa0 RCX: 00007f09c018e929
[  194.527507][ T8823] RDX: 000000000000275a RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  194.535463][ T8823] RBP: 00007f09c0210b39 R08: 0000000000000000 R09: 0000000000000000
[  194.543421][ T8823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  194.551380][ T8823] R13: 0000000000000000 R14: 00007f09c03b5fa0 R15: 00007ffe55f35098
[  194.559352][ T8823]  </TASK>
[  194.562468][    C1] vkms_vblank_simulate: vblank timer overrun
[  194.571685][ T8867] hfs: request for non-existent node 25 in B*Tree
[  194.577085][ T8868] loop4: detected capacity change from 0 to 1024
[  194.585406][ T8868] EXT4-fs: Ignoring removed i_version option
[  194.593892][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  194.600769][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  194.619742][ T8868] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  194.702725][ T8868] EXT4-fs error (device loop4): ext4_map_blocks:718: inode #3: block 1: comm syz.4.848: lblock 1 mapped to illegal pblock 1 (length 1)
[  194.734790][ T8868] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.848: Failed to acquire dquot type 0
[  194.746978][ T8868] EXT4-fs error (device loop4): ext4_free_blocks:6681: comm syz.4.848: Freeing blocks not in datazone - block = 0, count = 4096
[  194.760856][ T8868] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.848: Invalid inode bitmap blk 0 in block_group 0
[  194.775977][ T1075] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  194.790888][ T8868] EXT4-fs error (device loop4) in ext4_free_inode:363: Corrupt filesystem
[  194.808389][ T8868] EXT4-fs (loop4): 1 orphan inode deleted
[  194.818089][ T8868] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.819703][ T1075] EXT4-fs error (device loop4): ext4_release_dquot:6974: comm kworker/u4:5: Failed to release dquot type 0
[  194.855885][ T8868] EXT4-fs error (device loop4): ext4_nfs_get_inode:1551: inode #12: comm syz.4.848: iget: bad extra_isize 65535 (inode size 256)
[  195.000798][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.516106][ T8893] ptrace attach of "./syz-executor exec"[5770] was attempted by ""[8893]
[  195.719819][ T8900] loop0: detected capacity change from 0 to 64
[  195.783722][ T8900] hfs: request for non-existent node 24 in B*Tree
[  195.794018][ T8900] hfs: request for non-existent node 24 in B*Tree
[  195.809064][ T8900] hfs: request for non-existent node 25 in B*Tree
[  195.818707][ T8900] hfs: request for non-existent node 25 in B*Tree
[  195.951410][ T8902] netlink: 65039 bytes leftover after parsing attributes in process `syz.5.863'.
[  196.345958][ T8895] loop1: detected capacity change from 0 to 40427
[  196.402067][ T8895] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  196.419609][ T8895] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  196.508006][ T8895] F2FS-fs (loop1): Found nat_bits in checkpoint
[  196.542028][ T8921] loop0: detected capacity change from 0 to 512
[  196.576968][ T8921] EXT4-fs (loop0): Test dummy encryption mode enabled
[  196.583760][ T8921] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  196.614653][ T8921] EXT4-fs error (device loop0): ext4_orphan_get:1425: comm syz.0.871: bad orphan inode 131083
[  196.629518][ T8921] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.680931][ T8895] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  196.706869][ T8895] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  196.708372][ T8908] loop5: detected capacity change from 0 to 32768
[  196.731772][ T8908] XFS: ikeep mount option is deprecated.
[  196.793514][ T8908] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  196.843566][ T8921] overlayfs: upper fs needs to support d_type.
[  197.041169][ T8908] XFS (loop5): Ending clean mount
[  197.065999][ T8908] XFS (loop5): Quotacheck needed: Please wait.
[  197.158177][ T8908] XFS (loop5): Quotacheck: Done.
[  197.271926][ T6604] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  197.575871][ T8920] loop4: detected capacity change from 0 to 32768
[  197.609130][ T7951] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.720617][ T8920] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  197.811934][ T1075] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.859618][ T8935] loop5: detected capacity change from 0 to 64
[  197.943163][ T8935] hfs: request for non-existent node 24 in B*Tree
[  197.971026][ T8935] hfs: request for non-existent node 24 in B*Tree
[  197.987379][ T8938] hfs: request for non-existent node 25 in B*Tree
[  198.012386][ T8938] hfs: request for non-existent node 25 in B*Tree
[  198.049516][ T6256] ocfs2: Unmounting device (7,4) on (node local)
[  198.106052][ T1075] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.231672][   T28] kauditd_printk_skb: 4 callbacks suppressed
[  198.231685][   T28] audit: type=1326 audit(1750249364.517:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8941 comm="syz.1.877" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2e07d8e929 code=0x0
[  198.259422][    C1] vkms_vblank_simulate: vblank timer overrun
[  198.314005][ T1075] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.484340][ T1075] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.780771][ T5773] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  198.798806][ T5815] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  198.811567][ T5773] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  198.828565][ T5773] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  198.840691][ T5773] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  198.851271][ T5773] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  198.867971][ T5773] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  198.993589][ T5815] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  199.030668][ T5815] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  199.046593][ T5815] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  199.059349][ T5815] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.095794][ T5815] usb 6-1: config 0 descriptor??
[  199.341515][ T8972] loop4: detected capacity change from 0 to 1024
[  199.522506][ T5815] cp2112 0003:10C4:EA90.0008: item fetching failed at offset 5/7
[  199.547672][ T5815] cp2112 0003:10C4:EA90.0008: parse failed
[  199.565265][ T5815] cp2112: probe of 0003:10C4:EA90.0008 failed with error -22
[  199.675267][ T8985] loop4: detected capacity change from 0 to 512
[  199.719764][ T8985] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  199.747288][ T8985] EXT4-fs (loop4): invalid journal inode
[  199.765774][ T8985] EXT4-fs (loop4): can't get journal size
[  199.811840][ T8985] EXT4-fs (loop4): 1 truncate cleaned up
[  199.842383][ T8985] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.990300][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.292153][ T8956] chnl_net:caif_netlink_parms(): no params data found
[  200.562681][ T8956] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.570769][ T8956] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.580879][ T8956] bridge_slave_0: entered allmulticast mode
[  200.588539][ T8956] bridge_slave_0: entered promiscuous mode
[  200.641442][ T8956] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.653539][ T8956] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.663238][ T8956] bridge_slave_1: entered allmulticast mode
[  200.670793][ T8956] bridge_slave_1: entered promiscuous mode
[  200.740523][ T8956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.763199][ T1075] hsr_slave_0: left promiscuous mode
[  200.772997][ T1075] hsr_slave_1: left promiscuous mode
[  200.781554][ T1075] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  200.792484][ T1075] batman_adv: batadv0: Removing interface: batadv_slave_0
[  200.802830][ T1075] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  200.821279][ T1075] batman_adv: batadv0: Removing interface: batadv_slave_1
[  200.831466][ T1075] bridge_slave_1: left allmulticast mode
[  200.841008][ T1075] bridge_slave_1: left promiscuous mode
[  200.852020][ T1075] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.864625][ T1075] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.904350][ T1075] veth1_macvtap: left promiscuous mode
[  200.910082][ T1075] veth0_macvtap: left promiscuous mode
[  200.915600][ T1075] veth1_vlan: left promiscuous mode
[  200.922793][ T1075] veth0_vlan: left promiscuous mode
[  200.928270][ T5087] Bluetooth: hci3: command tx timeout
[  201.398548][ T1075] team0 (unregistering): Port device team_slave_1 removed
[  201.443469][ T1075] team0 (unregistering): Port device team_slave_0 removed
[  201.494040][ T1075] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  201.517528][ T5815] usb 6-1: USB disconnect, device number 9
[  201.575959][ T1075] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  202.013861][ T1075] bond0 (unregistering): Released all slaves
[  202.088204][ T1075] lo (unregistering): left allmulticast mode
[  202.098130][ T8956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  202.164046][ T8956] team0: Port device team_slave_0 added
[  202.190332][ T8956] team0: Port device team_slave_1 added
[  202.248621][ T8956] batman_adv: batadv0: Adding interface: batadv_slave_0
[  202.255577][ T8956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.282698][ T8956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  202.314671][ T8956] batman_adv: batadv0: Adding interface: batadv_slave_1
[  202.322135][ T8956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.348246][ T8956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  202.441347][ T8956] hsr_slave_0: entered promiscuous mode
[  202.455443][ T8956] hsr_slave_1: entered promiscuous mode
[  202.462008][ T8956] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  202.474831][ T8956] Cannot create hsr debugfs directory
[  202.709595][ T8956] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  202.722132][ T8956] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  202.734386][ T8956] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  202.745591][ T8956] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  202.850488][ T8956] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.884662][ T8956] 8021q: adding VLAN 0 to HW filter on device team0
[  202.908487][ T1075] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.915625][ T1075] bridge0: port 1(bridge_slave_0) entered forwarding state
[  202.930712][ T1075] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.937878][ T1075] bridge0: port 2(bridge_slave_1) entered forwarding state
[  203.008375][ T5087] Bluetooth: hci3: command tx timeout
[  203.253486][ T8956] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.584217][ T8956] veth0_vlan: entered promiscuous mode
[  203.600012][ T8956] veth1_vlan: entered promiscuous mode
[  203.639951][ T8956] veth0_macvtap: entered promiscuous mode
[  203.659044][ T8956] veth1_macvtap: entered promiscuous mode
[  203.683769][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.699249][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.711454][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.726601][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.745611][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.756275][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.775154][ T8956] batman_adv: batadv0: Interface activated: batadv_slave_0
[  203.795931][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.806626][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.824542][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.835395][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.854107][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.865920][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.880531][ T8956] batman_adv: batadv0: Interface activated: batadv_slave_1
[  203.895699][ T8956] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.911593][ T8956] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.922284][ T8956] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.935581][ T8956] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  204.015435][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.034398][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.079458][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.088266][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.283041][ T9077] loop5: detected capacity change from 0 to 64
[  204.466420][ T6604] hfs: node 4:3 still has 2 user(s)!
[  204.735074][ T9094] loop4: detected capacity change from 0 to 512
[  204.802463][ T9094] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.897: casefold flag without casefold feature
[  204.834096][ T9094] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.897: couldn't read orphan inode 15 (err -117)
[  204.880691][ T9103] loop1: detected capacity change from 0 to 1024
[  204.935767][ T9094] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.088823][ T5087] Bluetooth: hci3: command tx timeout
[  205.135733][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.275208][ T9142] loop1: detected capacity change from 0 to 4096
[  206.496498][ T9142] ntfs3: loop1: ino=5, "/" directory corrupted
[  206.518102][ T9142] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  206.536725][ T9142] ntfs3: loop1: ino=5, "/" directory corrupted
[  206.557211][ T9142] ntfs3: loop1: ino=5, "/" directory corrupted
[  206.968541][ T9175] netlink: 'syz.4.927': attribute type 8 has an invalid length.
[  207.167759][ T5087] Bluetooth: hci3: command tx timeout
[  207.567310][ T9199] loop5: detected capacity change from 0 to 128
[  207.653289][ T7283] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  207.734172][ T9208] netlink: 48 bytes leftover after parsing attributes in process `syz.1.940'.
[  208.110042][ T9222] netlink: 48 bytes leftover after parsing attributes in process `syz.4.944'.
[  208.199540][ T9228] loop5: detected capacity change from 0 to 128
[  208.242172][ T9228] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  208.248686][ T9230] netlink: 48 bytes leftover after parsing attributes in process `syz.1.947'.
[  208.273316][ T9228] ext4 filesystem being mounted at /142/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  208.500198][ T6604] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  208.537244][ T9240] netlink: 'syz.1.951': attribute type 12 has an invalid length.
[  208.559262][ T9240] netlink: 'syz.1.951': attribute type 28 has an invalid length.
[  208.577780][ T9240] netlink: 148 bytes leftover after parsing attributes in process `syz.1.951'.
[  210.503978][ T9292] loop1: detected capacity change from 0 to 64
[  211.573201][ T9335] veth1_to_bond: entered allmulticast mode
[  211.581883][ T9335] veth1_to_bond: entered promiscuous mode
[  211.588747][ T9334] veth1_to_bond: left promiscuous mode
[  211.595833][ T9334] veth1_to_bond: left allmulticast mode
[  212.094479][ T9353] netlink: 16 bytes leftover after parsing attributes in process `syz.6.995'.
[  212.103908][ T9353] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.195143][    T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  212.197028][ T9339] loop1: detected capacity change from 0 to 32768
[  212.236693][ T9356] loop6: detected capacity change from 0 to 128
[  212.240269][ T9339] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.986 (9339)
[  212.250022][ T9356] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  212.285211][ T9339] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  212.297048][ T9339] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  212.331061][ T9339] BTRFS info (device loop1): using free space tree
[  212.386854][    T9] usb 5-1: Using ep0 maxpacket: 16
[  212.410136][    T9] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  212.441491][    T9] usb 5-1: config 0 has no interface number 0
[  212.494580][ T9372] loop5: detected capacity change from 0 to 4096
[  212.494580][    T9] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  212.494606][    T9] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  212.537162][ T9372] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512).
[  212.543252][ T9339] BTRFS info (device loop1): enabling ssd optimizations
[  212.608387][ T9339] BTRFS info (device loop1): auto enabling async discard
[  212.618191][    T9] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  212.633803][    T9] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  212.662525][    T9] usb 5-1: Product: syz
[  212.666713][    T9] usb 5-1: SerialNumber: syz
[  212.684018][ T9372] ntfs3: loop5: ino=1b, "file0" directory corrupted
[  212.710466][    T9] usb 5-1: config 0 descriptor??
[  212.732652][    T9] cm109 5-1:0.8: invalid payload size 0, expected 4
[  212.767864][    T9] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input11
[  212.908723][ T8079] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  212.982143][ T9387] overlayfs: failed to resolve './file0/../file0': -2
[  213.166750][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  213.316702][ T9393] netlink: 'syz.1.1003': attribute type 8 has an invalid length.
[  213.498417][ T8956] cgroup: fork rejected by pids controller in /syz6
[  213.758919][ T9406] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1011'.
[  213.886718][ T9411] IPv6: Can't replace route, no match found
[  214.036091][ T1105] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.182712][ T1105] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.258492][ T1105] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.375531][ T1105] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.946353][ T5773] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  214.958476][ T5773] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  214.967090][ T5832] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  214.974849][ T5773] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  214.987446][ T5773] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  215.002713][ T5773] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  215.004451][    T8] usb 5-1: USB disconnect, device number 5
[  215.015822][ T5773] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  215.026546][    T8] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  215.157202][ T5832] usb 2-1: Using ep0 maxpacket: 32
[  215.168022][ T5832] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  215.186806][ T5832] usb 2-1: config 0 has no interfaces?
[  215.192317][ T5832] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  215.202571][ T5832] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.222267][ T5832] usb 2-1: config 0 descriptor??
[  215.470932][    T8] usb 2-1: USB disconnect, device number 7
[  215.536436][ T9436] chnl_net:caif_netlink_parms(): no params data found
[  215.667623][ T9436] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.674767][ T9436] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.685386][ T9436] bridge_slave_0: entered allmulticast mode
[  215.693744][ T9436] bridge_slave_0: entered promiscuous mode
[  215.732245][ T9436] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.739499][ T9436] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.746655][ T9436] bridge_slave_1: entered allmulticast mode
[  215.755583][ T9436] bridge_slave_1: entered promiscuous mode
[  215.813221][ T9436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  215.882789][ T9436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  215.971637][ T9436] team0: Port device team_slave_0 added
[  215.989756][ T1105] hsr_slave_0: left promiscuous mode
[  216.007583][ T1105] hsr_slave_1: left promiscuous mode
[  216.020138][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.032771][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.097832][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.105929][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.127967][ T1105] bridge_slave_1: left allmulticast mode
[  216.133629][ T1105] bridge_slave_1: left promiscuous mode
[  216.154228][ T1105] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.182007][ T1105] bridge_slave_0: left allmulticast mode
[  216.196936][ T1105] bridge_slave_0: left promiscuous mode
[  216.205531][ T1105] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.284064][ T1105] veth1_macvtap: left promiscuous mode
[  216.289740][ T1105] veth0_macvtap: left promiscuous mode
[  216.295528][ T1105] veth1_vlan: left promiscuous mode
[  216.301100][ T1105] veth0_vlan: left promiscuous mode
[  216.919365][ T1105] team0 (unregistering): Port device team_slave_1 removed
[  216.964091][ T1105] team0 (unregistering): Port device team_slave_0 removed
[  217.006498][ T1105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  217.052565][ T1105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  217.094528][ T5087] Bluetooth: hci3: command tx timeout
[  217.507759][ T1105] bond0 (unregistering): Released all slaves
[  217.574923][ T9436] team0: Port device team_slave_1 added
[  217.611953][ T9477] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1023'.
[  217.769929][ T9489] loop1: detected capacity change from 0 to 128
[  217.905812][ T9436] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.919217][ T9436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.986966][ T9436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  218.009721][ T9436] batman_adv: batadv0: Adding interface: batadv_slave_1
[  218.028847][ T9436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  218.106462][ T9436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  218.270296][ T9436] hsr_slave_0: entered promiscuous mode
[  218.295198][ T9436] hsr_slave_1: entered promiscuous mode
[  218.321911][ T9436] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  218.330884][ T9436] Cannot create hsr debugfs directory
[  218.584630][ T9494] loop5: detected capacity change from 0 to 32768
[  218.614496][ T9494] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  218.687040][ T9494] XFS (loop5): Ending clean mount
[  218.924927][ T6604] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  219.166947][ T5087] Bluetooth: hci3: command tx timeout
[  219.516678][ T9436] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  219.566995][ T9436] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  219.608014][ T9436] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  219.646393][ T9436] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  219.806478][ T9525] loop1: detected capacity change from 0 to 32768
[  219.854658][ T9525] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1043 (9525)
[  219.854877][ T9436] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.916606][ T9525] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  219.969734][ T9436] 8021q: adding VLAN 0 to HW filter on device team0
[  219.976906][ T9525] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  220.006007][ T9525] BTRFS info (device loop1): force clearing of disk cache
[  220.020913][ T3483] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.028140][ T3483] bridge0: port 1(bridge_slave_0) entered forwarding state
[  220.043052][ T9525] BTRFS info (device loop1): setting nodatacow, compression disabled
[  220.068251][ T9525] BTRFS info (device loop1): turning off barriers
[  220.075942][ T3483] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.083137][ T3483] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.091056][ T9525] BTRFS info (device loop1): enabling auto defrag
[  220.117910][ T9525] BTRFS info (device loop1): turning on sync discard
[  220.124625][ T9525] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  220.137210][ T9525] BTRFS info (device loop1): trying to use backup root at mount time
[  220.152265][ T9525] BTRFS info (device loop1): enabling ssd optimizations
[  220.189753][ T9525] BTRFS info (device loop1): using spread ssd allocation scheme
[  220.221194][ T9525] BTRFS info (device loop1): using free space tree
[  220.250118][ T9523] loop4: detected capacity change from 0 to 40427
[  220.283250][ T9523] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  220.327585][ T9523] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  220.389769][ T9529] loop5: detected capacity change from 0 to 32768
[  220.400217][ T3476] BTRFS warning (device loop1): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xb6fb6650 level 0
[  220.460520][ T9523] F2FS-fs (loop4): Found nat_bits in checkpoint
[  220.481993][ T9529] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.1035 (9529)
[  220.519901][ T9525] BTRFS warning (device loop1): couldn't read tree root
[  220.547114][ T9525] BTRFS warning (device loop1): try to load backup roots slot 1
[  220.555112][ T3476] BTRFS warning (device loop1): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x7a216cc0 level 0
[  220.571560][ T9529] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  220.617117][ T9529] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  220.625783][ T9529] BTRFS info (device loop5): using free space tree
[  220.638158][ T9525] BTRFS warning (device loop1): couldn't read tree root
[  220.650173][ T9525] BTRFS warning (device loop1): try to load backup roots slot 2
[  220.688404][ T3476] BTRFS error (device loop1): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  220.728599][ T9525] BTRFS warning (device loop1): couldn't read tree root
[  220.735572][ T9525] BTRFS warning (device loop1): try to load backup roots slot 3
[  220.769387][ T9523] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  220.797349][ T9523] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  220.870820][ T9525] BTRFS info (device loop1): rebuilding free space tree
[  220.878377][ T9529] BTRFS info (device loop5): enabling ssd optimizations
[  220.899594][ T9529] BTRFS info (device loop5): auto enabling async discard
[  220.978165][ T9525] BTRFS info (device loop1): checking UUID tree
[  220.999300][ T9436] 8021q: adding VLAN 0 to HW filter on device batadv0
[  221.218356][ T6604] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  221.248559][ T5087] Bluetooth: hci3: command tx timeout
[  221.275482][ T8079] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  221.875727][ T9436] veth0_vlan: entered promiscuous mode
[  221.979143][ T9436] veth1_vlan: entered promiscuous mode
[  222.092545][ T9436] veth0_macvtap: entered promiscuous mode
[  222.116022][ T9436] veth1_macvtap: entered promiscuous mode
[  222.192962][ T9436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.231290][ T9436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.239668][ T9612] loop1: detected capacity change from 0 to 128
[  222.255141][ T9436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.294514][ T9436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.306338][ T9612] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  222.321734][ T9612] ext4 filesystem being mounted at /97/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  222.343766][ T9436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.365727][ T9616] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1037'.
[  222.376940][ T9436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.407860][ T9436] batman_adv: batadv0: Interface activated: batadv_slave_0
[  222.472235][ T9436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.490927][ T8079] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  222.503921][ T9436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.546802][ T9436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.586997][ T9436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.623562][ T9436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.650654][ T9436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.687774][ T9436] batman_adv: batadv0: Interface activated: batadv_slave_1
[  222.769942][ T9436] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  222.779595][ T9436] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  222.790602][ T9436] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  222.816844][ T9436] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.983534][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.016887][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.090229][ T1075] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.111859][ T1075] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.327129][ T5087] Bluetooth: hci3: command tx timeout
[  223.563477][ T9650] loop6: detected capacity change from 0 to 512
[  223.621161][ T9650] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  223.660869][ T9650] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.715398][ T9658] veth1_to_bond: entered allmulticast mode
[  223.720788][ T9635] loop1: detected capacity change from 0 to 32768
[  223.733044][ T9653] loop4: detected capacity change from 0 to 4096
[  223.746677][ T9658] veth1_to_bond: entered promiscuous mode
[  223.752701][ T9650] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.786496][ T9654] veth1_to_bond: left promiscuous mode
[  223.809242][ T9635] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  223.847647][ T9654] veth1_to_bond: left allmulticast mode
[  223.994283][ T9653] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.018618][ T9436] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.031285][ T9635] XFS (loop1): Ending clean mount
[  224.245085][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.466161][ T8079] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  224.670163][ T9693] loop4: detected capacity change from 0 to 512
[  224.736917][ T9693] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  224.920056][ T9699] loop5: detected capacity change from 0 to 512
[  224.922972][ T9693] EXT4-fs (loop4): 1 truncate cleaned up
[  224.937047][ T9699] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  224.969175][ T9693] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.027397][ T9699] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.040111][ T9699] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  225.158577][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.178737][   T28] audit: type=1326 audit(1750249391.467:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.6.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50ff58e929 code=0x7ffc0000
[  225.264012][   T28] audit: type=1326 audit(1750249391.497:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.6.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50ff58e929 code=0x7ffc0000
[  225.294032][ T6604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.341279][   T28] audit: type=1326 audit(1750249391.497:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.6.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f50ff58e929 code=0x7ffc0000
[  225.400811][   T28] audit: type=1326 audit(1750249391.497:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.6.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50ff58e929 code=0x7ffc0000
[  225.441400][   T28] audit: type=1326 audit(1750249391.497:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.6.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50ff58e929 code=0x7ffc0000
[  225.481933][   T28] audit: type=1326 audit(1750249391.497:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.6.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f50ff58e929 code=0x7ffc0000
[  225.524229][   T28] audit: type=1326 audit(1750249391.497:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.6.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50ff58e929 code=0x7ffc0000
[  225.577424][   T28] audit: type=1326 audit(1750249391.497:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.6.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f50ff5858e7 code=0x7ffc0000
[  225.588250][ T9719] loop5: detected capacity change from 0 to 4096
[  225.639253][ T9719] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.668901][   T28] audit: type=1326 audit(1750249391.497:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.6.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f50ff52ab19 code=0x7ffc0000
[  225.693785][   T28] audit: type=1326 audit(1750249391.497:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.6.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f50ff58e929 code=0x7ffc0000
[  225.883242][ T6604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.062552][ T9736] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1067'.
[  226.350762][ T9749] loop6: detected capacity change from 0 to 256
[  226.367149][ T5832] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  226.367829][ T9749] FAT-fs (loop6): Unrecognized mount option "0x0000000000000000Ò<ö앳¸ ±ú#3”Æ" or missing value
[  226.574110][ T9754] loop4: detected capacity change from 0 to 256
[  226.587052][ T5832] usb 2-1: too many configurations: 151, using maximum allowed: 8
[  226.596489][ T5832] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  226.620756][ T5832] usb 2-1: config 0 has no interfaces?
[  226.630670][ T5832] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  226.666278][ T5832] usb 2-1: config 0 has no interfaces?
[  226.678569][ T5832] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  226.688822][ T9754] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  226.730662][ T5832] usb 2-1: config 0 has no interfaces?
[  226.761191][ T5832] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  226.786885][ T5832] usb 2-1: config 0 has no interfaces?
[  226.797821][ T5832] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  226.836892][ T5832] usb 2-1: config 0 has no interfaces?
[  226.848053][ T5832] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  226.882385][ T5832] usb 2-1: config 0 has no interfaces?
[  226.920375][ T5832] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  226.937137][ T5832] usb 2-1: config 0 has no interfaces?
[  226.972687][ T5832] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  227.006995][ T5832] usb 2-1: config 0 has no interfaces?
[  227.016470][ T5832] usb 2-1: New USB device found, idVendor=04d8, idProduct=0082, bcdDevice=ce.b7
[  227.026179][ T5832] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=130
[  227.066395][ T5832] usb 2-1: Product: syz
[  227.073725][ T5832] usb 2-1: Manufacturer: syz
[  227.085612][ T5832] usb 2-1: SerialNumber: syz
[  227.096115][ T5832] usb 2-1: config 0 descriptor??
[  227.306159][ T9783] loop6: detected capacity change from 0 to 128
[  227.337368][ T9783] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  227.505462][ T9783] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  227.541329][    T8] usb 2-1: USB disconnect, device number 8
[  227.557797][ T9783] ext2 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  227.789564][ T9436] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  228.246882][    T8] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  228.313188][ T9822] loop4: detected capacity change from 0 to 512
[  228.361410][ T9822] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.407193][ T9822] ext4 filesystem being mounted at /243/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  228.448900][    T8] usb 7-1: config 1 has an invalid descriptor of length 63, skipping remainder of the config
[  228.478607][    T8] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  228.536965][    T8] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  228.546282][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  228.566921][    T8] usb 7-1: SerialNumber: syz
[  228.578727][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.798874][    T8] usb 7-1: 0:2 : does not exist
[  228.832921][    T8] usb 7-1: unit 223 not found!
[  228.887529][    T8] usb 7-1: USB disconnect, device number 2
[  228.981443][ T7283] udevd[7283]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  229.518422][ T9858] netlink: 132 bytes leftover after parsing attributes in process `syz.6.1110'.
[  229.995745][ T9883] loop4: detected capacity change from 0 to 1024
[  230.242172][ T3476] hfsplus: bad catalog file entry
[  230.270604][ T3476] hfsplus: b-tree write err: -5, ino 3
[  230.644055][ T9907] misc userio: Can't change port type on an already running userio instance
[  231.035829][ T9920] input: syz1 as /devices/virtual/input/input13
[  231.289816][ T9933] loop1: detected capacity change from 0 to 128
[  231.355600][ T9933] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  231.403580][ T9933] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.508557][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  231.508570][   T28] audit: type=1800 audit(1750249397.797:79): pid=9933 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1134" name="file1" dev="loop1" ino=12 res=0 errno=0
[  231.554501][    T8] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  231.738960][ T8079] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  231.765519][    T8] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  231.783042][    T8] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  231.807008][    T8] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  231.834148][ T9953] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1139'.
[  231.839265][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.879935][ T9932] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  231.891243][    T8] usb 5-1: Quirk or no altest; falling back to MIDI 1.0
[  231.937448][ T9953] gretap0: entered promiscuous mode
[  231.953302][ T9953] macvtap1: entered promiscuous mode
[  231.979170][ T9953] macvtap1: entered allmulticast mode
[  232.004854][ T9953] gretap0: entered allmulticast mode
[  232.172892][    T8] usb 5-1: USB disconnect, device number 6
[  232.252726][   T28] audit: type=1326 audit(1750249398.537:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9963 comm="syz.1.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  232.313144][   T28] audit: type=1326 audit(1750249398.537:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9963 comm="syz.1.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  232.378451][   T28] audit: type=1326 audit(1750249398.547:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9963 comm="syz.1.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  232.480497][   T28] audit: type=1326 audit(1750249398.557:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9963 comm="syz.1.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  232.559048][   T28] audit: type=1326 audit(1750249398.557:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9963 comm="syz.1.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  232.640406][   T28] audit: type=1326 audit(1750249398.567:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9963 comm="syz.1.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  232.729989][   T28] audit: type=1326 audit(1750249398.577:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9963 comm="syz.1.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  232.772275][   T28] audit: type=1326 audit(1750249398.597:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9963 comm="syz.1.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  232.848197][   T28] audit: type=1326 audit(1750249398.597:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9963 comm="syz.1.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e07d8e929 code=0x7ffc0000
[  233.675768][T10028] loop6: detected capacity change from 0 to 128
[  233.979543][ T3483] Bluetooth: hci4: Frame reassembly failed (-84)
[  234.170793][T10045] loop4: detected capacity change from 0 to 512
[  234.179102][T10045] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  234.201028][T10045] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  234.239107][T10045] EXT4-fs (loop4): 1 truncate cleaned up
[  234.258944][T10045] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.371141][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.806867][ T5813] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  235.000775][ T5813] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  235.022882][ T5813] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  235.036646][ T5813] usb 6-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  235.045893][ T5813] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.070294][ T5813] usb 6-1: config 0 descriptor??
[  235.195448][T10080] loop4: detected capacity change from 0 to 512
[  235.224817][T10080] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.241913][T10080] ext4 filesystem being mounted at /270/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.317125][ T6256] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.486113][ T5813] lenovo 0003:17EF:6047.0009: unknown main item tag 0x0
[  235.509937][ T5813] lenovo 0003:17EF:6047.0009: unknown main item tag 0x0
[  235.522547][T10087] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1180'.
[  235.529847][ T5813] lenovo 0003:17EF:6047.0009: unknown main item tag 0x0
[  235.539127][ T5813] lenovo 0003:17EF:6047.0009: unknown main item tag 0x0
[  235.546252][ T5813] lenovo 0003:17EF:6047.0009: unknown main item tag 0x0
[  235.578406][ T5813] lenovo 0003:17EF:6047.0009: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.5-1/input0
[  235.766060][T10094] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1183'.
[  235.884737][ T5813] lenovo 0003:17EF:6047.0009: Failed to switch middle button: -71
[  235.899153][ T5813] lenovo 0003:17EF:6047.0009: Fn-lock setting failed: -71
[  235.917483][ T5813] lenovo 0003:17EF:6047.0009: Sensitivity setting failed: -71
[  235.940570][ T5813] usb 6-1: USB disconnect, device number 10
[  235.964653][T10099] loop4: detected capacity change from 0 to 1024
[  236.048943][ T5773] Bluetooth: hci4: command 0xfc11 tx timeout
[  236.049086][ T5087] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  236.714561][T10125] loop5: detected capacity change from 0 to 128
[  236.761643][T10125] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  236.785624][T10129] ax25_connect(): syz.4.1200 uses autobind, please contact jreuter@yaina.de
[  236.833073][T10125] ext4 filesystem being mounted at /207/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.856862][T10129] ax25_connect(): syz.4.1200 uses autobind, please contact jreuter@yaina.de
[  236.894240][T10125] syz.5.1198 (pid 10125) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  236.980607][T10135] loop1: detected capacity change from 0 to 16
[  237.034401][T10135] erofs: (device loop1): mounted with root inode @ nid 36.
[  237.077746][ T6604] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  237.285199][ T8079] erofs: (device loop1): erofs_fill_dentries: bogus dirent @ nid 46
[  237.313217][ T8079] erofs: (device loop1): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[  237.343290][ T8079] erofs: (device loop1): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[  237.363921][T10149] smc: net device bond0 applied user defined pnetid SYZ0
[  237.393804][T10149] smc: net device bond0 erased user defined pnetid SYZ0
[  237.787168][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  238.492423][T10169] loop1: detected capacity change from 0 to 32768
[  238.524754][T10169] JBD2: Ignoring recovery information on journal
[  238.627974][T10169] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  238.703801][T10169] 
[  238.706155][T10169] ======================================================
[  238.713164][T10169] WARNING: possible circular locking dependency detected
[  238.720168][T10169] 6.6.93-syzkaller #0 Not tainted
[  238.725168][T10169] ------------------------------------------------------
[  238.732164][T10169] syz.1.1218/10169 is trying to acquire lock:
[  238.738210][T10169] ffff88805c52a658 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x165/0x4360
[  238.751416][T10169] 
[  238.751416][T10169] but task is already holding lock:
[  238.758763][T10169] ffff8880500f31b8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x410/0x11f0
[  238.768232][T10169] 
[  238.768232][T10169] which lock already depends on the new lock.
[  238.768232][T10169] 
[  238.778613][T10169] 
[  238.778613][T10169] the existing dependency chain (in reverse order) is:
[  238.787605][T10169] 
[  238.787605][T10169] -> #5 (&oi->ip_xattr_sem){++++}-{3:3}:
[  238.795412][T10169]        down_read+0x46/0x2e0
[  238.800079][T10169]        ocfs2_init_acl+0x2fa/0x720
[  238.805259][T10169]        ocfs2_mknod+0x12e5/0x20f0
[  238.810354][T10169]        ocfs2_create+0x196/0x410
[  238.815363][T10169]        path_openat+0x1277/0x3190
[  238.820462][T10169]        do_filp_open+0x1c5/0x3d0
[  238.825471][T10169]        do_sys_openat2+0x12c/0x1c0
[  238.830656][T10169]        __x64_sys_openat+0x139/0x160
[  238.836016][T10169]        do_syscall_64+0x55/0xb0
[  238.840942][T10169]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  238.847344][T10169] 
[  238.847344][T10169] -> #4 (jbd2_handle){++++}-{0:0}:
[  238.854622][T10169]        start_this_handle+0x1e9d/0x20c0
[  238.860239][T10169]        jbd2__journal_start+0x2bb/0x5b0
[  238.865855][T10169]        jbd2_journal_start+0x2a/0x40
[  238.871209][T10169]        ocfs2_start_trans+0x376/0x6c0
[  238.876651][T10169]        ocfs2_mknod+0xe47/0x20f0
[  238.881658][T10169]        ocfs2_create+0x196/0x410
[  238.886664][T10169]        path_openat+0x1277/0x3190
[  238.891783][T10169]        do_filp_open+0x1c5/0x3d0
[  238.896788][T10169]        do_sys_openat2+0x12c/0x1c0
[  238.901969][T10169]        __x64_sys_open+0x11f/0x140
[  238.907152][T10169]        do_syscall_64+0x55/0xb0
[  238.912079][T10169]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  238.918486][T10169] 
[  238.918486][T10169] -> #3 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  238.926984][T10169]        down_read+0x46/0x2e0
[  238.931646][T10169]        ocfs2_start_trans+0x36a/0x6c0
[  238.937088][T10169]        ocfs2_mknod+0xe47/0x20f0
[  238.942096][T10169]        ocfs2_create+0x196/0x410
[  238.947111][T10169]        path_openat+0x1277/0x3190
[  238.952203][T10169]        do_filp_open+0x1c5/0x3d0
[  238.957209][T10169]        do_sys_openat2+0x12c/0x1c0
[  238.962400][T10169]        __x64_sys_open+0x11f/0x140
[  238.967580][T10169]        do_syscall_64+0x55/0xb0
[  238.972529][T10169]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  238.978931][T10169] 
[  238.978931][T10169] -> #2 (sb_internal#2){.+.+}-{0:0}:
[  238.986397][T10169]        ocfs2_start_trans+0x26b/0x6c0
[  238.991846][T10169]        ocfs2_mknod+0xe47/0x20f0
[  238.996854][T10169]        ocfs2_create+0x196/0x410
[  239.001862][T10169]        path_openat+0x1277/0x3190
[  239.006952][T10169]        do_filp_open+0x1c5/0x3d0
[  239.011958][T10169]        do_sys_openat2+0x12c/0x1c0
[  239.017140][T10169]        __x64_sys_open+0x11f/0x140
[  239.022321][T10169]        do_syscall_64+0x55/0xb0
[  239.027240][T10169]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  239.033641][T10169] 
[  239.033641][T10169] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}:
[  239.044139][T10169]        down_write+0x97/0x1f0
[  239.048889][T10169]        ocfs2_reserve_local_alloc_bits+0x126/0x24b0
[  239.055548][T10169]        ocfs2_reserve_clusters_with_limit+0x1bf/0xba0
[  239.062377][T10169]        ocfs2_mknod+0xdee/0x20f0
[  239.067386][T10169]        ocfs2_create+0x196/0x410
[  239.072420][T10169]        path_openat+0x1277/0x3190
[  239.077548][T10169]        do_filp_open+0x1c5/0x3d0
[  239.082554][T10169]        do_sys_openat2+0x12c/0x1c0
[  239.087734][T10169]        __x64_sys_open+0x11f/0x140
[  239.092914][T10169]        do_syscall_64+0x55/0xb0
[  239.097835][T10169]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  239.104234][T10169] 
[  239.104234][T10169] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}:
[  239.114729][T10169]        __lock_acquire+0x2ddb/0x7c80
[  239.120086][T10169]        lock_acquire+0x197/0x410
[  239.125091][T10169]        down_write+0x97/0x1f0
[  239.129835][T10169]        ocfs2_reserve_suballoc_bits+0x165/0x4360
[  239.136231][T10169]        ocfs2_reserve_new_metadata_blocks+0x404/0x940
[  239.143065][T10169]        ocfs2_init_xattr_set_ctxt+0x2f8/0x6e0
[  239.149214][T10169]        ocfs2_xattr_set+0xb6d/0x11f0
[  239.154570][T10169]        __vfs_setxattr+0x431/0x470
[  239.159756][T10169]        __vfs_setxattr_noperm+0x12d/0x5e0
[  239.165546][T10169]        vfs_setxattr+0x16c/0x2f0
[  239.170553][T10169]        path_setxattr+0x362/0x550
[  239.175644][T10169]        __x64_sys_lsetxattr+0xb8/0xd0
[  239.181086][T10169]        do_syscall_64+0x55/0xb0
[  239.186005][T10169]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  239.192404][T10169] 
[  239.192404][T10169] other info that might help us debug this:
[  239.192404][T10169] 
[  239.202615][T10169] Chain exists of:
[  239.202615][T10169]   &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3 --> jbd2_handle --> &oi->ip_xattr_sem
[  239.202615][T10169] 
[  239.218329][T10169]  Possible unsafe locking scenario:
[  239.218329][T10169] 
[  239.225756][T10169]        CPU0                    CPU1
[  239.231098][T10169]        ----                    ----
[  239.236441][T10169]   lock(&oi->ip_xattr_sem);
[  239.241015][T10169]                                lock(jbd2_handle);
[  239.247594][T10169]                                lock(&oi->ip_xattr_sem);
[  239.254701][T10169]   lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3);
[  239.261980][T10169] 
[  239.261980][T10169]  *** DEADLOCK ***
[  239.261980][T10169] 
[  239.270103][T10169] 3 locks held by syz.1.1218/10169:
[  239.275280][T10169]  #0: ffff888079050418 (sb_writers#13){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  239.284491][T10169]  #1: ffff8880500f3498 (&sb->s_type->i_mutex_key#20){+.+.}-{3:3}, at: vfs_setxattr+0x145/0x2f0
[  239.294926][T10169]  #2: ffff8880500f31b8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x410/0x11f0
[  239.304828][T10169] 
[  239.304828][T10169] stack backtrace:
[  239.310709][T10169] CPU: 0 PID: 10169 Comm: syz.1.1218 Not tainted 6.6.93-syzkaller #0
[  239.318762][T10169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  239.328803][T10169] Call Trace:
[  239.332077][T10169]  <TASK>
[  239.335004][T10169]  dump_stack_lvl+0x16c/0x230
[  239.339672][T10169]  ? load_image+0x3b0/0x3b0
[  239.344162][T10169]  ? show_regs_print_info+0x20/0x20
[  239.349353][T10169]  ? print_circular_bug+0x12b/0x1a0
[  239.354540][T10169]  check_noncircular+0x2bd/0x3c0
[  239.359466][T10169]  ? print_deadlock_bug+0x5d0/0x5d0
[  239.364650][T10169]  ? lockdep_lock+0xe0/0x220
[  239.369229][T10169]  ? _find_first_zero_bit+0xd3/0x100
[  239.374500][T10169]  __lock_acquire+0x2ddb/0x7c80
[  239.379341][T10169]  ? ocfs2_get_system_file_inode+0x1e3/0x7b0
[  239.385304][T10169]  ? __lock_acquire+0x7c80/0x7c80
[  239.390312][T10169]  ? verify_lock_unused+0x140/0x140
[  239.395494][T10169]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  239.401110][T10169]  ? do_raw_spin_lock+0x121/0x2c0
[  239.406117][T10169]  ? mutex_unlock+0x10/0x10
[  239.410609][T10169]  lock_acquire+0x197/0x410
[  239.415114][T10169]  ? ocfs2_reserve_suballoc_bits+0x165/0x4360
[  239.421163][T10169]  ? ocfs2_get_system_file_inode+0x1f1/0x7b0
[  239.427136][T10169]  ? __might_sleep+0xe0/0xe0
[  239.431719][T10169]  ? read_lock_is_recursive+0x20/0x20
[  239.437075][T10169]  ? ocfs2_fast_symlink_read_folio+0x530/0x530
[  239.443215][T10169]  ? verify_lock_unused+0x140/0x140
[  239.448395][T10169]  ? check_noncircular+0x175/0x3c0
[  239.453495][T10169]  down_write+0x97/0x1f0
[  239.457725][T10169]  ? ocfs2_reserve_suballoc_bits+0x165/0x4360
[  239.463774][T10169]  ? down_read_killable+0x340/0x340
[  239.468960][T10169]  ocfs2_reserve_suballoc_bits+0x165/0x4360
[  239.474840][T10169]  ? mark_lock+0x94/0x320
[  239.479153][T10169]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  239.485114][T10169]  ? lock_chain_count+0x20/0x20
[  239.489949][T10169]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  239.495827][T10169]  ? ocfs2_block_group_search+0x470/0x470
[  239.501525][T10169]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  239.507428][T10169]  ? _raw_spin_unlock+0x40/0x40
[  239.512293][T10169]  ? stack_trace_save+0x9c/0xe0
[  239.517150][T10169]  ? stack_trace_snprint+0xf0/0xf0
[  239.522244][T10169]  ? __stack_depot_save+0x560/0x630
[  239.527429][T10169]  ? kasan_set_track+0x5f/0x70
[  239.532180][T10169]  ? kasan_set_track+0x4e/0x70
[  239.536926][T10169]  ? __kasan_kmalloc+0x8f/0xa0
[  239.541675][T10169]  ? ocfs2_reserve_new_metadata_blocks+0x114/0x940
[  239.548155][T10169]  ? ocfs2_init_xattr_set_ctxt+0x2f8/0x6e0
[  239.553953][T10169]  ? ocfs2_xattr_set+0xb6d/0x11f0
[  239.558974][T10169]  ? __vfs_setxattr+0x431/0x470
[  239.563813][T10169]  ? __vfs_setxattr_noperm+0x12d/0x5e0
[  239.569262][T10169]  ? vfs_setxattr+0x16c/0x2f0
[  239.573925][T10169]  ? path_setxattr+0x362/0x550
[  239.578669][T10169]  ? __x64_sys_lsetxattr+0xb8/0xd0
[  239.583772][T10169]  ? do_syscall_64+0x55/0xb0
[  239.588348][T10169]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  239.594445][T10169]  ocfs2_reserve_new_metadata_blocks+0x404/0x940
[  239.600760][T10169]  ? ocfs2_init_steal_slots+0x160/0x160
[  239.606288][T10169]  ? ocfs2_xattr_block_set+0x2b40/0x2b40
[  239.611915][T10169]  ocfs2_init_xattr_set_ctxt+0x2f8/0x6e0
[  239.617534][T10169]  ? ocfs2_xattr_set+0xb33/0x11f0
[  239.622547][T10169]  ? ocfs2_prepare_refcount_xattr+0xf20/0xf20
[  239.628602][T10169]  ? ocfs2_truncate_log_needs_flush+0x135/0x2e0
[  239.634836][T10169]  ? ocfs2_remove_btree_range+0x1480/0x1480
[  239.640713][T10169]  ? down_write+0x162/0x1f0
[  239.645210][T10169]  ? down_read_killable+0x340/0x340
[  239.650393][T10169]  ? up_write+0x1c3/0x410
[  239.654710][T10169]  ocfs2_xattr_set+0xb6d/0x11f0
[  239.659570][T10169]  ? __ocfs2_xattr_set_handle+0xf10/0xf10
[  239.665290][T10169]  ? __lock_acquire+0x1334/0x7c80
[  239.670297][T10169]  ? verify_lock_unused+0x140/0x140
[  239.675483][T10169]  ? aa_get_newest_label+0xf8/0x5c0
[  239.680670][T10169]  ? end_current_label_crit_section+0x170/0x170
[  239.686900][T10169]  ? posix_xattr_acl+0x93/0xb0
[  239.691646][T10169]  ? evm_protect_xattr+0x36d/0x7a0
[  239.696738][T10169]  ? ocfs2_xattr_trusted_get+0x40/0x40
[  239.702186][T10169]  __vfs_setxattr+0x431/0x470
[  239.706856][T10169]  __vfs_setxattr_noperm+0x12d/0x5e0
[  239.712132][T10169]  vfs_setxattr+0x16c/0x2f0
[  239.716625][T10169]  ? xattr_permission+0x470/0x470
[  239.721634][T10169]  ? __mnt_want_write+0x223/0x2a0
[  239.726642][T10169]  ? path_setxattr+0x314/0x550
[  239.731389][T10169]  path_setxattr+0x362/0x550
[  239.735963][T10169]  ? simple_xattrs_free+0x150/0x150
[  239.741151][T10169]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  239.747115][T10169]  ? lock_chain_count+0x20/0x20
[  239.751950][T10169]  __x64_sys_lsetxattr+0xb8/0xd0
[  239.756881][T10169]  do_syscall_64+0x55/0xb0
[  239.761296][T10169]  ? clear_bhb_loop+0x40/0x90
[  239.765956][T10169]  ? clear_bhb_loop+0x40/0x90
[  239.770622][T10169]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  239.776517][T10169] RIP: 0033:0x7f2e07d8e929
[  239.780916][T10169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.800503][T10169] RSP: 002b:00007f2e08b50038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  239.808900][T10169] RAX: ffffffffffffffda RBX: 00007f2e07fb5fa0 RCX: 00007f2e07d8e929
[  239.816857][T10169] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 00002000000000c0
[  239.824828][T10169] RBP: 00007f2e07e10b39 R08: 0000000000000000 R09: 0000000000000000
[  239.832780][T10169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  239.840734][T10169] R13: 0000000000000000 R14: 00007f2e07fb5fa0 R15: 00007ffc3ee2a648
[  239.848705][T10169]  </TASK>
[  239.949101][ T8079] ocfs2: Unmounting device (7,1) on (node local)
[  239.977286][T10178] loop6: detected capacity change from 0 to 32768
[  239.997993][T10178] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 10
[  240.069815][ T7283] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 10