last executing test programs:

3.517997963s ago: executing program 2 (id=989):
socket$igmp6(0xa, 0x3, 0x2)
socket$inet6(0xa, 0x3, 0x8000000003c)
r0 = syz_open_procfs(0x0, &(0x7f0000001840)='net/raw6\x00')
preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000280)=""/254, 0xfe}], 0x1, 0x1fc, 0x0)

3.389790383s ago: executing program 2 (id=992):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fcb602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9", @ANYBLOB="3db1bd3c9388ce300f92cc8091d7ddbdcfffeed8bb90e543382e29209562d6483c6fcfdf79d0b465e6bc8ea70762049054a683ca4394e098765d85fa3b798fc191119debc7d45cce724609d275eabc974abf88d2270db005808488efc289084aff3069b2b0a78cdfa1f780c10f6c51d7c9ced7ab3e8a7aa716d5ebe1e8cb6255366a32ca4bfad14e3b1315ec", @ANYRESHEX, @ANYRES64, @ANYRES16, @ANYRES64], 0x0, 0x624c, &(0x7f0000001f80)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgCYsmKB8iCLTseAEs2EiirFKrpc8Y1lZ7pGdvd1eP6/aRx1denavqU/119marqEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/PAHPz5XRMSVX6UbTkR8LvoRvYiVql6LiJW1E3n5QUS8ENvN8XxEDJciitz4bMTrEfHx8Yj7D+6sVzedP2A/vv+Xf/7hJ8d+9I8/Dc/876+3+m/stdzt27/979/uPvr2AgAAQBeVZVkW6WP+yfT5vtd2pwCAuciv/2WSb1cvXL25YP1Rq9Vq9RGs68rJ7taLiNisr1O9Z3A4HgCOmM34pO0u0CL5d9ogIo613QlgoRVtd4CZuP/gznqR8i3qrwdr4/Z8Lsiu/DeLnes79ppO0zzHZF6Pr63ox3N79GdlTn1YJDn/XjP/K+P2UVpu1vnPy175j8aXPnVOzr/fzL/h6cm/NzH/rsr5Dw6Vf1/+AAAAAACwwPLf/0+0fPx36fE35UD2O/67Nqc+AAAAAAAAAMCT9rjj/+0ojP8HAAAAi6r6rF753fGHt+31XWzV7ZeLiGcaywMdky6WWW27HwAAAAAAAAAAAADQJYPxObyXi4hhRDyzulqWZfVT16wP63HXP+q6vv3QZW0/yQMAwNjHxxvX8hcRyxFxOX3X33B1dbUsl1dWy9VyZSm/nx0tLZcrtc+1eVrdtjQ6wBviwaisftlybb26aZ+Xp7U3f191X6Oyf4COzUeLgQNARIxfje57RXrKlOWz0fa7HI6GSft/v52HLU+I/Z+DaPtxCgAAAMxeWZZlkb7O+2Q65t9ru1MAwFzk1//mcQG1Wq1Wq9VPX11XTna3XkTEZn2d6j2D4fgB4IjZjE/a7gItkn+nDSLihbY7ASy0ou0OMBP3H9xZL1K+Rf31II3vns8F2ZX/ZrG9Xl5/0nSa5jkm83p8bUU/ntujP8/PqQ+LJOffa+Z/Zdw+SsvNOv952Sv/ajtPtNCftuX8+838G56e/HsT8++qnP/gUPn35Q8AAAAAAAss//3/xEId/x096uZMtd/x37WZ3SsAAAAAAAAAzNb9B3fW83Wv+fj/FyYs5/rPp1POv5B/J+X8e438v9pYrj4e8L23H+b/nwd31v9469+fz9OD5r+UZ4r0yCrSI6JI91QM0vRxtu6ztob9UXVPw6LXH6Rzfsrhu3EtrsdGnN21bC/9fzxsP7erverpcLu97I/bz+9qH4zbN2Nn/Qu72ofpTKdyJbefjvX4eVyPd7bbq7alKdu/PKW9nNKe8+/b/zsp5z+o/VT5r6b2ojGt3Puo95n9vj6ddD9vXfvib87OfnOm2or+zrbVVdv3Ugv92f4/OTaKX97cuHH69tVbt26cizTZdev5SJMnLOc/TD87z/8vj9vz8359f7330ejQ+c/KtOe3pq0Y7Jn/y7X5antfeRIdXHA5/1H6yfm/k9on7/+Lk/9h7bf/v9pCfwAAAAAAAAAAAAAAAGA/ZVluX0L1VkRcTNf/tHVtJgAwX/n1v0zy7fOq+4+6/p93b0db/Ver51wXC9afudaflovVH7X6KNZ15WRv1ouI+Ht9neo9w68n/TIAYJF9GhH/arsTtEb+HZa/76+anmq7M8Bc3fzgw59evX5948bNtnsCAAAAAAAAADyqPP7nWm3851NlWd5tLLdr/Ne3Y+1xx/8c5JmdAUb3GMi1f/ht2s9Wb9Tv1YYbfzH2Gv97uDO33/jfgyn3N5zSPprSvjSlfXlK+8QLPWpy/i/Wxjs/FREnG8Ovd2H81+aY912Q83+p9niu8v9KY7l6/uXvj3L+vV35n7n1/i/O3Pzgw9euvX/1vY33Nn524dy5sxcuXrx06dKZd69d3zg7/rfFHs9Wzj+Pfe080G7J+efM5d8tOf8vpVr+3ZLz/3Kq5d8tOf/8fk/+3ZLzz5995N8tOf9XUi3/bsn5fy3V8u+WnP+rqZZ/t+T8v55q+XdLzv+1VMu/W3L+p1Mt/27J+Z9J9QHzX5l1v5iPnH8+wmX/75acfz6zQf7dkvM/n2r5d0vO/0Kq5d8tOf/XUy3/bsn5fyPV8u+WnP/FVMu/W3L+30y1/Lsl538p1fLvlpz/t1It/27J+X871fLvlpz/G6mWf7fk/L+Tavl3S87/u6mWf7fk/L+Xavl3S87/zVTLv1sefv+/GTNmzOSZtp+ZAAAAAAAAAAAAAICmeZxO3PY2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPB/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvbuLkeus7wd+Zt+8diAxEPJ38jdh4xhjnE12/RK/0LqY8NrwVhJCoS/YrndtFvyG1y6BRrWjQImEUVFF23DRFhBqc1NhVVzQClAuUKtKlaC9oDeICpWLqAooIFWiFbDVzHmeZ2dmZ2d2vePNmXM+H4n8vDNn5pw5c+bsfm2+ewAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZne9YfZTtSzLarVafsPmLHtRfW6c2Ny45bUv7PYBAAAAa/eLxn+fvyXdcGQFD2pa5p/u/PZXFxYWFrL3Df/p6OcWFtIdE1k2uiHLGvdF137w/lrzMsET2XhtqOnroR6rH+5x/0iP+0d73D/W4/4NPe4f73H/kh2wxMaslp5se+OPm/Ndmt2ajTbu297hUU/UNgzV9116bFZrPGZh9GQ2l53OZrPpluXzZWuN5b9+V31db83iuoaa1rW1foT85LETcRtqYR9vb1nX4nNGP3p9NvHTnzx24q8vPnd7p9lzN7Q8X76dO7fVt/MT4ZZ8W2vZhrRP4nYONW3n1g7vyXDLdtYaj6v/uX07n1/hdg4vbua6an/Px7Ohxp+/09hPI7Wsw37aGm772d1Zll1Z3Oz2ZZasKxvKNrXcMrT4/oznR2T9OeqH0kuzkVUdp3et4Ditz5ntrcdp+2civv93hceNLLMNzW/Tjx4fa3rff75wPcdpVH/VnT4rQx2OwX5/VopyDMbj4juN9+rJjsfg9vD6H9ux/DHY8djpcAym1910DG7rdQwOjQ03tjm9CbXGYxaPwd0tyw831lRrzGd3dD8Gpy6eOT81/7GP3zt35vip2VOzZ/fu3j29d//+gwcPTp2cOz07nf/3Ovd28W3KhtJnYFvYd/Fz+Oq2ZZsP1YUvji05/17v53B8mc/h9vCeNev353Ck/cXV1ucDufSYzj8b76nv9PGrQ9kyn7HG+7Nr7Z/D9LqbPocjTZ/Djt9TOnwOR1bwOawvc37Xyn5mGWn6X6dtWP57wdqOwc1Nx2D7zyPtx2C/fx4pyjE4Ho6L7+1a/nvB1rC9T06u9ueR4SXHYHq54dxTvyX9vD9+sDE6HZd31O+4aSy7ND974b5Hj1+8eGF3Fsa6eFnTsdJ+vG5qek3ZkuN1aNXH65G5O5+8o8Ptm8O+Gr+3/p/xZd+r+jL77uv+XjW+u3Xeny237snC6LP13p+dvpvX9+dYln3+W48/9I3HPv+GZfdnPW9+YmrtP4unXNp0/h1d5vwbc/8v8/Wlp3pieHQk//wOp70z2nI+bn2rRhrnrlpj3c9Prex8PBr+t97n41u7nI+3tC3b7/PxaPuLi+fjWq+/7Vib9vdzPBwnp6e7n4/ry2zZs9pjcqTr+fjuMGth/78mJIWUi5qOneWO27SukZHR8LpG4hpaj9O9LcvH462+rqf3XN9xuvPu/LmG06tbtF7H6UTbsv0+TtPffS13nNZ6/e3b9Wl/P8fDcXHr3u7HaX2ZZ/at/dy5Mf6x6dw51usYHB0eq2/zaDoIG+f7bGFjPAbvy05k57LT2Uzj3rHG8VRrrGvy/pUdg2Phf+t9rtzS5Rjc2bZsv4/B9H1suWOvNrL0xfdB+/s5Ho6Lp+7vfgzWl3njgf7+7Loz3JKWafrZtf3v15b7O6872nbTjTpWRsJ2futA97+brS9z+uBqc2b3/XRPuOWmDvup/fO73GdqJluf/bQlbOdzB5ffT/XtqS/zuUMrPJ6OZFl2+SMPNP6+N/z7yt9d+u5XW/7dpdO/6Vz+yAM/fvHJf1zN9gMw+H6Zj03597qmf5layb//AwAAAAMh5v6hMBP5HwAAAEoj5v74/wpP5H8AAAAojZj7R8JMKpL/t7zxublfXs5SM38hiPen3fBgvlzsuE6HrycWFtVvf+DLs//9D5dXtu6hLMt+/uAfdFx+y4Nxu3ITYTuvvan19iW+eu+K1n3skctpvc399S+E54+vZ6WHQacK7nSWZV+/5TON9Uy8/2pjPvPgscZ86MqTT9SXef5Q/nV8/LMvy5f/i1D+PXLyeMvjnw374YdhTr+t8/6Ij/vK1ddsPfDexfXFx9W23dx42U99IH/e+HtyPvtEvnzcz8tt/zc+/fRX6ss/+qrO2395qPP2Px2e98th/s8r8uWb34P61/FxnwzbH9cXH3ffl77ZcfuvfSpf/vyb8+WOhRnXvzN8vf3Nz801769Ha8dbXlf2lny5uP7p7/5x4/74fPH527d//OjVlv3Rfnw882/580y1LR9vj+uJ/r5t/fXnaT4+4/qf/qNjLfu51/qvPfTsK+rP277+e9qWO/+RXY31Lz5f629s+stPfqbj+uL2HPnb8y2v58i7w+c4rP+pD4TjMdz/v9fy52v/7QrH3t16/onLf2Hz5ZbXE731p/n6r73uVGNuGN+46aYXvfjmK6+s77ss+86G/Pl6rf/UX51r2f4v3pbvj3h/7Oi3r385cf0XPjp59tz8pbmZtFcfu6Xxu3Penm9P3N5bwrm1/euj5y5+cPbCxPTEdJZNlPdX6F23L4X543xc6b70wpIz6K5Hwvt5x59/fdOOf/10vP3f35PffvVt+fetV4flPhtu3xzev9Wtf6mn7rqt8fmuPRO2cGHp7wtei63b/+vgihYMr7/954J4vJ9/+Qcb+6F+X+P7Rvxcr3H7vz+TP8/Xwn5dCL+Zedtti+trXj7+boSrD+ef9zXvv3Cai+/r34T3+x0/zJ8/bld8vd8PP8d8c0vr+S4eH1+7PNT+/I3f4nElnE+yK/n9cam4v68+f1vHzYu/hyS7cnvj6z9Jz3P7ql7mcuY/Nj91eu7spUenLs7OX5ya/9jHj545d+nsxaON3+V59EO9Hr94ftrUOD/NzO7flzXOVufycYO90Nt//pETMwemd8zMnjx+6eTFR87PXjh1Yn7+xOzM/I7jJ0/OfrTX4+dmDu/ec2jvgT2Tp+ZmDh88dGjvocm5s+fqm5FvVA/7pz88efbC0cZD5g/vO7T7/vv3TU+eOTcze/jA9PTkpV6Pb3xvmqw/+vcnL8yePn5x7szs5Pzcx2cP7z60f/+enr8N8Mz5k/MTUxcunZ26ND97YSp/LRMXGzfXv/f1ejzlNP8f+c+z7Wr5L+LL3nXP/vT7Weu+/PiyT5Uv0vYLRJ8Lv4vmn19y/uBKvo65fzTMpCL5HwAAAKog5v6xMBP5HwAAAEoj5v4NYSbyPwAAAJRGzP3jYSYVyf+l6/9vubyi9ev/6/837y/9/4r1/x8uWv8/P1/o//fHWvv3+v+B/r/+v/6//r/+P31QtP5/zP0bs6yS+R8AAACqIOb+TWEm8j8AAACURsz9N4WZyP8AAABQGjH3vyjMpCL5X/9f/1//X/9f/7/z+vX/B5P+f3f6/z3o/09l1er/X+nn9uv/6/+zVNH6/zH3vzjMpCL5HwAAAKog5v6bw0zkfwAAACiNmPtvCTOR/wEAAKA0Yu7fHGZSkfyv/6//r/+v/6//33n9+v+DSf+/O/3/HvT/Xf9f/1//n74qWv8/5v6XhJlUJP8DAABAFcTc/9IwE/kfAAAAimfk+h4Wc//LwkyW5P/rXAEAAADwgou5/9asrQhekX//1//X/y9+/39Duk//X/8/K2T/fzjT/y8O/f/u9P970P9fZX9+vOUr/X/9f/1/2hWt/9/I/dl49vIwk4rkfwAAAKiCmPtvCzOR/wEAAKA0Yu7/f2Em8j8AAACURsz9W8JMKpL/9f/1/4vf/3f9f/3/ovf/Xf+/SPT/u9P/70H/3/X/9f/1/+mrovX/Y+6/PcykIvkfAAAAqiDm/jvCTOR/AAAAKI2Y+/9/mIn8DwAAAKURc//WMJOK5H/9/4L3/2NzVP9f/1//X/9f/39F9P+70//vQf9f/1//X/+fvipa/z/m/leEmVQk/wMAAEAVxNx/Z5iJ/A8AAAClEXP/K8NM5H8AAAAojZj7J8JMKpL/9f8L3v/Pe/Bjrv+v/6//r/+v/78y+v/d6f/3oP+v/9+X/v/CZf1//X9yRev/x9x/V5hJRfI/AAAAVEHM/dvCTOR/AAAAKI2Y++8OM5H/AQAAoDRi7t8eZlKR/K//PxD9/0z/X/9f/1//X/9/ZfT/u9P/70H/X/8/bn88ybv+v/4/a1K0/n/M/a8KM6lI/gcAAIAqiLl/R5iJ/A8AAAClEXP/q8NM5H8AAAAojZj7d4aZVCT/6//r/+v/6//r/3dev/7/YNL/707/vwf9f/3/vlz/X/9f/5+oaP3/mPtfE2ZSkfwPAAAAVRBz/64wE/kfAAAASiPm/nvCTOR/AAAAKI2Y+yfDTCqS//X/9f/1//X/9f87r1//fzDp/3en/9+D/n+/+vPD+v/6//r/ZAXs/8fcf2+YSUXyPwAAAFRBzP33hZnI/wAAAFAaMfdPhZnI/wAAAFAaMfdPh5lUJP/r/+v/r7n/3/Ti9f8r0P9/5eLz6v/n9P+LRf+/O/3/HvrX/x/Jqt3/d/3/6+7/j+r/UypF6//H3L87zKQi+R8AAACqIOb+PWEm8j8AAACURsz9e8NM5H8AAAAojZj794WZVCT/6//r/7v+v/6/6/93Xr/+/2DS/++u//3/+BL1/13/X//f9f/1/1mqaP3/mPvvDzOpSP4HAACAKoi5f3+YifwPAAAApRFz/4EwE/kfAAAASiPm/oNhJhXJ//r/+v/6//r/+v+d16//P5j0/7ur+vX/N/faAP1//X/9f/1/1ujhP2z+qmj9/5j7D4WZVCT/AwAAQBXE3P/aMBP5HwAAAEoj5v5fCTOR/wEAAKA0Yu7/1TCTsuT/Hs1D/X/9f/1//X/9/87r1/8fTPr/3VW9/9+T/r/+v/6//j99VbT+f8z9h8NMypL/AQAAgJT7fy3MRP4HAACA0oi5/3VhJvI/AAAAlEbM/UfCTCqS//X/9f/1//X/9f87r3+9+/9j8Xn1/9dE/787/f8e9P/1//X/9f/pq6L1/2Puf32YSUXyPwAAAFRBzP0PhJnI/wAAAFAaMfe/IcxE/gcAAIDSiLn/jWEmFcn/+v/6//r/+v/6/53X7/r/g0n/v7v16P8P6/+Xpf8/pP+v/6//z1oVrf8fc/+bwkwqkv8BAACgCmLuf3OYifwPAAAApRFz/1vCTOR/AAAAKI2Y+98aZlKR/K//r/+v/6//r//fef36/4NJ/7871//vQf/f9f/1//X/6aui9f9j7v/1MJOK5H8AAACogpj7Hwwzkf8BAACgNGLuf1uYifwPAAAApRFz/9vDTCqS//X/9f/1//X/9f87r1//fzDp/3c3YP3/X9wcbtf/z+n/F3v7V9v/H2n7+ob0/3+wXP9/YUP74/X/uRGK1v+Puf8dYSYVyf8AAABQBTH3vzPMRP4HAACA0oi5/11hJvI/AAAAlEbM/b8RZlKR/K//X9+Oxfay/n9Z+/9D+v/6//r/FaH/39XGbLD6/67/30b/v9jb7/r/+v8sVbT+f8z97w4zqUj+BwAAgCqIuf+hMBP5HwAAAEoj5v6Hw0zkfwAAACiNmPvfE2ZSkfyv/+/6/9Xo/7v+f6b/r/9fEfr/3Q3Y9f/1/9vo/xd7+29I//8/9f8ZbEXr/8fc/0iYSUXyPwAAAFRBzP3vDTOR/wEAAKA0Yu7/zTAT+R8AAABKI+b+94WZVCT/6/8PSv9/YkD7/4/r/9/A/v+dN+fL6f/r/7NI/787/f8e9P/1/4vW/3f9fwZc0fr/Mfe/P8xk5fl/fMVLAgAAAC+ImPt/K8ykIv/+DwAAAFUQc/9vh5nI/wAAAFAaMff/TphJRfK//v8N6f83vnT9f9f/bz8+XP9f/1///8Zbv/5/PPPo/+v/6/9H+v8F6v9f0v+nGIrW/4+5/3fDTCqS/wEAAKAKYu7/QJiJ/A8AAAADodM12drF3H80zET+BwAAgNKIuf9YmElF8r/+/6Bc/1//P6ta///Ptv3L9779zmO79f/1//X/V2Vdr/9f//C7/r/+v/5/ov9foP6/6/9TEEXr/8fcfzzMpCL5HwAAAKog5v7fCzOR/wEAAKA0Yu4/EWYi/wMAAEBpxNw/E2ZSkfyv/6//r/9f0P7/AF//P+4P/f9Wfev/x5Ou/n9Hef8+HUU3tv//3sWeuP7/avv/Yx1v1f/X/x/k7df/1/9nqaL1/2Punw0zqUj+BwAAgCoIuX/oZD4X75D/AQAAoDRi7j8VZiL/AwAAQGnE3P/BMJOK5H/9f/1//X/9f9f/77z+bv3/2ojr/xdV6t//rPFB0f9vU5z+f2f6//r/g7z9+v/6/yxVtP5/zP1zYSYVyf8AAABQBTH3fyjMRP4HAACA0oi5/8NhJvI/AAAAlEbM/afDTCqS//X/9f/1//X/9f87r7+w1//X/+9qrf17/f9A/1//X/9f/1//nz4oWv8/5v4zYSYVyf8AwP+xd2dPltZ3HcdPy0xNT8GFd1rljVVe+idwodf6B3jhjRdaZXkBKiruDO4rioq7IrgnIQsEQkgC2RfIRkJ2SEL2fSEbIaEmRff3+53pPk8/p7vnnO7n+f1erwu+0KE5B2pqZj7T884DAPQgd/91cYv9DwAAAM3I3X993GL/AwAAQDNy9/9i3NLJ/tf/6/+b7f9/TP9/0Ovr//X/LdP/j9P/r6D/1//r//X/rNXU+v/c/b8Ut3Sy/wEAAKAHuft/OW6x/wEAAKAZuftviFvsfwAAAGhG7v5fiVs62f/7+v+txcT6/+xrN9z/58vo/1vq/z3//8DX1//r/1t2sv3/zc99z6f/1//r/4P+/1D9/7mDPl//T4um1v/n7v/VuKWT/Q8AAAA9yN3/a3GL/Q8AAADNyN1/Y9xi/wMAAEAzcvf/etzSyf5f3/P/z+983PP/L9H/6//3f/vQ/+v/9f+b5/n/43rq/2947Orrnrrvh+4/yuvr//X/nv+v/2e9ptb/5+7/jbilk/0PAAAAPcjd/5txi/0PAAAAzcjd/1txi/0PAAAAzcjd/9txSyf7f339/2ae/5/0//r/hf5f/7/v30f/r/8fov8fN/X+/6zn/+v/Z/z+9f/6f5ZNrf/P3f87cUsn+x8AAAB6kLv/d+MW+x8AAACakbv/prjF/gcAAIBm5O6/ELd0sv/1/5vv/5/V/+v/4+r/9f/6/83T/4+bev+/zuf/H+f19f/6f/2//p/1mlr/n7v/5rilk/0PAAAAPcjd/3txi/0PAAAAzcjd//txi/0PAAAAzcjd/wdxSyf7X//v+f/6f/2//n/49fX/86T/H6f/X0H/f6X9/Fn9v/5f/8/ljtj/PzPy3fZa+v/c/X8Yt3Sy/wEAAKAHufv/KG6x/wEAAKAZufv/OG6x/wEAAKAZufv/JG7pZP/r//X/+n/9/7H7/+Vvejv0/8P0/yfjmP39D+af6P/Dpvv/rTODH+62/39694020P97/r/+X//PHlN7/n/u/j+NWzrZ/wAAANCD3P1/FreM7P8j/2I+AAAAcKpy9/953OLr/wAAADB7WZ3l7v+LuKWT/a//1//r//X/nv8//Ppj/f/9l70//f+0eP7/uMn0/wfotv9fXHq/+v/5vn/9v/6fZVPr/3P3/2Xc0sn+BwAAgB7k7r8lbrH/AQAAoBm5+/8qbrH/AQAAoBm5+/86bulk/w/3/5f+d/3/4ej/975//f/wt4919f/5T9T/j/b/P+75/33S/487+f7/nP5/7z9f/79Bp/3+G+//z6/6fP0/Q6bW/+fuvzVu6WT/AwAAQA9y9/9N3GL/AwAAQDNy9/9t3GL/AwAAQDNy9/9d3NLJ/vf8f/2//n9+/f/+5/8n/f+uk3j+/+LE+/8z+v9D0v+P8/z/FfT/+n/9v+f/s1ZT6/9z998Wt3Sy/wEAAKAHtz292Nn9f79Y2P8AAAAwR5f/3oH9v6E05O7/h7jF/gcAAIBm5O7/x7ilk/2v/9f/6//n3/97/n8P/b/n/x+W/n+c/n8F/f8m+vkzjfX/tx/0+VPo/2/S/zMxe/r/By99/LT6/9z9/xS3dLL/AQAAoAe5+/85brH/AQAAoBm5+/8lbrH/AQAAoBm5+/81bulk/2+8/z9/8Gvr//X/+n/9v/5f/79u+v9x+v8V9P+e/+/5//p/1mpP/3+Z0+r/c/f/W9zSyf4HAACAHuTu//e4xf4HAACAZuTuvz1usf8BAACgGbn7/yNu6WT/e/6//l//r//X/w+/vv5/nvT/4/T/K+j/9f/6f/0/azW1/j93/x1xSyf7HwAAAHqQu//OuMX+BwAAgGbk7v/PuMX+BwAAgGbk7v+vuKWT/a//32z/nx/X/+v/F/p//b/+/0R02/9vDf1ItOyA/v+Rn7/wk3s/ov/X/+v/9f/6f9ZgEv3/xUs/u8zd/99xSyf7HwAAAHqQu/9/4hb7HwAAAJqRu/9/4xb7HwAAAJqRu///4pYj7v/vX+u7Ojn6f8//1//r//X/w6+v/5+n2fX/Z/f+pef/6//1//N9//p//T/LJtH/X/bXufv/P27x9X8AAABoRu7+58Ut9j8AAAA0I3f/8+MW+x8AAACakbv/BXFLJ/tf/6//1//r//X/w69/3P5/ezFM/38yZtf/76P/1//r/+f7/vX/+n+WTa3/z91/V9zSyf4HAACAHuTuf2HcYv8DAABAM3L3vyhusf8BAACgGbn7Xxy3dLL/9f/6f/2//l//P/z6nv8/T/r/cfr/xWJx98gbGOr/L57T/zfc/2+v8f3r//X/LJta/5+7/yVxSyf7HwAAAHqQu//uuMX+BwAAgGbk7r8nbrH/AQAAoBm5+18at3Sy//X/+n/9v/5f/z/8+vr/edL/j9P/r+D5/931/+t8//p//T/Lptb/5+6/N27pZP8DAABAD3L33xe32P8AAADQjNz9L4tb7H8AAABoRu7+++OWTva//l//r//X/2+k/7+g/99P/38yNtf/L/T/+n/9/wr6f/2//p/9Tqr/fya+v1/V/+fuf3nc0sn+BwAAgB7k7n8gbrH/AQAAoBm5+18Rt9j/AAAA0Izc/a+MWzrZ//p//b/+X//v+f/Dr6//nyfP/x+n/19B/6//1//r/1mrk+r/D+r99/917v5XxS2d7H8AAADoQe7+B+MW+x8AAACakbv/objF/gcAAIBm5O5/ddzSyf7X/+v/9/b/i4X+X/+v/991Av3/9kL/v3b6/3H6/xX0/232/9+3aKj/P3/g5+v/maKp9f+5+18Tt3Sy/wEAAKAHuftfG7fY/wAAANCM3P2vi1vsfwAAAGhG7v7Xxy0t7f9nD07f5t//n9v3ifr/xWLx+I2e/6//H3l9/f9k+v/6r6r/Xx/9/zj9/wr6/zb7f8//1/9zaqbW/+fuf0Pc0tL+BwAAgM7l7n9j3GL/AwAAQDNy978pbrH/AQAAoBm5+98ct3Sy/+ff/+//RP3/4oqe/6//3/mA/l//r/+frSvt7+/Yjh/T9P/6f/3/YD+/dcDPexaz6/+Xn6Ov/9f/s35T6/9z978lbulk/wMAAEAPcvc/HLfY/wAAANCM3P2PxC32PwAAADQjd/9b45ZO9r/+X/+v/59n/7+t/9f/6/8HHdjfX3O4z1/X8/+vvfYnHtX/6/9b7P/HzKv/X//71//r/1k2tf4/d//b4pZO9j8AAAD0IHf/2+MW+x8AAACakbv/HXGL/Q8AAADNyN3/zrilk/2/3P+fXewWqruG+v9o1PT/l9H/733/+v/hbx+e/6//1/9v3pU+f39d/b/n/x/v/ev/9f9zfv9H6v9/ePnz9f+0aGr9f+7+R+OWkeF38FsCAAAApih3/7vilk6+/g8AAAA9yN3/7rjF/gcAAIBm5O5/LG7pZP97/r/+X/+v/9f/D7++/n+e9P/j9P8r6P/1/57/f/3PXqX/Z32m1v/n7n9P3LIz/H7kmmP+awIAAAATkrv/vXFLJ1//BwAAgB7k7n9f3GL/AwAAQDNy978/bulk/+v/9f/6f/2//n/49fX/86T/H6f/X6Gf/n976IOn3c9fqdN+/830/57/zxpNrf/P3f+BuKWT/Q8AAAA9yN3/wbjF/gcAAIBm5O7/UNxi/wMAAEAzcvc/Hrd0sv/1//r/9vv/n9H/73t9/b/+v2X6//wRfZj+f4V++v9Bp93Pz/396//H+v+jf39IG6bW/+fufyJu6WT/AwAAQA9y9384brH/AQAAoBm5+z8St9j/AAAA0Izc/R+NWzrZ//r/vvr/rUWP/b/n/+v/9f89mU//f+eZoY96/r/+X/8/3/ev//f8f5ZNrf/P3f/k1pku9z8AAADM1U/96C88cdi/98mdP24vPha32P8AAADQjNz9H49b7H8AAABoRu7+T8Qtnex//X9f/X+fz//X/+v/9f89mU//P0z/r//X/8/3/ev/9f8sm1r/n7v/k3HLZcNv8P+gBwAAAJiN3P2fils6+fo/AAAA9CB3/6fjlqX9f/GQv6sdAAAAmJrc/Z+JWzr5+r/+f+L9/2JD/X/8ffr/Xfp//f/Q6+v/50n/P+4K+/+LW/p//f8I/b/+X//PflPr/3P3P3Dvosv9DwAAAI3a8ysKn9354/bic3GL/Q8AAADNyN3/+bjF/gcAAIBm5O7/QtzSyf7X/0+8/z/W8//P1595/n/n/f8t24Ovr//X/7dM/z/O8/9X0P/r//X/+n/W6gj9/84g3XT/n7v/i3FLJ/sfAAAAepC7/0txi/0PAAAAzcjd/+W4xf4HAACAZuTu/0rc0sn+1/+fQv9/67nFYqP9/yGe/6//76P/P+D12+n/f+DqCw//9M/dc5f+n0tOsv/Pbwv6f/2//n+X/l//r/9nv6k9/z93/1fjlk72PwAAAPQgd/9TcYv9DwAAAM3I3f+1uOW5/f/Qab0rAAAAYJ1y9389bunk6//6/xaf/z/P/j//W59C/39hfv1/NsW99/+e/6//X+b5/+P0/yvo//X/+n/9P2s1tf4/d/834pZO9j8AAAD0IHf/N+OW3P9bR/6lewAAAGBicvd/K27x9X8AAABoRu7+p+OWTva//l//f9z+/7zn/3v+v/5/h/5/WvT/4/T/K+j/9f/6f/0/azW1/j93/7fjlk72PwAAAPQgd/8zcYv9DwAAAM3I3f+duMX+BwAAgGbk7v9u3NLJ/tf/6/+n8vz/pP+/9Hn6/136f/3/Uej/xx2l/79q4OcF+n/9/xj9v/5f/89+U+v/c/d/LwAA//8apG/O")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000040)=""/63, 0x3f)

2.988296565s ago: executing program 1 (id=997):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x10002)
ioctl$int_in(r0, 0x5452, &(0x7f0000000240)=0x6)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000040)="f8", 0x1}], 0x1}, 0x81)

2.597574027s ago: executing program 2 (id=999):
socket$inet6(0xa, 0x3, 0x7)
socket$inet6(0xa, 0x3, 0x7)
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560aff820fffff5bab00070000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100030c100000000000224e0000", 0x58}], 0x1)

2.209439689s ago: executing program 2 (id=1007):
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000003c0)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac00800020007000200060004000364bc24eab556a705251e618294ffd4938037e786a690001000000e4509c5bbcd72c6c953", 0x55}, {&(0x7f0000001e40)="dceddd02a62da3", 0x7}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)

2.07395479s ago: executing program 1 (id=1009):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SG_EMULATED_HOST(r1, 0x2283, &(0x7f0000000000))

2.07372062s ago: executing program 2 (id=1010):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x0, 0x5586, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx44SsumCJWPBPEEisWPIbWMASdogFiB0SyDMTaNoGSuM4avs80vjMHL8+874jK9KZiRzAU2sh/e2XJE7FsYiYi4iTSeT7SblF3Im4XIx9LiJOR0Tlri0p838lDkfE8Yg4NSle1EzKtz47Oz5z8ec3f/362yOHTnz+1XcHunDgQD0fEf3VYn+jX8SsU8RbZb4x7uaxf2FcxtUdNfpZkd9or+QVNhrb4xp5PN8pxmer68NJvNlrNCex072Z51cHxQmH4852nckH0luNtfy41V7JY3eY5bGzVZx3c6v427Y1HBV1WmW9j/LyMRptxyLf3mwX61m9ncfmYFTmi7pZq705ieMylqeLZtZr5fNYecSL/Bh4qztY30zH7bVhNxukF2v1F2r1S9X6WtZqj9oXqo1+69KFdLHTmwyrjtqN/uVOlnV67Voz6y+li51ms1qvp4tX2ivdxiCt12vna+eqF5fKvbPpa9ffS3utdHESX+kO1kfd3jC9ma2lxSeW0uXa+ReX0jP19J1rN9Ibb1+9eu3Gux9cef/6y9feeLUcdN+00sXlc8vL1fq56nJ96Sla/8flpP/D+pMHp3/4fm+XDQq7fMEA2N19/X/c2/+H/h+Yur30//3b5fH+9P/xMP1/TLP/n7RU+v9/738rB9D/zof+fx/XD3vyaP3/4anPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftx/ovX852F4vhEmf9fmXqmPE4iohIRfzzAXBzeUXOurDO/y/j5e+bwTRJ5hck5jpTb8Yi4XG6//3+/rwIAAAA8ub68c/rTolsvXhYOekLMUnHTpnLywynVSyJifuGnKVWrTF6enVKx/Pt9KDanVC2/gXV0SsWKW26HplXtocztCEfvCkkRKjOdDgAAMBM7O4HZdiEAAADM0if/+O5LM5sHM5bE9qPM7WfB+X/e//1A8NiO9wAAAIDHUHLQEwAAAAD2Xd7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7JzP7lpA1EcgJ8Nhv5VUdV9r9IdHKNH6LLLwgF6CY5Ar9ALcAYiZZEjRBBhT5CcgBSJMU7Q90m2M+Po5xlg88bSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLA/7ygQAmEQBnvXdyZz/8NKg4bGJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxb799EZRhgEAf3anu1DUWKtpYtVgwkEvUhYEuRqjaTz4EUyassXqIgo9CGnEXryZnrkYPRpjoqm3fgfONOGCNw491MSTh5r5V2bbFRqUmUJ/v+Td99nZ4f23E9Jn3lkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKm+/Gq+0iTtKXiTwuj93eWp5P641ddWp99c50WtK4VfO4nwCvVd8cn2puIAAAABweSZnfR8TdztpsWrcnsvy/U56T5vw/PJfHZT6/O+/f2Fo+Wnw0Xeb/v/9276WdjiaSrJ+00YXFQf/U3qGMPaYpHnjPP/SMsWzls3svSfaFtD9ceXGzk61n67tbt97vZuGROkYLADyKk2VdBOXfQ2nda3JgABwaY5XEu8z/k4lmxwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQh82VeKaMWxExPXY/Tm1sLc+Pqr9ZvTO9XpRzN2+uVttMm+hExMLioH+qxrkcXOVqXv9sbjDoX7l6re7geESM+OjG/v55Ugz/X8/pRsTQkRMvj2jn4330taudPUFxeUa9aziezu+hJ7eGjrT2LPh727kmLoC6gnbx/TyOLsZr/96Hg/La+/9brvm/IwAAnnqdoqSZ6N3O2mx6rDUZsf3jcP7/RiWOobx/+0Z+JH+/Xsn/731y7na1r2r+36tpfk+CmaVLX8xcvXb9rcVLcxf7F/ufv326907vzPmzZ8/PZPdKZhai7Y4JAAAA/0G3KNX8vz25d///WCWOB+z/51vCef7/5fe9r6t9JfL/ke5v+jU9EgAAgMOouxO98Ppff7ZGnNHqduOruaWlK738def96fy11uE+oiNFqeb/yWTTowIAAADqsLnSGtr/v1CJ4wH7/9Xn/5/96ZVfqm0mETEecTki+ifnLw8u1DedA62OHypnHXWbnikAAABNGS9Kdf+/kz3/39555KEdEW+eiPi7+A1/7DP/Tz749udqX9Xn/8/UOsuDpz2Vr0dWT0WMTTU9IgAAAJ5mR4uSJvt/dNZmP/312Eddz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2fAAAA//+FVSwP")
creat(&(0x7f0000000000)='./file0\x00', 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)='./file0\x00')

1.90162236s ago: executing program 1 (id=1013):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@newsa={0x144, 0x10, 0x633, 0x0, 0x0, {{@in6=@private2, @in6=@dev={0xfe, 0x80, '\x00', 0xfd}}, {@in6=@loopback, 0xfffffffd, 0x32}, @in=@local, {}, {0x0, 0x0, 0x0, 0x5}, {}, 0x2, 0x0, 0x2, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @mark={0xc, 0x15, {0x350759, 0xc}}]}, 0x144}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='8'], 0x138}}, 0x0)

1.901437861s ago: executing program 4 (id=1014):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000400)=0xa4, 0x4)
syz_emit_ethernet(0x6e, &(0x7f0000000d80)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "828bf7", 0x38, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x3a, 0x0, @private1, @private2, [], "1e520b4c951ee12e"}}}}}}}, 0x0)
recvmmsg(r0, &(0x7f0000002780)=[{{0x0, 0xfffffffffffffde1, 0x0}}], 0x1, 0x2140, 0x0)

1.854633161s ago: executing program 1 (id=1015):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000005440), 0x26, 0x773, &(0x7f0000000fc0)="$eJzs3M9rHOUbAPBnptmkP/L9bgTBHwcRWmihdJM0l/bUePFWKBS81rDZhJBJNmQ3tRsLpp6F2lwUBFHPHr0Kpf4B3qSg4F0QrfEgXlZms9nSNJtumzYb0s8Hpvu+7/x4nqc7eXcHdiaAl9bb+T9JxHBEXImIYns8jYjBVutoxNrmdhsPbsZARDmJZvPqH0m+W2w0i51jJe3XE9HaJV6PiHuFiLMfPx631lidn8qyynK7P1pfWBqtNVbPzS1MzVZmK4vjExfHLkxMXBibeGINr/VY66n3Lh678+O76+s/fVe//dbAuSQmW3XHZm3lHg+zi8HHRjb/TwoxuW18ce/BDpSk3wkAANCT/Hv+kYj8e30UohhHWi0AAADgMGkONQEAAIBDL4l+ZwAAAAC8WFu/A9h4cLO8tezn7w9+fyciRnaKP9C6hzjiaBQi4vhG8sidCcnmbrAna7ci4u7k9vPvm/wMW9vjsce29R+9R/rxe8XZf3fz+Wdyp/kn7cw/scP8M7D17IQ96j7/PYx/pMv8d6XHGN9/+Uaha/xbEW8O7BQ/6cRPusR/v8f4t9c/udNtXfPriNNbnz/tP5C1ToSHsXZ5PsTkzFy26+MH7v175v5u9R/f8fMvaafQvf6lHuv/cOOv+W5zSR7/zMnd3/+d4ufnxKftPNKIuNN+zfvr22KcXPj5h93qn45odnn/h7a226n+r3qs/9dvh270uCkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0pBExHEla6rTTtFSKOBERr8bxNKvW6mdnqiuL0/m6iJEopDNzWWUsIoqb/STvj7faD/vnt/UnIuKVX45tBp3LKqVyNZvud/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0nIiI4UjSUkSkEfF3MU1LpYiBHvYd2of8AAAAgOdkpN8JAAAAAC+c638AAAA4/J71+j95znkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAh9qVy5fzpbnx4GY5709fb6zMV6+fm67U5ksLK+VSubq8VJqtVmezSqlcXXjS8bJqdWn8YqzcGK1XavXRWmP12kJ1ZbF+bW5harZyrVLYl6oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4WsOtJUlLEZG22mlaKkX8LyJGopDMzGWVsYj4f0TcLxaG8v54v5MGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADguas1VuensqyyfGAag+3MDko+h6ExeDDS0Og0PjrwZ3ifJyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPqi1lidn8qyynKt35kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQX+lvSUTky+niqeHtaweTf4qt14j44Iurn92YqteXx/PxPzvj9c/b4+f7kT8AAAC8FC49zcZb1+lb1/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC9qjVW56eyrLK8t8alaKw2ky7b9LtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg2fwXAAD//22UvJw=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x121200, 0x21)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x8004587d, &(0x7f0000000140)={0x1, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
lgetxattr(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280)=@known='trusted.overlay.upper\x00', 0x0, 0x0)

1.785994561s ago: executing program 4 (id=1017):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48}, {0x6}]}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000140)={@multicast, @random="43ef452f40e7", @void, {@ipv6={0x86dd, @dccp_packet={0x0, 0x6, "418dda", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "ed5a22", 0x0, "a900"}}}}}}}, 0x0)

1.649880532s ago: executing program 4 (id=1018):
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r0, &(0x7f0000000000), 0x100000008)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40044581, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)

1.608523502s ago: executing program 0 (id=1019):
syz_mount_image$nilfs2(&(0x7f0000000180), &(0x7f0000000a80)='./file1\x00', 0x441c, &(0x7f0000000240)={[{@nodiscard}, {@order_strict}, {@order_relaxed}, {@norecovery}, {@discard}, {}, {@errors_continue}, {@nobarrier}, {@nobarrier}]}, 0x1, 0xaab, &(0x7f0000002000)="$eJzs3V2IXFcBAOBzZ3c22WRrpjW12/9oldaf7nbTRFtjm5QGRIQQEBFaX0KaxpBtFFOKCQXTPogvpYXQPPmQii++tKhI2xcJfZAitIgoBZ9q8DVCwYcitCM7c87s7NkZ7kz2Z2Z2vg/OnDn33Lnn3Jk7d+7ce885ARhblcbjvn3bQwivvn3x8J2vvfvy0pSDrTlqjcfJtlQ1hFDE9GS2vA8nmvEnHz1/vFNchL2Nx5QOR661XrszhHAh7AlXQi289OSlyQ/ePPL+6+H0c0cPv/fWxqz9smKjCwAAgCFw9MqBfTf/66+33/i/N+46FLa1pqfj81pMz8Tj/kPxQDkdL1fCynTRFtpNZfNNxlDJ5pvoMF97OdVsvsku5U9ly612mW9bSfkTbdM6rTeMsrQd10JRmVuRrlTm5pr/yUPjf/1UMXfm1OLTZwdUUWDd/ffuEMIeoe9wcQjqIAhrDPVdg94DATTl1wtXubC+V+paS5vsrfxrj1U6v75NdV1ryFjY3ow2e/vPDX35G3ylftjX/zcvuFOB9bMFt6a/39C2Xul7NBPT+XWE/P6lfr//aXn59YhejwG6XUcYlesL3eo5scn1uF7d6p9vF1vVIzFO78OjWX78HjQup+Wf6ah8xkBnHzv/LwjrEm4tBl+HfkN90DsgYGjl983Vo5Sf39eX528ryd9ekj9dkr+jJH9nST6Msz88+3J4pVg+35X/p+/3fNhMtojP9Fmf/Hxkv+Xn9/32a63l5/cTw1Db+edLDz31xN+a9/8Xre3/07i974npWvxuXYkzpPOF+Xn11r3/tZXFVLrMd1NWnRs6zN94vnvlfMXu5eWEtv1Ma/lFPIM7m17RTO/qVt87Vi6/ls03HcP2rL758cmO7HXp+CPtFGdW1GZ5favZekxl9Uj7lRtjnNcDrkfaHlfe/7+09TXu/29dxpoN1eLpU4snHojptJ2+O1HdtjR9YbMrDqxZ/J0qsvSq9j+zYWX7n5nW9Gqlfb+wa3l60b5fqGXT93aZ/mBMp9+5H01MN6bPHf/x4lPrueJAOHvu/Olji4snfrqBT65Ob15ZI/dk6Y9A56xwIYRz509PhmGpqidb/0naLxxbHOBOCdgU888+85P5s+fO33/qmWMnT5w8cWZh/8JDD+9fWPj6w/ON4/r59qP7rXi7MIyv5V//QdcEAAAAAAAAAAAA6NXJq/OX//HON/7ZbP+/3P4vtf9Pd/6m9v+/zNr/Z838WzcIp3aAqR3fqvb2WQerU9l81Rg+my1/d1bOzdnrPhfj1jh+sf1/Ki7v1zXV55Zset5/b5pvNpue95cylfVBUoRf7Giv3xdi/GKMfx1ggIrpzpNjXNa/ddrWU/8Uq/ql+P6o9GQ93tLnlraG1I9Jav+d2nun/kpS/w9p/3/jJtSR9bcZ7QoHvY5AZ//Zyv1/p4OYQddDGEho9PM6BPUY5lCvG8UDGA6DHv8znfdM8Zk/fWf7UkizXXts5f4y778U1mLYx59U/sDH/1zX4YVbZ2d73v9l53PzC0A9OvDid//dVmy4rdfy8/FPUz/Qu/sr/1ux/LQ294beyq+/lpWfXxDq0SNZ+Tt6LH/V+t9xfeU/GstPb9t99/RafrPGRWVlPfLzxun6Xzpv/IOs/IPZ+qe+Pfte/+scqPFQLB/G2Va9Ojcq4/92k9+HsT+m044w3eeQj3fSb/3T/RXpd+DmbPlFye/bFhz/t/7zev1X4zKOyzdjXPZ9mImfadoeax3SlbZ0tcN7u1X3NTCqPtzK1/+E0Q/TQ1CHtYfmz2r7tPRjuPl1eaE9Xa/XB9qnrw6FB2vQ7/+g/ycMuvxBv/9l8vF/82P4fPzfPD8f//d7WX4+/m/++nx8vTw/H/83fz/z8X/z/Fuy5ebjA8+W5N9akn9bSf7tJfl3lOTfWZL/+ZL8u0ry7y7Jv6kk/56S/C92zm+dPvlS99d/3L6obsu/r6T8L5fkb3WpPcq4rj+Ms7x9nu8/jI90/afb9393ST4wui69sfD4E7//Ya3Z/n+qdT4kXcc7FNPV+N/5ZzGdX/cObemlvHdi+mqWP+znO2Cc5P1n5L/v95bkA6Mr3efl+w1jqFjVY09zcozL+q3qdpzPaPlKjL8a46/F+P4Yz8V4PsYLMd67SfVjYzz+uz8eeKVY/r+/K8vv9X7yvD1Q3k/Ugz3WJz8/0O/97Hk/fv1aa/nX2RwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgYCqNx337ZosQXn374uHLf/n2b5emHGzNUWs8Tralqq3XhfBAjCdifDk++eSj54+3x5/GuAh7QxGK1vRw5FqrpJ0hhAthT7gSauGlJy9NfvDmkfdfD6efO3r4vbc27h1oKja6AAAAABig/wcAAP//6SINBg==")
syz_io_uring_setup(0x1a91, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x18, 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x0)

1.401849954s ago: executing program 1 (id=1020):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000300)={[{@noinline_xattr}, {@four_active_logs}, {@four_active_logs}, {@jqfmt_vfsv1}, {@noinline_data}, {@user_xattr}, {@checkpoint_diasble}, {@fastboot}, {@fsync_mode_strict}, {@discard_unit_section}]}, 0x21, 0x552d, &(0x7f000000abc0)="$eJzs3EtvG1UUAODjpOmbEiEW7DqoQkqk2qrTh2BXoBUP0aoqsGAFju1abmxPFDtOyIoFS8SCf4JAYsWS38CCNTvEAsQOCeS5E2gKlZDixKT5Pml85t65c+beURTpzFgO4NhazH77pRIX4kxEzEfE+Yhiv1JuhZspvBARFyNi7pGtUvb/1XEyIs5GxIVJ8pSzUh764vL40vWf3/712+9PnTj35Tc/zG7VwKy9FBH99bS/1U8x76T4sOxvjLtF7F8blzEd6K+V7TzFrfZqkWGrsTuuUcSrnTQ+X98cTuKDXqM5iZ3ug6J/fZAuOBx3dvMUJzxsbBTtVnu1iN1hXsTOTprX9k7637YzHKU8rTLfx0X6GI12Y+pvb7fTetbXitgcjMr+lDdvtbcncVzG8nLRzHutYh6r+7nT/2svvtMdbG5n4/bGsJsPsuu1+su1+o1qfSNvtUfta9VGv3XjWrbU6U2GVUftRv9mJ887vXatmfeXs6VOs1mt17OlW+3VbmOQ1eu1q7Ur1evL5d7l7I2772e9VrY0ia91B5ujbm+YPcg3snTGcrZSu/rKcnapnr1751527/7t23fuvffhrQ/uvnrnrdfLQf+YVra0cmVlpVq/Ul2pL+/vBhyp9X9aTnqK64d9qcx6AgBHj/ofmIWDq/837kccfP0f6v+pOFL173Gv/w9g/bAv6n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGPrx4Wv3ix2FlP7XNn/TNn1XNmuRMRcRPzxL+bj5J6c82WehSeMX3hsDt9VosgwucapcjsbETfL7fdnD/ouAAAAwNPr608ufp6q9fSxOOsJcZjSQ5u58x9NKV8lIhYWf5pStrnJx/NTSlb8fZ+I7SllKx5gnZ5SsvTI7cS0sv0n83vC6UdCJYW5x8+Y2moBAICZ2VsJHG4VAgAAwGH67IlH1g51HhyySuy+ytx9F1x88/7vl31nUturPwAAADi6KrOeAAAAAHDgivrf7/8BAADA0y39/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+ycy+5aQNxHID/NrjQl4qq7nuV7uAYPUKXXVYcoJfgCOQKuQBnILscIYIIj4NCRB7EY6xE3yfZgy3zmxkei5mRBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLV9VydvHv5/+2OZttO3l6AwAAAByzrpaz+sUkXX9u7n9tbn1vrouIKCPi2Nh9EB8OMgdNTvXI89WDNlxG1Am7OkbN8SkifqVjG9+6/hQAAADgXRruTqv5YppG6+k06btVtHbCd5gmbcovvzNVXURENbnOlFbu8n5kCqt/38P4mymtnsAaZwpLU27DXGkvUv/d97N243tFkYry6fdn6zsAAHBGg4PivKMQAAAAzulP3w2gCx+ffaKIu6XM/VLgKBXjgwiLfQAAAPB2FX03AAAAAOhcPf4/Zf+/6Gf/v7ix/x8AAAC8Wtr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC6tq+VsNV9M2+Zstu3k6Q0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADALfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7Ny/b9xUHADwZ/t8/QGII6AbghBIDLDQ67W0dEMMoIiBPwEpSq8l9MqPNgOtKqQsbChzFwQjQkigsPUfYOqG1EpdytbhhiKxsByyz845TSUuRLEvyecjPb/vOY7f99lSlK+fEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDR6bxon2aYzieNi373Ht1ay/v4TfebOxoPFrGVxVGfSB8Mr1Q9Rt7lEAAAAODqSsr4PITxMN5eyPu7k9X9aHpPV/N8/N4nLev7Jur/sy9o/a7/9+uilrYE6k3Gyk15aHQ5O70yltX+znG/P/+cRrfzK589ekvyGxB+uvzhK8+sZfXv37vvtPDxWR7YAwP9xquyLoPx9KOv7TSYGwJHRqhTeZf2fdJrNCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAOo/XwTBlHIYTF1jTO3H98a+Vp/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8GkJoavR3i+lf+XiGg0No5PrsV/DPeDze1Xcdbz7nPQVxcbPnJZ+DETT4QwkAgEMpLVpW1z9MN5eyfdFCCOMfttf/b1TiMGP9/+iT8/eqY1Xr/35tM5x/vbWrX/Su37j51urV5cuDy4PP3j7Tf6d/9sK5cxd6+bOSnicmAAAA7E27aNX6P17Yuf5/shKHGev/L7/rfz0d6Y98q/7fabro13QmAAAAR9sLr/39V/SU/VG7Hb5aXlu71p9stz6fmWwbSHXXjhWtWv8nC01nBQAAANRhtB5tW/+/WInDjOv/z/748s/VcyYhhBPF+v+plc+HF+ubzlyr48+Jm54jAAAAzTpRtOr6f5q//x9vvfIQhxDefH0SF/8GcKb6P/ngm5+qYyWV9//P1jfFuRR3J9cj77shtLrbvvx7Y4kBAABwKB0vWlbs/5luLn36y8mP2t7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjbvwEAAP//E41CoA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
lsetxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100), 0x0, 0x0, 0x0)

1.401500073s ago: executing program 4 (id=1021):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1307000000000000000001000000180001801400020076657468315f746f5f687372000000001c0002800c00018004000100080000000c000180"], 0x48}}, 0x0)

1.193890124s ago: executing program 4 (id=1022):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="0a001800030303030308000008000d004000000008000c0064"], 0x38}}, 0x0)

1.128528555s ago: executing program 4 (id=1023):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000406a0516000000000000010902"], 0x0)
ioctl$EVIOCRMFF(r0, 0x40085503, &(0x7f0000000080))

1.002452256s ago: executing program 0 (id=1024):
io_uring_setup(0x1698, &(0x7f0000000140)={0x0, 0x3, 0x0, 0xfffffffc, 0x4})
ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x1, 0x1, 0x0, 0x0, 0x0, 0x0, "5debca561a5fbf61048955f6f876b2ff"})
r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r0, r0, r0}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha1-ssse3\x00'}})

789.942787ms ago: executing program 0 (id=1025):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}]}, &(0x7f0000000040)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x25, &(0x7f0000000780)={r1, @in={{0x2, 0x0, @empty}}, 0x2}, 0x90)

719.825467ms ago: executing program 0 (id=1026):
syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000180)='./file1\x00', 0x10, &(0x7f0000000040)={[{@norecovery}, {@norecovery}, {@nodiscard}, {@order_strict}, {@nodiscard}]}, 0xf, 0xd99, &(0x7f0000001c40)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==")
truncate(&(0x7f0000000280)='./file1\x00', 0x1fefff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
write$cgroup_pid(r0, &(0x7f00000001c0), 0x12)

549.917617ms ago: executing program 2 (id=1028):
r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
io_setup(0x3fe, &(0x7f0000000100)=<r1=>0x0)
io_getevents(r1, 0x1, 0x3, &(0x7f0000004600)=[{}, {}, {}], 0x0)
io_submit(r1, 0x1, &(0x7f0000000000)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}])

530.202978ms ago: executing program 3 (id=1029):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="600000000206010100000000000000000000000005000100070000000900020073797a30000000001400078005001500f0ffffff080012400000000011000300686173683a69702c6d61726b000000000500050002000000050004"], 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)={0x28, 0x4, 0x6, 0x301, 0x0, 0x0, {0xa, 0x0, 0x8}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x40000)

460.313568ms ago: executing program 3 (id=1030):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a0009", 0x1b}], 0x1}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x1bc, 0x1b4, 0x0, 0x148, 0x1b4, 0x148, 0x248, 0x240, 0x240, 0x248, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x70, 0x94}, @common=@inet=@SYNPROXY={0x24}}, {{@uncond, 0x0, 0x70, 0x94}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x218)

321.876189ms ago: executing program 3 (id=1031):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x8004, 0xa, 0x0, 0x3}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000004}, 0x4000000)

321.606329ms ago: executing program 0 (id=1032):
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='nodots,allow_utime=000000000034,usefree,check=strict,dots,\x00'/70], 0x1, 0x1e9, &(0x7f00000002c0)="$eJzs2k1rVFcYB/Bz05SkCXkppS3Jpoe2i3ZzabIsXSSUBEoHFM0IKkhuyESHGWfC3FnMiItZu/IjuBaX7gTJF8h3cOEuCNFVVl7R0bwRFyrJCPn9NvOHPwPn4cDhWdydf+7frm3k6UbWDkNJEoYWQi/sJWE6DIUPeuHP3/9+ee/y1Wv/L5ZKS5diXF5cmZuPMU7+8vT63Ue/brXHrzyefDIStqdv7OzOP9/+aXtm5/XKrWoeq3lsNNsxi2vNZjtbq1fiejWvpTFerFeyvBKrjbzSOtJv1Jubm92YNdYnxjZblTyPWaMba5VubDdju9WN2c2s2ohpmsaJscCXKD/cK4qwW3y7Goqi+O5BGN8KE8/CVEi+j8kPC8mPq8nPvWRmtyimBn1UToX7P98OPeqjIbzodcqdcv+33y//V1r6K74zffCvV51O+Zv9fq7fx6P9SBh738+f2I+GP37r92+7fy+UjvWzYf30xwcAOHfSuO/E/S5NP9b306H98Nj+Nhxmh89sDD5T3r1Ty+r1SksQBGE/DPpl4iwcXPqgTwIAAAAAAAAAAMCnOIvPCQc9IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HV7EwAA///n0Xgk")
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={0xffffffffffffffff, 0x0, 0x1, 0x0, &(0x7f0000000100)='\\', 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))

296.286339ms ago: executing program 3 (id=1033):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x42002, 0x180)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000a50000002a00000095"], &(0x7f0000000b40)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
write$cgroup_int(r0, &(0x7f00000001c0)=0x700, 0x12)

108.48871ms ago: executing program 3 (id=1034):
mq_notify(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x8000, 0x0, @thr={0x0, 0x0}})
r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
r1 = add_key$user(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x3}, &(0x7f00000002c0)="545faca154dbb9931d1a8c2ebc82517a75431c83e1ddb2137a62135256ced3470ba3a29a4db596cf1eb52f06bc45989291310c32a5c0cbf45420c99544eea969fe", 0x41, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000280)={r0, r0, r1}, &(0x7f0000000340)=""/84, 0x54, 0x0)

17.816111ms ago: executing program 1 (id=1035):
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev}, @echo}}}}, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x11, @empty, 0x0, 0x0, 'none\x00'}, 0x2c)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @dev}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @multicast1, @empty}}}}}}, 0x0)

17.538941ms ago: executing program 0 (id=1036):
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000a80)='./file0\x00', 0x14, &(0x7f0000000040)=ANY=[], 0x5, 0xeba, &(0x7f0000002a80)="$eJzs3U9sHFcZAPA367WdxG68bgt1W5qElpI2gBOcHMotlSKQqqrqhXurNE4i3BKRcmiVKC6nIHEoinop4lDU3JDCAYlWSChCQuJPD5w5IbiAUJAi5UKk2MjOe+v1c6a7Htuztvf3kz4/v3nj+b6xI2feePZtAAZWY/njiRNTRQgffHrt1HeuLPxmadvB9h6Hlj8WsdcKIQx39IvseH+PG+7dvnR6qV3I2iLMLH9M4+GVW+2vHQshzIdD4WZohYNHWneuDr08e/3Dzw5fvvDSuS06fQAAGCg3/jz3t+f/9aevT969ceBkGG1vT9fnrdgfi9f9x+L1fbrub4TV/aIjOo1k+w3FaGT7DWX7NbM8zZJ8w9lxhkv2G+mSb6hj24POEwAAAHaiNK9thaIxvarfaExP35/3d0yn52Yv9qNKAAAAYCPuXFl+6FYIIYQQQgghhNiaaG6DGkRYnOj3HQgAAABg0KR1B9rrg+Xm85UFNqZ9tFZv+W+92Hjw18MmqPvfv/w7K//H7/mNAwBAdbv1ajKdV7qOjusYrFlHcCj7uvVe/zey4zQ7B1snu9ZZtq7gTllvsKzO/Pu6XZXV36y5jqrK6s/Xw9yuyurP1+ncrsrqH625jqrK6t9Tcx1VldW/t+Y6qiqrf1/NdVRVVv9YzXVUVVb/eM11VFVW/0M111FVWf37a66jqrL6d8pjtWX1t2quo6qy+idrrqOqsvofrrmOqsrqf6TmOqoqq//Rmuvol6dim74PB7LxzvlzPqfbKXM8AAAAGHT/s/6fEEIIIYQQQgix6+NKv29AAAAAAH2XXheQXvW+GKXxoS7jzS7jw13GR7qMj3YZBwAAAEL47dXZx98vVl7nv9H18NK6UWn9pfWuY5SvR7je/Btd92yj+XfKumUAAAAMluLbNxeOnPro7cm7Nw6c7Jj9LsT5bloHtBnvDXwS++m5gPGsX6Q5dLb0faNkv/z+wENlx3t1gycKAAAAAyzN31uhaEx3zLtbodGYnl6Zj0+F4WL2/NyZY7Gf3p/ljxPDo0vbv1lz3QAAAEDvVub7D57/p/fxnQojxfRb5+dmL97vj7e3Dzc67wtMrGwvOu8LtLLtMyXbj8d+ev/OcxN7l7dPn/7+3BubffIAAAAwIC6+8+73Xp+bO/MDn/jEJz5pf9Lv30wAAMBmu/7Pa3/54fHx391//f/K+nfp9f+HYr8V1/b7a9whPSeQXgew5vX6r63OM1G234XV+7Wy/YZijGZ17+k4TuhYbzB93WRZvtbq44yU5BvL8o1n+fJ1CprZ/inf/mx7vj5h2m8i256vw9jMchRZ/qcDAAAAlDv69psXjl58591vnH/z9bNnzp556/ixmW/NvDAzc2Lm6PJz/Uc7n+4HAAAAdqKVh377XQkAAAAAAAAAAAAAAAAAAAAMrjreTqzf5wgAAACD7r9XQgjzQgghhBBCCCGE2M2xuJi/0zwAAADA1rp3+9LpznaN+WJT87WP1rrfLMS8qf3Dsz9/dinSbrdeXH2/ZN+mVsOgq/vfv/w7K//H721u/j3pk55//zVWH+Bktbxf/em/n+vM/0Szx/z5+b9aLf/hLP/h0Fv+xY+y/K9Vy/9cln9fj/nXnP+Favmfj/mnUj3P9Jp/9c9/NLbpPPb2mP9Idv5vhF7zZ+ff6jFh5msxPwAMoka/C9gi6SohXUePxX4633i5GfKnH9Z7/d/IjtPccOWrj5uugx6L/XS9NJ7lTdZb/1hW9EMV68ztlKdKyurfrJ/jViurf7jmOqoqq3+k5jqqKqt/tOY6qiqrf0/NdVRVVn+v89B+K6t/p9xXLqt/rOY6qiqrf7zmOqoqq3+9/4/3S1n9+2uuo6qy+idqrqOqsvor3larXVn9kzXXUVVZ/Q/XXEdVZfU/UnMdVZXV/2jNdfTLk7Etmw+n+edEHEv9VtYffcD3crfeWwAAAICd5j+fu/7faN/XJxBCCCGEEEIIIcTGY3Gx33cg6KetfTUzANuV3/+Dzc9/sPn5DzY/fz5Peoa/yPrJUJfxZpfx4S7jI9l4/u91tMv4I9lxF6M0/miX8S90Gd/fZfyxLuNTXcYf7zL+RJfxJ7uMAwAAMBi+GFvzQwAAANi9Lv/yk5/8+vBrtyfv3jhwMoysWXf+WOyPxr+tX439fN37ZDj+zf9Hsf+L2P4+tv/I9vf8CQAAAGy99D4x/v4PAAAAu1d6n1LzfwAAANi9JmNr/g8AAAC718OxNf8HAACAXazY8+DNsU33BZ6Oba/r+gEA29+XYvtUbA/E9mBsvxzbdB3wTGy/UlN9AMDm+dl3f/zC+8XKev/Hs/F7cXtq15i/f6egaKxeyX9vbPfF9tke68nfD6DX/Mn+HvNsVf6JDeYHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHaPxvLHEyemihA++PTaqYnLp84ubTvY3uPQ8sci9lohhOH216XRlf6v4o73bl86vdQuxHYxtkWYCUUo2uPhlVvtTGMhhPlwKNwMrXDwSOvO1aGXZ69/+NnhyxdeOreF3wIAAADY9f4fAAD//4CaJ+4=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
write$qrtrtun(r0, &(0x7f00000001c0)="bd92", 0x2)

0s ago: executing program 3 (id=1037):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00')
preadv(r1, &(0x7f0000001240)=[{&(0x7f0000000040)=""/18, 0x12}], 0x1, 0x0, 0x5000000)

kernel console output (not intermixed with test programs):

RECT and fast_commit support!
[   75.023255][ T4520] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   75.072030][ T4520] EXT4-fs (loop0): 1 truncate cleaned up
[   75.088204][ T4520] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,errors=remount-ro,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000000001,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000008,. Quota mode: none.
[   75.619171][ T4551] loop0: detected capacity change from 0 to 128
[   75.651411][ T4512] loop4: detected capacity change from 0 to 32768
[   75.701933][ T4551] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   75.765637][ T4551] ext4 filesystem being mounted at /22/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   75.861542][ T4512] XFS (loop4): Mounting V5 Filesystem
[   75.993268][ T4512] XFS (loop4): Ending clean mount
[   76.078033][   T26] audit: type=1800 audit(1731865214.002:12): pid=4512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.105" name="file1" dev="loop4" ino=7430 res=0 errno=0
[   76.128013][ T4176] XFS (loop4): Unmounting Filesystem
[   76.816437][ T4605] binder: 4604:4605 ioctl 400c620e 20000040 returned -22
[   77.040215][ T4615] input: syz0 as /devices/virtual/input/input5
[   77.401331][ T4629] loop1: detected capacity change from 0 to 64
[   77.555700][ T4629] overlayfs: upper fs needs to support d_type.
[   77.579271][ T4612] loop2: detected capacity change from 0 to 32768
[   77.591334][ T4629] overlayfs: upper fs does not support RENAME_WHITEOUT.
[   77.598838][   T23] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   77.608309][ T4629] overlayfs: failed to set xattr on upper
[   77.614712][ T4629] overlayfs: ...falling back to index=off,metacopy=off.
[   77.654610][ T4635] loop4: detected capacity change from 0 to 64
[   77.702032][  T154] attempt to access beyond end of device
[   77.702032][  T154] loop1: rw=1, want=268435470, limit=64
[   77.721600][  T154] Buffer I/O error on dev loop1, logical block 134217734, lost async page write
[   77.770394][ T4175] Trying to free block not in datazone
[   77.782155][ T4635] attempt to access beyond end of device
[   77.782155][ T4635] loop4: rw=0, want=131604, limit=64
[   77.810387][ T4635] Buffer I/O error on dev loop4, logical block 65801, async page read
[   77.830442][ T4635] Trying to free block not in datazone
[   77.837119][ T4635] Trying to free block not in datazone
[   77.847406][   T23] usb 1-1: Using ep0 maxpacket: 32
[   77.963121][   T23] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[   77.983677][   T23] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[   78.029159][   T23] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[   78.051067][   T23] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[   78.092643][   T23] usb 1-1: config 0 interface 0 has no altsetting 0
[   78.225692][ T4654] loop2: detected capacity change from 0 to 128
[   78.288975][   T23] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   78.301918][ T4656] tap0: tun_chr_ioctl cmd 1074025677
[   78.323965][   T23] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   78.328901][ T4656] tap0: linktype set to 825
[   78.332451][   T23] usb 1-1: Product: syz
[   78.332470][   T23] usb 1-1: Manufacturer: syz
[   78.332487][   T23] usb 1-1: SerialNumber: syz
[   78.342510][   T23] usb 1-1: config 0 descriptor??
[   78.412070][   T23] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[   78.436372][   T23] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[   78.510804][ T4665] loop4: detected capacity change from 0 to 128
[   78.561498][ T4665] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   78.584999][ T4665] ext4 filesystem being mounted at /23/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   78.685405][ T4627] ldusb 1-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71
[   78.692893][ T4215] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   78.700516][ T4163] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   78.706055][   T23] usb 1-1: USB disconnect, device number 2
[   78.708396][    C0] ldusb 1-1:0.0: usb_submit_urb failed (-19)
[   78.723612][   T23] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[   78.983001][ T4215] usb 4-1: Using ep0 maxpacket: 32
[   79.055383][ T4658] udc-core: couldn't find an available UDC or it's busy
[   79.067234][ T4658] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   79.117493][ T4671] loop4: detected capacity change from 0 to 40427
[   79.124245][ T4215] usb 4-1: unable to get BOS descriptor or descriptor too short
[   79.132128][ T4163] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[   79.141628][ T4163] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.154086][ T4163] usb 2-1: config 0 descriptor??
[   79.198737][ T4215] usb 4-1: unable to read config index 0 descriptor/start: -71
[   79.210386][ T4163] gspca_main: cpia1-2.14.0 probing 0813:0001
[   79.217146][ T4215] usb 4-1: can't read configurations, error -71
[   79.243595][ T4671] F2FS-fs (loop4): Found nat_bits in checkpoint
[   79.331384][ T4671] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   79.341305][ T4676] loop2: detected capacity change from 0 to 4096
[   79.388451][ T4176] attempt to access beyond end of device
[   79.388451][ T4176] loop4: rw=2049, want=45104, limit=40427
[   79.425677][ T4676] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
[   79.601562][ T4683] loop0: detected capacity change from 0 to 64
[   79.653175][ T4163] cpia1 2-1:0.0: unexpected state after lo power cmd: 00
[   79.694874][ T4686] loop3: detected capacity change from 0 to 256
[   79.744640][ T4686] =======================================================
[   79.744640][ T4686] WARNING: The mand mount option has been deprecated and
[   79.744640][ T4686]          and is ignored by this kernel. Remove the mand
[   79.744640][ T4686]          option from the mount to silence this warning.
[   79.744640][ T4686] =======================================================
[   79.787018][ T4686] exfat: Unknown parameter '18446744073709551615'
[   80.032823][ T4696] loop2: detected capacity change from 0 to 128
[   80.108856][ T4163] gspca_cpia1: usb_control_msg 02, error -71
[   80.114946][ T4700] loop4: detected capacity change from 0 to 256
[   80.136187][ T4694] loop0: detected capacity change from 0 to 4096
[   80.154100][ T4163] gspca_cpia1: usb_control_msg 05, error -71
[   80.162221][ T4163] cpia1 2-1:0.0: unexpected systemstate: 00
[   80.176735][ T4696] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   80.203244][ T4163] usb 2-1: USB disconnect, device number 2
[   80.216679][ T4696] ext4 filesystem being mounted at /41/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   80.290084][ T4700] FAT-fs (loop4): Directory bread(block 64) failed
[   80.297292][ T4700] FAT-fs (loop4): Directory bread(block 65) failed
[   80.304121][ T4700] FAT-fs (loop4): Directory bread(block 66) failed
[   80.310914][ T4700] FAT-fs (loop4): Directory bread(block 67) failed
[   80.317970][ T4700] FAT-fs (loop4): Directory bread(block 68) failed
[   80.327189][ T4700] FAT-fs (loop4): Directory bread(block 69) failed
[   80.333907][ T4700] FAT-fs (loop4): Directory bread(block 70) failed
[   80.340454][ T4700] FAT-fs (loop4): Directory bread(block 71) failed
[   80.347188][ T4700] FAT-fs (loop4): Directory bread(block 72) failed
[   80.353914][ T4700] FAT-fs (loop4): Directory bread(block 73) failed
[   80.402346][ T4694] loop0: detected capacity change from 0 to 256
[   80.476487][ T4694] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[   80.505308][ T4700] attempt to access beyond end of device
[   80.505308][ T4700] loop4: rw=524288, want=1196, limit=256
[   80.526338][ T4700] attempt to access beyond end of device
[   80.526338][ T4700] loop4: rw=0, want=1196, limit=256
[   80.548924][   T26] audit: type=1800 audit(1731865218.472:13): pid=4700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.180" name="cpu.stat" dev="loop4" ino=1048614 res=0 errno=0
[   80.879585][ T4716] loop1: detected capacity change from 0 to 256
[   81.006650][ T4716] FAT-fs (loop1): Directory bread(block 64) failed
[   81.020436][ T4716] FAT-fs (loop1): Directory bread(block 65) failed
[   81.059212][ T4716] FAT-fs (loop1): Directory bread(block 66) failed
[   81.078799][ T4716] FAT-fs (loop1): Directory bread(block 67) failed
[   81.105054][ T4724] loop3: detected capacity change from 0 to 64
[   81.111642][ T4716] FAT-fs (loop1): Directory bread(block 68) failed
[   81.131332][ T4716] FAT-fs (loop1): Directory bread(block 69) failed
[   81.149607][ T4716] FAT-fs (loop1): Directory bread(block 70) failed
[   81.161218][ T4716] FAT-fs (loop1): Directory bread(block 71) failed
[   81.168777][ T4716] FAT-fs (loop1): Directory bread(block 72) failed
[   81.176367][ T4716] FAT-fs (loop1): Directory bread(block 73) failed
[   81.258864][ T4716] attempt to access beyond end of device
[   81.258864][ T4716] loop1: rw=524288, want=1196, limit=256
[   81.282963][ T4215] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   81.294578][ T4716] attempt to access beyond end of device
[   81.294578][ T4716] loop1: rw=0, want=1196, limit=256
[   81.317818][   T26] audit: type=1800 audit(1731865219.242:14): pid=4716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.197" name="cpu.stat" dev="loop1" ino=1048615 res=0 errno=0
[   81.507134][ T1106] cfg80211: failed to load regulatory.db
[   81.573077][ T4215] usb 5-1: Using ep0 maxpacket: 32
[   81.621286][ T4733] loop1: detected capacity change from 0 to 2048
[   81.640220][ T4720] udc-core: couldn't find an available UDC or it's busy
[   81.659531][ T4720] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   81.727076][ T4733] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   81.783178][ T4215] usb 5-1: unable to get BOS descriptor or descriptor too short
[   81.801184][ T4733] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.863248][ T4215] usb 5-1: unable to read config index 0 descriptor/start: -71
[   81.870856][ T4215] usb 5-1: can't read configurations, error -71
[   82.132507][ T4742] loop1: detected capacity change from 0 to 128
[   82.191098][ T4742] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   82.209224][ T4742] ext4 filesystem being mounted at /34/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   82.297603][ T4728] loop0: detected capacity change from 0 to 32768
[   82.535801][ T4762] loop4: detected capacity change from 0 to 4096
[   82.568681][ T4764] loop2: detected capacity change from 0 to 256
[   82.574520][ T4728] XFS (loop0): Mounting V5 Filesystem
[   82.627080][ T4762] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[   82.705232][ T4764] FAT-fs (loop2): Directory bread(block 64) failed
[   82.714632][ T4764] FAT-fs (loop2): Directory bread(block 65) failed
[   82.726060][ T4762] ntfs: (device loop4): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[   82.742306][ T4764] FAT-fs (loop2): Directory bread(block 66) failed
[   82.750931][ T4764] FAT-fs (loop2): Directory bread(block 67) failed
[   82.758078][ T4764] FAT-fs (loop2): Directory bread(block 68) failed
[   82.760900][ T4728] XFS (loop0): Ending clean mount
[   82.765079][ T4764] FAT-fs (loop2): Directory bread(block 69) failed
[   82.776553][ T4762] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing.
[   82.794595][ T4764] FAT-fs (loop2): Directory bread(block 70) failed
[   82.801385][ T4762] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[   82.815360][ T4764] FAT-fs (loop2): Directory bread(block 71) failed
[   82.824534][ T4764] FAT-fs (loop2): Directory bread(block 72) failed
[   82.831452][ T4762] ntfs: (device loop4): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[   82.845722][ T4728] XFS (loop0): Quotacheck needed: Please wait.
[   82.854531][ T4764] FAT-fs (loop2): Directory bread(block 73) failed
[   82.925502][ T4762] ntfs: volume version 3.1.
[   82.950281][ T4728] XFS (loop0): Quotacheck: Done.
[   83.013050][   T23] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   83.074320][ T4764] attempt to access beyond end of device
[   83.074320][ T4764] loop2: rw=524288, want=1196, limit=256
[   83.112050][ T4764] attempt to access beyond end of device
[   83.112050][ T4764] loop2: rw=0, want=1196, limit=256
[   83.176588][ T4172] XFS (loop0): Unmounting Filesystem
[   83.179034][   T26] audit: type=1800 audit(1731865221.092:15): pid=4764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.206" name="cpu.stat" dev="loop2" ino=1048616 res=0 errno=0
[   83.253056][   T23] usb 4-1: Using ep0 maxpacket: 8
[   83.340213][ T4785] loop1: detected capacity change from 0 to 16
[   83.373381][   T23] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[   83.381677][   T23] usb 4-1: config 179 has no interface number 0
[   83.395994][   T23] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[   83.408889][   T23] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[   83.422661][ T4785] MTD: Attempt to mount non-MTD device "/dev/loop1"
[   83.448622][   T23] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[   83.477751][ T4785] cramfs: Error -3 while decompressing!
[   83.479693][   T23] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[   83.512348][   T23] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[   83.513052][ T4785] cramfs: ffffffff969972a8(27)->ffff88805eb38000(4096)
[   83.536070][   T23] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   83.555577][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.562464][ T4785] cramfs: Error -3 while decompressing!
[   83.585891][ T4785] cramfs: ffffffff969972a8(27)->ffff88805eb38000(4096)
[   83.631514][   T26] audit: type=1800 audit(1731865221.542:16): pid=4785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.216" name="file2" dev="loop1" ino=348 res=0 errno=0
[   83.651597][ T4773] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   83.970232][   T23] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input6
[   84.013912][ T4808] netlink: 28 bytes leftover after parsing attributes in process `syz.0.213'.
[   84.074046][ T4808] netlink: 8 bytes leftover after parsing attributes in process `syz.0.213'.
[   84.149489][ T1106] usb 4-1: USB disconnect, device number 4
[   84.162942][    C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[   84.171832][    C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[   84.180522][ T1106] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[   84.322281][ T4815] loop1: detected capacity change from 0 to 2048
[   84.448714][ T4815] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   84.523567][ T4215] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   84.587734][ T4807] loop4: detected capacity change from 0 to 32768
[   84.661621][ T4807] XFS: ikeep mount option is deprecated.
[   84.680598][ T4807] XFS: ikeep mount option is deprecated.
[   84.783797][ T4215] usb 1-1: Using ep0 maxpacket: 8
[   84.792037][ T4807] XFS (loop4): Mounting V5 Filesystem
[   84.922094][ T4809] loop2: detected capacity change from 0 to 40427
[   84.933116][ T4215] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   84.943386][ T4215] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   84.954020][ T4215] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   84.964563][ T4215] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   84.978392][ T4215] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   84.987782][ T4215] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.031984][ T4807] XFS (loop4): Ending clean mount
[   85.056525][ T4807] XFS (loop4): Quotacheck needed: Please wait.
[   85.092609][ T4809] F2FS-fs (loop2): Found nat_bits in checkpoint
[   85.179289][ T4807] XFS (loop4): Quotacheck: Done.
[   85.264264][ T4849] loop6: detected capacity change from 0 to 524287999
[   85.279587][ T4809] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   85.287461][ T4215] usb 1-1: GET_CAPABILITIES returned 0
[   85.293441][ T4215] usbtmc 1-1:16.0: can't read capabilities
[   85.367608][ T4176] XFS (loop4): Unmounting Filesystem
[   85.420713][    C1] blk_update_request: I/O error, dev loop6, sector 524287744 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   85.451283][    C0] blk_update_request: I/O error, dev loop6, sector 524287744 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   85.462945][    C0] Buffer I/O error on dev loop6, logical block 65535968, async page read
[   85.564424][   T23] usb 1-1: USB disconnect, device number 3
[   85.978203][ T4869] loop4: detected capacity change from 0 to 512
[   86.010618][ T4863] loop3: detected capacity change from 0 to 8192
[   86.062577][ T4869] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[   86.091524][ T4863] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[   86.119520][ T4863] REISERFS (device loop3): using ordered data mode
[   86.128304][ T4869] EXT4-fs (loop4): mounted filesystem without journal. Opts: stripe=0x0000000000000010,stripe=0x0000000000000004,dioread_nolock,mblk_io_submit,discard,nogrpid,,errors=continue. Quota mode: none.
[   86.134241][ T4880] loop1: detected capacity change from 0 to 128
[   86.169578][ T4863] reiserfs: using flush barriers
[   86.180412][ T4863] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   86.198313][ T4869] fs-verity: sha512 using implementation "sha512-avx2"
[   86.203665][ T4863] REISERFS (device loop3): checking transaction log (loop3)
[   86.208093][ T4869] EXT4-fs warning (device loop4): ext4_begin_enable_verity:136: inode #13: comm syz.4.240: verity is only allowed on extent-based files
[   86.257922][ T4880] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   86.279663][ T4880] ext4 filesystem being mounted at /56/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   86.313069][   T23] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   86.327687][   T26] audit: type=1800 audit(1731865224.252:17): pid=4880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.251" name="file3" dev="loop1" ino=12 res=0 errno=0
[   86.462663][ T4863] REISERFS (device loop3): Using tea hash to sort names
[   86.503689][ T4863] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[   86.557764][ T4863] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[   86.612965][   T23] usb 3-1: Using ep0 maxpacket: 8
[   86.641838][ T4894] netlink: 40 bytes leftover after parsing attributes in process `syz.1.257'.
[   86.710034][   T26] audit: type=1800 audit(1731865224.632:18): pid=4863 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.246" name="file1" dev="loop3" ino=4 res=0 errno=0
[   86.730219][    C1] vkms_vblank_simulate: vblank timer overrun
[   86.743286][   T23] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[   86.767397][   T23] usb 3-1: config 179 has no interface number 0
[   86.802399][   T23] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[   86.826893][ T4891] loop4: detected capacity change from 0 to 4096
[   86.851107][   T23] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[   86.869636][   T23] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[   86.891930][   T23] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[   86.905624][   T23] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[   86.923247][   T23] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   86.932356][   T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.968872][ T4874] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   87.034590][ T4891] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[   87.067238][ T4910] process 'syz.0.266' launched './file0' with NULL argv: empty string added
[   87.213182][ T4163] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   87.276590][ T2313] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input7
[   87.441045][ T4914] loop0: detected capacity change from 0 to 8192
[   87.465787][ T2313] usb 3-1: USB disconnect, device number 2
[   87.472963][    C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[   87.481286][    C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[   87.498724][ T2313] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[   87.512604][ T4914] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   87.559102][ T4914] REISERFS (device loop0): using journaled data mode
[   87.567637][ T4914] reiserfs: using flush barriers
[   87.587933][ T4914] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   87.605845][ T4914] REISERFS (device loop0): checking transaction log (loop0)
[   87.614963][ T4914] REISERFS (device loop0): Using r5 hash to sort names
[   87.627443][ T4914] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[   87.677427][ T4914] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   87.813358][ T4163] usb 2-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[   87.822454][ T4163] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.856146][ T4163] usb 2-1: Product: syz
[   87.860393][ T4163] usb 2-1: Manufacturer: syz
[   87.880715][ T4163] usb 2-1: SerialNumber: syz
[   87.923852][ T4163] usb 2-1: config 0 descriptor??
[   87.965323][ T4163] gspca_main: sq905c-2.14.0 probing 2770:9052
[   88.285011][ T4930] loop0: detected capacity change from 0 to 8192
[   88.386818][ T4930] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   88.413914][ T4930] REISERFS (device loop0): using ordered data mode
[   88.420808][ T4930] reiserfs: using flush barriers
[   88.431496][ T4930] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   88.579173][ T4939] loop4: detected capacity change from 0 to 2048
[   88.586026][ T4930] REISERFS (device loop0): checking transaction log (loop0)
[   88.658163][ T4939] Alternate GPT is invalid, using primary GPT.
[   88.724043][ T4939]  loop4: p1 p2 p3
[   88.866177][ T4215] usb 2-1: USB disconnect, device number 3
[   88.979496][ T4930] REISERFS (device loop0): Using tea hash to sort names
[   89.018952][ T4930] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[   89.039793][ T4930] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   89.060120][ T4189] udevd[4189]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   89.067113][ T4164] udevd[4164]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   89.076605][ T4187] udevd[4187]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   89.174089][   T26] audit: type=1800 audit(1731865227.102:19): pid=4930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.273" name="file1" dev="loop0" ino=4 res=0 errno=0
[   89.180594][ T4932] loop2: detected capacity change from 0 to 32768
[   89.932976][ T1106] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   90.103140][ T4215] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   90.151200][ T4946] loop4: detected capacity change from 0 to 40427
[   90.177075][ T4946] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[   90.177126][ T4946] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   90.190205][ T4946] F2FS-fs (loop4): invalid crc value
[   90.195936][ T4946] F2FS-fs (loop4): Found nat_bits in checkpoint
[   90.200999][ T1106] usb 1-1: Using ep0 maxpacket: 32
[   90.267588][ T4946] F2FS-fs (loop4): Start checkpoint disabled!
[   90.279482][ T4946] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   90.279518][ T4946] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[   90.373286][ T1106] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[   90.373314][ T1106] usb 1-1: config 0 has no interface number 0
[   90.402163][  T487] attempt to access beyond end of device
[   90.402163][  T487] loop4: rw=2049, want=41000, limit=40427
[   90.483943][ T4962] loop1: detected capacity change from 0 to 128
[   90.563697][ T1106] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[   90.580808][ T1106] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.600903][ T1106] usb 1-1: Product: syz
[   90.605701][ T1106] usb 1-1: Manufacturer: syz
[   90.610313][ T1106] usb 1-1: SerialNumber: syz
[   90.617604][ T1106] usb 1-1: config 0 descriptor??
[   90.658439][ T1106] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[   90.683885][ T4968] loop1: detected capacity change from 0 to 64
[   90.703266][ T4215] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[   90.719885][ T4215] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.759900][ T4215] usb 3-1: Product: syz
[   90.771473][ T4215] usb 3-1: Manufacturer: syz
[   90.780102][ T4215] usb 3-1: SerialNumber: syz
[   90.794999][ T4968] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended.  leaving read-only.
[   90.812496][ T4215] usb 3-1: config 0 descriptor??
[   90.833248][ T4163] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[   90.870041][ T1106] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[   90.881605][ T4215] ch341 3-1:0.0: ch341-uart converter detected
[   90.919338][ T1106] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[   91.111038][ T4950] udc-core: couldn't find an available UDC or it's busy
[   91.130456][ T4950] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   91.193349][ T2313] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   91.293167][ T4163] usb 4-1: unable to get BOS descriptor or descriptor too short
[   91.343466][ T4163] usb 4-1: not running at top speed; connect to a high speed hub
[   91.362999][    C0] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71
[   91.393726][    T7] usb 1-1: USB disconnect, device number 4
[   91.409033][    T7] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[   91.431876][    T7] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[   91.443690][ T4163] usb 4-1: config 15 has an invalid interface number: 168 but max is 0
[   91.451691][ T2313] usb 5-1: Using ep0 maxpacket: 8
[   91.457901][ T4163] usb 4-1: config 15 has no interface number 0
[   91.474644][    T7] quatech2 1-1:0.51: device disconnected
[   91.480673][ T4163] usb 4-1: config 15 interface 168 has no altsetting 0
[   91.544432][ T4986] loop1: detected capacity change from 0 to 32768
[   91.603212][ T2313] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[   91.611501][ T2313] usb 5-1: config 179 has no interface number 0
[   91.621749][ T2313] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[   91.639744][ T2313] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[   91.651349][ T2313] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[   91.667261][ T2313] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[   91.678982][ T2313] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[   91.693562][ T2313] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   91.696704][ T4163] usb 4-1: New USB device found, idVendor=1044, idProduct=7002, bcdDevice=f0.ca
[   91.702619][ T2313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.721160][ T4163] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.731781][ T4163] usb 4-1: Product: syz
[   91.733344][ T4972] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[   91.737814][ T4215] usb 3-1: failed to send control message: -71
[   91.749492][ T4215] ch341-uart: probe of ttyUSB2 failed with error -71
[   91.770062][ T4163] usb 4-1: Manufacturer: syz
[   91.774959][ T4163] usb 4-1: SerialNumber: syz
[   91.798638][ T4215] usb 3-1: USB disconnect, device number 3
[   91.815702][ T4215] ch341 3-1:0.0: device disconnected
[   91.833149][ T4986] XFS (loop1): Mounting V5 Filesystem
[   91.939668][ T4986] XFS (loop1): Ending clean mount
[   91.994665][ T2313] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input8
[   92.059461][ T4175] XFS (loop1): Unmounting Filesystem
[   92.196229][ T2313] usb 5-1: USB disconnect, device number 5
[   92.212980][    C1] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[   92.221759][ T2313] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[   92.339299][ T4998] loop2: detected capacity change from 0 to 64
[   92.405974][ T4996] loop0: detected capacity change from 0 to 32768
[   92.444395][ T4996] XFS: ikeep mount option is deprecated.
[   92.531344][ T4996] XFS (loop0): Mounting V5 Filesystem
[   92.537433][ T4163] dvb-usb: found a 'Gigabyte U8000-RH' in warm state.
[   92.557825][ T4163] dvb-usb: will use the device's hardware PID filter (table count: 32).
[   92.589036][ T4163] dvbdev: DVB: registering new adapter (Gigabyte U8000-RH)
[   92.620121][ T4163] usb 4-1: media controller created
[   92.647881][ T4163] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   92.674950][ T5012] ax25_connect(): syz.2.302 uses autobind, please contact jreuter@yaina.de
[   92.748756][ T5016] loop4: detected capacity change from 0 to 256
[   92.761691][ T4996] XFS (loop0): Ending clean mount
[   92.770213][ T4163] DVB: Unable to find symbol dib7000p_attach()
[   92.793403][ T4163] dvb-usb: no frontend was attached by 'Gigabyte U8000-RH'
[   92.819817][ T4996] XFS (loop0): Quotacheck needed: Please wait.
[   92.838839][ T5023] loop1: detected capacity change from 0 to 16
[   92.859940][ T5016] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   92.891161][ T5023] erofs: (device loop1): mounted with root inode @ nid 36.
[   92.931809][ T5023] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   92.949713][ T4996] XFS (loop0): Quotacheck: Done.
[   92.963397][ T4163] rc_core: IR keymap rc-dib0700-rc5 not found
[   92.970782][ T5023] erofs: (device loop1): z_erofs_lz4_decompress: failed to decompress -23 in[64, 4032] out[1851]
[   92.993984][ T4163] Registered IR keymap rc-empty
[   93.020356][ T4163] dvb-usb: could not initialize remote control.
[   93.040076][ T5023] erofs: (device loop1): z_erofs_readpage: failed to read, err [-117]
[   93.048674][ T4163] dvb-usb: Gigabyte U8000-RH successfully initialized and connected.
[   93.076702][ T4172] XFS (loop0): Unmounting Filesystem
[   93.098714][ T4163] usb 4-1: USB disconnect, device number 5
[   93.150781][ T4163] dvb-usb: Gigabyte U8000-RH successfully deinitialized and disconnected.
[   93.244743][ T5029] loop4: detected capacity change from 0 to 2048
[   93.282280][ T5029] UDF-fs: bad mount option "uid=" or missing value
[   93.571630][ T5040] netlink: 28 bytes leftover after parsing attributes in process `syz.4.315'.
[   93.591035][ T5040] netlink: 92 bytes leftover after parsing attributes in process `syz.4.315'.
[   93.782968][ T4219] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   93.825227][ T5054] tap0: tun_chr_ioctl cmd 1074025677
[   93.830796][ T5054] tap0: linktype set to 773
[   93.856352][ T5056] netlink: 'syz.0.319': attribute type 6 has an invalid length.
[   94.010031][ T5065] loop0: detected capacity change from 0 to 512
[   94.033136][ T4219] usb 4-1: Using ep0 maxpacket: 8
[   94.043231][   T23] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   94.115025][ T5065] EXT4-fs (loop0): Ignoring removed bh option
[   94.121485][ T5065] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[   94.197203][ T4219] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   94.209045][ T4219] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[   94.218244][ T4219] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.249093][ T4219] usb 4-1: config 0 descriptor??
[   94.297477][   T23] usb 5-1: Using ep0 maxpacket: 32
[   94.325833][ T4219] gspca_main: vc032x-2.14.0 probing 046d:0892
[   94.333311][ T4222] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   94.423139][   T23] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.442921][   T23] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   94.463464][   T23] usb 5-1: New USB device found, idVendor=060b, idProduct=0001, bcdDevice= 0.00
[   94.482736][   T23] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.504668][   T23] usb 5-1: config 0 descriptor??
[   94.652728][ T5077] loop2: detected capacity change from 0 to 32768
[   94.691196][ T5077] XFS: attr2 mount option is deprecated.
[   94.698314][ T5077] XFS: ikeep mount option is deprecated.
[   94.704702][ T4222] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.716417][ T5077] XFS: noikeep mount option is deprecated.
[   94.722344][ T4222] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   94.733049][ T4222] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[   94.742110][ T4222] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.767049][ T4222] usb 2-1: config 0 descriptor??
[   94.798295][ T5077] XFS (loop2): Mounting V5 Filesystem
[   94.800589][ T5079] loop0: detected capacity change from 0 to 32768
[   94.885810][ T5077] XFS (loop2): Ending clean mount
[   94.887100][ T5079] XFS (loop0): Mounting V5 Filesystem
[   94.899661][ T5077] XFS (loop2): Quotacheck needed: Please wait.
[   94.935933][ T5077] XFS (loop2): Quotacheck: Done.
[   94.969399][ T4219] gspca_vc032x: reg_r err -71
[   94.980157][ T4219] vc032x: probe of 4-1:0.0 failed with error -71
[   94.986781][   T23] macally 0003:060B:0001.0002: item fetching failed at offset 2/5
[   94.987225][   T23] macally: probe of 0003:060B:0001.0002 failed with error -22
[   95.077340][ T4219] usb 4-1: USB disconnect, device number 6
[   95.110032][ T4179] XFS (loop2): Unmounting Filesystem
[   95.117883][ T5079] XFS (loop0): Ending clean mount
[   95.175711][ T4172] XFS (loop0): Unmounting Filesystem
[   95.195073][ T2313] usb 5-1: USB disconnect, device number 6
[   95.261043][ T4222] hid (null): usage index exceeded
[   95.278605][ T4222] lg-g15 0003:046D:C222.0003: ignoring exceeding usage max
[   95.290373][ T4222] lg-g15 0003:046D:C222.0003: ignoring exceeding usage max
[   95.299906][ T4222] lg-g15 0003:046D:C222.0003: usage index exceeded
[   95.309706][ T4222] lg-g15 0003:046D:C222.0003: item 0 0 2 2 parsing failed
[   95.318524][ T4222] lg-g15: probe of 0003:046D:C222.0003 failed with error -22
[   95.498682][ T4222] usb 2-1: USB disconnect, device number 4
[   96.347515][ T5134] loop1: detected capacity change from 0 to 64
[   96.684129][ T5103] loop0: detected capacity change from 0 to 32768
[   96.720461][ T5111] loop4: detected capacity change from 0 to 32768
[   96.759643][ T5103] XFS (loop0): Mounting V5 Filesystem
[   96.791417][ T5111] XFS: noikeep mount option is deprecated.
[   96.861142][ T5103] XFS (loop0): Ending clean mount
[   96.886087][ T5103] XFS (loop0): Quotacheck needed: Please wait.
[   96.948776][ T5111] XFS (loop4): Mounting V5 Filesystem
[   96.952315][ T5154] loop1: detected capacity change from 0 to 4096
[   96.983613][ T5103] XFS (loop0): Quotacheck: Done.
[   97.003241][ T5154] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512)
[   97.052556][ T4172] XFS (loop0): Unmounting Filesystem
[   97.106651][ T5174] IPVS: sh: SCTP 172.20.20.187:0 - no destination available
[   97.150587][ T5111] XFS (loop4): Ending clean mount
[   97.157820][ T5111] XFS (loop4): Quotacheck needed: Please wait.
[   97.206689][ T5111] XFS (loop4): Quotacheck: Done.
[   97.357501][ T4176] XFS (loop4): Unmounting Filesystem
[   97.773219][ T4219] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   97.779034][ T5192] netlink: 8 bytes leftover after parsing attributes in process `syz.0.370'.
[   97.824217][ T5192] nbd: socks must be embedded in a SOCK_ITEM attr
[   97.945257][ T5194] loop2: detected capacity change from 0 to 2048
[   98.033085][ T4219] usb 2-1: Using ep0 maxpacket: 16
[   98.093579][ T5194] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   98.097272][ T5207] loop3: detected capacity change from 0 to 128
[   98.105513][ T5194] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.243337][ T5215] netlink: 1010 bytes leftover after parsing attributes in process `syz.4.379'.
[   98.273016][ T5215] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[   98.343376][ T4219] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   98.363196][    T7] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   98.390303][ T4219] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.419146][ T4219] usb 2-1: Product: syz
[   98.434130][ T4219] usb 2-1: Manufacturer: syz
[   98.438774][ T4219] usb 2-1: SerialNumber: syz
[   98.490433][ T4219] r8152-cfgselector 2-1: config 0 descriptor??
[   98.490836][ T5223] loop2: detected capacity change from 0 to 2048
[   98.590634][ T5223] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[   98.620475][ T5223] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   98.635277][    T7] usb 1-1: Using ep0 maxpacket: 32
[   98.763248][ T4219] r8152-cfgselector 2-1: Unknown version 0x0000
[   98.770040][    T7] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[   98.998141][    T7] usb 1-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[   99.015891][    T7] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.033766][    T7] usb 1-1: Product: syz
[   99.033800][    T7] usb 1-1: Manufacturer: syz
[   99.033817][    T7] usb 1-1: SerialNumber: syz
[   99.054975][    T7] usb 1-1: config 0 descriptor??
[   99.067542][ T4219] r8152-cfgselector 2-1: Unknown version 0x0000
[   99.073744][ T4219] r8152-cfgselector 2-1: USB disconnect, device number 5
[   99.083425][ T5206] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   99.113745][    T7] hub 1-1:0.0: bad descriptor, ignoring hub
[   99.113816][    T7] hub: probe of 1-1:0.0 failed with error -5
[   99.116793][    T7] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input10
[   99.320191][ T4219] usb 1-1: USB disconnect, device number 5
[   99.335226][ T5256] sg_write: process 174 (syz.3.397) changed security contexts after opening file descriptor, this is not allowed.
[   99.393555][ T5256] program syz.3.397 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   99.548867][ T5260] loop3: detected capacity change from 0 to 1024
[   99.600830][ T5262] loop1: detected capacity change from 0 to 64
[   99.614572][ T5260] EXT4-fs (loop3): Ignoring removed nobh option
[   99.624628][ T5239] loop4: detected capacity change from 0 to 32768
[   99.647389][ T5260] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #11: comm syz.3.399: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   99.679823][ T5260] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.399: couldn't read orphan inode 11 (err -117)
[   99.698223][ T5239] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.391 (5239)
[   99.714877][ T5260] EXT4-fs (loop3): mounted filesystem without journal. Opts: sysvgroups,noload,nobh,noload,journal_dev=0x0000000000000004,norecovery,errors=continue,quota,,errors=continue. Quota mode: writeback.
[   99.801154][ T5260] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.399: Invalid block bitmap block 0 in block_group 0
[   99.876153][ T5260] Quota error (device loop3): write_blk: dquota write failed
[   99.929381][ T5239] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[   99.936293][ T5260] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[   99.973017][ T5239] BTRFS info (device loop4): force zlib compression, level 3
[   99.980438][ T5239] BTRFS info (device loop4): force clearing of disk cache
[   99.999160][ T5260] EXT4-fs error (device loop3): ext4_acquire_dquot:6197: comm syz.3.399: Failed to acquire dquot type 0
[  100.035161][ T5239] BTRFS info (device loop4): setting nodatasum
[  100.080269][ T5239] BTRFS info (device loop4): use zlib compression, level 3
[  100.081388][ T5269] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.399: Invalid inode bitmap blk 137438953472 in block_group 0
[  100.102985][ T5239] BTRFS info (device loop4): allowing degraded mounts
[  100.122972][ T5239] BTRFS info (device loop4): enabling disk space caching
[  100.155179][ T5239] BTRFS info (device loop4): disk space caching is enabled
[  100.171354][ T5254] loop2: detected capacity change from 0 to 40427
[  100.192535][ T3091] EXT4-fs error (device loop3): __ext4_get_inode_loc:4320: comm kworker/u4:4: Invalid inode table block 8589934593 in block_group 0
[  100.193239][ T5239] BTRFS info (device loop4): has skinny extents
[  100.295626][ T5271] loop0: detected capacity change from 0 to 4096
[  100.312981][ T5254] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  100.328515][ T5254] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  100.351231][ T5254] F2FS-fs (loop2): invalid crc value
[  100.414256][ T5283] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  100.467588][ T5254] F2FS-fs (loop2): Found nat_bits in checkpoint
[  100.475823][ T5286] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  100.564095][ T5239] BTRFS info (device loop4): enabling ssd optimizations
[  100.589497][ T5239] BTRFS info (device loop4): clearing free space tree
[  100.598126][ T5239] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  100.613843][ T5239] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  100.680353][ T5254] F2FS-fs (loop2): Start checkpoint disabled!
[  100.788208][ T5254] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  100.816633][ T5254] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  101.058751][ T5267] loop1: detected capacity change from 0 to 32768
[  101.107883][ T5267] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop1 scanned by syz.1.401 (5267)
[  101.162616][  T487] attempt to access beyond end of device
[  101.162616][  T487] loop2: rw=2049, want=41000, limit=40427
[  101.304592][ T5267] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  101.383004][ T5267] BTRFS info (device loop1): using free space tree
[  101.389576][ T5267] BTRFS info (device loop1): has skinny extents
[  101.513702][ T5321] loop4: detected capacity change from 0 to 1024
[  101.670368][ T5321] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,nodelalloc,acl,noinit_itable,,errors=continue. Quota mode: none.
[  101.837485][ T5267] BTRFS info (device loop1): enabling ssd optimizations
[  102.068851][ T5354] loop4: detected capacity change from 0 to 512
[  102.236593][ T5354] EXT4-fs (loop4): inline encryption not supported
[  102.318527][ T5354] EXT4-fs (loop4): mounted filesystem without journal. Opts: inlinecrypt,,errors=continue. Quota mode: writeback.
[  102.351496][ T5352] loop0: detected capacity change from 0 to 32768
[  102.395903][ T5354] ext4 filesystem being mounted at /69/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.495877][ T5354] EXT4-fs error (device loop4): ext4_do_update_inode:5174: inode #2: comm syz.4.415: corrupted inode contents
[  102.537479][ T5352] XFS (loop0): Mounting V5 Filesystem
[  102.578729][ T5354] EXT4-fs error (device loop4): ext4_dirty_inode:6010: inode #2: comm syz.4.415: mark_inode_dirty error
[  102.659988][ T5354] EXT4-fs error (device loop4): ext4_do_update_inode:5174: inode #2: comm syz.4.415: corrupted inode contents
[  102.729359][ T5354] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #2: comm syz.4.415: mark_inode_dirty error
[  102.754921][ T5352] XFS (loop0): Ending clean mount
[  102.769435][ T5352] XFS (loop0): Metadata corruption detected at xfs_dinode_verify+0x33d/0xce0, inode 0x426 dinode
[  102.780529][ T5352] XFS (loop0): Unmount and run xfs_repair
[  102.786595][ T5352] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  102.794051][ T5352] 00000000: 49 4e 81 ed 03 02 00 00 00 00 00 00 00 00 00 00  IN..............
[  102.794927][ T5379] program syz.2.424 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  102.802970][ T5352] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  102.803028][ T5352] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 a5 b6 11  4.Xh....4.Xh....
[  102.803045][ T5352] 00000030: 34 f7 58 68 a5 a5 b6 11 00 00 00 00 00 00 00 0a  4.Xh............
[  102.803061][ T5352] 00000040: 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 01  ................
[  102.848212][ T5352] 00000050: 00 00 e5 01 00 00 00 00 00 00 00 00 8c bd 1d c9  ................
[  102.858719][ T5352] 00000060: ff ff ff ff 32 9a 48 68 00 00 00 00 00 00 00 08  ....2.Hh........
[  102.867804][ T5352] 00000070: 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 08  ................
[  102.887144][ T5354] EXT4-fs warning (device loop4): ext4_empty_dir:3147: inode #18: comm syz.4.415: directory missing '.'
[  102.903196][ T4172] XFS (loop0): Unmounting Filesystem
[  102.969549][ T5383] netlink: 8 bytes leftover after parsing attributes in process `syz.1.416'.
[  103.015010][ T5385] loop2: detected capacity change from 0 to 512
[  103.042526][ T5387] netlink: 'syz.3.428': attribute type 10 has an invalid length.
[  103.113679][ T5385] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  103.197451][ T5387] team0: Port device netdevsim0 added
[  103.243720][ T5389] netlink: 'syz.3.428': attribute type 10 has an invalid length.
[  103.257602][ T5385] Quota error (device loop2): v2_read_file_info: Free block number too big (58381 >= 6).
[  103.325274][ T5385] EXT4-fs warning (device loop2): ext4_enable_quotas:6432: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  103.341097][ T5396] netlink: 8 bytes leftover after parsing attributes in process `syz.1.431'.
[  103.387729][ T5389] team0: Port device netdevsim0 removed
[  103.402438][ T5385] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  103.430459][ T5389] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  103.483603][ T5385] Quota error (device loop2): v2_read_file_info: Free block number too big (58381 >= 6).
[  103.541121][ T5385] EXT4-fs warning (device loop2): ext4_enable_quotas:6432: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  103.802776][ T5406] bond0: (slave bond_slave_0): Slave does not support ipsec offload
[  103.901752][ T5418] loop2: detected capacity change from 0 to 2048
[  104.042839][ T5428] __sock_release: fasync list not empty!
[  104.072695][ T5418] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  104.168993][ T5418] ext4 filesystem being mounted at /96/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  104.223579][ T5435] loop4: detected capacity change from 0 to 8192
[  104.269685][ T5440] loop0: detected capacity change from 0 to 256
[  104.299146][ T5435] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal
[  104.311565][ T5435] REISERFS (device loop4): using ordered data mode
[  104.318471][ T5435] reiserfs: using flush barriers
[  104.326873][ T5435] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  104.343560][ T5435] REISERFS (device loop4): checking transaction log (loop4)
[  104.502416][ T5448] loop3: detected capacity change from 0 to 128
[  104.541349][ T5451] loop2: detected capacity change from 0 to 512
[  104.606696][ T5435] REISERFS (device loop4): Using tea hash to sort names
[  104.612415][ T5448] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  104.614895][ T5435] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  104.645009][ T5451] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  104.653216][ T5448] ext4 filesystem being mounted at /97/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  104.665057][ T5451] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.742355][ T5448] fscrypt (loop3, inode 12): Can't use IV_INO_LBLK_64 policy with contents mode other than AES-256-XTS
[  104.753824][ T4219] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  105.023287][ T4219] usb 2-1: Using ep0 maxpacket: 32
[  105.143249][ T4219] usb 2-1: config 0 has an invalid interface number: 19 but max is 0
[  105.163427][ T4219] usb 2-1: config 0 has no interface number 0
[  105.208636][ T5462] loop4: detected capacity change from 0 to 4096
[  105.227938][ T5464] loop2: detected capacity change from 0 to 2048
[  105.290725][ T5462] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  105.343223][ T4219] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  105.352315][ T4219] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.391035][ T4219] usb 2-1: Product: syz
[  105.404676][ T4219] usb 2-1: Manufacturer: syz
[  105.423375][ T4219] usb 2-1: SerialNumber: syz
[  105.424754][ T5464] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  105.443965][ T4219] usb 2-1: config 0 descriptor??
[  105.498040][ T5458] loop0: detected capacity change from 0 to 32768
[  105.514957][ T4219] quatech2 2-1:0.19: Quatech 2nd gen USB to Serial Driver converter detected
[  105.528872][ T5464] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.734764][ T4219] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  105.766344][ T4219] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  105.795627][ T5471] netlink: 8 bytes leftover after parsing attributes in process `syz.2.456'.
[  105.830992][ T5471] netlink: 'syz.2.456': attribute type 1 has an invalid length.
[  105.861462][ T5471] netlink: 'syz.2.456': attribute type 2 has an invalid length.
[  105.937459][ T5447] udc-core: couldn't find an available UDC or it's busy
[  105.962977][ T5447] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  106.030980][ T5460] loop3: detected capacity change from 0 to 32768
[  106.116070][ T5460] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.454 (5460)
[  106.160270][ T5460] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  106.187181][ T5460] BTRFS info (device loop3): using free space tree
[  106.196213][ T5460] BTRFS info (device loop3): has skinny extents
[  106.214235][ T4219] usb 2-1: USB disconnect, device number 6
[  106.232974][    C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -108
[  106.261588][ T4219] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  106.276488][ T4219] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  106.289270][ T4219] quatech2 2-1:0.19: device disconnected
[  106.324203][ T5460] BTRFS info (device loop3): enabling ssd optimizations
[  106.374383][   T26] audit: type=1800 audit(1731865244.299:20): pid=5460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.454" name="file1" dev="loop3" ino=260 res=0 errno=0
[  106.448874][ T5469] loop4: detected capacity change from 0 to 32768
[  106.724517][ T5469] XFS (loop4): Mounting V5 Filesystem
[  106.939369][ T5469] XFS (loop4): Ending clean mount
[  106.986042][ T5469] XFS (loop4): Quotacheck needed: Please wait.
[  107.105049][ T5469] XFS (loop4): Quotacheck: Done.
[  107.164119][ T5534] loop1: detected capacity change from 0 to 256
[  107.190152][ T5531] loop0: detected capacity change from 0 to 4096
[  107.208132][ T4176] XFS (loop4): Unmounting Filesystem
[  107.844736][ T5554] netlink: 24 bytes leftover after parsing attributes in process `syz.2.477'.
[  107.883187][ T5554] sch_fq: defrate 2 ignored.
[  108.034877][ T5564] loop0: detected capacity change from 0 to 256
[  108.215913][ T5571] loop1: detected capacity change from 0 to 128
[  108.280031][ T5564] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xd3fc6e3e, utbl_chksum : 0xe619d30d)
[  108.298851][ T5564] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  108.309160][ T5571] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  108.343205][ T5571] ext4 filesystem being mounted at /100/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  108.416735][ T5571] fscrypt (loop1, inode 12): Direct key flag not allowed with different contents and filenames modes
[  108.563536][ T5582] loop2: detected capacity change from 0 to 512
[  108.631802][ T5580] loop3: detected capacity change from 0 to 4096
[  108.638397][ T5582] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #17: comm syz.2.490: iget: bogus i_mode (0)
[  108.679532][ T5587] netlink: 12 bytes leftover after parsing attributes in process `syz.1.491'.
[  108.740917][ T5582] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.490: couldn't read orphan inode 17 (err -117)
[  108.760333][ T5591] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  108.852292][ T5582] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  108.917148][ T5582] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.490: bg 0: block 7: invalid block bitmap
[  109.094968][ T5513] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  109.177423][ T5575] loop4: detected capacity change from 0 to 32768
[  109.251197][ T5575] XFS (loop4): Mounting V5 Filesystem
[  109.329006][ T5575] XFS (loop4): Ending clean mount
[  109.334169][ T5513] usb 1-1: Using ep0 maxpacket: 32
[  109.342016][ T5575] XFS (loop4): Quotacheck needed: Please wait.
[  109.386779][ T5575] XFS (loop4): Quotacheck: Done.
[  109.450833][ T4176] XFS (loop4): Unmounting Filesystem
[  109.453229][ T5513] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  109.500784][ T5513] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  109.578788][ T5513] usb 1-1: New USB device found, idVendor=056a, idProduct=00f0, bcdDevice= 0.00
[  109.614849][ T5513] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.674260][ T5513] usb 1-1: config 0 descriptor??
[  109.743238][ T5623] mkiss: ax0: crc mode is auto.
[  110.163964][ T5513] wacom 0003:056A:00F0.0004: unknown main item tag 0x0
[  110.200522][ T5513] wacom 0003:056A:00F0.0004: hidraw0: USB HID v0.00 Device [HID 056a:00f0] on usb-dummy_hcd.0-1/input0
[  110.360141][ T5513] usb 1-1: USB disconnect, device number 6
[  110.397817][ T5644] loop3: detected capacity change from 0 to 1024
[  110.620335][ T5632] loop2: detected capacity change from 0 to 32768
[  110.631543][  T487] hfsplus: b-tree write err: -5, ino 4
[  110.731144][ T5634] loop1: detected capacity change from 0 to 32768
[  110.801480][ T5632] XFS (loop2): Mounting V5 Filesystem
[  110.919060][ T5632] XFS (loop2): Ending clean mount
[  110.972726][ T5632] XFS (loop2): Quotacheck needed: Please wait.
[  111.040510][ T5634] XFS (loop1): Mounting V5 Filesystem
[  111.146638][ T5632] XFS (loop2): Quotacheck: Done.
[  111.164881][ T5634] XFS (loop1): Ending clean mount
[  111.215233][ T4179] XFS (loop2): Unmounting Filesystem
[  111.291890][ T4175] XFS (loop1): Unmounting Filesystem
[  111.306980][ T5646] loop4: detected capacity change from 0 to 32768
[  111.651936][ T5646] JBD2: Ignoring recovery information on journal
[  111.892672][ T5646] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  111.913047][ T5514] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  111.983510][ T5646] OCFS2: ERROR (device loop4): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #32 has bit count of 1024
[  112.025400][ T5646] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  112.075668][ T5646] OCFS2: File system is now read-only.
[  112.111955][ T5646] (syz.4.513,5646,0):ocfs2_trim_mainbm:7596 ERROR: status = -30
[  112.152991][ T5514] usb 3-1: Using ep0 maxpacket: 8
[  112.275282][ T4176] ocfs2: Unmounting device (7,4) on (node local)
[  112.353022][ T5514] usb 3-1: config 0 has an invalid interface number: 155 but max is 0
[  112.361913][ T5514] usb 3-1: config 0 has no interface number 0
[  112.368491][ T5514] usb 3-1: config 0 interface 155 has no altsetting 0
[  112.442230][ T5686] loop3: detected capacity change from 0 to 32768
[  112.543451][ T5713] loop1: detected capacity change from 0 to 512
[  112.563234][ T5514] usb 3-1: New USB device found, idVendor=2001, idProduct=7e19, bcdDevice=1a.f8
[  112.572322][ T5514] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.633096][ T5713] EXT4-fs (loop1): can't mount with commit=1, fs mounted w/o journal
[  112.646054][ T5514] usb 3-1: Product: syz
[  112.646914][ T5721] loop4: detected capacity change from 0 to 256
[  112.650251][ T5514] usb 3-1: Manufacturer: syz
[  112.671964][ T5514] usb 3-1: SerialNumber: syz
[  112.727121][ T5686] XFS (loop3): Mounting V5 Filesystem
[  112.774663][ T5514] usb 3-1: config 0 descriptor??
[  112.923134][ T5686] XFS (loop3): Ending clean mount
[  113.006519][ T4185] XFS (loop3): Unmounting Filesystem
[  113.124631][ T5514] option 3-1:0.155: GSM modem (1-port) converter detected
[  113.136672][ T5738] No such timeout policy "syz0"
[  113.153524][ T5514] usb 3-1: USB disconnect, device number 4
[  113.168698][ T5514] option 3-1:0.155: device disconnected
[  113.468477][ T5746] netlink: 12 bytes leftover after parsing attributes in process `syz.0.544'.
[  113.596131][ T5744] loop4: detected capacity change from 0 to 4096
[  113.688026][ T5731] loop1: detected capacity change from 0 to 32768
[  113.812503][ T5744] EXT4-fs (loop4): Test dummy encryption mode enabled
[  113.836090][ T5744] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,delalloc,journal_ioprio=0x0000000000000007,test_dummy_encryption,nodiscard,nodelalloc,acl,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  113.873153][ T5514] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  113.884761][ T5744] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: writeback.
[  114.100666][ T5770] syz.4.552 uses obsolete (PF_INET,SOCK_PACKET)
[  114.273273][ T5514] usb 1-1: unable to get BOS descriptor or descriptor too short
[  114.313192][ T5514] usb 1-1: not running at top speed; connect to a high speed hub
[  114.336833][ T5786] loop2: detected capacity change from 0 to 64
[  114.423792][ T5514] usb 1-1: config 5 has an invalid interface number: 150 but max is 0
[  114.427792][ T5784] loop3: detected capacity change from 0 to 4096
[  114.437185][ T5514] usb 1-1: config 5 has no interface number 0
[  114.454307][ T5514] usb 1-1: config 5 interface 150 has no altsetting 0
[  114.460457][ T5788] loop1: detected capacity change from 0 to 2048
[  114.520450][ T5788] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  114.534858][   T13] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  114.581640][ T5788] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  114.593487][ T5784] NILFS (loop3): invalid segment: Checksum error in segment payload
[  114.623160][ T5514] usb 1-1: New USB device found, idVendor=0e41, idProduct=4750, bcdDevice=e2.76
[  114.633660][ T5784] NILFS (loop3): trying rollback from an earlier position
[  114.641820][ T5514] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.664951][ T5514] usb 1-1: Product: syz
[  114.671589][ T5784] NILFS (loop3): recovery complete
[  114.679213][ T5514] usb 1-1: Manufacturer: syz
[  114.690991][ T5514] usb 1-1: SerialNumber: syz
[  114.738848][ T5794] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  114.783527][   T13] usb 5-1: Using ep0 maxpacket: 8
[  114.951880][ T5804] netlink: 8 bytes leftover after parsing attributes in process `syz.2.568'.
[  114.961312][   T13] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.972490][ T5806] netlink: 4 bytes leftover after parsing attributes in process `syz.3.566'.
[  114.972617][   T13] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.972659][   T13] usb 5-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  115.010345][ T5807] netlink: 12 bytes leftover after parsing attributes in process `syz.2.568'.
[  115.010380][   T13] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.037831][ T5806] openvswitch: netlink: Key type 9760 is out of range max 29
[  115.052059][   T13] usb 5-1: config 0 descriptor??
[  115.148693][ T5816] loop1: detected capacity change from 0 to 64
[  115.164718][ T5813] loop2: detected capacity change from 0 to 2048
[  115.216658][ T5514] snd_usb_toneport 1-1:5.150: Line 6 GuitarPort found
[  115.256296][ T5819] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  115.300539][   T26] audit: type=1800 audit(1731865253.219:21): pid=5813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.570" name="file1" dev="loop2" ino=15 res=0 errno=0
[  115.320824][    C0] vkms_vblank_simulate: vblank timer overrun
[  115.345578][ T5815] Trying to free block not in datazone
[  115.425143][ T5514] snd_usb_toneport 1-1:5.150: cannot get proper max packet size
[  115.461740][ T5514] snd_usb_toneport 1-1:5.150: Line 6 GuitarPort now disconnected
[  115.467578][ T5826] loop2: detected capacity change from 0 to 128
[  115.484284][ T5514] snd_usb_toneport: probe of 1-1:5.150 failed with error -22
[  115.574726][ T5828] loop1: detected capacity change from 0 to 4096
[  115.587701][   T13] logitech 0003:046D:C20E.0005: rdesc size test failed for formula gp
[  115.597579][ T5826] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  115.618475][   T13] logitech 0003:046D:C20E.0005: unbalanced delimiter at end of report description
[  115.636260][ T5514] usb 1-1: USB disconnect, device number 7
[  115.649514][ T5826] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  115.659433][   T13] logitech 0003:046D:C20E.0005: parse failed
[  115.670368][   T13] logitech: probe of 0003:046D:C20E.0005 failed with error -22
[  115.713580][ T5828] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  115.793399][   T13] usb 5-1: USB disconnect, device number 7
[  115.832247][ T5828] EXT4-fs error (device loop1): ext4_do_update_inode:5174: inode #15: comm syz.1.576: corrupted inode contents
[  115.849494][ T5828] EXT4-fs error (device loop1): ext4_dirty_inode:6010: inode #15: comm syz.1.576: mark_inode_dirty error
[  115.903452][ T5828] EXT4-fs error (device loop1): ext4_do_update_inode:5174: inode #15: comm syz.1.576: corrupted inode contents
[  115.946340][ T5828] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #15: comm syz.1.576: mark_inode_dirty error
[  115.998008][ T5828] EXT4-fs error (device loop1): ext4_do_update_inode:5174: inode #15: comm syz.1.576: corrupted inode contents
[  116.094471][ T5828] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #15: comm syz.1.576: mark_inode_dirty error
[  116.109351][ T5828] EXT4-fs error (device loop1): ext4_do_update_inode:5174: inode #15: comm syz.1.576: corrupted inode contents
[  116.192497][ T5850] netlink: 'syz.3.586': attribute type 10 has an invalid length.
[  116.216077][ T5850] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  116.229911][ T5828] EXT4-fs error (device loop1): ext4_truncate:4272: inode #15: comm syz.1.576: mark_inode_dirty error
[  116.252440][ T5850] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  116.290461][ T5828] EXT4-fs error (device loop1) in ext4_setattr:5578: Corrupt filesystem
[  116.416781][ T5859] loop3: detected capacity change from 0 to 256
[  116.502421][ T5859] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  116.536573][ T5854] loop2: detected capacity change from 0 to 4096
[  116.562665][ T5864] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.644100][ T5854] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  116.785740][ T5854] ntfs: (device loop2): read_ntfs_boot_sector(): Primary boot sector is invalid.
[  116.812289][ T5854] ntfs: (device loop2): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy.
[  116.962431][ T5854] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  117.008773][ T5854] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  117.029599][ T5854] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  117.043337][ T5854] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5).
[  117.081544][ T5854] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  117.112252][ T5854] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  117.130907][ T5883] loop4: detected capacity change from 0 to 2048
[  117.168936][ T5854] ntfs: volume version 3.1.
[  117.258652][ T5883] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  117.342235][ T5828] EXT4-fs error (device loop1): ext4_do_update_inode:5174: inode #15: comm syz.1.576: corrupted inode contents
[  117.471409][ T5899] sch_tbf: burst 0 is lower than device veth0_to_team mtu (1514) !
[  117.667755][ T5909] loop1: detected capacity change from 0 to 8
[  117.738421][ T5912] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  117.896946][ T5923] netlink: 12 bytes leftover after parsing attributes in process `syz.1.617'.
[  118.203181][ T5516] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  118.453270][ T5516] usb 1-1: Using ep0 maxpacket: 16
[  118.505518][ T5947] loop3: detected capacity change from 0 to 256
[  118.573570][ T5516] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.593881][ T5947] exfat: Deprecated parameter 'namecase'
[  118.600772][ T5516] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  118.627164][ T5516] usb 1-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00
[  118.646909][ T5516] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.663287][ T5947] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d)
[  118.682135][ T5516] usb 1-1: config 0 descriptor??
[  118.692504][ T5947] exFAT-fs (loop3): failed to load alloc-bitmap
[  118.705938][ T5947] exFAT-fs (loop3): failed to recognize exfat type
[  118.787983][ T5937] loop2: detected capacity change from 0 to 32768
[  118.867162][ T5937] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.627 (5937)
[  118.907827][ T5933] loop1: detected capacity change from 0 to 40427
[  118.929092][ T5937] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  118.954229][ T5937] BTRFS info (device loop2): using free space tree
[  118.960784][ T5937] BTRFS info (device loop2): has skinny extents
[  119.066547][ T5933] F2FS-fs (loop1): Found nat_bits in checkpoint
[  119.178987][ T5516] bigben 0003:146B:0902.0006: unexpected rdesc, please submit for review
[  119.202034][ T5933] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  119.214113][ T5516] bigben 0003:146B:0902.0006: item fetching failed at offset 3/5
[  119.226997][ T5516] bigben 0003:146B:0902.0006: parse failed
[  119.265690][ T5516] bigben: probe of 0003:146B:0902.0006 failed with error -22
[  119.283107][ T5937] BTRFS info (device loop2): enabling ssd optimizations
[  119.354035][ T4175] attempt to access beyond end of device
[  119.354035][ T4175] loop1: rw=2049, want=45104, limit=40427
[  119.379214][ T5516] usb 1-1: USB disconnect, device number 8
[  119.754256][ T5991] loop3: detected capacity change from 0 to 512
[  119.849691][ T5991] EXT4-fs (loop3): Invalid log block size: 3607101440
[  120.275957][ T6002] loop2: detected capacity change from 0 to 2048
[  120.422894][ T6002] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  120.496840][ T6002] NILFS error (device loop2): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  120.507715][ T6017] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  120.522999][ T6015] loop1: detected capacity change from 0 to 1024
[  120.564702][ T6002] Remounting filesystem read-only
[  120.606622][ T6015] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  120.633048][ T6015] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.679473][ T5986] loop4: detected capacity change from 0 to 32768
[  120.687603][   T26] kauditd_printk_skb: 13 callbacks suppressed
[  120.687617][   T26] audit: type=1800 audit(1731865258.609:24): pid=6015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.650" name="file1" dev="loop1" ino=15 res=0 errno=0
[  120.716149][   T26] audit: type=1804 audit(1731865258.639:25): pid=6015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.650" name="/newroot/129/file1/file1" dev="loop1" ino=15 res=1 errno=0
[  120.894293][ T5986] XFS (loop4): Mounting V5 Filesystem
[  121.089165][ T5986] XFS (loop4): Ending clean mount
[  121.103243][ T5993] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  121.114251][ T5986] XFS (loop4): Quotacheck needed: Please wait.
[  121.157228][  T144] XFS (loop4): Metadata CRC error detected at xfs_agfl_read_verify+0x1ca/0x290, xfs_agfl block 0x3 
[  121.181436][  T144] XFS (loop4): Unmount and run xfs_repair
[  121.196082][ T6043] loop2: detected capacity change from 0 to 2048
[  121.202719][  T144] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  121.203215][ T6018] loop0: detected capacity change from 0 to 32768
[  121.212114][  T144] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed  XAF.......G...N.
[  121.232380][  T144] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00  .b..1...........
[  121.241623][  T144] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08  .;..............
[  121.260488][ T6043]  loop2: p1 < > p3
[  121.284389][  T144] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c  ................
[  121.294242][ T6043] loop2: p3 size 134217728 extends beyond EOD, truncated
[  121.324148][  T144] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  121.339100][   T26] audit: type=1800 audit(1731865259.259:26): pid=6018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.651" name="file1" dev="loop0" ino=4 res=0 errno=0
[  121.347054][ T6043] netlink: 'syz.2.658': attribute type 6 has an invalid length.
[  121.359875][ T5993] usb 4-1: Using ep0 maxpacket: 8
[  121.418015][  T144] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  121.448495][  T144] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  121.459079][  T144] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  121.474285][  T144] XFS (loop4): metadata I/O error in "xfs_alloc_read_agfl+0x224/0x3e0" at daddr 0x3 len 1 error 74
[  121.515903][ T5986] XFS (loop4): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  121.535138][ T5993] usb 4-1: config 0 has an invalid interface number: 52 but max is 0
[  121.548928][ T5993] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  121.587693][ T5993] usb 4-1: config 0 has no interface number 0
[  121.591151][ T4189] udevd[4189]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  121.607448][ T4164] udevd[4164]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  121.608205][ T5993] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  121.637550][ T5993] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  121.661037][ T5993] usb 4-1: config 0 interface 52 has no altsetting 0
[  121.688965][ T5993] usb 4-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[  121.701420][ T5993] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.703139][ T6046] netlink: 277 bytes leftover after parsing attributes in process `syz.2.660'.
[  121.720716][ T4189] udevd[4189]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  121.731526][ T4164] udevd[4164]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  121.751951][   T13] XFS (loop4): Metadata CRC error detected at xfs_agfl_read_verify+0x1ca/0x290, xfs_agfl block 0x3 
[  121.774374][ T5993] usb 4-1: config 0 descriptor??
[  121.789654][   T13] XFS (loop4): Unmount and run xfs_repair
[  121.806838][   T13] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  121.819892][   T13] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed  XAF.......G...N.
[  121.832231][   T13] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00  .b..1...........
[  121.850570][   T13] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08  .;..............
[  121.867436][   T13] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c  ................
[  121.882480][   T13] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  121.909407][   T13] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  121.921055][   T13] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  121.950105][ T6041] loop1: detected capacity change from 0 to 32768
[  121.952050][   T13] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  121.972076][ T5986] XFS (loop4): metadata I/O error in "xfs_alloc_read_agfl+0x224/0x3e0" at daddr 0x3 len 1 error 74
[  121.991872][ T6052] loop2: detected capacity change from 0 to 128
[  122.019600][ T4176] XFS (loop4): Unmounting Filesystem
[  122.036729][ T6052] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  122.047684][ T6052] ext4 filesystem being mounted at /142/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  122.084171][ T5993] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.52/input/input15
[  122.106188][ T6052] fscrypt (loop2, inode 12): Mutually exclusive encryption flags (0x18)
[  122.191633][ T6041] XFS (loop1): Mounting V5 Filesystem
[  122.288273][   T13] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  122.405039][ T6066] loop2: detected capacity change from 0 to 8192
[  122.430655][ T6041] XFS (loop1): Ending clean mount
[  122.439867][ T5993] usb 4-1: USB disconnect, device number 7
[  122.453112][ T6041] XFS (loop1): Quotacheck needed: Please wait.
[  122.539217][ T6066] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  122.548866][ T6066] REISERFS (device loop2): using ordered data mode
[  122.555571][ T6066] reiserfs: using flush barriers
[  122.561856][ T6066] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  122.578885][ T6066] REISERFS (device loop2): checking transaction log (loop2)
[  122.590574][ T6066] REISERFS (device loop2): Using r5 hash to sort names
[  122.649205][ T6041] XFS (loop1): Quotacheck: Done.
[  122.662715][ T6066] reiserfs: enabling write barrier flush mode
[  122.680526][   T26] audit: type=1800 audit(1731865260.599:27): pid=6041 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.654" name="file1" dev="loop1" ino=9286 res=0 errno=0
[  122.713285][   T13] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  122.732519][   T13] usb 1-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.747304][ T6066] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  122.763472][   T13] usb 1-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.798304][   T13] usb 1-1: config 0 interface 0 has no altsetting 0
[  122.818647][   T13] usb 1-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  122.831330][   T13] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.847890][ T4175] XFS (loop1): Unmounting Filesystem
[  122.854774][   T13] usb 1-1: config 0 descriptor??
[  123.031507][ T6075] loop3: detected capacity change from 0 to 256
[  123.154821][ T6075] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d)
[  123.193263][ T6075] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  123.307428][   T26] audit: type=1800 audit(1731865261.229:28): pid=6075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.670" name="file1" dev="loop3" ino=1048628 res=0 errno=0
[  123.347522][   T13] zeroplus 0003:0C12:0005.0007: item fetching failed at offset 1/5
[  123.375246][   T13] zeroplus 0003:0C12:0005.0007: parse failed
[  123.408684][   T13] zeroplus: probe of 0003:0C12:0005.0007 failed with error -22
[  123.475648][ T6073] loop4: detected capacity change from 0 to 32768
[  123.521199][ T6079] loop2: detected capacity change from 0 to 8192
[  123.541986][ T6073] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.668 (6073)
[  123.559785][ T5993] usb 1-1: USB disconnect, device number 9
[  123.596148][ T6079] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  123.607481][ T6079] REISERFS (device loop2): using ordered data mode
[  123.618559][ T6079] reiserfs: using flush barriers
[  123.623726][ T6073] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  123.633962][ T6073] BTRFS info (device loop4): using free space tree
[  123.642604][ T6073] BTRFS info (device loop4): has skinny extents
[  123.649326][ T6079] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  123.666256][ T6079] REISERFS (device loop2): checking transaction log (loop2)
[  123.698097][ T6090] loop3: detected capacity change from 0 to 1024
[  123.832358][ T6079] REISERFS (device loop2): Using tea hash to sort names
[  123.838125][ T6105] loop1: detected capacity change from 0 to 128
[  123.853285][ T6079] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  123.903247][ T6079] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  123.994660][ T6073] BTRFS info (device loop4): enabling ssd optimizations
[  124.007563][ T6114] netlink: 164320 bytes leftover after parsing attributes in process `syz.3.676'.
[  124.041096][   T26] audit: type=1800 audit(1731865261.959:29): pid=6073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.668" name="file1" dev="loop4" ino=260 res=0 errno=0
[  124.048411][ T6114] netlink: del zone limit has 4 unknown bytes
[  124.499684][ T6127] netlink: 'syz.1.683': attribute type 1 has an invalid length.
[  124.572519][ T6129] loop0: detected capacity change from 0 to 128
[  124.592483][ T6125] SET target dimension over the limit!
[  124.655906][ T6129] VFS: Found a Xenix FS (block size = 512) on device loop0
[  124.687771][ T6134] netlink: 8 bytes leftover after parsing attributes in process `syz.4.680'.
[  124.731287][ T6129] attempt to access beyond end of device
[  124.731287][ T6129] loop0: rw=0, want=8767745, limit=128
[  124.820342][ T6129] Buffer I/O error on dev loop0, logical block 8767744, async page read
[  124.873348][ T6129] attempt to access beyond end of device
[  124.873348][ T6129] loop0: rw=0, want=13269810, limit=128
[  124.922202][ T6129] Buffer I/O error on dev loop0, logical block 13269809, async page read
[  124.963070][ T6129] attempt to access beyond end of device
[  124.963070][ T6129] loop0: rw=0, want=1158, limit=128
[  125.003717][ T6129] Buffer I/O error on dev loop0, logical block 1157, async page read
[  125.031192][ T6155] sysfs: cannot create duplicate filename '/devices/virtual/tty/gsmtty1'
[  125.046812][ T6129] attempt to access beyond end of device
[  125.046812][ T6129] loop0: rw=0, want=3211265, limit=128
[  125.060393][   T26] audit: type=1326 audit(1731865262.979:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6154 comm="syz.1.693" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f56a0406719 code=0x0
[  125.106553][ T6155] CPU: 0 PID: 6155 Comm: syz.4.692 Not tainted 5.15.173-syzkaller #0
[  125.114682][ T6155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  125.124765][ T6155] Call Trace:
[  125.128064][ T6155]  <TASK>
[  125.131011][ T6155]  dump_stack_lvl+0x1e3/0x2d0
[  125.135718][ T6155]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  125.141389][ T6155]  ? panic+0x860/0x860
[  125.145498][ T6155]  ? sysfs_create_dir_ns+0x282/0x390
[  125.150802][ T6155]  sysfs_create_dir_ns+0x2c6/0x390
[  125.155926][ T6155]  ? sysfs_warn_dup+0xa0/0xa0
[  125.160607][ T6155]  ? do_raw_spin_unlock+0x137/0x8b0
[  125.165816][ T6155]  kobject_add_internal+0x6e0/0xe00
[  125.171030][ T6155]  kobject_add+0x14e/0x210
[  125.175450][ T6155]  ? kobject_init+0x1d0/0x1d0
[  125.180134][ T6155]  ? get_device_parent+0x295/0x400
[  125.185249][ T6155]  device_add+0x476/0xfd0
[  125.189591][ T6155]  tty_register_device_attr+0x436/0x960
[  125.195143][ T6155]  ? tty_register_device+0x30/0x30
[  125.200271][ T6155]  ? __raw_spin_lock_init+0x41/0x100
[  125.205564][ T6155]  gsm_activate_mux+0x187/0x330
[  125.210416][ T6155]  gsmld_ioctl+0xd46/0x15b0
[  125.214938][ T6155]  ? gsmld_write+0x120/0x120
[  125.219546][ T6155]  ? tty_ldisc_ref_wait+0x21/0x70
[  125.224576][ T6155]  ? ldsem_down_read+0xb2/0xe0
[  125.229344][ T6155]  ? gsmld_write+0x120/0x120
[  125.233933][ T6155]  tty_ioctl+0x8ff/0xc50
[  125.238171][ T6155]  ? bpf_lsm_file_ioctl+0x5/0x10
[  125.243110][ T6155]  ? tty_get_icount+0xa0/0xa0
[  125.247787][ T6155]  __se_sys_ioctl+0xf1/0x160
[  125.252443][ T6155]  do_syscall_64+0x3b/0xb0
[  125.256867][ T6155]  ? clear_bhb_loop+0x15/0x70
[  125.261546][ T6155]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  125.267445][ T6155] RIP: 0033:0x7f9583cef719
[  125.272643][ T6155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.292252][ T6155] RSP: 002b:00007f9582146038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  125.300673][ T6155] RAX: ffffffffffffffda RBX: 00007f9583ea7058 RCX: 00007f9583cef719
[  125.308648][ T6155] RDX: 0000000020000040 RSI: 00000000404c4701 RDI: 0000000000000003
[  125.316664][ T6155] RBP: 00007f9583d6275e R08: 0000000000000000 R09: 0000000000000000
[  125.324644][ T6155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  125.332612][ T6155] R13: 0000000000000001 R14: 00007f9583ea7058 R15: 00007ffcd6865698
[  125.340687][ T6155]  </TASK>
[  125.349513][ T6129] Buffer I/O error on dev loop0, logical block 3211264, async page read
[  125.380034][ T6129] attempt to access beyond end of device
[  125.380034][ T6129] loop0: rw=0, want=8768636, limit=128
[  125.411386][ T6129] Buffer I/O error on dev loop0, logical block 8768635, async page read
[  125.424269][ T6155] kobject_add_internal failed for gsmtty1 with -EEXIST, don't try to register things with the same name in the same directory.
[  125.440503][ T6129] attempt to access beyond end of device
[  125.440503][ T6129] loop0: rw=0, want=13466418, limit=128
[  125.459998][ T6129] Buffer I/O error on dev loop0, logical block 13466417, async page read
[  125.478796][ T6129] attempt to access beyond end of device
[  125.478796][ T6129] loop0: rw=0, want=209286, limit=128
[  125.492223][ T6129] Buffer I/O error on dev loop0, logical block 209285, async page read
[  125.511654][ T6129] attempt to access beyond end of device
[  125.511654][ T6129] loop0: rw=0, want=8767745, limit=128
[  125.529366][ T6129] Buffer I/O error on dev loop0, logical block 8767744, async page read
[  125.532365][ T6165] loop3: detected capacity change from 0 to 256
[  125.538287][ T6129] attempt to access beyond end of device
[  125.538287][ T6129] loop0: rw=0, want=13269810, limit=128
[  125.561875][ T6129] Buffer I/O error on dev loop0, logical block 13269809, async page read
[  125.572340][ T6129] attempt to access beyond end of device
[  125.572340][ T6129] loop0: rw=0, want=1158, limit=128
[  125.591494][ T6129] Buffer I/O error on dev loop0, logical block 1157, async page read
[  125.602513][   T26] audit: type=1800 audit(1731865263.529:31): pid=6129 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.684" name="/" dev="loop0" ino=2 res=0 errno=0
[  125.604811][ T6165] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  125.678746][ T4172] sysv_free_block: trying to free block not in datazone
[  125.719988][ T4172] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  125.784192][ T6165] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  126.190025][ T6180] loop2: detected capacity change from 0 to 1024
[  126.372006][ T6194] netlink: 40 bytes leftover after parsing attributes in process `syz.3.709'.
[  126.401624][ T6180] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,nodelalloc,acl,noinit_itable,,errors=continue. Quota mode: none.
[  126.424378][ T6192] loop4: detected capacity change from 0 to 4096
[  126.476544][ T6197] netlink: 4 bytes leftover after parsing attributes in process `syz.1.710'.
[  126.496381][ T6192] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512)
[  126.549459][ T6180] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: none.
[  126.573642][ T6192] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  126.608734][ T6202] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: none.
[  126.802957][ T5513] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  126.894129][ T4260] ntfs3: loop4: ntfs3_write_inode r=5 failed, -22.
[  126.913564][ T4176] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22.
[  126.950590][ T6213] bond0: option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  127.126841][ T6218] loop3: detected capacity change from 0 to 512
[  127.226516][ T6175] loop0: detected capacity change from 0 to 40427
[  127.256470][ T6218] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  127.272820][ T6224] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  127.313164][ T6218] EXT4-fs (loop3): 1 truncate cleaned up
[  127.319121][ T6218] EXT4-fs (loop3): mounted filesystem without journal. Opts: noload,data_err=abort,init_itable,norecovery,noinit_itable,max_dir_size_kb=0x0000000000000003,,errors=continue. Quota mode: none.
[  127.326681][ T6227] loop2: detected capacity change from 0 to 64
[  127.339759][ T5513] usb 2-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  127.354031][ T5513] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.362767][ T5513] usb 2-1: Product: syz
[  127.367428][ T5513] usb 2-1: Manufacturer: syz
[  127.377559][ T5513] usb 2-1: SerialNumber: syz
[  127.386473][ T5513] usb 2-1: config 0 descriptor??
[  127.421827][ T6175] F2FS-fs (loop0): Found nat_bits in checkpoint
[  127.435027][ T5513] i2c-tiny-usb 2-1:0.0: version 6d.cc found at bus 002 address 007
[  127.502364][ T6175] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  127.730917][ T6240] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  127.878062][ T5513]  (null): failure reading functionality
[  127.920962][ T5513] i2c i2c-1: failure reading functionality
[  127.959164][ T5513] i2c i2c-1: connected i2c-tiny-usb device
[  127.989932][ T5513] usb 2-1: USB disconnect, device number 7
[  128.011737][ T6250] loop2: detected capacity change from 0 to 512
[  128.118963][ T6245] loop4: detected capacity change from 0 to 4096
[  128.142087][ T6250] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  128.167187][ T6250] ext4 filesystem being mounted at /158/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.224323][ T6245] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  128.291360][ T6245] ntfs: (device loop4): parse_options(): NLS character set macgre˙
 not found. Using previous one utf8.
[  128.298045][ T6260] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  128.329046][ T6245] ntfs: (device loop4): read_ntfs_boot_sector(): Primary boot sector is invalid.
[  128.356240][ T6245] ntfs: (device loop4): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy.
[  128.421109][ T6245] ntfs: volume version 3.1.
[  128.457672][ T6264] loop3: detected capacity change from 0 to 512
[  128.559226][ T6264] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  128.581299][ T6245] ntfs: (device loop4): ntfs_setattr(): Changes in user/group/mode are not supported yet, ignoring.
[  128.599138][ T6264] EXT4-fs error (device loop3): ext4_get_branch:178: inode #13: block 2: comm syz.3.738: invalid block
[  128.624321][ T6264] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.738: invalid indirect mapped block 10 (level 1)
[  128.663656][   T26] audit: type=1326 audit(1731865266.589:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6275 comm="syz.0.742" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc85384a719 code=0x0
[  128.692718][ T6264] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.738: invalid indirect mapped block 8 (level 1)
[  128.773715][ T6264] EXT4-fs (loop3): 1 truncate cleaned up
[  128.783427][ T5513] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  128.801074][ T6264] EXT4-fs (loop3): mounted filesystem without journal. Opts: mblk_io_submit,resuid=0x000000000000ee00,,errors=continue. Quota mode: none.
[  129.080114][ T6283] loop3: detected capacity change from 0 to 16
[  129.127052][ T6283] erofs: (device loop3): mounted with root inode @ nid 36.
[  129.167214][ T5513] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.187479][ T5513] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.198231][ T5513] usb 2-1: config 0 interface 0 has no altsetting 0
[  129.205727][ T5513] usb 2-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00
[  129.215434][ T5513] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.228356][ T5513] usb 2-1: config 0 descriptor??
[  129.306765][ T6267] loop2: detected capacity change from 0 to 32768
[  129.479255][ T6267] XFS (loop2): Mounting V5 Filesystem
[  129.554562][ T6301] tap0: tun_chr_ioctl cmd 1074025677
[  129.560188][ T6301] tap0: linktype set to 6
[  129.569189][ T6267] XFS (loop2): Ending clean mount
[  129.715312][ T5513] kye 0003:0458:4018.0008: unknown main item tag 0x0
[  129.722077][ T5513] kye 0003:0458:4018.0008: unknown main item tag 0x0
[  129.740903][ T5513] kye 0003:0458:4018.0008: unknown main item tag 0x0
[  129.759666][ T5513] kye 0003:0458:4018.0008: unknown main item tag 0x0
[  129.773380][ T5513] kye 0003:0458:4018.0008: unknown main item tag 0x0
[  129.789185][ T5513] kye 0003:0458:4018.0008: hidraw0: USB HID v0.00 Device [HID 0458:4018] on usb-dummy_hcd.1-1/input0
[  129.834095][ T6312] program syz.0.756 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  129.878465][ T4179] XFS (loop2): Unmounting Filesystem
[  129.917838][ T6132] usb 2-1: USB disconnect, device number 8
[  130.111962][ T6281] loop4: detected capacity change from 0 to 32768
[  130.246393][ T6324] netlink: 8 bytes leftover after parsing attributes in process `syz.3.763'.
[  130.730584][ T6337] loop1: detected capacity change from 0 to 4096
[  130.733179][ T5516] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  130.970393][ T6353] loop2: detected capacity change from 0 to 128
[  131.051348][ T6353] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  131.101281][ T6353] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  131.113516][ T5516] usb 1-1: config 4 has an invalid interface number: 44 but max is 0
[  131.122530][ T5516] usb 1-1: config 4 has no interface number 0
[  131.199964][ T6358] loop1: detected capacity change from 0 to 256
[  131.258743][ T6362] loop4: detected capacity change from 0 to 2048
[  131.262460][ T6353] EXT4-fs (loop2): ext4_remount: Checksum for group 0 failed (30846!=65535)
[  131.283626][ T5516] usb 1-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice=80.20
[  131.293971][ T6358] exfat: Deprecated parameter 'utf8'
[  131.301189][ T5516] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.321441][ T6362] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  131.338509][ T5516] usb 1-1: Product: syz
[  131.348048][ T6358] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  131.360455][ T5516] usb 1-1: Manufacturer: syz
[  131.368423][ T5516] usb 1-1: SerialNumber: syz
[  131.760698][ T6372] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  131.798736][ T6347] loop3: detected capacity change from 0 to 32768
[  131.807174][ T6372] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.814750][ T6372] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.827970][ T6374] loop4: detected capacity change from 0 to 8
[  131.883395][ T5516] dvb-usb: found a 'Gigabyte U7000' in warm state.
[  131.883903][ T6374] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  131.896732][ T5516] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  131.963818][ T5516] dvbdev: DVB: registering new adapter (Gigabyte U7000)
[  131.970977][ T5516] usb 1-1: media controller created
[  132.010144][ T5516] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  132.163740][ T6347] XFS (loop3): Mounting V5 Filesystem
[  132.204664][ T5516] DVB: Unable to find symbol dib7000p_attach()
[  132.212042][ T5516] dvb-usb: no frontend was attached by 'Gigabyte U7000'
[  132.313199][ T5516] rc_core: IR keymap rc-dib0700-rc5 not found
[  132.319374][ T5516] Registered IR keymap rc-empty
[  132.329223][ T5516] dvb-usb: could not initialize remote control.
[  132.337254][ T5516] dvb-usb: Gigabyte U7000 successfully initialized and connected.
[  132.350158][ T6347] XFS (loop3): Ending clean mount
[  132.392423][ T4185] XFS (loop3): Unmounting Filesystem
[  132.480677][ T6370] loop2: detected capacity change from 0 to 40427
[  132.588354][ T5516] usb 1-1: USB disconnect, device number 10
[  132.615206][ T6370] F2FS-fs (loop2): invalid crc value
[  132.632047][ T5516] dvb-usb: Gigabyte U7000 successfully deinitialized and disconnected.
[  132.655459][ T6370] F2FS-fs (loop2): Found nat_bits in checkpoint
[  132.705672][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  132.712409][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  132.743469][ T6402] netlink: 48 bytes leftover after parsing attributes in process `syz.4.795'.
[  132.803388][ T6370] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  132.909823][ T4179] handle_bad_sector: 5 callbacks suppressed
[  132.909843][ T4179] attempt to access beyond end of device
[  132.909843][ T4179] loop2: rw=2049, want=45104, limit=40427
[  133.126237][ T6409] loop4: detected capacity change from 0 to 256
[  133.287910][ T6409] FAT-fs (loop4): Directory bread(block 64) failed
[  133.329023][ T6409] FAT-fs (loop4): Directory bread(block 65) failed
[  133.339937][ T6409] FAT-fs (loop4): Directory bread(block 66) failed
[  133.372992][ T6409] FAT-fs (loop4): Directory bread(block 67) failed
[  133.379701][ T6409] FAT-fs (loop4): Directory bread(block 68) failed
[  133.403039][ T6409] FAT-fs (loop4): Directory bread(block 69) failed
[  133.409689][ T6409] FAT-fs (loop4): Directory bread(block 70) failed
[  133.433361][ T6409] FAT-fs (loop4): Directory bread(block 71) failed
[  133.443298][ T6409] FAT-fs (loop4): Directory bread(block 72) failed
[  133.449867][ T6409] FAT-fs (loop4): Directory bread(block 73) failed
[  133.483097][ T6396] loop1: detected capacity change from 0 to 32768
[  133.637794][ T6396] XFS (loop1): Mounting V5 Filesystem
[  133.809910][ T6396] XFS (loop1): Ending clean mount
[  133.819293][ T6396] XFS (loop1): Quotacheck needed: Please wait.
[  133.863201][ T4219] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  133.913246][ T6396] XFS (loop1): Quotacheck: Done.
[  133.961318][ T4175] XFS (loop1): Unmounting Filesystem
[  134.043298][ T5516] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  134.135303][ T6451] loop4: detected capacity change from 0 to 512
[  134.246587][ T6451] EXT4-fs (loop4): Ignoring removed orlov option
[  134.283332][ T4219] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  134.303277][ T5516] usb 3-1: Using ep0 maxpacket: 32
[  134.318170][ T4219] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  134.328901][ T6451] EXT4-fs (loop4): 1 orphan inode deleted
[  134.336266][ T6451] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,auto_da_alloc,init_itable,stripe=0x000000000000007b,orlov,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  134.357415][ T6451] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.422686][ T6461] netlink: 'syz.3.816': attribute type 3 has an invalid length.
[  134.433025][ T5516] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  134.447168][ T5516] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.455520][ T4219] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  134.455552][ T4219] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  134.455575][ T4219] usb 1-1: SerialNumber: syz
[  134.487947][ T6463] loop1: detected capacity change from 0 to 64
[  134.489162][ T6461] netlink: 'syz.3.816': attribute type 1 has an invalid length.
[  134.497263][ T5516] usb 3-1: config 0 descriptor??
[  134.516907][ T6461] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.816'.
[  134.548798][ T5516] gspca_main: sunplus-2.14.0 probing 041e:400b
[  134.776491][ T4219] usb 1-1: 0:2 : does not exist
[  134.812975][ T6473] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  134.950123][ T4219] usb 1-1: USB disconnect, device number 11
[  135.092337][ T6489] loop4: detected capacity change from 0 to 512
[  135.120006][ T6489] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  135.133474][ T6489] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 not in group (block 1)!
[  135.153336][ T6489] EXT4-fs (loop4): group descriptors corrupted!
[  135.215943][ T4189] udevd[4189]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  135.389961][ T6498] loop4: detected capacity change from 0 to 512
[  135.414543][ T5516] gspca_sunplus: reg_w_riv err -71
[  135.420183][ T5516] sunplus: probe of 3-1:0.0 failed with error -71
[  135.430127][ T5516] usb 3-1: USB disconnect, device number 5
[  135.539477][ T6498] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,,errors=continue. Quota mode: writeback.
[  135.572426][ T6498] ext4 filesystem being mounted at /141/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  135.695587][ T6492] loop1: detected capacity change from 0 to 32768
[  135.743130][ T5511] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  135.800192][ T6492] XFS (loop1): Mounting V5 Filesystem
[  135.993211][ T5511] usb 1-1: Using ep0 maxpacket: 16
[  136.007362][ T6492] XFS (loop1): Ending clean mount
[  136.020383][ T6492] XFS (loop1): Quotacheck needed: Please wait.
[  136.087700][ T6492] XFS (loop1): Quotacheck: Done.
[  136.123604][ T5511] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  136.132372][ T5511] usb 1-1: config 0 has no interface number 0
[  136.169999][ T5511] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  136.194461][ T5511] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  136.209375][ T5511] usb 1-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  136.214980][ T6529] loop2: detected capacity change from 0 to 4096
[  136.220640][ T5511] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.244100][ T5511] usb 1-1: config 0 descriptor??
[  136.257929][ T4175] XFS (loop1): Unmounting Filesystem
[  136.294470][ T6529] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512)
[  136.469522][ T6529] ntfs3: loop2: mft corrupted
[  136.475869][ T6529] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  136.855461][  T150] block nbd3: Attempted send on invalid socket
[  136.862954][  T150] blk_update_request: I/O error, dev nbd3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  136.883290][  T150] block nbd3: Attempted send on invalid socket
[  136.889557][  T150] blk_update_request: I/O error, dev nbd3, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  136.913093][ T6542] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  136.939890][ T6530] loop4: detected capacity change from 0 to 32768
[  136.947142][ T5511] uclogic 0003:28BD:0071.0009: pen parameters not found
[  136.960270][ T5511] uclogic 0003:28BD:0071.0009: interface is invalid, ignoring
[  136.998250][ T6551] loop1: detected capacity change from 0 to 1024
[  137.006422][ T1201] block nbd3: Attempted send on invalid socket
[  137.007992][ T6550] loop2: detected capacity change from 0 to 1024
[  137.013135][ T1201] blk_update_request: I/O error, dev nbd3, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  137.036120][ T6542] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  137.046067][ T6542] UDF-fs: warning (device nbd3): udf_load_vrs: No anchor found
[  137.055212][ T6542] UDF-fs: Scanning with blocksize 512 failed
[  137.064961][ T1201] block nbd3: Attempted send on invalid socket
[  137.071180][ T1201] blk_update_request: I/O error, dev nbd3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  137.086766][ T1201] block nbd3: Attempted send on invalid socket
[  137.093142][ T1201] blk_update_request: I/O error, dev nbd3, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  137.104719][ T6542] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  137.120415][ T1201] block nbd3: Attempted send on invalid socket
[  137.126749][ T1201] blk_update_request: I/O error, dev nbd3, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  137.133138][   T26] audit: type=1800 audit(1731865275.049:33): pid=6550 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.852" name="file1" dev="loop2" ino=20 res=0 errno=0
[  137.156801][ T6550] hfsplus: can't free extent
[  137.158859][ T6542] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  137.183080][ T6542] UDF-fs: warning (device nbd3): udf_load_vrs: No anchor found
[  137.186633][ T4216] usb 1-1: USB disconnect, device number 12
[  137.196895][ T6542] UDF-fs: Scanning with blocksize 1024 failed
[  137.215074][  T150] block nbd3: Attempted send on invalid socket
[  137.221306][  T150] blk_update_request: I/O error, dev nbd3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  137.239933][  T150] block nbd3: Attempted send on invalid socket
[  137.246218][  T150] blk_update_request: I/O error, dev nbd3, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  137.259191][ T6542] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  137.278920][ T6530] XFS (loop4): Mounting V5 Filesystem
[  137.289026][  T150] block nbd3: Attempted send on invalid socket
[  137.295485][  T150] blk_update_request: I/O error, dev nbd3, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  137.308814][ T6542] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  137.326317][ T6542] UDF-fs: warning (device nbd3): udf_load_vrs: No anchor found
[  137.338314][ T6542] UDF-fs: Scanning with blocksize 2048 failed
[  137.345103][  T150] block nbd3: Attempted send on invalid socket
[  137.351369][  T150] blk_update_request: I/O error, dev nbd3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  137.407710][ T6542] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  137.426085][ T6542] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  137.444687][ T6530] XFS (loop4): Ending clean mount
[  137.453806][ T6542] UDF-fs: warning (device nbd3): udf_load_vrs: No anchor found
[  137.465695][ T4260] hfsplus: b-tree write err: -5, ino 4
[  137.482140][ T6530] XFS (loop4): Quotacheck needed: Please wait.
[  137.518223][ T6542] UDF-fs: Scanning with blocksize 4096 failed
[  137.559683][ T6542] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1)
[  137.611580][ T6530] XFS (loop4): Quotacheck: Done.
[  137.695901][ T4176] XFS (loop4): Unmounting Filesystem
[  138.044859][ T6577] loop0: detected capacity change from 0 to 4096
[  138.153661][ T6577] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[  138.313319][   T26] audit: type=1800 audit(1731865276.229:34): pid=6577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.861" name="file1" dev="loop0" ino=33 res=0 errno=0
[  138.615079][ T6609] netlink: 224 bytes leftover after parsing attributes in process `syz.3.876'.
[  138.652335][ T6609] netlink: 'syz.3.876': attribute type 1 has an invalid length.
[  138.926134][ T6629] loop0: detected capacity change from 0 to 256
[  138.974873][ T6629] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[  139.043419][   T26] audit: type=1800 audit(1731865276.969:35): pid=6629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.885" name="file2" dev="loop0" ino=1048630 res=0 errno=0
[  139.062997][ T6629] exFAT-fs (loop0): hint_cluster is invalid (17)
[  139.095815][ T6629] exFAT-fs (loop0): error, invalid access to FAT (entry 0xffffffff)
[  139.123474][ T6629] exFAT-fs (loop0): Filesystem has been set read-only
[  139.136239][ T6633] loop1: detected capacity change from 0 to 4096
[  139.158884][   T26] audit: type=1804 audit(1731865277.079:36): pid=6642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.885" name="/newroot/151/file2/file2" dev="loop0" ino=1048630 res=1 errno=0
[  139.209512][ T6633] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[  139.292378][ T6648] loop2: detected capacity change from 0 to 512
[  139.334361][ T5513] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  139.365881][ T4175] ntfs3: loop1: ntfs_sync_fs r=1a failed, -22.
[  139.372176][ T4175] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  139.391549][ T4175] ntfs3: loop1: ntfs_evict_inode r=1a failed, -22.
[  139.448809][ T6648] EXT4-fs (loop2): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  139.473347][ T6648] ext4 filesystem being mounted at /186/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  139.733177][ T5513] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  139.772909][ T5513] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  139.782788][ T5513] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  139.788424][ T6668] netlink: 76 bytes leftover after parsing attributes in process `syz.1.905'.
[  139.854883][ T5513] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.913459][ T6639] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  139.989128][ T6678] loop2: detected capacity change from 0 to 256
[  140.073989][ T6678] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0xa154a131, utbl_chksum : 0xe619d30d)
[  140.164085][ T5513] usb 5-1: USB disconnect, device number 8
[  140.280362][ T6692] netlink: 8 bytes leftover after parsing attributes in process `syz.0.914'.
[  140.449083][ T6698] loop2: detected capacity change from 0 to 64
[  140.454358][ T4189] udevd[4189]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  140.612965][ T6702] loop3: detected capacity change from 0 to 1024
[  140.675447][ T6707] loop2: detected capacity change from 0 to 2048
[  140.745289][ T6707] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  140.780336][ T6675] hfsplus: request for non-existent node 211 in B*Tree
[  140.784874][ T6707] UDF-fs: error (device loop2): udf_rename: failed to find renamed entry again in directory (ino 1376)
[  140.797136][ T6675] hfsplus: request for non-existent node 211 in B*Tree
[  140.936297][ T6711] loop0: detected capacity change from 0 to 128
[  141.062329][ T6711] VFS: Found a Xenix FS (block size = 512) on device loop0
[  141.068257][  T487] hfsplus: b-tree write err: -5, ino 8
[  141.091248][ T6711] sysv_free_block: trying to free block not in datazone
[  141.219559][ T6722] loop3: detected capacity change from 0 to 512
[  141.268830][ T4172] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  141.288566][ T6726] loop4: detected capacity change from 0 to 2048
[  141.311945][ T6722] EXT4-fs (loop3): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  141.383166][ T6722] ext4 filesystem being mounted at /235/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.390931][ T6731] loop0: detected capacity change from 0 to 64
[  141.456127][ T6726] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  141.493195][ T6132] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  141.519347][   T26] audit: type=1800 audit(1731865279.439:37): pid=6726 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.929" name="bus" dev="loop4" ino=18 res=0 errno=0
[  141.772446][ T6748] loop2: detected capacity change from 0 to 256
[  141.790071][ T6132] usb 2-1: Using ep0 maxpacket: 8
[  141.827171][ T6750] loop4: detected capacity change from 0 to 256
[  141.905057][ T6748] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000006)
[  141.933197][ T6132] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  141.944982][ T6744] loop0: detected capacity change from 0 to 4096
[  141.954832][ T6132] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  141.973780][ T6748] FAT-fs (loop2): Filesystem has been set read-only
[  141.983029][ T6132] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  141.999878][ T6132] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  142.023360][ T6132] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  142.032458][ T6132] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.353132][ T6132] usb 2-1: GET_CAPABILITIES returned 0
[  142.362404][ T6132] usbtmc 2-1:16.0: can't read capabilities
[  142.558755][ T6771] loop2: detected capacity change from 0 to 2048
[  142.569719][ T6720] usbtmc 2-1:16.0: send_request_dev_dep_msg_in returned -90
[  142.579496][ T4219] usb 2-1: USB disconnect, device number 9
[  142.632302][ T6778] netlink: 'syz.0.949': attribute type 29 has an invalid length.
[  142.640726][ T6778] netlink: 'syz.0.949': attribute type 29 has an invalid length.
[  142.651050][ T6778] netlink: 'syz.0.949': attribute type 29 has an invalid length.
[  142.661225][ T6778] netlink: 'syz.0.949': attribute type 29 has an invalid length.
[  142.698150][ T6771] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  142.727701][ T6775] ODEBUG: Out of memory. ODEBUG disabled
[  142.920938][ T6785] loop0: detected capacity change from 0 to 512
[  143.063399][ T6761] loop4: detected capacity change from 0 to 32768
[  143.101571][ T6785] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrquota,grpjquota=,nodelalloc,,errors=continue. Quota mode: writeback.
[  143.123171][ T6785] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.153366][ T6761] XFS: noikeep mount option is deprecated.
[  143.248298][ T6761] XFS (loop4): Mounting V5 Filesystem
[  143.481923][ T6761] XFS (loop4): Ending clean mount
[  143.579710][ T6761] XFS (loop4): Quotacheck needed: Please wait.
[  143.708499][ T6761] XFS (loop4): Quotacheck: Done.
[  143.918256][ T4176] XFS (loop4): Unmounting Filesystem
[  143.934537][ T6835] loop0: detected capacity change from 0 to 256
[  144.152924][ T1109] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  144.354278][ T6848] syz.2.976[6848] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  144.354384][ T6848] syz.2.976[6848] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  144.496586][ T6855] netlink: 16 bytes leftover after parsing attributes in process `syz.4.968'.
[  144.533546][ T1109] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.535556][ T6855] netlink: 92 bytes leftover after parsing attributes in process `syz.4.968'.
[  144.554705][ T1109] usb 4-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  144.574610][ T1109] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.611663][ T1109] usb 4-1: config 0 descriptor??
[  144.856224][ T6875] sctp: [Deprecated]: syz.2.988 (pid 6875) Use of struct sctp_assoc_value in delayed_ack socket option.
[  144.856224][ T6875] Use struct sctp_sack_info instead
[  144.973491][ T5516] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  145.110288][ T1109] steelseries_srws1 0003:1038:1410.000A: unknown main item tag 0x0
[  145.123718][ T1109] steelseries_srws1 0003:1038:1410.000A: unknown main item tag 0x0
[  145.131717][ T1109] steelseries_srws1 0003:1038:1410.000A: unknown main item tag 0x0
[  145.187446][ T1109] steelseries_srws1 0003:1038:1410.000A: unknown main item tag 0x0
[  145.203578][ T1109] steelseries_srws1 0003:1038:1410.000A: unknown main item tag 0x0
[  145.211574][ T1109] steelseries_srws1 0003:1038:1410.000A: unknown main item tag 0x0
[  145.243123][ T1109] steelseries_srws1 0003:1038:1410.000A: unexpected long global item
[  145.252560][ T1109] steelseries_srws1 0003:1038:1410.000A: parse failed
[  145.273189][ T1109] steelseries_srws1: probe of 0003:1038:1410.000A failed with error -22
[  145.320578][ T1109] usb 4-1: USB disconnect, device number 8
[  145.493472][ T5516] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  145.502649][ T5516] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.525147][ T5516] usb 1-1: Product: syz
[  145.533436][ T5516] usb 1-1: Manufacturer: syz
[  145.538068][ T5516] usb 1-1: SerialNumber: syz
[  145.550088][ T6869] loop4: detected capacity change from 0 to 32768
[  145.568370][ T5516] usb 1-1: config 0 descriptor??
[  145.627878][ T5516] garmin_gps 1-1:0.0: Garmin GPS usb/tty converter detected
[  145.652769][ T6885] loop2: detected capacity change from 0 to 32768
[  145.662152][ T5516] garmin_gps ttyUSB0: failed to submit interrupt urb: -22
[  145.683111][ T5516] garmin_gps: probe of ttyUSB0 failed with error -22
[  145.768651][ T6885] 
[  145.768651][ T6885]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  145.768651][ T6885] 
[  145.801155][ T6885] ERROR: (device loop2): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 4
[  145.801155][ T6885] 
[  145.829630][ T5516] usb 1-1: USB disconnect, device number 13
[  145.844933][ T5516] garmin_gps 1-1:0.0: device disconnected
[  145.891753][ T4179] 
[  145.891753][ T4179]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  145.891753][ T4179] 
[  145.919136][ T4179] 
[  145.919136][ T4179]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  145.919136][ T4179] 
[  146.440768][ T6928] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  146.474339][ T6928] batman_adv: batadv0: Removing interface: batadv_slave_0
[  146.529588][ T6928] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  146.716736][ T6934] loop1: detected capacity change from 0 to 2048
[  146.840989][ T6934] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  146.900199][ T6945] loop0: detected capacity change from 0 to 2048
[  146.903189][ T6934] ext4 filesystem being mounted at /194/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.983365][ T6934] EXT4-fs (loop1): shut down requested (1)
[  147.063252][ T6949] netlink: 'syz.4.1021': attribute type 1 has an invalid length.
[  147.080137][ T6945] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  147.143762][ T6945] attempt to access beyond end of device
[  147.143762][ T6945] loop0: rw=524288, want=33554432, limit=2048
[  147.155602][ T6950] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  147.273234][ T6945] NILFS error (device loop0): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=72057594037927938, rec_len=0, name_len=0
[  147.341060][ T6955] NILFS error (device loop0): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=72057594037927938, rec_len=0, name_len=0
[  147.473768][ T6922] loop2: detected capacity change from 0 to 40427
[  147.541680][ T6922] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  147.564092][ T6922] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  147.586570][ T6922] F2FS-fs (loop2): invalid crc value
[  147.634860][ T6922] F2FS-fs (loop2): Found nat_bits in checkpoint
[  147.743511][ T6922] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  147.759313][ T6922] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  147.843019][ T4219] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  147.879850][ T6967] loop0: detected capacity change from 0 to 4096
[  147.890706][ T6952] loop1: detected capacity change from 0 to 40427
[  147.938257][ T6952] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  147.948217][ T6952] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  147.970899][ T6952] F2FS-fs (loop1): invalid crc value
[  147.994112][ T6952] F2FS-fs (loop1): Found nat_bits in checkpoint
[  148.021993][ T6976] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  148.051672][   T26] audit: type=1800 audit(1731865285.969:38): pid=6967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1026" name="file1" dev="loop0" ino=15 res=0 errno=0
[  148.193235][ T6952] F2FS-fs (loop1): Start checkpoint disabled!
[  148.233232][ T4219] usb 5-1: config 0 has no interfaces?
[  148.237460][ T6983] loop0: detected capacity change from 0 to 128
[  148.238758][ T4219] usb 5-1: New USB device found, idVendor=056a, idProduct=0016, bcdDevice= 0.00
[  148.275516][ T6952] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  148.282591][ T6952] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  148.300340][ T4219] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.324437][ T4219] usb 5-1: config 0 descriptor??
[  148.493935][ T6701] 
[  148.496305][ T6701] ======================================================
[  148.501311][ T4241] attempt to access beyond end of device
[  148.501311][ T4241] loop1: rw=2049, want=41000, limit=40427
[  148.503321][ T6701] WARNING: possible circular locking dependency detected
[  148.503331][ T6701] 5.15.173-syzkaller #0 Not tainted
[  148.503341][ T6701] ------------------------------------------------------
[  148.503348][ T6701] udevd/6701 is trying to acquire lock:
[  148.503358][ T6701] ffff88807b017138 ((wq_completion)loop0){+.+.}-{0:0}, at: flush_workqueue+0x154/0x1610
[  148.503415][ T6701] 
[  148.503415][ T6701] but task is already holding lock:
[  148.503421][ T6701] ffff888020bcc468 (&lo->lo_mutex){+.+.}-{3:3}, at: __loop_clr_fd+0xa9/0xbe0
[  148.503466][ T6701] 
[  148.503466][ T6701] which lock already depends on the new lock.
[  148.503466][ T6701] 
[  148.503473][ T6701] 
[  148.503473][ T6701] the existing dependency chain (in reverse order) is:
[  148.503480][ T6701] 
[  148.503480][ T6701] -> #7 (&lo->lo_mutex){+.+.}-{3:3}:
[  148.503509][ T6701]        lock_acquire+0x1db/0x4f0
[  148.503528][ T6701]        __mutex_lock_common+0x1da/0x25a0
[  148.503550][ T6701]        mutex_lock_killable_nested+0x17/0x20
[  148.503569][ T6701]        lo_open+0x68/0x100
[  148.613585][ T6701]        blkdev_get_whole+0x94/0x390
[  148.618877][ T6701]        blkdev_get_by_dev+0x2bc/0xa50
[  148.624333][ T6701]        blkdev_open+0x138/0x2d0
[  148.629268][ T6701]        do_dentry_open+0x807/0xfb0
[  148.634461][ T6701]        path_openat+0x2705/0x2f20
[  148.639561][ T6701]        do_filp_open+0x21c/0x460
[  148.644577][ T6701]        do_sys_openat2+0x13b/0x4f0
[  148.649770][ T6701]        __x64_sys_openat+0x243/0x290
[  148.655133][ T6701]        do_syscall_64+0x3b/0xb0
[  148.660078][ T6701]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  148.666489][ T6701] 
[  148.666489][ T6701] -> #6 (&disk->open_mutex){+.+.}-{3:3}:
[  148.674300][ T6701]        lock_acquire+0x1db/0x4f0
[  148.679318][ T6701]        __mutex_lock_common+0x1da/0x25a0
[  148.685063][ T6701]        mutex_lock_nested+0x17/0x20
[  148.690344][ T6701]        blkdev_get_by_dev+0x14d/0xa50
[  148.695795][ T6701]        swsusp_check+0xb1/0x2c0
[  148.700744][ T6701]        software_resume+0xc6/0x3c0
[  148.705938][ T6701]        resume_store+0xe3/0x130
[  148.710873][ T6701]        kernfs_fop_write_iter+0x3a2/0x4f0
[  148.716677][ T6701]        vfs_write+0xacd/0xe50
[  148.721442][ T6701]        ksys_write+0x1a2/0x2c0
[  148.726667][ T6701]        do_syscall_64+0x3b/0xb0
[  148.731600][ T6701]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  148.738013][ T6701] 
[  148.738013][ T6701] -> #5 (system_transition_mutex/1){+.+.}-{3:3}:
[  148.746522][ T6701]        lock_acquire+0x1db/0x4f0
[  148.751539][ T6701]        __mutex_lock_common+0x1da/0x25a0
[  148.757251][ T6701]        mutex_lock_nested+0x17/0x20
[  148.762530][ T6701]        software_resume+0x7c/0x3c0
[  148.767723][ T6701]        resume_store+0xe3/0x130
[  148.772656][ T6701]        kernfs_fop_write_iter+0x3a2/0x4f0
[  148.778461][ T6701]        vfs_write+0xacd/0xe50
[  148.783221][ T6701]        ksys_write+0x1a2/0x2c0
[  148.788065][ T6701]        do_syscall_64+0x3b/0xb0
[  148.792996][ T6701]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  148.799409][ T6701] 
[  148.799409][ T6701] -> #4 (&of->mutex){+.+.}-{3:3}:
[  148.806613][ T6701]        lock_acquire+0x1db/0x4f0
[  148.811635][ T6701]        __mutex_lock_common+0x1da/0x25a0
[  148.817347][ T6701]        mutex_lock_nested+0x17/0x20
[  148.822624][ T6701]        kernfs_seq_start+0x50/0x3b0
[  148.827911][ T6701]        seq_read_iter+0x3d0/0xd10
[  148.833037][ T6701]        vfs_read+0xa93/0xe10
[  148.837715][ T6701]        ksys_read+0x1a2/0x2c0
[  148.842475][ T6701]        do_syscall_64+0x3b/0xb0
[  148.847407][ T6701]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  148.853816][ T6701] 
[  148.853816][ T6701] -> #3 (&p->lock){+.+.}-{3:3}:
[  148.860844][ T6701]        lock_acquire+0x1db/0x4f0
[  148.865861][ T6701]        __mutex_lock_common+0x1da/0x25a0
[  148.871574][ T6701]        mutex_lock_nested+0x17/0x20
[  148.876849][ T6701]        seq_read_iter+0xae/0xd10
[  148.881877][ T6701]        generic_file_splice_read+0x4ad/0x790
[  148.887937][ T6701]        splice_direct_to_actor+0x448/0xc10
[  148.893823][ T6701]        do_splice_direct+0x285/0x3d0
[  148.899191][ T6701]        do_sendfile+0x622/0x1000
[  148.904211][ T6701]        __se_sys_sendfile64+0x178/0x1e0
[  148.909959][ T6701]        do_syscall_64+0x3b/0xb0
[  148.914905][ T6701]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  148.921322][ T6701] 
[  148.921322][ T6701] -> #2 (sb_writers#3){.+.+}-{0:0}:
[  148.928712][ T6701]        lock_acquire+0x1db/0x4f0
[  148.933752][ T6701]        lo_write_bvec+0x1a3/0x740
[  148.938864][ T6701]        loop_process_work+0x2309/0x2af0
[  148.944490][ T6701]        process_one_work+0x8a1/0x10c0
[  148.949956][ T6701]        worker_thread+0xaca/0x1280
[  148.955148][ T6701]        kthread+0x3f6/0x4f0
[  148.959738][ T6701]        ret_from_fork+0x1f/0x30
[  148.964671][ T6701] 
[  148.964671][ T6701] -> #1 ((work_completion)(&worker->work)){+.+.}-{0:0}:
[  148.974497][ T6701]        lock_acquire+0x1db/0x4f0
[  148.979514][ T6701]        process_one_work+0x7f1/0x10c0
[  148.985502][ T6701]        worker_thread+0xaca/0x1280
[  148.990692][ T6701]        kthread+0x3f6/0x4f0
[  148.995279][ T6701]        ret_from_fork+0x1f/0x30
[  149.000210][ T6701] 
[  149.000210][ T6701] -> #0 ((wq_completion)loop0){+.+.}-{0:0}:
[  149.008284][ T6701]        validate_chain+0x1649/0x5930
[  149.013654][ T6701]        __lock_acquire+0x1295/0x1ff0
[  149.019016][ T6701]        lock_acquire+0x1db/0x4f0
[  149.024033][ T6701]        flush_workqueue+0x170/0x1610
[  149.029397][ T6701]        drain_workqueue+0xc5/0x390
[  149.034603][ T6701]        destroy_workqueue+0x7b/0xae0
[  149.039986][ T6701]        __loop_clr_fd+0x241/0xbe0
[  149.045108][ T6701]        blkdev_put+0x455/0x790
[  149.049957][ T6701]        blkdev_close+0x7c/0xa0
[  149.054808][ T6701]        __fput+0x3fe/0x8e0
[  149.059321][ T6701]        task_work_run+0x129/0x1a0
[  149.064448][ T6701]        exit_to_user_mode_loop+0x106/0x130
[  149.070337][ T6701]        exit_to_user_mode_prepare+0xb1/0x140
[  149.076402][ T6701]        syscall_exit_to_user_mode+0x5d/0x240
[  149.082505][ T6701]        do_syscall_64+0x47/0xb0
[  149.087448][ T6701]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  149.093864][ T6701] 
[  149.093864][ T6701] other info that might help us debug this:
[  149.093864][ T6701] 
[  149.104091][ T6701] Chain exists of:
[  149.104091][ T6701]   (wq_completion)loop0 --> &disk->open_mutex --> &lo->lo_mutex
[  149.104091][ T6701] 
[  149.118372][ T6701]  Possible unsafe locking scenario:
[  149.118372][ T6701] 
[  149.125823][ T6701]        CPU0                    CPU1
[  149.131187][ T6701]        ----                    ----
[  149.136542][ T6701]   lock(&lo->lo_mutex);
[  149.140782][ T6701]                                lock(&disk->open_mutex);
[  149.147883][ T6701]                                lock(&lo->lo_mutex);
[  149.154636][ T6701]   lock((wq_completion)loop0);
[  149.159483][ T6701] 
[  149.159483][ T6701]  *** DEADLOCK ***
[  149.159483][ T6701] 
[  149.167612][ T6701] 2 locks held by udevd/6701:
[  149.172276][ T6701]  #0: ffff8880208d4518 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xfb/0x790
[  149.181591][ T6701]  #1: ffff888020bcc468 (&lo->lo_mutex){+.+.}-{3:3}, at: __loop_clr_fd+0xa9/0xbe0
[  149.190814][ T6701] 
[  149.190814][ T6701] stack backtrace:
[  149.196691][ T6701] CPU: 0 PID: 6701 Comm: udevd Not tainted 5.15.173-syzkaller #0
[  149.204400][ T6701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  149.214446][ T6701] Call Trace:
[  149.217722][ T6701]  <TASK>
[  149.220647][ T6701]  dump_stack_lvl+0x1e3/0x2d0
[  149.225325][ T6701]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  149.230957][ T6701]  ? print_circular_bug+0x12b/0x1a0
[  149.236153][ T6701]  check_noncircular+0x2f8/0x3b0
[  149.241090][ T6701]  ? add_chain_block+0x850/0x850
[  149.246022][ T6701]  ? lockdep_lock+0x11f/0x2a0
[  149.250700][ T6701]  ? rcu_lock_release+0x5/0x20
[  149.255459][ T6701]  ? reacquire_held_locks+0x660/0x660
[  149.260828][ T6701]  validate_chain+0x1649/0x5930
[  149.265696][ T6701]  ? reacquire_held_locks+0x660/0x660
[  149.271063][ T6701]  ? reacquire_held_locks+0x660/0x660
[  149.276431][ T6701]  ? __lock_acquire+0x1295/0x1ff0
[  149.281450][ T6701]  ? reacquire_held_locks+0x660/0x660
[  149.286818][ T6701]  ? reacquire_held_locks+0x660/0x660
[  149.292186][ T6701]  ? mark_lock+0x98/0x340
[  149.296511][ T6701]  __lock_acquire+0x1295/0x1ff0
[  149.301362][ T6701]  lock_acquire+0x1db/0x4f0
[  149.305861][ T6701]  ? flush_workqueue+0x154/0x1610
[  149.310883][ T6701]  ? read_lock_is_recursive+0x10/0x10
[  149.316247][ T6701]  ? lockdep_softirqs_off+0x420/0x420
[  149.321620][ T6701]  ? __init_swait_queue_head+0xaa/0x140
[  149.327164][ T6701]  flush_workqueue+0x170/0x1610
[  149.332007][ T6701]  ? flush_workqueue+0x154/0x1610
[  149.337026][ T6701]  ? __mutex_lock_common+0x444/0x25a0
[  149.342400][ T6701]  ? rcu_work_rcufn+0x140/0x140
[  149.347254][ T6701]  drain_workqueue+0xc5/0x390
[  149.351930][ T6701]  destroy_workqueue+0x7b/0xae0
[  149.356786][ T6701]  __loop_clr_fd+0x241/0xbe0
[  149.361378][ T6701]  ? bdev_evict_inode+0x30/0x30
[  149.366228][ T6701]  ? lo_release+0x177/0x1f0
[  149.370727][ T6701]  ? lo_open+0x100/0x100
[  149.374968][ T6701]  blkdev_put+0x455/0x790
[  149.379293][ T6701]  ? __rwlock_init+0x140/0x140
[  149.384053][ T6701]  blkdev_close+0x7c/0xa0
[  149.388375][ T6701]  ? blkdev_open+0x2d0/0x2d0
[  149.392959][ T6701]  __fput+0x3fe/0x8e0
[  149.396942][ T6701]  task_work_run+0x129/0x1a0
[  149.401530][ T6701]  exit_to_user_mode_loop+0x106/0x130
[  149.406902][ T6701]  exit_to_user_mode_prepare+0xb1/0x140
[  149.412465][ T6701]  syscall_exit_to_user_mode+0x5d/0x240
[  149.418009][ T6701]  do_syscall_64+0x47/0xb0
[  149.422436][ T6701]  ? clear_bhb_loop+0x15/0x70
[  149.427106][ T6701]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  149.432998][ T6701] RIP: 0033:0x7fcc67cb00a8
[  149.437413][ T6701] Code: 48 8b 05 83 9d 0d 00 64 c7 00 16 00 00 00 83 c8 ff 48 83 c4 20 5b c3 64 8b 04 25 18 00 00 00 85 c0 75 20 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 5b 48 8b 15 51 9d 0d 00 f7 d8 64 89 02 48 83
[  149.457012][ T6701] RSP: 002b:00007ffdfa81e3a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  149.465507][ T6701] RAX: 0000000000000000 RBX: 00007fcc67b84ae0 RCX: 00007fcc67cb00a8
[  149.473472][ T6701] RDX: 000055a685cfe113 RSI: 00007ffdfa81dba8 RDI: 0000000000000008
[  149.481438][ T6701] RBP: 000055a3dff35fe0 R08: 0000000000000006 R09: 5a180ab453c58ee1
[  149.489403][ T6701] R10: 000000000000010f R11: 0000000000000246 R12: 0000000000000002
[  149.497379][ T6701] R13: 000055a3dff0fa50 R14: 0000000000000008 R15: 000055a3dfefe910
[  149.505359][ T6701]  </TASK>
[  149.520612][ T5513] usb 5-1: USB disconnect, device number 9
[  149.557268][ T6991] loop0: detected capacity change from 0 to 4096
[  149.666122][ T6994] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  149.677457][   T26] audit: type=1800 audit(1731865287.599:39): pid=6991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1036" name="file1" dev="loop0" ino=15 res=0 errno=0
[  149.703382][ T6991] NILFS error (device loop0): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  149.722350][ T6991] Remounting filesystem read-only
[  149.730901][ T6991] NILFS (loop0): discard dirty page: offset=0, ino=15
[  149.739785][ T6991] NILFS (loop0): discard dirty block: blocknr=18, size=4096
[  149.768848][ T4172] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer