last executing test programs:

3m17.680538375s ago: executing program 2 (id=7758):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x74, 0x30, 0xb, 0x0, 0x0, {}, [{0x60, 0x1, [@m_skbmod={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x32, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x0, 0x0, 0x21000000}}}, @TCA_SKBMOD_ETYPE={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)

3m17.414464193s ago: executing program 2 (id=7763):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, 0x0, 0x0)

3m17.262791598s ago: executing program 2 (id=7766):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03000000000000000000020000000900020073797a3100000000080003400000000109000100"], 0x34}}, 0x0)

3m17.109693663s ago: executing program 2 (id=7769):
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file2\x00', 0x0, &(0x7f0000000280)={[{@nodecompose}, {@barrier}, {@nls={'nls', 0x3d, 'macgaelic'}}, {@nobarrier}, {@nobarrier}, {@gid}, {@type={'type', 0x3d, "59ed131f"}}, {@nobarrier}]}, 0xfe, 0x5e5, &(0x7f0000002900)="$eJzs3UFvHGcZB/D/bGLHDlK6SZOmICSscgA1IrG9kQkSElAKslCFKnHp1Uo2tZVNGtlb5PYAAXFuv0I5mDMHTihIOXDmKxj1iODum9HMzno3ydZZJ8a7Cb+fNPs+s+/MO8/7aHYys1a0Af5vrX6QmUfzyeqV97bL9d2dVmd3p3W3Hyc5k6SRzCUpyrf/kuTL5EF6S77e7xhqn1J8vnpz/eFnl3trc/VSbV8ctt94DnJp9nKt2uMab/mFxxvMcCHJhbqFidvv++fI7hf8XAIA06xITo16v5mcrW/Wy+eA3l1x7x77pfZg0gkAAADACXhtL3vZzrlJ5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvk/r3/4t6afTjhRT93/+frd9LHb/UHk06AQAAAAAAAAA4Bt/ay162c66/vl9Uf/N/q1q5WL1+LR9nK+1s5mq2s5ZuutnMUpLm0ECz22vd7ubSGHsuj9xz+WTmCwAAAAAAAACvqN9ndfD3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmAZFcqrXVMvFftxM43SSuSSz5XYPkof9+GX2aNIJAAAAwAl4bS972c65/vp+UT3zv1E998/l49xLNxvpppN2blXfBfSe+hu7O63O7k7rbrk8Pe5P/nOkNKoR0/vuYfSRF6stLh3ssZqf51e5koW8n81s5NdZSzftLOTdKlpLkWb97UWzn+fofH/82Nr7z8r1zSqT+dzORpXb1dzMR+nkVhrVHKptDj/i78rqFD+qjVmjW3VbzugXdTsdmlVFZg4qsljXvqzG+cMrccTz5MkjLaVx8B3UxeOr+Zl+cLZuy1q/O801n1keOvveOLwSyeLyv++vd+7dWb+9dWV6pvScnjwnWkOVuHzkSuzv7//2xKdwTGbravSuoke7Wr5V7XsuG/llPsqttHMji7mRlVxPKyv5QVaG6nppjM9a42jXt29/tw5mkvysbqdDWdfzQ3UdvtI1q77hdwZVunD8/wqc/kYdlCfrO1N3RTr/xLW5X4nXD6/EH/fL163OvTub62v3xzzed+q2rMBPn68Sp4++yzjK8+XCwfCPnx1l3+sj+5aqvosHfY2n+i4d9D3rkzpb38M9PdJy1Xd5ZF+r6ntzqG/UXQ4AU+/s22dn5/81/4/5L+b/ML8+/97cO2dunPnmbGb+fvqvp/7c+FPjh8Xb+SK/GTz/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz2/rk0/vrHU67U2BYPLBXJJxN+7/7tOkc35FgwlfmID/uWvdu/evbX3y6fc27q592P6wfe/60sry9euLK9+/ce32Rqe92HuddJoAwDEa3PRPOhMAAAAAAAAAAAAAAOCrnMR/J570HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFfb6geZeZQiS4tXF8v13Z1Wp1z68WDLuSRFGfwtyZfJg/SWNIeGK77qOMXnqzfXH352eTDWXH/74rD9xvNYLo0ncnrR8ZZfeLzBDBeSXKhbmLj/BgAA//9gDAG4")
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a05404, 0x0)

3m16.797514313s ago: executing program 2 (id=7773):
r0 = fanotify_init(0x0, 0x80000)
fanotify_mark(r0, 0x60e, 0x48000030, 0xffffffffffffffff, &(0x7f0000000040)='./file0\x00')

3m16.294196118s ago: executing program 2 (id=7779):
r0 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r0, &(0x7f00000004c0)=@in6={0x21, 0x0, 0xa, 0x1c, {0xa, 0x0, 0x0, @empty}}, 0x24)

3m15.777848114s ago: executing program 32 (id=7779):
r0 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r0, &(0x7f00000004c0)=@in6={0x21, 0x0, 0xa, 0x1c, {0xa, 0x0, 0x0, @empty}}, 0x24)

3.102642013s ago: executing program 3 (id=10042):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x10, &(0x7f0000000000), 0x4)
sendmsg$inet(r0, &(0x7f0000002d40)={0x0, 0x0, &(0x7f0000002980)=[{&(0x7f0000000040)='P', 0xfe1b}], 0x1}, 0x0)

2.8781312s ago: executing program 3 (id=10045):
syz_mount_image$jfs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0xc03, &(0x7f0000008040)=ANY=[], 0x2, 0x5fbf, &(0x7f0000002080)="$eJzs3VtvHGf9B/DfHrw+9N/U6kWVf8QhTTm0lCaNkzYtp6ZC4gIEVKpyn8i4VYQLKAkVrSzsKhL3SFyj8iK4BqHeIBWJl8AbiGT3hghEBo39PM54vPbaJN5Zez4fyZn97TPjfSZfj2fXc3gCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjvf+/ti52IuP5+emI+4v+iF9GNmC3rs/HXiNX7ef5+RJyOzeZ4JiJOTUeUy2/+81TE5Yj49FTE+sbKYvn0wgH78cpb9/72w7d/tPbbL/7l7//+5Pd/qre/9cl3f/DH1Yj507/53X9WH8+6AwAAQFsURVF0Nj/mR5xJn++7TXcKABiLvP8vkvy8Wv0odT92aro/arVard6tGG61WkTEWnWZ8j2Dw/EAcMysxf2mu0CD5N9q/Yh4oulOABOt03QHOBLrGyuLnZRvp7o/OLvVns8F2ZH/Wmf7+o69pqPUzzEZ18/X3ejF03v0Z3ZMfZgkOf9uPf/rW+2DNN9R5z8ue+U/2Lr0qXVy/r16/jUnJ//u0PzbKuffP1T+PfkDAAAAAMAEy3//n2/4+O/0o6/Kgex3/PfsmPoAAAAAAAAAAI/bAcb/Kx9czfPXx//bZvw/AAAAmFjlZ/XSx6cePrfXvdjK5691Ip6szQ+0TLpYZq7pfgAAAAAAAAAAAABAm/S3zuG91omYiogn5+aKoii/qur1YT3q8sdd29cf2qzpX/IAALDl01O1a/k7ETMRcS3d629qbm6uKGZm54q5YnY6v58dTM8Us5XPtXlaPjc9OMAb4v6gKL/ZTGW5qlGfl0e1179f+VqDoneAjo1Hg4EDQERs7Y3W7ZFOmKJ4Kpp+l8PxYPs/eWz/HETTP6cAAADA0SuKouik23mfScf8u013CgAYi7z/rx8XUKvVarVaffLqqmK41WoREWvVZcr3DIbjB4BjZi3uN90FGiT/VutHxOmmOwFMtE7THeBIrG+sLHZSvp3q/iCN757PBdmR/1pnc7m8/LDpKPVzTMb183U3evH0Hv15Zkx9mCQ5/249/+tb7YM031HnPy575V+u53wD/Wlazr9Xz7/m5OTfHZp/W+X8+4fKvyd/AAAAAACYYPnv//OO/+ZVBgAAAAAAAIBjZ31jZTFf95qP/39uyHyu/zyZcv4d+bdSzr9bz792Qk6v8vjemw/z/2xjZfHj/7/yhTyd+PyneoPytac63V5/65yff+Zbmy7Fy7vmL+cppt6Jm7EcS3FxV/vUjvaFEe2XdrUPyvbZ3H4+FuPnsRw/2W6fHnFi1MyI9mJEe86/Z/tvpZx/v/JV5j+X2ju1aeneR91d2311Oux1rv74wZXdW9f43Y3e9rpVlet3roH+bP6fPDGIX95eunX+Vzfu3Ll1MdJkx7MLkSaPWc5/Kn3l/J9/bqs9/96vbq/3PhocOv9JcTf6e+b/XOVxub4vjLlvTcj5D9JXzj/vgYZv/8c5/723/xcb6A8AAAAAAAAAAAAAAADspyiKzUtEr0bEq+n6n6auzQQAxivv/4t8M4xErVar1Wr1yauriuHeqBYR8efqMuV7hl8P+2YAwCR7EBH/aLoTNEb+LZbv91dOv9R0Z4Cxuv3Bhz+9sby8dOv2/7J00Xv8PQIAAAAAAAAADiuP/3m2Mv7z5nlAtXGjd4z/+mac/WxjZfH9+X99/tiN/9kd9DbHOk8r9GxUx+fePULxudh//O/+iNebGtE+GNE+PaJ9ZkT70As9KnL+z6aMc/5n0ortN/5rzr8+HfGSjdpv/NfnG+hP03L+59JYzzn/r9bmq+Zf/OE4j//b3ZH/hTvv/eLC7Q8+fOnmezfeXXp36WeXLi+8fnHhyuXXXr7wzs3lpfRvgz0+Wjn/PPa180DbJeefM5d/u+T8v5xq+bdLzv8rqZZ/u+T88/s9+bdLzj9/9tnO/0Gz/WI8cv4vpNr23y45/6+lWv7tkvN/MdXyb5ec/9dTLf92yfm/lGr5t0vO/3yq5d8uOf8LqZZ/u+T88xEu+bdLzj+f2SD/dsn5L6Ra/u2S87+Uavm3S87/cqrl3y45/1dSLf92yfm/mupD5O/eXydAzv9Kqm3/7ZLzfy3V8m+XnP/rqZZ/u+T8v5Fq+bdLzv+bqZZ/u+T8v5Vq+bdLzv/bqZZ/u+T8vxMPLyaVf3vk/N9Ite2/XR7e/98DDzzwID9o+jcTAAAAAAAAAAAAAFA3jtOJm15HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe3cXI1d53w/87Ju9NsTeJIbwYmBtDBhYvOsX/PL/18FASCm0DSGBvpEa116bTfxWr00AIbERNEUCqVxwQSslBYSqXKQKahM1SDSiUqU2vWmv2psqrdSoQlGonKg3jQquzpzneTwzOzuz6921Z875fBD+eWfOzDx75szsfsf6zgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQb8O9k3/Yl2VZ/n/tj5Esuzz/+6psX/7lzM5LvUIAAABgsT6s/fnttemEffO4UN02f3f9P3733Llz57LsT9Z96tV8BqNZtmZllhXnBcM/OdmwTfB8NtzXX/d1f4ebH+hw/mCH84c6nL+iw/krO5w/3OH8WTtgllXF6zG1K9tU++tIsUuzddlQ7bxNLS71fN/K/v74Wk5NX+0y54YOZ1PZ0Wwym5h1mb7af1n27ob8tu7P4m31193W+izLzv7s2YNxDX1hH2/KGm6spv6+++DubPTnP3v24JMjv7iu1ey4G2atNMs2b8zX+UKWnX+5KuvLVqZ9EtfZX7fO9S3WOdCwzr7a5fK/N6/z7DzXGb/v4bDOf2qzzvXhtKduzLJsJptzm2bPZ/3Z6qZbTft7uDgi8uvI78pPZIMLOk42zOM4yS/z4xsbj5PmYzLu/w1hnwzOsYb6u+ODr62Ytd8v9DjJv+tuOFbz634ov9Hh4fqXVhuO1XybZ2+a+xhoed+1OAbSsVx3DGzsdAz0rxioHQP959e8seEY2DrrMv1ZX+223r+p/TEwfvrYyfHpp5+5Y+rYgSOTRyaPb9+xbc/Wbbt27J4YPzx1dDL8ubBd2kNWZ/3pGNwYnmviMXhL07b1h+S5N4rHwetX77q+1VzIGoaX6HGwmDVk4Xj54s35gi7vz+Y4xvNtXti8+MdB+rlf9zgYrHsctHxObfE4GJzH4yDf5uzm+f3MHKz7v9UaWj0XLsUxMFJ3DCzm52H9Gi7k52F+m4/dOvdz4fqwrhdvW+jPw4FZx0D8tvrCYy8/Jf2+N7w77JfZx8U1+RmXrcjOTE+e2vLUgdOnT23NwrgoPll3XzUfL6vrvqds1vHSv+DjZd/nPtp1TYvTR8K+Gr69/X2Vb7NjrP19VXt2b70/G07dloWxxC72/mz10yzfnylLtNmf+TYv3LH43wVTLql7/hvq9Pw3MDRYPP8NpL0x1PD8N/uuGaitLMvO3jG/57+h8P/Ffv5b1yXPf/m+emxL+2Mg3+bF8YUeA4Ntn/9uDLMvrOfWkBiG63L/R7XzZ4rDtO6+7HjcDA4OheNmMN5i43GzfdZl8mvLb3vzxIUdN5tvbLyvGn5vKeFxk++rVyfaHzf5Nu9tXfxzx6r417rnjhWdjoGhgRX5eofSQVA8351bFY+BLdnB7ER2NDuULpPfy/ltjW2b3zGwIvx/sZ87ruqSYyDfV69ta38M5Nv87fal/d1pczglbVP3u1Pz6wtzZf5rBs9fX/NuW+rMn6/zMzvavzaUb/PTHQvNGe330+3hlMta7Kfmx89cx/ShrPN+WqpjOl/n0TvbvzaVb7Nu5zyPp31Zlr3z0lvF613F67t/ceafv9vwum+r15Tfeemtz1/9wx8uZP0AAFy4j2p/zqwoftes+xfr+fz7PwAAANATYu7vDzOR/wEAAKA0Yu4fCDOR/wEAAKA0Yu4fDDPZ1+nd8crhib6vv/rhc1l6N8BzQTw/vgzy0Mpiu9jxnglfj547Lz/9nreGHvzec/O77f4sy/73gWtbbv/Eyriuwsm4zoHG02e56oZ53f7jj5zfrv79E872F9cfv5/5vgwUu8rv/ts9tesdvbWY7z2Q1ebDMy8+X7v+PcXXcfv3/6PY7hvhTUv2He5ruPzmsJ5NYY6G95R5aNX5/ZDPeLnvvHvk7z/96Pnbi5fr27im9m2+tqW43vgeUa/8ZbF9/L7nWv9fv/St7+TbP3VT6/U/1996/e+H6/1xmP/zQXF6/T7/Xt36/yCsP95evNyWN3/Qcv1v/1Wx/dvhuHg9zOb13/1H133Y6v6Kt7NvsLhcvP2JP7uvdrl4ffH6m9c/PH5Pw/5ovv733iyuZ++T/z1Qv308Pd5O9Phg4/HdF+7fhh55lmXf+nrWsJ+zoeJy7zStP17fycHW67+9aZ0n33iidvnm7yf65iP3tvx+43r2/flIw/fzypqw//pX/UN+ve9fG47HcP4vZorra34v07fXND7fxO1fHyket/H6xpvW/0rT+mduyPdd5/Xf//Ni/W/ftbJh/fvWhuPp48XstP4jf7q24fJvfLZYz6mvjh0/MX1mKr7HwUjT43jl8KrVl13+sTVrw3Np89f7T5x+YvLU6MToRJaN9uBbBi73+t8M87+KMbP0t1D4l8HiuHv5weLn1i1DxdevhNMfD/dn/Pn4zT8eajhem+/3meFiLnb9t4V1zNf6TT/ZPa8N/3PH26/+68Nfav69IH4/J68Yrn1/r224snZe33vF+c3PV538+xWNj+sfrSvm98N+PRfemXnjlcXtNV9/fG+Sl79QPH7jb3Lx8lnT+4mMDDR+H4td/4/C7zE/uKrx+S8eH99/rundnEeyvnwJM+H5IZspzo9bxf398tkrW95efB+ebObqhSxzTtNPT48fnTp+5qnx05PTp8enn35m/7ETZ46f3l9779L9X+50+fOP79W1x/ehyZ07stqj/UQxltmlXv/JRw4e2jVx86HJwwfOHD79yMnJU0cOTk8fnDw0ffOBw4cnv9rp8lOH9m7dtmf7rm1jR6YO7d29Z8/2PWNTx0/kyygW1cHOia+MHT+1v3aR6b079my9884dE2PHThya3LtrYmLsTKfL1342jeWXfnLs1OTRA6enjk2OTU89M7l3656dO7d1fPfHYycPT4+OnzpzfPzM9OSp8eJ7GT1dOzn/2dfp8lTD9NrwfNekL/x2ft/tO9P74+be+tqcV1VsMtJ44k/De0F9Y3j77vl8HXP/UJiJf/8HAACA0oi5P3w+xfnX3eV/AAAAKI3wgX/hMyP9+z8AAACUUcz9w2EmFcn/+v/6/xfQ/091bf1//f9M/1//vwP9f/3/dvT/9f97ef36//r/dNZt/f+Y+1dlWSXzPwAAAFRBzP2rw0zkfwAAACiNmPsvCzOR/wEAAKA0Yu6/PMykIvlf/1//3+f/l6//35dlM/r/+v/dQv9f/78d/X/9/15ev/6//j+ddVv/P+b+j4WZVCT/AwAAQBXE3L8mzET+BwAAgNKIuX9tmIn8DwAAAKURc/9ImEmZ8v9dc5+l/1/1/v+A/n8J+/8+/7+g/98d9P/1/9vR/9f/7+X16//r/9NZt/X/Y+7/eJhJmfI/AAAAVFzM/Z8IM5H/AQAAoDRi7v9kmIn8DwAAAKURc/+6MJOK5H/9/6r3/33+f6b/v4z9/7il/r/+v/5/r/f/V4WT9f8b6f/r/+v/6//TXrf1/2PuvyLMpCL5HwAAAKog5v4rw0zkfwAAACiNmPs/FWYi/wMAAEBpxNx/VZhJRfK//r/+v/6//r/P/9f/X076/+Xo/8eT9f8b6f/r/+v/6//TXrf1/2PuvzrMpCL5HwAAAKog5v5rwkzkfwAAACiNmPuvDTOR/wEAAKA0Yu5fH2ZSkfyv/6//r/+v/6//r/+/nPT/9f/b0f/X/+/l9ev/6//TWbf1/2Puvy7MpCL5HwAAAKog5v7rw0zkfwAAACiNmPtvCDOR/wEAAKA0Yu4fDTOpSP7X/9f/1//X/9f/1/9fTvr/+v/t6P/r//fy+vX/9f/prNv6/zH3bwgzqUj+BwAAgCqIuX9jmIn8DwAAAKURc/+NYSbyPwAAAJRGzP2bwkwqkv/1//X/9f/L2v8f0P/X/+8K+v/6/+3o/+v/9/L69f/1/+ms2/r/MfffFGZSkfwPAAAAVRBz/81hJvI/AAAAlEbM/beEmcj/AAAAUBox928OM6lI/tf/1//X/y9r/9/n/+v/dwf9f/3/dvT/9f97ef36//r/dNZt/f+Y+28NM6lI/gcAAIAqiLn/tjAT+R8AAABKI+b+28NM5H8AAAAojZj7x8JMKpL/9f/1//X/9f/1//X/l5P+v/5/O/r/+v+9vH79f/1/Ouu2/n/M/XeEmVQk/wMAAEAVxNy/JcxE/gcAAIDSiLl/PMxE/gcAAIDSiLl/IsykIvlf/1//X/9f/1//X/9/Oen/6/+3o/+v/9/L69f/1/+ns27r/8fcvzXMpCL5HwAAAHrUdQvZOOb+bWEm8j8AAACURsz928NM5H8AAAAojZj7d4SZVCT/6//r/+v/6//r/+v/Lyf9f/3/dur7//kl9f+r0v+f6ydNr6y/oP+v/09n3db/j7n/zjCTiuR/AAAAqIKY+3eGmcj/AAAAUBox9+8KM5md///m4q0KAAAAWEox9+8OM+n5f/+fX6+qUv3/A/env+r/F/T/9f8z/X/9/2Wm/6//347P/69q/39pXOr16//r/9NZt/X/Y+7fE2bS8/kfAAAAiGLu/39hJvI/AAAAlEbM/f8/zET+BwAAgNKIuf+Xwkwqkv8r1f+vo/9f0P/X/8/0//X/l5n+v/5/O/r/+v+9vP7u7f9/e3WW6f/THbqt/x9z/94wk4rkfwAAAKiCmPs/HWYyd/4fXv5VAQAAAEsp5v67wkz8+z8AAACURsz9+8JMKpL/9f/1//X/9f/1//X/l5P+v/5/O4vr/4/q/y/Spe7P9/r6u7f/7/P/6R7d1v+Puf/uMJOK5H8AAACogpj77wkzkf8BAACgNGLuvzfMRP4HAACA0oi5/zNhJhXJ/xet/9+iUKz/r/+f6f/r/+v/6/8vkv5/lfv/Pv9/sS51f34J1p/f5fr/+v90sW7r/8fcf1+YSUXyPwAAAFRBzP2fDTOR/wEAAKA0Yu7/5TAT+R8AAABKI+b++8NMKpL/ff6//r/+v/6//r/+/3LS/9f/b0f/X/+/l9ev/6//T2fd1v+Puf9Xwkwqkv8BAACgCmLufyDMRP4HAACA0oi5/8EwE/kfAAAASiPm/l8NM6lI/tf/1//X/9f/1//X/19O+v/6/+3o/+v/9/L69f/1/+ms2/r/Mff/WphJRfI/AAAAlMLcrx/UxNz/62Em8j8AAACURsz9nwszkf8BAACgNGLufyjMpCL5X/9f/1//X/9f/1//fznp/+v/t6P/r//fy+vX/9f/p7Nu6//H3P/5MJOK5H8AAACogpj7Hw4zkf8BAACgNGLu/0KYifwPAAAAPeDsvLaKuf+LYSYVyf/6//r/+v/6/0vY/1+R6f8n+v+ran/q/+v/t9NL/f9W5+j/6//r/+v/01639f9j7n8kzKQi+R8AAACqIOb+R8NM5H8AAAAojZj7fyPMRP4HAACA0oi5/zfDTCqS//X/9f/1//X/ff6//v9y0v/X/2+nl/r/rej/6//r/+v/01639f9j7v+tMJOK5H8AAACogpj7fzvMRP4HAACA0oi5/3fCTOR/AAAAKI2Y+x8LM6lI/i/6/48e1P8v6P/r/+v/6/9H+v9LQ/9f/78d/X/9/15ev/6//j+ddVv/P+b+L4WZVCT/AwAAQBXE3P+7YSbyPwAAAJRGzP37w0zkfwAAACiNmPsfDzOpSP73+f/6//r/+v8L6f+vanG6/n9B/781/X/9/3b0/8vc/1+xJGu8dOuf6wlrMP1N/1//n866rf8fc/+BMJOK5H8AAACogpj7fy/MRP4HAACA0oi5/2CYifwPAAAApRFz/6Ewk4rkf/1//X/9f/3/Hvn8/6FsOfr/M/r/y60k/f/39P8L+v+N9P99/r/+v/4/7XVb/z/m/skwk4rkfwAAAOh183nX0Zj7D4eZyP8AAABQGjH3Hwkzkf8BAACgNGLufyLMpCL5vxv7/zfo/+v/6/+n69H/9/n/+v/t+fx//f9M//+CXer+fK+vX/9f/5/Ouq3/H3P/VJhJRfI/AAAAVEHM/V8OM5H/AQAAoDRi7v9KmIn8DwAAAD1n5Rynx9x/NMykIvm/G/v/mf6//r/+f7oe/X/9f/3/9vT/9f8z/f8Ldqn7872+/iXt/6/Q/6ecuq3/H3P/sTCTiuR/AAAAqIKY+4+Hmcj/AAAAUBox958IM5H/AQAAoDRi7j8ZZtKT+b9vzt7uXPT/9f+7rf9f37wsdf9/pf6//r/+/1LQ/9f/z/T/L9il7s/3+vp9/r/+P511W/8/5v7fDzPpyfwPAAAAtBJz/6kwE/kfAAAASiPm/ukwE/kfAAAASiPm/v9j7z539LirOI4/thI7kSC8R9wLiPvgNTdAL4npLfQamqmh995b6BB6773XUEKRgrR7zok3Xs/sPvjxzvzP5/PmsGTXO5GN0U+rr+YBccv0/j+926e6cvT/+v+l9f9t3/9/lf4/6f/1/8eh/9f/b/T/Wzvpfn7tz6//1/8zb2n9f+7+B8Ytfv4PAAAAw8jd/6C4xf4HAACAYeTuf3DcYv8DAADAMHL3PyRuabL/r2z/f98DH+n/9f+brfr/s/W1Q/X/3v9/5++r/l//fwxd+//8m1D/v0//v52T7ufX/vz6f/0/85bW/+fuf2jc0mT/AwAAQAe5+x8Wt9j/AAAAMIzc/Q+PW+x/AAAAGEbu/kfELU32v/f/6//X1/8P+v5//X/R/+v/j6Nr/5/0//v0/9s56X5+7c+v/9f/M29p/X/u/kfGLU32PwAAAHSQu//6uMX+BwAAgGHk7r8hbrH/AQAAYBi5+8/FLU32v/5f/6//1//r//X/u6T/1/9P0f8vt/+/Q/8/+/31//p/5i2t/z9342Zv9+9/m377HwAAADrI3f/ouMX+BwAAgGHk7n9M3GL/AwAAwDBy9z82bmmy//X/+n/9v/5f/6//3yX9v/5/iv5/uf2/9//r/+e+Xv/PUSyt/8/d/7i4pcn+BwAAgA5y9z8+brH/AQAAYBi5+58Qt9j/AAAAMIzc/U+MW5rsf/2//l//r//X/+v/d0n/r/+fspL+P36Ji3979P9D9//3v9fM11+y/z+10f/r/wlL6/9z9z8pbmmy/wEAAKCD3P1PjlvsfwAAABhG7v6nxC32PwAAAAwjd/+NcUuT/a//1//r//X/+n/9/y7p//X/U1bS/1+S/n/o/n/2+3v/v/6feUvr/3P3PzVuOTD8zh7z3xIAAABYktz9T4tbmvz8HwAAADrI3f/0uMX+BwAAgGHk7n9G3NJk/+v/5/v/6+8+/+vp/w9/fv2//l//r//X/6+g/7/5kE/U/x+J/r9R/3/txV+v/9f/M29p/X/u/mfGLU32PwAAAHSQu/9ZcYv9DwAAAMPI3f/suMX+BwAAgGHk7n9O3HKfzeaIGfuq6f+9/1//r//X/+v/d0n/v4L+/zD6/yPR/zfq/w+h/9f/M29p/X/u/ufGLX7+DwAAAMPI3f+8uMX+BwAAgGHk7n9+3GL/AwAAwDBy978gbmmy//X/6+n/r9L/j9D/3/OW8/fT/8c/1//r/y8H/b/+f6P/39pJ9/Nrf379v/6feUvr/3P33xS3NNn/AAAA0EHu/hfGLfY/AAAADCN3/4viFvsfAAAAhpG7/8VxS5P9r/9fT//v/f9D9P/e/7/g/v9R8ecx6f8vD/2//n/KZej/b7pO/7+1k+7nT+j5T1+u59f/6/+Zt7T+P3f/S+KWJvsfAAAAOsjd/9K4xf4HAACAYeTuPx+32P8AAAAwjNz9L4tbmux//b/+X/+v/9f/e///Lun/9f9TvP9f/7/m59f/6/+Zt7T+P3f/y+OWJvsfAAAAOsjd/4q4xf4HAACAYeTuf2XcYv8DAADAql3YgeXuf1Xc0mT/6//1//r/S/X/5/X/d6H/1/9vQ/+v/5+i/9f/r/n59f/6f+Ytrf/P3f/quKXJ/gcAAIAOcvffHLfY/wAAADCM3P2viVvsfwAAABhG7v7Xxi1N9r/+X/+v//f+f/2//n+X9P/6/yn6f/3/mp9f/6//Z97S+v/c/a+LW5rsfwAAAOggd//r4xb7HwAAAIaRu/8NcYv9DwAAAMPI3f/GuKXJ/tf/6//1//p//b/+f5f0//r/Kfp//f+an1//r/9n3tL6/9z9b4pbmux/AAAA6CB3/5vjFvsfAAAAhpG7/y1xi/0PAAAAw8jd/9a4pcn+1//r//X/+n/9v/5/l/T/+v8p+n/9/5qfX/+v/2fe0vr/3P1vi1ua7H8AAADoIHf/2+MW+x8AAACGkbv/HXGL/Q8AAADDyN3/zrilyf7X/+v/9f/6f/2//n+X9P/6/ynr6/+vPvCR/l//r//X/zNtaf1/7v53xS1N9j8AAAB0kLv/3XGL/Q8AAADDyN3/nrjF/gcAAIBh5O5/b9zSZP/r/zv3/6fObTb6/43+X/+v/98p/b/+f8r6+v+D9P/6f/2//p9pS+v/c/e/L25psv8BAACgg9z9749b7H8AAAAYRu7+D8Qt9j8AAAAMI3f/B+OWJvtf/9+5//f+f/3/wefU/+v/d0H/r/+fov/X/6/5+Zfc/5/W/7MQJ97/5yfGx7n7PxS3NNn/AAAA0EHu/g/HLfY/AAAADCN3/0fiFvsfAAAAhpG7/6NxS5P9r//X/+v/9f8X9v9nDv8jvkf/r//fhv5f/z9F/6//X/PzL7n/9/5/luLE+/+7fJy7/2NxS5P9DwAAAB3k7v943GL/AwAAwDBy938ibrH/AQAAYBi5+2+JW5rsf/2//l//r//3/n/9/y7p//X/U/T/q+v/r7rwA/2//l//z5yl9f+5+z8ZtzTZ/wAAALBy1x7lk3L3fypusf8BAABgGLn7Px232P8AAAAwjNz9n4lbmuz/bfr/s/r/i+j/D39+/b/+X/+v/19Y/3/Ntt9H/79P/39Qw/7/AP2//l//z5yl9f+5+z8btzTZ/wAAANBB7v7PxS32PwAAAAwjd//n4xb7HwAAAIaRu/8LcUuT/e/9//p//f+x+v8b9P/6f/3/8Sys/9+a/n/f7vr/e2969P9Xx3/Q/4/w/Pp//T/zltb/5+7/YtzSZP8DAABAB7n7b41b7H8AAAAYRu7+L8Ut9j8AAAAMI3f/l+OWJvtf/6//1/97/7/+X/+/S/r/4/b/Z471XOP0/97/v9H/r+759f/6f+Ytrf/P3f+VuKXJ/gcAAIAOcvd/NW6x/wEAAGAYufu/FrfY/wAAADCM3P1fj1ua7H/9v/5f/6//1//r/3dJ/+/9/1P0//r/NT+//l//z7yl9f+5+78RtzTZ/wAAANBB7v5vxi32PwAAAAwjd/+34hb7HwAAAIaRu//bcUuT/a//1//r//X/+v+F9P+nzun/t6D/1/9v9P9bO+l+fu3Pr//X/zNvaf1/7v7vxC1N9j8AAAB0kLv/u3GL/Q8AAADDyN3/vbjF/gcAAIBh5O7/ftzSZP/P9P/VwOn/p+n/N3v/+9H/H/z19f/6f+//1//r/6fp//X/a35+/b/+n3lL6/9z9/8gbrlz+J05/r8lAAAAsCS5+38YtzT5+T8AAAB0kLv/R3GL/Q8AAADDyN3/47ilyf73/n/9v/f/6//1//r/XdL/6/+n6P/1/2t+fv2//p95S+v/c/f/JG5psv8BAACgg9z9P41b7H8AAAAYRu7+n8Ut9j8AAAAMI3f/z+OWJvtf/z9q/3/b3fb/qf5f/6//n3t+/f9u6f/1/1P0//r/NT+//l//z7yl9f+5+38RtzTZ/wAAALB+p2c/I3f/L+MW+x8AAACGkbv/V3GL/Q8AAADDyN3/67ilyf7X/4/a/3v/v/5f/6//Xwb9v/5/iv5f/7/m59f/6/+Zt7T+P3f/b+KWJvsfAAAAOsjd/9u4xf4HAACAYeTu/13cYv8DAADAMHL3/z5uabL/9f+76P9v1f/r//fo//X/+v/19/+n4i8c/f8+/f9B+n/9v/5f/8+0pfX/ufv/ELc02f8AAADQQe7+P8Yt9j8AAAAMI3f/n+IW+x8AAACGkbv/z3FLk/0/Tv8fT7qI/t/7//X/+/T/+n/9//r7/6T/36f/P0j/r//X/+v/mba0/j93/1/ilib7HwAAADrI3f/XuMX+BwAAgGHk7r8tbrH/AQAAYBi5+/8WtzTZ/+P0/0H/r//X/+v/47/X/y+D/l//P0X/r/9f8/Pr//X/zFta/5+7/+9xS5P9DwAAAB3k7v9H3GL/AwAAwDBy9/8zbrH/AQAAYBi5+2+PWy7a/2eu4FNdOfp//f/u+v877rHZ6P/1//p//b/+X/9/afp//f+an1//r/9n3tL6/9v3/r/2ms2/9r7az/8BAABgRLn7/x232P8AAAAwjNz9/4lb7H8AAAAYRu7+/8YtTfa//l//7/3//1f/f93Unwf9v/5f/6//1/9P0//r/9f8/Pp//T/zltb/5+7/XwAAAP//RByXNg==")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

2.638030327s ago: executing program 4 (id=10049):
unshare(0x2c020400)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x3b, 0x0, &(0x7f0000000280))

2.54795296s ago: executing program 1 (id=10050):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCL_SETSEL(r0, 0x40087101, &(0x7f0000000180)={0x2, {0x2, 0x4, 0x800, 0x7, 0x5}})

2.491112662s ago: executing program 4 (id=10051):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x1, 0x2, 0xfffffffd, {0x60, 0x0, 0x0, r1, {0x0, 0x8}, {0xffff, 0xffff}, {0x5, 0xffe0}}, [@TCA_RATE={0x6, 0x5, {0xff, 0x84}}]}, 0x2c}}, 0x40844)

2.361957696s ago: executing program 4 (id=10053):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file1\x00', 0x2018000, &(0x7f00000002c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c696f636861727365743d63703836352c2c636f6465706167653d3934392c726f6469722c616c6c6f775f7574696d653d30303030303030303030303030303030303137373737372c756e695f786c6174653d302c756e695f786c6174653d312c726f6469722c71756965742c757466383d302c0008572936d593f549fb730969cb6bbcedc6a7742974e8df6aa2c8eab82d56c471d85f13fd1e22174c9ae101b6cd33de85f89d3d4edc6aee92facd63e7b69b5307e97bf72a8b5da95956e0681da0348073dce315ad777f8c13210b41c52588dedfb72602c530537a61a827aea83de054c027c65e89ddc2c170ac6538ab84d002e79609f0414018b8185c36df803e090b3f3ee5ed3ad3ad9cc9080ef99e664a9f08b05187d7ab2612dabcd0351036ee75053a5d901ede2f41408885ab61092d0ba6f1ac0db686c0904b822e0eb49d71fb525009eae7d345b179261b9c807e60e09d7181415bb8e54875619fe080c9e22f6200"/399], 0x1, 0x34e, &(0x7f0000000480)="$eJzs3T9oJFUYAPBvMpvdTeBMCuHQarUTRC4RC21MOE44TKEni/8aFy7nn+wqZHEhFtlLo1gqNoJWdldoebVYiNjbeoKcio3XHdzhyO7Mzm6ye//E5NT7/Yrw5Xvvm/fe7CM7CcnLa2uxdXY+zl25cjnq9SQqayfX4moSyzEXaeTOBwDwf3I1y+KPLDdMPH2z3h8vxnweVY9kdgDAYRi+/79+bJyo3c3ZAABHYer7/9mem5l959CmBQAcoqn3/4f3NR/4MX+l/J0AAOC/64WXX3l2fSPiTKNRj+h80Gv2mvHUuH39XLwZ7diME7EU1yPyB4X8aWHw8ZnTG6dONAZ+WY7moKLXjOj0e838SWE9HdbXYiWWYrmoz8r6dFC/MqxvRMT5/nD86CS95nwsFuP/uBibsRpLcf9UfcTpjVOrjeICzc6ovh+xF/XRIgbzz5Lyk7MxqM2vNRcRuyuNxslsY19970Jt2A8AAAAAAAAAAAAAAAAAAAAAAA7DYwtRnJ7TWC7Pv8k6/d77Z4oOjen24fk+eXNxPtBefj5QVhudzvNhevB8oP3n8/SalZi7qysHAAAAAAAAAAAAAAAAAACAf4/uTjVa7fbmdnfnva1xUG33JzJvf/flNwtxsM9b6TgTlfxyZSaJpBxjoiqNsjwry7N0X58iSCOKzkm0LlwsrzbZp1auYqp8ENSmmpJinq12+9hDP382q+rPcSaNsqk+c4jRGieaOvflqVnzuXmQdHdWb9HnUpZlNyrf/XS6KuoRlakX7p8Ivr38xgOPd48/0U0qW62vi0MfHnl06cVLn3zx21arPXr52+3qdvd69rfHSif2T1Lc52TGTpgd7I0ze9vdnVb6w+8vPfjR9wc6p7P3TzaZeffGY31VBNViWu1q3jSY5u2sdH7G5p8dvHqt3L13fjOPf77Wurj706+jm3mrqokvEg7qAAAAAAAAAAAAAAAAAACAIzHxt+J34MnnD29GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD0xv//fyLYm8rcTnCtH9NNtc3t7sEx01GwcOTLBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgHvVXAAAA///gYW5L")
truncate(&(0x7f0000000180)='./file0\x00', 0x9)
unlink(&(0x7f0000000040)='./file0\x00')

2.291358528s ago: executing program 1 (id=10054):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
setsockopt$packet_int(r0, 0x107, 0xc, &(0x7f0000000000)=0x9, 0x4)

2.050151055s ago: executing program 1 (id=10056):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='test_dummy_encryption', &(0x7f0000000240)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000040)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)

1.726057665s ago: executing program 1 (id=10058):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x4100, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x3)
close(r0)

1.644534658s ago: executing program 4 (id=10059):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x800455ca, 0x20000000000002)

1.525522272s ago: executing program 1 (id=10061):
r0 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x93, 0x1, 0x1, 0xd59f80, 0x19ef, 0x7, 0x19ef, 0x3, 0x6, 0x27ff, 0x2800, 0x2, 0xbb6, 0x0, 0x8, {0x8, 0xffffffff}, 0xd0, 0x9}})

1.524762242s ago: executing program 3 (id=10062):
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000040)={0x0, 0x0, "d607f8f9951e76c13f64323723e7eecdf40c363423eb3d259266ec9c486c1a4640c81b22bb3327ef4f001d34c09f39c3539e4fbdf32603b4fe565019fc63c468b257ff3e2485250200000000000000078b9cf1fc8f72566153c97e4af37017ea6b16b694bb4af9d5c3b904001657671bb85181fdf03bffff250b5a2dd8c7b387f4f487dbc9a0300300dc44febf7ddc73fc4a5a0b6c2866687f46c7084e17c809268103a2584ab40a68e528329d97afc3612e325c1eb4a3ab2e156a0000000000000000000000000014000000000000000000000000000000000000000000c97d2fd20000000000000000000000000000000000000000000000000000000000de", "0615e456c196e819a321fdb3690bfab19538829a732a01781564ef7738cb5b82a704b3952f81c68bb4ceeaad63206f88201638e87c4981cbf9332cbc9c4d69e392bd33237ece7ad91e44edac0da8dacad81adf2e08c21ad6b44ce1f90bd618c255ca40cdb411485fb48a51d329c816b3488c7d032ef69c502c6e1236bd381efd410165988847c1dcb98a18ca2b853910e52044fa3b3026cb88de269537c8f26ffc3b15cbf279832bfc90bd95939043182e88050dfd2a4784a5d1453610fb1f1c2bac36c3ecd3e6fb756ef8880debeef3636afd981d8af4ab119928448f90351aec113335eacf52a18c87738d9679d3acc032a16fbefc64776f363610a15b37bcd36e6a7cba931151b9c9ba5779d550e9ab21603a43a25f3b4895d8dc4f3ce0e7d5e964e888169ea79a0848e9338b3d34d62e963fbf98834f4455419907f0ffdb76373af77a34edee7789f56e7f01bdab9614a0d460f791a06e6cf5243bf2b3a1624a80ec7e1116f1c81f5ef4b895be74bf67eea9193428b58a8b62b7976d3d2e59796c46ec918c83cd49c3f43dbd2967586966c19ace7b0bef5f94eb333b362649f1bfa114f8b1f126e97ec672cff77e2130823fa7a1df6760c6a8917815e9f0a409ed32b133df7dc9afceffcd472b35145c83c9167764d25ce214133c6170adeb6653b30b226a3b6ff1363ac862a540c7fab584cd051ce7ee951e0f121d43cff75afbdec6bc6f6e8f7db58c8086751320d22ee8582e915cabc536e3767e9a9230c9ae8b92398f0ca2a7141ea4588af7afde10e5ec2a6fe85ba5712e126629d4e3998fc4721cb638f2ef8356049e3448466e2c400d5e8baf843fa399907cb526b791c5350ce29204cb6fe50b892a69ec6dbecc28f032a745738faa12c2a34222942fef0ec0511da5fe0b565ceac429da7cc25cfe0320b40a514723e2392a6a361032343edb79fd83cd0a354837153542fd61b3156b54c566036e493250c3a3214738e3cacc24a50d5dfd17d5008b4ca629c3062f3417cb69c48b8b888ae51256bb4e6c68e95a71a00383ad9df263f6a775ded64fef20ed5cb5f31c33cb86f839d00a12e40cd31219113619c4e0585454cb1776278bfd7f5c4275792afb790e83ff0fc6925355c7aee7a070477d9ec2292366e39b9dc66f7adcf449a1a718e5217183faf06cfb4bdb87382388cf2d12ea0684084ec0d693256e280025b23b5a08b7b1ebe7d41fb045793f971d6ee066604818cb09d86c1eda99a44c35476a113fd5d1a7543f8f99424ebb78dd9e00d719502a6eafa743a061fa3fa55e4deaa0a011b6b9d633f10e0c9446b5a2e3f6d6014ab00695366c1a6bf0c32f703aebb7988c7d4d322681458e85626302c70f37628835e1fcfff1da3099c0b4af433eb9a51f9609f2c0c09a98b18880c846b34d6ac0210f073765666100976ee1d928893f983580ea47a012144633b98e02c3e81869534ab985eb3a73e0bac892dac949f85db949285a6a7a490b1075467226af23df82d8dd09b7282490fbb3ada9ed4cae8f761aefbe0701de6b132f12044c58ac1c2607c8f51361de5bed021dea13fd0a440263cf0b304522a324b581ab274e7bdae5994316657b5c0ab0220d9b08739729f7a35d436878c182aec4f08dd161c11ee5b7937fae7835e8bfe98a44c8d4bbb2e0eee0cb5d7c93517e96a9fc8132e60f3ef7c735bea1934b37df451f981c8d9210e61278c871e6dad6ceb89aa4d7245658a63e65cec7b81d307426a60a31cc917844a14e1d9ad83bef1c9f736d1836687c950d1275caece0d46ab9f3b0e95d9cf560eb8134e8346b35e0a6f60e6a87a14c4aeb3e0d06158390660a52a6e44b524c1e16de2bf99870f78fc81d267072bc63e97d3f26d23fd59799ff2c847d6a724cebc2377a582ba73d99a610a095c28d66c60910ac64b7d18847fa98fd8528b72e0a149b082c731575b2e2763e67c821ba29eecd8b8c87981c4fb1fbbaaa4e8aa077ec98de1362fc7af7a0ac5e3297fd0d924124b2e255b5cc4f6b0873f3d34418d5ae0d6f734628f38cb9b856b2db3fbb2fafb76983eabc51a348e55789e997fa25cbe6e5031bd2e33d4e2686f964a65d1abf7f96a20a8b270b1522ace4adf6fdade5cd3f101574960d13267e2382f70027ebe5ef7f9418e14e6a8a130d2aec2253c8fe21825e3295774db0c9b1340ea28a96589ba0d9f79a7b1b92aea6f704ef7f716d849b8c77e6922e198a086d8133491d0bb85b925825a6d307d7cc8f09c655aa3edabf84c75560dfb279ee3e8b825323279edc58c3161e72cf9ae02ef80d500da922c0abeb8b164abd9c17ef7c02e89000d67b0c2ddd078cacbf37c4826be3845948d598980d63c1d7aade89d0637d80a4c102a35eb027a08ef90cc20d17fc514926914e68e5de54b861200ffa4ce1cbc16e4ecf342a1176cdb561f7dea38b3ae0fd81260f72d34e6f33d364cf313d3b3161410dcbf5f0f0579a1d235b49bb5d27f85825b94f1899e7846d0292ad912d934574f9d55d2152dbfb39d662e6e0f2496182d012af8b4bebbdfa1d68e3e988869fb5cd9612db97e6cc574444f4b5025ec9827bafc55341bf6ad3fd4fab2ee43f343cb9bcec0c38384b5699e5c6d5973ba591978275c51a40200d340b9ed3681f08c69f58320f538f9cd78a34eb6ed55710d2478ea4bd15813921817b42f88f1bb038033b519668f0a2e8693b9a19c7bcf96eec04bda625b31c32f4286be922ab2c87aa30310c8f46551450d5bc26b5fbfdedaae0f756384023bb9a28d3200cfeaedd63d6afe076513e8ad73d16607cd4ede16344e60d8707357e82b1089258c56d851a435e23ce0919825e04471dd61a44c43e87c2959d4e89311a30ee8be010094d0ef109bb210dda58b21b685b9e9c078c9ded6117d9a88dd7799291969851cd4c3f22b5f870a275a692188dafcf6e89ba87b0eb61011de031fda25fb3349901d40da2bbdb76eda417c9fafd90fb23504ab150ca0033ea1d00000000000086ba3aaa79d0df4f2e4e4afa565e66d28aa167f835d080bf1d41d0e52dbf81c671f8eacae234bf4fc328302671fab46613b73daf2ace80aff2f80f6a9d84b82480178cc612aa90adfc80ab3bba7d1527fc6ab04f009011bf093494a0d329df4e53d855b1c0ff6a25d22052b3a778e1ca2fbe59c9eeedf99e13682d06da269560524ffa0f404b73b946edf900ee958ceba09a051e27a620fb78e7a352c182c8c2981ce822eeaf6323965b4b3f322d40d406a158b6f3cf5d74822de952fefc341d0dead6c1c8fed8e48e0a85b51c1dcc7796d3f45bb1f50467a475da76c356c9e031b096867da1dbb89c3a038d475dbcdb2df1278d5dba55c2fb5ba6a9778c2a244198491f0f711cdb2ef0332f347afffb1b098b4c59041ccb0c286bb2dd40e7ec713f6ffe0b1067678c748615dae3c1e090f3739a9035767fb9972580d19fdef49a5071f99c3706b8fa4991f430721cf3ca11af0e3bd7c4d0cd0ab5b7d98ee66730c20a098110e4a15ce0bfc88c41fe375f261fe3557e14eb5ff4a2cdf6a008fd7b6702951b8456e940fbd269a0f3ed515ac03cfecce67027d579e1226bd7b7381827453550343566508d38790ee838c3bf85c6c91a45e7a44752f57313533a3e82e4042e65d346afb20c0527575f79080aef4e1aa8d5868d190c8d37bdae7592e41bed37b9d4c30d8126d3debde02dff03f5ef1e48133e2a41cd55347bd23dcce57a00189619db629c530dc112d22ac72bce353681264b5175be40b3ba84408d0f56762cc720e96c128447be7128748e185be2640115556bac64d060207e629b0144e501c1c49c6abd15c7982b01e22da2ad04bb28df1a27f31e18040c16406071d798bb40d901d001e22cc5ed870d08702f49f0021814cdd814901a13c7ab061bb4b8172c639b3449e24f656fee58186e69e6874ea95d946da781b49ca080ffb4a3c87746c661f43e9be52d0ba2ee368b9c143687c8846abac599069decf41e69fddcadf31c5f715917df12df4eedbfcc5805fe8e661b8fcd7b130d7bcc4a9a152de93a15dddacf3cf52479956185a3c5000d18ddce0236d5858c0d8761bca7446e3d30f3e8f48d5e8f86a60cbe46f038b1028ffd35590bdacfeebb86e28d42a923bdc3f9a307b919341a2a7dda096d41070db245c2c424aedd4a4bb9863169454d09f25fd0aa2da7bfc97ad7aca886dd998e041133e07899ad48f7cda600de48ac3951152dfbe6331b8acae24cfd2dd2b14696c75040685c756942a0d049ee9863a2e480388f93876f3910ecb3a59fa16c25b2b3636a542f92744495e10a4ce37f19f5c2256e2d61775d388e2a86b52f76add2f956aa02501f5badb94da12595b2bbf88b05dc70caae6766fd3df4f299d0ff71c8787249b255ea49b3d33b3f1a8c9403cb75d64264465c3578538382b23d721f8a49134020ca2d9e887d9949624ac6d63322b6507e277a0020db9bfa2928736b96c72fa3406a95adfe6b374ffa27001d37d3bbe725e75c257834572026c511f57dce67153a4008f9e75e07ed9237f600005800ee667c137fc78bc4fd4ebf4d228979ab0ccafbcd8b8daad76fb2abcfc585377ea6e19f170db898b950a7b0f4e75466a2ba26e7d60e0a6f5c54a3fe78677f3362c5b01ae791b62ee8a5d0fd65b739ece4f3b758d05a8e4e4ea7e4866ee67750ce2769f72a9f45780eadfae73b42d4dd4c614c797c694ece8af88cc732edabfa26ace57de54835c7551154dfa3be11a0d3b5845ac97b2da84410a652e72cd563acbb2b02bb59370cebaaa80014e3ad280944eae6fbf8d5f85237257bb5b8e5ec3e52dc06f8394176b325a577804e9eb78d7015172d17ed15f905f705d56687f53988bb207c74fbeb2b03a700258e835362886239f4d8f1c2cf6d4d10ff26d2579ea40a5fb99e5b6d01cdeda050d3faa78ed674f2899be08332086c8bf0410a7d06099c50a2d949d49a0f21b43bcdfbdf435875cf5a9def46db63746574ee8a5c1fbcef411154e914dd9e5bb1b1bd2944581083fb66a017e7972df3daefc487e4198cb281d3a80637d52b41738b7f1a57c867d5b2ee5d72465657593339506fd0c3807cd6445eb54cfb5ca9d35ef93eec6383224ebf85197eb6ed75f6c324f6a0345a25be6bb52ed347e57ccb059b903fb7db4e9f46513a4158ce29c1f5d6081b556bbc471e89225cad81aed34dae0f90ee8e7237b3b286e29b49d7a1700c537b28571f7d7e2a55e10792d6f7779ddefa3febdea5693048372a45903c04f1035a96c6cfbe6f6c2b754581aac02f8a70e698be6e37fd411cf4b76317b47683f6b0f80dfdeef3a9767c7e5c30dff786093a21477431fea0458023953700"})
r0 = syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x800)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x40045730, &(0x7f00000001c0))

1.358180437s ago: executing program 0 (id=10063):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x0, 0x0)
poll(&(0x7f00000002c0)=[{r0, 0x80ad}], 0x1, 0x2)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000240)=[@reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

1.357926728s ago: executing program 1 (id=10064):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file0\x00', 0x8c0, &(0x7f0000000080)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119], 0x5, 0x4451, &(0x7f0000008900)="$eJzs3T9sVPcdAPDfe3aLTYHalIFKlXpSUVu1lWUz0RqpxhiMDS4VLQxdjrN9gJuzD9nnKAODoyxImSJliDKgRMrmCXnLRJZIGbNkJDNSMmSJFAnlort7Z99758MX4sMBfT4S/t37/be/9373e8PxixOVO0truaW1XGElV164tXY693q5tL5cDHHWp205+6Lr8TlQvYiT2B+cq+cv/ufG6RA+WfziSbVarYaa/rCrsZbX335zb6E1bYpbL95q9Lt7b/vlfyGEE23zqukLIQwkr88l6WSSDoYQjoUQohDCjXtv38zt02wePi6ezT+du781fmp288FW5989CuH90m//dnv5qz/0jX/5l30aHgAAAAAAAAAAAAAAAACAl9z0tavX/z06Fh5FoX8zav++7nSSdvp+bHXf/L73vywAAAAAAAAAAAAAAAAAAAD8TO18/z8XHd/l+/9TSTrRoX31n92N88efOE96Y+ZfV6cujI4l579HbeVnkqyvz/WF4eb56p91Pv/9XKb97ue/t4/zvJrza447FKJ4JHUdxyMjIXyYHPx+Mjocl8prlb/eKq+vLO7bNF5a6fg3Tu9PRSc50D8V/2ec/z+Z6b/35///pu3dVLu+uX9vsVdaOv59Het99Gb0jPj/crve+Uy7FxF/nl86/v31vMHWChONBaAW/3f6977/pzL99yr+x0IIuag211xqBajtYWr5nfYrpKXj/4t6XmrpTP6Qne7/7zLxv5Dp/6DW/43sBxG7Sse/sY4PpGrs3P/D8d73/8VM/wcR/9r8N3z+dyUd/0ONzP5Ulfpfstv1fzrTf6/ifz1O5nksSr0DNqNGfqf/r460dPwH2sp3nv/irvb/lzLtX9TzX3Pc5vNfc/n/c9R4/mN32/HfCk+q1cGO9bq9/2cy7Xq9/k/U939tzpzo5aCvkPT9f7iel947D9V/dop/NRP/2Uz/zxH/jzs/he6o70oGmvHfWU++P9TI/8D+ryvp+P+qkRm31tio/6zv/6K99/+XM/0fxP6vNv+NuLejvirS8T/SsV4t/p938fl/JdOu9/EPYbT5BmjfvrCHdPyPdqxXv/8H9o7/XKZdr+P/p152DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPASmEzSoRDFI6nrOB4ZCeF8cn0yHI7mC4v5+VJ54bW1EKaS/Fw4Ht0ulecLpfzSSnmxmC+USuWFEC4k5SfCQLRWKlfyy4W7F7f7GozuFAurlflioRJCmE7yfxeONvuaX6osF+6GEC5tl/06Lq/evVNYyS8urf5jdHR0NMxsz2E4Kr5RKa5UGqM3SkOY3W47FLVMrl58eXsuR6L/l9dXVwqlev6Vljal8kKh1NJmLil7NwxHldX1lYVCpZgvlW83xztIE0k6NXPtv9eujLWV34wa6eSLnRYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9Kj8b+/F0Lob1zFIYRclLyIkn8pDx8Xz+afzt3fGj81u/lg68ludQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4gR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirs0j9KA0EUB+A3Y6Glx7BadjvbFUW0cEXwBHoMD6NH8RLewSJF2hQhkMxC2D+wTVJ9X/Ngfsy8B/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACWe3zr3l/rJiLF1fYy4vfz7/84fy71+276/sUZZuR0nl66+4e6Kf+eRvltOVq1eZ9u1l8fMVF7P4M9Ge7TwbjP0Ny+zc3X972OlKuIaEt+k3KuqmVvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3jqJvAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//9HQIRk=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuset.effective_cpus\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)

1.357802837s ago: executing program 4 (id=10065):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./bus\x00', 0x1, &(0x7f00000017c0)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ec0000000000000000a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06adb7b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02040000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f6505003cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096746a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd970140495fde08532c0a7b65c9ace709805bc67b09e57de7c3d7633515bedda91d7c341c30762156b62c1", @ANYRESOCT=0x0], 0x1, 0x555f, &(0x7f0000004440)="$eJzs3EtvG1UUAOA7TpPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKKhJ48R9fJ80PjPX12fusUaRzkzkADy15tPff03CxXAmhDATQjifhHw/KbbcSgwvhBAuhRBK/9iSYvzvgbkQwtkQwsVR8pgzKd768srw8vIvb/323Q+nT5376tsfp1c1MG0vhhC6m3F/pxtj1orxTjFeG7bz2L0+LGJ8o3u3OM5i3Gmu5xl2auN5tTxea8X52eZ2fxQ3OrX6KLbaG/n4Zi+esD9sjfPkH7hT28qPG831PLb7WR5be3Fdu3vxb9tefxDzNIp8H+fpw2AwjnG8uduM9WzezWO9NyjGY96s0dwdxWERi9OFetZp5OtYP8o3/Wh7u93b3k2Hza1+O+uly5XqS5XqjXJ1K2s0B83r5Vq3ceN6utDqjKaVB81ad6WVZa1Os1LPuovpQqteL1er6cLN5nq71kur1cq1ytXy8mKxdyV9/fb7aaeRLoziq+3e9ly70083sq00fmIxXapce3kxvVxN311dS9feuXVrde29D29+cPuV1TdfKybdt6x0Yenq0lK5erW8VF18cI1zx13/6AQHrH9wlPo/KxZ9iPqTQ10NcEguMIBDu6//D/p/4OFdPOC8x73/D5Ps/0ctlf7/wf1v6ej9/5H634fs/ydW/wTufzxq9cOR6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5aP81+/Ua+Mx+PzxXjF4qh54rjJIRQCiH8+R9mwty+nDNFntn/mT/7rzV8n4Q8w+gcp4vtbAhhpdj+ePa4vwUAAAB4cn3zyaUvYrceX+anvSBOUrxpUzr/0YTyJSGE2fmfJ5StNHp5fkLJ8uv7VNidULb8BtYzE0oWb7mdmlS2A5kZh08v3BvMC0piKJ3ocgAAgBMxsy+cbBcCAADASfp82gtgOpIwfpQ5fhac/+f9vUebZ/a9BwAAADyGkmkvAAAAADh2ef/v9/8AAADgyRZ//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiLnbvJWRqI4wD8b/uWDz8iMe69ijs4hkdw6VI4gJfgCHgFL8AZcOcRDDW0E5IqJMZObSTPk3TKtOQ3M9DNTJMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAMX2rD5svn95+HppzbobJMxoAAADgllN92LQfVl39ebr+Ml16nepFRJQR8fvMfRlVzHqZVcqpb36/aepf+vA1ok24tDFPx7OIeJeO6tXYvwIAAAA8ruNuv+5m612xmrpD/Evdok354n2mvCIi6tX3TGnlpXiTKax9vp/iY6a0dgFrkSmsW3J7un1vlquRvqp3SiNZbNs/sa2V47QLAABMqT8TuDMLAQAA4AF8mLoDTKO4Ftf3jPPulF4ILns1AAAA4D9UTN0BAAAAYHTt/H/4/n9NM/b+fz/s/wcAAAB/rdv/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDGd6sPmuNuv793f/mHOuRkm34gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Mn+vKNACIRBGOxd35nM/Q8rDRoam1SB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/vzkgIhEARRMGf876Tvf1hJ0DOIEAENjypq0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzv38xtFFQcA/Ls7O0tBibWaHqoGEw96kXZBkKMeNI0H/wSTpmyxuogCByGNphc9mZ5J1OjRGBNNvfE/cKYJF7xx6KEmnjXzqww/lA2pM0v7+SRv3nd2J+993+yG8O2bFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKttv91/slnGSHaaLuHrt5s7actZv3ddnrm/cmstaFnceNdHXb+198pPtpfrJsdnayZfNJwMAAMDBkFT1fUTcTjcXs747ndX/kVbXZDX/D0eLuKrn76/7t3bWpsq35qr6//ff7jy/O9F0MU826MrqaLjwYCq9/2mJE++ZR17Ry+98/rOXJP9Auu+tP7ed5vez882NG+/08/BQE9kCAI/jeNWXQfX/oawftJkYAAdGr1Z4V/V/Mt1uTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABN2F6Pp6q4ExFzvbtxZmtnbflh/fWNW3NVO33t2kZ9zGyINCJWVkfDtMG1TLpLV65+vDQaDS82HxyLiPZmL4MPxrgm4r+vKb+e0d4q/j3oTEYarQbd8vOZlHz2Mqi+e3s/ckv/IAEAsA8lR6Osx9Oyrr+dbi5mr3VmIv7+8d76/9VaHGPW/3c+PH2zPmO9/h80tcyJ9+13Eec/nb905errq+eXzg3PDT9548TgzcHJM6dOnZnP7tXC/Ep0hwttJwoAAMATrF+2ev3fnXlw//9ILY4x6//Pvh98UZ8rUf8/1N1Nv7YzAQAAOIj6u9GzL//1Z6f+1lTRdfr9+Hzp8uWLg+K4e36iODae8mM4VLZ6/Z/MtJ0VAAAA0ITt9c49+/9na3GMuf//9E8v/FIfM4mIwxEXImJ4fPnC6Gxzy5loTfyicj5Rv+2VAgAA0JbDZSv2/3v5/n+aP//f3X3koRsRr71SxNXfuhqn/k/e/ern+lz15/9PNrfEidSdLe5H3s9G9GbbzggAAID9bKpsWbH/R7q5+NGvR97ve/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoGn/BAAA//+TyzMu")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0xe9)
getdents(r0, 0xfffffffffffffffd, 0xbb)

1.25791793s ago: executing program 3 (id=10066):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x4a38, 0x8000)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000140)={0x53, 0xfffffffffffffffc, 0x6, 0x20, @buffer={0x0, 0x0, 0x0}, &(0x7f00000001c0)="45274c199f6e", 0x0, 0x1000000c, 0x0, 0x0, 0x0})

1.195119743s ago: executing program 0 (id=10067):
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0, <r1=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000280)={0x38, 0x2e, 0x1, 0x70bd2a, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r1}, @nested={0xc, 0x3ffc, 0x0, 0x1, [@typed={0x8, 0x10f, 0x0, 0x0, @fd}]}, @nested={0x14, 0x1, 0x0, 0x1, [@generic="d89304547cb705c1c9e7d0fc1f801fe2"]}]}, 0x38}], 0x1}, 0x0)

1.050120137s ago: executing program 3 (id=10068):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000580), 0x5, 0x4f3, &(0x7f00000005c0)="$eJzs3d1rW+cZAPBHku3YibN8bIwkgyWQQfZBLH8wYm+DsattF4GxwG42yDxb8TLLkbHkLDa5cLa7XOxibLRQetH7/gW9aa4aAqXXLb3tVUloUxfakoKKjiTHH5KjtraU+Px+cKJzzqvoeV/Zz+uj97xHJ4DUOlf7JxMxHBHvRMSx+ubWJ5yrP6w/vj1TWzJRrV75KJM8r7bdfGrz/x2JiLWIGIyIP/424m+ZnXHLK6vz08ViYamxna8sLObLK6sXry9MzxXmCjfGJi9NTU2OToxP7Vlb7/7nH3cvv/H7gdc/+/fD+/99681atYYbZZvbsZfqTe+PE5v29UXEr/YjWA/kGu0Z6nVF+EZqP7/vRsT5JP+PRS75aXbmyb7WDNhv1Wq1+mX1ULvitSpwYGWTY+BMdiQi6uvZ7MhI/Rj+e3E4WyyVKz+7Vlq+MVs/Vj4e/dlr14uF0cZnhePRn6ltjyXrT7fHt21PRCTHwP/LDSXbIzOl4mx3uzpgmyPb8v/TXD3/gZTo/CM/cNDIf0gv+Q/pJf8hveQ/pJf8h/SS/5Be8h/SS/5DerXK/6M9qAfQfbv9/R/oYj2ArvrD5cu1pdq8/n325sryfOnmxdlCeX5kYXlmZKa0tDgyVyrNJdfsLDzr9Yql0uLYz2P5Vr5SKFfy5ZXVqwul5RuVq8l1/VcL/V1pFdCJE2fvvZeJiLVfDCVLbPqTL1fhYKtWM9Hra5CB3sj1ugMCesapP0ivr/EZv+2XhAEvthZf0bth8Ejbol/H4r5UB+iC7G6FTx50ryJA11047fwfpJXxf0gv4/+QXo7xgd3G/6NxL7+WjP/DC2vX8X/gQBtuc/+vo5vu3TUaEd+JiHdz/Yea9/oCDoLsh5nG8f+FYz8a3l46kPk8OUUwEBH/fOXKS7emK5Wlsdr+jzf2V15u7B/vRf2B9raO8DXztJnHAEB6rT++PdNcuhn30W/qkxB2xu9rjE0OJkcwh9czW+YqZPZo7sLanYg41Sp+pnG/8/qZj8PruR3xTzYeM/WXSOrbl9w3vTvxT2+K/8NN8c9863cF0uFerf8ZbZV/2SSnYyP/tvY/w3s0d6LZ/zXnXG+O3+z/cm36v7Mdxvj7q/9qdXo3mez96E7EmZb9bzPeYBJre/xa3S50GP/hX/70/XZl1dfqr9MqflNtLV9ZWMyXV1YvXm/WYvLS1NTk6MT4VD4Zo843R6p3+uWpt++3i19rf0Ob9r+/o/1DjTr9pMP2f/GDB38+t0v8H59v/ft3Mnnc9v5Xqxt1+GmH8T8Z/+Cv7cpq8WfbvP/ZVvGjWRox0WH88v9/59phAHiOlFdW56eLxcKSFStWnu+Vvuhi0Gf1HGvd6aCAffM06XtdEwAAAAAAAAAAAKBT7Wb/3tvD6cS9biMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEHwVQAAAP//QUvQlg==")
dup(0xffffffffffffffff)
fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xee01, 0x0, 0x1000)

1.008071248s ago: executing program 0 (id=10069):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x9e3fa8e44e0a7631, 0x0)
io_setup(0x226, &(0x7f0000000000)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x2, r0, &(0x7f0000000a00)="1c73de19da4e24a4be5c3011d88efffbb251589a5bef61f451a747474f315938cc426a841b78d07b04cc6f2d276323ea48a6fd1c0ba66f5055239df5a21b234315694fd58fe32aeaa543e5fe08ccdf3e689caa8cedec8010f8bb8c59eaa1ecbf0f6f66afde88c010b3138095b6a0116af9c9011f03cc24e087286f2553198568c0aea639920383723c52ce2839b5dcb5ecf2eb92eeb24271354e1719e92347b792d0402fb04bbbf78fbebbf4b4832385561e1010dd612da55e8f738b13288b548d333c1d174ade527cafb3fc6576c16cd2e71f68286e28d5d8a17ef63d253bc56ce36b8d4aef6c0a34d8b9463ce4535f9c1700a5bf7b0f217ae63d3d377ddbcf7d4dd2f3f8f08de60c87b1e07487cae176e2f76ea307fa1693d84328c7f751d6d997555964813b103ea44b6e2e8bcc09609c25e5d1e0f174c44dfed19aa2fc6e6a60c589909709ff6b1a8e3c7462427d11469f81fa4d9a69ee39b8f3824889f3ee0c5838a22832193d9f42bfcff8f1990746da71c109c82f51aaffbc9b33b03fe4993f4bfb59461c5a2e13514072283677447793cfe1e7bf5b48416b80a7e18e22cb13e0370f7bb9bf952c4c5355dbb8fe0d912f88d743c536db4b306075c2dcd59d602e75bb159f71e4f11192631fc338203c136c9efc5f05bf94d2fee1a6ad20f2c7e834e5be49ebedde2d9735f46eb08c6537d24f3f06589a4597f2d9378f", 0x200, 0x200}])

750.185356ms ago: executing program 0 (id=10070):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000780), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="84000000", @ANYRES16=r1, @ANYBLOB="010027bd70000000000001000000080007008a0101024e00010003dfe4dd9e6efa9e72e4065e1dd0ab4c3f17568492fa019225f4f55724dbd9d7264880ef7cef4da08a74e947a31ce6750f9a05e44bd95d7a6eda083bb40ea3d63e0c0000ddd4a0c6f5e4000008000c000300040008000800ffffffff0800020007"], 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x0)

582.276832ms ago: executing program 0 (id=10071):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=r0, @ANYBLOB=',group_id=', @ANYRESDEC=r0], 0xfd, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x2010014, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

582.091022ms ago: executing program 3 (id=10072):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000040)=0x5, 0x4)

358.578399ms ago: executing program 0 (id=10073):
r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x8, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})

0s ago: executing program 4 (id=10074):
writev(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000140)}], 0x1)
r0 = syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000000)='./file1\x00', 0x8c0, &(0x7f00000003c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x0, 0x441f, &(0x7f0000008940)="$eJzs3c9PHFUcAPA3A1qobYXaQ01M3MQmGjUEelJpIqW0FFqsqbYxXrYLbFt0YRtYjIce8NbEk4kH46HRxBunhoPX+id48VjPTfTgxcSkEbO7s8AMbFmRBdt8PkkZ5v1mvzNv3xymL05Ubs4s5GYWcoW5XHnq+sLJ3Gfl0uJsMcR7ZL/7pzXtiJPY759LZ859cPVkCD9N//JwdfVAeJyBDb//+cftqY3HhjhTp9ruYxv9zz4OIRzbNK6qjhDCRz+GEIUQTidpw8mxO4RwJNTzrt7+8lpul0Zz70HxVP7RxJ2VwRPjy3dXmv/tUQjfll5888bsb690DP76+i51DwAAAAAAAAAAAAAAAADAE2708qUr7/cPhPtR6FyONr+vO5ocm70fu7prXm7/HwsAAAAAAAAAAAAAAAAAAAD/U+vv/+eio1u8/z+SHIea1F99t/1jpH3G3rs0crZ/INn/PdqU/1aS9PvpjtC7xb7v2f3fT2fqb73/++Z+dqoxvka/PSGK+1LncdzXF8L3ycbvx6ODcam8UHnjenlxbnrXhvHESse/vnt/KjrJhv6txn8403779/9/YdPVVD2/tnuX2FMtHf+OpuV++CJqKf5nMvX2Iv7sXDr+nbW07o0FhuoTQDX+X3VuH/+RTPvtiv+REEIuqo41tz4DNC7fqPl6hbR0/J+ppUXr0/7aB9ns/v8rE/+zmfb3a/5fyn4RsaV0/J+tpXWlSqzf/73x9vf/uUz7+xH/6viXfP+3JB3/A/XEzlSR2ifZ6vw/mmm/XfG/EifjPBKlroDlqJ7e7P+rIy0d/65N+evPf3FL67/zmfp79fzX6Lfx/NeY/l+L6s9/bC0d/+6m5Vq9/8cy9do9/w/V1n/sVDr+B2tp6bVzT+1nq/Efz7TfrvjXViVdjfivzyd/H6inf2f915J0/J+rJ8YbSyzVftbWf9H26/8Lmfb3Y/1XHf9S3N5enxbp+B9qWq4a/59b+P6/mKnX/viH0G+tv2Pp+B9uWq52/3dtH/+JTL12x//VdjYOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8AQYTo49IYr7Uudx3NcXwpnk/Hg4GE0WpvOTpfLUpwshjCTpuXA0ulEqTxZK+Zm58nQxXyiVylMhnE3yj4WuaKFUruRnC7fOrbXVHd0sFuYrk8VCJYQwmqS/FA432pqcqcwWboUQzq/lPR+X52/dLMzlp2fm3+nv7+8PY2tj6I2Kn1eKc5V67/XcEMbX6vZEGwZXy76wNpZD0Sflxfm5QqmWfnFDnVJ5qlDaUGciyfs69EaV+cW5qUKlmC+VbzT6209DyXFk7PKHly8ObMq/FtWPw3s7LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+pfuDb38TQuisn8UhhFyU/BIl/1LuPSieyj+auLMyeGJ8+e7Kw63KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/sAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYVdOkaJGIjCAPxmRLT0GFYh6WwjimhhRPAEegwPo0fxEt7BwsLWYlnYTCAkG0izW31f80h+Zt6DeQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsN7dc/fyVDcRKc43ZxFfb98/4/yh1I/r/edPjjAjh3P/2N3c1k159zTLr8qv3zbv0v+/99fo62mMvgefkz2Z7lNv3mdqad+W5hv6XkTKVUS0Jb9MOVfVursAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC07cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZR9G0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwKwAA//8hvRzL")
ioctl$FS_IOC_RESVSP(r0, 0x40186f04, &(0x7f0000000200)={0x0, 0x0, 0x39, 0x2})

kernel console output (not intermixed with test programs):


[  751.518401][T25327] loop1: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  751.792116][T25334] SET target dimension over the limit!
[  751.887276][T25337] overlayfs: missing 'lowerdir'
[  752.134298][T25348] loop1: detected capacity change from 0 to 16
[  752.172527][T25348] erofs: (device loop1): mounted with root inode @ nid 36.
[  752.231512][T25348] erofs: (device loop1): z_erofs_readahead: readahead error at folio 3 @ nid 89
[  752.259551][T25348] syz.1.8829: attempt to access beyond end of device
[  752.259551][T25348] loop1: rw=524288, sector=34359738360, nr_sectors = 8 limit=16
[  752.315402][T25348] erofs: (device loop1): z_erofs_readahead: readahead error at folio 4 @ nid 89
[  752.367101][T25348] syz.1.8829: attempt to access beyond end of device
[  752.367101][T25348] loop1: rw=524288, sector=16, nr_sectors = 40 limit=16
[  752.401131][T25348] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -4055 in[4096, 0] out[8192]
[  752.458068][   T28] audit: type=1800 audit(1778709579.492:652): pid=25348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.8829" name="file2" dev="loop1" ino=89 res=0 errno=0
[  752.724735][T25362] loop4: detected capacity change from 0 to 4096
[  752.746750][T25362] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  752.800267][T25362] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  752.987139][T25371] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8839'.
[  753.224004][T25380] loop4: detected capacity change from 0 to 64
[  753.728454][T25400] loop1: detected capacity change from 0 to 2048
[  753.776265][T25401] delete_channel: no stack
[  753.786902][   T23] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  753.796928][T25400] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: unaligned directory entry - offset=0, inode=18446736377128157191, rec_len=65535, name_len=255
[  753.836535][T25404] xt_hashlimit: overflow, rate too high: 1125899906842624
[  753.994786][   T23] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  754.006841][   T23] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  754.049497][   T23] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  754.066730][   T23] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  754.100263][   T23] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  754.119248][   T23] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  754.137146][   T23] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  754.155821][   T23] usb 5-1: Product: syz
[  754.164568][   T23] usb 5-1: Manufacturer: syz
[  754.196063][   T23] cdc_wdm 5-1:1.0: skipping garbage
[  754.215356][   T23] cdc_wdm 5-1:1.0: skipping garbage
[  754.237324][   T23] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  754.253995][   T23] cdc_wdm 5-1:1.0: Unknown control protocol
[  754.293011][T25413] fuse: Bad value for 'fd'
[  754.407875][T25392] cdc_wdm 5-1:1.0: Error submitting int urb - -90
[  754.447922][   T23] usb 5-1: USB disconnect, device number 7
[  754.684594][T25430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8869'.
[  755.131066][T25436] loop3: detected capacity change from 0 to 16384
[  755.233069][T25447] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  755.937040][ T3475] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  756.567343][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  756.720307][T25496] loop4: detected capacity change from 0 to 1764
[  756.791436][T25496] iso9660: Corrupted directory entry in block 14 of inode 1920
[  756.851342][T25502] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8903'.
[  757.489144][T25526] loop4: detected capacity change from 0 to 256
[  757.569504][T25532] netlink: 'syz.1.8917': attribute type 1 has an invalid length.
[  757.590756][T25532] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8917'.
[  757.663810][T25526] FAT-fs (loop4): Directory bread(block 64) failed
[  757.671800][T25526] FAT-fs (loop4): Directory bread(block 65) failed
[  757.679900][T25526] FAT-fs (loop4): Directory bread(block 66) failed
[  757.687517][T25526] FAT-fs (loop4): Directory bread(block 67) failed
[  757.694404][T25526] FAT-fs (loop4): Directory bread(block 68) failed
[  757.701586][T25526] FAT-fs (loop4): Directory bread(block 69) failed
[  757.708867][T25526] FAT-fs (loop4): Directory bread(block 70) failed
[  757.726511][T25526] FAT-fs (loop4): Directory bread(block 71) failed
[  757.744085][T25526] FAT-fs (loop4): Directory bread(block 72) failed
[  757.765288][T25526] FAT-fs (loop4): Directory bread(block 73) failed
[  757.806711][    T8] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  757.878100][   T28] audit: type=1800 audit(1778709584.922:653): pid=25526 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.8915" name="file1" dev="loop4" ino=1048667 res=0 errno=0
[  758.047004][    T8] usb 1-1: Using ep0 maxpacket: 8
[  758.062980][    T8] usb 1-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  758.078699][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239
[  758.104538][    T8] usb 1-1: Product: syz
[  758.116716][    T8] usb 1-1: Manufacturer: syz
[  758.126982][    T8] usb 1-1: SerialNumber: syz
[  758.153402][    T8] usb 1-1: config 0 descriptor??
[  758.179174][    T8] gspca_main: sq905-2.14.0 probing 2770:9120
[  758.597354][    T8] gspca_sq905: sq905_command: usb_control_msg failed 2 (-71)
[  758.604918][    T8] sq905: probe of 1-1:0.0 failed with error -71
[  758.633201][    T8] usb 1-1: USB disconnect, device number 55
[  758.926820][ T5856] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  759.144564][ T5856] usb 4-1: Using ep0 maxpacket: 8
[  759.172364][ T5856] usb 4-1: unable to get BOS descriptor or descriptor too short
[  759.182927][ T5856] usb 4-1: config 4 has an invalid interface number: 147 but max is 0
[  759.192910][ T5856] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  759.203230][ T5856] usb 4-1: config 4 has no interface number 0
[  759.212346][ T5856] usb 4-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  759.223298][ T5856] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  759.231900][ T5856] usb 4-1: Product: syz
[  759.237159][ T5856] usb 4-1: Manufacturer: syz
[  759.241842][ T5856] usb 4-1: SerialNumber: syz
[  759.291518][T25579] loop4: detected capacity change from 0 to 256
[  759.345980][T25581] netlink: 260 bytes leftover after parsing attributes in process `syz.1.8943'.
[  759.519596][ T5856] uvcvideo 4-1:4.147: Found multiple Units with ID 6
[  759.526539][ T5856] usb 4-1: Found UVC 0.02 device syz (04f2:b746)
[  759.549074][ T5856] usb 4-1: No valid video chain found.
[  759.562696][ T5856] usb 4-1: USB disconnect, device number 57
[  759.687006][ T5820] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  759.902868][ T5820] usb 1-1: Using ep0 maxpacket: 32
[  759.920666][ T5820] usb 1-1: config 0 has an invalid interface number: 239 but max is 0
[  759.938257][ T5820] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  759.949531][ T5820] usb 1-1: config 0 has no interface number 0
[  759.955733][ T5820] usb 1-1: config 0 interface 239 altsetting 4 bulk endpoint 0x2 has invalid maxpacket 8
[  759.970790][ T5820] usb 1-1: config 0 interface 239 altsetting 4 endpoint 0x8 has invalid maxpacket 255, setting to 64
[  759.983007][ T5820] usb 1-1: config 0 interface 239 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 4
[  760.006864][ T5820] usb 1-1: config 0 interface 239 has no altsetting 0
[  760.027931][ T5820] usb 1-1: New USB device found, idVendor=105b, idProduct=1799, bcdDevice=36.e9
[  760.046652][ T5820] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  760.054860][ T5820] usb 1-1: Product: syz
[  760.059291][ T5820] usb 1-1: Manufacturer: syz
[  760.063961][ T5820] usb 1-1: SerialNumber: syz
[  760.118065][ T5820] usb 1-1: config 0 descriptor??
[  760.144042][T25583] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  760.259023][T25599] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8951'.
[  760.453711][ T5856] usb 1-1: USB disconnect, device number 56
[  760.652945][T25597] loop1: detected capacity change from 0 to 32768
[  760.682458][T25597] (syz.1.8950,25597,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  760.706287][T25597] (syz.1.8950,25597,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  760.763827][T25597] JBD2: Ignoring recovery information on journal
[  760.877321][T25597] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  761.342034][ T5771] ocfs2: Unmounting device (7,1) on (node local)
[  761.693717][ T3475] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  761.760412][T25631] loop3: detected capacity change from 0 to 512
[  761.938263][T25631] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #16: comm syz.3.8964: corrupted inode contents
[  761.983522][T25631] EXT4-fs error (device loop3): ext4_dirty_inode:6143: inode #16: comm syz.3.8964: mark_inode_dirty error
[  762.018710][T25631] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #16: comm syz.3.8964: corrupted inode contents
[  762.036234][T25642] autofs4:pid:25642:autofs_fill_super: called with bogus options
[  762.058363][T25631] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.8964: mark_inode_dirty error
[  762.084139][T25631] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #16: comm syz.3.8964: corrupted inode contents
[  762.121687][T25631] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  762.141303][T25631] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #16: comm syz.3.8964: corrupted inode contents
[  762.197764][T25631] EXT4-fs error (device loop3): ext4_truncate:4301: inode #16: comm syz.3.8964: mark_inode_dirty error
[  762.238542][T25631] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[  762.249155][T25650] loop1: detected capacity change from 0 to 16
[  762.269285][T25631] EXT4-fs (loop3): 1 truncate cleaned up
[  762.281277][T25631] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  762.295747][T25652] netlink: 'syz.0.8972': attribute type 63 has an invalid length.
[  762.305038][T25650] erofs: (device loop1): mounted with root inode @ nid 36.
[  762.315141][T25652] infiniband syz0: set active
[  762.327262][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  762.338847][T25631] ext4 filesystem being mounted at /2197/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  762.339721][  T133] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  762.367441][   T23] ±ÿ speed is unknown, defaulting to 1000
[  762.403594][T25650] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  762.446912][  T133] EXT4-fs error (device loop3): ext4_release_dquot:6989: comm kworker/u4:5: Failed to release dquot type 1
[  762.475363][T25650] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  762.545049][T25631] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #16: comm syz.3.8964: corrupted inode contents
[  762.568949][T25631] EXT4-fs error (device loop3): ext4_dirty_inode:6143: inode #16: comm syz.3.8964: mark_inode_dirty error
[  762.662552][T25631] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #16: comm syz.3.8964: corrupted inode contents
[  762.692782][T25631] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.8964: mark_inode_dirty error
[  762.697918][T25658] usb usb9: usbfs: process 25658 (syz.1.8975) did not claim interface 8 before use
[  762.734587][T25631] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #16: comm syz.3.8964: corrupted inode contents
[  762.753574][T25631] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.8964: mark_inode_dirty error
[  762.779972][T25631] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #16: comm syz.3.8964: corrupted inode contents
[  762.810878][T25662] loop4: detected capacity change from 0 to 256
[  762.838582][T25631] EXT4-fs error (device loop3): ext4_truncate:4301: inode #16: comm syz.3.8964: mark_inode_dirty error
[  762.868482][T25662] exFAT-fs (loop4): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d)
[  762.888979][T25631] EXT4-fs error (device loop3) in ext4_setattr:5682: Corrupt filesystem
[  762.957263][T25662] exFAT-fs (loop4): error, found bogus dentry(11) beyond unused empty group(10) (start_clu : 5, cur_clu : 5)
[  763.006820][T25662] exFAT-fs (loop4): Filesystem has been set read-only
[  763.091630][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  763.120115][   T12] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  763.516918][T25672] xt_CT: No such helper "netbios-ns"
[  764.804952][T25690] loop4: detected capacity change from 0 to 32768
[  764.872433][T25690] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  764.903620][T25690] XFS (loop4): Ending clean mount
[  764.915178][T25690] XFS (loop4): Quotacheck needed: Please wait.
[  765.062987][T25690] XFS (loop4): Quotacheck: Done.
[  765.315879][T22804] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  765.657763][T25736] loop3: detected capacity change from 0 to 16
[  765.672735][T25736] erofs: (device loop3): mounted with root inode @ nid 36.
[  765.703334][T25736] erofs: (device loop3): z_erofs_readahead: readahead error at folio 2 @ nid 89
[  765.723111][T21818] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  765.735671][T25736] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  765.760576][   T28] audit: type=1800 audit(1778709592.802:654): pid=25736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.9008" name="file3" dev="loop3" ino=89 res=0 errno=0
[  765.912230][T25743] tmpfs: Bad value for 'mpol'
[  765.918602][T25742] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  766.576820][T25767] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  766.908587][T25773] loop1: detected capacity change from 0 to 16
[  766.925748][T25773] erofs: (device loop1): mounted with root inode @ nid 36.
[  766.936810][ T5856] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  766.976347][T25773] erofs: (device loop1): z_erofs_readahead: readahead error at folio 3 @ nid 89
[  766.990721][T25773] syz.1.9026: attempt to access beyond end of device
[  766.990721][T25773] loop1: rw=524288, sector=34359738360, nr_sectors = 8 limit=16
[  767.079475][T25773] erofs: (device loop1): z_erofs_readahead: readahead error at folio 4 @ nid 89
[  767.097989][T25773] syz.1.9026: attempt to access beyond end of device
[  767.097989][T25773] loop1: rw=524288, sector=16, nr_sectors = 8 limit=16
[  767.144554][T25773] syz.1.9026: attempt to access beyond end of device
[  767.144554][T25773] loop1: rw=524288, sector=56, nr_sectors = 48 limit=16
[  767.165728][ T5856] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  767.174910][ T5856] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  767.198158][ T5856] usb 1-1: config 220 has no interface number 2
[  767.204848][ T5856] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  767.219254][T25773] syz.1.9026: attempt to access beyond end of device
[  767.219254][T25773] loop1: rw=0, sector=34359738360, nr_sectors = 8 limit=16
[  767.262481][ T5856] usb 1-1: config 220 interface 0 has no altsetting 0
[  767.270355][   T28] audit: type=1800 audit(1778709594.312:655): pid=25773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.9026" name="file2" dev="loop1" ino=89 res=0 errno=0
[  767.276755][ T5856] usb 1-1: config 220 interface 76 has no altsetting 0
[  767.302813][T25759] loop3: detected capacity change from 0 to 32768
[  767.342519][ T5856] usb 1-1: config 220 interface 1 has no altsetting 0
[  767.365618][ T5856] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  767.382685][ T5856] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  767.396974][ T5856] usb 1-1: Product: syz
[  767.401247][ T5856] usb 1-1: Manufacturer: syz
[  767.411096][T25759] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  767.420302][ T5856] usb 1-1: SerialNumber: syz
[  767.454806][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  767.612725][T25759] XFS (loop3): Ending clean mount
[  767.682452][ T5856] usb 1-1: selecting invalid altsetting 0
[  767.703113][ T5856] usb 1-1: Found UVC 7.01 device syz (8086:0b07)
[  767.714936][ T5856] usb 1-1: No valid video chain found.
[  767.750289][ T5856] usb 1-1: selecting invalid altsetting 0
[  767.756269][ T5856] usbtest: probe of 1-1:220.1 failed with error -22
[  767.805865][ T5856] usb 1-1: USB disconnect, device number 57
[  767.815627][T25792] can0: slcan on ttyS3.
[  767.958480][ T5772] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  767.978914][T25790] can0 (unregistered): slcan off ttyS3.
[  768.092834][ T3475] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  768.449827][   T23] usb 2-1: new full-speed USB device number 66 using dummy_hcd
[  768.659027][   T23] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  768.687854][   T23] usb 2-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[  768.706759][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  768.720444][   T23] usb 2-1: Product: syz
[  768.724857][   T23] usb 2-1: Manufacturer: syz
[  768.743328][   T23] usb 2-1: SerialNumber: syz
[  768.779737][   T23] usb 2-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[  768.951453][   T28] audit: type=1326 audit(1778709595.992:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25823 comm="syz.0.9040" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe50c39ce59 code=0x7fc00000
[  769.056469][   T28] audit: type=1326 audit(1778709596.022:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25823 comm="syz.0.9040" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe50c39ce59 code=0x7fc00000
[  769.126373][   T28] audit: type=1326 audit(1778709596.022:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25823 comm="syz.0.9040" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe50c39ce59 code=0x7fc00000
[  769.186741][   T28] audit: type=1326 audit(1778709596.022:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25823 comm="syz.0.9040" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe50c39ce59 code=0x7fc00000
[  769.227401][   T23] usb 2-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[  769.287837][   T28] audit: type=1326 audit(1778709596.022:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25823 comm="syz.0.9040" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe50c39ce59 code=0x7fc00000
[  769.291981][   T23] usb 2-1: USB disconnect, device number 66
[  769.405269][   T28] audit: type=1326 audit(1778709596.022:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25823 comm="syz.0.9040" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe50c39ce59 code=0x7fc00000
[  769.482098][   T28] audit: type=1326 audit(1778709596.022:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25823 comm="syz.0.9040" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe50c39ce59 code=0x7fc00000
[  769.562353][   T28] audit: type=1326 audit(1778709596.032:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25823 comm="syz.0.9040" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe50c39ce59 code=0x7fc00000
[  769.648350][   T28] audit: type=1326 audit(1778709596.032:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25823 comm="syz.0.9040" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe50c39ce59 code=0x7fc00000
[  769.701120][   T28] audit: type=1326 audit(1778709596.032:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25823 comm="syz.0.9040" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe50c39ce59 code=0x7fc00000
[  770.602910][T25868] netlink: 256 bytes leftover after parsing attributes in process `syz.1.9057'.
[  771.249614][T25892] netlink: 'syz.4.9064': attribute type 1 has an invalid length.
[  771.953965][T25909] libceph: resolve '0..' (ret=-3): failed
[  771.997326][T25913] ieee802154 phy0 wpan0: encryption failed: -22
[  772.573440][T25935] netlink: 'syz.3.9086': attribute type 27 has an invalid length.
[  772.597431][T25930] loop4: detected capacity change from 0 to 4096
[  772.623613][T25930] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  772.745108][T25930] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  772.773056][T25930] ntfs3: loop4: Failed to load $Extend (-22).
[  772.798503][T25930] ntfs3: loop4: Failed to initialize $Extend.
[  773.035424][T25948] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  773.366209][T25962] x_tables: duplicate entry at hook 2
[  773.558442][ T5856] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  773.726347][T25974] loop1: detected capacity change from 0 to 4096
[  773.747460][ T5856] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  773.765305][T25976] overlayfs: conflicting options: nfs_export=on,index=off
[  773.777222][ T5856] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  773.799126][ T5856] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  773.812912][ T5856] usb 5-1: config 0 interface 0 has no altsetting 0
[  773.813637][T25977] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  773.827843][ T5856] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  773.847535][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  773.855214][ T5856] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  773.921463][ T5856] usb 5-1: config 0 interface 0 has no altsetting 0
[  773.934630][ T5856] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  773.946945][T25974] NILFS (loop1): DAT doesn't have a block to manage vblocknr = 648518346341351424
[  773.955336][ T5856] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  773.975414][T25974] NILFS error (device loop1): nilfs_bmap_truncate: broken bmap (inode number=12)
[  773.989801][ T5856] usb 5-1: config 0 interface 0 has no altsetting 0
[  774.010388][ T5856] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  774.016266][T25974] Remounting filesystem read-only
[  774.022732][ T5856] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  774.026233][T25974] NILFS (loop1): error -5 truncating bmap (ino=12)
[  774.077913][ T5856] usb 5-1: config 0 interface 0 has no altsetting 0
[  774.097675][ T5856] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  774.122821][ T5856] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  774.151674][ T5856] usb 5-1: config 0 interface 0 has no altsetting 0
[  774.164915][ T5771] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer
[  774.175105][ T5771] NILFS (loop1): discard dirty page: offset=0, ino=2
[  774.184528][ T5856] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  774.204185][ T5856] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  774.221436][ T5771] NILFS (loop1): discard dirty block: blocknr=14, size=4096
[  774.239866][ T5856] usb 5-1: config 0 interface 0 has no altsetting 0
[  774.250341][ T5771] NILFS (loop1): discard dirty page: offset=0, ino=6
[  774.263304][ T5771] NILFS (loop1): discard dirty block: blocknr=23, size=4096
[  774.271787][ T5771] NILFS (loop1): discard dirty page: offset=4096, ino=6
[  774.280936][ T5856] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  774.290882][ T5856] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  774.303024][ T5771] NILFS (loop1): discard dirty block: blocknr=24, size=4096
[  774.311835][ T5856] usb 5-1: config 0 interface 0 has no altsetting 0
[  774.323872][ T5771] NILFS (loop1): discard dirty page: offset=8192, ino=6
[  774.334979][ T5771] NILFS (loop1): discard dirty block: blocknr=25, size=4096
[  774.344822][ T5856] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  774.355365][ T5856] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  774.380228][ T5856] usb 5-1: config 0 interface 0 has no altsetting 0
[  774.410633][ T5856] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  774.421486][ T5856] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  774.450183][ T5856] usb 5-1: Product: syz
[  774.466656][ T5856] usb 5-1: Manufacturer: syz
[  774.471457][ T5856] usb 5-1: SerialNumber: syz
[  774.508334][ T5856] usb 5-1: config 0 descriptor??
[  774.535256][ T5856] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  774.825731][ T5856] usb 5-1: USB disconnect, device number 8
[  774.837637][ T5856] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  774.993312][T25995] loop1: detected capacity change from 0 to 8
[  775.059736][T25995] SQUASHFS error: Unable to read directory block [26067d:ffff]
[  775.272136][T25999] loop1: detected capacity change from 0 to 256
[  775.345135][T25999] FAT-fs (loop1): Directory bread(block 64) failed
[  775.357051][T25999] FAT-fs (loop1): Directory bread(block 65) failed
[  775.396866][T25999] FAT-fs (loop1): Directory bread(block 66) failed
[  775.404056][T25999] FAT-fs (loop1): Directory bread(block 67) failed
[  775.437093][T25999] FAT-fs (loop1): Directory bread(block 68) failed
[  775.443940][T25999] FAT-fs (loop1): Directory bread(block 69) failed
[  775.502742][T26005] netlink: 56 bytes leftover after parsing attributes in process `syz.4.9120'.
[  775.507140][T25999] FAT-fs (loop1): Directory bread(block 70) failed
[  775.536805][T25999] FAT-fs (loop1): Directory bread(block 71) failed
[  775.543920][T25999] FAT-fs (loop1): Directory bread(block 72) failed
[  775.558308][T25999] FAT-fs (loop1): Directory bread(block 73) failed
[  775.758537][   T28] kauditd_printk_skb: 2308 callbacks suppressed
[  775.758554][   T28] audit: type=1326 audit(1778709602.802:2974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26006 comm="syz.4.9121" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0e419ce59 code=0x7ffc0000
[  775.790676][    C0] vkms_vblank_simulate: vblank timer overrun
[  775.825187][   T28] audit: type=1326 audit(1778709602.802:2975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26006 comm="syz.4.9121" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0e419ce59 code=0x7ffc0000
[  775.852180][   T28] audit: type=1326 audit(1778709602.862:2976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26006 comm="syz.4.9121" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fe0e419ce59 code=0x7ffc0000
[  775.877025][    C0] vkms_vblank_simulate: vblank timer overrun
[  775.885865][   T28] audit: type=1326 audit(1778709602.862:2977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26006 comm="syz.4.9121" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0e419ce59 code=0x7ffc0000
[  775.910814][    C0] vkms_vblank_simulate: vblank timer overrun
[  775.966779][   T28] audit: type=1326 audit(1778709602.862:2978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26006 comm="syz.4.9121" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0e419ce59 code=0x7ffc0000
[  775.991198][    C0] vkms_vblank_simulate: vblank timer overrun
[  776.810081][T26044] loop3: detected capacity change from 0 to 8
[  777.659473][T26076] loop1: detected capacity change from 0 to 512
[  777.761688][ T7497] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  778.366379][T26094] loop3: detected capacity change from 0 to 4096
[  778.442842][T26094] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  778.807644][T26113] comedi comedi2: pcl711: I/O port conflict (0x100,16)
[  778.856988][T26115] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9173'.
[  778.892507][T26115] openvswitch: netlink: Missing key (keys=40, expected=80)
[  779.317688][ T5856] usb 2-1: new full-speed USB device number 67 using dummy_hcd
[  779.527629][ T5856] usb 2-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  779.548457][ T5856] usb 2-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3
[  779.575111][ T5856] usb 2-1: Product: syz
[  779.590497][ T5856] usb 2-1: Manufacturer: syz
[  779.595776][ T5856] usb 2-1: SerialNumber: syz
[  779.607229][  T133] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  779.622280][T26135] loop4: detected capacity change from 0 to 4096
[  779.660976][T26135] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  779.692149][ T5856] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  779.715633][T26135] NILFS (loop4): mounting unchecked fs
[  779.725734][T26135] NILFS (loop4): recovery required for readonly filesystem
[  779.754919][T26135] NILFS (loop4): write access will be enabled during recovery
[  779.830247][T26135] NILFS (loop4): norecovery option specified, skipping roll-forward recovery
[  779.901297][ T9040] udevd[9040]: incorrect nilfs2 checksum on /dev/loop4
[  779.977051][T26135] NILFS (loop4): couldn't remount because the filesystem is in an incomplete recovery state
[  780.002928][T26141] loop3: detected capacity change from 0 to 2048
[  780.036086][T26141] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  780.077055][ T9040] udevd[9040]: incorrect nilfs2 checksum on /dev/loop4
[  780.101221][ T5856] vp7045: USB control message 'in' went wrong.
[  780.133592][ T5856] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  780.155836][T26142] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  780.167094][T26141] syz.3.9187: attempt to access beyond end of device
[  780.167094][T26141] loop3: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  780.174518][ T5856] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  780.270066][ T5856] usb 2-1: USB disconnect, device number 67
[  780.289220][T26141] syz.3.9187: attempt to access beyond end of device
[  780.289220][T26141] loop3: rw=0, sector=33554430, nr_sectors = 2 limit=2048
[  780.348858][T26141] NILFS (loop3): I/O error reading meta-data file (ino=6, block-offset=3)
[  781.113769][   T28] audit: type=1326 audit(1778709608.152:2979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26168 comm="syz.3.9200" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af639ce59 code=0x7ffc0000
[  781.189063][   T28] audit: type=1326 audit(1778709608.152:2980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26168 comm="syz.3.9200" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af639ce59 code=0x7ffc0000
[  781.213326][    C0] vkms_vblank_simulate: vblank timer overrun
[  781.273406][   T28] audit: type=1326 audit(1778709608.172:2981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26168 comm="syz.3.9200" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af639ce59 code=0x7ffc0000
[  781.298013][    C0] vkms_vblank_simulate: vblank timer overrun
[  781.390656][   T28] audit: type=1326 audit(1778709608.172:2982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26168 comm="syz.3.9200" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af639ce59 code=0x7ffc0000
[  781.427010][   T28] audit: type=1326 audit(1778709608.202:2983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26168 comm="syz.3.9200" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f4af639ce59 code=0x7ffc0000
[  781.454265][   T28] audit: type=1326 audit(1778709608.202:2984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26168 comm="syz.3.9200" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af639ce59 code=0x7ffc0000
[  781.494414][T26179] netlink: 'syz.3.9205': attribute type 16 has an invalid length.
[  781.536909][   T28] audit: type=1326 audit(1778709608.202:2985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26168 comm="syz.3.9200" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f4af639ce59 code=0x7ffc0000
[  781.635356][   T28] audit: type=1326 audit(1778709608.202:2986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26168 comm="syz.3.9200" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f4af639ce59 code=0x7ffc0000
[  781.660075][    C0] vkms_vblank_simulate: vblank timer overrun
[  782.177229][   T23] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  782.296110][T26208] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  782.370996][   T23] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  782.406827][   T23] usb 1-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  782.445258][   T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  782.497855][   T23] gspca_main: stv0680-2.14.0 probing 041e:4007
[  782.740881][T26222] bridge1: the hash_elasticity option has been deprecated and is always 16
[  783.224558][T26240] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  783.505101][T26245] loop3: detected capacity change from 0 to 4096
[  783.545566][   T23] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -32
[  783.569268][T26245] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  783.571810][   T23] stv0680 1-1:4.0: STV(e): camera ping failed!!
[  783.585426][T26245] ntfs3: loop3: Failed to load $Extend (-22).
[  783.596961][   T23] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  783.602509][T26245] ntfs3: loop3: Failed to initialize $Extend.
[  783.616781][   T23] stv0680 1-1:4.0: last error: 0,  command = 0x0
[  783.635672][   T23] usb 1-1: USB disconnect, device number 58
[  784.684428][T26270] overlayfs: conflicting options: nfs_export=on,metacopy=on
[  784.910680][T26281] loop1: detected capacity change from 0 to 64
[  785.139233][T26286] 8021q: adding VLAN 0 to HW filter on device bond5
[  785.369121][ T1108] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  785.610506][T26303] x_tables: unsorted underflow at hook 2
[  786.243866][ T5856] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  786.401998][T26335] netlink: 5 bytes leftover after parsing attributes in process `syz.0.9282'.
[  786.463776][ T5856] usb 5-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  786.489121][ T5856] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  786.524982][ T5856] usb 5-1: config 0 descriptor??
[  786.649119][   T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  786.968214][    T8] usb 1-1: new full-speed USB device number 59 using dummy_hcd
[  786.986060][ T5856] hackrf 5-1:0.0: usb_control_msg() failed -71 request 0f
[  787.000731][ T5856] hackrf 5-1:0.0: Could not detect board
[  787.006532][ T5856] hackrf: probe of 5-1:0.0 failed with error -71
[  787.018484][ T5856] usb 5-1: USB disconnect, device number 9
[  787.194917][    T8] usb 1-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  787.220502][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  787.240858][    T8] usb 1-1: Product: syz
[  787.245133][    T8] usb 1-1: Manufacturer: syz
[  787.257356][    T8] usb 1-1: SerialNumber: syz
[  787.264301][    T8] r8152-cfgselector 1-1: config 0 descriptor??
[  787.281168][T26359] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9294'.
[  787.330710][T26357] loop3: detected capacity change from 0 to 4096
[  787.414995][T26361] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  787.454600][T26362] netlink: 44 bytes leftover after parsing attributes in process `syz.1.9295'.
[  787.483845][T26362] netlink: 15 bytes leftover after parsing attributes in process `syz.1.9295'.
[  787.501949][T26362] netlink: 'syz.1.9295': attribute type 6 has an invalid length.
[  787.511461][T26362] netlink: 'syz.1.9295': attribute type 6 has an invalid length.
[  787.747519][    T8] r8152-cfgselector 1-1: Unknown version 0x0000
[  787.783222][T26366] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9297'.
[  787.793402][    T8] r8152-cfgselector 1-1: USB disconnect, device number 59
[  788.265943][T26377] netlink: 'syz.1.9302': attribute type 11 has an invalid length.
[  788.279001][T26377] netlink: 184116 bytes leftover after parsing attributes in process `syz.1.9302'.
[  788.449006][T26380] loop1: detected capacity change from 0 to 64
[  788.752681][T26387] mkiss: ax0: crc mode is auto.
[  788.927635][    T8] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  789.006048][T26397] loop4: detected capacity change from 0 to 764
[  789.053625][T26397] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  789.130551][    T8] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  789.158247][    T8] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  789.208005][    T8] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  789.242758][    T8] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  789.276446][    T8] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  789.301171][    T8] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  789.330864][    T8] usb 1-1: Product: syz
[  789.335176][    T8] usb 1-1: Manufacturer: syz
[  789.378181][    T8] cdc_wdm 1-1:1.0: skipping garbage
[  789.383820][    T8] cdc_wdm 1-1:1.0: skipping garbage
[  789.404632][    T8] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  789.416429][T26403] loop4: detected capacity change from 0 to 2048
[  789.430590][    T8] cdc_wdm 1-1:1.0: Unknown control protocol
[  789.442621][T26403] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  789.464189][T26403] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  789.626876][ T5856] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  789.798229][    C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  789.818508][    T8] usb 1-1: USB disconnect, device number 60
[  789.844897][ T5856] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  789.867250][ T5856] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  789.884833][ T5856] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  789.906864][ T5856] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  789.925361][ T5856] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  789.951322][T26416] loop3: detected capacity change from 0 to 64
[  789.959181][ T5856] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  789.969206][ T5856] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  789.984563][ T5856] usb 2-1: Product: syz
[  789.996656][ T5856] usb 2-1: Manufacturer: syz
[  790.010462][ T5856] cdc_wdm 2-1:1.0: skipping garbage
[  790.015805][ T5856] cdc_wdm 2-1:1.0: skipping garbage
[  790.059677][ T5856] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  790.065907][ T5856] cdc_wdm 2-1:1.0: Unknown control protocol
[  790.228372][ T5856] usb 2-1: USB disconnect, device number 68
[  790.230422][T26410] loop4: detected capacity change from 0 to 32768
[  790.289797][T26410] JBD2: Ignoring recovery information on journal
[  790.341193][T26410] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  790.440924][T26410] OCFS2: ERROR (device loop4): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries
[  790.453389][T26410] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  790.487583][T26410] OCFS2: File system is now read-only.
[  790.506650][T26410] (syz.4.9318,26410,0):ocfs2_setattr:1298 ERROR: status = -117
[  790.618978][T22804] ocfs2: Unmounting device (7,4) on (node local)
[  790.657946][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  791.128667][   T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  791.264415][T26446] netlink: 48 bytes leftover after parsing attributes in process `syz.0.9334'.
[  791.740993][T26464] loop3: detected capacity change from 0 to 256
[  791.806953][T26464] FAT-fs (loop3): Directory bread(block 64) failed
[  791.836655][T26464] FAT-fs (loop3): Directory bread(block 65) failed
[  791.862747][T26464] FAT-fs (loop3): Directory bread(block 66) failed
[  791.873473][T26464] FAT-fs (loop3): Directory bread(block 67) failed
[  791.891090][T26464] FAT-fs (loop3): Directory bread(block 68) failed
[  791.905236][T26464] FAT-fs (loop3): Directory bread(block 69) failed
[  791.919215][T26464] FAT-fs (loop3): Directory bread(block 70) failed
[  791.925861][T26464] FAT-fs (loop3): Directory bread(block 71) failed
[  791.947541][T26464] FAT-fs (loop3): Directory bread(block 72) failed
[  791.955968][T26464] FAT-fs (loop3): Directory bread(block 73) failed
[  792.155726][T26468] loop1: detected capacity change from 0 to 24
[  792.173937][T26468] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  792.240920][T26468] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  792.407229][  T133] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  793.284137][T26483] loop3: detected capacity change from 0 to 32768
[  793.321616][T26483] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  793.406704][ T5820] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  793.418615][T26483] XFS (loop3): Ending clean mount
[  793.443506][T26502] mkiss: ax0: crc mode is auto.
[  793.457205][ T5856] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  793.570323][ T5772] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  793.603594][ T5820] usb 1-1: Using ep0 maxpacket: 16
[  793.612296][ T5820] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  793.635869][ T5820] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  793.678669][ T5820] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  793.703275][ T5820] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  793.714467][ T5820] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.723550][ T5856] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  793.734081][ T5856] usb 2-1: config 16 interface 0 altsetting 75 endpoint 0x7 has an invalid bInterval 0, changing to 7
[  793.773471][ T5820] usb 1-1: config 0 descriptor??
[  793.779157][ T5856] usb 2-1: config 16 interface 0 altsetting 75 endpoint 0x7 has invalid wMaxPacketSize 0
[  793.806867][ T5856] usb 2-1: config 16 interface 0 altsetting 75 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  793.836782][ T5856] usb 2-1: config 16 interface 0 has no altsetting 0
[  793.854017][ T5856] usb 2-1: New USB device found, idVendor=15c2, idProduct=0036, bcdDevice=bb.7a
[  793.900494][ T5856] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.939821][T26506] loop4: detected capacity change from 0 to 64
[  794.180312][ T5856] usb 2-1: string descriptor 0 read error: -71
[  794.199426][ T5856] imon:imon_find_endpoints: no valid input (IR) endpoint found
[  794.223302][ T5856] imon 2-1:16.0: unable to initialize intf0, err -19
[  794.239703][ T5856] imon:imon_probe: failed to initialize context!
[  794.246478][ T5856] imon 2-1:16.0: unable to register, err -19
[  794.292253][ T5856] usb 2-1: USB disconnect, device number 69
[  794.310057][ T5820] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0002/input/input41
[  794.437823][ T5820] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  794.473602][ T5820] usb 1-1: USB disconnect, device number 61
[  794.685380][T26513] fido_id[26513]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  794.761593][T26517] loop4: detected capacity change from 0 to 64
[  794.912557][T26519] loop1: detected capacity change from 0 to 256
[  794.986699][   T28] audit: type=1800 audit(1778709622.022:2987): pid=26519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.9365" name="file1" dev="loop1" ino=1048670 res=0 errno=0
[  795.029436][T26519] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  795.067874][T26519] FAT-fs (loop1): Filesystem has been set read-only
[  795.303813][T26524] Bluetooth: MGMT ver 1.22
[  795.433034][T26512] loop3: detected capacity change from 0 to 32768
[  795.535659][T26512] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  795.579267][T26512] XFS (loop3): Ending clean mount
[  795.607482][ T5820] XFS (loop3): Corruption warning: Metadata has LSN (2:16) ahead of current LSN (1:112). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  795.646628][ T5820] XFS (loop3): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xd0, xfs_finobt block 0x20 
[  795.686325][ T5820] XFS (loop3): Unmount and run xfs_repair
[  795.703026][ T5820] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  795.726711][ T5820] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  795.760732][ T5820] 00000010: 00 00 00 00 00 00 00 20 00 00 00 02 00 00 00 10  ....... ........
[  795.801029][ T5820] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  795.816704][ T5820] 00000030: 00 00 00 00 ca b4 20 ce 00 00 11 40 00 00 40 37  ...... ....@..@7
[  795.825670][ T5820] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  795.857713][ T5820] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  795.866961][ T5820] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  795.876139][ T5820] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  795.887662][T26512] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x20 len 8 error 74
[  795.902695][T26512] XFS (loop3): Failed to initialize disk quotas.
[  795.992522][ T5772] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  796.046728][   T23] usb 1-1: new full-speed USB device number 62 using dummy_hcd
[  796.249640][   T23] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  796.266703][   T23] usb 1-1: config 0 has no interface number 0
[  796.317449][   T23] usb 1-1: New USB device found, idVendor=0b48, idProduct=1003, bcdDevice=7b.54
[  796.327927][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  796.336092][   T23] usb 1-1: Product: syz
[  796.374975][   T23] usb 1-1: Manufacturer: syz
[  796.380043][   T23] usb 1-1: SerialNumber: syz
[  796.398012][   T23] usb 1-1: config 0 descriptor??
[  796.410637][   T23] usb 1-1: selecting invalid altsetting 1
[  796.448497][   T23] dvb_ttusb_budget: ttusb_init_controller: error
[  796.471966][T26547] loop3: detected capacity change from 0 to 512
[  796.488013][T17471] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  796.496331][   T23] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  796.509812][T26547] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  796.534444][T26535] loop1: detected capacity change from 0 to 32768
[  796.557849][T26547] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  796.581105][T26547] EXT4-fs (loop3): 1 truncate cleaned up
[  796.601357][T26547] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  796.629188][   T28] audit: type=1800 audit(1778709623.672:2988): pid=26547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.9373" name="file2" dev="loop3" ino=16 res=0 errno=0
[  796.673686][T26535] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  796.704907][T17471] usb 5-1: config index 0 descriptor too short (expected 897, got 27)
[  796.722509][T17471] usb 5-1: config 2 has an invalid interface number: 1 but max is -1
[  796.743832][T17471] usb 5-1: config 2 has an invalid interface number: 1 but max is -1
[  796.794861][T17471] usb 5-1: config 2 has 1 interface, different from the descriptor's value: 0
[  796.813105][   T23] DVB: Unable to find symbol stv0299_attach()
[  796.821339][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  796.839022][T17471] usb 5-1: config 2 has no interface number 0
[  796.854758][T26535] XFS (loop1): Ending clean mount
[  796.888684][  T133] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  796.897035][T17471] usb 5-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=20.da
[  796.936649][T17471] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  796.944751][T17471] usb 5-1: Product: syz
[  796.956655][T17471] usb 5-1: Manufacturer: syz
[  796.961354][T17471] usb 5-1: SerialNumber: syz
[  797.096071][   T23] DVB: Unable to find symbol tda8083_attach()
[  797.115441][   T23] dvb_ttusb_budget: no frontend driver found for device [0b48:1003]
[  797.128034][ T5771] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  797.172021][   T23] usb 1-1: USB disconnect, device number 62
[  797.201322][T17471] cdc_ncm 5-1:2.1: CDC Union missing and no IAD found
[  797.216938][T17471] cdc_ncm 5-1:2.1: bind() failure
[  797.224465][T17471] usb 5-1: no audio or video endpoints found
[  797.253727][T17471] usb 5-1: USB disconnect, device number 10
[  797.679976][T26570] tipc: Started in network mode
[  797.685978][T26570] tipc: Node identity , cluster identity 4711
[  798.169015][T16991] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  798.945436][T26619] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9402'.
[  799.977618][   T28] audit: type=1326 audit(1778709627.012:2989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26657 comm="syz.0.9422" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe50c39ce59 code=0x0
[  800.075284][T26663] loop4: detected capacity change from 0 to 64
[  800.304712][T22804] hfs: node 4:3 still has 1 user(s)!
[  800.511984][T26671] loop1: detected capacity change from 0 to 1024
[  800.550468][T26671] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  800.565342][T26671] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  800.589280][T26671] EXT4-fs error (device loop1): ext4_get_journal_inode:5820: inode #32: comm syz.1.9428: iget: special inode unallocated
[  800.616467][T26671] EXT4-fs (loop1): no journal found
[  800.631457][T26671] EXT4-fs (loop1): can't get journal size
[  800.648911][T26671] EXT4-fs (loop1): filesystem is read-only
[  800.658240][T26671] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  800.831374][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  801.582147][T26705] loop3: detected capacity change from 0 to 4096
[  801.646894][T26709] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  801.662141][T26710] loop1: detected capacity change from 0 to 16
[  801.718536][T26710] erofs: (device loop1): mounted with root inode @ nid 36.
[  801.826972][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  801.869021][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  801.898560][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  801.924385][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  801.948960][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  801.956462][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  801.964644][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  801.972672][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  801.981717][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  801.996024][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  802.004942][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  802.047041][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  802.054549][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  802.111368][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  802.125074][T26718] loop3: detected capacity change from 0 to 256
[  802.126397][ T5856] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  802.155212][ T5856] hid-generic 00A0:0006:0003.0003: hidraw0: <UNKNOWN> HID v0.05 Device [syz0] on syz0
[  802.362016][T26719] fido_id[26719]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  802.951006][T26747] loop4: detected capacity change from 0 to 128
[  803.013570][T26747] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  803.048650][T26747] ext4 filesystem being mounted at /398/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  803.133538][T22804] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  803.476875][T26758] loop1: detected capacity change from 0 to 4096
[  803.536748][T26763] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  803.627554][T26758] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[  803.693520][T26758] Remounting filesystem read-only
[  803.888906][ T5771] NILFS (loop1): discard dirty page: offset=0, ino=6
[  803.895684][ T5771] NILFS (loop1): discard dirty block: blocknr=23, size=4096
[  803.926283][ T5771] NILFS (loop1): discard dirty page: offset=4096, ino=6
[  803.939671][ T3475] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  803.987373][ T5771] NILFS (loop1): discard dirty block: blocknr=24, size=4096
[  804.010867][ T5771] NILFS (loop1): discard dirty page: offset=8192, ino=6
[  804.025664][ T5771] NILFS (loop1): discard dirty block: blocknr=25, size=4096
[  804.033970][ T5771] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer
[  804.056504][ T5771] NILFS (loop1): discard dirty page: offset=0, ino=3
[  804.063895][ T5771] NILFS (loop1): discard dirty block: blocknr=28, size=4096
[  804.081646][ T5771] NILFS (loop1): discard dirty page: offset=4096, ino=3
[  804.092942][ T5771] NILFS (loop1): discard dirty block: blocknr=29, size=4096
[  804.101155][ T5771] NILFS (loop1): discard dirty page: offset=270336, ino=3
[  804.108556][ T5771] NILFS (loop1): discard dirty block: blocknr=0, size=4096
[  804.169755][T26778] loop3: detected capacity change from 0 to 1024
[  804.246838][ T5820] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  804.296534][T26781] loop1: detected capacity change from 0 to 512
[  804.376107][T26781] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  804.389158][T26781] ext4 filesystem being mounted at /2397/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  804.456751][ T5820] usb 5-1: Using ep0 maxpacket: 32
[  804.465730][ T5820] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=8c.92
[  804.475410][ T5820] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  804.490577][ T5820] gspca_main: nw80x-2.14.0 probing 055f:d001
[  804.526288][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  804.858577][T26792] sp0: Synchronizing with TNC
[  805.073594][T26800] loop3: detected capacity change from 0 to 4096
[  805.106365][ T5820] usb 5-1: USB disconnect, device number 11
[  805.159236][T26800] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  805.427656][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  805.833547][T26826] loop3: detected capacity change from 0 to 64
[  806.029144][ T5772] hfs: node 4:3 still has 1 user(s)!
[  806.148179][T26834] tipc: Started in network mode
[  806.153268][T26834] tipc: Node identity 00000000000000002d2e00000000407f, cluster identity 4711
[  806.696530][T26853] loop3: detected capacity change from 0 to 256
[  806.993567][T26859] loop4: detected capacity change from 0 to 1024
[  808.071447][T26878] loop1: detected capacity change from 0 to 736
[  808.289965][T26878] rock: directory entry would overflow storage
[  808.314377][T26878] rock: sig=0x3b10, size=4, remaining=3
[  808.439558][T26891] loop4: detected capacity change from 0 to 2048
[  808.519140][T26892] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  808.591539][T26896] loop1: detected capacity change from 0 to 64
[  809.061000][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  809.072973][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  809.082348][ T1280] aoe: packet could not be sent on ipvlan0.  consider increasing tx_queue_len
[  809.587475][T26545] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  809.688717][ T3475] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  809.776743][T26545] usb 5-1: Using ep0 maxpacket: 16
[  809.798183][T26545] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 130, changing to 11
[  809.816797][T26545] usb 5-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 10
[  809.832332][T26545] usb 5-1: config 0 interface 0 has no altsetting 0
[  809.840450][T26545] usb 5-1: New USB device found, idVendor=044f, idProduct=b320, bcdDevice= 0.00
[  809.850601][T26545] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  809.864854][T26545] usb 5-1: config 0 descriptor??
[  810.078826][T26937] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9549'.
[  810.320644][T26545] hid (null): invalid report_size 26545
[  810.380272][T26545] thrustmaster 0003:044F:B320.0004: unknown main item tag 0x6
[  810.388058][T26545] thrustmaster 0003:044F:B320.0004: invalid report_size 26545
[  810.404497][T26545] thrustmaster 0003:044F:B320.0004: item 0 2 1 7 parsing failed
[  810.427478][T26545] thrustmaster 0003:044F:B320.0004: parse failed
[  810.444496][T26545] thrustmaster: probe of 0003:044F:B320.0004 failed with error -22
[  810.616124][T26545] usb 5-1: USB disconnect, device number 12
[  810.887166][T21818] Bluetooth: hci0: command 0x0c1a tx timeout
[  811.244689][T26976] loop3: detected capacity change from 0 to 512
[  811.579511][T26989] loop1: detected capacity change from 0 to 256
[  811.596245][T26990] tmpfs: Cannot retroactively limit inodes
[  811.625862][T26989] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66dc59, utbl_chksum : 0xe619d30d)
[  811.756786][ T5820] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  811.946935][ T5820] usb 5-1: Using ep0 maxpacket: 16
[  811.958600][ T5820] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  811.971741][ T5820] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  811.983847][ T5820] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  812.001124][ T5820] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  812.012732][ T5820] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  812.037737][ T5820] usb 5-1: config 0 descriptor??
[  812.518430][ T5820] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0005/input/input42
[  812.595259][ T5820] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  812.842075][T26545] usb 5-1: USB disconnect, device number 13
[  813.128036][T27029] netlink: 48 bytes leftover after parsing attributes in process `syz.3.9593'.
[  813.936753][ T5820] usb 1-1: new full-speed USB device number 63 using dummy_hcd
[  814.038375][T27063] loop4: detected capacity change from 0 to 1024
[  814.083030][T27063] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  814.148683][ T5820] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  814.186903][ T5820] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  814.209911][ T5820] usb 1-1: config 0 interface 0 has no altsetting 0
[  814.222430][ T5820] usb 1-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  814.236650][ T5820] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  814.259038][T27063] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  814.276269][ T5820] usb 1-1: config 0 descriptor??
[  814.287442][ T5856] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  814.329868][T22804] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  814.497309][ T5856] usb 4-1: Using ep0 maxpacket: 16
[  814.530111][ T5856] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  814.545776][ T5856] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  814.555739][ T5856] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  814.576746][ T5856] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  814.592132][ T5856] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  814.615870][ T5856] usb 4-1: config 0 descriptor??
[  814.652030][T27078] netlink: 'syz.4.9614': attribute type 1 has an invalid length.
[  814.703600][ T5820] hid-steam 0003:28DE:1102.0006: unknown main item tag 0x0
[  814.728216][ T5820] hid-steam 0003:28DE:1102.0006: unknown main item tag 0x0
[  814.750164][ T5820] hid-steam 0003:28DE:1102.0006: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.0-1/input0
[  814.845104][ T5820] hid-steam 0003:28DE:1102.0006: Steam Controller 'XXXXXXXXXX' connected
[  814.869939][ T5820] input: Steam Controller as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28DE:1102.0006/input/input43
[  814.991259][ T5820] hid-steam 0003:28DE:1102.0007: unknown main item tag 0x0
[  815.025738][ T5820] hid-steam 0003:28DE:1102.0007: unknown main item tag 0x0
[  815.089849][ T5820] hid-steam 0003:28DE:1102.0007: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.0-1/input0
[  815.130293][ T5856] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0008/input/input44
[  815.149681][ T5820] usb 1-1: USB disconnect, device number 63
[  815.229978][ T5856] microsoft 0003:045E:07DA.0008: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  815.296121][ T5820] hid-steam 0003:28DE:1102.0006: Steam Controller 'XXXXXXXXXX' disconnected
[  815.323523][T27087] loop4: detected capacity change from 0 to 4096
[  815.328812][ T5856] usb 4-1: USB disconnect, device number 58
[  815.443327][T27085] fido_id[27085]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  815.452956][   T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  815.564822][T27087] ntfs3: loop4: failed to convert "0080" to cp855
[  815.604813][T27087] ntfs3: loop4: failed to convert name for inode 1e.
[  815.802514][T27090] fido_id[27090]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  816.082717][T27098] loop4: detected capacity change from 0 to 4096
[  816.121709][T27098] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing.
[  816.147861][T27098] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  816.194206][T27098] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  816.238971][T27098] ntfs: volume version 3.1.
[  816.383508][T22804] ntfs: (device loop4): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  816.896914][ T5856] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  817.112762][ T5856] usb 4-1: config 0 has too many interfaces: 253, using maximum allowed: 32
[  817.130773][ T5856] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 253
[  817.148110][ T5856] usb 4-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac
[  817.167967][ T5856] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  817.184831][ T5856] usb 4-1: Product: syz
[  817.190367][ T5856] usb 4-1: Manufacturer: syz
[  817.195216][ T5856] usb 4-1: SerialNumber: syz
[  817.223731][ T5856] usb 4-1: config 0 descriptor??
[  817.240107][ T5856] gspca_main: sunplus-2.14.0 probing 055f:c630
[  817.496996][ T5820] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  817.686864][ T5820] usb 2-1: Using ep0 maxpacket: 16
[  817.694670][ T5820] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  817.710762][ T5820] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  817.720799][ T5820] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  817.781598][ T5820] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  817.791457][ T5820] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  817.818327][T27145] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9646'.
[  817.828317][ T5820] usb 2-1: config 0 descriptor??
[  817.866764][T17471] usb 4-1: USB disconnect, device number 59
[  817.977970][T27148] loop4: detected capacity change from 0 to 128
[  818.169298][T27153] netlink: 'syz.4.9649': attribute type 2 has an invalid length.
[  818.179715][T27153] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9649'.
[  818.309780][ T5820] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0009/input/input45
[  818.336345][T27157] loop4: detected capacity change from 0 to 8
[  818.344378][ T5820] microsoft 0003:045E:07DA.0009: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  818.548076][T27157] SQUASHFS error: xz decompression failed, data probably corrupt
[  818.556021][T27157] SQUASHFS error: Failed to read block 0x60: -5
[  818.637010][T27157] SQUASHFS error: xz decompression failed, data probably corrupt
[  818.645750][T17471] usb 2-1: USB disconnect, device number 70
[  818.663812][T27157] SQUASHFS error: Failed to read block 0x60: -5
[  818.684939][   T28] audit: type=1800 audit(1778709645.712:2990): pid=27157 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.9652" name="file1" dev="loop4" ino=1 res=0 errno=0
[  819.088196][T26545] usb 4-1: new low-speed USB device number 60 using dummy_hcd
[  819.279688][T26545] usb 4-1: config 0 interface 0 altsetting 41 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  819.301644][T26545] usb 4-1: config 0 interface 0 altsetting 41 endpoint 0x81 has invalid wMaxPacketSize 0
[  819.322730][T26545] usb 4-1: config 0 interface 0 altsetting 41 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  819.350535][T26545] usb 4-1: config 0 interface 0 has no altsetting 0
[  819.364442][T26545] usb 4-1: New USB device found, idVendor=056a, idProduct=00b4, bcdDevice= 0.00
[  819.389719][T26545] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  819.424236][T26545] usb 4-1: config 0 descriptor??
[  819.680685][T27187] netlink: 128 bytes leftover after parsing attributes in process `syz.1.9663'.
[  819.882073][T26545] wacom 0003:056A:00B4.000A: Unknown device_type for 'HID 056a:00b4'. Assuming pen.
[  819.932375][T26545] wacom 0003:056A:00B4.000A: hidraw0: USB HID v0.09 Device [HID 056a:00b4] on usb-dummy_hcd.3-1/input0
[  819.980574][T26545] input: Wacom Intuos3 12x19 Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:00B4.000A/input/input46
[  820.029222][T27191] netlink: 822 bytes leftover after parsing attributes in process `syz.1.9665'.
[  820.171276][T26545] usb 4-1: USB disconnect, device number 60
[  820.329565][T27200] loop1: detected capacity change from 0 to 512
[  820.370213][T27200] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  820.426930][T27200] ext4 filesystem being mounted at /2447/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  820.509702][   T28] audit: type=1800 audit(1778709647.552:2991): pid=27200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.9668" name="file1" dev="loop1" ino=15 res=0 errno=0
[  820.569241][ T1108] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  820.596146][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  820.732202][T27214] loop1: detected capacity change from 0 to 512
[  820.761148][T27214] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  820.797253][T27214] EXT4-fs error (device loop1): ext4_orphan_get:1430: comm syz.1.9673: bad orphan inode 131083
[  820.838016][T27214] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  820.957811][ T5820] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[  820.970493][T27220] loop4: detected capacity change from 0 to 4096
[  820.984128][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  821.069166][T27221] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  821.158972][ T5820] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  821.176864][ T5820] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  821.185837][ T5820] usb 4-1: config 1 has no interface number 0
[  821.241400][ T5820] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  821.280317][ T5820] usb 4-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  821.293043][ T5820] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  821.303395][ T5820] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  821.312153][ T5820] usb 4-1: Product: syz
[  821.316458][ T5820] usb 4-1: Manufacturer: syz
[  821.321864][ T5820] usb 4-1: SerialNumber: syz
[  821.851710][T27223] loop1: detected capacity change from 0 to 32768
[  821.988513][ T5820] cdc_ncm 4-1:1.1: failed GET_NTB_PARAMETERS
[  822.009078][ T5820] cdc_ncm 4-1:1.1: bind() failure
[  822.047388][ T5820] usb 4-1: USB disconnect, device number 61
[  822.206841][   T51] Bluetooth: hci3: unexpected event for opcode 0x0809
[  822.303292][T27245] loop1: detected capacity change from 0 to 128
[  822.318641][T27245] EXT4-fs (loop1): Test dummy encryption mode enabled
[  822.365742][T27245] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a806c018, mo2=0042]
[  822.391556][T27245] System zones: 1-3, 19-19, 35-36
[  822.415004][T27245] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  822.484655][T27245] ext4 filesystem being mounted at /2451/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  822.495683][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  822.601418][T27245] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  822.636514][T27245] EXT4-fs: Remounting fs w/o journal so ignoring data_err option
[  822.666748][T27245] EXT4-fs: user quota file already specified
[  822.841116][ T5771] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  823.095511][T27258] loop1: detected capacity change from 0 to 4096
[  823.153305][T27261] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  823.215139][T27258] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=4096, inode=0, rec_len=0, name_len=0
[  823.248470][T27249] loop4: detected capacity change from 0 to 32768
[  823.317285][T27258] Remounting filesystem read-only
[  823.322509][T27258] NILFS error (device loop1): nilfs_readdir: bad page in #2
[  823.946380][T27260] loop3: detected capacity change from 0 to 32768
[  824.017934][T27260] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  824.138532][T27260] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  824.269295][T27260] (syz.3.9694,27260,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=970662608961, rec_len=0, name_len=0
[  824.297312][T27260] (syz.3.9694,27260,0):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2
[  824.306423][T27260] (syz.3.9694,27260,0):ocfs2_mknod:298 ERROR: status = -2
[  824.323389][T27260] (syz.3.9694,27260,1):ocfs2_mknod:502 ERROR: status = -2
[  824.356978][T17471] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  824.446191][T27286] loop1: detected capacity change from 0 to 4096
[  824.542923][T27289] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  824.556250][ T5772] ocfs2: Unmounting device (7,3) on (node local)
[  824.577136][T17471] usb 5-1: Using ep0 maxpacket: 16
[  824.606851][T17471] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  824.667396][T17471] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  824.737133][T17471] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  824.796938][T17471] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  824.806063][T17471] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  824.816211][   T51] Bluetooth: hci2: unexpected event for opcode 0x0809
[  824.831421][T27294] loop3: detected capacity change from 0 to 512
[  824.888883][T27294] EXT4-fs: Ignoring removed bh option
[  824.921177][T17471] usb 5-1: config 0 descriptor??
[  824.941050][T27298] loop1: detected capacity change from 0 to 256
[  824.993601][T27294] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  825.035680][T27294] EXT4-fs (loop3): 1 truncate cleaned up
[  825.140924][T27294] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  825.216917][T27298] FAT-fs (loop1): Directory bread(block 64) failed
[  825.256914][T27298] FAT-fs (loop1): Directory bread(block 65) failed
[  825.263751][T27298] FAT-fs (loop1): Directory bread(block 66) failed
[  825.320419][T27298] FAT-fs (loop1): Directory bread(block 67) failed
[  825.340683][T27298] FAT-fs (loop1): Directory bread(block 68) failed
[  825.382098][T17471] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  825.387022][T27298] FAT-fs (loop1): Directory bread(block 69) failed
[  825.417089][T17471] microsoft 0003:045E:07DA.000B: ignoring exceeding usage max
[  825.420514][T27298] FAT-fs (loop1): Directory bread(block 70) failed
[  825.462617][T27298] FAT-fs (loop1): Directory bread(block 71) failed
[  825.496132][T17471] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.000B/input/input49
[  825.530492][T27298] FAT-fs (loop1): Directory bread(block 72) failed
[  825.550570][T27298] FAT-fs (loop1): Directory bread(block 73) failed
[  825.560982][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  825.593277][T17471] microsoft 0003:045E:07DA.000B: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  825.697321][T17471] usb 5-1: USB disconnect, device number 14
[  825.889198][T27307] fido_id[27307]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  826.073783][T27313] loop1: detected capacity change from 0 to 1764
[  826.116102][T27311] loop3: detected capacity change from 0 to 8192
[  826.165053][T27311] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  826.212965][T27311] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  826.240957][T27311] REISERFS (device loop3): using ordered data mode
[  826.279139][T27311] reiserfs: using flush barriers
[  826.313758][T27311] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  826.335138][ T1108] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  826.354704][T27311] REISERFS (device loop3): checking transaction log (loop3)
[  826.418134][ T5856] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[  826.531987][T27311] REISERFS (device loop3): Using tea hash to sort names
[  826.548717][T27311] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  826.636753][T17471] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  826.638445][ T5856] usb 2-1: config 0 has an invalid interface number: 106 but max is 0
[  826.665292][ T5856] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  826.687807][ T5856] usb 2-1: config 0 has no interface number 0
[  826.694234][ T5856] usb 2-1: config 0 interface 106 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[  826.737962][ T5856] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[  826.758193][ T5856] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  826.771985][ T5856] usb 2-1: config 0 descriptor??
[  826.801707][ T5856] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  826.847603][T17471] usb 5-1: Using ep0 maxpacket: 32
[  826.860201][T17471] usb 5-1: New USB device found, idVendor=0fe9, idProduct=d501, bcdDevice=23.50
[  826.886876][T17471] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  826.895234][T17471] usb 5-1: Product: syz
[  826.913962][T17471] usb 5-1: Manufacturer: syz
[  826.927304][T17471] usb 5-1: SerialNumber: syz
[  826.958506][T17471] usb 5-1: config 0 descriptor??
[  826.993932][T17471] dvb-usb: found a 'DViCO FusionHDTV5 USB Gold' in warm state.
[  827.027429][T17471] dvb-usb: bulk message failed: -22 (2/0)
[  827.049611][  T133] usb 2-1: Failed to submit usb control message: -71
[  827.057782][ T5856] usb 2-1: USB disconnect, device number 71
[  827.065349][  T133] usb 2-1: unable to send the bmi data to the device: -71
[  827.074528][  T133] usb 2-1: unable to get target info from device
[  827.081376][  T133] usb 2-1: could not get target info (-71)
[  827.090922][T17471] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  827.106725][  T133] usb 2-1: could not probe fw (-71)
[  827.121834][T17471] dvbdev: DVB: registering new adapter (DViCO FusionHDTV5 USB Gold)
[  827.136954][T17471] usb 5-1: media controller created
[  827.202968][T27319] dvb-usb: bulk message failed: -22 (4/0)
[  827.236855][T27319] cxusb: i2c read failed
[  827.245587][T17471] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  827.333326][T27328] loop3: detected capacity change from 0 to 256
[  827.364881][T17471] usb 5-1: selecting invalid altsetting 7
[  827.368340][T27328] exfat: Deprecated parameter 'utf8'
[  827.372724][T17471] cxusb: set interface failed
[  827.382334][T17471] dvb-usb: bulk message failed: -22 (1/0)
[  827.446361][T27328] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d)
[  827.465096][T17471] DVB: Unable to find symbol lgdt330x_attach()
[  827.474909][T17471] dvb-usb: no frontend was attached by 'DViCO FusionHDTV5 USB Gold'
[  827.606969][T17471] rc_core: IR keymap rc-dvico-portable not found
[  827.613702][T17471] Registered IR keymap rc-empty
[  827.620136][T17471] rc rc0: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.4/usb5/5-1/rc/rc0
[  827.638608][T17471] input: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.4/usb5/5-1/rc/rc0/input50
[  827.664820][T17471] dvb-usb: schedule remote query interval to 100 msecs.
[  827.673494][T17471] dvb-usb: DViCO FusionHDTV5 USB Gold successfully initialized and connected.
[  827.689238][T17471] usb 5-1: USB disconnect, device number 15
[  827.860815][T27339] veth0_to_bond: entered allmulticast mode
[  827.978615][T17471] dvb-usb: DViCO FusionHDTV5 USB Gold successfully deinitialized and disconnected.
[  828.242241][T27353] loop4: detected capacity change from 0 to 256
[  828.814307][T27372] loop4: detected capacity change from 0 to 64
[  828.885916][   T51] Bluetooth: hci0: unexpected event for opcode 0x0809
[  828.908341][T27375] loop1: detected capacity change from 0 to 512
[  828.926845][T27375] EXT4-fs: Ignoring removed bh option
[  828.944902][T27375] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  829.010529][T27375] EXT4-fs (loop1): 1 truncate cleaned up
[  829.022679][T27375] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  829.199815][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  829.603244][T27396] tipc: Enabling of bearer <eth:vlan1> rejected, failed to enable media
[  829.791246][T27402] loop1: detected capacity change from 0 to 256
[  829.818772][T27402] exfat: Deprecated parameter 'utf8'
[  829.824275][T27402] exfat: Deprecated parameter 'namecase'
[  829.849891][T27402] exfat: Deprecated parameter 'namecase'
[  829.883217][T27402] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[  830.007248][T17471] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  830.203028][T17471] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  830.222884][T17471] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  830.243171][T17471] usb 5-1: Product: syz
[  830.253324][T17471] usb 5-1: Manufacturer: syz
[  830.266618][T17471] usb 5-1: SerialNumber: syz
[  830.297720][T17471] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  830.329320][T26545] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  830.361461][T27388] loop3: detected capacity change from 0 to 40427
[  830.410538][T27388] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff
[  830.429308][T27388] F2FS-fs (loop3): heap/no_heap options were deprecated
[  830.445486][T27388] F2FS-fs (loop3): invalid crc value
[  830.459538][T27388] F2FS-fs (loop3): Found nat_bits in checkpoint
[  830.619719][T27388] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  830.781069][   T28] audit: type=1800 audit(1778709657.822:2992): pid=27388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.9745" name="file1" dev="loop3" ino=10 res=0 errno=0
[  830.813728][T27418] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[  830.903058][ T5772] syz-executor: attempt to access beyond end of device
[  830.903058][ T5772] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  830.922895][ T5772] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  831.158734][T17471] usb 5-1: USB disconnect, device number 16
[  831.687823][T26545] usb 5-1: Service connection timeout for: 256
[  831.705072][T26545] ath9k_htc 5-1:1.0: ath9k_htc: Unable to initialize HTC services
[  831.724390][T26545] ath9k_htc: Failed to initialize the device
[  831.747071][T17471] usb 5-1: ath9k_htc: USB layer deinitialized
[  832.107773][T16991] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  832.234065][T27344] usb 4-1: new full-speed USB device number 62 using dummy_hcd
[  832.445246][T27344] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  832.490578][T27344] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  832.533640][T27344] usb 4-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  832.542784][T27344] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  832.579708][T27344] usb 4-1: Manufacturer: syz
[  832.598729][T27344] usb 4-1: config 0 descriptor??
[  832.759293][T27472] loop4: detected capacity change from 0 to 256
[  833.082308][T27344] cougar 0003:060B:700A.000C: item fetching failed at offset 3/5
[  833.121723][T27344] cougar 0003:060B:700A.000C: parse failed
[  833.127746][T27344] cougar: probe of 0003:060B:700A.000C failed with error -22
[  833.333548][T27344] usb 4-1: USB disconnect, device number 62
[  833.373368][T27486] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9790'.
[  833.406458][T27486] netlink: 'syz.4.9790': attribute type 14 has an invalid length.
[  833.425762][T27486] netlink: 36 bytes leftover after parsing attributes in process `syz.4.9790'.
[  833.825224][T27479] loop1: detected capacity change from 0 to 40427
[  833.854771][T27479] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  833.881144][T27479] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  833.894747][T27479] F2FS-fs (loop1): build fault injection attr: rate: 27487, type: 0x7ffff
[  833.925595][T27479] F2FS-fs (loop1): invalid crc value
[  833.961180][T27479] F2FS-fs (loop1): Found nat_bits in checkpoint
[  834.157193][T27479] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  834.179770][T27479] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  834.441356][T27517] loop3: detected capacity change from 0 to 1024
[  834.492764][T27517] hfsplus: bad catalog entry type
[  834.543471][T27344] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  834.574380][   T12] hfsplus: b-tree write err: -5, ino 25
[  834.617877][   T12] hfsplus: b-tree write err: -5, ino 4
[  834.623782][   T12] hfsplus: b-tree write err: -5, ino 2
[  834.764818][T27344] usb 5-1: Using ep0 maxpacket: 32
[  834.776108][T27344] usb 5-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f
[  834.795540][T27344] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  834.809634][T27344] usb 5-1: Product: syz
[  834.838458][T27344] usb 5-1: Manufacturer: syz
[  834.848806][T27344] usb 5-1: SerialNumber: syz
[  834.864703][T27344] usb 5-1: config 0 descriptor??
[  834.886588][T27344] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state.
[  834.900218][T27344] dvb-usb: bulk message failed: -22 (4/0)
[  834.906538][T27344] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  834.920868][T27344] dvb-usb: bulk message failed: -22 (5/0)
[  834.926797][T27344] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  834.951717][T27344] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  834.998357][T27344] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0)
[  835.013276][T27344] usb 5-1: media controller created
[  835.078701][T27344] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  835.151484][   T28] audit: type=1326 audit(1778709661.959:2993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27529 comm="syz.1.9803" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcffc19ce59 code=0x7ffc0000
[  835.176100][    C0] vkms_vblank_simulate: vblank timer overrun
[  835.184230][T27511] ttusb2: i2c rd len=58 too high
[  835.216639][T27344] usb 5-1: selecting invalid altsetting 3
[  835.222458][   T28] audit: type=1326 audit(1778709661.968:2994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27529 comm="syz.1.9803" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcffc19ce59 code=0x7ffc0000
[  835.246789][    C0] vkms_vblank_simulate: vblank timer overrun
[  835.255811][T27344] ttusb2: set interface to alts=3 failed
[  835.344493][   T28] audit: type=1326 audit(1778709662.024:2995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27529 comm="syz.1.9803" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcffc15d68e code=0x7ffc0000
[  835.368805][    C0] vkms_vblank_simulate: vblank timer overrun
[  835.423002][T27344] DVB: Unable to find symbol tda10086_attach()
[  835.432794][   T28] audit: type=1326 audit(1778709662.024:2996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27529 comm="syz.1.9803" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcffc15d68e code=0x7ffc0000
[  835.457001][T27344] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0'
[  835.480079][   T28] audit: type=1326 audit(1778709662.024:2997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27529 comm="syz.1.9803" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcffc19ce59 code=0x7ffc0000
[  835.490418][T27344] dvb-usb: bulk message failed: -22 (4/0)
[  835.518771][   T28] audit: type=1326 audit(1778709662.024:2998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27529 comm="syz.1.9803" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcffc19ce59 code=0x7ffc0000
[  835.536960][T27344] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  835.557102][   T28] audit: type=1326 audit(1778709662.080:2999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27529 comm="syz.1.9803" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fcffc19ce59 code=0x7ffc0000
[  835.582539][   T28] audit: type=1326 audit(1778709662.080:3000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27529 comm="syz.1.9803" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcffc19ce59 code=0x7ffc0000
[  835.587448][T27344] dvb-usb: bulk message failed: -22 (5/0)
[  835.616718][   T28] audit: type=1326 audit(1778709662.090:3001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27529 comm="syz.1.9803" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcffc19ce59 code=0x7ffc0000
[  835.641816][    C0] vkms_vblank_simulate: vblank timer overrun
[  835.670801][T27344] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  835.690099][T27344] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected.
[  835.727920][T27344] usb 5-1: USB disconnect, device number 17
[  835.861589][T27344] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected.
[  836.068398][T27545] netlink: 1 bytes leftover after parsing attributes in process `syz.4.9813'.
[  836.107711][T27539] loop1: detected capacity change from 0 to 32768
[  836.130088][T27539] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.9811 (27539)
[  836.181578][T27539] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  836.204814][T27539] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  836.217968][T27539] BTRFS info (device loop1): using free space tree
[  836.371431][T27563] xt_time: invalid argument - start or stop time greater than 23:59:59
[  836.477567][T27539] BTRFS info (device loop1): enabling ssd optimizations
[  836.484641][T27539] BTRFS info (device loop1): auto enabling async discard
[  836.620195][T27571] loop4: detected capacity change from 0 to 256
[  836.732426][T27571] FAT-fs (loop4): Directory bread(block 64) failed
[  836.748696][T27571] FAT-fs (loop4): Directory bread(block 65) failed
[  836.758523][T27571] FAT-fs (loop4): Directory bread(block 66) failed
[  836.765157][T27571] FAT-fs (loop4): Directory bread(block 67) failed
[  836.776174][T27571] FAT-fs (loop4): Directory bread(block 68) failed
[  836.792989][T27571] FAT-fs (loop4): Directory bread(block 69) failed
[  836.801273][T27571] FAT-fs (loop4): Directory bread(block 70) failed
[  836.808109][T27571] FAT-fs (loop4): Directory bread(block 71) failed
[  836.826508][T27571] FAT-fs (loop4): Directory bread(block 72) failed
[  836.834838][T27571] FAT-fs (loop4): Directory bread(block 73) failed
[  836.988758][ T5771] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  837.241113][T27578] loop4: detected capacity change from 0 to 512
[  837.262290][T27578] EXT4-fs: inline encryption not supported
[  837.275330][    C0] vkms_vblank_simulate: vblank timer overrun
[  837.390163][T27578] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  837.415043][T27578] ext4 filesystem being mounted at /481/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  837.576334][T27578] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  837.613777][T27578] Quota error (device loop4): write_blk: dquota write failed
[  837.650661][T27578] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[  837.683697][T27578] EXT4-fs error (device loop4): ext4_acquire_dquot:6953: comm syz.4.9822: Failed to acquire dquot type 0
[  837.893609][T22804] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  838.184780][T27603] loop3: detected capacity change from 0 to 128
[  838.239540][T27603] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  838.268000][  T133] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  838.278592][T27605] netlink: 209824 bytes leftover after parsing attributes in process `syz.4.9833'.
[  838.279520][T27603] hpfs: filesystem error: improperly stopped
[  838.337371][T27603] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  838.364106][T27603] hpfs: You really don't want any checks? You are crazy...
[  838.405601][T27603] hpfs: hpfs_map_sector(): read error
[  838.411086][T27603] hpfs: code page support is disabled
[  838.450338][T27603] hpfs: hpfs_map_4sectors(): unaligned read
[  838.464466][T27603] hpfs: hpfs_map_4sectors(): unaligned read
[  838.471153][T27603] hpfs: filesystem error: unable to find root dir
[  838.509432][T27610] loop1: detected capacity change from 0 to 1024
[  839.043046][ T5856] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  839.256221][ T5856] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  839.299727][ T5856] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  839.309506][ T5856] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  839.329291][ T5856] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  839.340131][ T5856] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  839.349691][ T5856] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  839.361004][ T5856] usb 4-1: config 0 descriptor??
[  839.471115][T27642] netlink: 'syz.1.9851': attribute type 21 has an invalid length.
[  839.585317][T27645] loop4: detected capacity change from 0 to 256
[  839.607039][T27645] exfat: Deprecated parameter 'utf8'
[  839.629693][ T5856] hdpvr 4-1:0.0: firmware version 0xd8 dated šIÜ#·¤ÎS«SÌðæP©’+¹g(j@£9ˆ*·ƒ0¾3‹ŒrÚ%  »
[  839.634928][T27645] exfat: Deprecated parameter 'utf8'
[  839.648886][T27645] exfat: Deprecated parameter 'utf8'
[  839.665830][ T5856] hdpvr 4-1:0.0: untested firmware, the driver might not work.
[  839.716636][T27645] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  839.776284][T27651] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9855'.
[  840.002152][T27655] loop1: detected capacity change from 0 to 1024
[  840.030828][T27655] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  840.126444][T27655] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  840.237584][ T5856] hdpvr 4-1:0.0: Could not setup controls
[  840.267699][ T5856] hdpvr 4-1:0.0: registering videodev failed
[  840.288380][T27655] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #11: comm syz.1.9857: missing EA_INODE flag
[  840.309160][ T5856] hdpvr: probe of 4-1:0.0 failed with error -71
[  840.330158][T27655] EXT4-fs (loop1): Remounting filesystem read-only
[  840.356320][ T5856] usb 4-1: USB disconnect, device number 63
[  840.427152][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  840.475265][T27344] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[  840.692094][T27344] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  840.710658][T27344] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  840.742860][T27344] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  840.775179][T27344] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  840.814694][T27344] usb 1-1: config 0 descriptor??
[  841.268993][T27344] pyra 0003:1E7D:2CF6.000D: unknown main item tag 0x2
[  841.309850][T27344] pyra 0003:1E7D:2CF6.000D: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.0-1/input0
[  841.481538][T27344] pyra 0003:1E7D:2CF6.000D: couldn't init struct pyra_device
[  841.495066][T27344] pyra 0003:1E7D:2CF6.000D: couldn't install mouse
[  841.522411][T27344] pyra: probe of 0003:1E7D:2CF6.000D failed with error -71
[  841.578535][T27344] usb 1-1: USB disconnect, device number 64
[  841.708724][T27698] loop4: detected capacity change from 0 to 256
[  841.730592][T27698] exfat: Deprecated parameter 'namecase'
[  841.751176][T27698] exfat: Deprecated parameter 'utf8'
[  841.769711][T27698] exfat: Deprecated parameter 'namecase'
[  841.837145][T27698] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xffade8b4, utbl_chksum : 0xe619d30d)
[  842.294298][T27709] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.9881'.
[  842.319483][T27709] openvswitch: netlink: Tunnel attr 255 out of range max 16
[  842.549937][T27719] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9887'.
[  842.580692][T27719] netlink: 'syz.3.9887': attribute type 1 has an invalid length.
[  842.766231][T27723] loop3: detected capacity change from 0 to 512
[  842.792977][T27723] EXT4-fs: Ignoring removed bh option
[  842.826846][T27723] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  842.900697][T27723] EXT4-fs (loop3): 1 truncate cleaned up
[  842.919888][T27723] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  842.952803][T27723] EXT4-fs warning (device loop3): ext4_group_add:1742: No reserved GDT blocks, can't resize
[  843.102570][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  843.315776][T27737] loop4: detected capacity change from 0 to 4096
[  843.357842][T27737] EXT4-fs: Ignoring removed bh option
[  843.409900][T27743] loop1: detected capacity change from 0 to 2048
[  843.439768][T27737] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  843.544240][T27737] EXT4-fs error (device loop4): ext4_get_first_dir_block:3604: inode #12: block 80: comm syz.4.9894: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  843.589494][T27743] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  843.635091][T27737] EXT4-fs (loop4): Remounting filesystem read-only
[  843.672646][   T28] audit: type=1800 audit(1778709669.948:3002): pid=27743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.9897" name="file1" dev="loop1" ino=1415 res=0 errno=0
[  843.908123][T22804] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  844.421261][  T133] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  844.453200][T27771] sch_tbf: burst 0 is lower than device veth1_virt_wifi mtu (1514) !
[  844.472571][T27774] comedi comedi3: 8255: I/O port conflict (0x4004f27,4)
[  844.488273][T27774] comedi comedi3: 8255: I/O port conflict (0x7,4)
[  844.498915][T27774] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  844.514207][T27774] comedi comedi3: 8255: I/O port conflict (0x21,4)
[  844.521730][T27774] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  844.529850][T27774] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  844.975442][    T8] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[  845.181437][    T8] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[  845.190290][    T8] usb 5-1: config 0 has no interface number 0
[  845.196555][    T8] usb 5-1: config 0 interface 2 altsetting 11 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  845.220879][T27769] loop3: detected capacity change from 0 to 40427
[  845.232855][    T8] usb 5-1: config 0 interface 2 altsetting 11 endpoint 0x81 has invalid wMaxPacketSize 0
[  845.264028][    T8] usb 5-1: config 0 interface 2 altsetting 11 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  845.294536][    T8] usb 5-1: config 0 interface 2 has no altsetting 0
[  845.314172][T27769] F2FS-fs (loop3): invalid crc value
[  845.315032][    T8] usb 5-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  845.346902][T27769] F2FS-fs (loop3): Found nat_bits in checkpoint
[  845.371630][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  845.424513][    T8] usb 5-1: config 0 descriptor??
[  845.441949][T27769] F2FS-fs (loop3): Start checkpoint disabled!
[  845.488972][T27769] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  845.640212][T27805] loop1: detected capacity change from 0 to 24
[  845.670219][T27805] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  845.686915][T27805] romfs: bad initial checksum on dev loop1.
[  845.734909][ T9040] udevd[9040]: incorrect romfs checksum on /dev/loop1
[  845.915332][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  845.948879][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  845.956758][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  845.994152][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.003982][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.033839][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.041007][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.056041][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.063197][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.087021][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.094183][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.128707][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.156466][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.173105][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.180263][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.204678][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.211934][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.227079][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.256739][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.275917][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.310082][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.333283][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.340826][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.362315][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.375069][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.397034][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.422438][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.439775][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.450452][    T8] uclogic 0003:5543:0522.000E: unknown main item tag 0x0
[  846.466108][T27815] futex_wake_op: syz.0.9931 tries to shift op by 32; fix this program
[  846.475934][    T8] uclogic 0003:5543:0522.000E: No inputs registered, leaving
[  846.495837][    T8] uclogic 0003:5543:0522.000E: hidraw0: USB HID v0.20 Device [HID 5543:0522] on usb-dummy_hcd.4-1/input2
[  846.552780][    T8] usb 5-1: USB disconnect, device number 18
[  846.710480][T27816] fido_id[27816]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  847.319202][T27811] loop3: detected capacity change from 0 to 40427
[  847.384953][T27811] F2FS-fs (loop3): Found nat_bits in checkpoint
[  847.391599][T27344] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[  847.527950][T27820] loop1: detected capacity change from 0 to 32768
[  847.542767][T27811] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  847.615754][T27344] usb 1-1: Using ep0 maxpacket: 8
[  847.629465][T27344] usb 1-1: unable to get BOS descriptor or descriptor too short
[  847.656133][T27820] ERROR: (device loop1): diNewExt: no free extents
[  847.656133][T27820] 
[  847.657944][T27344] usb 1-1: config 4 interface 0 has no altsetting 0
[  847.703098][T27344] usb 1-1: string descriptor 0 read error: -22
[  847.711963][T27344] usb 1-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  847.721082][T27820] ERROR: (device loop1): remounting filesystem as read-only
[  847.755438][T27820] ialloc: diAlloc returned -5!
[  847.755657][T27839] ERROR: (device loop1): diAllocAG: nfreeinos = 0, but iag on freelist
[  847.755657][T27839] 
[  847.784389][T27344] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[  847.837024][T27344] usb 1-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  847.851252][T27839] ialloc: diAlloc returned -5!
[  847.888579][T27344] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  847.918323][T27344] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  847.948669][T27344] usb 1-1: media controller created
[  848.047192][T27344] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  848.066697][T27827] usb 1-1: dvb_usb_au6610: wlen=0, aborting
[  848.156858][T27344] zl10353_read_register: readreg error (reg=127, ret==0)
[  848.200329][T27843] loop4: detected capacity change from 0 to 128
[  848.235945][T27843] EXT4-fs (loop4): Test dummy encryption mode enabled
[  848.259029][T27843] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a806c018, mo2=0042]
[  848.279024][T27843] System zones: 1-3, 19-19, 35-36
[  848.290962][T27843] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  848.304720][T27843] ext4 filesystem being mounted at /515/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  848.381739][T27344] usb 1-1: USB disconnect, device number 65
[  848.429317][T22804] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  848.852165][T27858] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  849.328319][T27847] loop1: detected capacity change from 0 to 32768
[  849.433536][T27344] usb 4-1: new full-speed USB device number 64 using dummy_hcd
[  849.445597][T27874] loop4: detected capacity change from 0 to 256
[  849.548340][T27874] FAT-fs (loop4): Directory bread(block 64) failed
[  849.564356][T27874] FAT-fs (loop4): Directory bread(block 65) failed
[  849.580482][T27874] FAT-fs (loop4): Directory bread(block 66) failed
[  849.597871][T27874] FAT-fs (loop4): Directory bread(block 67) failed
[  849.622244][T27874] FAT-fs (loop4): Directory bread(block 68) failed
[  849.632980][T27344] usb 4-1: unable to get BOS descriptor or descriptor too short
[  849.665691][T27344] usb 4-1: not running at top speed; connect to a high speed hub
[  849.678839][T27874] FAT-fs (loop4): Directory bread(block 69) failed
[  849.699232][T27874] FAT-fs (loop4): Directory bread(block 70) failed
[  849.711116][T27344] usb 4-1: config 1 interface 0 altsetting 248 endpoint 0x81 has invalid maxpacket 6821, setting to 64
[  849.738585][T27874] FAT-fs (loop4): Directory bread(block 71) failed
[  849.745650][T27344] usb 4-1: config 1 interface 0 altsetting 248 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  849.759175][T27874] FAT-fs (loop4): Directory bread(block 72) failed
[  849.765984][T27874] FAT-fs (loop4): Directory bread(block 73) failed
[  849.779251][T27344] usb 4-1: config 1 interface 0 has no altsetting 0
[  849.790715][T27344] usb 4-1: New USB device found, idVendor=0b0e, idProduct=ffff, bcdDevice= 0.40
[  849.806705][T27344] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  849.816088][T27344] usb 4-1: Product: syz
[  849.820419][T27344] usb 4-1: Manufacturer: syz
[  849.825073][T27344] usb 4-1: SerialNumber: syz
[  849.859769][T27868] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  850.119430][T27344] usbhid 4-1:1.0: can't add hid device: -71
[  850.126057][T27344] usbhid: probe of 4-1:1.0 failed with error -71
[  850.186379][T27344] usb 4-1: USB disconnect, device number 64
[  850.230963][T27882] loop4: detected capacity change from 0 to 4096
[  850.264718][T27882] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  850.297501][T27882] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  850.336779][T27882] ntfs: (device loop4): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  850.368283][T27882] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  850.387651][T27882] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  850.403924][T27886] geneve0: entered promiscuous mode
[  850.425945][T27882] ntfs: volume version 3.1.
[  850.433821][T27886] geneve0: left promiscuous mode
[  850.441314][T27882] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  850.468970][T27882] ntfs: (device loop4): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  850.493723][T27882] ntfs: (device loop4): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  850.559087][T27882] ntfs: (device loop4): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute is corrupt.
[  850.577095][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  850.591295][T27882] ntfs: (device loop4): ntfs_read_locked_index_inode(): Failed with error code -5 while reading index inode (mft_no 0x18, name_len 2.
[  851.297467][T27913] bridge0: entered promiscuous mode
[  851.312120][T27913] bridge0: port 3(vlan2) entered blocking state
[  851.319288][T27913] bridge0: port 3(vlan2) entered disabled state
[  851.326852][T27913] vlan2: entered allmulticast mode
[  851.332118][T27913] bridge0: entered allmulticast mode
[  851.341595][T27913] vlan2: left allmulticast mode
[  851.356991][T27913] bridge0: left allmulticast mode
[  851.369158][T27913] bridge0: left promiscuous mode
[  851.458851][T27915] loop1: detected capacity change from 0 to 512
[  851.493701][T27915] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  851.524934][T27915] ext4 filesystem being mounted at /2532/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  851.773773][ T5856] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[  851.808381][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  851.998478][ T5856] usb 1-1: Using ep0 maxpacket: 32
[  852.032655][ T5856] usb 1-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  852.047451][ T5856] usb 1-1: config 0 interface 0 has no altsetting 0
[  852.062351][ T5856] usb 1-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  852.071574][ T5856] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  852.082547][ T5856] usb 1-1: config 0 descriptor??
[  852.580285][ T5856] dragonrise 0003:0079:0011.000F: unknown main item tag 0x0
[  852.605221][ T5856] dragonrise 0003:0079:0011.000F: unknown main item tag 0x0
[  852.625750][ T5856] dragonrise 0003:0079:0011.000F: unknown main item tag 0x0
[  852.637688][ T5856] dragonrise 0003:0079:0011.000F: unknown main item tag 0x0
[  852.658206][ T5856] dragonrise 0003:0079:0011.000F: unknown main item tag 0x0
[  852.671188][T27932] loop1: detected capacity change from 0 to 32768
[  852.679799][ T5856] dragonrise 0003:0079:0011.000F: unbalanced collection at end of report description
[  852.696392][ T5856] dragonrise 0003:0079:0011.000F: parse failed
[  852.702843][ T5856] dragonrise: probe of 0003:0079:0011.000F failed with error -22
[  852.717145][T27932] 
[  852.717145][T27932]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  852.717145][T27932] 
[  852.800134][ T5771] 
[  852.800134][ T5771]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  852.800134][ T5771] 
[  852.833199][ T5771] 
[  852.833199][ T5771]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  852.833199][ T5771] 
[  852.868650][ T5856] usb 1-1: USB disconnect, device number 66
[  853.010594][T27934] loop4: detected capacity change from 0 to 40427
[  853.037472][T27934] F2FS-fs (loop4): invalid crc value
[  853.069673][T27934] F2FS-fs (loop4): Found nat_bits in checkpoint
[  853.245873][T27934] F2FS-fs (loop4): Start checkpoint disabled!
[  853.262858][T27934] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  853.314761][T27344] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[  853.344889][T27938] loop3: detected capacity change from 0 to 40427
[  853.376410][T27938] F2FS-fs (loop3): invalid crc value
[  853.395728][T27938] F2FS-fs (loop3): Found nat_bits in checkpoint
[  853.516135][T27344] usb 2-1: Using ep0 maxpacket: 32
[  853.534941][T27344] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  853.534947][T27938] F2FS-fs (loop3): Start checkpoint disabled!
[  853.580740][T27938] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  853.582990][T27344] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  853.635715][T27344] usb 2-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[  853.687158][T27344] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  853.720303][T27344] usb 2-1: config 0 descriptor??
[  854.009545][T27952] loop4: detected capacity change from 0 to 64
[  854.208810][T27344] nintendo 0003:057E:200E.0010: unknown main item tag 0x0
[  854.227198][T27344] nintendo 0003:057E:200E.0010: unknown main item tag 0x0
[  854.235848][T27344] nintendo 0003:057E:200E.0010: unknown main item tag 0x0
[  854.243583][T27344] nintendo 0003:057E:200E.0010: unknown main item tag 0x0
[  854.250902][T27344] nintendo 0003:057E:200E.0010: unknown main item tag 0x0
[  854.265479][T27344] nintendo 0003:057E:200E.0010: hidraw0: USB HID v80.00 Device [HID 057e:200e] on usb-dummy_hcd.1-1/input0
[  854.351436][T27344] nintendo 0003:057E:200E.0010: Failed charging grip handshake
[  854.371609][T27344] nintendo 0003:057E:200E.0010: Failed to initialize controller; ret=-110
[  854.457473][T27344] nintendo 0003:057E:200E.0010: probe - fail = -110
[  854.488968][T27344] nintendo: probe of 0003:057E:200E.0010 failed with error -110
[  854.512930][T27344] usb 2-1: USB disconnect, device number 72
[  854.748148][T27973] loop4: detected capacity change from 0 to 128
[  855.412897][T27993] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  855.650085][T27999] netlink: 'syz.4.10012': attribute type 3 has an invalid length.
[  856.062777][T28011] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10018'.
[  856.087392][T28011] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10018'.
[  856.121506][T28011] netlink: 'syz.4.10018': attribute type 13 has an invalid length.
[  856.141293][T28011] netlink: 'syz.4.10018': attribute type 12 has an invalid length.
[  856.608426][T28035] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10029'.
[  856.658808][T17471] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  856.737963][  T133] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  856.808404][T27344] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[  856.864819][T17471] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  856.878562][T17471] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  856.888186][T17471] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  856.892160][T28041] netlink: 'syz.3.10032': attribute type 1 has an invalid length.
[  856.909638][T17471] usb 5-1: config 220 has no interface number 2
[  856.919418][T17471] usb 5-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12
[  856.934360][T17471] usb 5-1: config 220 interface 0 has no altsetting 0
[  856.941430][T17471] usb 5-1: config 220 interface 76 has no altsetting 0
[  856.948648][T17471] usb 5-1: config 220 interface 1 has no altsetting 0
[  856.959590][T17471] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  856.969439][T17471] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  856.977726][T17471] usb 5-1: Product: syz
[  856.982470][T17471] usb 5-1: Manufacturer: syz
[  856.987367][T17471] usb 5-1: SerialNumber: syz
[  857.025432][T27344] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  857.047257][T27344] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 3
[  857.066299][T27344] usb 1-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  857.083577][T27344] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  857.095922][T27344] usb 1-1: config 0 descriptor??
[  857.242381][T17471] usb 5-1: Found UVC 7.01 device syz (8086:0b07)
[  857.250730][T17471] usb 5-1: No valid video chain found.
[  857.262456][T17471] usb 5-1: selecting invalid altsetting 0
[  857.296297][T17471] usb 5-1: selecting invalid altsetting 0
[  857.302814][T17471] usbtest: probe of 5-1:220.1 failed with error -22
[  857.329379][T17471] usb 5-1: USB disconnect, device number 19
[  857.537750][T28051] loop1: detected capacity change from 0 to 512
[  857.560683][T28051] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  857.613135][T28051] EXT4-fs (loop1): 1 truncate cleaned up
[  857.640898][T28051] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  857.658189][T21818] Bluetooth: hci2: hardware error 0x09
[  857.786188][T27344] Bluetooth: Can't get version to change to load ram patch err
[  857.796880][T27344] Bluetooth: Loading sysconfig file failed
[  857.802947][T27344] ath3k: probe of 1-1:0.0 failed with error -71
[  857.811969][T27344] usb 1-1: USB disconnect, device number 67
[  857.850461][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  858.114563][T28065] loop1: detected capacity change from 0 to 24
[  858.129940][T28065] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  858.176925][T28065] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  858.843844][T28086] loop4: detected capacity change from 0 to 256
[  858.955221][T28086] FAT-fs (loop4): Directory bread(block 64) failed
[  858.990224][T28086] FAT-fs (loop4): Directory bread(block 65) failed
[  859.006513][T28086] FAT-fs (loop4): Directory bread(block 66) failed
[  859.034879][T28086] FAT-fs (loop4): Directory bread(block 67) failed
[  859.082966][T28086] FAT-fs (loop4): Directory bread(block 68) failed
[  859.102087][T28086] FAT-fs (loop4): Directory bread(block 69) failed
[  859.137555][T28086] FAT-fs (loop4): Directory bread(block 70) failed
[  859.158996][T28086] FAT-fs (loop4): Directory bread(block 71) failed
[  859.180734][T28086] FAT-fs (loop4): Directory bread(block 72) failed
[  859.200098][T28086] FAT-fs (loop4): Directory bread(block 73) failed
[  859.211063][T28070] loop3: detected capacity change from 0 to 32768
[  859.265312][T28070] syz.3.10045: attempt to access beyond end of device
[  859.265312][T28070] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  859.289104][T28086] syz.4.10053: attempt to access beyond end of device
[  859.289104][T28086] loop4: rw=0, sector=1160, nr_sectors = 4 limit=256
[  859.309959][T28070] lbmIODone: I/O error in JFS log
[  859.316287][T28070] *** Log Format Error ! ***
[  859.360374][T28070] lmLogInit: exit(-22)
[  859.417740][T28070] lmLogOpen: exit(-22)
[  859.812277][T21818] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  860.093497][T28120] loop3: detected capacity change from 0 to 512
[  860.148374][T28120] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  860.184037][T28120] ext4 filesystem being mounted at /2458/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  860.483500][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  860.746919][T28114] loop4: detected capacity change from 0 to 40427
[  860.763637][T28114] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  860.771685][T28114] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  860.792647][T28114] F2FS-fs (loop4): invalid crc value
[  860.812889][T28114] F2FS-fs (loop4): Found nat_bits in checkpoint
[  860.828447][T28112] loop1: detected capacity change from 0 to 32768
[  860.869154][T28112] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  860.905448][T28112] JBD2: Ignoring recovery information on journal
[  860.949971][T28114] F2FS-fs (loop4): Try to recover 1th superblock, ret: -30
[  860.959253][T28114] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  860.967416][T28112] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  861.001313][T28137] use of bytesused == 0 is deprecated and will be removed in the future,
[  861.011817][T28137] use the actual size instead.
[  861.018869][T28114] fscrypt (loop4, inode 3): Error -61 getting encryption context
[  861.125737][T28138] 
[  861.128242][T28138] ======================================================
[  861.135305][T28138] WARNING: possible circular locking dependency detected
[  861.142694][T28138] syzkaller #0 Not tainted
[  861.147419][T28138] ------------------------------------------------------
[  861.154501][T28138] syz.1.10064/28138 is trying to acquire lock:
[  861.160703][T28138] ffff8880766794a0 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xb7/0x340
[  861.172380][T28138] 
[  861.172380][T28138] but task is already holding lock:
[  861.179908][T28138] ffff888076679538 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa5/0x340
[  861.190688][T28138] 
[  861.190688][T28138] which lock already depends on the new lock.
[  861.190688][T28138] 
[  861.201134][T28138] 
[  861.201134][T28138] the existing dependency chain (in reverse order) is:
[  861.210175][T28138] 
[  861.210175][T28138] -> #3 (&oi->ip_xattr_sem){++++}-{3:3}:
[  861.218035][T28138]        down_read+0x46/0x2e0
[  861.222762][T28138]        ocfs2_init_acl+0x30a/0x770
[  861.228004][T28138]        ocfs2_mknod+0x140f/0x2300
[  861.233149][T28138]        ocfs2_create+0x196/0x430
[  861.238207][T28138]        path_openat+0x12a0/0x3230
[  861.243359][T28138]        do_filp_open+0x1f5/0x430
[  861.248403][T28138]        do_sys_openat2+0x134/0x1d0
[  861.253627][T28138]        __x64_sys_openat+0x139/0x160
[  861.259028][T28138]        do_syscall_64+0x55/0xa0
[  861.264086][T28138]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  861.270554][T28138] 
[  861.270554][T28138] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  861.279111][T28138]        down_read+0x46/0x2e0
[  861.283864][T28138]        ocfs2_start_trans+0x3a8/0x6f0
[  861.289379][T28138]        ocfs2_shutdown_local_alloc+0x1fc/0xaa0
[  861.295779][T28138]        ocfs2_dismount_volume+0x1e5/0x8a0
[  861.301637][T28138]        generic_shutdown_super+0x134/0x2b0
[  861.307564][T28138]        kill_block_super+0x44/0x90
[  861.312790][T28138]        deactivate_locked_super+0x97/0x100
[  861.318707][T28138]        cleanup_mnt+0x43b/0x4d0
[  861.323672][T28138]        task_work_run+0x1d4/0x260
[  861.328815][T28138]        exit_to_user_mode_loop+0xe6/0x110
[  861.334656][T28138]        exit_to_user_mode_prepare+0xee/0x180
[  861.340761][T28138]        syscall_exit_to_user_mode+0x1a/0x50
[  861.346789][T28138]        do_syscall_64+0x61/0xa0
[  861.351754][T28138]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  861.358211][T28138] 
[  861.358211][T28138] -> #1 (sb_internal#3){.+.+}-{0:0}:
[  861.365759][T28138]        ocfs2_start_trans+0x2a9/0x6f0
[  861.371265][T28138]        ocfs2_setattr+0x10b6/0x1bc0
[  861.376679][T28138]        notify_change+0xb0d/0xe10
[  861.381832][T28138]        chown_common+0x413/0x5d0
[  861.386891][T28138]        do_fchownat+0x14b/0x240
[  861.391855][T28138]        __x64_sys_lchown+0x85/0x90
[  861.397100][T28138]        do_syscall_64+0x55/0xa0
[  861.402096][T28138]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  861.408545][T28138] 
[  861.408545][T28138] -> #0 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}:
[  861.417346][T28138]        __lock_acquire+0x2df1/0x7d40
[  861.422834][T28138]        lock_acquire+0x19e/0x420
[  861.427892][T28138]        down_write+0x97/0x200
[  861.432679][T28138]        ocfs2_try_remove_refcount_tree+0xb7/0x340
[  861.439210][T28138]        ocfs2_truncate_file+0xde5/0x1440
[  861.444967][T28138]        ocfs2_setattr+0x158d/0x1bc0
[  861.450295][T28138]        notify_change+0xb0d/0xe10
[  861.455553][T28138]        do_truncate+0x1b0/0x240
[  861.460531][T28138]        path_openat+0x2a32/0x3230
[  861.465674][T28138]        do_filp_open+0x1f5/0x430
[  861.470832][T28138]        do_sys_openat2+0x134/0x1d0
[  861.476245][T28138]        __x64_sys_openat+0x139/0x160
[  861.481685][T28138]        do_syscall_64+0x55/0xa0
[  861.486674][T28138]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  861.493126][T28138] 
[  861.493126][T28138] other info that might help us debug this:
[  861.493126][T28138] 
[  861.503465][T28138] Chain exists of:
[  861.503465][T28138]   &ocfs2_file_ip_alloc_sem_key --> &journal->j_trans_barrier --> &oi->ip_xattr_sem
[  861.503465][T28138] 
[  861.518845][T28138]  Possible unsafe locking scenario:
[  861.518845][T28138] 
[  861.526414][T28138]        CPU0                    CPU1
[  861.531810][T28138]        ----                    ----
[  861.537286][T28138]   lock(&oi->ip_xattr_sem);
[  861.541905][T28138]                                lock(&journal->j_trans_barrier);
[  861.549753][T28138]                                lock(&oi->ip_xattr_sem);
[  861.556995][T28138]   lock(&ocfs2_file_ip_alloc_sem_key);
[  861.562574][T28138] 
[  861.562574][T28138]  *** DEADLOCK ***
[  861.562574][T28138] 
[  861.570831][T28138] 3 locks held by syz.1.10064/28138:
[  861.576132][T28138]  #0: ffff888079724418 (sb_writers#20){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  861.585443][T28138]  #1: ffff888076679818 (&sb->s_type->i_mutex_key#42){+.+.}-{3:3}, at: do_truncate+0x19c/0x240
[  861.596119][T28138]  #2: ffff888076679538 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa5/0x340
[  861.607761][T28138] 
[  861.607761][T28138] stack backtrace:
[  861.613675][T28138] CPU: 1 PID: 28138 Comm: syz.1.10064 Not tainted syzkaller #0
[  861.621276][T28138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  861.631389][T28138] Call Trace:
[  861.634716][T28138]  <TASK>
[  861.637704][T28138]  dump_stack_lvl+0x18c/0x250
[  861.642576][T28138]  ? load_image+0x420/0x420
[  861.647132][T28138]  ? show_regs_print_info+0x20/0x20
[  861.652415][T28138]  ? print_circular_bug+0x12b/0x1a0
[  861.657643][T28138]  check_noncircular+0x2fc/0x400
[  861.662622][T28138]  ? print_deadlock_bug+0x5d0/0x5d0
[  861.668244][T28138]  ? lockdep_lock+0xf5/0x230
[  861.672972][T28138]  ? lockdep_unlock+0x146/0x2e0
[  861.677905][T28138]  ? _find_first_zero_bit+0xd3/0x100
[  861.683228][T28138]  __lock_acquire+0x2df1/0x7d40
[  861.688136][T28138]  ? verify_lock_unused+0x140/0x140
[  861.693376][T28138]  lock_acquire+0x19e/0x420
[  861.697927][T28138]  ? ocfs2_try_remove_refcount_tree+0xb7/0x340
[  861.704144][T28138]  ? __might_sleep+0xe0/0xe0
[  861.708891][T28138]  ? read_lock_is_recursive+0x20/0x20
[  861.714425][T28138]  down_write+0x97/0x200
[  861.718906][T28138]  ? ocfs2_try_remove_refcount_tree+0xb7/0x340
[  861.725110][T28138]  ? down_read_killable+0x340/0x340
[  861.730433][T28138]  ? ocfs2_truncate_file+0xd0b/0x1440
[  861.735940][T28138]  ? __lock_acquire+0x7d40/0x7d40
[  861.740995][T28138]  ocfs2_try_remove_refcount_tree+0xb7/0x340
[  861.747116][T28138]  ? ocfs2_remove_refcount_tree+0xe50/0xe50
[  861.753053][T28138]  ? up_write+0x1c3/0x410
[  861.757412][T28138]  ocfs2_truncate_file+0xde5/0x1440
[  861.762663][T28138]  ? ocfs2_simple_size_update+0x4a0/0x4a0
[  861.768419][T28138]  ? do_raw_spin_unlock+0x121/0x230
[  861.773694][T28138]  ? _raw_spin_unlock+0x28/0x40
[  861.778610][T28138]  ? ocfs2_inode_lock_tracker+0x437/0x700
[  861.784607][T28138]  ? ocfs2_inode_lock_atime+0x530/0x530
[  861.790605][T28138]  ? ocfs2_rw_lock+0x138/0x250
[  861.795431][T28138]  ? dquot_initialize+0x20/0x20
[  861.800505][T28138]  ? ocfs2_create_new_inode_locks+0x690/0x690
[  861.807010][T28138]  ? setattr_prepare+0x1e6/0xac0
[  861.812005][T28138]  ? jbd2_journal_begin_ordered_truncate+0xbb/0x150
[  861.818687][T28138]  ocfs2_setattr+0x158d/0x1bc0
[  861.823596][T28138]  ? ocfs2_extend_allocation+0x1840/0x1840
[  861.829565][T28138]  ? ktime_get_coarse_real_ts64+0x3a/0x120
[  861.835411][T28138]  ? seqcount_lockdep_reader_access+0x191/0x1d0
[  861.841800][T28138]  ? ktime_get_coarse_real_ts64+0x110/0x120
[  861.847908][T28138]  ? current_time+0x195/0x280
[  861.852622][T28138]  ? inode_set_ctime_current+0x2e0/0x2e0
[  861.858301][T28138]  ? evm_inode_setattr+0x94/0x6a0
[  861.863559][T28138]  ? bpf_lsm_inode_setattr+0x9/0x10
[  861.868809][T28138]  ? try_break_deleg+0x79/0x120
[  861.873778][T28138]  ? ocfs2_extend_allocation+0x1840/0x1840
[  861.879819][T28138]  notify_change+0xb0d/0xe10
[  861.884569][T28138]  do_truncate+0x1b0/0x240
[  861.889026][T28138]  ? put_page_bootmem+0x2c0/0x2c0
[  861.894172][T28138]  ? apparmor_file_truncate+0x24a/0x2e0
[  861.899750][T28138]  ? ima_bprm_check+0x200/0x200
[  861.904639][T28138]  path_openat+0x2a32/0x3230
[  861.909291][T28138]  ? verify_lock_unused+0x140/0x140
[  861.914529][T28138]  ? do_filp_open+0x430/0x430
[  861.919351][T28138]  ? __virt_addr_valid+0x18c/0x540
[  861.924600][T28138]  do_filp_open+0x1f5/0x430
[  861.929144][T28138]  ? vfs_tmpfile+0x490/0x490
[  861.933788][T28138]  ? _raw_spin_unlock+0x28/0x40
[  861.938660][T28138]  ? alloc_fd+0x58f/0x630
[  861.943127][T28138]  do_sys_openat2+0x134/0x1d0
[  861.947926][T28138]  ? do_sys_open+0xe0/0xe0
[  861.952377][T28138]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  861.958383][T28138]  ? lock_chain_count+0x20/0x20
[  861.963320][T28138]  __x64_sys_openat+0x139/0x160
[  861.968216][T28138]  do_syscall_64+0x55/0xa0
[  861.972836][T28138]  ? clear_bhb_loop+0x40/0x90
[  861.977554][T28138]  ? clear_bhb_loop+0x40/0x90
[  861.982261][T28138]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  861.988197][T28138] RIP: 0033:0x7fcffc19ce59
[  861.992648][T28138] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  862.012394][T28138] RSP: 002b:00007fcffd0de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  862.020989][T28138] RAX: ffffffffffffffda RBX: 00007fcffc416090 RCX: 00007fcffc19ce59
[  862.028993][T28138] RDX: 000000000000275a RSI: 0000200000000040 RDI: ffffffffffffff9c
[  862.037005][T28138] RBP: 00007fcffc232d6f R08: 0000000000000000 R09: 0000000000000000
[  862.045007][T28138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  862.053010][T28138] R13: 00007fcffc416128 R14: 00007fcffc416090 R15: 00007ffd1f4653b8
[  862.061107][T28138]  </TASK>
[  862.064261][    C1] vkms_vblank_simulate: vblank timer overrun
[  862.207298][ T3475] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  862.295978][ T5771] ocfs2: Unmounting device (7,1) on (node local)
[  862.559155][T28142] loop4: detected capacity change from 0 to 32768
[  862.578468][T28142] JBD2: Ignoring recovery information on journal
[  862.629944][T28142] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  862.649978][T28142] (syz.4.10074,28142,1):ocfs2_reflink_ioctl:4434 ERROR: status = -14
[  862.697314][T22804] ocfs2: Unmounting device (7,4) on (node local)
[  868.365157][T16991] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration