last executing test programs:

6m47.514709513s ago: executing program 0 (id=1352):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000007c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008330001800a00010072616e67650000000400028008000340000001", @ANYRES16=r0], 0xc4}}, 0x20050800)

6m47.332692905s ago: executing program 0 (id=1355):
syz_mount_image$jfs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='quota,errors=remount-ro,integrity,iocharset=cp932,nodiscard,nointegrity,grpquota\x00quota,resize,iocharset=iso8859-5,uid=', @ANYRESDEC, @ANYBLOB="2c726573697a653d3078303030303030303030303030303030332c713a5774613f726573697a652c7533727130303030303030303000303030303030303030342c736d61636b66736861743d6574002678f9edfbac5d6325f9002c00c9cd79b9b92293ea"], 0xfe, 0x61e6, &(0x7f0000011180)="$eJzs3c1vHGcdB/DfvvqltLV6qEqFkJuWl1KaxEkJgQJND3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0XER09FbG2vr9aLLxyyH9/9499/98Mn3vrbHwbn/vunO73XJ6139+6v/vPne0fbZgAAAChNVVVVJ33Mfz59vu+23SkAYCry63+V5OWnvv71P9/6yyz1R61Wq9XqKdRN1Xj3mkVEbDRvU79ncDgeAE6Yjfi47S7QIvkXrR8RT7TdCWCmddruAMdia3t9tZPy7TRfD5Z32/O5IPvy3+g8uL5j0vQgo+eYTOvxtRm9eGZCfxam1IdZkvPvjuZ/bbd9mNY77vynZVL+w91Ln4qT8++N5j/i9OTfHZt/qXL+/UfKvyd/AAAAAACYYfn//5daPv47d/RNOZRPOv67PKU+AAAAAAAAAMDjdtTx/x4w/h8AAADMrPqzeu03T+0tm/RdbPXyq52IJ0fWBwqTLpZZbLsfAAAAAAAAAAAAAFCS/u45vFc7EYOIeHJxsaqq+qdptH5UR739SVf69kPJ2n6SBwCAXR89NXItfydiPiKupu/6GywuLlbV/MJitVgtzOX3s8O5+Wqh8bk2T+tlc8NDvCHuD6v6l803btd00Oflg9pHf199X8Oqd4iOPSaD9Nec0NxS2ACQ7L4abXlFOmWq6ulJbz5gH/v/KbQUS20/rph9bT9MAQAAgONXVVXVSV/n/Xw65t9tu1MAwFTk1//R4wJHqrsT2iMez+9Xq9VqtVr9qeqmarx7zSIiNpq3qd8zGI4fAE6Yjfi47S7QIvkXrR8Rz7XdCWCmddruAMdia3t9tZPy7TRfD9L47vlckH35b3R2bpdvP256kNFzTKb1+NqMXjwzoT/PTqkPsyTn3x3N/9pu+zCtd9z5T8uk/Ic7l8yVJ+ffG81/xOnJvzs2/1Ll/PuPlH9P/gAAAAAAMMPy//8vOf6bNxkAAAAAAAAATpyt7fXVfN1rPv7/uTHruf7zdMr5dx41/4U0L/8TLeffHcn/yyPr9Rrz99/c2///vb2++vs7//psnh42/7k800mPrE56RHTSPXX6aXqUrXvY5qA3rO9p0On2+umcn2rwTtyIm7EW5/et201/j732lX3tdU8H+9ov7GvvP9R+cV/7IH3vQLWQ28/GavwkbsbbO+1129wB2z9/QHt1QHvOv+f5v0g5/37jp85/MbV3Rqa1+x92H9rvm9Nx93Plxud/ef74N+dAm9F7sG1N9fadaaE/O3+TJ4bxs9trt87evX7nzq2VSJN9Sy9EmjxmOf/Bzs/c3vP/i7vt+Xm/ub/e/3D4yPnPis3oT8z/xcZ8vb0vT7lvbcj5D9NPzv/t1D5+/z/J+U/e/19poT8AAAAAAAAAAAAAAADwSaqq2rlE9EpEXErX/7R1bSYAMF1XIu5Fej9Qy8vVarVarVafvrqpGu+NZhERf23e5lJE/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpS213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+aWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOMvxM743Gcnjf99Jh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5v9AY77zO//mR4ddLGP91dMz7EuT8zzQez3X+XxpZr5l/9duZy3/jsCtuRndf/ufuvPfTc7ff/+DVG+9df3ft3bUfX1xZOX/x0qXLly+fe+fGzbXzu/8eT69nQM4/j33tPNCy5Pxz5vIvS87/C6mWf1ly/l9MtfzLkvPP7/fkX5acf/7sI/+y5PxfTrX8y5Lz/0qq5V+Wre31uTr/V1It/7Lk/f+rqZZ/WXL+r6Za/mXJ+Z9NtfzLkvM/l+pD5O/r4U+RnH8+wmX/L0vOfyXV8i9Lzv9CquVflpz/xVTLvyw5/9dSLf+y5Py/lmr5lyXnfynV8i9Lzv/rqZZ/WXL+l1Mt/7Lk/L+RavmXJef/zVTLvyw5/9dTLf+y5Py/lWr5lyXn/+1Uy78sOf/vpFr+Zcn5v5Fq+Zdl7/v/zZgxYybPtP3MBAAAAAAAAAAAAACMmsbpxG1vIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyfHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5Drr+4Gf2TevHUIMhODkb2CTmBCSJbu2E7/wb4oJrw1QCiQU+oLjetdmwW947RIokk0DJRJGpRVV04u2gFAbqaqIKi5oRWkuqr5clfaC3lRUlZAaVQYFVKS2otlq5jzP45nZ2Zld73hz9jyfj2T/dmfOzDlz5szsftf+7gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHa3vnH+s42iKJp/Wn9tL4oXND/eOrW9ddnrnu8tBAAAANbrf1t/P3tDuuDQKm7UtszfvuIfvr60tLRUvH/0d8a/uLSUrpgqivEtRdG6Lnrq3z7QaF8meKyYbIy0fT4yYPWjA64fG3D9+IDrJwZcv2XA9ZMDrl+2A5bZWv48pnVnu1ofbi93aXFjMd66blePWz3W2DIyEn+W09Jo3WZp/FixUJwo5ovZjuXLZRut5b95a3Ndbyviukba1rWzeYT88JNH4zY0wj7e1bGuK/cZff8NxdSPfvjJo3907vLNvebA3dBxf+V23nlbczs/HS4pt7VRbEn7JG7nSNt27uzxnIx2bGejdbvmx93b+ewqt3P0ymZuqO7nfLIYaX387dZ+Gmv/sV7aTzvDZf91e1EUF69sdvcyy9ZVjBTbOi4ZufL8TJZHZPM+mofSi4uxNR2nt67iOG3OuV2dx2n3ayI+/7eG242tsA3tT9P3PzWx7Hlf63EaNR/1Sq+V7mNw2K+VqhyD8bj4dutBP97zGNwVHv8n71j5GOx57PQ4BtPjbjsGbxt0DI5MjLa2OT0JjdZtrhyDuzuWH22tqdGaz9zR/xicOXfyzMzixz/x2oWTR47PH58/tXf37tm9+/YdOHBg5tjCifnZ8u+r3NvVt60YSa+B28K+i6+BV3ct236oLn15eK/DyT6vw+1dyw77dTjW/eAaG/OCXH5Ml6+Nh5o7ffLSSLHCa6z1/Ny1/tdhetxtr8Oxttdhz68pPV6HY6t4HTaXOXPX6r5nGWv702sbrtXXgu1tx2D39yPdx+Cwvx+pyjE4GY6Lf7lr5a8FO8P2Pj691u9HRpcdg+nhhvee5iXp+/3JA63R67i8pXnFdRPF+cX5s/c8euTcubO7izA2xEvajpXu43Vb22Mqlh2vI2s+Xg8tvOLxW3pcvj3sq8nXNv+aXPG5ai5z7z39n6vWV7fe+7Pj0j1FGEO20fuz11fz5v5MWbLP/mwu8+mZ9X8vnnJp2/vv+ArvvzH3P1euL93VY6PjY+XrdzTtnfGO9+POp2qs9d7VaK372ZnVvR+Phz8b/X58Y5/34x1dyw77/Xi8+8HF9+PGoJ92rE/38zkZjpMTs/3fj5vL7Niz1mNyrO/78e1hNsL+f01ICikXtR07Kx23aV1jY+PhcY3FNXQep3s7lh8P2ay5rif3XN1xeuft5X2Npkd3xUYdp1Ndyw77OE3vVysdp41BP327Ot3P52Q4Lm7c2/84bS7z9L3rf+/cGj9se++cGHQMjo9ONLd5PB2E5fv90tZ4DN5THC1OFyeKuda1E63jqdFa1/R9qzsGJ8KfjX6v3NHnGLyza9lhH4Pp69hKx15jbPmDH4Lu53MyHBdP3Nf/GGwu86b9w/3e9c5wSVqm7XvX7p+vrfQzr1u6dtO1/JlXczv/en//n802lzlxYK05s/9+ujtccl2P/dT9+l3pNTVXbMx+2hG28/KBlfdTc3uay3zx4CqPp0NFUVz46AOtn/eGf1/5s/Pf+XrHv7v0+jedCx994AfXH/ubtWw/AJvfc+XYVn6ta/uXqdX8+z8AAACwKcTcPxJmIv8DAABAbcTcH/9XeCL/AwAAQG3E3D8WZpJJ/t/xpssLz10oUjN/KYjXp93wYLlc7LjOhs+nlq5oXv7AV+d//BcXVrfukaIofvLgr/VcfseDcbtKU2E7n3pz5+XLb3hhVet/5OEry7X3178U7j8+ntUeBr0quLNFUXzzhs+31jP1gUut+fSDj7Tmey4+/lhzmWcPlp/H2z/zknL53w/l30PHjnTc/pmwH74X5uzbe++PeLuvXXrNzv3vu7K+eLvGbS9sPewnPljeb/w9OV94rFw+7ueVtv8vP/fk15rLP/qq3tt/YaT39j8Z7verYf73y8vl25+D5ufxdp8J2x/XF293z1e+1XP7n/psufyZt5TLPRJmXP+d4fNdb7m80L6/Hm0c6XhcxVvL5eL6Z7/zm63r4/3F++/e/snDlzr2R/fx8fQ/lfcz07V8vDyuJ/rzrvU376f9+Izrf/I3HunYz4PW/9R7nnl58367139313KjXbfv/o1Nf/CZz/dcX9yeQ396puPxHHp3eB2H9T/xwXA8huv/56nPd6w3euTdne8/cfkvbb/Q8Xiit/2oXP9Trz/emv8+9ePfu+4F17/w4iub+64ovv3e8v4Grf/4H57u2P4v33RX6/mI18eOfvf6VxLXf/Zj06dOL55fmGvbq63fnfOOcnu2TG7d1tzeG8J7a/fnh0+f+9D82anZqdmimKrvr9C7al8J8wfluLjW29/1cHg+b/ndb2674x8/Fy//54fKyy+9vfy69eqw3BfC5dvL52+psc71P3HrTa3Xd+Pp8vOOHvsQ7Nz1HwdWtWB4/N3fF8Tj/cxLP9TaD83rWl834ut6ndv/3bnyfr4R9utS+M3Mt910ZX3ty8ffjXDpveXrfd37L7zNxef1j8Pz/c7vlfcftys+3u+G72O+taPz/S4eH9+4MNJ9/63f4nExvJ8UF8vr41Jxf1969qaemxd/D0lx8ebW57+d7ufmNT3MlSx+fHHmxMKp84/OnJtfPDez+PFPHD55+vypc4dbv8vz8IcH3f7K+9O21vvT3Py+e4vZrUVRnC5mN+AN69psf/Oj1W3/mYePzu2fvWNu/tiR88fOPXxm/uzxo4uLR+fnFu84cuzY/McG3X5h7v7dew7u3b9n+vjC3P0HDh7ce3B64dTp5maUGzXAvtmPTJ86e7h1k8X77z24+7777p2dPnl6bv7+/bOz0+cH3b71tWm6eetfnT47f+LIuYWT89OLC5+Yv3/3wX379gz8bYAnzxxbnJo5e/7UzPnF+bMz5WOZOte6uPm1b9DtqafFfy2/n+3WKH8RX/Guu/el38/a9NVPrXhX5SJdv0D0cvhdNH//ojMHVvN5zP3jYSaZ5H8AAADIQcz9E2Em8j8AAADURsz9W8JM5H8AAACojZj7J8NMMsn/+v/6/6vr/5fX6//n1f8/89GyV7rZ+/+xP6//n4fnuf+/7vXr/+v/16//v/r+/Gbffv1//X+Wq1r/P+b+rUWRZf4HAACAHMTcvy3MRP4HAACA2oi5/7owE/kfAAAAaiPm/heEmWSS//X/V9X/3zOocFX//r/z/+v/F5uz/x+fHP3/bKy5f/++hzo+1f8P9P/1//X/9f/1/1m38RWv6dH/b/1q/mvd/4+5//owk0zyPwAAAOQg5v4XhpnI/wAAAFAbMfffEGYi/wMAAEBtxNy/Pcwkk/yv/+/8//r/+v/r7/93rrFS/f/1nv+/bWP0/zcH5//vT/9/gKvu/0/q/2/G/v/4cLe/2v3/gZuv/881UbXz/8fc/6Iwk0zyPwAAAOQg5v4Xh5nI/wAAAFAbMfe/JMxE/gcAAIDaiLn/xjCTTPK//r/+v/6//n+tz/+/3v5/3/P/lx/p/1eL/n9/+v8DOP9/Xv3/IW9/tfv/wz7///ibu2+v/08vVev/x9z/0jCTTPI/AAAA5CDm/pvCTOR/AAAAqI2Y+18WZiL/AwAAQG3E3L8jzCST/K//r/+v/6//r//fe/2D+/8l/f9q0f/vT/9/AP1//X/9/9X1/3t889vZ/49fLfX/c1e1/n/M/TeHmWSS/wEAACAHMfffEmYi/wMAAEBtxNz//8JM5H8AAACojZj7d4aZZJL/9f/1//X/8+r/3z2h/6//X2/6//3p/w+g/6//r/+/yvP/L7eW8/9vGXRn1EbV+v8x9788zCST/A8AAAA5iLn/FWEm8j8AAADURsz9rwwzkf8BAACgNmLunwozyST/6//Xq///J3/1xCsL/X/9/wHrr2n/Px4G+v+Z0//vT/9/AP1//X/9/w3p/5OPqvX/Y+6/Ncwkk/wPAAAAOYi5/7YwE/kfAAAAaiPm/tvDTOR/AAAAqI2Y+3eFmWSS//X/69X/j/T/9f/7rb+m/f9E/z9v+v89tL1I9f8H0P/X/8++/x+/+9X/Zziq1v+Puf9VYSaZ5H8AAADIQcz9d4SZyP8AAABQGzH3vzrMRP4HAACA2oi5/84wk0zyv/6//r/+v/6//n/v9ev/b076//2ttf8/of+v/6//n1n/3/n/Ga6q9f9j7n9NmEkm+R8AAAByEHP/XWEm8j8AAADURvz/m+X/e5X/AQAAoI5i7p8OM8kk/+v/6//n1P9v6P/r/+v/157+f3/O/z+A/r/+/4b2/7/f8Vmf/v9E2+G+Iv1/qqhq/f+Y+18bZpJJ/gcAAIAcxNx/T5iJ/A8AAAC1EXP/TJiJ/A8AAAC1EXP/bJhJJvlf/1//P6f+v/P/6//r/9ef/n9/+v8D6P/r/9ft/P9Fof/P86pq/f+Y+3eHmWSS/wEAACAHMffvCTOR/wEAAKA2Yu7fG2Yi/wMAAEBtxNx/b5hJJvlf/1//X/9f/1//v/f6K97/b+j/96b/35/+/wD6//r/dev/O/8/z7Oq9f9j7r8vzCST/A8AAAA5iLl/X5iJ/A8AAAC1EXP//jCTkP97/b9uAAAAYHOJuf9AmEkm//6v/1+T/v+v/13HuvX/9f/7rX84/f+t+v9hOv9/tdS0/9/9srhq+v8D6P/r/+v/6/8zVFXr/8fcfzDMJJP8DwAAADmIuf91YSbyPwAAANRGzP3/P8xE/gcAAIDaiLn/p8JMMsn/+v816f930f/X/++3fuf/1/+vs5r2/4emVv3/Ef1//f9qbb/+v/4/y137/n/8aHX9/5j77w8zyST/AwAAQA5i7v/pMBP5HwAAAGoj5v7Xh5nI/wAAAFAbMfcfCjOpW/5/We+L9f/1//X/9f+vTf//9UW3Kvb/mweP/n+96P/3V6v+v/P/6/9XbPv1//X/Wa5q5/+Puf8NYSZ1y/8AAACQsZj7Hwgzkf8BAACgNmLuf2OYifwPAAAAtRFz/5vCTDLJ//r/+v/6//r/zv/fe/36/5uT/n9/+v8D6P/r/+v/6/8zVFXr/8fc/+Ywk0zyPwAAAOQg5v63hJnI/wAAAFAbMfe/NcxE/gcAAIDaiLn/bWEmmeR//X/9f/1//X/9/97r1//fnPT/+9P/H0D/X/9f/1//n6GqWv8/5v6fCTPJJP8DAABADmLufzDMRP4HAACA2oi5/+1hJvI/AAAA1EbM/e8IM8kk/+v/6//r/+v/6//3Xr/+/+ak/9+f/v8A+v/6//r/+v9cja0rXVG1/n/M/e8MM8kk/wMAAEAOYu7/2TAT+R8AAABqI+b+d4WZyP8AAABQGzH3/1yYSSb5X/9f/79a/f+lC+230//X/y+G1f9v3kj/Pwv6//3p/w/Qo/+/Rf9f/1//X/+fq1a1/n/M/e8OM8kk/wMAAEAOYu5/T5iJ/A8AAAC1EXP/e8NM5H8AAACojZj7HwozyST/6/9n2f8fib3l6vX/nf9f/9/5//X/10f/vz/9/wGc/1//X/9f/5+hqlr/P+b+h8NMMsn/AAAAkIOY+98XZiL/AwAAQG3E3P/zYSbyPwAAANRGzP3vDzPJJP/r/2fZ/6/w+f/r1v8f6zg+cur/T7Y9n+m41P/X/98A+v/96f8PoP+v/1/l/n84mreucHv9f6qoav3/mPs/EGaSSf4HAACAHMTc/wthJvI/AAAA1EbM/b8YZiL/AwAAQG3E3P9LYSaZ5H/9f/1//X/n/3f+/97r1//fnPT/+9P/H0D/X/+/yv3/AfT/qaKq9f9j7v/lMJMVg98P/nMVDxMAAACokJj7Pxhmksm//wMAAEAOYu4/HGYi/wMAAEBtxNz/SJhJJvlf/7+7/x/PqKr/r/+v/6//r/+/GQ2v//+y64tC/1//X/9f/1//X/+f9aha/z/m/iNhJpnkfwAAAMhBzP2/EmYi/wMAAEBtxNx/NMxE/gcAAIDaiLl/Lswkk/z/PPb/x6vZ/590/v+r7P//RP9f/z/Q/+9N/39jOP9/f/r/A+j/6//r/+v/M1RV6//H3D8fZpJJ/gcAAIAaSz8Ojrn/WJiJ/A8AAAC1EXP/8TAT+R8AAABqI+b+D4WZZJL/nf+/u/9/Wf/f+f83oP8/1rG8/n9J/1//fxj0//vT/x9A/1//X/9f/5+hqlr/P+b+hTCTTPI/AAAA5CDm/g+Hmcj/AAAAUBsx938kzET+BwAAgNqIuf9EmEkm+V//X/8/9/5/oyguOv+//n+v9ev/b076//3p/w+g/6//v6n6/0/8Vvtn+v9UUdX6/zH3nwwzyST/AwAAQA7+j737aK7krvo43jYTiyrgJbBmxRJW5iWwZUcVa7IxGdvkDCbnYHI2OYPB5GxyxuQcTTRUibLmnGOFq+6Z0ZVu9///+WzOM1Mj36ux7PHvUX3p3P33i1vsfwAAAGhG7v77xy32PwAAADQjd/8D4pZO9r/+X//fe/8/bOT5/7t/vf7/HP2//n8d9vX3J1b/uoOi8AP7/7ve7fJ76//1//r/Ufp/z//X/7PX3Pr/3P0PjFs62f8AAADQg9z9D4pb7H8AAABoRu7+B8ct9j8AAAA0I3f/5XFLJ/tf/6//1//r/3f1/9fr//X/y+b5/+P0/xP0//p//b/+n7WaW/+fu/8hcUsn+x8AAAB6kLv/irjF/gcAAIBm5O5/aNxi/wMAAEAzcvc/LG7pZP/r//X/+v+l9P+nPP9/z+ej/9f/r6L/H6f/n6D/1//r//X/rNXc+v/c/Q+PWzrZ/wAAANCD3P2PiFvsfwAAAGhG7v5Hxi32PwAAADQjd/+j4pZO9n8v/f+Ne36s/9f/7/z9Wkb/f0zP/9f/6/8X7trhtn8n6P/30/9PmOj/h0H/P+a8+/nVn95y3v8B9P/6f/abW/+fu//Rccs9huHUxX6SAAAAwKzk7n9M3NLJ9/8BAACgB7n7r4xb7H8AAABoRu7+q+KWTvZ/L/3/Xvp//f/O3y/9v/5/1evr/5fJ8//HHb7/v8ud7nuffvt/z/8f5/n/6+7/b/3K0P+zbHPr/3P3Xx23dLL/AQAAoAe5+x8bt9j/AAAA0Izc/Y+LW+x/AAAAaEbu/sfHLZ3sf/1/a/3/7XZ93I7+f7t20f/r//X/+v/W6f/Hef7/hO1/zZ2tH+r/9f+e/6//53Dm1v/n7n9C3NLJ/gcAAIAe5O5/Ytxi/wMAAEAzcvc/KW6x/wEAAKAZufufHLd0sv/1/631/7s/zvP/q/+/4g7nfon+X/+v/2+c/n+c/n9CK8//v8ivmk3384d1VO9/S/+v/+eiza3/z93/lLilk/0PAAAAPcjd/9S4xf4HAACAZuTuf1rcYv8DAABAM3L3Pz1u6WT/6//1/8vo//MVPP9f/3/0/X/S/y+T/n+c/n9CK/3/RdL/e/6//p91m1v/n7v/GXFLJ/sfAAAAepC7/5lxi/0PAAAAzcjd/6y4xf4HAACAZuTuf3bc0sn+1//r/5fR/x/6+f/6f/2/5/93Qv8/Tv8/Qf+v/19f/39y0P/r/5ld/5+7/5q4pZP9DwAAAD3I3f+cuMX+BwAAgGbk7n9u3GL/AwAAQDNy9z8vbulk/+v/9f/6/0P0/ycG/b/+X/8/M/r/cfr/Cfp//b/n/+v/WasZ9f87PurM8Py4pZP9DwAAAD3I3f+CuMX+BwAAgGbk7n9h3GL/AwAAQDNy978obulk/+v/Z9P/b+d8M+//ty6s/z87DEPj/b/n/x/Y/5/d8fezvi71//r/Y6D/H6f/n6D/1//r//X/rNWM+v/tH+fuf3Hc0sn+BwAAgB7k7n9J3GL/AwAAQDNy9780brH/AQAAoBm5+18Wt3Sy//X/s+n/t828//f8f/3/rr+u5/+fo/+fF/3/OP3/BP2//l//r/9nrebW/+fuf3ncdOrkRX+KAAAAwMzk7n9F3NLJ9/8BAACgB7n7Xxm32P8AAACwUNfs+5nc/a+KWzrZ//r/9fb/p3b8nP5f/7/360P/r//X/x89/f84/f+E5fX/Zwf9/2zev/5f/89+c+v/c/e/Om7pZP8DAABAD3L3Xxu32P8AAADQjNz9r4lb7H8AAABoRu7+18Ytnex//b/n/+v/9f/6/9Wvr/9fJv3/OP3/hOX1/57/P6P3v4b+//Rt/6f+nzZcQP+/tbV15ZH3/7n7Xxe3dLL/AQAAoAe5+18ft9j/AAAA0Izc/W+IW+x/AAAAaEbu/jfGLZ3sf/1/p/1/fqkvq/+/ahj0//p//b/+f5z+f5z+f4L+X//v+f/6f9Zqbs//z93/prhlz/C79II+SwAAAGBOcve/OW7p5Pv/AAAA0IPc/W+JW+x/AAAAaEbu/rfGLZ3sf/1/p/2/5//r//X/R9L/Xzcc6JZB/38sFtH/nz349efe/1+t/9f/j+iu/7/n3Xf9UP+v/+/S3v9w22Nu/X/u/rfFLZ3sfwAAAOhB7v63xy32PwAAADQjd/874hb7HwAAAJqRu/+6uOlEJ/tf/6//1//r//X/q1//mJ//f2oYBv3/Giyi/x8x9/5/Pc//PzgW1f/r/5f8/vX/+n/2m1v/n7v/nXFLJ/sfAAAAepC7/11xi/0PAAAAzcjd/+64xf4HAACAZuTuf0/c0sn+1//r//X/+v/m+/+rF9H/e/7/muj/x82j/z+Y/l//v+T3r//X/3P+NtX/5+5/b9zSyf4HAACAHuTuf1/cYv8DAABAM3L3vz9usf8BAACgGbn7PxC3dLL/9f/6/wvp//N96v/b6v9Pz67/P7Prr9fJ8//1/2ui/x+n/5+g/9f/6/+v0f+zTnN7/n/u/g/GLZ3sfwAAAOhB7v4Pxa3/1639DwAAAM3I3f/huMX+BwAAgGbk7v9I3NLJ/tf/6/89/1//3/zz//X/XdH/j9P/T9D/6//1/57/z1rNrf/P3f/RuKWT/Q8AAAA9yN3/sbjF/gcAAIBm5O7/eNxi/wMAAEAzcvdfH7d0sv/1//p//b/+X/9/7u+h/r8N+v9xx9P/n9X/6/+rn78k/inQ/+v/pz6eNs2t/8/d/4m4pZP9DwAAAD3I3f/JuMX+BwAAgGbk7r8hbrH/AQAAYJFOrPi53P2fils62f/6f/3/4fr/3a+r/9f/Dwvt/1e9vv5/mTbS/+cXhf7f8/9DP/3/nXf9aGnP/9/755f+X//P+s2t/8/d/+m4pZP9DwAAAD3I3f+ZuMX+BwAAgGbk7v9s3GL/AwAAQDNy938ubulk/+v/9f+e/6//1/+vfn39/zJ5/v84/f8E/f90P7/qf1ArLK3/X/f71//r/9lvbv1/7v7Pxy2d7H8AAADoQe7+L8Qt9j8AAAA0I3f/F+MW+x8AAACasb37My7rcP/r//X/+n/9v/5/9evr/5dJ/z9O/z9B/7/Rfn7p71//r/9nv7n1/1/a/qgzw5fjlk72PwAAAPQgd/9X4hb7HwAAAJqRu/+rcYv9DwAAAM3I3f+1uKWT/a//1/8vo//f2tq6sqP+P/9B0/9vm+7/b9L/U/T/4/T/E/T/+n/9v/6ftZpb/5+7/8a4pZP9DwAAAD3I3f/1uMX+BwAAgGbk7v9G3GL/AwAAQDNy938zbulk/+v/Z9D/n9H/e/6/5/8Pnv+v/18T/f84/f+EFvv/M+f/6W+6nz+sTb9//b/+n/3m1v/n7v9W3NLJ/gcAAIAe5O7/dtxi/wMAAEAzcvd/J26x/wEAAKAZufu/G7d0sv/1/8fX/9/6e9fL8//PDqvfv/5f/6//1/8fNf3/OP3/hBb7/wuw6X5+6e9f/6//Z7/s/y/Z82fipvr/3P3fi1t2D7+TF/O5AgAAAPOQu//7cUsn3/8HAACAHuTu/0HcYv8DAABAM3L3/zBu6WT/6/9n8Pz/Bvt/z/9f/fWh/591/3+p/r8N+v9x+v8J+n/9/wb6//xzpa3+P7+a9f+9y/5/r031/7n7fxS3dLL/AQAAoAe5+38ct9j/AAAA0Izc/T+JW+x/AAAAaEbu/pvilh37f1Xb3Qr9v/5f/6//1/+vfn39/zLp/8edb/9/ejhc/5/0//p//b/n/+v/+za3/j93/0/jFt//BwAAgMU5ecDP5+7/Wdxi/wMAAEAzcvf/PG6x/wEAAKAZuft/EbfcfOmm3tKx0v/r/5vo/2+4/fbH6v/1/4P+v3v6/3Ge/z9B/7+Ofv4y/X8b/f8w6P85vLn1/7n7fxm3+P4/AAAANCN3/6/iFvsfAAAAmpG7/9dxi/0PAAAAzcjd/5u4pZP9r//X/x+y/99OMzfe/8fH6v/1/4P+v3v6/3H6/wlH0P+f3P3X76H/9/z/Rvp/z/9nHebW/+fu/23c0sn+BwAAgB7k7v9d3GL/AwAAQDNy9/8+brH/AQAAoBm5+/8Qt3Sy/zfW/8dvtf5/8f3/PJ7/Hx+r/9f/D/r/7un/x+n/J3j+v/5f/6//Z63m1v/n7v9j3NLJ/gcAAIAe5O7/U9xi/wMAAEAzcvf/OW6x/wEAAKAZufv/Erd0sv89/1//r//X/+v/V7++/n+Z9P/j9P+r1d8o/b/+X/+v/2et5tb/5+7/a9zSyf4HAACAHuTu/1vcYv8DAABAM3L33xy32P8AAADQjNz9f49bOtn/+n/9v/5f/6//3/f6lw36/8XS/4/bZP9/rztOv6zn/2+8/8+3oP/X/+v/WYu59f+5+/8Rt3Sy/wEAAKAHufv/GbfY/wAAANCM3P3/ilvsfwAAAGhG7v5/xy2d7P+J/v90/UL9/yj9/+73r/9f/fWh/19M/79N/79M+v9xnv8/Qf/v+f/6f/0/azW3/j93/3/ilk72PwAAAPQgd/8tcYv9DwAAAM3I3f/fuMX+BwAAgGbk7v9f3NLJ/vf8/yX1/5fp//X/+n/9v/5/gv5/nP5/wrz6/33/eaH/n/f71//r/9lvbv1/7v7/BwAA//+v/lIi")
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x40400, 0x80)
getdents(r0, &(0x7f00000006c0)=""/4096, 0x1000)

6m45.910388183s ago: executing program 0 (id=1376):
setreuid(0xee01, 0xee01)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, 0x0, &(0x7f0000000100))

6m45.508518328s ago: executing program 0 (id=1379):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x200000, &(0x7f00000000c0)=ANY=[], 0xbe, 0x1c0, &(0x7f0000000500)="$eJzs28uO0lAcx/FfKQXE+23jysSFbgRFN+7kAXwBdwQqIRY14gZiYnwU34Q38QUg0d2sppOWQlqmwBkYKJfvJ5mZfzj8zjlteqaniwrAyboX/rZkyQkr3/d/PZX08YOkfMaTA7BVvs59AKfK/pf1DABkY1y3w33A0JL+/v/ZHEU/juH+YVzPTYqSpFi+YJr/bYV/n+SlUSxfjLpcuX/5M8k/VzJ/44rjl+fy5RU5a5afHP+LZ8n8TUm3JN2WdEfSXUnBmb4v6UHK+K258R8bzh/YRHD1VTbNb9BBsHo+dTz3VVqjvTrvRPnX6c2xfyHD1C8UonzNcL6L8m/WzBejfKX51WultOfW7Bcwkct4/dvSmT+//t+b5/PL1z+AJXr9weeG57nfe8HNNixmnywqnLAoRj0s+3Jwd4x9IuMhKDItSilNTuJq2XZR2M2RBrevfTjhhsV01e5yLADHqvqj+63a6w9edrqNttt2v9Tevps+dofP5dWFT+cADlxycw4AAAAAAAAAAAAAAA7RQ0mP1gmavuAHAAAAYG9c7ztDjqTLTVkfIwAAAAAAAAAAAAAAAAAAAHAsLgIAAP//eUA+uA==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})

6m44.791453583s ago: executing program 0 (id=1387):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000002200)={0x0, 0x0, &(0x7f00000021c0)={&(0x7f0000002080)={0x44, r1, 0x1, 0x0, 0x0, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xb2, @name2}]}, 0x44}}, 0x0)

6m44.302813429s ago: executing program 0 (id=1389):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000050a03000000000080000000020000000c000240000000000000000108000b40000000040900010073797a30000000004a000c007f2785572cf743a7cd745fbde0904cd4972af9d9065bbcb7a4f36f350a3a34c01cfb26344b49d131f7c19f2ff496fa9ce44017dcc95fcfb9fc1f4c940d436c58c595db8aff2e00002c000000030a01020000000000000000020000000900010073797a30000000000900030073797a32"], 0xe8}, 0x1, 0x0, 0x0, 0x58fe7ab67a980db6}, 0x0)

6m43.816571303s ago: executing program 32 (id=1389):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000050a03000000000080000000020000000c000240000000000000000108000b40000000040900010073797a30000000004a000c007f2785572cf743a7cd745fbde0904cd4972af9d9065bbcb7a4f36f350a3a34c01cfb26344b49d131f7c19f2ff496fa9ce44017dcc95fcfb9fc1f4c940d436c58c595db8aff2e00002c000000030a01020000000000000000020000000900010073797a30000000000900030073797a32"], 0xe8}, 0x1, 0x0, 0x0, 0x58fe7ab67a980db6}, 0x0)

38.682483581s ago: executing program 6 (id=5191):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000007300000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

38.450456628s ago: executing program 6 (id=5194):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000001680)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c0000009500000000000000eb4779fcbb3e3bbff2971871b1b1c0b4f0fca28377f3aa77d6c8d949060c54d53bd61b3561319f7b346f8cadae05957ee562fe28a5d0b564a59c30cb37ebb90e516d9c72b9d81817f7a04496e4261b41dae579bd93d38e2740ac98d6108c318a35d29534fd3c6bf14ef7a5c59c3d48f092e6b6bb43ec765d850f71052de0718c08"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@newlink={0x44, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0x1c, 0x2b, 0x0, 0x1, [@IFLA_XDP_EXPECTED_FD={0x8, 0x8, r1}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x1}, @IFLA_XDP_FD={0x8, 0x1, r1}]}, @IFLA_GROUP={0x8}]}, 0x44}}, 0x0)

36.671847144s ago: executing program 4 (id=5204):
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40f02, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000000c0)=0x40)

36.63972586s ago: executing program 6 (id=5205):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f0000000340), 0x1, 0x588, &(0x7f00000005c0)="$eJzs3U1oHOUbAPBnZrP/fuVvKiio9FBUqFC6Sfqh1VN7FQuFHgQvGjbbULLJhmyiTcghvRexB1Hppd704FHx4EG8ePTqRfEsFBsUmh50ZfYjzccmbmKSlezvB5Odd97Zfd53Zp/ZmWEmE0DPOpn9SSOejYirScTAqrq+aFaebMy3vLRQfLS0UEyiVrv2WxJJRDxcWii25k+ar8ciYjEinomI7/IRp9ONcatz8+Mj5XJpulkenJmYGqzOzZ+5MTEyVhorTZ575dULF89fGD47vPptj2qrS/nt9fX2z3fev/3D6/fufP7FicXihyNJXIr+Zt3qfuymxjLJx6V108/vRbAuSrrdAHYk18zzLJWejoHINbO+ndrAvjYN2GO1QxE1oEcl8h96VGs/IDv+bQ37uf9x/3LjACSLu9wcGjV9jXMTcbh+bHL092TNkUl2vHl8PxvKgbR4KyKG+vo2fv+T5vdv54Z2o4HsqW8vN1bUxvWfrmx/os32p7917vRfam3/ljds/x7Hz22y/bvaYYw/3/rlk03j34p4rm38ZCV+0iZ+GhHvdBj/7ptfX9ysrvZpxKlYGz9dXjtPsvX54cHrN8qlocbftjG+OXXita36fzTa979xzvZw/Wem3fKf6rD/X33/5fOLW8R/6YWt13+75X8kIj7oMP6TDz97Y7O6+7eSB9lewHbXfzbtXofxX7508qcOZwUAAAAAAAAAALYhrV/LlqSFlfE0LRQa9/A+FUfTcqU6c/p6ZXZytHHN2/HIp60rrQYa5SQrDzevx22Vz64rn8s1A+aO1MuFYqU82uW+AwAAAAAAAAAAAAAAAAAAwH/FsXX3//+Rq9//v/5x1cBBtfkjv4GDTv5D71qb/0nX2gHsv42//0e60g5g39Xs/0Pvkv/Qu+Q/9C75D71L/kPv2jT/0/1tB7D/dvT7n9/9dgAAAAAAAAAAAAAAAAAAAAAAAAAAwAFz9cqVbKg9WlooZuXRvrnZ8cq7Z0ZL1fHCxGyxUKxMTxXGKpWxcqlQrEz80+cllcrUUEzO3hycKVVnBqtz829PVGYnW88ULfmvoQAAAAAAAAAAAAAAAAAAALBRf31I0kJEpPXxNC0UIv4fEccjn1y/US4NRcQTEfFjLn8oKw93u9EAAAAAAAAAAAAAAAAAAABwwFTn5sdHyuXSdI+M9G1n5ohY3N1mZJ+47Xflm+uq/TwR3V+qRg7eSJc3TAAAAAAAAAAAAAAAAAAA0IMe3/Tb6Tv+2tsGAQAAAAAAAAAAAAAAAAAAQE9Kf00iIhtODbzYv772f8lyrv4aEe/dvfbRzZGZmenhbPqDlekzHzenn+1G+4FOtfK0lccAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAY9W5+fGRcrk0vYcj3e4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwE78HQAA//8PrteZ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000080)=@shmem={0xc, 0x1, {0x2, 0x1}}, 0x0)

36.059097549s ago: executing program 6 (id=5210):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@test_dummy_encryption}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x460, &(0x7f00000008c0)="$eJzs3MtvVNUfAPDvve2UX38FWxFf4KOKRuKjpYDKwoUaTVxgYqILXU7aQpAChtZESBOLC1wZY+LeuPRfcKUbY1yZuNW9ISGGjeBqzJ25t/NgZvpgpoPM55MMfM99zDnfuffMnHvPTAMYWtPZP0nE7oj4PSIma8XmDaZr/924vjp/8/rqfBKVyrt/JdXt/r6+Ol9sWuw30ViIJA60qXf54qUz5aWlxQt5eXbl7EezyxcvvXD6bPnU4qnFc0eOHz92dO7ll4682JM8JyLNo7c++OrtE1805d+SR49Md1v5dKXS4+oGa09DnIwOsCFsyUhEZIerVO3/kzES9YM3GW9+tl74dEANBPqmUqlUJjqvXqsAd7Ekmsu6PAyL4oO+uP5tdx38at9GH4N37bXaBVCW9438UVszun7HoNRyfdtL0xHx/to/32SP6M99CACAJj9k45/ns9HO6nw29qiPP9J4oGG7e/K5oamIuDci9kbEfXEu9kXE/RHVbR+MiIe2WH/rJMmt45/06rYS26Rs/PdKPrfVPP4rRn8xNZKX9lTzLyUnTy8tHs5fk0NR2pWV57rU8eMbv33ZaV3j+C97ZPUXY8G8HVdHdzXvs1BeKd9Ozo2uXY7YP9ou/2R9JiCJiIcjYn+7J0g3ruP0s9890mndxvl30YN5psq3Ec/Ujv9atORfSLrPT87+L5YWD88WZ8Wtfvn1yjud6r+t/HsgO/7/b3v+r+c/lTTO1y5vvY4rf3ze8ZpmO+f/WnmlPJa8V43H8mWflFdWLsxFjCUnao1uXH6kvm9RLrbP8j90sH3/3xv1V+JARGQn8aMR8VhEPJ63/YmIeDIiDnbJ/+fXn/qwddn4pvPvryz/hS0d/3owFq1L2gcjZ376vqnSqXqY53+z+/E/Vo0O5Us28/63mXZt72wGAACA/540InZHks6sx2k6M1P7Dv++iHTp/PLKcyfPf3xuofYbgakopcWdrsmG+6Fz+WV9rXw5ImpfLSjWH420et/465Hxanlm/vzSwqCThyE30aH/Z/4cGXTrgL7zey0YXvo/DK+u/b+0c+0Adt4t/b9rn9/V17YAO6vN5//4INoB7Lx2439/7weGQ0v/N+0HQ8T9fxhe+j8ML/0fhtLyeGz8I/muQfFM29z9rg2idEc0o29BpHdEMwR9Cgb7vgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAr/wYAAP//HtbacA==")
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x14800, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

35.647224536s ago: executing program 4 (id=5214):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
writev(r0, &(0x7f0000000840)=[{&(0x7f0000001300)="c7", 0x1}], 0x1)
ioctl$VIDIOC_QBUF(r0, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "8000"}, 0x0, 0x2, {}, 0x20800})

35.345368105s ago: executing program 4 (id=5219):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r0, 0x1, 0xd, 0x0, 0x0)
close(r0)

35.178000035s ago: executing program 6 (id=5220):
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000240)=0x1f)

35.066491275s ago: executing program 4 (id=5232):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@test_dummy_encryption}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x460, &(0x7f00000008c0)="$eJzs3MtvVNUfAPDvve2UX38FWxFf4KOKRuKjpYDKwoUaTVxgYqILXU7aQpAChtZESBOLC1wZY+LeuPRfcKUbY1yZuNW9ISGGjeBqzJ25t/NgZvpgpoPM55MMfM99zDnfuffMnHvPTAMYWtPZP0nE7oj4PSIma8XmDaZr/924vjp/8/rqfBKVyrt/JdXt/r6+Ol9sWuw30ViIJA60qXf54qUz5aWlxQt5eXbl7EezyxcvvXD6bPnU4qnFc0eOHz92dO7ll4682JM8JyLNo7c++OrtE1805d+SR49Md1v5dKXS4+oGa09DnIwOsCFsyUhEZIerVO3/kzES9YM3GW9+tl74dEANBPqmUqlUJjqvXqsAd7Ekmsu6PAyL4oO+uP5tdx38at9GH4N37bXaBVCW9438UVszun7HoNRyfdtL0xHx/to/32SP6M99CACAJj9k45/ns9HO6nw29qiPP9J4oGG7e/K5oamIuDci9kbEfXEu9kXE/RHVbR+MiIe2WH/rJMmt45/06rYS26Rs/PdKPrfVPP4rRn8xNZKX9lTzLyUnTy8tHs5fk0NR2pWV57rU8eMbv33ZaV3j+C97ZPUXY8G8HVdHdzXvs1BeKd9Ozo2uXY7YP9ou/2R9JiCJiIcjYn+7J0g3ruP0s9890mndxvl30YN5psq3Ec/Ujv9atORfSLrPT87+L5YWD88WZ8Wtfvn1yjud6r+t/HsgO/7/b3v+r+c/lTTO1y5vvY4rf3ze8ZpmO+f/WnmlPJa8V43H8mWflFdWLsxFjCUnao1uXH6kvm9RLrbP8j90sH3/3xv1V+JARGQn8aMR8VhEPJ63/YmIeDIiDnbJ/+fXn/qwddn4pvPvryz/hS0d/3owFq1L2gcjZ376vqnSqXqY53+z+/E/Vo0O5Us28/63mXZt72wGAACA/540InZHks6sx2k6M1P7Dv++iHTp/PLKcyfPf3xuofYbgakopcWdrsmG+6Fz+WV9rXw5ImpfLSjWH420et/465Hxanlm/vzSwqCThyE30aH/Z/4cGXTrgL7zey0YXvo/DK+u/b+0c+0Adt4t/b9rn9/V17YAO6vN5//4INoB7Lx2439/7weGQ0v/N+0HQ8T9fxhe+j8ML/0fhtLyeGz8I/muQfFM29z9rg2idEc0o29BpHdEMwR9Cgb7vgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAr/wYAAP//HtbacA==")
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x14800, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

34.569086667s ago: executing program 6 (id=5225):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x213b2000)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000d00)=@nat={'nat\x00', 0x19, 0x1, 0x21e, [0x200000002300, 0x0, 0x0, 0x2000000024be, 0x2000000024ee], 0x0, 0x0, &(0x7f0000002300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050011006b0000000016636169663000000000000000e3ff00007665746831000000000000000000000073797a5f74756e0039da0000f8ff0000000076657468310000000000000000001000aaaaaaaaaa3d000000ff00000180c2000003ff00ffffff00ae000000560100008e0100006f776e6572000000000000000000000000000000000000000000000000000000180000000000", @ANYRES32, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB="02040000000000004e464c4f4700000000000000000000000000000000000000000000000000000050000000000000000100000007000300000000005cae641872319dfae5a988272763a36abcf1f74cfd4bf988531a30a528c1c044813d8205fd8b1fdf1c2ccd79b5fb7f9e096fbd1c7eeee4b6646c0b2fc39d3fe20000000072656469726563740000000000000000000000000000000000000000000000000800000000000000feffffff00000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000ffffffffffff0000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff00000000"]}, 0x296)

34.56584762s ago: executing program 4 (id=5226):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0xa00, 0x63c, 0x1, 0x3, 0xd59f83, 0x19f2, 0x3f, 0x7, 0x3, 0x6, 0x2800, 0x2800, 0x2, 0xba2, 0x0, 0x38, {0x8, 0xffffffff}, 0xd0, 0x9}})

33.880266541s ago: executing program 33 (id=5225):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x213b2000)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000d00)=@nat={'nat\x00', 0x19, 0x1, 0x21e, [0x200000002300, 0x0, 0x0, 0x2000000024be, 0x2000000024ee], 0x0, 0x0, &(0x7f0000002300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050011006b0000000016636169663000000000000000e3ff00007665746831000000000000000000000073797a5f74756e0039da0000f8ff0000000076657468310000000000000000001000aaaaaaaaaa3d000000ff00000180c2000003ff00ffffff00ae000000560100008e0100006f776e6572000000000000000000000000000000000000000000000000000000180000000000", @ANYRES32, @ANYRES32, @ANYRES32=0xee00, @ANYRES32, @ANYBLOB="02040000000000004e464c4f4700000000000000000000000000000000000000000000000000000050000000000000000100000007000300000000005cae641872319dfae5a988272763a36abcf1f74cfd4bf988531a30a528c1c044813d8205fd8b1fdf1c2ccd79b5fb7f9e096fbd1c7eeee4b6646c0b2fc39d3fe20000000072656469726563740000000000000000000000000000000000000000000000000800000000000000feffffff00000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000ffffffffffff0000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff00000000"]}, 0x296)

33.738985798s ago: executing program 4 (id=5229):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x14, r1, 0x303, 0x70bd2a}, 0x14}}, 0x0)

33.17731009s ago: executing program 34 (id=5229):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x14, r1, 0x303, 0x70bd2a}, 0x14}}, 0x0)

5.724755139s ago: executing program 7 (id=5407):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000180)='./file3\x00', 0x8c0, &(0x7f00000004c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c636f686572656e63793d62756666657265642c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030362c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c0088ce5fbb23a78290fd1a7a5c7acc40174210098c30c6ef8ec8a9c59ea3f3f3cf285fa69e2ec4fbf8770e08c6cca9b8895dfe87e20e80310098a305a6aca69a6a5bf060418adcb86db81ff5867538f004b320fd79d2d2757a87c6655d453b45b3a3c9245d386b575594e9d4e55b8b9a0fe9f2f59b2fd6f16b911c6147dfd8bb64e43e5d68045db013b60d457071934dba721dfc890ef59a330a782b", @ANYRES8], 0x1, 0x443b, &(0x7f00000088c0)="$eJzs3b9vFFceAPA3Y3PYHHA2R8FJJ91Kh3Snu5NlU92dkc4Yg7HBx4kLKEqzrO0FnKy9yF5HKSicDilVpBRRCpRIdK6Qi7TkT0iTktRISZEmUiQUR7s7a3tmd+WNs2sC+nwKj+f9Xn933rwpxi9OVO4treWW1nKFldzjhTtr53Lvlkvry8UQH5I9/Zd3+j9yeP3TmZZx+oXfk160SWeuX7z8/1vnQvhi8avn29vb26GqP7Q0tuf37797sLD32BBn6lTbbd1at7wVQjjdNK6qvhDCm5+HEIUQLiRpk8lxMIRwItTzbj344HauS6N58qx4Pv9i7uHW+NnZzUdb7T97FMInpT/84+7yN3/uG//6b13qHgAAAAAAAAAAAAAAAACAV9z0jes3/zc6Fp5GoX8zan5fdzo5tns/drtr/tT7DwsAAAAAAAAAAAAAAAAAAAC/Urvv/+eiUy3e/59KjhNt6m//p/djpHdm/nt96tLoWLL/e9SU/88k6dsLfWG4xb7v2f3fL2Tqt97/vbmfg2qMr9HvUIjikdR5HI+MhPBZsvH7mehYXCqvVf5+p7y+sti1Ybyy0vGv796fik6yoX89/vG+8Z/MtN/7/f9/3/Rtqp7f7t5X7LWWjn9f23KP3486uv4vZuodRvw5uHT8+2tpg3sLTNQngGr8P+zfP/5TmfZ7Ff+TIYRcVB1rLjUDVNcw1fR26xXS0vE/UktLTZ3JH7Ld9f9DJv6XMu03xz/u8idoPf9vZG9EtJSO/29qaQOpErvX/3C8//V/OdP+y7j/V8e/4f7fkXT8j9YT+1NFan/JTuf/6Uz7vYr/zTgZ58ko9Q3YjOrp7f5fHWnp+A805e8+/8Udrf+uZOof1vNfo9/G819j+v9rVH/+o7V0/Afbluv0+p/J1Ov1/D9RW/9xUOn4H6ulpdfOQ7WfncZ/NtN+r+JfW5UMNOK/O5/8eLSe/qn1X0fS8f9tPTG1RN+o/ayt/6L91/9XM+2/jPVfdfwb3X7MeE2l43+8bblq/L/s4P5/LVOv9/FvzFAcRDr+J9qWq13/A/vHfy5Tr9fx/0svGwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4BUwmx6EQxSOp8zgeGQnhYnJ+JhyL5guL+flSeeGdtRCmkvRcOBXdLZXnC6X80kp5sZgvlErlhRAuJfmnw0C0VipX8suF+5d32hqM7hULq5X5YqESQphO0v8YTjTaml+qLBfuhxCu7OT9Li6v3r9XWMkvLq3+e3R0dDTM7IxhOCq+VymuVOq913NDmN2pOxTtGVwt++rOWI5Hb5fXV1cKpVr6tT11SuWFQmlPnbkk76MwHFVW11cWCpVivlS+2+jvZZpIjlMzN964cW2sKf92VD9OHu6wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiZno7/6+MQQn/9LA4hTDR+iVqVf/KseD7/Yu7h1vjZ2c1HW8/blQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5iBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCrt0jNJAEIUB+M1YqJ3HsFp2O9sVRbRwRfAEegwPo0fxEt4hRYq0KUIgmYWw2YVtkur7mgfzM/MezAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAeZ7eu4+3uolIcbW5jPj7+l8c5i+l/tyP3784w4yczvNr9/BYN+Xf01F+V46Wbd6l69X3Z4zU3u9gT4b7tNf3uZ6ca2rfpubr+95EylVEtCW/TTlX1by3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2LIDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgWAAAAABDmbx1F3wYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CsAAP//9zUfKA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x2)
lseek(r0, 0x2, 0x3)

4.350471517s ago: executing program 7 (id=5417):
syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x94, &(0x7f0000003280)=ANY=[@ANYBLOB="0001def4774774366f0b8a20db13db64e85fc9322c3fe018b91ff1291b4f4c56de7e4543f49818e1307d98d09daa1e2a7dbf88003e9401dc73aad0b7dbb5685565c7825ba8340621faeae92abed19c524ab06c4303258d253722e159642af447aeb096c6a26d345d82f2925163331b0e9157441a9c61dd1051d3b970f9ac12f5975cf1ad4e45acef1a54921c492a77bcb1858b68758ed339608b8e43c733219f1f9e0b867840f821e03bc0e8a497c4d5dde436000090a397637dedb2f3"], 0x1, 0xd99, &(0x7f0000006900)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40106e80, &(0x7f0000000100)={0x1, 0xe000000000000000, 0x9, 0x0, 0x4000040c, 0x4fe4, 0x2401})

3.698466769s ago: executing program 3 (id=5422):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000b00)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x458, 0x4018, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x20, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x7, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x6}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x22, 0x5, {[@local=@item_012={0x1, 0x2, 0xb, "0f"}, @global=@item_012={0x2, 0x1, 0x6, '+\x00'}]}}, 0x0}, 0x0)

3.170744838s ago: executing program 7 (id=5431):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000540), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}}, 0x0)

2.945131366s ago: executing program 2 (id=5433):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000380)={0x7, 0x6, 0x2, {0x1, @pix_mp={0x7, 0x4, 0x38415261, 0x1, 0x8, [{0x6, 0xffffffff}, {0x668, 0xffff}, {0x8, 0x6bc}, {0x1, 0x1ff00}, {0x3, 0x2}, {0x7fff, 0x234}, {0x8, 0x7}, {0x1, 0x4a5}], 0x7, 0x6, 0x0, 0x0, 0x3}}, 0x5})

2.722267224s ago: executing program 8 (id=5434):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x2000, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r1, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce8514000400e76a686bac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0)

2.700441885s ago: executing program 7 (id=5435):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe)
ioctl$FS_IOC_SETFLAGS(r0, 0x80047456, &(0x7f0000000000)=0x200000)

2.602444248s ago: executing program 2 (id=5438):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000140)={0x2c, r1, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008015}, 0x4000044)

2.383909384s ago: executing program 2 (id=5439):
newfstatat(0xffffffffffffff9c, &(0x7f0000001580)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x0)
setresuid(0x0, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x75}, [@cb_func={0x18, 0x2, 0x4, 0x0, 0x7}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2.383471628s ago: executing program 7 (id=5440):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000001e40)=ANY=[], 0x1, 0x6092, &(0x7f000000c780)="$eJzs3U9vHGcdB/Df7K7Xf9KmUYWqECHhplBaSvM/gfKvKQcOcAAJ9Uwi160CKaAkIFpFxFUOiAvwEuDSC4e+BV5AXwPiBRAp6akHyqCxnycZb9ZZu4l3dv18PpIz85tnx/ubfD3eXe/MTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8aMf/ux0FRGXfpcWHIl4KvoRvYjlpl6NZuZivv0gIo7G5nA8FxH9xYhm/c1/nok4FxEfH464e+/mWrP4zC77OH/qxrXPfvyDf/3xL7eP/uKtn384Ov7TL5z96E+3Io785LWPPrv1ZLYdAAAASlHXdV2ll/nH0uv7XtdNAQBTkR//6yQvV6sfq66iilnqR63uvv5zby+3f+pQ1/2qD2jdVo93q11ExEZ7neY5g7fjAWDObMSnXbdAh+RftEFEHOq6CWCmVV03wL64e+/mWpXyrdqPB6tb4/nvlNvy36jun9+x03SS0WNMpvXzdTv68ewO/SxPqYdZkvPvjeZ/aWt8mG633/lPy075D7dOfSpOzr8/mv+Ibfn/NSIekf9u9qPu8u+Nzb9UOf/BXvLf6M/x/i9/AAAAAAAOvvz3/yMdv/+7+PibsiuPev93dUo9AAAAAAAAAMCT9rjX/7vP9f8AAABgZjWv1Rt/O/xg2U6fxdYsf7OKeHrk9kBhVlsfDggAAAAAAAAAAAAATMcgYiUd178QEU+vrNR13Xy1jdZ79bjrz7vStx9K1vUveQAA2PLx4ZFz+auIpYh4M33W38LKykpdLy2v1Cv18mJ+PjtcXKqXW69r87RZtjjcxRPiwbBuvtlSa722Sa+XJ42Pfr/mvoZ1fxeNTUeHgQNARGw9Gt31iHTA1PUz0fWzHOaD/f/gsf+zG13/nAIAAAD7r67rukof530sveff67opAGAq8uP/6PsCarV6xuvFiJnqZ57rT7YWzkw/avU+1m31eLfaRURstNdpnjO4HD8AzJmN+LTrFuiQ/Is2iIijXTcBzLSq6wbYF3fv3VyrUr5V+/FgdWs8HwuyLf+NanO9vP646SSjx5hM6+frdvTj2R36eW5KPcySnH9vNP9LW+P5Ev/7nf+07JR/s51HOuinazn//mj+Ix4n/+Ux36+7/Htj8y9Vzn+wp/z7c7z/yx8AAAAAgIMv//3/iPd/8yYDAAAAAAAAwNy5e+/mWj7vNb///6Uxt6vac3N9/q/z/9py/tWu85/387/l35bz743mP3JATr81f+eNB/l/cu/m2oc3/vPFPJ35/Bf6w+a+F6pef5CO+akX3o4rcTXW49RDtx9sGz/90PhCRCzdHz8zdvzB+mcfGh8248t5/ESsxa/jarx1f3xxwoFRSxPG6wnjOf++/b9IOf9B66vJfyWNVyPTxp0Peg/t9+3puPu5+I//vvjw3jV9t6N/f9vamu073kE/m/8nh4bx2+vr1078/vKNG9dOR5psW3om0uQJy/kvpK+c/0svbI3n3/vt/fXOB8M95z8rbsdgx/xfaM032/vylHvrQs5/mL5y/vkRaPz+P8/577z/v9JBPwAAAAAAAAAAAAAAAPAodV1vniJ6MSIupPN/ujo3EwCYrvz4Xyd5uVqtPlB1VUXMUj9qtbqjuq0e7/V2ERH/bK/TPGf4w7hvBgDMsv9FxL+7boLOyL9g+fP+mulXum4GmKrr773/y8tXr65fu951JwAAAAAAAADA55Wv/7nauv7z5nFAI9eN3nb91zdidW6v/9kb9jevdZ426Pl49PW/j8ejr/89mHB/CxPGhxPGFyeML00YH3uiR0vO//mUcc7/WNqwkq7/+lIH/XQt5388Xes55/+1kdu186//vi3/uoqYo/x72/I/eePd35y8/t77r1559/I76++s/+r0qQvnzp4/d/b8+ZNvX7m6fmrr3w473l85/3zta8eBliXnnzOXf1ly/l9NtfzLkvN/MdXyL0vOPz/fk39Zcv75tY/8y5LzfznV8i9Lzv/rqZZ/WXL+r6Ra/mXJ+X8j1fIvS87/1VTLvyw5/xOpln9Zcv4nUy3/suT88ztc8i9Lzj8f2SD/suT8z6Ra/mXJ+Z9NtfzLkvM/l2r5lyXnfz7V8i9Lzv9CquVflpz/N1Mt/7Lk/L+VavmXJef/WqrlX5ac/7dTLf+y5Py/k2r5lyXn/91Uy78sOf/vpVr+Zcn5fz/V8i9Lzv/1VMu/LA8+/9/MnmdWZqMNM+NnvjwbbczpTNe/mQAAAAAAAAAAAACAUdM4nLjrbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwt7dxch11vcDf/bV6yQQ/0kIIQTiOCEYssnu+i0xwcG8/tNQ2jQQWlqoY+y1Y/CbvDZJUESWhrYgkBqpvaAXpUApQmqrRBVSqURRpKK2d0W9KI1aoVbiwqqgMhZUAgFbnTnP83hmdnZmvS/emXM+nyj+eWfOzDxz5szsftf6zgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANLv1bbO/PxRCKP5v/LElhGuKv28O+4sv5/ds9AoBAACA1fp548+/vDafsH8ZF2ra5h9f889fW1hYWAgfunj+F3+4sJDP2BrCyKYQGucl//STHy80bxM9EyaGhpu+Hu5x8yM9zh/tcf5Yj/PHe5y/qcf5Ez3OX7QDFtlc/j6mcWW3N/66pdyl4fow1jjv9g6XemZo0/Bw+l1Ow1DjMgtjR8KxcDzMhulFlxlq/BfCN24tbuuBkG5ruOm2bg4hXPjhU4fSGobiPr49tNxYQ/Nj94O3hK0Xf/jUoa+c/f4rL/5wJM6n8uy5GxatNITt24p1fjKES7+uCkNhU94naZ3DTeu8ucM6R1rWOdS4XPH35vUV88Iy15nu90Rc57e7rPPmeNoTt4UQ5sOS27R7JgyHq9puNe/vifKIKK6jeChfFkYv6zi5dRnHSXGZ793Wepy0H5Np/98a98noEmtofjh+8InxRft9pcdJca9Xf6yubg0h7quHihudmGj+1WrLsVps89Rrlz4GOj52HY6BfCw3HQPbeh0Dw+MjjWNg+NKat7UcAzOLLjMchhq3db5Y88Rovq32Y2Dq7InTU3NPfuyuYycOHp09OntyZnrPrp27d+3cvXvqyLHjs9Pln5e3SwfIVWE4H4Pb4mtNOgZf17Zt8yG58MW1ex5MbPjzYHPjhor7/t47igVdMxyWOMaLbT65ffXPg/x9v+l5MNr0POj4mtrheTC6jOdBsc2F7cv7njna9H+nNazXa+GWpmNgI78fjoah+Q+8funXwpvjuj71hsv9fjiy6BhId2soPveKU/LPexP3xv2y+Li4qTjj6vFwbm72zN1PHDx79sxMiOOKuK7psWo/Xq5quk9h0fEyfNnHy/6/+NkdN3U4fUvcVxN3dn+sim12TXZ/rBqv7p33Z8upO0Ica+xK789O382K/ZmzRJf9WWzzybtW/7NgziVNr39jvV7/RsZGy9e/kbw3xlpe/xY/NCONlYVw4a7lvf6Nxf+v9Ovf9X3y+lfsqw/c3f0YKLb51NTlHgOjXV//botzKK7n9TExTDTl/l80zp8vD9Omx7LncTM6OhaPm9F0i63Hzc5Flymurbjt7dMrO26239b6WLX83FLB46bYV3803f24KbZ5YWb1rx2b01+bXjvGex0DYyPjxXrH8kFQvt4tbE7HwN3hUDgVjofD+TLFo1zc1uSO5R0D4/H/K/3acWOfHAPFvvrcju7HQLHNt3au7c9O2+MpeZumn53af7+wVOa/afTS9bXvtrXO/MU6376r+++Gim2+v+tyc0b3/XRnPOXqDvup/fmz1DF9OFyZ/XRjXOfx3d1/N1Vsc/2eZR5P+0MIL8682Ph9V/z97l+f+9evtfzet9PvlF+cefHBqYe/cznrBwBg5X7R+HN+vPxZs+lfrJfz7/8AAADAQEi5fzjOTP4HAACAyki5fyTOTP4HAACAyki5fzTOrCb5/7F79z7386dDfjfAhSidn3ZD6sWnjvf8/eXlti5cUpz+1i+PPffpp5d328MhhJ89+KqO2z92f1pX6XRa5xtbT1/kxluWdfuPPnJpu+b3T7iwt7z+dH+WexikrvI3pnY0rnfrkzON+cKDoTEfnv/UM+X1l1+n7c/vLLf/k/imJfuPDLVcfntcz+1xbo3vKfPQ/kv7oZjpcs/d/Jq/v+59l24vXW5o20sbd/NzHy+vN71H1LPXldun+73U+v/uM199rtj+idd2Xv/Tw53Xfz5e7/fi/Mm+cvvmff7ppvX/blx/ur10ubu/9M2O63/+FeX2z8fj4gtxtq//LX/w6p93erzS7ey/r7xcuv3p/93VuFy6vnT97eufeHqmZX+0X/8LF8vr2ffRH400b59OT7eTPHpf6/E9FB/flh55COGrvxda9nN4U3m5v21bf7q+0/d1Xv+dbes8PXRL4/KX7s+Wlvv1+T/f0fH+pvXs/6stLffn2XfE/Xdx6lvF9Z5/OB6P8fyffru8vvb3Mn0+Xm6kbX9+YUv5vE3XN9W2/mfb1j9/S7Hveq//gYvl+p9/86aW9e9/ZzyeHihnr/Uf/dNrWy7/xa+Uj8eZx4dabnJL2/N408Tmq66+5iUvvTa+lrZ/feDU2cdmz2yd3jodwtYBfMvA9V7/l+L8n3LMr/0tlL7zo/K4++y7yu9br/tx+fWz8fRH4+OZvj9+/o/HWo7X9sd9/s3lXO363xDXsVyv+Mx/3bKsDc9/8Bvn/uZ3vt/+c0G6P6dfPtG4f5+79YbGeUMvlOe3v1718p8vb31ef3d0ujG/HvfrQnxn5m03lLfXfv3pvUk++57y+Vv+JLeQLx/a3k9ky0jr/Vjt+r8bf4755o2tr3/p+Pj6023v5rwlDBVLmI+vD2G+PD9tlfb3Zy/cEMKhP1t0e+l9eML8Ky9nmUuae3Ju6vixk+eemDo7O3d2au7Jjx04cercybMHGu9deuDDvS5/6fl9VeP5fXh2z67QeLafKsc62+j1n37k0OF7pu84PHvk4LkjZx85PXvm6KG5uUOzh+fuOHjkyOzjvS5/7PC+mR17d96zY/LoscP77t27d+feyWMnTxXLKBfVw57pj0yePHOgcZG5fbv2zuzevWt68sSpw7P77pmenjzX6/Kn5s4dOzxZXPqjk2dmjx88e+zE7OTcsY/N7pvZu2fPjp7v/nji9JG5rVNnzp2cOjc3e2aqvC9bzzZOPvP45Mlel6ce5k7F17s2Q/Gn8/ffuSe/P27hy59Y8qrKTVp/PA0/iO8Flb6/9fo65f6xOLOa5H8AAACog5T74xv/XzpD/gcAAIDKSLl/U5yZ/A8AAACVkXL/RJxZTfL/cvv/D93f2sfV/2+l/995/fr/+v/6/yGceXzyZKNj2bRX9f/Xjv6//n9Y1P8P1ej/d6D/31/r1//X/6e3fuv/p9y/OYRa5n8AAACog5T7r4ozk/8BAACgMlLuvzrOTP4HAACAyki5/5o4s3rk/7H2v+r/6//r/zf3/9O2+v9B/1//f4X0//X/u9H/1/8f5PX3Yf9/s/4//abf+v8p978kzqwe+R8AAABqIeX+l8aZyf8AAABQGSn3XxtnJv8DAABAZaTcvyXOrCb53+f/16j/n97tQf/f5//H69H/L+n/ry/9f/3/bvT/9f8Hef192P/3+f/0nX7r/6fc///izGqS/wEAAKAOUu5/WZyZ/A8AAACVkXL/dXFm8j8AAABURsr918eZ1ST/6//XqP/v8/8XPV76/63r1P/X/18P+v9XoP//38vfXv+/9X7o/+v/6/9f2f5/+/d8qq/f+v8p9788zqwm+R8AAADqIOX+G+LM5H8AAACojJT7XxFnJv8DAABAZaTcf2OcWU3yv/6//r/+v/6//r/+/3rS//f5/93o/+v/D/L69f99/j+99Vv/P+X+V8aZ1ST/AwAAQB2k3H9TnFmH/N/+b0YAAADAYEi5/1VxZv79HwAAACoj5f6b48xqkv/1//X/N7b/P6T/r/+v/6//vypr2/8fXvIc/f+S/n8r/X/9f/1//X+667f+f8r9r44zq0n+BwAAgDpIuf81cWbyPwAAAFRGyv23xJnJ/wAAAFAZKfdvjTOrSf7X/19N/380/03/v/P6ff6//r/+v/7/YPX/l6b/X9L/b6X/r/+v/6//T3f91v9Puf/WOLOa5H8AAACog5T7t8WZyf8AAABQGSn33xZnJv8DAABAZaTcf3ucWU3yv/6/z//X/9f/1//X/19P+v/6/93Uvv//qvJk/f/BXL/+//L6/+O9rohK67f+f8r9r40zq0n+BwAAgDpIuf+OODP5HwAAACoj5f7XxZnJ/wAAAFAZKfdvjzOrSf7X/9f/1//X/9f/1/9fT/r/rf3/ibBk/3/zStal/18a2P6/z/8f6PXr/6/i8/9/ellPNQZYv/X/U+5/fZxZTfI/AAAA1EHK/W+IM5P/AQAAoDJS7r8zzkz+BwAAgMpIuX8yzqwm+V//v779/3n9f/3/tnXq/+v/r4eq9v/z+6j4/H/9f/1//X/9/8vv/1Mb/db/T7n/rjizmuR/AAAAqIOU+++OM5P/AQAAoDJS7p+KM5P/AQAAoDJS7p+OM6tJ/tf/r2//P+j/6/+3rVP/X/9/PVS1/7/Sz//X/2+l/6//P8jrX6r/Px5C0P/X/6fUb/3/lPtn4sxqkv8BAACgDlLu3xFnJv8DAABAZaTcvzPOTP4HAACAyki5f1ecWU3yv/6//r/+v/6//n9z///d/54uo/+/NvT/9f+70f/X/x/k9a/F5/+/EPT/qY7hDqf1W/8/5f7dcWY1yf8AAABQByn374kzk/8BAACgMlLuvyfOTP4HAACAyki5/944s5rk/3Xq/48v57b1//X/g/6//n/X/n/r7fv8f/3/TvT/9f+D/v+KbXR/ftDXvxb9f5//T9Wtbf//2lX3/1Pu3xtnVpP8DwAAAHWQcv8b48zkfwAAAKiMlPvvizOT/wEAAGCgdPocwiTl/jfFmdUk//v8/6r3/xc26f/Xof+f9kjV+v+t+1P/X/+/E/1//f+g/79iG92fH/T16//r/9Pb2vb/F/14etn9/5T798WZ1ST/AwAAQB2k3H9/nJn8DwAAAJWRcv+b48zkfwAAAKiMlPv3x5nVJP/r/1e9/99/n/8/FPT/ff5/Sf9f/38t6P/r/wf9/xVbaX8+/tii/99H/f/iGNL/px/1W/8/5f63xJnVJP8DAABAHaTc/9Y4M/kfAAAAKiPl/rfFmcn/AAAAUBkp9789zqwm+V//X//f5//r/+v/6/+vJ/1//f9u9P8Hs/+f6P/3T//f5//Tr/qt/59y/zvizGqS/wEAAKAOUu5/Z5yZ/A8AAACVkXL//48zk/8BAACgMlLufyDOrCb5X/9f/1//X/9f/1//fz3p//dB/3/h4/mv+v+t90P/X/+/Ev3/Yf1/+le/9f9T7v+lOLOa5H8AAACoks1LnJ5y/4NxZvI/AAAAVEbK/e+KM5P/AQAAoDJS7v/lOLOa5P/69P8fbelQXen+/3C+/jr0/4tz9f+D/r/+v/5/g/5/H/T/m+j/t94P/f8r0J9vf5FfQ/r/Pv+f/tdv/f+U+98dZ1aT/A8AAAB1kHL/r8SZyf8AAABQGSn3/2qcmfwPAAAAlZFy/0NxZjXJ//Xp/7fy+f8ln//ftf9fHO76/02ueP9/tHV/6v/r/3ei/6//H/T/V2yj+/ODvn79f/1/euu3/n/K/b8WZ1aT/A8AAAB1kHL/w3Fm8j8AAABURsr974kzk/8BAACgMlLuf2+cWU3yv/6//r/+v8//79v+f9v+1P/X/+9E/1//P+j/r9hG9+cHff36//r/9NZv/f+U+x+JM6tJ/gcAAIA6SLn/fXFm8j8AAABURsr9vx5nJv8DAABAZaTc/xtxZjXJ//r/+v/6//r/+v/6/+tJ/39x/794DdvI/v/4cjbU/18W/X/9f/1//X+667f+f8r9748zq0n+BwAAgDpIuf8348zkfwAAAKiMlPt/K85M/gcAAIDKSLn/A3FmNcn/+v/6//r/der/l69x+v+t9P/Xl/6/z//vZu37///Q+Fr/f3k2uj8/6OvX/9f/p7d+6/+n3P/BOLOa5H8AAACog5T7fzvOTP4HAACAyki5/0CcmfwPAAAAlZFy/6NxZjXJ//r/+v/6/3Xq//v8f/3/K0//X/+/G5//r/8/yOvX/9f/p7d+6/+n3H8wzqwm+R8AAADqIOX+D8WZyf8AAABQGSn3H4ozk/8BAACgMlLuPxxnVpP8r/+v/6//r/+v/9/v/f//yK+y+v+L6f/r/wf9/xVbTX8+rVn/X/9f/59u+q3/n3L/bJxZTfI/AAAA1EHK/UfizOR/AAAAqIyU+4/Gmcn/AAAAUBkp9z8WZ1aT/K//r/+v/6//r//f7/1/n//fjf6//n/Q/1+xje7PD/r69f/1/+mt3/r/KfcfizOrSf4HAACAOki5/8NxZvI/AAAAVEbK/R+JM5P/AQAAoDJS7j8eZ1aT/K//r/+v/1/B/v+o/n/Q/+8b+v/6/93o/+v/D/L69f/1/+mt3/r/KfefiDOrSf4HAACAOki5/2ScmfwPAAAAlZFy/6k4M/kfAAAAKiPl/tNxZjXJ//r/+v/6/8vv///bv/wfe/e1bNdV5XF4y2617XJ1m1fhCeANuOEFuOGOC3IGk7HJOeecc87J5JxzBhMMJoOhMGWdMYYl62ivLXG2zlxzfN/NqAa5tbAc6l+qX80z/5oZtv/3/v8p+v8x6P/1/9vo//X/a/5+/b/+n2Wj9f+5++8etzTZ/wAAANBB7v57xC32PwAAAEwjd/894xb7HwAAAKaRu/9ecUuT/a//1//r/yd8/1//f4r+fwz6f/3/Nvp//f+av1//r/9n2Wj9f+7+e8ctTfY/AAAAdJC7/z5xi/0PAAAA08jdf9+4xf4HAACAaeTuv1/c0mT/6//H6P/zP9D//3f9f7rt91+6WUX/f9D56f/1//r/86L/1/9v9P8X7Lj7+bV/v/5f/8+y0fr/3P33j1ua7H8AAADoIHf/A+IW+x8AAACmkbv/gXGL/Q8AAADTyN3/oLilyf7X/4/R/3v/v+/7/1ee9sd5/z9+XWfs/0/c+tPq/4+W/l//v9H/X7Dj7ufX/v36f/0/y0br/3P3PzhuabL/AQAAoIPc/Q+JW+x/AAAAmEbu/ofGLfY/AAAATCN3/9VxS5P9r//X/+v/h3n/X/+fv64z9v/e/9f/6/8Ppf/X/6/5+/X/+n+Wjdb/5+5/WNzSZP8DAABAB7n7Hx632P8AAAAwjdz9j4hb7H8AAACYRu7+R8YtTfa//l//r//X/+v/9f/7pP/X/2+j/9f/r/n79f/6f5aN1v/n7n9U3NJk/wMAAEAHufsfHbfY/wAAADCN3P2PiVvsfwAAAJhG7v7Hxi1N9r/+X/+v/9f/6//1//uk/9f/b6P/1/+v+fv1//p/lu29/7/TNafurv1/7v5r4pYm+x8AAAA6yN1/bdxi/wMAAMA0cvc/Lm6x/wEAAGAaufsfH7c02f+H9P+XbvT/Tfv/m08M2P//v/5f/39ic1P8U0b/r/8/m/5f/7/R/1+wc/fzu/2Z0P/r//X/LNl7/7/Q+9/2/87d/4S4pcn+BwAAgA5y9z8xbrH/AQAAYBq5+58Ut9j/AAAAMI3c/U+OW5rsf+//6/+P8v3//P/r/f8D+n/v/+v/9f/6/+322P/fNf9kztT/3+T9/6G+f1v/f4cdvl//Twej9f+5+58StzTZ/wAAANBB7v6nxi32PwAAAEwjd//T4hb7HwAAAKaRu//pcUuT/X8E/f//6v/1/3t8/3/M/v+Kgz9e/3/m9+j/9f+H0f/r/7fx/v+o7//r/73/r//naIzW/+fuf0bc0mT/AwAAQAe5+58Zt9j/AAAAMI3c/c+KW+x/AAAAmEbu/mfHLU32v/f/9f/6f+//n9b/X3Xm/5Id+v9L9f/6/+30//r/bfT/+v81f7/+X//PstH6/9z9z4lbmux/AAAA6CB3/3PjFvsfAAAAppG7/3lxi/0PAAAA08jd//y4pcn+1//r//X/+n/v/+v/90n/P13/f0L/fyv9v/5f/6//Z7vR+v/c/S+IW5rsfwAAAOggd/8L4xb7HwAAAKaRu/9FcYv9DwAAANPI3f/iuKXJ/tf/6//1//p//b/+f5/0/9P1/97/P43+X/+v/9f/s91o/X/u/pfELU32PwAAAHSQu/+lcYv9DwAAANPI3f+yuMX+BwAAgGnk7n953NJk/+v/9f/6f/3/oP3/Jfp//f8u9P/6/82E/f/l5/j59P9jff/R9P/5q6//Z06j9f+5+18RtzTZ/wAAANBB7v5Xxi32PwAAAEwjd/+r4hb7HwAAAKaRu//VcUuT/X+u/v/GKw/+e/3/bvT/h3+//l//7/1//b/+v0P/f73+3/v/+n/v/+v/OdRo/X/u/tfELU32PwAAAHSQu/+1cYv9DwAAANPI3f+6uMX+BwAAgGnk7n993NJk/3v/X/+v/9f/6//1//uk/78I/f/J3X+89//P/N9xHt9/2WH/of5f/6//1/+z3Wj9f+7+N8QtTfY/AAAAdJC7/41xi/0PAAAA08jd/6a4xf4HAACAaeTuf3Pc0mT/6//1/8fe/1+i/0/6//h11f/r/8+D/n+E9/9b9P+H0v/r//X/+n+2G63/z93/lrilyf4HAACADnL3vzVusf8BAABgGrn73xa32P8AAAAwjdz9b49bmux//b/+/9j7f+//F/1//Lrq//X/50H/r//f6P8v2HH382v/fv2//p9lo/X/ufvfEbc02f8AAADQQe7+d8Yt9j8AAABMI3f/u+IW+x8AAACmkbv/3XFLk/2v/9f/6/979f8nN/p//f/Fpf/X/2+j/9f/r/n79f/6f5aN1v/n7n9P3NJk/wMAAEAHufvfG7fY/wAAADCN3P3vi1vsfwAAAJhG7v73xy1N9r/+f+39/11uiC/Q/+v/vf+v/x+S/l//v43+X/+/5u/X/+v/WTZa/5+7/wNxS5P9DwAAAB3k7v9g3GL/AwAAwDRy938obrH/AQAAYBq5+z8ctzTZ/z36/5Nn/bB5+n/v/+v/9f/6/7Hp/w/p//NfS/p//b/+f9Xfr//X/7NstP4/d/9H4pYm+x8AAAA6yN3/0bjF/gcAAIBp5O7/WNxi/wMAAMA0cvd/PG5psv979P9n0/8fOPL+/+ar9P/6/6L/1/9v9P9Dvv9/278HDqX/34n+f3X9/79P/0ta/7+l/z+x0f9zJEbr/3P3fyJuabL/AQAAoIPc/dfFLfY/AAAATCN3/yfjFvsfAAAAppG7/1Nxw+3/7/g+6aLS/+v/vf+v/9f/6//3Sf8/Xv+/0w/U/+9E/7+6/v9Iv3/q/t/7/xyR0fr/3P2fjlv8/j8AAABMI3f/Z+IW+x8AAACmkbv/s3GL/Q8AAADTyN3/ubilyf7X/+v/9f/6f/3/kfT/V282G/3/IfT/s/b/B/8k0f/r//X/zfv//DtM/885jNb/5+7/fNzSZP8DAABAB7n7vxC32P8AAAAwjdz9X4xb7H8AAACYRu7+L8Utk+z/kwv//az9/+0Wfm79/wH9v/5/o//3/v+e6f9n7f+9/7/R/+v/9f/e/2fRaP1/7v4vxy2T7H8AAADo60T+9mHt/q/ELfY/AAAATCN3/1fjFvsfAAAAppG7/2txS5P9P2v/v0T/f0D/r//f6P/1/3um/9f/b6P/1/+v+fv1//p/lo3W/+fu/3rc0mT/AwAAQAe5+78Rt9j/AAAAMI3c/d+MW+x/AAAAmEbu/m/FLU32/776/yt2+Ln33f9v+2H6/wP76f9v+WtJ/7/R/+v/L0L/v8s/a4+b/l//v43+X/+/5u/X/+v/WTZa/5+7/9txS5P9DwAAAB3k7v9O3GL/AwAAwDRy9383brH/AQAAYBq5+78XtzTZ/97/1/97/1//r/9fb/+/Bvp//f82+n/9/5q/X/+v/2fZaP1/7v7vxy1N9j8AAAB0kLv/B3GL/Q8AAADTyN3/w7jF/gcAAIBp5O7/UdzSZP/r//X/+n/9/9r6/2uv0/+vif5f/7+N/l//v+bv1//r/1k2Wv+fu//HcUuT/Q8AAAAd5O7/Sdxi/wMAAMA0cvf/NG6x/wEAAGAauft/Frc02f/6f/2//l//v7b+3/v/66L/1/9vo//X/6/5+/X/+n+Wjdb/5+7/edzSZP8DAABAB7n7fxG32P8AAAAwjdz9v4xb7H8AAACYRu7+6+OWO56VpE5J/6//1//r//X/+v99atv/3/KvVf3/Iv2//n/N36//1/+zbLT+P3f/r+IWv/8PAAAA08jd/+u4xf4HAACAaeTu/03cYv8DAADANHL3/zZuabL/9f/6f/2//l//r//fp7b9v/f/d6L/1/+v+fv1//p/lo3W/+fuvyFuabL/AQAAoIPc/b+LW+x/AAAAmEbu/t/HLfY/AAAATCN3/41xS5P9r//X/0/Z/1+m/9f/6/9Hof/X/2+j/9f/r/n7T/X/J+JvXP2//p9Djdb/5+7/Q9zSZP8DAABAB7n7/xi32P8AAAAwjdz9f4pbztr/d7uIXwUAAAAcpdz9f45bmvz+v/5f/z9l/3+h7//f8uug/9f/B/3/0dD/6/+30f/r/9f8/d7/1/+zbLT+P3f/X+KWJvsfAAAAOsjd/9e4xf4HAACAaeTu/1vcYv8DAADANHL3/z1uabL/9f/6f/2/9//1//r/fdL/6/+30f/r/9f8/fp//T/LRuv/c/f/I25psv8BAACgg9z9N8Ut9j8AAABMI3f/P+MW+x8AAACmkbv/X3HLDvv/f/b2VReP/l//r//X/+v/9f/7pP/X/2+j/x+9/7/z5dv+eP2//l//z5LR+v/c/f8JAAD//9RFCXM=")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0x20002078)

2.253714579s ago: executing program 2 (id=5442):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TCFLSH(r0, 0x80044704, 0x40000020001100)

2.216141352s ago: executing program 8 (id=5443):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003"], 0x64}, 0x1, 0x0, 0x0, 0x24004040}, 0x0)

2.0577535s ago: executing program 5 (id=5445):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x2008002, &(0x7f0000000080), 0x4, 0x568, &(0x7f0000000380)="$eJzs3c9vHFcdAPDvjH82pHUCPUAFJEAhRVF2Y6eNql7aXECoqoRacUAcUmNvLJPdbPCuS20s1f0bQAKJE/AfcEDigNQTB25ckJA4IKRyQApggeJKIC2a2bGzddZ4ba936e7nI41n5r2Z+b5nZ/LevLXnBTC2LkfEdkRMR8SbETFXpCfFEq+0l+y4hztbS7s7W0tJtFpv/D3J87O06Dgn87HimrMR8fpXI76dPB63sbF5d7FarawV++Vm7X65sbF5bbW2uFJZqaQRMX/z+os3XljoW10v1X7x4Curr37j17/6zPu/2/7y97NinS/yOuvRT+2qT+3HyUxGxKtnEWwIJor19JDLwclk99nHI+Lz+f0/FxP5v04AYJS1WnPRmuvcBwBGXZqPgSVpKSLStOgElNpjeE/HubRabzSv3qmv31tuj5VdiKn0zmq1cv3izB+/mx88lWT783lenp/vLxzYvxERFyPihzNP5PulpXp1eThdHgAYe1k7//vnivY/Iv41k6alUk+ndvlUDwD4yJgddgEAgIHT/gPA+Jnt+AoAjIceWv7iw/7tMy8LADAYnvwBYPxo/wFg/Gj/AWCsfP2117KltVu8/3r5rY31u/W3ri1XGndLtfWl0lJ97X5ppV5fyd/ZUzv0QsULoKv1+v3552P97XKz0miWGxubt2v19XvN2/l7vW9XpgZWMwDgMBcvvfeHJCK2X3oiX6JjLgdtNYy2dNgFAIZm4jQn6yDAR1q32b5+PoRyAIPXUxOedxJ+e+ZlAYaj68u8Z7tuftiPjxHE7xnB/5Urn+p9/N8czzBajP/D+DrZ+P/LfS8HMHjdxv+B8dBqJQfn/J/ezwIARtJxf4Xvg/Zpef/gnf53R4AhOGoy7758/g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj5nxEfCeStJTPBZ5mX9NSKeLJiLgQU8md1WrlekQ8FZciYmom258fdqEBgFNK/5oU839dmXv2/MHc6eSDmXwdEd/7yRs/enux2Vybz9L/sZ8+szd92MKj8447ryAAcHby9nuhWHc8yD/c2VraWwZZnge34j/FVMRLuztb+ZKlF2nvRMzmfYlz/0xisjhnNiKeiYiJPsTffjciPtmt/kk+NnKhmPm0M34UsZ8caPz0Q/HTPK+9zjpfn+hDWWDcvHcrIl7pdv+lcTlfd7//s9TJPsR/cKt9sb3/+3Y74k8WkSaK+J0PZ9k9f7nXGM//5muPJbbm2nnvRjwz2S1+sh8/6VL/LO3ZHuP/6dOf/cHLh+S1fhpxJbrH74xVbtbulxsbm9dWa4srlZXKvYWFm/M3r79444WFcj5GXd4bqX7c3166+tRhZcvqf64j/t68+FnU2a71n94/94s91v9n/37zW597tDtzMP5zX+j+83+6a/y2rE38Uo/xF8/98tDpu7P4y4d8/4/6+V/tMf77f9lc7vFQAGAAGhubdxer1crasTay1r8zJXsKPcl1jtzIitjbwXvdxdMF/XOcRS1OuDF1Vt/VgxsRfb7g5H5fsb9F/Wb0vahHbqR9r8WpNh727YKvFw9F/+PWA0bZo5t+2CUBAAAAAAAAAAAAAAAOM4g/XRp2HQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABhd/w0AAP//4MDXgw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FITRIM(r0, 0x40086604, 0x0)

1.968706157s ago: executing program 2 (id=5446):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000005380), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, &(0x7f0000005480)={0x0, 0x0, &(0x7f0000005440)={&(0x7f00000053c0)={0x30, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_DEVICE={0x10, 0x2e, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0002}}}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x8000)

1.806400258s ago: executing program 8 (id=5447):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./bus\x00', 0x18418, &(0x7f0000000040)=ANY=[@ANYRES8=0x0, @ANYRES32=0x0], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0x541b, 0x0)

1.730526814s ago: executing program 1 (id=5448):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYRES8=0x0, @ANYRESDEC], 0x4, 0x6c2, &(0x7f0000000800)="$eJzs3U1sHGcZB/D/rO1NHJDrtEkaEFKiRkTQiMQftAkSFQEhlEOFInHp1UqcxoqTRraLkoCICxQkLnBCOfRQhMKhJ8QBqYgDopyRkLhHXCNxzwUWzeyss7bXjrdZe9vw+0mz8868X888mnnjnchygP9bF97I2GqKXDj1ekaTPLg/u/jg/uz11OUk+5I0UtU2khQ3kuKj5HzaWz5XnqyHK7aa55WHH7538t4Hs+2j0Xqr2je26/dYa5sZVustx5OMtPev9ZuKrca7VO+73e1ruGIt7jJhJzqJg2FrbbLaT/cdPLfAJ93dZGSsx/nJ5ECS/fXPAalXh8Yehzdwfa1yAAAA8Mk08qQGzz3Ko9zKxN6EAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+Gov03A4t6a3TKx1N0/v5/sz5XajaHHO/TeffKsCMAAAAAAAAAgEE49iiPcisTneNWUf2f/0vVwaHq8zN5O8uZz1JO51bmspKVLGU6GZvoGqh5a25lZWl6c89fp+zZarXu1j1nkkxu6jmzN9cLAAAAAAAAAM+oH+dCJoYdBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdCuSkSSr7WIO1ftiMo3R8WR/kmbaDf7cKX+a/WXYAQAAAMDuG6/3E8V/69Jq9Z3/SPW9f3/ezo2sZCErWcx8LlfvAtrf+hv/GJtdfHB/9nq5bR74m//uMdtrW8ZRjZh3qncPvWeeqlocXutxId/J93Iqx3MxS1nI9zOXlczneL6dVpHMpchk/fZishNn73jPrzu6uDG2YxuOj1aRjOdKFqrYTudSGX4VeqOO/2jXbH9sJhtmfKfMTvGN2pZZWafRKZRX9Kt6X2s9t7MxdslkFd7YWkam6tyXIR/cPveb7pNGXzNNp7H2DurQ41nKw40z9ZfzX7R3B+rDMtc/W5/zQevzVdrGTMyksZa7I+tzfvOL955f3/nL//zrxVdz49rVK8undvGS9sbGTMx2ZeLF7e++diauLpaZWN15JsY2ntj/tNcwGM06G+1VdAerZWf5z1xeqvpO/KeV7+atXM58zmYq0zmXqXwtM5mtlslOXg9vn9fqWWtsftbGtwn+xJe6Gv38CY33VpnXg1157V7pJqu6+sz5X2aq6+57fgdZ6vNfgdHP14Vyjp88cb3cS+syUa/Nnehe6MpCc3MmftMqP5cXb1xbujp3c4fznaz35WP77vq1+beDuJ6Pr7xfyhV3tDo6uO5+Kete6Fk3XdUdWqtrbKo7vFY3mYksbPmkzlStj/QcqV33Ys+62aruaFfdup9y8lYWc3koGQWgLwdePtAcfzj+9/H3x386fnX89f3f2ndu3xeaGfvb6J9Gft/4XePrxct5Pz/KxLAjBQAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZ8Hy7TvX5hYX55eWb9/5V6dwbdCF4mP1SmO34ukxV1EXmrs/V1U43Ej24LoGUhjLYMb5Q5Jt2jSfeooiu56N8qEZ/MitkcENOLpNEvZlrdDr9hvP4zPDXpmA3XZm5frNM8u373xl4frcm/Nvzt+YOXf23NnZV6e/eubKwuL8VPtz2FECu2H59p2RYccAAAAAAAAAAAAA9Gewvx3xg8+2R+2qai4t95752J5eJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDpdeGNjK2myPTU6any+MH92cVy65QftxxN0khS/DApPkrOp71lsmu4Yqt5Xnn44Xsn730w+3is0U77xnb9dma13nI8yUi9f7J9PYbZPN6lrvFW+w5trL669hWWCTvRSRwM2/8CAAD///oC/oI=")
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00')
write$vhost_msg(r0, &(0x7f0000000840)={0x796e6564, {0x0, 0x0, 0x0}}, 0x7)

1.594616133s ago: executing program 2 (id=5449):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
syz_usb_disconnect(r0)

1.518352654s ago: executing program 3 (id=5450):
r0 = msgget$private(0x0, 0x790)
msgsnd(r0, &(0x7f0000000800)=ANY=[@ANYRES8], 0x401, 0x0)
msgctl$IPC_RMID(r0, 0x0)

1.474502264s ago: executing program 8 (id=5451):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x1ea, &(0x7f00000003c0)="$eJzsmb2LE0EYxp+Z3SR3hyg2FjYWHniit9ndqFxzxQmWghBFLYNZIbpJJFkhCQgGGxtLC8HWxtLCwsrCv8BWCxUEC1PaCSPzsbuTZCPxAyP6/iCzz3y978xL8hQbEATx3/Lh/Zd3D87uXDwJYB82UTHjnxz9FAem1799dPvEw91zj5+9efKqs//Oi9l4TO4Ry+dfB/Byz0EC5pqMU7s387CpxiVwHDf6Mhg8Lb8Khe5EYLhq1tywdHfdiDjyrnXj5vVWHPmyCWQTyqZm55eHmowZmgDW1OmEYNZ8fzi62YjjqDcrSiLNMzf1o+J79VPn2+PYRVo9ITiAK/fvjWXf1AY+eFa/AByB0TUw1I3eQQWe5+Ulse5/2M3jO8vcf7XiqRIHt/9UUnBdjr/h7v+wKP2WOGx2RP6gs5FDk9QD7TUfV373nxfKuADMTb3eiOPzvxC5XFCoTOT+JJ39mOVPLtzMP6pJ+1a1Pxxtt9rKtjthWDvjn/L902FVGZFu9WKnyP/WlD9tWPFLC7yyzMoYNJKkFwyApBdk/VC3luPWn3c/qz1c+R/H1lEdQ35V1LUrxTmY+XD1lGpr7tTaK+4uOCVBEARBEARBEARBEARBEMQijoBB/xMmmHkhWkR4Qb2h/BYAAP//DqhlcQ==")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000b00)=ANY=[@ANYBLOB="04000000000000000000000005"])

1.432997542s ago: executing program 5 (id=5452):
r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000002c0)={0x2, 0x1, 0x4, 0x0, 0x1})
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @vbi={0xfe9d, 0x2d, 0x9, 0x4c47504a, [0x10000, 0xac], [0x9, 0x5b90], 0x1}})

1.388804431s ago: executing program 1 (id=5453):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd700000000000010000001c000180060001"], 0x30}, 0x1, 0xff07}, 0x2000000)

1.169948856s ago: executing program 3 (id=5454):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0xc4, r1, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_PEERS={0x9c, 0x8, 0x0, 0x1, [{0x68, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e20, @local}}, @WGPEER_A_ALLOWEDIPS={0x2c, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24}]}, {0x30, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x5}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}]}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)

1.09007154s ago: executing program 5 (id=5455):
r0 = syz_io_uring_setup(0x1114, &(0x7f0000000300), &(0x7f00000001c0), &(0x7f0000000040))
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
io_uring_register$IORING_REGISTER_FILES2(r0, 0xd, &(0x7f0000001400)={0x0, 0x1, 0x0, 0x0, 0x0}, 0x20)

991.830782ms ago: executing program 1 (id=5456):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local={0x3, 0x80, 0xc2, 0x0, 0x0, 0x1}, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x5, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @private=0x7f000001}}}}}}, 0x0)

878.132324ms ago: executing program 8 (id=5457):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x400e, &(0x7f0000000300)={[{@i_version}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@sysvgroups}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f0000001f00)=ANY=[], 0xe00f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)

805.190354ms ago: executing program 3 (id=5458):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r0}, 0x18)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)

777.541185ms ago: executing program 5 (id=5459):
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f00000000c0)=0x1)
ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000001c0)={0x0, @bt={0x2d0, 0x7c1, 0x1, 0x3, 0xd59f80, 0x8, 0x5, 0xb, 0x9, 0x8, 0x80, 0xe72, 0x0, 0x9, 0x35, 0x1, {0x4, 0x8001}, 0x3, 0x5}})

763.838116ms ago: executing program 1 (id=5460):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x17, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014e10000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000001700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000010000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

707.543567ms ago: executing program 7 (id=5461):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000780), r0)
sendmsg$NFC_CMD_SE_IO(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="35e828bd7000ffdbdf251b00000004001900080001"], 0x28}, 0x1, 0x0, 0x0, 0x30028890}, 0x0)

539.565139ms ago: executing program 5 (id=5462):
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003300)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}], 0x1, 0x0)
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000080))
ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000c68000/0x3000)=nil, 0x7fffffff, 0x0, 0x0, 0x6, 0x0, 0x2, 0x0, 0x2})

392.752161ms ago: executing program 1 (id=5463):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x22ea0a9, &(0x7f0000000000)={[{@grpquota_block_hardlimit={'grpquota_block_hardlimit', 0x3d, [0x32]}}]})

290.413129ms ago: executing program 3 (id=5464):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000100)={@multicast1, @dev={0xac, 0x14, 0x14, 0xf}, @multicast1}, 0xc)
setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x2000, @multicast2}}, {{0x2, 0x1, @local}}}, 0x108)

224.141043ms ago: executing program 5 (id=5465):
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0xa00, 0x63c, 0x1, 0x3, 0xd59f83, 0x19f5, 0x3f, 0x7, 0x3, 0x6, 0x2800, 0x2800, 0x12, 0xba2, 0x5, 0x3e, {0x8, 0xffffffff}, 0xd0, 0x9}})
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB="00000100000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

78.387757ms ago: executing program 1 (id=5466):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x10, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000100000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006a00000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0xe, 0x0, &(0x7f0000000740)="00800000000000000000000645a9", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xf}, 0x50)

31.725138ms ago: executing program 8 (id=5467):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_exit\x00', r0}, 0x10)
fdatasync(0xffffffffffffffff)

0s ago: executing program 3 (id=5468):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)={0x90, r1, 0x7, 0x0, 0x8000000, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x64, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_BITS={0x54, 0x3, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, ':\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6863}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, 'hfs\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'wlan1\x00'}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}]}, {0x4}]}]}]}, 0x90}}, 0x0)

kernel console output (not intermixed with test programs):

achefs (loop6): shutting down
[  585.748859][T17792] EXT4-fs (loop1): 1 truncate cleaned up
[  585.788150][T17792] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  585.804011][T17785] bcachefs (loop6): shutdown complete
[  585.853377][T17792] EXT4-fs error (device loop1): ext4_ext_precache:632: inode #15: comm syz.1.4858: pblk 0 bad header/extent: invalid magic - magic 7973, entries 27514, max 27745(0), depth 25964(25964)
[  585.889485][ T5848] Bluetooth: hci3: unexpected event for opcode 0x2028
[  586.006913][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  586.216942][ T6000] usb 4-1: new full-speed USB device number 30 using dummy_hcd
[  586.396588][ T6000] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  586.420843][ T6000] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  586.449977][ T6000] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  586.467754][ T6000] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  586.476131][T17815] loop1: detected capacity change from 0 to 512
[  586.496436][T17817] loop4: detected capacity change from 0 to 1024
[  586.528475][T17815] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  586.541137][ T6000] usb 4-1: config 0 descriptor??
[  586.562621][T17815] ext4 filesystem being mounted at /806/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  586.576946][T17824] loop2: detected capacity change from 0 to 256
[  586.577969][T17817] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  586.607287][ T6000] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  586.622413][ T6000] dvb-usb: bulk message failed: -22 (3/0)
[  586.631910][ T6000] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  586.648128][ T6000] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  586.652524][T17824] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d)
[  586.660890][ T6000] usb 4-1: media controller created
[  586.675683][ T6000] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  586.693257][ T6000] dvb-usb: bulk message failed: -22 (6/0)
[  586.699417][ T6000] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  586.755334][ T6000] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input46
[  586.817976][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  586.852176][ T6000] dvb-usb: schedule remote query interval to 150 msecs.
[  586.859297][ T6000] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  586.931622][T17788] dibusb: i2c wr: len=62 is too big!
[  586.931622][T17788] 
[  586.960933][T17785] bcachefs: bch2_fs_get_tree() error: fsck_errors_not_fixed
[  586.976031][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  586.992416][ T6000] usb 4-1: USB disconnect, device number 30
[  588.066568][    T9] vhci_hcd: vhci_device speed not set
[  588.123492][ T6000] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  588.260902][ T5936] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  588.439097][T17831] loop2: detected capacity change from 0 to 131072
[  588.460796][T17831] F2FS-fs (loop2): Invalid segment/section count (31, 24 x 150994945)
[  588.469010][T17831] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  588.480541][T17831] F2FS-fs (loop2): invalid crc value
[  588.481029][ T5936] usb 5-1: Using ep0 maxpacket: 32
[  588.621143][ T5936] usb 5-1: too many endpoints for config 0 interface 0 altsetting 32: 253, using maximum allowed: 30
[  588.642436][T17831] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  588.649519][T17831] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  588.651799][ T5936] usb 5-1: config 0 interface 0 altsetting 32 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  588.719426][ T5936] usb 5-1: config 0 interface 0 altsetting 32 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  588.781289][ T5936] usb 5-1: config 0 interface 0 has no altsetting 0
[  588.819029][ T5936] usb 5-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[  588.839409][ T5936] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  588.882409][ T5936] usb 5-1: config 0 descriptor??
[  588.900922][T15975] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  589.019047][T17829] loop5: detected capacity change from 0 to 32768
[  589.057605][T17829] XFS: noikeep mount option is deprecated.
[  589.084597][T17829] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  589.091984][T15975] usb 4-1: Using ep0 maxpacket: 8
[  589.144150][T15975] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  589.187504][T17829] XFS (loop5): Ending clean mount
[  589.195833][T15975] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  589.239555][T17829] XFS (loop5): Quotacheck needed: Please wait.
[  589.275051][T15975] pvrusb2: Hardware description: Terratec Grabster AV400
[  589.275076][T15975] pvrusb2: **********
[  589.275089][T15975] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  589.275136][T15975] pvrusb2: Important functionality might not be entirely working.
[  589.275152][T15975] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  589.275172][T15975] pvrusb2: **********
[  589.346414][ T5936] zeroplus 0003:0C12:0030.0062: hidraw0: USB HID v0.03 Device [HID 0c12:0030] on usb-dummy_hcd.4-1/input0
[  589.346496][ T5936] zeroplus 0003:0C12:0030.0062: no inputs found
[  589.380591][T17829] XFS (loop5): Quotacheck: Done.
[  589.488793][ T2339] pvrusb2: Invalid write control endpoint
[  589.541070][ T5915] usb 5-1: USB disconnect, device number 48
[  589.581943][ T2339] pvrusb2: Invalid write control endpoint
[  589.581996][ T2339] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  589.582015][ T2339] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  589.582031][ T2339] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  589.582050][ T2339] pvrusb2: Device being rendered inoperable
[  589.582098][ T2339] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  589.582154][ T2339] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b)
[  589.583049][ T2339] pvrusb2: Attached sub-driver cx25840
[  589.583092][ T2339] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  589.583112][ T2339] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  589.701879][ T5845] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  589.714413][T15975] usb 4-1: USB disconnect, device number 31
[  590.645738][T17892] loop4: detected capacity change from 0 to 256
[  590.671234][ T5936] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  590.687933][T17892] exfat: Deprecated parameter 'utf8'
[  590.743258][T17892] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  590.787210][T17894] loop1: detected capacity change from 0 to 512
[  590.831150][T17894] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.4898: iget: bad extended attribute block 1
[  590.849000][ T5936] usb 4-1: Using ep0 maxpacket: 32
[  590.861211][ T5915] usb 7-1: new full-speed USB device number 24 using dummy_hcd
[  590.890934][T17894] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4898: couldn't read orphan inode 15 (err -117)
[  590.902937][ T5936] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  590.924561][T17894] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  590.950878][ T5936] usb 4-1: config 0 has no interface number 0
[  590.987641][ T5936] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  591.004439][T17894] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[  591.017892][ T5936] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  591.061615][ T5936] usb 4-1: Product: syz
[  591.065831][ T5936] usb 4-1: Manufacturer: syz
[  591.070457][ T5936] usb 4-1: SerialNumber: syz
[  591.095038][ T5915] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  591.149202][ T5915] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  591.168534][T17902] Cannot find set identified by id 4 to match
[  591.168585][ T5936] usb 4-1: config 0 descriptor??
[  591.185290][ T5915] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  591.211865][ T5936] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  591.226744][ T5915] usb 7-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[  591.229115][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  591.260129][ T5915] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  591.268559][ T5936] usb 4-1: selecting invalid altsetting 1
[  591.275293][ T5936] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  591.311879][ T5915] usb 7-1: config 0 descriptor??
[  591.328055][ T5936] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  591.354727][ T5936] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  591.368912][ T5936] usb 4-1: media controller created
[  591.407724][ T5936] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  591.437910][T17886] usb 4-1: dvb_usb_ce6230: I2C read not implemented
[  591.521472][ T5936] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  591.521568][ T5936] zl10353_read_register: readreg error (reg=127, ret==-71)
[  591.528583][ T5936] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  591.581949][T17911] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4904'.
[  591.638535][T17884] loop5: detected capacity change from 0 to 32768
[  591.638644][ T5936] usb 4-1: USB disconnect, device number 32
[  591.639557][T17884] XFS: ikeep mount option is deprecated.
[  591.690145][T17884] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[  591.695551][T17884] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  591.741227][ T5915] hid-rmi 0003:0461:4E72.0063: unknown main item tag 0x0
[  591.741277][ T5915] hid-rmi 0003:0461:4E72.0063: unknown main item tag 0x0
[  591.741313][ T5915] hid-rmi 0003:0461:4E72.0063: unknown main item tag 0x0
[  591.741348][ T5915] hid-rmi 0003:0461:4E72.0063: unknown main item tag 0x0
[  591.741383][ T5915] hid-rmi 0003:0461:4E72.0063: unknown main item tag 0x0
[  591.741419][ T5915] hid-rmi 0003:0461:4E72.0063: unknown main item tag 0x0
[  591.741454][ T5915] hid-rmi 0003:0461:4E72.0063: unknown main item tag 0x0
[  591.744490][ T5915] hid-rmi 0003:0461:4E72.0063: hidraw0: USB HID v0.00 Device [HID 0461:4e72] on usb-dummy_hcd.6-1/input0
[  591.774357][T17922] loop4: detected capacity change from 0 to 256
[  591.775094][T17922] exfat: Deprecated parameter 'utf8'
[  591.815272][T17924] loop2: detected capacity change from 0 to 128
[  591.816362][T17924] EXT4-fs: Ignoring removed nomblk_io_submit option
[  591.816397][T17924] EXT4-fs: Ignoring removed nomblk_io_submit option
[  591.817239][T17924] EXT4-fs (loop2): Test dummy encryption mode enabled
[  591.839401][T17922] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  591.848912][T17924] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  591.919185][T17884] XFS (loop5): Ending clean mount
[  591.957090][T17924] ext4 filesystem being mounted at /809/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  591.980235][ T5936] usb 7-1: USB disconnect, device number 24
[  592.182778][ T5845] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  592.202377][   T30] audit: type=1800 audit(2000000133.630:211): pid=17924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4905" name="file1" dev="loop2" ino=12 res=0 errno=0
[  592.222922][    C0] vkms_vblank_simulate: vblank timer overrun
[  592.428948][ T5840] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  592.649085][T17938] can0: slcan on ptm0.
[  592.667753][T17933] loop3: detected capacity change from 0 to 4096
[  592.698146][T17933] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  592.813909][T17935] can0 (unregistered): slcan off ptm0.
[  592.879084][T17943] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 909
[  592.935530][T17933] ntfs3(loop3): Failed to initialize $Extend/$Reparse.
[  593.032722][T17933] ntfs3(loop3): ino=1f, "file2" fallocate(0x10) is not supported
[  593.458764][T17960] loop5: detected capacity change from 0 to 1024
[  593.465032][T17961] loop3: detected capacity change from 0 to 2048
[  593.535635][T17961] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  593.547386][T17960] hfsplus: trying to free free bnode 0(1)
[  593.632060][T17962] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  593.674636][  T151] hfsplus: b-tree write err: -5, ino 4
[  593.777915][T17961] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  593.799961][T17961] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  593.840188][T17961] Remounting filesystem read-only
[  593.859332][T17961] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  593.873905][T17961] NILFS error (device loop3): nilfs_bmap_last_key: broken bmap (inode number=16)
[  593.893431][T17961] NILFS (loop3): error -5 truncating bmap (ino=16)
[  593.895699][T17973] loop5: detected capacity change from 0 to 1024
[  594.083116][ T5851] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer
[  594.366105][T17949] loop6: detected capacity change from 0 to 32768
[  594.418558][T17949] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  594.516654][T17949] XFS (loop6): Ending clean mount
[  594.571019][    T9] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  594.685468][ T9488] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  594.742438][    T9] usb 6-1: Using ep0 maxpacket: 32
[  594.789925][    T9] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30
[  594.826386][T18000] loop1: detected capacity change from 0 to 256
[  594.846159][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  594.865433][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  594.888585][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 45, changing to 9
[  594.901980][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 129
[  594.916494][    T9] usb 6-1: New USB device found, idVendor=046d, idProduct=c286, bcdDevice= 0.00
[  594.952555][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  595.015063][T17965] loop4: detected capacity change from 0 to 32768
[  595.047346][    T9] usb 6-1: config 0 descriptor??
[  595.086343][T17965] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  595.316948][T17979] loop3: detected capacity change from 0 to 32768
[  595.351047][T17979] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4930 (17979)
[  595.376849][T17965] XFS (loop4): Ending clean mount
[  595.394850][T17965] XFS (loop4): Quotacheck needed: Please wait.
[  595.431327][T17979] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  595.469550][T17979] BTRFS info (device loop3): using sha256 (sha256-x86_64) checksum algorithm
[  595.482592][T17979] BTRFS info (device loop3): using free-space-tree
[  595.515663][    T9] logitech 0003:046D:C286.0064: hidraw0: USB HID v10.00 Device [HID 046d:c286] on usb-dummy_hcd.5-1/input0
[  595.579677][T17965] XFS (loop4): Quotacheck: Done.
[  595.601454][    T9] logitech 0003:046D:C286.0064: no inputs found
[  595.729130][    T9] usb 6-1: USB disconnect, device number 27
[  596.174466][ T5843] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  596.954577][ T5851] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  597.281357][T18038] loop1: detected capacity change from 0 to 131072
[  597.413275][T18038] XFS (loop1): Mounting V5 Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846
[  597.662887][T18038] XFS (loop1): Starting recovery (logdev: internal)
[  597.710637][T18038] XFS (loop1): Metadata corruption detected at xfs_allocbt_verify+0xcb/0x3d0, xfs_cntbt block 0x4 
[  597.722962][T18038] XFS (loop1): Unmount and run xfs_repair
[  597.728714][T18038] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[  597.736178][T18038] 00000000: 41 42 54 43 00 00 00 01 ff ff ff ff ff ff ff ff  ABTC............
[  597.746064][T18038] 00000010: 00 00 00 00 00 00 00 04 00 00 00 01 00 00 00 40  ...............@
[  597.755711][T18038] 00000020: b9 3a 89 37 cc d4 41 a2 86 c7 66 a1 57 0a 28 46  .:.7..A...f.W.(F
[  597.764680][T18038] 00000030: 00 00 00 00 88 bf 4b 69 00 00 00 35 00 00 1f cb  ......Ki...5....
[  597.774330][T18038] 00000040: 00 00 00 35 00 00 1f cb 00 00 00 00 00 00 00 00  ...5............
[  597.783993][T18038] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  597.793146][T18038] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  597.805651][T18038] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  597.817572][T18038] XFS (loop1): log mount/recovery failed: error -117
[  597.839142][T18038] XFS (loop1): log mount failed
[  597.889365][T18068] loop2: detected capacity change from 0 to 256
[  598.319441][T18074] loop3: detected capacity change from 0 to 4096
[  598.534659][T18074] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  598.653152][T18074] EXT4-fs error (device loop3): ext4_get_first_dir_block:3544: inode #12: block 80: comm syz.3.4946: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  598.746758][T18074] EXT4-fs error (device loop3): ext4_get_first_dir_block:3547: inode #12: comm syz.3.4946: directory missing '..'
[  598.803303][T18086] loop1: detected capacity change from 0 to 512
[  598.867380][T18086] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.4960: casefold flag without casefold feature
[  598.944542][T18086] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4960: couldn't read orphan inode 15 (err -117)
[  598.993203][T18086] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  599.014291][T18060] loop5: detected capacity change from 0 to 32768
[  599.068893][ T5851] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  599.289265][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  599.498216][T18099] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  599.515854][ T5915] usb 5-1: new full-speed USB device number 49 using dummy_hcd
[  599.673172][ T5915] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  599.673228][ T5915] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  599.673284][ T5915] usb 5-1: New USB device found, idVendor=044f, idProduct=b324, bcdDevice= 0.00
[  599.673325][ T5915] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.676426][ T5915] usb 5-1: config 0 descriptor??
[  599.924599][T18108] pim6reg: entered allmulticast mode
[  600.096047][ T5915] thrustmaster 0003:044F:B324.0065: unknown main item tag 0x2
[  600.096095][ T5915] thrustmaster 0003:044F:B324.0065: item fetching failed at offset 4/5
[  600.096879][ T5915] thrustmaster 0003:044F:B324.0065: parse failed
[  600.096979][ T5915] thrustmaster 0003:044F:B324.0065: probe with driver thrustmaster failed with error -22
[  600.323095][ T6000] usb 5-1: USB disconnect, device number 49
[  600.449395][T18112] loop5: detected capacity change from 0 to 4096
[  600.538739][T18112] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  600.576390][T18112] ntfs3(loop5): Failed to initialize $Extend/$ObjId.
[  600.793060][T18104] loop6: detected capacity change from 0 to 32768
[  600.849420][T18104] 
[  600.849420][T18104]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  600.849420][T18104] 
[  600.930364][T18104] ERROR: (device loop6): diWrite: ixpxd invalid
[  600.930364][T18104] 
[  600.985699][T18104] ERROR: (device loop6): txAbort: 
[  600.985699][T18104] 
[  601.027411][T18106] loop2: detected capacity change from 0 to 32768
[  601.056510][T18106] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4970 (18106)
[  601.117855][T18106] BTRFS info (device loop2): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  601.159419][T18106] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm
[  601.202895][T18106] BTRFS info (device loop2): using free-space-tree
[  601.216223][ T9488] 
[  601.216223][ T9488]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  601.216223][ T9488] 
[  601.229550][T18132] loop4: detected capacity change from 0 to 1024
[  601.267294][ T9488] 
[  601.267294][ T9488]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  601.267294][ T9488] 
[  601.356775][   T30] audit: type=1804 audit(2000000142.790:212): pid=18132 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.4982" name=2F6E6577726F6F742F3834312F66696C65312FE91F7189591E9233614B dev="loop4" ino=25 res=1 errno=0
[  601.527831][T18131] Process accounting resumed
[  601.755898][ T5840] BTRFS info (device loop2): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  601.994898][T18126] loop5: detected capacity change from 0 to 32768
[  602.420842][    T9] usb 4-1: new full-speed USB device number 33 using dummy_hcd
[  602.554055][   T30] audit: type=1326 audit(2000000143.990:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.1.4993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1ff8e929 code=0x7ffc0000
[  602.558913][T18175] loop6: detected capacity change from 0 to 512
[  602.605416][    T9] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  602.624924][T18175] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  602.634079][   T30] audit: type=1326 audit(2000000143.990:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.1.4993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1ff8e929 code=0x7ffc0000
[  602.648824][    T9] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  602.674110][   T30] audit: type=1326 audit(2000000144.030:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.1.4993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f5e1ff8e929 code=0x7ffc0000
[  602.707153][    T9] usb 4-1: config 0 interface 0 has no altsetting 0
[  602.722349][ T6000] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  602.731814][    T9] usb 4-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  602.731989][T18175] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  602.752228][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  602.763964][   T30] audit: type=1326 audit(2000000144.030:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.1.4993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1ff8e929 code=0x7ffc0000
[  602.791857][    T9] usb 4-1: config 0 descriptor??
[  602.797492][   T30] audit: type=1326 audit(2000000144.030:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.1.4993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1ff8e929 code=0x7ffc0000
[  602.829724][   T30] audit: type=1326 audit(2000000144.030:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.1.4993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7f5e1ff8e929 code=0x7ffc0000
[  602.850938][T18175] ext4 filesystem being mounted at /611/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  602.853789][   T30] audit: type=1326 audit(2000000144.030:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.1.4993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1ff8e929 code=0x7ffc0000
[  602.887272][   T30] audit: type=1326 audit(2000000144.030:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.1.4993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1ff8e929 code=0x7ffc0000
[  602.891495][ T5936] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  602.909623][    C0] vkms_vblank_simulate: vblank timer overrun
[  602.909945][ T6000] usb 3-1: Using ep0 maxpacket: 32
[  602.947454][ T6000] usb 3-1: config 0 interface 0 has no altsetting 0
[  602.955161][ T6000] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  602.974828][ T6000] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  602.994494][ T6000] usb 3-1: config 0 descriptor??
[  603.017700][T18175] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #2: comm syz.6.4994: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  603.112473][ T9488] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  603.131031][ T5936] usb 5-1: Using ep0 maxpacket: 8
[  603.145768][ T5936] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  603.157346][ T5936] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.191309][ T5936] usb 5-1: Product: syz
[  603.195531][ T5936] usb 5-1: Manufacturer: syz
[  603.201559][T18184] loop5: detected capacity change from 0 to 64
[  603.215306][ T5936] usb 5-1: SerialNumber: syz
[  603.224699][ T5936] usb 5-1: config 0 descriptor??
[  603.230173][T18184] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  603.243033][T18184] MINIX-fs warning: remounting unchecked fs, running fsck is recommended
[  603.255210][ T5936] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  603.261896][    T9] hid-steam 0003:28DE:1102.0066: unknown main item tag 0x0
[  603.270577][    T9] hid-steam 0003:28DE:1102.0066: unknown main item tag 0x0
[  603.276306][ T5936] usb 5-1: setting power ON
[  603.280659][    T9] hid-steam 0003:28DE:1102.0066: unknown main item tag 0x0
[  603.291215][ T5936] dvb-usb: bulk message failed: -22 (2/0)
[  603.300919][ T5936] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  603.320597][ T5936] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  603.335630][    T9] hid-steam 0003:28DE:1102.0066: unknown main item tag 0x0
[  603.343038][    T9] hid-steam 0003:28DE:1102.0066: unknown main item tag 0x0
[  603.344287][ T5936] usb 5-1: media controller created
[  603.395391][    T9] hid-steam 0003:28DE:1102.0066: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[  603.439180][ T6000] sony 0003:054C:0268.0067: item fetching failed at offset 0/3
[  603.446708][ T5936] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  603.465962][ T6000] sony 0003:054C:0268.0067: parse failed
[  603.477976][ T6000] sony 0003:054C:0268.0067: probe with driver sony failed with error -22
[  603.489205][T18177] dvb-usb: bulk message failed: -22 (3/0)
[  603.495122][T18177] dvb-usb: bulk message failed: -22 (3/0)
[  603.544127][T18189] loop5: detected capacity change from 0 to 1024
[  603.560392][T15975] usb 4-1: USB disconnect, device number 33
[  603.591834][ T5936] usb 5-1: selecting invalid altsetting 6
[  603.628373][   T30] audit: type=1804 audit(2000000145.060:221): pid=18189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.4999" name=2F6E6577726F6F742F3832352F66696C65312FE91F7189591E9233614B dev="loop5" ino=25 res=1 errno=0
[  603.641324][ T5936] usb 5-1: digital interface selection failed (-22)
[  603.663342][ T5936] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  603.682061][ T5936] usb 5-1: setting power OFF
[  603.686687][ T5936] dvb-usb: bulk message failed: -22 (2/0)
[  603.702960][ T5936] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  603.710388][    T9] usb 3-1: USB disconnect, device number 36
[  603.717928][ T5936] (NULL device *): no alternate interface
[  603.747762][T18189] Process accounting resumed
[  603.807014][ T5936] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  603.854703][ T5936] usb 5-1: USB disconnect, device number 50
[  603.931501][ T5915] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  604.101073][ T5915] usb 2-1: Using ep0 maxpacket: 32
[  604.131341][ T5915] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  604.153753][ T5915] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  604.181418][ T5915] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  604.201198][ T5915] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  604.238654][ T5915] usb 2-1: config 0 descriptor??
[  604.282337][T18206] netlink: 'syz.6.5007': attribute type 1 has an invalid length.
[  604.330985][T18206] netlink: 236 bytes leftover after parsing attributes in process `syz.6.5007'.
[  604.685636][ T5915] ft260 0003:0403:6030.0068: item fetching failed at offset 0/2
[  604.715142][ T5915] ft260 0003:0403:6030.0068: failed to parse HID
[  604.735934][ T5915] ft260 0003:0403:6030.0068: probe with driver ft260 failed with error -22
[  604.891006][ T3168] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  604.911986][ T5915] usb 2-1: USB disconnect, device number 43
[  605.077211][ T3168] usb 7-1: Using ep0 maxpacket: 32
[  605.102707][ T3168] usb 7-1: config 0 interface 0 has no altsetting 0
[  605.119878][ T3168] usb 7-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  605.138887][T18227] loop2: detected capacity change from 0 to 1024
[  605.171028][ T3168] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  605.229272][ T3168] usb 7-1: config 0 descriptor??
[  605.263886][T18208] loop5: detected capacity change from 0 to 32768
[  605.310491][T18208] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  605.448124][T18227] Process accounting resumed
[  605.531826][ T5845] ocfs2: Unmounting device (7,5) on (node local)
[  605.557157][T18234] netlink: 348 bytes leftover after parsing attributes in process `syz.3.5019'.
[  605.575799][T18211] loop4: detected capacity change from 0 to 32768
[  605.671071][T18211] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  605.678489][ T3168] sony 0003:054C:0268.0069: item fetching failed at offset 0/3
[  605.731664][T18211] XFS (loop4): Ending clean mount
[  605.747900][ T3168] sony 0003:054C:0268.0069: parse failed
[  605.750030][T18246] hub 6-0:1.0: USB hub found
[  605.760347][T18246] hub 6-0:1.0: 1 port detected
[  605.792974][ T3168] sony 0003:054C:0268.0069: probe with driver sony failed with error -22
[  605.827390][T18248] loop1: detected capacity change from 0 to 512
[  605.870848][T18248] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  605.881435][ T3168] usb 7-1: USB disconnect, device number 25
[  605.959800][T18248] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ce018, mo2=0002]
[  605.969472][ T5843] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  606.011034][T18248] System zones: 1-12
[  606.026112][T18248] EXT4-fs (loop1): 1 truncate cleaned up
[  606.079685][T18248] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  606.184653][T18257] loop2: detected capacity change from 0 to 4096
[  606.220569][T18257] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[  606.279481][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  606.343467][T18257] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[  606.492013][    C1] sd 0:0:1:0: [sda] tag#7206 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  606.502507][    C1] sd 0:0:1:0: [sda] tag#7206 CDB: Read(6) 08 00 00 00 00 00 00 00 00 00 00 00
[  607.097888][T18280] loop6: detected capacity change from 0 to 1024
[  607.170574][T18280] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  607.250955][ T3168] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  607.467732][ T3168] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  607.500794][ T3168] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 3
[  607.509746][ T3168] usb 3-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  607.537772][T18263] loop5: detected capacity change from 0 to 32768
[  607.548361][ T9488] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  607.565261][T18263] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.5028 (18263)
[  607.578249][ T3168] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  607.594237][ T3168] usb 3-1: config 0 descriptor??
[  607.644896][T18294] loop4: detected capacity change from 0 to 2048
[  607.668986][T18263] BTRFS info (device loop5): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  607.718334][T18263] BTRFS info (device loop5): using crc32c (crc32c-x86_64) checksum algorithm
[  607.747753][T18263] BTRFS info (device loop5): using free-space-tree
[  607.769036][T18294] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  608.004538][T18315] program syz.6.5046 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  608.033612][ T3168] Bluetooth: Can't get state to change to load configuration err
[  608.090785][ T3168] Bluetooth: Loading sysconfig file failed
[  608.096675][ T3168] ath3k 3-1:0.0: probe with driver ath3k failed with error -16
[  608.169884][ T3168] usb 3-1: USB disconnect, device number 37
[  608.215828][ T5845] BTRFS info (device loop5): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  608.538609][T18331] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  608.567584][T18331] batman_adv: batadv0: Removing interface: batadv_slave_0
[  608.806687][T18331] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  608.821823][T18331] batman_adv: batadv0: Removing interface: batadv_slave_1
[  609.825926][T18355] loop2: detected capacity change from 0 to 128
[  609.919886][T18357] hub 6-0:1.0: USB hub found
[  609.963951][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  609.963977][   T30] audit: type=1800 audit(2000000151.400:223): pid=18355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.5065" name="file2" dev="loop2" ino=1049046 res=0 errno=0
[  610.015107][T18357] hub 6-0:1.0: 1 port detected
[  610.031492][T18355] syz.2.5065: attempt to access beyond end of device
[  610.031492][T18355] loop2: rw=0, sector=2069, nr_sectors = 1 limit=128
[  610.095240][T18356] loop4: detected capacity change from 0 to 4096
[  610.217624][T18363] loop1: detected capacity change from 0 to 512
[  610.235771][T18364] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  610.276690][T18363] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  610.279150][T18356] NILFS error (device loop4): nilfs_dotdot: directory #12 missing '.'
[  610.295830][T18363] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[  610.323763][T18367] loop3: detected capacity change from 0 to 64
[  610.328534][T18356] Remounting filesystem read-only
[  610.373457][T18363] EXT4-fs (loop1): 1 truncate cleaned up
[  610.393473][T18363] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  610.473390][T18363] EXT4-fs: group quota file already specified
[  610.512469][ T5843] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  610.626282][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  610.960395][T18387] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  610.966986][T18387] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  610.998151][T18387] vhci_hcd vhci_hcd.0: Device attached
[  611.017304][T18389] vhci_hcd: connection closed
[  611.019607][   T13] vhci_hcd: stop threads
[  611.039009][   T13] vhci_hcd: release socket
[  611.051423][   T13] vhci_hcd: disconnect device
[  611.079273][T18393] loop6: detected capacity change from 0 to 64
[  611.423551][    T9] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  611.591019][    T9] usb 3-1: Using ep0 maxpacket: 32
[  611.613042][    T9] usb 3-1: too many endpoints for config 0 interface 0 altsetting 32: 253, using maximum allowed: 30
[  611.633156][    T9] usb 3-1: config 0 interface 0 altsetting 32 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  611.655329][    T9] usb 3-1: config 0 interface 0 altsetting 32 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  611.701030][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  611.707752][    T9] usb 3-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[  611.723574][T18416] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  611.752194][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  611.788903][    T9] usb 3-1: config 0 descriptor??
[  612.077849][T18426] loop6: detected capacity change from 0 to 4096
[  612.181659][T18426] ntfs3(loop6): ino=21, "bus" fiemap is not supported for compressed file (cp -r)
[  612.223455][    T9] zeroplus 0003:0C12:0030.006A: hidraw0: USB HID v0.03 Device [HID 0c12:0030] on usb-dummy_hcd.2-1/input0
[  612.257662][    T9] zeroplus 0003:0C12:0030.006A: no inputs found
[  612.480636][T18439] loop6: detected capacity change from 0 to 512
[  612.489648][T18439] EXT4-fs: Ignoring removed bh option
[  612.494671][ T6000] usb 3-1: USB disconnect, device number 38
[  612.519330][T18439] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  612.559685][T18439] EXT4-fs (loop6): 1 truncate cleaned up
[  612.560387][T18447] loop3: detected capacity change from 0 to 128
[  612.576859][T18439] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  612.601076][    T9] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  612.625009][T18447] EXT4-fs: Ignoring removed nomblk_io_submit option
[  612.642275][T18447] EXT4-fs: Ignoring removed nomblk_io_submit option
[  612.663670][T18447] EXT4-fs (loop3): Test dummy encryption mode enabled
[  612.685978][T18447] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  612.714577][T18447] ext4 filesystem being mounted at /866/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  612.746616][ T9488] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  612.780841][ T5915] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  612.790450][   T30] audit: type=1800 audit(2000000154.210:224): pid=18447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5104" name="file1" dev="loop3" ino=12 res=0 errno=0
[  612.797951][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  612.831676][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  612.856972][    T9] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  612.881859][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67
[  612.890023][    T9] usb 2-1: SerialNumber: syz
[  612.913095][ T5851] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  612.961400][ T5915] usb 5-1: Using ep0 maxpacket: 32
[  612.987751][ T5915] usb 5-1: config index 0 descriptor too short (expected 35577, got 27)
[  612.996711][ T5915] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  613.014087][ T5915] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92
[  613.033367][ T5915] usb 5-1: config 1 has no interface number 0
[  613.039506][ T5915] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  613.069584][ T5915] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  613.083513][ T5915] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  613.094466][ T5915] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  613.116018][ T5915] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found
[  613.173285][    T9] usb 2-1: 0:2 : does not exist
[  613.237553][    T9] usb 2-1: USB disconnect, device number 44
[  613.252186][ T6000] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  613.326942][ T5915] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached
[  613.414770][ T6000] usb 7-1: Using ep0 maxpacket: 8
[  613.444525][ T6000] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  613.465606][ T6000] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  613.486771][ T6000] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  613.499609][ T6000] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  613.513787][T18468] loop5: detected capacity change from 0 to 64
[  613.545572][ T6000] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  613.585322][ T6000] usb 7-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  613.595416][ T6000] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  613.609681][ T6000] usb 7-1: Product: syz
[  613.614032][ T6000] usb 7-1: Manufacturer: syz
[  613.618765][ T6000] usb 7-1: SerialNumber: syz
[  613.635479][ T6000] usb 7-1: config 0 descriptor??
[  613.809673][ T5915] usb 5-1: USB disconnect, device number 51
[  613.818012][ T5915] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected
[  613.864660][ T6000] radio-si470x 7-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  613.891529][ T6000] radio-si470x 7-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  613.935751][T18464] loop2: detected capacity change from 0 to 32768
[  613.956477][T18464] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  614.034159][ T5840] ocfs2: Unmounting device (7,2) on (node local)
[  614.076890][ T6000] radio-si470x 7-1:0.0: software version 80, hardware version 212
[  614.102378][ T6000] radio-si470x 7-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  614.277728][ T6000] radio-si470x 7-1:0.0: si470x_set_report: usb_control_msg returned -71
[  614.286621][ T6000] radio-si470x 7-1:0.0: submitting int urb failed (-90)
[  614.297181][ T6000] radio-si470x 7-1:0.0: si470x_set_report: usb_control_msg returned -71
[  614.306998][ T6000] radio-si470x 7-1:0.0: probe with driver radio-si470x failed with error -22
[  614.319502][ T6000] usb 7-1: USB disconnect, device number 26
[  614.549103][T18480] loop1: detected capacity change from 0 to 512
[  614.612905][T18480] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  614.703769][T18487] loop3: detected capacity change from 0 to 512
[  614.739360][T18480] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  614.769657][T18487] EXT4-fs (loop3): Test dummy encryption mode enabled
[  614.805348][T18492] loop2: detected capacity change from 0 to 1024
[  614.818922][T18487] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  614.835216][T18480] ext4 filesystem being mounted at /857/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  614.865665][T18492] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  614.865791][T18492] ext4 filesystem being mounted at /846/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  614.875086][T18487] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.5122: bad orphan inode 131083
[  614.935025][T18492] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  614.999600][T18487] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  615.008858][T18492] EXT4-fs (loop2): Remounting filesystem read-only
[  615.009149][T18492] EXT4-fs warning (device loop2): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.2.5125: cleanup dec ref error -28
[  615.017435][T18500] netlink: 'syz.4.5127': attribute type 2 has an invalid length.
[  615.144968][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  615.147038][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  615.158610][T18487] overlayfs: upper fs needs to support d_type.
[  615.567728][T18511] loop6: detected capacity change from 0 to 764
[  615.615567][T18511] rock: directory entry would overflow storage
[  615.615585][T18511] rock: sig=0x4654, size=5, remaining=4
[  615.717847][ T5851] bridge0: port 3(syz_tun) entered disabled state
[  615.796394][ T5851] syz_tun (unregistering): left allmulticast mode
[  615.796429][ T5851] syz_tun (unregistering): left promiscuous mode
[  615.796523][ T5851] bridge0: port 3(syz_tun) entered disabled state
[  615.981328][ T5851] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  616.133569][ T3168] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  616.217952][T17967] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.321085][ T3168] usb 7-1: Using ep0 maxpacket: 32
[  616.328420][T17967] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.340692][ T3168] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  616.358829][ T3168] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  616.400961][ T3168] usb 7-1: config 0 interface 0 has no altsetting 0
[  616.407635][ T3168] usb 7-1: New USB device found, idVendor=2133, idProduct=0018, bcdDevice= 0.00
[  616.450820][ T3168] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  616.491951][ T3168] usb 7-1: config 0 descriptor??
[  616.512920][T17967] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.758244][T17967] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.930531][ T3168] viewsonic 0003:2133:0018.006B: unknown main item tag 0x0
[  616.968936][ T3168] viewsonic 0003:2133:0018.006B: unknown main item tag 0x0
[  616.982377][ T6000] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  616.992845][ T3168] viewsonic 0003:2133:0018.006B: hidraw0: USB HID v0.03 Device [HID 2133:0018] on usb-dummy_hcd.6-1/input0
[  617.192275][ T6000] usb 5-1: Using ep0 maxpacket: 8
[  617.202889][ T6000] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  617.217447][ T3168] usb 7-1: USB disconnect, device number 27
[  617.232450][ T6000] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  617.253826][T17967] bridge_slave_1: left allmulticast mode
[  617.273916][ T6000] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  617.285753][T17967] bridge_slave_1: left promiscuous mode
[  617.304435][T17967] bridge0: port 2(bridge_slave_1) entered disabled state
[  617.323095][ T6000] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  617.344878][ T6000] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  617.382329][ T6000] usb 5-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  617.392646][ T6000] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  617.407372][ T6000] usb 5-1: Product: syz
[  617.416734][ T6000] usb 5-1: Manufacturer: syz
[  617.422924][T17967] bridge_slave_0: left allmulticast mode
[  617.428786][T17967] bridge_slave_0: left promiscuous mode
[  617.434537][ T6000] usb 5-1: SerialNumber: syz
[  617.439655][T17967] bridge0: port 1(bridge_slave_0) entered disabled state
[  617.480645][ T6000] usb 5-1: config 0 descriptor??
[  617.627622][T16788] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  617.643564][T16788] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  617.655716][T16788] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  617.662070][ T6001] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  617.669717][T16788] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  617.679952][T16788] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  617.719912][ T6000] radio-si470x 5-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  617.774132][ T6000] radio-si470x 5-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  617.847911][ T6001] usb 3-1: Using ep0 maxpacket: 8
[  617.890842][ T6001] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  617.927814][ T6000] radio-si470x 5-1:0.0: software version 80, hardware version 212
[  617.947790][ T6000] radio-si470x 5-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  617.963297][ T6001] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  617.995032][ T6001] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  618.007539][ T6001] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024
[  618.041805][ T6001] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  618.070522][ T6001] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  618.115871][ T6001] usb 3-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  618.115949][ T6001] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  618.115986][ T6001] usb 3-1: Product: syz
[  618.116014][ T6001] usb 3-1: Manufacturer: syz
[  618.116041][ T6001] usb 3-1: SerialNumber: syz
[  618.148202][ T6001] usb 3-1: config 0 descriptor??
[  618.149004][T18550] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  618.153963][ T6000] radio-si470x 5-1:0.0: si470x_set_report: usb_control_msg returned -71
[  618.154055][ T6000] radio-si470x 5-1:0.0: submitting int urb failed (-90)
[  618.162472][ T6000] radio-si470x 5-1:0.0: si470x_set_report: usb_control_msg returned -71
[  618.162912][ T6000] radio-si470x 5-1:0.0: probe with driver radio-si470x failed with error -22
[  618.191654][ T6000] usb 5-1: USB disconnect, device number 52
[  618.342869][T18553] loop5: detected capacity change from 0 to 32768
[  618.421080][T18553] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  618.507145][T18553] XFS (loop5): Ending clean mount
[  618.643721][ T5845] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  619.402977][T17967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  619.511784][ T6001] rc_core: IR keymap rc-snapstream-firefly not found
[  619.518689][ T6001] Registered IR keymap rc-empty
[  619.526808][T17967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  619.552488][ T6001] rc rc0: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  619.594562][ T6001] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input47
[  619.614872][T17967] bond0 (unregistering): Released all slaves
[  619.645539][ T6001] input: syz syz mouse as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input48
[  619.657906][T18575] loop1: detected capacity change from 0 to 32768
[  619.692611][T18575] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  619.730930][T16788] Bluetooth: hci5: command tx timeout
[  619.736867][ T6001] usb 3-1: USB disconnect, device number 39
[  619.736939][    C0] ati_remote 3-1:0.0: ati_remote_irq_in: usb_submit_urb()=-19
[  619.801499][T18582] sp0: Synchronizing with TNC
[  619.866891][T18575] XFS (loop1): Ending clean mount
[  620.313539][ T5852] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  620.438017][T18612] usb usb8: usbfs: process 18612 (syz.6.5173) did not claim interface 0 before use
[  620.531089][ T5936] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  620.715431][ T5936] usb 5-1: Using ep0 maxpacket: 16
[  620.753362][ T5936] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11
[  620.781168][ T5936] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  620.828667][T18620] loop2: detected capacity change from 0 to 1024
[  620.843100][ T5936] usb 5-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  620.870802][ T5936] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  620.912000][ T5936] usb 5-1: config 0 descriptor??
[  620.960368][T18620] hfsplus: bad catalog entry type
[  620.998925][T18624] loop5: detected capacity change from 0 to 512
[  621.073563][ T1141] hfsplus: b-tree write err: -5, ino 4
[  621.102850][T18624] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  621.143572][T18624] EXT4-fs (loop5): 1 truncate cleaned up
[  621.163614][T18624] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  621.222320][T18629] netem: change failed
[  621.342638][T17967] hsr_slave_0: left promiscuous mode
[  621.366044][T17967] hsr_slave_1: left promiscuous mode
[  621.382089][T17967] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  621.393586][ T5936] hid-picolcd 0003:04D8:C002.006C: unknown main item tag 0x0
[  621.415611][T17967] batman_adv: batadv0: Removing interface: batadv_slave_0
[  621.425651][ T5936] hid-picolcd 0003:04D8:C002.006C: unknown main item tag 0x0
[  621.445222][ T5936] hid-picolcd 0003:04D8:C002.006C: unknown main item tag 0x0
[  621.472064][T17967] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  621.479938][T17967] batman_adv: batadv0: Removing interface: batadv_slave_1
[  621.541299][ T5936] hid-picolcd 0003:04D8:C002.006C: No report with id 0x11 found
[  621.629173][ T5845] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  621.640399][ T6001] usb 5-1: USB disconnect, device number 53
[  621.813929][T16788] Bluetooth: hci5: command tx timeout
[  621.904650][T18625] loop1: detected capacity change from 0 to 32768
[  622.034550][T18625] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  622.215385][T18650] loop2: detected capacity change from 0 to 128
[  622.266029][T18651] loop5: detected capacity change from 0 to 8
[  622.295381][T18652] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5186'.
[  622.324296][T18651] SQUASHFS error: lzo decompression failed, data probably corrupt
[  622.337791][ T5852] ocfs2: Unmounting device (7,1) on (node local)
[  622.361044][T18651] SQUASHFS error: Failed to read block 0x0: -5
[  622.381807][T18651] SQUASHFS error: lzo decompression failed, data probably corrupt
[  622.397292][T18651] SQUASHFS error: Failed to read block 0x0: -5
[  622.431174][   T30] audit: type=1800 audit(2000000163.870:225): pid=18651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.5188" name="file2" dev="loop5" ino=3 res=0 errno=0
[  622.735427][T18660] netlink: 212404 bytes leftover after parsing attributes in process `syz.5.5192'.
[  622.852566][ T6001] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  622.956764][T17967] team0 (unregistering): Port device team_slave_1 removed
[  622.990702][T18669] [U] 
[  622.993491][T18669] [U] 
[  622.996239][T18669] [U] 
[  622.998991][T18669] [U] 
[  623.030795][ T6001] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  623.056179][T18669] [U] 
[  623.058951][T18669] [U] 
[  623.061700][T18669] [U] 
[  623.064441][T18669] [U] 
[  623.067524][ T6001] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  623.085103][T18669] [U] 
[  623.087634][ T6001] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  623.087836][T18669] [U] 
[  623.099547][T18669] [U] 
[  623.099933][ T6001] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  623.110467][ T6001] usb 3-1: SerialNumber: syz
[  623.116355][T17967] team0 (unregistering): Port device team_slave_0 removed
[  623.122370][T18668] [U] 
[  623.261096][T17796] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  623.368707][ T6001] usb 3-1: 0:2 : does not exist
[  623.378056][ T6001] usb 3-1: unit 255 not found!
[  623.478305][T17796] usb 2-1: Using ep0 maxpacket: 32
[  623.492144][ T6001] usb 3-1: USB disconnect, device number 40
[  623.499618][T17796] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  623.514264][T17796] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  623.541126][T17796] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  623.550311][T17796] usb 2-1: config 1 has no interface number 0
[  623.577232][T17796] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  623.595091][T17796] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  623.642639][T17796] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  623.654914][T17796] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.705036][T17796] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  623.890886][T16788] Bluetooth: hci5: command tx timeout
[  623.921993][T17796] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached
[  624.204710][T18678] loop4: detected capacity change from 0 to 512
[  624.255927][T18678] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e01c, mo2=0002]
[  624.267644][T18678] System zones: 1-12
[  624.273764][T18678] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.5202: Directory hole found for htree index block 0
[  624.305082][T18678] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117
[  624.329172][T18678] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.5202: Directory hole found for htree index block 0
[  624.348969][T18678] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  624.384367][T18678] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  624.408735][ T5936] usb 2-1: USB disconnect, device number 45
[  624.420630][ T5936] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  624.445507][T18664] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  624.467230][T18674] .: renamed from veth1_vlan (while UP)
[  624.489919][T18555] chnl_net:caif_netlink_parms(): no params data found
[  624.613299][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  624.636977][T18686] loop2: detected capacity change from 0 to 512
[  624.707647][T18686] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.5215: invalid block
[  624.744830][T18690] loop6: detected capacity change from 0 to 1024
[  624.758135][T18686] EXT4-fs error (device loop2): ext4_free_branches:1020: inode #11: comm syz.2.5215: invalid indirect mapped block 4294967295 (level 1)
[  624.812175][T18686] EXT4-fs error (device loop2): ext4_free_branches:1020: inode #11: comm syz.2.5215: invalid indirect mapped block 4294967295 (level 1)
[  624.846897][T18690] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  624.932821][T18690] ext4 filesystem being mounted at /650/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  624.959525][T18686] EXT4-fs (loop2): 2 truncates cleaned up
[  624.972876][T18686] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  624.989038][T18555] bridge0: port 1(bridge_slave_0) entered blocking state
[  624.996322][T18555] bridge0: port 1(bridge_slave_0) entered disabled state
[  625.009420][T18555] bridge_slave_0: entered allmulticast mode
[  625.019871][T18555] bridge_slave_0: entered promiscuous mode
[  625.029630][T18555] bridge0: port 2(bridge_slave_1) entered blocking state
[  625.037286][T18555] bridge0: port 2(bridge_slave_1) entered disabled state
[  625.048071][T18555] bridge_slave_1: entered allmulticast mode
[  625.104507][T18555] bridge_slave_1: entered promiscuous mode
[  625.157147][ T9488] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  625.326102][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  625.328763][T18706] loop5: detected capacity change from 0 to 512
[  625.384079][T18706] EXT4-fs: Ignoring removed nobh option
[  625.398175][T18555] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  625.447073][T18706] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  625.466361][T18555] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  625.511248][T17967] IPVS: stop unused estimator thread 0...
[  625.518920][T18706] EXT4-fs error (device loop5): ext4_clear_blocks:874: inode #13: comm syz.5.5211: attempt to clear invalid blocks 2 len 1
[  625.541111][T18709] loop6: detected capacity change from 0 to 512
[  625.574687][T18706] EXT4-fs (loop5): Remounting filesystem read-only
[  625.595473][T18706] EXT4-fs (loop5): 1 truncate cleaned up
[  625.602484][T18709] EXT4-fs (loop6): Test dummy encryption mode enabled
[  625.605232][T18706] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  625.623482][T18709] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  625.694633][T18709] EXT4-fs error (device loop6): ext4_orphan_get:1419: comm syz.6.5210: bad orphan inode 131083
[  625.727664][T18555] team0: Port device team_slave_0 added
[  625.742140][T18555] team0: Port device team_slave_1 added
[  625.773486][T18709] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  625.847084][T18709] overlayfs: upper fs needs to support d_type.
[  625.884562][ T5845] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  625.968296][T18555] batman_adv: batadv0: Adding interface: batadv_slave_0
[  625.975386][T16788] Bluetooth: hci5: command tx timeout
[  626.002628][T18721] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5217'.
[  626.042544][T18555] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  626.110865][T18555] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  626.126677][T18726] loop5: detected capacity change from 0 to 256
[  626.154653][T18555] batman_adv: batadv0: Adding interface: batadv_slave_1
[  626.196684][T18555] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  626.217802][T18728] loop4: detected capacity change from 0 to 512
[  626.222639][    C0] vkms_vblank_simulate: vblank timer overrun
[  626.258698][T18555] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  626.286414][T18728] EXT4-fs (loop4): Test dummy encryption mode enabled
[  626.304661][T18728] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  626.326954][T18731] loop1: detected capacity change from 0 to 164
[  626.344624][T18728] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.5232: bad orphan inode 131083
[  626.377245][T18728] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  626.420457][T18731] syz.1.5221: attempt to access beyond end of device
[  626.420457][T18731] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  626.449414][T18728] overlayfs: upper fs needs to support d_type.
[  626.467300][T18731] syz.1.5221: attempt to access beyond end of device
[  626.467300][T18731] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[  626.488554][   T30] audit: type=1800 audit(2000000167.920:226): pid=18731 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5221" name="file0" dev="loop1" ino=1862 res=0 errno=0
[  626.527666][T18555] hsr_slave_0: entered promiscuous mode
[  626.539397][T18555] hsr_slave_1: entered promiscuous mode
[  626.543912][ T9488] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  626.547340][T18555] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  626.567339][T18555] Cannot create hsr debugfs directory
[  626.574767][T17796] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  626.664475][T18735] loop5: detected capacity change from 0 to 4096
[  626.752209][T17796] usb 3-1: Using ep0 maxpacket: 32
[  626.760027][T17796] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  626.785418][T17796] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  626.789584][T18735] ntfs3(loop5): ino=b, mi_enum_attr
[  626.821280][T18735] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  626.823797][T17796] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  626.839489][T18735] ntfs3(loop5): Failed to load $Extend (-22).
[  626.853272][T17796] usb 3-1: config 1 has no interface number 0
[  626.867792][T18735] ntfs3(loop5): Failed to initialize $Extend.
[  626.886101][T17796] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  626.924835][T17796] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  626.924912][T17796] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  626.924953][T17796] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  626.928460][   T30] audit: type=1800 audit(2000000168.360:227): pid=18735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.5223" name="file1" dev="loop5" ino=30 res=0 errno=0
[  626.962336][T17796] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  627.145917][T17967] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.187710][T17796] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached
[  627.408989][T13374] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  627.466915][T17967] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.692162][T15975] usb 3-1: USB disconnect, device number 41
[  627.716942][T15975] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  627.724381][T17967] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.943849][T17967] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  628.284140][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  628.296882][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  628.332600][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  628.349517][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  628.362302][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  628.380880][T15975] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  628.487355][T17967] bridge_slave_1: left allmulticast mode
[  628.508074][T17967] bridge_slave_1: left promiscuous mode
[  628.518999][T17967] bridge0: port 2(bridge_slave_1) entered disabled state
[  628.544673][T17967] bridge_slave_0: left allmulticast mode
[  628.550428][T17967] bridge_slave_0: left promiscuous mode
[  628.563942][T17967] bridge0: port 1(bridge_slave_0) entered disabled state
[  628.578653][T15975] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 242, using maximum allowed: 30
[  628.589845][T15975] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 254, changing to 11
[  628.601281][T15975] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 242
[  628.614707][T15975] usb 2-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00
[  628.626476][T15975] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  628.638011][T15975] usb 2-1: config 0 descriptor??
[  628.700636][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  628.713723][ T5848] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  628.723000][ T5848] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  628.733638][ T5848] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  628.742777][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  629.095314][T15975] zydacron 0003:13EC:0006.006D: hidraw0: USB HID v0.03 Device [HID 13ec:0006] on usb-dummy_hcd.1-1/input0
[  629.194317][T17967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  629.206587][T17967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  629.218442][T17967] bond0 (unregistering): Released all slaves
[  629.298672][    T9] usb 2-1: USB disconnect, device number 46
[  629.394571][T17967] : left promiscuous mode
[  629.466513][T18753] loop2: detected capacity change from 0 to 4096
[  629.520263][T18756] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  629.699290][ T5936] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  629.704623][T18759] loop2: detected capacity change from 0 to 512
[  629.725520][T18759] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  629.741695][T18759] EXT4-fs (loop2): 1 truncate cleaned up
[  629.749468][T18759] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  629.881133][ T5936] usb 6-1: Using ep0 maxpacket: 32
[  629.911159][ T5936] usb 6-1: New USB device found, idVendor=05ac, idProduct=022b, bcdDevice= 0.00
[  629.920258][ T5936] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.982896][ T5936] usb 6-1: config 0 descriptor??
[  630.050583][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  630.084362][T18555] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  630.112721][T17967] hsr_slave_0: left promiscuous mode
[  630.123028][T17967] hsr_slave_1: left promiscuous mode
[  630.129167][T17967] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  630.154242][T17967] batman_adv: batadv0: Removing interface: batadv_slave_0
[  630.169689][T17967] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  630.188073][T17967] batman_adv: batadv0: Removing interface: batadv_slave_1
[  630.198223][T18769] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5238'.
[  630.412876][T18773] loop2: detected capacity change from 0 to 1024
[  630.442627][ T5936] apple 0003:05AC:022B.006E: item fetching failed at offset 5/7
[  630.451157][ T5848] Bluetooth: hci0: command tx timeout
[  630.470399][ T5936] apple 0003:05AC:022B.006E: parse failed
[  630.477149][ T5936] apple 0003:05AC:022B.006E: probe with driver apple failed with error -22
[  630.523291][T17967] pim6reg (unregistering): left allmulticast mode
[  630.555941][T18776] loop1: detected capacity change from 0 to 512
[  630.596330][T18776] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  630.628915][T18776] EXT4-fs (loop1): invalid journal inode
[  630.640951][T18776] EXT4-fs (loop1): can't get journal size
[  630.648713][T18778] loop2: detected capacity change from 0 to 256
[  630.667842][T18776] EXT4-fs (loop1): 1 truncate cleaned up
[  630.678148][T18776] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  630.692295][ T6001] usb 6-1: USB disconnect, device number 28
[  630.765133][T18778] FAT-fs (loop2): Directory bread(block 64) failed
[  630.775728][ T5848] Bluetooth: hci2: command tx timeout
[  630.784145][T18778] FAT-fs (loop2): Directory bread(block 65) failed
[  630.786229][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  630.792173][T18778] FAT-fs (loop2): Directory bread(block 66) failed
[  630.806304][T18778] FAT-fs (loop2): Directory bread(block 67) failed
[  630.825407][T18778] FAT-fs (loop2): Directory bread(block 68) failed
[  630.832365][T18778] FAT-fs (loop2): Directory bread(block 69) failed
[  630.861481][T18778] FAT-fs (loop2): Directory bread(block 70) failed
[  630.886592][T18778] FAT-fs (loop2): Directory bread(block 71) failed
[  630.896767][T18778] FAT-fs (loop2): Directory bread(block 72) failed
[  630.910573][T18778] FAT-fs (loop2): Directory bread(block 73) failed
[  631.157715][T17967] team0 (unregistering): Port device team_slave_1 removed
[  631.209706][T17967] team0 (unregistering): Port device team_slave_0 removed
[  631.382345][ T6001] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  631.561238][ T6001] usb 3-1: Using ep0 maxpacket: 32
[  631.574331][ T6001] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  631.610823][ T6001] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  631.629574][ T6001] usb 3-1: New USB device found, idVendor=0c70, idProduct=f0b6, bcdDevice= 0.00
[  631.638752][ T6001] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  631.671908][ T6001] usb 3-1: config 0 descriptor??
[  632.111407][ T6001] aquacomputer_d5next 0003:0C70:F0B6.006F: hidraw0: USB HID vff.fc Device [HID 0c70:f0b6] on usb-dummy_hcd.2-1/input0
[  632.143163][T18555] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  632.167840][T18555] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  632.286426][T18789] loop5: detected capacity change from 0 to 32768
[  632.324288][ T6001] usb 3-1: USB disconnect, device number 42
[  632.362015][T18789] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  632.375796][T18555] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  632.443633][T18789] (syz.5.5249,18789,0):ocfs2_verify_group_and_input:428 ERROR: add a group which is in the current volume.
[  632.455713][T18789] (syz.5.5249,18789,0):ocfs2_group_add:511 ERROR: status = -22
[  632.531003][ T5848] Bluetooth: hci0: command tx timeout
[  632.538115][T18746] chnl_net:caif_netlink_parms(): no params data found
[  632.599398][ T5845] ocfs2: Unmounting device (7,5) on (node local)
[  632.647653][T18750] chnl_net:caif_netlink_parms(): no params data found
[  632.851027][ T5848] Bluetooth: hci2: command tx timeout
[  633.201651][T17967] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  633.312344][T18746] bridge0: port 1(bridge_slave_0) entered blocking state
[  633.328972][T18746] bridge0: port 1(bridge_slave_0) entered disabled state
[  633.358072][T18746] bridge_slave_0: entered allmulticast mode
[  633.386208][T18746] bridge_slave_0: entered promiscuous mode
[  633.414767][T18746] bridge0: port 2(bridge_slave_1) entered blocking state
[  633.449092][T18746] bridge0: port 2(bridge_slave_1) entered disabled state
[  633.469747][T18746] bridge_slave_1: entered allmulticast mode
[  633.496459][T18746] bridge_slave_1: entered promiscuous mode
[  633.566554][T18750] bridge0: port 1(bridge_slave_0) entered blocking state
[  633.588760][T18750] bridge0: port 1(bridge_slave_0) entered disabled state
[  633.606323][T18750] bridge_slave_0: entered allmulticast mode
[  633.618346][T18750] bridge_slave_0: entered promiscuous mode
[  633.671362][T18808] loop5: detected capacity change from 0 to 40427
[  633.671486][T17967] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  633.680040][T18808] F2FS-fs (loop5): Wrong secs_per_zone / total_sections (32769, 24)
[  633.708113][T18808] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  633.749169][T18808] F2FS-fs (loop5): build fault injection rate: 690
[  633.769730][T18808] F2FS-fs (loop5): Image doesn't support compression
[  633.788042][T18808] F2FS-fs (loop5): heap/no_heap options were deprecated
[  633.789851][T18746] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  633.797193][T18808] F2FS-fs (loop5): build fault injection type: 0x4
[  633.820723][T18746] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  633.851285][T18750] bridge0: port 2(bridge_slave_1) entered blocking state
[  633.868725][T18750] bridge0: port 2(bridge_slave_1) entered disabled state
[  633.876543][T18808] F2FS-fs (loop5): invalid crc value
[  633.881155][T18750] bridge_slave_1: entered allmulticast mode
[  633.900025][T18750] bridge_slave_1: entered promiscuous mode
[  633.904667][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  633.917977][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  633.973193][T17967] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  634.138334][T18808] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  634.150839][T18808] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  634.198144][T18819] loop2: detected capacity change from 0 to 32768
[  634.215321][T18819] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.5255 (18819)
[  634.244832][T17967] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  634.245187][T18819] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  634.282989][T18819] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm
[  634.294171][T18819] BTRFS info (device loop2): using free-space-tree
[  634.390138][T18746] team0: Port device team_slave_0 added
[  634.412815][T18746] team0: Port device team_slave_1 added
[  634.473173][T18750] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  634.493925][T18819] BTRFS info (device loop2): rebuilding free space tree
[  634.505146][T18750] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  634.582243][T18845] Bluetooth: MGMT ver 1.23
[  634.611089][ T5848] Bluetooth: hci0: command tx timeout
[  634.700447][   T30] audit: type=1800 audit(2000000176.130:228): pid=18819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.5255" name="bus" dev="loop2" ino=263 res=0 errno=0
[  634.747480][T18847] loop1: detected capacity change from 0 to 1024
[  634.855141][T18746] batman_adv: batadv0: Adding interface: batadv_slave_0
[  634.874798][ T5840] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  634.875539][T18746] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  634.910898][    C0] vkms_vblank_simulate: vblank timer overrun
[  634.931637][ T5848] Bluetooth: hci2: command tx timeout
[  634.961544][T18746] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  634.986725][T18746] batman_adv: batadv0: Adding interface: batadv_slave_1
[  635.023424][T18746] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  635.120863][T18746] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  635.166097][T18750] team0: Port device team_slave_0 added
[  635.253859][T18750] team0: Port device team_slave_1 added
[  635.482724][T18860] loop5: detected capacity change from 0 to 8
[  635.515392][T18860] unable to read id index table
[  635.662184][T18750] batman_adv: batadv0: Adding interface: batadv_slave_0
[  635.669230][T18750] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  635.700684][T18750] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  635.731017][T18746] hsr_slave_0: entered promiscuous mode
[  635.741847][T18746] hsr_slave_1: entered promiscuous mode
[  635.749190][T18746] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  635.786932][T18746] Cannot create hsr debugfs directory
[  635.843328][T18750] batman_adv: batadv0: Adding interface: batadv_slave_1
[  635.850339][T18750] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  635.876301][    C0] vkms_vblank_simulate: vblank timer overrun
[  635.893145][T18750] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  635.959259][T17967] bridge_slave_1: left allmulticast mode
[  635.974493][T17967] bridge_slave_1: left promiscuous mode
[  635.984228][T17967] bridge0: port 2(bridge_slave_1) entered disabled state
[  636.011448][T17967] bridge_slave_0: left allmulticast mode
[  636.027130][T17967] bridge_slave_0: left promiscuous mode
[  636.040162][T17967] bridge0: port 1(bridge_slave_0) entered disabled state
[  636.088314][T18873] loop1: detected capacity change from 0 to 512
[  636.096928][T18873] EXT4-fs: Ignoring removed i_version option
[  636.140555][T18873] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  636.162177][T18873] ext4 filesystem being mounted at /894/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  636.299990][T18873] EXT4-fs: Cannot change journaled quota options when quota turned on
[  636.409529][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  636.691356][ T5848] Bluetooth: hci0: command tx timeout
[  636.739715][T17967] team0: Port device bridge1 removed
[  636.900279][T18892] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5277'.
[  636.926351][T17967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  636.944721][T17967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  636.957906][T17967] bond0 (unregistering): Released all slaves
[  637.011111][ T5848] Bluetooth: hci2: command tx timeout
[  637.212548][T18555] 8021q: adding VLAN 0 to HW filter on device bond0
[  637.345886][T18900] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5280'.
[  637.447283][T18750] hsr_slave_0: entered promiscuous mode
[  637.462590][T18750] hsr_slave_1: entered promiscuous mode
[  637.469005][T18750] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  637.478072][T18750] Cannot create hsr debugfs directory
[  637.550904][T18902] mkiss: ax0: crc mode is auto.
[  637.588572][T18907] loop2: detected capacity change from 0 to 256
[  637.759867][T18555] 8021q: adding VLAN 0 to HW filter on device team0
[  637.797695][T17967] hsr_slave_0: left promiscuous mode
[  637.827131][T17967] hsr_slave_1: left promiscuous mode
[  637.862850][T17967] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  637.870314][T17967] batman_adv: batadv0: Removing interface: batadv_slave_0
[  637.899665][T17967] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  637.919916][T17967] batman_adv: batadv0: Removing interface: batadv_slave_1
[  638.152320][ T6000] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  638.333831][ T6000] usb 6-1: Using ep0 maxpacket: 32
[  638.353517][ T6000] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  638.381538][ T6000] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  638.402837][ T6000] usb 6-1: New USB device found, idVendor=0c70, idProduct=f0b6, bcdDevice= 0.00
[  638.418376][ T6000] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  638.441327][ T6000] usb 6-1: config 0 descriptor??
[  638.621785][T18912] loop2: detected capacity change from 0 to 32768
[  638.630382][T18912] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.5295 (18912)
[  638.685582][T18912] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  638.696766][T18912] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm
[  638.706910][T18912] BTRFS info (device loop2): using free-space-tree
[  638.708551][T17967] team0 (unregistering): Port device team_slave_1 removed
[  638.770272][T17967] team0 (unregistering): Port device team_slave_0 removed
[  638.907325][ T6000] aquacomputer_d5next 0003:0C70:F0B6.0070: hidraw0: USB HID vff.fc Device [HID 0c70:f0b6] on usb-dummy_hcd.5-1/input0
[  639.137214][ T5936] usb 6-1: USB disconnect, device number 29
[  639.166836][ T5840] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  639.740827][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  639.748029][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  639.821256][ T3168] usb 3-1: new full-speed USB device number 43 using dummy_hcd
[  639.867731][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  639.874963][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  639.997537][ T3168] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  640.025534][ T3168] usb 3-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00
[  640.041610][ T3168] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  640.064763][ T3168] usb 3-1: config 0 descriptor??
[  640.076555][T18938] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  640.099924][T18946] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[  640.243874][T17967] IPVS: stop unused estimator thread 0...
[  640.309798][T18948] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5297'.
[  640.358849][T18746] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  640.436628][T18746] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  640.497474][T18746] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  640.524789][ T3168] bigben 0003:146B:0902.0071: unexpected rdesc, please submit for review
[  640.563338][ T3168] bigben 0003:146B:0902.0071: item fetching failed at offset 4/5
[  640.596830][T18746] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  640.605642][ T3168] bigben 0003:146B:0902.0071: parse failed
[  640.625966][ T3168] bigben 0003:146B:0902.0071: probe with driver bigben failed with error -22
[  640.774556][ T3168] usb 3-1: USB disconnect, device number 43
[  640.814135][T18961] netlink: 'syz.5.5299': attribute type 1 has an invalid length.
[  640.841156][T18961] netlink: 'syz.5.5299': attribute type 2 has an invalid length.
[  640.848954][T18961] netlink: 1172 bytes leftover after parsing attributes in process `syz.5.5299'.
[  640.889859][T18750] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  640.938046][T18750] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  641.002671][T18750] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  641.048975][T18750] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  641.206793][T18555] 8021q: adding VLAN 0 to HW filter on device batadv0
[  641.497798][T18746] 8021q: adding VLAN 0 to HW filter on device bond0
[  641.599374][T18555] veth0_vlan: entered promiscuous mode
[  641.657442][T18555] veth1_vlan: entered promiscuous mode
[  641.688761][T18746] 8021q: adding VLAN 0 to HW filter on device team0
[  641.772584][T17967] bridge0: port 1(bridge_slave_0) entered blocking state
[  641.781931][T17967] bridge0: port 1(bridge_slave_0) entered forwarding state
[  641.806146][T17967] bridge0: port 2(bridge_slave_1) entered blocking state
[  641.813368][T17967] bridge0: port 2(bridge_slave_1) entered forwarding state
[  641.884412][ T5915] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  641.916799][T18555] veth0_macvtap: entered promiscuous mode
[  641.972160][T18555] veth1_macvtap: entered promiscuous mode
[  642.028418][T18750] 8021q: adding VLAN 0 to HW filter on device bond0
[  642.090905][ T5915] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  642.105117][ T5915] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  642.108196][T18555] batman_adv: batadv0: Interface activated: batadv_slave_0
[  642.115537][ T5915] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  642.115582][ T5915] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  642.132304][ T5915] usb 6-1: config 0 descriptor??
[  642.148285][T18991] loop2: detected capacity change from 0 to 2048
[  642.194574][T18994] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  642.221466][T18555] batman_adv: batadv0: Interface activated: batadv_slave_1
[  642.247391][   T30] audit: type=1800 audit(2000000183.680:229): pid=18991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.5310" name="file2" dev="loop2" ino=16 res=0 errno=0
[  642.295679][T18555] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  642.307786][T18555] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  642.316682][T18555] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  642.325692][T18555] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  642.336357][T18991] NILFS (loop2): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3)
[  642.355421][T18750] 8021q: adding VLAN 0 to HW filter on device team0
[  642.365830][T18991] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=16)
[  642.400275][T18991] Remounting filesystem read-only
[  642.442308][ T3547] bridge0: port 1(bridge_slave_0) entered blocking state
[  642.449528][ T3547] bridge0: port 1(bridge_slave_0) entered forwarding state
[  642.462194][ T3547] bridge0: port 2(bridge_slave_1) entered blocking state
[  642.469389][ T3547] bridge0: port 2(bridge_slave_1) entered forwarding state
[  642.497409][ T5840] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer
[  642.574193][ T5915] pyra 0003:1E7D:2CF6.0072: item fetching failed at offset 5/7
[  642.617129][ T5915] pyra 0003:1E7D:2CF6.0072: parse failed
[  642.636926][ T5915] pyra 0003:1E7D:2CF6.0072: probe with driver pyra failed with error -22
[  642.773970][ T6000] usb 6-1: USB disconnect, device number 30
[  642.845123][T17967] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  642.868064][T17967] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  642.950885][T15977] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  643.000216][T17967] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  643.015651][T17967] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  643.141267][T15977] usb 2-1: Using ep0 maxpacket: 32
[  643.158894][T15977] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  643.181384][T15977] usb 2-1: config 0 has no interface number 0
[  643.219853][T15977] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  643.253926][T15977] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  643.282920][T15977] usb 2-1: Product: syz
[  643.287146][T15977] usb 2-1: Manufacturer: syz
[  643.295332][T18746] 8021q: adding VLAN 0 to HW filter on device batadv0
[  643.310896][T15977] usb 2-1: SerialNumber: syz
[  643.326832][T15977] usb 2-1: config 0 descriptor??
[  643.352395][T15977] smsc95xx v2.0.0
[  643.512787][    T9] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  643.568435][T18750] 8021q: adding VLAN 0 to HW filter on device batadv0
[  643.691429][    T9] usb 3-1: Using ep0 maxpacket: 32
[  643.723067][    T9] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  643.749142][    T9] usb 3-1: config 0 has no interface number 0
[  643.760056][    T9] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  643.787103][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  643.817970][    T9] usb 3-1: Product: syz
[  643.844257][    T9] usb 3-1: Manufacturer: syz
[  643.870318][    T9] usb 3-1: SerialNumber: syz
[  643.904660][    T9] usb 3-1: config 0 descriptor??
[  643.919753][    T9] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  643.956299][    T9] usb 3-1: selecting invalid altsetting 1
[  643.990620][    T9] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  644.014028][    T9] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  644.055956][    T9] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  644.083701][    T9] usb 3-1: media controller created
[  644.233730][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  644.589022][T18746] veth0_vlan: entered promiscuous mode
[  644.640243][T18746] veth1_vlan: entered promiscuous mode
[  644.753650][T18746] veth0_macvtap: entered promiscuous mode
[  644.788463][T18746] veth1_macvtap: entered promiscuous mode
[  644.891566][T18746] batman_adv: batadv0: Interface activated: batadv_slave_0
[  644.956844][T18746] batman_adv: batadv0: Interface activated: batadv_slave_1
[  645.040668][T18746] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  645.063797][T18746] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  645.085967][T18746] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  645.116036][T18746] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  645.157193][T19028] loop3: detected capacity change from 0 to 32768
[  645.171521][T19010] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  645.201675][    T9] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  645.224947][    T9] zl10353_read_register: readreg error (reg=127, ret==-71)
[  645.256280][    T9] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  645.266201][T19032] loop5: detected capacity change from 0 to 32768
[  645.285430][T18750] veth0_vlan: entered promiscuous mode
[  645.362779][T18750] veth1_vlan: entered promiscuous mode
[  645.463610][    T9] usb 3-1: USB disconnect, device number 44
[  645.553463][ T3547] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  645.569451][ T3547] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  645.650780][T18750] veth0_macvtap: entered promiscuous mode
[  645.678707][  T151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  645.702116][  T151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  645.709045][T18750] veth1_macvtap: entered promiscuous mode
[  645.750276][T15977] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  645.804631][T15977] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  645.833099][T15977] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  645.844902][T15977] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[  645.869736][T18750] batman_adv: batadv0: Interface activated: batadv_slave_0
[  645.893473][T15977] usb 2-1: USB disconnect, device number 47
[  645.945228][T18750] batman_adv: batadv0: Interface activated: batadv_slave_1
[  645.996050][T18750] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  646.017100][T18750] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  646.039035][T18750] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  646.073290][T18750] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  646.325557][T19043] mkiss: ax0: crc mode is auto.
[  646.497368][   T30] audit: type=1326 audit(2000000187.930:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19052 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc89d8e929 code=0x7ffc0000
[  646.595330][   T30] audit: type=1326 audit(2000000187.930:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19052 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc89d8e929 code=0x7ffc0000
[  646.619425][T17967] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  646.656771][T17967] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  646.760647][   T30] audit: type=1326 audit(2000000187.930:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19052 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efc89d8d290 code=0x7ffc0000
[  646.914122][   T30] audit: type=1326 audit(2000000187.930:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19052 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc89d8e929 code=0x7ffc0000
[  646.936580][    C0] vkms_vblank_simulate: vblank timer overrun
[  646.950313][T18774] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  646.990884][T18774] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  647.059180][   T30] audit: type=1326 audit(2000000187.930:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19052 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc89d8e929 code=0x7ffc0000
[  647.453791][ T5826] IPVS: starting estimator thread 0...
[  647.544981][T19073] IPVS: using max 21 ests per chain, 50400 per kthread
[  647.637453][T19078] netlink: 92 bytes leftover after parsing attributes in process `syz.1.5336'.
[  647.675203][T19078] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5336'.
[  647.732840][T19082] netlink: 104 bytes leftover after parsing attributes in process `syz.8.5338'.
[  648.064748][T19059] loop2: detected capacity change from 0 to 32768
[  648.108776][T19059] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  648.193845][T19059] OCFS2: ERROR (device loop2): ocfs2_reserve_suballoc_bits: Invalid chain allocator 74
[  648.212560][T15975] usb 2-1: new full-speed USB device number 48 using dummy_hcd
[  648.222091][T19059] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  648.238665][T19059] OCFS2: Returning error to the calling process.
[  648.245463][T19059] (syz.2.5329,19059,0):ocfs2_reserve_suballoc_bits:856 ERROR: status = -5
[  648.251567][T19097] loop3: detected capacity change from 0 to 16
[  648.254677][T19059] (syz.2.5329,19059,0):ocfs2_reserve_new_inode:1097 ERROR: status = -5
[  648.270023][T19059] (syz.2.5329,19059,0):ocfs2_reserve_new_inode:1120 ERROR: status = -5
[  648.282600][T19097] erofs (device loop3): mounted with root inode @ nid 36.
[  648.288479][T19059] (syz.2.5329,19059,0):ocfs2_mknod:306 ERROR: status = -5
[  648.330343][T19059] (syz.2.5329,19059,0):ocfs2_mknod:502 ERROR: status = -5
[  648.360142][T19059] (syz.2.5329,19059,0):ocfs2_create:675 ERROR: status = -5
[  648.403098][T15975] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  648.425124][T15975] usb 2-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00
[  648.455684][T15975] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  648.474355][T19100] loop7: detected capacity change from 0 to 256
[  648.490411][T15975] usb 2-1: config 0 descriptor??
[  648.521708][T19088] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  648.560435][ T5840] ocfs2: Unmounting device (7,2) on (node local)
[  648.602490][T19100] FAT-fs (loop7): Directory bread(block 64) failed
[  648.624391][T19100] FAT-fs (loop7): Directory bread(block 65) failed
[  648.644310][T19100] FAT-fs (loop7): Directory bread(block 66) failed
[  648.664573][T19100] FAT-fs (loop7): Directory bread(block 67) failed
[  648.681197][T19100] FAT-fs (loop7): Directory bread(block 68) failed
[  648.703350][T19100] FAT-fs (loop7): Directory bread(block 69) failed
[  648.720449][T19100] FAT-fs (loop7): Directory bread(block 70) failed
[  648.771138][T19100] FAT-fs (loop7): Directory bread(block 71) failed
[  648.777892][T19100] FAT-fs (loop7): Directory bread(block 72) failed
[  648.798236][T19100] FAT-fs (loop7): Directory bread(block 73) failed
[  649.000282][T15975] bigben 0003:146B:0902.0073: unexpected rdesc, please submit for review
[  649.046298][T15975] bigben 0003:146B:0902.0073: item fetching failed at offset 4/5
[  649.067617][T15975] bigben 0003:146B:0902.0073: parse failed
[  649.101008][T15975] bigben 0003:146B:0902.0073: probe with driver bigben failed with error -22
[  649.190907][T19112] loop2: detected capacity change from 0 to 7
[  649.228722][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  649.237979][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  649.246087][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  649.255311][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  649.274184][ T5826] usb 2-1: USB disconnect, device number 48
[  649.281480][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  649.290683][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  649.309734][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  649.318952][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  649.331983][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  649.341237][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  649.354606][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  649.363840][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  649.378836][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  649.388079][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  649.396096][T19112] ldm_validate_partition_table(): Disk read failed.
[  649.417417][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  649.426674][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  649.434797][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  649.444081][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  649.465466][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  649.474709][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  649.490208][T19112] Dev loop2: unable to read RDB block 0
[  649.521187][T19112]  loop2: unable to read partition table
[  649.537734][T19112] loop2: partition table beyond EOD, truncated
[  649.551116][T19112] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  649.619337][T19117] loop3: detected capacity change from 0 to 16
[  649.740710][T19117] erofs (device loop3): mounted with root inode @ nid 36.
[  649.824912][T19116] loop7: detected capacity change from 0 to 4096
[  649.887129][T19116] EXT4-fs (loop7): Test dummy encryption mode enabled
[  649.934597][T19120] loop2: detected capacity change from 0 to 256
[  649.953029][T19116] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a042c018, mo2=0003]
[  649.971833][T19116] System zones: 0-5
[  650.000651][T19116] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  650.068238][T19107] loop5: detected capacity change from 0 to 32768
[  650.083294][T19101] loop8: detected capacity change from 0 to 40427
[  650.115213][T19107] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.5350 (19107)
[  650.154274][T19101] F2FS-fs (loop8): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[  650.177380][T19116] overlayfs: conflicting lowerdir path
[  650.186468][T19124] loop1: detected capacity change from 0 to 256
[  650.192769][T19101] F2FS-fs (loop8): Can't find valid F2FS filesystem in 2th superblock
[  650.214494][T19107] BTRFS info (device loop5): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  650.248068][T19107] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm
[  650.258502][T19126] loop3: detected capacity change from 0 to 1024
[  650.269141][T19124] exfat: Deprecated parameter 'utf8'
[  650.276030][T19107] BTRFS info (device loop5): using free-space-tree
[  650.295125][T19124] exfat: Deprecated parameter 'namecase'
[  650.311542][T19124] exfat: Deprecated parameter 'namecase'
[  650.327979][T19124] exfat: Deprecated parameter 'utf8'
[  650.375134][   T30] audit: type=1800 audit(2000000191.810:235): pid=19126 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5357" name="file1" dev="loop3" ino=20 res=0 errno=0
[  650.413341][T18746] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  650.459409][T19124] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  650.494892][T19107] BTRFS info (device loop5): rebuilding free space tree
[  650.605724][   T36] hfsplus: b-tree write err: -5, ino 4
[  650.874956][ T5845] BTRFS info (device loop5): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  650.884102][T19151] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5362'.
[  651.771005][T15977] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  651.954213][T15977] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  651.978526][T15977] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  651.997838][T15977] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  652.040670][T15977] usb 2-1: config 0 interface 0 has no altsetting 0
[  652.059414][T15977] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  652.069652][T15977] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  652.070087][T19180] loop3: detected capacity change from 0 to 2048
[  652.109844][T15977] usb 2-1: config 0 interface 0 has no altsetting 0
[  652.144542][T15977] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  652.165890][T15977] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  652.188310][T19185] loop8: detected capacity change from 0 to 1024
[  652.208433][T15977] usb 2-1: config 0 interface 0 has no altsetting 0
[  652.218568][T19187] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  652.262081][T15977] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  652.264469][T19185] hfsplus: bad catalog entry type
[  652.281890][T15977] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  652.293390][   T30] audit: type=1800 audit(2000000193.710:236): pid=19180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5374" name="file2" dev="loop3" ino=16 res=0 errno=0
[  652.310864][T15977] usb 2-1: config 0 interface 0 has no altsetting 0
[  652.354467][T19180] NILFS (loop3): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3)
[  652.398307][T15977] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  652.423390][T15977] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  652.442357][T19180] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=16)
[  652.457339][T19167] loop7: detected capacity change from 0 to 32768
[  652.471004][T15977] usb 2-1: config 0 interface 0 has no altsetting 0
[  652.486998][T19180] Remounting filesystem read-only
[  652.510690][T15977] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  652.521175][T19167] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.5370 (19167)
[  652.536048][T15977] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  652.559374][  T151] hfsplus: b-tree write err: -5, ino 4
[  652.590823][T19167] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  652.596184][T15977] usb 2-1: config 0 interface 0 has no altsetting 0
[  652.625903][T15977] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  652.632645][T19167] BTRFS info (device loop7): using crc32c (crc32c-x86_64) checksum algorithm
[  652.660232][T15977] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  652.672658][T18555] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer
[  652.685063][T15977] usb 2-1: config 0 interface 0 has no altsetting 0
[  652.690809][T19167] BTRFS info (device loop7): using free-space-tree
[  652.702865][T15977] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  652.718533][T15977] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  652.737802][T15977] usb 2-1: config 0 interface 0 has no altsetting 0
[  652.748364][T15977] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  652.802105][T15977] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  652.828594][T15977] usb 2-1: Product: syz
[  652.847757][T15977] usb 2-1: Manufacturer: syz
[  652.886107][T15977] usb 2-1: SerialNumber: syz
[  652.909385][T19167] BTRFS info (device loop7): rebuilding free space tree
[  652.921109][T15975] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  652.966385][T15977] usb 2-1: config 0 descriptor??
[  653.039863][T15977] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[  653.116822][T15975] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  653.136609][T15975] usb 6-1: New USB device found, idVendor=046d, idProduct=c532, bcdDevice= 0.00
[  653.147129][T15975] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  653.181126][T15975] usb 6-1: config 0 descriptor??
[  653.190480][   T30] audit: type=1800 audit(2000000194.620:237): pid=19167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.5370" name="bus" dev="loop7" ino=263 res=0 errno=0
[  653.398549][T15977] usb 2-1: USB disconnect, device number 49
[  653.430659][T15977] yurex 2-1:0.0: USB YUREX #0 now disconnected
[  653.460677][T18746] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  653.497430][T19223] netlink: 68 bytes leftover after parsing attributes in process `syz.3.5387'.
[  653.551851][T19223] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5387'.
[  653.572569][T19223] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5387'.
[  653.624355][T19223] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5387'.
[  653.696370][T19196] loop8: detected capacity change from 0 to 32768
[  653.817297][T19196] ocfs2: Mounting device (7,8) on (node local, slot 0) with writeback data mode.
[  653.915112][ T5826] usb 6-1: USB disconnect, device number 31
[  653.917493][T19196] (syz.8.5380,19196,1):ocfs2_verify_group_and_input:428 ERROR: add a group which is in the current volume.
[  653.935654][T19196] (syz.8.5380,19196,1):ocfs2_group_add:511 ERROR: status = -22
[  654.083531][T18750] ocfs2: Unmounting device (7,8) on (node local)
[  654.280674][ T5915] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  654.294324][T19233] loop2: detected capacity change from 0 to 1024
[  654.358078][   T30] audit: type=1800 audit(2000000195.790:238): pid=19233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.5394" name="file1" dev="loop2" ino=20 res=0 errno=0
[  654.458993][   T36] hfsplus: b-tree write err: -5, ino 4
[  654.464650][ T5915] usb 4-1: Using ep0 maxpacket: 8
[  654.500597][ T5915] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  654.516212][ T5915] usb 4-1: config 0 has no interface number 0
[  654.531118][ T5915] usb 4-1: config 0 interface 1 has no altsetting 0
[  654.561513][ T5915] usb 4-1: New USB device found, idVendor=10c4, idProduct=eac1, bcdDevice=70.2f
[  654.573054][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  654.590906][ T5915] usb 4-1: Product: syz
[  654.594613][T19240] loop1: detected capacity change from 0 to 128
[  654.596304][ T5915] usb 4-1: Manufacturer: syz
[  654.625368][ T5915] usb 4-1: SerialNumber: syz
[  654.637758][ T5915] usb 4-1: config 0 descriptor??
[  654.671061][T19240] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  654.745409][T19245] netlink: 188 bytes leftover after parsing attributes in process `syz.5.5398'.
[  654.870487][ T5915] i2c-cp2615 4-1:0.1: probe with driver i2c-cp2615 failed with error -22
[  654.880231][T19240] FAT-fs (loop1): FAT read failed (blocknr 128)
[  655.167402][T15975] usb 4-1: USB disconnect, device number 34
[  656.190828][ T5826] usb 6-1: new full-speed USB device number 32 using dummy_hcd
[  656.199238][T19258] loop8: detected capacity change from 0 to 32768
[  656.325181][T19264] loop2: detected capacity change from 0 to 32768
[  656.344765][T19276] loop1: detected capacity change from 0 to 256
[  656.370377][T19276] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  656.372687][ T5826] usb 6-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  656.422539][T19276] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  656.431027][ T5826] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  656.431070][ T5826] usb 6-1: Product: syz
[  656.431099][ T5826] usb 6-1: Manufacturer: syz
[  656.431127][ T5826] usb 6-1: SerialNumber: syz
[  656.463618][ T5826] usb 6-1: config 0 descriptor??
[  656.482224][T19264] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  656.525674][T19276] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x062de574, utbl_chksum : 0xe619d30d)
[  656.562311][T19264] (syz.2.5406,19264,1):ocfs2_verify_group_and_input:428 ERROR: add a group which is in the current volume.
[  656.610462][T19264] (syz.2.5406,19264,1):ocfs2_group_add:511 ERROR: status = -22
[  656.668787][T19266] loop7: detected capacity change from 0 to 32768
[  656.732173][T19266] debugfs: Directory 'B1DE653C5FFC4D88B33B244AAB9EB3E9' with parent 'ocfs2' already present!
[  656.754385][T19266] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  656.794800][T19283] loop3: detected capacity change from 0 to 512
[  656.812777][ T5840] ocfs2: Unmounting device (7,2) on (node local)
[  656.841511][T19283] EXT4-fs: Ignoring removed mblk_io_submit option
[  656.904993][T19283] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  656.918241][ T5826] airspy 6-1:0.0: Board ID: 05
[  656.925380][T18746] ocfs2: Unmounting device (7,7) on (node local)
[  656.930806][ T5826] airspy 6-1:0.0: Firmware version: 
[  656.983490][T19283] EXT4-fs error (device loop3): ext4_clear_blocks:874: inode #13: comm syz.3.5415: attempt to clear invalid blocks 2 len 1
[  657.048714][T19283] EXT4-fs (loop3): Remounting filesystem read-only
[  657.093278][T19283] EXT4-fs (loop3): 1 truncate cleaned up
[  657.114208][T19289] loop1: detected capacity change from 0 to 512
[  657.121612][T19283] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  657.130904][ T5826] airspy 6-1:0.0: usb_control_msg() failed -71 request 11
[  657.150530][T19289] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  657.181024][ T5826] airspy 6-1:0.0: Registered as swradio24
[  657.186834][ T5826] airspy 6-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  657.207239][T19283] EXT4-fs (loop3): Quota file not on filesystem root. Journaled quota will not work
[  657.221231][ T5826] usb 6-1: USB disconnect, device number 32
[  657.263925][T19289] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  657.357593][T19289] ext4 filesystem being mounted at /927/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  657.430470][T19289] EXT4-fs warning (device loop1): verify_group_input:156: Last group not full
[  657.526533][T18555] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  657.578217][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  657.786349][T19302] loop7: detected capacity change from 0 to 4096
[  657.868860][T19312] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  657.960864][ T5826] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  658.162288][ T5826] usb 4-1: Using ep0 maxpacket: 8
[  658.192527][ T5826] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  658.236969][ T5826] usb 4-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00
[  658.271080][T19318] loop1: detected capacity change from 0 to 4096
[  658.305095][T19318] EXT4-fs (loop1): Test dummy encryption mode enabled
[  658.305651][ T5826] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  658.332552][T19328] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5430'.
[  658.334284][T19318] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a042c018, mo2=0003]
[  658.349930][T19318] System zones: 0-5
[  658.361257][T19318] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  658.371091][ T5826] usb 4-1: config 0 descriptor??
[  658.380131][T19328] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5430'.
[  658.394191][T19328] netlink: 'syz.5.5430': attribute type 20 has an invalid length.
[  658.476061][T19318] overlayfs: conflicting lowerdir path
[  658.666618][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.858738][ T5826] kye 0003:0458:4018.0075: hidraw0: USB HID v0.07 Device [HID 0458:4018] on usb-dummy_hcd.3-1/input0
[  658.909521][T19341] loop1: detected capacity change from 0 to 8
[  658.962966][T19341] unable to read xattr id index table
[  659.033277][ T5826] usb 4-1: USB disconnect, device number 35
[  659.247095][T19354] loop1: detected capacity change from 0 to 128
[  659.276044][T19354] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  659.302717][T19354] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  659.313580][T19356] loop5: detected capacity change from 0 to 512
[  659.423415][T19356] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  659.433199][T19362] loop8: detected capacity change from 0 to 128
[  659.450282][T19362] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  659.530029][T19356] ext4 filesystem being mounted at /917/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  659.611645][T19364] loop1: detected capacity change from 0 to 1024
[  659.660493][T19364] hfsplus: failed to load root directory
[  659.798782][ T5845] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  659.874192][T19370] loop8: detected capacity change from 0 to 16
[  659.914063][T19370] erofs (device loop8): mounted with root inode @ nid 36.
[  659.957347][T19373] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5453'.
[  660.001344][T19373] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5453'.
[  660.030898][T15977] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  660.158346][T19347] loop7: detected capacity change from 0 to 32768
[  660.265428][T15977] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  660.287698][T15977] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  660.301152][T19347] ERROR: (device loop7): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 3
[  660.301152][T19347] 
[  660.323592][T15977] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  660.345104][T19347] ERROR: (device loop7): remounting filesystem as read-only
[  660.354918][T15977] usb 3-1: config 0 interface 0 has no altsetting 0
[  660.363781][T15977] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  660.384952][T15977] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  660.427464][T15977] usb 3-1: config 0 interface 0 has no altsetting 0
[  660.456269][T15977] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  660.475639][T15977] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  660.518188][T15977] usb 3-1: config 0 interface 0 has no altsetting 0
[  660.542655][T15977] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  660.554390][T19384] loop8: detected capacity change from 0 to 512
[  660.560883][T15977] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  660.577247][T19384] EXT4-fs: Ignoring removed i_version option
[  660.593600][T15977] usb 3-1: config 0 interface 0 has no altsetting 0
[  660.614294][T15977] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  660.631482][T15977] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  660.644617][T19384] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  660.689196][T15977] usb 3-1: config 0 interface 0 has no altsetting 0
[  660.713000][T15977] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  660.724077][T15977] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  660.735136][T15977] usb 3-1: config 0 interface 0 has no altsetting 0
[  660.744631][T15977] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  660.753718][T15977] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  660.764735][T15977] usb 3-1: config 0 interface 0 has no altsetting 0
[  660.774603][T15977] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  660.774958][T19384] EXT4-fs (loop8): 1 truncate cleaned up
[  660.784611][T15977] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  660.784662][T15977] usb 3-1: config 0 interface 0 has no altsetting 0
[  660.787839][T15977] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  660.820608][T15977] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  660.829444][T15977] usb 3-1: Product: syz
[  660.840073][T15977] usb 3-1: Manufacturer: syz
[  660.844917][T15977] usb 3-1: SerialNumber: syz
[  660.854200][T15977] usb 3-1: config 0 descriptor??
[  660.867233][T15977] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0
[  660.869117][T19384] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  660.981185][T19395] tmpfs: Cannot change global quota limit on remount
[  661.194839][T18750] EXT4-fs warning (device loop8): ext4_xattr_inode_create:1468: refuse to create EA inode when umounting
[  661.231375][T18750] ------------[ cut here ]------------
[  661.236938][T18750] WARNING: CPU: 1 PID: 18750 at fs/ext4/xattr.c:1470 ext4_xattr_inode_lookup_create+0x118e/0x1950
[  661.247825][T18750] Modules linked in:
[  661.252582][T18750] CPU: 1 UID: 0 PID: 18750 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[  661.265355][T18750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  661.275514][T18750] RIP: 0010:ext4_xattr_inode_lookup_create+0x118e/0x1950
[  661.282782][T18750] Code: f8 9c 97 ff e9 4e f6 ff ff e8 4e c2 31 ff 48 c7 c1 40 fa c7 8b ba bc 05 00 00 4c 89 e7 48 c7 c6 00 02 c8 8b e8 d3 dc fd ff 90 <0f> 0b 90 48 c7 c3 ea ff ff ff e8 23 c2 31 ff 48 8b 95 08 ff ff ff
[  661.302525][T18750] RSP: 0018:ffffc90002e97468 EFLAGS: 00010286
[  661.308629][T18750] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff819b01d9
[  661.319849][T18750] RDX: ffff888055b7bc00 RSI: ffffffff828838a1 RDI: 0000000000000005
[  661.325234][T19402] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5461'.
[  661.329197][T18750] RBP: ffffc90002e975c8 R08: 0000000000000005 R09: 0000000000000000
[  661.346187][T18750] R10: 0000000080000000 R11: 0000000000000001 R12: ffff888055c4e000
[  661.346320][T17796] usb 3-1: USB disconnect, device number 45
[  661.354431][T18750] R13: ffff88805b7d52a4 R14: ffff88804ed88298 R15: ffff88804ed88298
[  661.354464][T18750] FS:  000055558df98500(0000) GS:ffff88812485a000(0000) knlGS:0000000000000000
[  661.354498][T18750] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  661.354525][T18750] CR2: 00007f5e1ffb66c0 CR3: 0000000062046000 CR4: 0000000000350ef0
[  661.354552][T18750] Call Trace:
[  661.354566][T18750]  <TASK>
[  661.354581][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.354643][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.354688][T18750]  ? find_held_lock+0x2b/0x80
[  661.354736][T18750]  ? __pfx_ext4_xattr_inode_lookup_create+0x10/0x10
[  661.354807][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.354852][T18750]  ? const_folio_flags+0x5b/0x100
[  661.354893][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.354945][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.354990][T18750]  ? __lock_acquire+0xb8a/0x1c90
[  661.355060][T18750]  ext4_xattr_block_set+0x818/0x3650
[  661.355120][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.355187][T18750]  ? __pfx_ext4_xattr_block_set+0x10/0x10
[  661.355252][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.355297][T18750]  ? check_xattrs+0x10a/0xba0
[  661.355353][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.355397][T18750]  ? xattr_find_entry+0x2c9/0x3a0
[  661.355462][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.355507][T18750]  ? ext4_xattr_block_find+0x59/0x430
[  661.355572][T18750]  ext4_expand_extra_isize_ea+0x143d/0x1ab0
[  661.355643][T18750]  ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10
[  661.355701][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.355747][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.355792][T18750]  ? dquot_initialize_needed+0x183/0x2a0
[  661.355844][T18750]  __ext4_expand_extra_isize+0x346/0x480
[  661.385865][T17796] yurex 3-1:0.0: USB YUREX #0 now disconnected
[  661.394545][T18750]  __ext4_mark_inode_dirty+0x544/0x870
[  661.394612][T18750]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[  661.394668][T18750]  ? __pfx___might_resched+0x10/0x10
[  661.394728][T18750]  ? ext4_journal_check_start+0x22b/0x340
[  661.394778][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.394825][T18750]  ? __ext4_journal_start_sb+0x19e/0x690
[  661.394870][T18750]  ? ext4_dirty_inode+0xa1/0x130
[  661.394919][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.394970][T18750]  ? __pfx_ext4_dirty_inode+0x10/0x10
[  661.395024][T18750]  ext4_dirty_inode+0xd9/0x130
[  661.395074][T18750]  ? rcu_is_watching+0x12/0xc0
[  661.395121][T18750]  __mark_inode_dirty+0x1ee/0xe50
[  661.395187][T18750]  iput+0xb7/0x880
[  661.395242][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.395300][T18750]  dentry_unlink_inode+0x29c/0x480
[  661.395358][T18750]  __dentry_kill+0x1d0/0x600
[  661.395412][T18750]  ? shrink_dentry_list+0x11a/0x5d0
[  661.395475][T18750]  shrink_dentry_list+0x140/0x5d0
[  661.395541][T18750]  ? shrink_dcache_parent+0x22/0x530
[  661.395603][T18750]  shrink_dcache_parent+0xe1/0x530
[  661.395667][T18750]  ? __pfx_shrink_dcache_parent+0x10/0x10
[  661.395739][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.395794][T18750]  shrink_dcache_for_umount+0xa5/0x3e0
[  661.395857][T18750]  ? lockdep_hardirqs_on+0x7c/0x110
[  661.395926][T18750]  generic_shutdown_super+0x6c/0x390
[  661.395989][T18750]  kill_block_super+0x3b/0x90
[  661.396048][T18750]  ext4_kill_sb+0x6a/0xb0
[  661.396088][T18750]  deactivate_locked_super+0xc1/0x1a0
[  661.396129][T18750]  deactivate_super+0xde/0x100
[  661.396170][T18750]  cleanup_mnt+0x225/0x450
[  661.396215][T18750]  task_work_run+0x150/0x240
[  661.396257][T18750]  ? __pfx_task_work_run+0x10/0x10
[  661.396299][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.396349][T18750]  ? __pfx___x64_sys_umount+0x10/0x10
[  661.399634][ T5826] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  661.403135][T18750]  exit_to_user_mode_loop+0xeb/0x110
[  661.403185][T18750]  do_syscall_64+0x3f6/0x4c0
[  661.403229][T18750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.403269][T18750] RIP: 0033:0x7f621e78fc57
[  661.594507][ T5826] usb 6-1: config 0 has an invalid interface number: 25 but max is 0
[  661.595641][T18750] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  661.604923][ T5826] usb 6-1: config 0 has no interface number 0
[  661.605861][T18750] RSP: 002b:00007ffd686215e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  661.644918][ T5826] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  661.646231][T18750] RAX: 0000000000000000 RBX: 00007f621e810925 RCX: 00007f621e78fc57
[  661.646260][T18750] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd686216a0
[  661.646292][T18750] RBP: 00007ffd686216a0 R08: 0000000000000000 R09: 0000000000000000
[  661.646319][T18750] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd68622730
[  661.683868][ T5826] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  661.687881][T18750] R13: 00007f621e810925 R14: 00000000000a1615 R15: 00007ffd68622770
[  661.687937][T18750]  </TASK>
[  661.772373][ T5826] usb 6-1: config 0 descriptor??
[  661.780822][T18750] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  661.780850][T18750] CPU: 1 UID: 0 PID: 18750 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[  661.780899][T18750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  661.780923][T18750] Call Trace:
[  661.780936][T18750]  <TASK>
[  661.780952][T18750]  dump_stack_lvl+0x3d/0x1f0
[  661.781019][T18750]  panic+0x71c/0x800
[  661.781075][T18750]  ? __pfx_panic+0x10/0x10
[  661.781131][T18750]  ? show_trace_log_lvl+0x29b/0x3e0
[  661.781199][T18750]  ? check_panic_on_warn+0x1f/0xb0
[  661.781258][T18750]  ? ext4_xattr_inode_lookup_create+0x118e/0x1950
[  661.781357][T18750]  check_panic_on_warn+0xab/0xb0
[  661.781415][T18750]  __warn+0xf6/0x3c0
[  661.781473][T18750]  ? ext4_xattr_inode_lookup_create+0x118e/0x1950
[  661.781539][T18750]  report_bug+0x3c3/0x580
[  661.781594][T18750]  ? ext4_xattr_inode_lookup_create+0x118e/0x1950
[  661.781658][T18750]  handle_bug+0x184/0x210
[  661.781699][T18750]  exc_invalid_op+0x17/0x50
[  661.781741][T18750]  asm_exc_invalid_op+0x1a/0x20
[  661.781777][T18750] RIP: 0010:ext4_xattr_inode_lookup_create+0x118e/0x1950
[  661.781840][T18750] Code: f8 9c 97 ff e9 4e f6 ff ff e8 4e c2 31 ff 48 c7 c1 40 fa c7 8b ba bc 05 00 00 4c 89 e7 48 c7 c6 00 02 c8 8b e8 d3 dc fd ff 90 <0f> 0b 90 48 c7 c3 ea ff ff ff e8 23 c2 31 ff 48 8b 95 08 ff ff ff
[  661.781876][T18750] RSP: 0018:ffffc90002e97468 EFLAGS: 00010286
[  661.781907][T18750] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff819b01d9
[  661.781931][T18750] RDX: ffff888055b7bc00 RSI: ffffffff828838a1 RDI: 0000000000000005
[  661.781957][T18750] RBP: ffffc90002e975c8 R08: 0000000000000005 R09: 0000000000000000
[  661.781981][T18750] R10: 0000000080000000 R11: 0000000000000001 R12: ffff888055c4e000
[  661.782006][T18750] R13: ffff88805b7d52a4 R14: ffff88804ed88298 R15: ffff88804ed88298
[  661.782045][T18750]  ? __wake_up_klogd.part.0+0x99/0xf0
[  661.782091][T18750]  ? __ext4_warning+0x1a1/0x210
[  661.782145][T18750]  ? ext4_xattr_inode_lookup_create+0x118d/0x1950
[  661.782203][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.782257][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.782308][T18750]  ? find_held_lock+0x2b/0x80
[  661.782357][T18750]  ? __pfx_ext4_xattr_inode_lookup_create+0x10/0x10
[  661.782426][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.782469][T18750]  ? const_folio_flags+0x5b/0x100
[  661.782510][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.782560][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.782604][T18750]  ? __lock_acquire+0xb8a/0x1c90
[  661.782667][T18750]  ext4_xattr_block_set+0x818/0x3650
[  661.782725][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.782791][T18750]  ? __pfx_ext4_xattr_block_set+0x10/0x10
[  661.782853][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.782896][T18750]  ? check_xattrs+0x10a/0xba0
[  661.782950][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.782993][T18750]  ? xattr_find_entry+0x2c9/0x3a0
[  661.783076][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.783119][T18750]  ? ext4_xattr_block_find+0x59/0x430
[  661.783183][T18750]  ext4_expand_extra_isize_ea+0x143d/0x1ab0
[  661.783254][T18750]  ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10
[  661.783314][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.783358][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.783400][T18750]  ? dquot_initialize_needed+0x183/0x2a0
[  661.783451][T18750]  __ext4_expand_extra_isize+0x346/0x480
[  661.783522][T18750]  __ext4_mark_inode_dirty+0x544/0x870
[  661.783579][T18750]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[  661.783631][T18750]  ? __pfx___might_resched+0x10/0x10
[  661.783689][T18750]  ? ext4_journal_check_start+0x22b/0x340
[  661.783736][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.783780][T18750]  ? __ext4_journal_start_sb+0x19e/0x690
[  661.783822][T18750]  ? ext4_dirty_inode+0xa1/0x130
[  661.783870][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.783918][T18750]  ? __pfx_ext4_dirty_inode+0x10/0x10
[  661.783969][T18750]  ext4_dirty_inode+0xd9/0x130
[  661.784017][T18750]  ? rcu_is_watching+0x12/0xc0
[  661.784061][T18750]  __mark_inode_dirty+0x1ee/0xe50
[  661.784124][T18750]  iput+0xb7/0x880
[  661.784177][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.784227][T18750]  dentry_unlink_inode+0x29c/0x480
[  661.784290][T18750]  __dentry_kill+0x1d0/0x600
[  661.784341][T18750]  ? shrink_dentry_list+0x11a/0x5d0
[  661.784401][T18750]  shrink_dentry_list+0x140/0x5d0
[  661.784464][T18750]  ? shrink_dcache_parent+0x22/0x530
[  661.784523][T18750]  shrink_dcache_parent+0xe1/0x530
[  661.784582][T18750]  ? __pfx_shrink_dcache_parent+0x10/0x10
[  661.784651][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.784704][T18750]  shrink_dcache_for_umount+0xa5/0x3e0
[  661.784763][T18750]  ? lockdep_hardirqs_on+0x7c/0x110
[  661.784827][T18750]  generic_shutdown_super+0x6c/0x390
[  661.784888][T18750]  kill_block_super+0x3b/0x90
[  661.784944][T18750]  ext4_kill_sb+0x6a/0xb0
[  661.784981][T18750]  deactivate_locked_super+0xc1/0x1a0
[  661.785021][T18750]  deactivate_super+0xde/0x100
[  661.785060][T18750]  cleanup_mnt+0x225/0x450
[  661.785104][T18750]  task_work_run+0x150/0x240
[  661.785144][T18750]  ? __pfx_task_work_run+0x10/0x10
[  661.785179][T18750]  ? srso_alias_return_thunk+0x5/0xfbef5
[  661.785226][T18750]  ? __pfx___x64_sys_umount+0x10/0x10
[  661.785285][T18750]  exit_to_user_mode_loop+0xeb/0x110
[  661.785328][T18750]  do_syscall_64+0x3f6/0x4c0
[  661.785369][T18750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.785407][T18750] RIP: 0033:0x7f621e78fc57
[  661.785437][T18750] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  661.785473][T18750] RSP: 002b:00007ffd686215e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  661.785508][T18750] RAX: 0000000000000000 RBX: 00007f621e810925 RCX: 00007f621e78fc57
[  661.785533][T18750] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd686216a0
[  661.785558][T18750] RBP: 00007ffd686216a0 R08: 0000000000000000 R09: 0000000000000000
[  661.785582][T18750] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd68622730
[  661.785606][T18750] R13: 00007f621e810925 R14: 00000000000a1615 R15: 00007ffd68622770
[  661.785656][T18750]  </TASK>
[  661.787360][T18750] Kernel Offset: disabled